getUserMedia sandbox extensions should not be revoked when a getUserMedia allowed...
authoryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 15 May 2019 18:44:36 +0000 (18:44 +0000)
committeryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 15 May 2019 18:44:36 +0000 (18:44 +0000)
commit018e382f2907e3f7a5c39d3ecd30a53de0fb31bb
treee85aab88d2725457780797bb1fcb6724562dc327
parent9edd2e7a99fa02e9a76458b92bc7205c075bbf28
getUserMedia sandbox extensions should not be revoked when a getUserMedia allowed request is being processed
https://bugs.webkit.org/show_bug.cgi?id=197851

Reviewed by Alex Christensen.

Source/WebCore:

Add a completion handler to create a new capture stream.
This is used by WK2 layer to acknowledge the pending capture request is completed.
Just after the completion handler, make sure to update the document media state.
This is done to ensure that, should capture failing, the UIProcess
knows about it and can manage proper sandbox extension revocation.

Test: fast/mediastream/gum-stop-track.html

* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::UserMediaRequest::allow):
(WebCore::UserMediaRequest::PendingActivationMediaStream::PendingActivationMediaStream):
(WebCore::UserMediaRequest::PendingActivationMediaStream::~PendingActivationMediaStream):
* Modules/mediastream/UserMediaRequest.h:
(WebCore::UserMediaRequest::PendingActivationMediaStream::create):
* platform/mock/MockRealtimeMediaSourceCenter.cpp:
(WebCore::MockRealtimeMediaSourceCenter::mockRealtimeMediaSourceCenterEnabled):
* platform/mock/MockRealtimeMediaSourceCenter.h:

Source/WebKit:

Before the patch, stopping capture in a document and quickly triggering a new capture
might fail as the UIProcess would grant access and revoke sandbox access based on the fact
the page is no longer capturing.
To fix that issue, keep a state in the UIProcess to not revoke sandbox extensions in case of
capture being started.
Add an IPC message back to tell UIProcess when an allowed capture is finished.
Just after doing that, make sure the document is updating the media state to UIProcess, which will trigger proper sandbox extension handling.

This should also trigger the case of an allowed getUserMedia call that fails to start for some reason.
In that case, the patch will automatically trigger a document media state refresh which will trigger a sandbox revokation.

Covered by added test that exercise a newly added debug assertion.
This assertion ensures that we revoke extensions while a document is not capturing.

* UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::UserMediaPermissionRequestManagerProxy::~UserMediaPermissionRequestManagerProxy):
(WebKit::UserMediaPermissionRequestManagerProxy::grantAccess):
(WebKit::UserMediaPermissionRequestManagerProxy::captureStateChanged):
* UIProcess/UserMediaPermissionRequestManagerProxy.h:
* UIProcess/UserMediaProcessManager.cpp:
(WebKit::UserMediaProcessManager::willCreateMediaStream):
(WebKit::UserMediaProcessManager::revokeSandboxExtensionsIfNeeded):
* UIProcess/UserMediaProcessManager.h:
* UIProcess/WebPageProxy.h:
(WebKit::WebPageProxy::isCapturingAudio const):
(WebKit::WebPageProxy::isCapturingVideo const):
* WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:
(WebKit::UserMediaPermissionRequestManager::userMediaAccessWasGranted):
* WebProcess/MediaStream/UserMediaPermissionRequestManager.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::userMediaAccessWasGranted):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in:
* WebProcess/WebProcess.cpp:
(WebKit::checkDocumentsCaptureStateConsistency):
(WebKit::WebProcess::revokeUserMediaDeviceSandboxExtensions):

LayoutTests:

* fast/mediastream/gum-stop-track-expected.txt: Added.
* fast/mediastream/gum-stop-track.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245335 268f45cc-cd09-0410-ab3c-d52691b4dbfc
20 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/mediastream/gum-stop-track-expected.txt [new file with mode: 0644]
LayoutTests/fast/mediastream/gum-stop-track.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
Source/WebCore/Modules/mediastream/UserMediaRequest.h
Source/WebCore/platform/mock/MockRealtimeMediaSourceCenter.cpp
Source/WebCore/platform/mock/MockRealtimeMediaSourceCenter.h
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp
Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.h
Source/WebKit/UIProcess/UserMediaProcessManager.cpp
Source/WebKit/UIProcess/UserMediaProcessManager.h
Source/WebKit/UIProcess/WebPageProxy.h
Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp
Source/WebKit/WebProcess/MediaStream/UserMediaPermissionRequestManager.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp
Source/WebKit/WebProcess/WebPage/WebPage.h
Source/WebKit/WebProcess/WebPage/WebPage.messages.in
Source/WebKit/WebProcess/WebProcess.cpp