[iOS] Issue mach sandbox extension to the frontboard and icon service when the attach...
authorpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jan 2020 22:13:23 +0000 (22:13 +0000)
committerpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jan 2020 22:13:23 +0000 (22:13 +0000)
https://bugs.webkit.org/show_bug.cgi?id=205443
Source/WebCore:

Reviewed by Brent Fulgham.

Get focus ring color in the UI process since getting this color will communicate with the frontboard daemon.

Test: fast/sandbox/ios/focus-ring-color.html

* rendering/RenderTheme.h:
* rendering/RenderThemeIOS.h:
* rendering/RenderThemeIOS.mm:
(WebCore::cachedFocusRingColor):
(WebCore::RenderThemeIOS::platformFocusRingColor const):
(WebCore::RenderThemeIOS::setFocusRingColor):
* testing/Internals.cpp:
(WebCore::Internals::focusRingColor):
* testing/Internals.h:
* testing/Internals.idl:

Source/WebKit:

<rdar://problem/58074291>

Reviewed by Brent Fulgham.

When support for the html attachment element is enabled, issue a mach lookup extension to the frontboard and icon service
for the WebContent process, since these daemons are being contacted when icons for attachments are being queried. Also,
retrieve the focus ring color in the UI process, since getting this color requires access to the frontboard daemon.

Test: fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

LayoutTests:

Reviewed by Brent Fulgham.

* fast/sandbox/ios/focus-ring-color-expected.txt: Added.
* fast/sandbox/ios/focus-ring-color.html: Added.
* fast/sandbox/ios/sandbox-mach-lookup-attachment-element-expected.txt: Added.
* fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255457 268f45cc-cd09-0410-ab3c-d52691b4dbfc

23 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/sandbox/ios/focus-ring-color-expected.txt [new file with mode: 0644]
LayoutTests/fast/sandbox/ios/focus-ring-color.html [new file with mode: 0644]
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element-expected.txt [new file with mode: 0644]
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/rendering/RenderTheme.h
Source/WebCore/rendering/RenderThemeIOS.h
Source/WebCore/rendering/RenderThemeIOS.mm
Source/WebCore/testing/Internals.cpp
Source/WebCore/testing/Internals.h
Source/WebCore/testing/Internals.idl
Source/WebKit/ChangeLog
Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
Source/WebKit/Shared/WebPageCreationParameters.cpp
Source/WebKit/Shared/WebPageCreationParameters.h
Source/WebKit/Shared/WebProcessCreationParameters.cpp
Source/WebKit/Shared/WebProcessCreationParameters.h
Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/UIProcess/WebProcessProxy.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp
Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm

index b7cebd5..dadad99 100644 (file)
@@ -1,3 +1,15 @@
+2020-01-30  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Issue mach sandbox extension to the frontboard and icon service when the attachment element is enabled
+        https://bugs.webkit.org/show_bug.cgi?id=205443
+
+        Reviewed by Brent Fulgham.
+
+        * fast/sandbox/ios/focus-ring-color-expected.txt: Added.
+        * fast/sandbox/ios/focus-ring-color.html: Added.
+        * fast/sandbox/ios/sandbox-mach-lookup-attachment-element-expected.txt: Added.
+        * fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html: Added.
+
 2020-01-30  Alexey Shvayka  <shvaikalesh@gmail.com>
 
