Unreviewed, rolling out r241620.
[WebKit-https.git] / Source / WebKit / UIProcess / Launcher / mac / ProcessLauncherMac.mm
1 /*
2  * Copyright (C) 2010-2018 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #import "config.h"
27 #import "ProcessLauncher.h"
28
29 #import <crt_externs.h>
30 #import <mach-o/dyld.h>
31 #import <mach/mach_error.h>
32 #import <mach/machine.h>
33 #import <pal/spi/cocoa/ServersSPI.h>
34 #import <spawn.h>
35 #import <sys/param.h>
36 #import <sys/stat.h>
37 #import <wtf/MachSendRight.h>
38 #import <wtf/RunLoop.h>
39 #import <wtf/SoftLinking.h>
40 #import <wtf/Threading.h>
41 #import <wtf/spi/cf/CFBundleSPI.h>
42 #import <wtf/spi/darwin/XPCSPI.h>
43 #import <wtf/text/CString.h>
44 #import <wtf/text/WTFString.h>
45
46 #if PLATFORM(MAC)
47 #import "CodeSigning.h"
48 #endif
49
50 namespace WebKit {
51
52 static const char* serviceName(const ProcessLauncher::LaunchOptions& launchOptions)
53 {
54     switch (launchOptions.processType) {
55     case ProcessLauncher::ProcessType::Web:
56         return launchOptions.nonValidInjectedCodeAllowed ? "com.apple.WebKit.WebContent.Development" : "com.apple.WebKit.WebContent";
57     case ProcessLauncher::ProcessType::Network:
58         return "com.apple.WebKit.Networking";
59     case ProcessLauncher::ProcessType::NetworkDaemon:
60         ASSERT_NOT_REACHED();
61         return nullptr;
62 #if ENABLE(NETSCAPE_PLUGIN_API)
63     case ProcessLauncher::ProcessType::Plugin32:
64         return "com.apple.WebKit.Plugin.32";
65     case ProcessLauncher::ProcessType::Plugin64:
66         return "com.apple.WebKit.Plugin.64";
67 #endif
68     }
69 }
70
71 static bool shouldLeakBoost(const ProcessLauncher::LaunchOptions& launchOptions)
72 {
73 #if PLATFORM(IOS_FAMILY)
74     // On iOS, leak a boost onto all child processes
75     UNUSED_PARAM(launchOptions);
76     return true;
77 #else
78     // On Mac, leak a boost onto the NetworkProcess.
79     return launchOptions.processType == ProcessLauncher::ProcessType::Network;
80 #endif
81 }
82
83 static NSString *systemDirectoryPath()
84 {
85     static NSString *path = [^{
86 #if PLATFORM(IOS_FAMILY_SIMULATOR)
87         char *simulatorRoot = getenv("SIMULATOR_ROOT");
88         return simulatorRoot ? [NSString stringWithFormat:@"%s/System/", simulatorRoot] : @"/System/";
89 #else
90         return @"/System/";
91 #endif
92     }() copy];
93
94     return path;
95 }
96
97 void ProcessLauncher::launchProcess()
98 {
99     ASSERT(!m_xpcConnection);
100
101     if (m_launchOptions.processType == ProcessLauncher::ProcessType::NetworkDaemon)
102         m_xpcConnection = adoptOSObject(xpc_connection_create_mach_service("com.apple.WebKit.NetworkingDaemon", dispatch_get_main_queue(), 0));
103     else {
104         const char* name = m_launchOptions.customWebContentServiceBundleIdentifier.isNull() ? serviceName(m_launchOptions) : m_launchOptions.customWebContentServiceBundleIdentifier.data();
105         m_xpcConnection = adoptOSObject(xpc_connection_create(name, nullptr));
106
107         uuid_t uuid;
108         uuid_generate(uuid);
109         xpc_connection_set_oneshot_instance(m_xpcConnection.get(), uuid);
110     }
111
112     // Inherit UI process localization. It can be different from child process default localization:
113     // 1. When the application and system frameworks simply have different localized resources available, we should match the application.
114     // 1.1. An important case is WebKitTestRunner, where we should use English localizations for all system frameworks.
115     // 2. When AppleLanguages is passed as command line argument for UI process, or set in its preferences, we should respect it in child processes.
116     auto initializationMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
117     _CFBundleSetupXPCBootstrap(initializationMessage.get());
118 #if PLATFORM(IOS_FAMILY)
119     // Clients that set these environment variables explicitly do not have the values automatically forwarded by libxpc.
