[webkit-changes] [287276] trunk

[achristensen]

Title: [287276] trunk

Revision

287276

Author

achristen...@apple.com

Date

2021-12-20 14:04:20 -0800 (Mon, 20 Dec 2021)

Log Message

Prevent test functionality in AdAttributionDaemon when not running tests
https://bugs.webkit.org/show_bug.cgi?id=231258
Source/WebKit:

<rdar://84168088>

Reviewed by Brady Eidson.

adattributiond already has a private entitlement check to make sure that only the network process has permission to connect to it.
This makes it so that the network process can't manipulate state only intended to be manipulated for tests when told to do so by
an application misusing SPI.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::allowsPrivateClickMeasurementTestFunctionality const):
(WebKit::NetworkProcess::setPrivateClickMeasurementOverrideTimerForTesting):
(WebKit::NetworkProcess::simulateResourceLoadStatisticsSessionRestart):
(WebKit::NetworkProcess::markAttributedPrivateClickMeasurementsAsExpiredForTesting):
(WebKit::NetworkProcess::setPrivateClickMeasurementEphemeralMeasurementForTesting):
(WebKit::NetworkProcess::setPrivateClickMeasurementTokenPublicKeyURLForTesting):
(WebKit::NetworkProcess::setPrivateClickMeasurementTokenSignatureURLForTesting):
(WebKit::NetworkProcess::setPrivateClickMeasurementAttributionReportURLsForTesting):
(WebKit::NetworkProcess::markPrivateClickMeasurementsAsExpiredForTesting):
(WebKit::NetworkProcess::setPCMFraudPreventionValuesForTesting):
(WebKit::NetworkProcess::setPrivateClickMeasurementAppBundleIDForTesting):
* NetworkProcess/NetworkProcess.h:

Tools:


Reviewed by Brady Eidson.

* TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements:
* WebKitTestRunner/Configurations/WebKitTestRunner.entitlements:

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp
• trunk/Source/WebKit/NetworkProcess/NetworkProcess.h
• trunk/Tools/ChangeLog
• trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements
• trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements
• trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements
• trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements

Diff

Modified: trunk/Source/WebKit/ChangeLog (287275 => 287276)

--- trunk/Source/WebKit/ChangeLog	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/ChangeLog	2021-12-20 22:04:20 UTC (rev 287276)
@@ -1,5 +1,31 @@
 2021-12-20  Alex Christensen  <achristen...@webkit.org>
 
+        Prevent test functionality in AdAttributionDaemon when not running tests
+        https://bugs.webkit.org/show_bug.cgi?id=231258
+        <rdar://84168088>
+
+        Reviewed by Brady Eidson.
+
+        adattributiond already has a private entitlement check to make sure that only the network process has permission to connect to it.
+        This makes it so that the network process can't manipulate state only intended to be manipulated for tests when told to do so by
+        an application misusing SPI.
+
+        * NetworkProcess/NetworkProcess.cpp:
+        (WebKit::NetworkProcess::allowsPrivateClickMeasurementTestFunctionality const):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementOverrideTimerForTesting):
+        (WebKit::NetworkProcess::simulateResourceLoadStatisticsSessionRestart):
+        (WebKit::NetworkProcess::markAttributedPrivateClickMeasurementsAsExpiredForTesting):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementEphemeralMeasurementForTesting):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementTokenPublicKeyURLForTesting):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementTokenSignatureURLForTesting):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementAttributionReportURLsForTesting):
+        (WebKit::NetworkProcess::markPrivateClickMeasurementsAsExpiredForTesting):
+        (WebKit::NetworkProcess::setPCMFraudPreventionValuesForTesting):
+        (WebKit::NetworkProcess::setPrivateClickMeasurementAppBundleIDForTesting):
+        * NetworkProcess/NetworkProcess.h:
+
+2021-12-20  Alex Christensen  <achristen...@webkit.org>
+
         [ Monterey ] TestWebKitAPI.WebSocket.PageWithAttributedBundleIdentifierDestroyed (API-test) is a constant timeout
         https://bugs.webkit.org/show_bug.cgi?id=233224
 

Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (287275 => 287276)

--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp	2021-12-20 22:04:20 UTC (rev 287276)
@@ -104,6 +104,7 @@
 #if PLATFORM(COCOA)
 #include "LaunchServicesDatabaseObserver.h"
 #include "NetworkSessionCocoa.h"
+#include <wtf/cocoa/Entitlements.h>
 #endif
 
 #if USE(SOUP)
@@ -2420,8 +2421,23 @@
         completionHandler();
 }
 
+bool NetworkProcess::allowsPrivateClickMeasurementTestFunctionality() const
+{
+#if !PLATFORM(COCOA) || !USE(APPLE_INTERNAL_SDK)
+    return true;
+#else
+    auto auditToken = sourceApplicationAuditToken();
+    if (!auditToken)
+        return false;
+    return WTF::hasEntitlement(*auditToken, "com.apple.private.webkit.adattributiond.testing");
+#endif
+}
+
 void NetworkProcess::setPrivateClickMeasurementOverrideTimerForTesting(PAL::SessionID sessionID, bool value, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementOverrideTimerForTesting(value);
     
@@ -2430,6 +2446,9 @@
 
 void NetworkProcess::simulateResourceLoadStatisticsSessionRestart(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     // FIXME: Rename this to simulatePrivateClickMeasurementSessionRestart.
     if (auto* session = networkSession(sessionID)) {
         session->recreatePrivateClickMeasurementStore([session = WeakPtr { *session }, completionHandler = WTFMove(completionHandler)] () mutable {
@@ -2444,6 +2463,9 @@
 
 void NetworkProcess::markAttributedPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID)) {
         session->markAttributedPrivateClickMeasurementsAsExpiredForTesting(WTFMove(completionHandler));
         return;
@@ -2453,6 +2475,9 @@
 
 void NetworkProcess::setPrivateClickMeasurementEphemeralMeasurementForTesting(PAL::SessionID sessionID, bool value, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementEphemeralMeasurementForTesting(value);
     
@@ -2462,6 +2487,9 @@
 
 void NetworkProcess::setPrivateClickMeasurementTokenPublicKeyURLForTesting(PAL::SessionID sessionID, URL&& url, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementTokenPublicKeyURLForTesting(WTFMove(url));
 
@@ -2470,6 +2498,9 @@
 
 void NetworkProcess::setPrivateClickMeasurementTokenSignatureURLForTesting(PAL::SessionID sessionID, URL&& url, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementTokenSignatureURLForTesting(WTFMove(url));
     
@@ -2478,6 +2509,9 @@
 
 void NetworkProcess::setPrivateClickMeasurementAttributionReportURLsForTesting(PAL::SessionID sessionID, URL&& sourceURL, URL&& destinationURL, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementAttributionReportURLsForTesting(WTFMove(sourceURL), WTFMove(destinationURL));
 
@@ -2486,6 +2520,9 @@
 
 void NetworkProcess::markPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID sessionID, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->markPrivateClickMeasurementsAsExpiredForTesting();
 
@@ -2494,6 +2531,9 @@
 
 void NetworkProcess::setPCMFraudPreventionValuesForTesting(PAL::SessionID sessionID, String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPCMFraudPreventionValuesForTesting(WTFMove(unlinkableToken), WTFMove(secretToken), WTFMove(signature), WTFMove(keyID));
 
@@ -2502,6 +2542,9 @@
 
 void NetworkProcess::setPrivateClickMeasurementAppBundleIDForTesting(PAL::SessionID sessionID, String&& appBundleIDForTesting, CompletionHandler<void()>&& completionHandler)
 {
+    if (!allowsPrivateClickMeasurementTestFunctionality())
+        return completionHandler();
+
     if (auto* session = networkSession(sessionID))
         session->setPrivateClickMeasurementAppBundleIDForTesting(WTFMove(appBundleIDForTesting));
 

Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (287275 => 287276)

--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h	2021-12-20 22:04:20 UTC (rev 287276)
@@ -313,6 +313,7 @@
     void storePrivateClickMeasurement(PAL::SessionID, WebCore::PrivateClickMeasurement&&);
     void dumpPrivateClickMeasurement(PAL::SessionID, CompletionHandler<void(String)>&&);
     void clearPrivateClickMeasurement(PAL::SessionID, CompletionHandler<void()>&&);
+    bool allowsPrivateClickMeasurementTestFunctionality() const;
     void setPrivateClickMeasurementOverrideTimerForTesting(PAL::SessionID, bool value, CompletionHandler<void()>&&);
     void markAttributedPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID, CompletionHandler<void()>&&);
     void setPrivateClickMeasurementEphemeralMeasurementForTesting(PAL::SessionID, bool value, CompletionHandler<void()>&&);

Modified: trunk/Tools/ChangeLog (287275 => 287276)

--- trunk/Tools/ChangeLog	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/ChangeLog	2021-12-20 22:04:20 UTC (rev 287276)
@@ -1,5 +1,15 @@
 2021-12-20  Alex Christensen  <achristen...@webkit.org>
 
+        Prevent test functionality in AdAttributionDaemon when not running tests
+        https://bugs.webkit.org/show_bug.cgi?id=231258
+
+        Reviewed by Brady Eidson.
+
+        * TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements:
+        * WebKitTestRunner/Configurations/WebKitTestRunner.entitlements:
+
+2021-12-20  Alex Christensen  <achristen...@webkit.org>
+
         [ Monterey ] TestWebKitAPI.WebSocket.PageWithAttributedBundleIdentifierDestroyed (API-test) is a constant timeout
         https://bugs.webkit.org/show_bug.cgi?id=233224
 

Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements (287275 => 287276)

--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-iOS.entitlements	2021-12-20 22:04:20 UTC (rev 287276)
@@ -10,6 +10,8 @@
 	<true/>
 	<key>com.apple.Pasteboard.paste-unchecked</key>
 	<true/>
+	<key>com.apple.private.webkit.adattributiond.testing</key>
+	<true/>
 	<key>com.apple.private.webkit.webpush</key>
 	<true/>
 	<key>com.apple.private.webkit.webpush.inject</key>

Modified: trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements (287275 => 287276)

--- trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/TestWebKitAPI/Configurations/TestWebKitAPI-macOS-internal.entitlements	2021-12-20 22:04:20 UTC (rev 287276)
@@ -2,6 +2,8 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
+	<key>com.apple.private.webkit.adattributiond.testing</key>
+	<true/>
 	<key>com.apple.private.webkit.webpush</key>
 	<true/>
 	<key>com.apple.private.webkit.webpush.inject</key>

Modified: trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements (287275 => 287276)

--- trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunner.entitlements	2021-12-20 22:04:20 UTC (rev 287276)
@@ -6,6 +6,8 @@
 	<array>
 		<string>com.apple.WebKitTestRunner</string>
 	</array>
+	<key>com.apple.private.webkit.adattributiond.testing</key>
+	<true/>
 	<key>com.apple.security.temporary-exception.sbpl</key>
 	<array>
 		<string>(allow mach-issue-extension (require-all (extension-class &quot;com.apple.webkit.extension.mach&quot;)))</string>

Modified: trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements (287275 => 287276)

--- trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements	2021-12-20 21:58:38 UTC (rev 287275)
+++ trunk/Tools/WebKitTestRunner/Configurations/WebKitTestRunnerApp-iOS.entitlements	2021-12-20 22:04:20 UTC (rev 287276)
@@ -10,5 +10,7 @@
 	<true/>
 	<key>com.apple.Pasteboard.paste-unchecked</key>
 	<true/>
+	<key>com.apple.private.webkit.adattributiond.testing</key>
+	<true/>
 </dict>
 </plist>

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes