Title: [286557] trunk/Source/WebKit
- Revision
- 286557
- Author
- pvol...@apple.com
- Date
- 2021-12-06 11:45:31 -0800 (Mon, 06 Dec 2021)
Log Message
[iOS][WP] Block access to unused IOKit class
https://bugs.webkit.org/show_bug.cgi?id=233866
<rdar://problem/86086475>
Reviewed by Brent Fulgham.
Block access to IOKit class IOMobileFramebufferUserClient in the WebContent process' sandbox on iOS,
which is unused according to telemetry.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* UIProcess/WebPageProxy.cpp:
(WebKit::gpuIOKitClasses):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (286556 => 286557)
--- trunk/Source/WebKit/ChangeLog 2021-12-06 19:45:01 UTC (rev 286556)
+++ trunk/Source/WebKit/ChangeLog 2021-12-06 19:45:31 UTC (rev 286557)
@@ -1,3 +1,18 @@
+2021-12-06 Per Arne Vollan <pvol...@apple.com>
+
+ [iOS][WP] Block access to unused IOKit class
+ https://bugs.webkit.org/show_bug.cgi?id=233866
+ <rdar://problem/86086475>
+
+ Reviewed by Brent Fulgham.
+
+ Block access to IOKit class IOMobileFramebufferUserClient in the WebContent process' sandbox on iOS,
+ which is unused according to telemetry.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::gpuIOKitClasses):
+
2021-12-06 Matt Gilligan <matthew_gilli...@apple.com>
[iOS] Allow WKWebView clients to override undoManager
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (286556 => 286557)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2021-12-06 19:45:01 UTC (rev 286556)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2021-12-06 19:45:31 UTC (rev 286557)
@@ -92,30 +92,12 @@
domains))
(define-once (framebuffer-access)
- (allow iokit-open
- (require-all
- (extension "com.apple.webkit.extension.iokit")
- (iokit-user-client-class "IOMobileFramebufferUserClient")
- )
- (when (defined? 'iokit-external-method)
- (apply-message-filter
- (deny (with telemetry)
- iokit-async-external-method
- iokit-external-method
- iokit-external-trap)
- (allow (with telemetry) iokit-external-method
- (iokit-method-number
- 8
- 28
- )
- )
- )
- )
- )
+ (deny iokit-open (with telemetry-backtrace)
+ (iokit-user-client-class "IOMobileFramebufferUserClient"))
; IOMobileFramebuffer
(with-filter (iokit-registry-entry-class "IOMobileFramebuffer")
- (allow iokit-get-properties
+ (allow iokit-get-properties (with telemetry)
(iokit-property "AppleTV"
"DisplayPipePlaneBaseAlignment"
"DisplayPipeStrideRequirements"
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (286556 => 286557)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-12-06 19:45:01 UTC (rev 286556)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-12-06 19:45:31 UTC (rev 286557)
@@ -8052,8 +8052,10 @@
"IOAudioEngineUserClient"_s,
"IOSurfaceRootUserClient"_s,
#endif
-#if (PLATFORM(MAC) && CPU(ARM64)) || PLATFORM(IOS_FAMILY)
+#if PLATFORM(MAC) && CPU(ARM64)
"IOMobileFramebufferUserClient"_s,
+#endif
+#if PLATFORM(MAC) && CPU(ARM64) || PLATFORM(IOS_FAMILY)
"IOSurfaceAcceleratorClient"_s,
#endif
});
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