         Incomplete braced quantifiers should be banned in Unicode patterns only
diff --git a/LayoutTests/fast/sandbox/ios/focus-ring-color-expected.txt b/LayoutTests/fast/sandbox/ios/focus-ring-color-expected.txt
new file mode 100644 (file)
index 0000000..f1272b9
--- /dev/null
@@ -0,0 +1,7 @@
+Test that the focus ring color is as expected.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS internals.focusRingColor() is 'rgb(0, 122, 255)'
+
diff --git a/LayoutTests/fast/sandbox/ios/focus-ring-color.html b/LayoutTests/fast/sandbox/ios/focus-ring-color.html
new file mode 100644 (file)
index 0000000..8cd5ee8
--- /dev/null
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../../../resources/js-test-pre.js"></script>
+<script>
+description('Test that the focus ring color is as expected.');
+
+if (window.internals) {
+    shouldBe("internals.focusRingColor()", "'rgb(0, 122, 255)'");
+}
+</script>
+</head>
+<body>
+</body>
diff --git a/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element-expected.txt b/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element-expected.txt
new file mode 100644 (file)
index 0000000..1e9992a
--- /dev/null
@@ -0,0 +1,8 @@
+Test that the WebContent process has mach lookup access to frontboard and icon services when the attachment element is enabled
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS internals.hasSandboxMachLookupAccessToGlobalName('com.apple.WebKit.WebContent', 'com.apple.frontboard.systemappservices') is true
+PASS internals.hasSandboxMachLookupAccessToGlobalName('com.apple.WebKit.WebContent', 'com.apple.iconservices') is true
+
diff --git a/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html b/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html
new file mode 100644 (file)
index 0000000..b59411b
--- /dev/null
@@ -0,0 +1,15 @@
+<!DOCTYPE html><!-- webkit-test-runner [ enableAttachmentElement=true ] -->
+<html>
+<head>
+<script src="../../../resources/js-test-pre.js"></script>
+<script>
+description('Test that the WebContent process has mach lookup access to frontboard and icon services when the attachment element is enabled');
+
+if (window.internals) {
+    shouldBeTrue("internals.hasSandboxMachLookupAccessToGlobalName('com.apple.WebKit.WebContent', 'com.apple.frontboard.systemappservices')");
+    shouldBeTrue("internals.hasSandboxMachLookupAccessToGlobalName('com.apple.WebKit.WebContent', 'com.apple.iconservices')");
+}
+</script>
+</head>
+<body>
+</body>
index f4b2171..ad9b006 100644 (file)
@@ -1,3 +1,25 @@
+2020-01-30  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Issue mach sandbox extension to the frontboard and icon service when the attachment element is enabled
+        https://bugs.webkit.org/show_bug.cgi?id=205443
+
+        Reviewed by Brent Fulgham.
+
+        Get focus ring color in the UI process since getting this color will communicate with the frontboard daemon.
+
+        Test: fast/sandbox/ios/focus-ring-color.html
+
+        * rendering/RenderTheme.h:
+        * rendering/RenderThemeIOS.h:
+        * rendering/RenderThemeIOS.mm:
+        (WebCore::cachedFocusRingColor):
+        (WebCore::RenderThemeIOS::platformFocusRingColor const):
+        (WebCore::RenderThemeIOS::setFocusRingColor):
+        * testing/Internals.cpp:
+        (WebCore::Internals::focusRingColor):
+        * testing/Internals.h:
+        * testing/Internals.idl:
+
 2020-01-30  Jonathan Bedard  <jbedard@apple.com>
 
         PAL: Remove old iOS version macros
index 383a935..ff87688 100644 (file)
@@ -160,7 +160,7 @@ public:
 
     virtual Color disabledTextColor(const Color& textColor, const Color& backgroundColor) const;
 
-    Color focusRingColor(OptionSet<StyleColor::Options>) const;
+    WTF_EXPORT Color focusRingColor(OptionSet<StyleColor::Options>) const;
     virtual Color platformFocusRingColor(OptionSet<StyleColor::Options>) const { return Color(0, 0, 0); }
     static void setCustomFocusRingColor(const Color&);
     static float platformFocusRingWidth() { return 3; }
index a432c8b..e4b9961 100644 (file)
@@ -64,7 +64,9 @@ public:
 
     WEBCORE_EXPORT static const CSSValueToSystemColorMap& cssValueToSystemColorMap();
     WEBCORE_EXPORT static void setCSSValueToSystemColorMap(CSSValueToSystemColorMap&&);
-    
+
+    WEBCORE_EXPORT static void setFocusRingColor(const Color&);
+
 protected:
     LengthBox popupInternalPaddingBox(const RenderStyle&) const override;
     
index 8d42928..47455a0 100644 (file)
@@ -1130,9 +1130,18 @@ Color RenderThemeIOS::platformInactiveSelectionBackgroundColor(OptionSet<StyleCo
     return Color::transparent;
 }
 
+static Optional<Color>& cachedFocusRingColor()
+{
+    static NeverDestroyed<Optional<Color>> color;
+    return color;
+}
+
 #if ENABLE(FULL_KEYBOARD_ACCESS)
 Color RenderThemeIOS::platformFocusRingColor(OptionSet<StyleColor::Options>) const
 {
+    if (cachedFocusRingColor().hasValue())
+        return *cachedFocusRingColor();
+
     // FIXME: Should be using -keyboardFocusIndicatorColor. For now, work around <rdar://problem/50838886>.
     return colorFromUIColor([PAL::getUIColorClass() systemBlueColor]);
 }
@@ -1538,6 +1547,11 @@ void RenderThemeIOS::setCSSValueToSystemColorMap(CSSValueToSystemColorMap&& colo
     globalCSSValueToSystemColorMap() = WTFMove(colorMap);
 }
 
+void RenderThemeIOS::setFocusRingColor(const Color& color)
+{
+    cachedFocusRingColor() = color;
+}
+
 Color RenderThemeIOS::systemColor(CSSValueID cssValueID, OptionSet<StyleColor::Options> options) const
 {
     const bool forVisitedLink = options.contains(StyleColor::Options::ForVisitedLink);
index aa2da97..5cef510 100644 (file)
@@ -5455,4 +5455,10 @@ String Internals::mediaMIMETypeForExtension(const String& extension)
     return MIMETypeRegistry::getMediaMIMETypeForExtension(extension);
 }
 
+String Internals::focusRingColor()
+{
+    OptionSet<StyleColor::Options> options;
+    return RenderTheme::singleton().focusRingColor(options).cssText();
+}
+
 } // namespace WebCore
index 2deb483..4af131b 100644 (file)
@@ -933,6 +933,8 @@ public:
 
     String mediaMIMETypeForExtension(const String& extension);
 
+    String focusRingColor();
+
 private:
     explicit Internals(Document&);
     Document* contextDocument() const;
index 57ea10e..171e577 100644 (file)
@@ -836,6 +836,7 @@ enum CompositingPolicy {
     boolean hasSandboxMachLookupAccessToXPCServiceName(DOMString process, DOMString service);
     
     DOMString systemColorForCSSValue(DOMString cssValue, boolean useDarkModeAppearance, boolean useElevatedUserInterfaceLevel);
+    DOMString focusRingColor();
 
     boolean systemHasBattery();
 
index 6677ec6..65b6397 100644 (file)
@@ -1,3 +1,27 @@
+2020-01-30  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Issue mach sandbox extension to the frontboard and icon service when the attachment element is enabled
+        https://bugs.webkit.org/show_bug.cgi?id=205443
+        <rdar://problem/58074291>
+
+        Reviewed by Brent Fulgham.
+
+        When support for the html attachment element is enabled, issue a mach lookup extension to the frontboard and icon service
+        for the WebContent process, since these daemons are being contacted when icons for attachments are being queried. Also,
+        retrieve the focus ring color in the UI process, since getting this color requires access to the frontboard daemon.
+
+        Test: fast/sandbox/ios/sandbox-mach-lookup-attachment-element.html
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+        * Shared/WebProcessCreationParameters.cpp:
+        (WebKit::WebProcessCreationParameters::encode const):
+        (WebKit::WebProcessCreationParameters::decode):
+        * Shared/WebProcessCreationParameters.h:
+        * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+        (WebKit::WebProcessPool::platformInitializeWebProcess):
+        * WebProcess/cocoa/WebProcessCocoa.mm:
+        (WebKit::WebProcess::platformInitializeWebProcess):
+
 2020-01-30  Tim Horton  <timothy_horton@apple.com>
 