120     auto containerEnvironmentVariables = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
121     if (const char* environmentHOME = getenv("HOME"))
122         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "HOME", environmentHOME);
123     if (const char* environmentCFFIXED_USER_HOME = getenv("CFFIXED_USER_HOME"))
124         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "CFFIXED_USER_HOME", environmentCFFIXED_USER_HOME);
125     if (const char* environmentTMPDIR = getenv("TMPDIR"))
126         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "TMPDIR", environmentTMPDIR);
127     xpc_dictionary_set_value(initializationMessage.get(), "ContainerEnvironmentVariables", containerEnvironmentVariables.get());
128 #endif
129
130     auto languagesIterator = m_launchOptions.extraInitializationData.find("OverrideLanguages");
131     if (languagesIterator != m_launchOptions.extraInitializationData.end()) {
132         auto languages = adoptOSObject(xpc_array_create(nullptr, 0));
133         for (auto& language : languagesIterator->value.split(','))
134             xpc_array_set_string(languages.get(), XPC_ARRAY_APPEND, language.utf8().data());
135         xpc_dictionary_set_value(initializationMessage.get(), "OverrideLanguages", languages.get());
136     }
137
138 #if PLATFORM(MAC)
139     xpc_dictionary_set_string(initializationMessage.get(), "WebKitBundleVersion", [[NSBundle bundleWithIdentifier:@"com.apple.WebKit"].infoDictionary[(__bridge NSString *)kCFBundleVersionKey] UTF8String]);
140 #endif
141
142     if (shouldLeakBoost(m_launchOptions)) {
143         auto preBootstrapMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
144         xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap");
145         xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get());
146     }
147     
148     // Create the listening port.
149     mach_port_t listeningPort = MACH_PORT_NULL;
150     auto kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort);
151     if (kr != KERN_SUCCESS) {
152         LOG_ERROR("Could not allocate mach port, error %x: %s", kr, mach_error_string(kr));
153         CRASH();
154     }
155
156     // Insert a send right so we can send to it.
157     mach_port_insert_right(mach_task_self(), listeningPort, listeningPort, MACH_MSG_TYPE_MAKE_SEND);
158
159     mach_port_t previousNotificationPort = MACH_PORT_NULL;
160     auto mc = mach_port_request_notification(mach_task_self(), listeningPort, MACH_NOTIFY_NO_SENDERS, 0, listeningPort, MACH_MSG_TYPE_MAKE_SEND_ONCE, &previousNotificationPort);
161     ASSERT(!previousNotificationPort);
162     ASSERT(mc == KERN_SUCCESS);
163     if (mc != KERN_SUCCESS) {
164         // If mach_port_request_notification fails, 'previousNotificationPort' will be uninitialized.
165         LOG_ERROR("mach_port_request_notification failed: (%x) %s", mc, mach_error_string(mc));
166     }
167
168     String clientIdentifier;
169 #if PLATFORM(MAC)
170     clientIdentifier = codeSigningIdentifierForCurrentProcess();
171 #endif
172     if (clientIdentifier.isNull())
173         clientIdentifier = [[NSBundle mainBundle] bundleIdentifier];
174
175     auto bootstrapMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
176
177     xpc_dictionary_set_value(bootstrapMessage.get(), "initialization-message", initializationMessage.get());
178     
179     if (m_client && !m_client->isJITEnabled())
180         xpc_dictionary_set_bool(bootstrapMessage.get(), "disable-jit", true);
181
182     xpc_dictionary_set_string(bootstrapMessage.get(), "message-name", "bootstrap");
183
184     xpc_dictionary_set_mach_send(bootstrapMessage.get(), "server-port", listeningPort);
185
186     xpc_dictionary_set_string(bootstrapMessage.get(), "client-identifier", !clientIdentifier.isEmpty() ? clientIdentifier.utf8().data() : *_NSGetProgname());
187     xpc_dictionary_set_string(bootstrapMessage.get(), "process-identifier", String::number(m_launchOptions.processIdentifier.toUInt64()).utf8().data());
188     xpc_dictionary_set_string(bootstrapMessage.get(), "ui-process-name", [[[NSProcessInfo processInfo] processName] UTF8String]);
189
190     bool isWebKitDevelopmentBuild = ![[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit"] bundlePath] stringByDeletingLastPathComponent] hasPrefix:systemDirectoryPath()];
191     if (isWebKitDevelopmentBuild) {
192         xpc_dictionary_set_fd(bootstrapMessage.get(), "stdout", STDOUT_FILENO);
193         xpc_dictionary_set_fd(bootstrapMessage.get(), "stderr", STDERR_FILENO);
194     }
195
196     auto extraInitializationData = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
197
198     for (const auto& keyValuePair : m_launchOptions.extraInitializationData)
199         xpc_dictionary_set_string(extraInitializationData.get(), keyValuePair.key.utf8().data(), keyValuePair.value.utf8().data());
200
201     xpc_dictionary_set_value(bootstrapMessage.get(), "extra-initialization-data", extraInitializationData.get());
202
203     auto errorHandlerImpl = [weakProcessLauncher = makeWeakPtr(*this), listeningPort] (xpc_object_t event) {
204         ASSERT(!event || xpc_get_type(event) == XPC_TYPE_ERROR);
205
206         auto processLauncher = weakProcessLauncher.get();
207         if (!processLauncher)
208             return;
209
210         if (!processLauncher->isLaunching())
211             return;
212
213 #if !ASSERT_DISABLED
214         mach_port_urefs_t sendRightCount = 0;
215         mach_port_get_refs(mach_task_self(), listeningPort, MACH_PORT_RIGHT_SEND, &sendRightCount);
216         ASSERT(sendRightCount >= 1);
217 #endif
218
219         // We failed to launch. Release the send right.
220         deallocateSendRightSafely(listeningPort);
221
222         // And the receive right.
223         mach_port_mod_refs(mach_task_self(), listeningPort, MACH_PORT_RIGHT_RECEIVE, -1);
224
225         if (processLauncher->m_xpcConnection)
226             xpc_connection_cancel(processLauncher->m_xpcConnection.get());
227         processLauncher->m_xpcConnection = nullptr;
228
229         processLauncher->didFinishLaunchingProcess(0, IPC::Connection::Identifier());
230     };
231
232     auto errorHandler = [errorHandlerImpl = WTFMove(errorHandlerImpl)] (xpc_object_t event) mutable {
233         RunLoop::main().dispatch([errorHandlerImpl = WTFMove(errorHandlerImpl), event] {
234             errorHandlerImpl(event);
235         });
236     };
237
238     xpc_connection_set_event_handler(m_xpcConnection.get(), errorHandler);
239
240     xpc_connection_resume(m_xpcConnection.get());
241
242     if (UNLIKELY(m_launchOptions.shouldMakeProcessLaunchFailForTesting)) {
243         errorHandler(nullptr);
244         return;
245     }
246
247     ref();
248     xpc_connection_send_message_with_reply(m_xpcConnection.get(), bootstrapMessage.get(), dispatch_get_main_queue(), ^(xpc_object_t reply) {
249         // Errors are handled in the event handler.
250         // It is possible for this block to be called after the error event handler, in which case we're no longer
251         // launching and we already took care of cleaning things up.
252         if (isLaunching() && xpc_get_type(reply) != XPC_TYPE_ERROR) {
253             ASSERT(xpc_get_type(reply) == XPC_TYPE_DICTIONARY);
254             ASSERT(!strcmp(xpc_dictionary_get_string(reply, "message-name"), "process-finished-launching"));
255
256 #if !ASSERT_DISABLED
257             mach_port_urefs_t sendRightCount = 0;
258             mach_port_get_refs(mach_task_self(), listeningPort, MACH_PORT_RIGHT_SEND, &sendRightCount);
259             ASSERT(sendRightCount >= 1);
260 #endif
261
262             deallocateSendRightSafely(listeningPort);
263
264             if (!m_xpcConnection) {
265                 // The process was terminated.
266                 didFinishLaunchingProcess(0, IPC::Connection::Identifier());
267                 return;
268             }
269
270             // The process has finished launching, grab the pid from the connection.
271             pid_t processIdentifier = xpc_connection_get_pid(m_xpcConnection.get());
272
273             didFinishLaunchingProcess(processIdentifier, IPC::Connection::Identifier(listeningPort, m_xpcConnection));
274             m_xpcConnection = nullptr;
275         }
276
277         deref();
278     });
279 }
280
281 void ProcessLauncher::terminateProcess()
282 {
283     if (m_isLaunching) {
284         invalidate();
285         return;
286     }
287
288     if (!m_processIdentifier)
289         return;
290     
291     kill(m_processIdentifier, SIGKILL);
292     m_processIdentifier = 0;
293 }
294     
295 void ProcessLauncher::platformInvalidate()
296 {
297     if (!m_xpcConnection)
298         return;
299
300     xpc_connection_cancel(m_xpcConnection.get());
301     xpc_connection_kill(m_xpcConnection.get(), SIGKILL);
302     m_xpcConnection = nullptr;
303 }
304
305 } // namespace WebKit