Fix for <rdar://problem/8711576> The web process should be able to read resources from the UI process.
Reviewed by Sam Weinig.
Based on a patch by Ivan Krstić. This also makes the NSURLCache path a sandbox parameter.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode):
(WebKit::WebProcessCreationParameters::decode):
Encode and decode the uiProcessBundleResourcePath member variable.
* Shared/WebProcessCreationParameters.h:
Add uiProcessBundleResourcePath member variable.
* UIProcess/mac/WebContextMac.mm:
(WebKit::WebContext::platformInitializeWebProcess):
Set the uiProcessBundleResourcePath member variable.
* WebProcess/com.apple.WebProcess.sb:
Allow read-only access to UI_PROCESS_BUNDLE_RESOURCE_DIR and all subdirectories.
* WebProcess/mac/WebProcessMac.mm:
(WebKit::initializeSandbox):
When initializing the sandbox, pass UI_PROCESS_BUNDLE_RESOURCE_DIR.
(WebKit::WebProcess::platformInitializeWebProcess):
Remove the code that would consume a sandbox extension for the url cache path.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75822 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebKit2/ChangeLog b/WebKit2/ChangeLog
index dd18486..285b8de 100644
--- a/WebKit2/ChangeLog
+++ b/WebKit2/ChangeLog
@@ -2,6 +2,36 @@
Reviewed by Sam Weinig.
+ Fix for <rdar://problem/8711576> The web process should be able to read resources from the UI process.
+
+ Based on a patch by Ivan Krstić. This also makes the NSURLCache path a sandbox parameter.
+
+ * Shared/WebProcessCreationParameters.cpp:
+ (WebKit::WebProcessCreationParameters::encode):
+ (WebKit::WebProcessCreationParameters::decode):
+ Encode and decode the uiProcessBundleResourcePath member variable.
+
+ * Shared/WebProcessCreationParameters.h:
+ Add uiProcessBundleResourcePath member variable.
+
+ * UIProcess/mac/WebContextMac.mm:
+ (WebKit::WebContext::platformInitializeWebProcess):
+ Set the uiProcessBundleResourcePath member variable.
+
+ * WebProcess/com.apple.WebProcess.sb:
+ Allow read-only access to UI_PROCESS_BUNDLE_RESOURCE_DIR and all subdirectories.
+
+ * WebProcess/mac/WebProcessMac.mm:
+ (WebKit::initializeSandbox):
+ When initializing the sandbox, pass UI_PROCESS_BUNDLE_RESOURCE_DIR.
+
+ (WebKit::WebProcess::platformInitializeWebProcess):
+ Remove the code that would consume a sandbox extension for the url cache path.
+
+2011-01-14 Anders Carlsson <andersca@apple.com>
+
+ Reviewed by Sam Weinig.
+
Delay initializing the sandbox until we get the InitializeWebProcess message.
* WebProcess/mac/WebProcessMac.mm:
diff --git a/WebKit2/Shared/WebProcessCreationParameters.cpp b/WebKit2/Shared/WebProcessCreationParameters.cpp
index 847450f..ceae6c1 100644
--- a/WebKit2/Shared/WebProcessCreationParameters.cpp
+++ b/WebKit2/Shared/WebProcessCreationParameters.cpp
@@ -58,10 +58,10 @@
#if PLATFORM(MAC)
encoder->encode(presenterApplicationPid);
encoder->encode(nsURLCachePath);
- encoder->encode(nsURLCachePathExtensionHandle);
encoder->encode(nsURLCacheMemoryCapacity);
encoder->encode(nsURLCacheDiskCapacity);
encoder->encode(acceleratedCompositingPort);
+ encoder->encode(uiProcessBundleResourcePath);
#elif PLATFORM(WIN)
encoder->encode(shouldPaintNativeControls);
#endif
@@ -99,14 +99,14 @@
return false;
if (!decoder->decode(parameters.nsURLCachePath))
return false;
- if (!decoder->decode(parameters.nsURLCachePathExtensionHandle))
- return false;
if (!decoder->decode(parameters.nsURLCacheMemoryCapacity))
return false;
if (!decoder->decode(parameters.nsURLCacheDiskCapacity))
return false;
if (!decoder->decode(parameters.acceleratedCompositingPort))
return false;
+ if (!decoder->decode(parameters.uiProcessBundleResourcePath))
+ return false;
#elif PLATFORM(WIN)
if (!decoder->decode(parameters.shouldPaintNativeControls))
return false;
diff --git a/WebKit2/Shared/WebProcessCreationParameters.h b/WebKit2/Shared/WebProcessCreationParameters.h
index 3d004b2..fe582b3 100644
--- a/WebKit2/Shared/WebProcessCreationParameters.h
+++ b/WebKit2/Shared/WebProcessCreationParameters.h
@@ -74,12 +74,13 @@
#if PLATFORM(MAC)
pid_t presenterApplicationPid;
- String nsURLCachePath;
- SandboxExtension::Handle nsURLCachePathExtensionHandle;
+ CString nsURLCachePath;
uint64_t nsURLCacheMemoryCapacity;
uint64_t nsURLCacheDiskCapacity;
CoreIPC::MachPort acceleratedCompositingPort;
+
+ CString uiProcessBundleResourcePath;
#elif PLATFORM(WIN)
bool shouldPaintNativeControls;
#endif
diff --git a/WebKit2/UIProcess/mac/WebContextMac.mm b/WebKit2/UIProcess/mac/WebContextMac.mm
index 8a61aa7..ce4c3e6 100644
--- a/WebKit2/UIProcess/mac/WebContextMac.mm
+++ b/WebKit2/UIProcess/mac/WebContextMac.mm
@@ -27,6 +27,7 @@
#include "WebKitSystemInterface.h"
#include "WebProcessCreationParameters.h"
+#include <WebCore/FileSystem.h>
#include <sys/param.h>
using namespace WebCore;
@@ -73,9 +74,8 @@
cachePath = reinterpret_cast<CFStringRef>(NSHomeDirectory());
NSURLCache *urlCache = [NSURLCache sharedURLCache];
- parameters.nsURLCachePath = cachePath.get();
- SandboxExtension::createHandle(cachePath.get(), SandboxExtension::ReadWrite, parameters.nsURLCachePathExtensionHandle);
-
+
+ parameters.nsURLCachePath = fileSystemRepresentation([(NSString *)cachePath.get() stringByStandardizingPath]);
parameters.nsURLCacheMemoryCapacity = [urlCache memoryCapacity];
parameters.nsURLCacheDiskCapacity = [urlCache diskCapacity];
@@ -84,6 +84,9 @@
if (renderServerPort != MACH_PORT_NULL)
parameters.acceleratedCompositingPort = CoreIPC::MachPort(renderServerPort, MACH_MSG_TYPE_COPY_SEND);
#endif
+
+ // FIXME: This should really be configurable; we shouldn't just blindly allow read access to the UI process bundle.
+ parameters.uiProcessBundleResourcePath = fileSystemRepresentation([[NSBundle mainBundle] resourcePath]);
}
} // namespace WebKit
diff --git a/WebKit2/WebProcess/com.apple.WebProcess.sb b/WebKit2/WebProcess/com.apple.WebProcess.sb
index 0432bd5..2123c95 100644
--- a/WebKit2/WebProcess/com.apple.WebProcess.sb
+++ b/WebKit2/WebProcess/com.apple.WebProcess.sb
@@ -56,6 +56,14 @@
(if (positive? (string-length (param "DARWIN_USER_TEMP_DIR")))
(allow file* (subpath (param "DARWIN_USER_TEMP_DIR"))))
+;; The NSURLCache directory.
+(if (positive? (string-length (param "NSURL_CACHE_DIR")))
+ (allow file* (subpath (param "NSURL_CACHE_DIR"))))
+
+;; The bundle resource path of the UI process.
+(if (positive? (string-length (param "UI_PROCESS_BUNDLE_RESOURCE_DIR")))
+ (allow file-read* (subpath (param "UI_PROCESS_BUNDLE_RESOURCE_DIR"))))
+
;; FIXME: overly permissive since we can't pre-enumerate the client
;; classes for graphics cards
(allow iokit-open
diff --git a/WebKit2/WebProcess/mac/WebProcessMac.mm b/WebKit2/WebProcess/mac/WebProcessMac.mm
index 092e5da..18dad6a 100644
--- a/WebKit2/WebProcess/mac/WebProcessMac.mm
+++ b/WebKit2/WebProcess/mac/WebProcessMac.mm
@@ -135,6 +135,8 @@
"WEBKIT2_FRAMEWORK_DIR", frameworkPath,
"DARWIN_USER_TEMP_DIR", (const char*)tmpRealPath,
"DARWIN_USER_CACHE_DIR", (const char*)cacheRealPath,
+ "NSURL_CACHE_DIR", (const char*)parameters.nsURLCachePath.data(),
+ "UI_PROCESS_BUNDLE_RESOURCE_DIR", (const char*)parameters.uiProcessBundleResourcePath.data(),
NULL
};
@@ -153,12 +155,7 @@
NSUInteger cacheMemoryCapacity = parameters.nsURLCacheMemoryCapacity;
NSUInteger cacheDiskCapacity = parameters.nsURLCacheDiskCapacity;
- CString utf8CachePath = parameters.nsURLCachePath.utf8();
- NSString *nsCachePath = [[NSFileManager defaultManager] stringWithFileSystemRepresentation:utf8CachePath.data() length:utf8CachePath.length()];
-
- RefPtr<SandboxExtension> parentProcessURLCacheSandboxExtension = SandboxExtension::create(parameters.nsURLCachePathExtensionHandle);
- parentProcessURLCacheSandboxExtension->consumePermanently();
-
+ NSString *nsCachePath = [[NSFileManager defaultManager] stringWithFileSystemRepresentation:parameters.nsURLCachePath.data() length:parameters.nsURLCachePath.length()];
RetainPtr<NSURLCache> parentProcessURLCache(AdoptNS, [[NSURLCache alloc] initWithMemoryCapacity:cacheMemoryCapacity diskCapacity:cacheDiskCapacity diskPath:nsCachePath]);
[NSURLCache setSharedURLCache:parentProcessURLCache.get()];
}