         REGRESSION (r253267): Swipe from edge on Twitter images no longer goes back
index 372b59a..cd5d32a 100644 (file)
 (allow mach-lookup
     (require-all
         (extension "com.apple.webkit.extension.mach")
-        (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open" "com.apple.mobileassetd" "com.apple.mobileassetd.v2")))
+        (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open" "com.apple.mobileassetd" "com.apple.mobileassetd.v2" "com.apple.frontboard.systemappservices" "com.apple.iconservices")))
 
 (allow mach-lookup
     (require-all
index 9085995..6c99391 100644 (file)
@@ -92,6 +92,8 @@ void WebPageCreationParameters::encode(IPC::Encoder& encoder) const
     encoder << viewportConfigurationMinimumEffectiveDeviceWidth;
     encoder << viewportConfigurationViewSize;
     encoder << overrideViewportArguments;
+    encoder << frontboardExtensionHandle;
+    encoder << iconServicesExtensionHandle;
 #endif
 
 #if PLATFORM(IOS_FAMILY)
@@ -299,6 +301,18 @@ Optional<WebPageCreationParameters> WebPageCreationParameters::decode(IPC::Decod
     if (!overrideViewportArguments)
         return WTF::nullopt;
     parameters.overrideViewportArguments = WTFMove(*overrideViewportArguments);
+
+    Optional<Optional<SandboxExtension::Handle>> frontboardExtensionHandle;
+    decoder >> frontboardExtensionHandle;
+    if (!frontboardExtensionHandle)
+        return WTF::nullopt;
+    parameters.frontboardExtensionHandle = WTFMove(*frontboardExtensionHandle);
+
+    Optional<Optional<SandboxExtension::Handle>> iconServicesExtensionHandle;
+    decoder >> iconServicesExtensionHandle;
+    if (!iconServicesExtensionHandle)
+        return WTF::nullopt;
+    parameters.iconServicesExtensionHandle = WTFMove(*iconServicesExtensionHandle);
 #endif
 
 #if PLATFORM(IOS_FAMILY)
index aa05714..6dec8d5 100644 (file)
@@ -152,6 +152,8 @@ struct WebPageCreationParameters {
     double viewportConfigurationMinimumEffectiveDeviceWidth;
     WebCore::FloatSize viewportConfigurationViewSize;
     Optional<WebCore::ViewportArguments> overrideViewportArguments;
+    Optional<SandboxExtension::Handle> frontboardExtensionHandle;
+    Optional<SandboxExtension::Handle> iconServicesExtensionHandle;
 #endif
 #if PLATFORM(IOS_FAMILY)
     WebCore::FloatSize screenSize;
index d04a47f..61b10d7 100644 (file)
@@ -173,6 +173,7 @@ void WebProcessCreationParameters::encode(IPC::Encoder& encoder) const
 #if PLATFORM(IOS_FAMILY)
     encoder << currentUserInterfaceIdiomIsPad;
     encoder << cssValueToSystemColorMap;
+    encoder << focusRingColor;
 #endif
 }
 
@@ -458,6 +459,12 @@ bool WebProcessCreationParameters::decode(IPC::Decoder& decoder, WebProcessCreat
     if (!cssValueToSystemColorMap)
         return false;
     parameters.cssValueToSystemColorMap = WTFMove(*cssValueToSystemColorMap);
+
+    Optional<WebCore::Color> focusRingColor;
+    decoder >> focusRingColor;
+    if (!focusRingColor)
+        return false;
+    parameters.focusRingColor = WTFMove(*focusRingColor);
 #endif
 
     return true;
index a8cc197..1fa0304 100644 (file)
@@ -215,6 +215,7 @@ struct WebProcessCreationParameters {
 #if PLATFORM(IOS_FAMILY)
     bool currentUserInterfaceIdiomIsPad { false };
     WebCore::RenderThemeIOS::CSSValueToSystemColorMap cssValueToSystemColorMap;
+    WebCore::Color focusRingColor;
 #endif
 };
 
index 60852bc..fd97d4e 100644 (file)
@@ -360,6 +360,7 @@ void WebProcessPool::platformInitializeWebProcess(const WebProcessProxy& process
 #if PLATFORM(IOS_FAMILY)
     parameters.currentUserInterfaceIdiomIsPad = currentUserInterfaceIdiomIsPad();
     parameters.cssValueToSystemColorMap = RenderThemeIOS::cssValueToSystemColorMap();
+    parameters.focusRingColor = RenderTheme::singleton().focusRingColor(OptionSet<StyleColor::Options>());
 #endif
 }
 
index a5e36e4..8355eba 100644 (file)
@@ -7651,6 +7651,17 @@ WebPageCreationParameters WebPageProxy::creationParameters(WebProcessProxy& proc
     parameters.themeName = pageClient().themeName();
 #endif
 
+#if ENABLE(ATTACHMENT_ELEMENT) && PLATFORM(IOS_FAMILY)
+    if (m_preferences->attachmentElementEnabled() && !m_process->hasIssuedAttachmentElementRelatedSandboxExtensions()) {
+        SandboxExtension::Handle handle;
+        SandboxExtension::createHandleForMachLookup("com.apple.frontboard.systemappservices", WTF::nullopt, handle);
+        parameters.frontboardExtensionHandle = WTFMove(handle);
+        SandboxExtension::createHandleForMachLookup("com.apple.iconservices", WTF::nullopt, handle);
+        parameters.iconServicesExtensionHandle = WTFMove(handle);
+        m_process->setHasIssuedAttachmentElementRelatedSandboxExtensions();
+    }
+#endif
+
     return parameters;
 }
 
index 132dfb3..6c19530 100644 (file)
@@ -354,6 +354,11 @@ public:
     UserMediaCaptureManagerProxy* userMediaCaptureManagerProxy() { return m_userMediaCaptureManagerProxy.get(); }
 #endif
 
+#if ENABLE(ATTACHMENT_ELEMENT) && PLATFORM(IOS_FAMILY)
+    bool hasIssuedAttachmentElementRelatedSandboxExtensions() const { return m_hasIssuedAttachmentElementRelatedSandboxExtensions; }
+    void setHasIssuedAttachmentElementRelatedSandboxExtensions() { m_hasIssuedAttachmentElementRelatedSandboxExtensions = true; }
+#endif
+
 protected:
     WebProcessProxy(WebProcessPool&, WebsiteDataStore*, IsPrewarmed);
 
@@ -532,6 +537,9 @@ private:
     bool m_hasCommittedAnyProvisionalLoads { false };
     bool m_isPrewarmed;
     bool m_hasAudibleWebPage { false };
+#if ENABLE(ATTACHMENT_ELEMENT) && PLATFORM(IOS_FAMILY)
+    bool m_hasIssuedAttachmentElementRelatedSandboxExtensions { false };
+#endif
 
 #if PLATFORM(WATCHOS)
     std::unique_ptr<ProcessThrottler::BackgroundActivity> m_backgroundActivityForFullscreenFormControls;
index e65361a..e303c22 100644 (file)
@@ -526,6 +526,13 @@ WebPage::WebPage(PageIdentifier pageID, WebPageCreationParameters&& parameters)
 
     pageConfiguration.corsDisablingPatterns = WTFMove(parameters.corsDisablingPatterns);
 
+#if ENABLE(ATTACHMENT_ELEMENT) && PLATFORM(IOS_FAMILY)
+    if (parameters.frontboardExtensionHandle)
+        SandboxExtension::consumePermanently(*parameters.frontboardExtensionHandle);
+    if (parameters.iconServicesExtensionHandle)
+        SandboxExtension::consumePermanently(*parameters.iconServicesExtensionHandle);
+#endif
+
     m_page = makeUnique<Page>(WTFMove(pageConfiguration));
 
     updatePreferences(parameters.store);
index 98dbd4e..e96d85d 100644 (file)
@@ -267,6 +267,7 @@ void WebProcess::platformInitializeWebProcess(WebProcessCreationParameters& para
 
 #if PLATFORM(IOS_FAMILY)
     RenderThemeIOS::setCSSValueToSystemColorMap(WTFMove(parameters.cssValueToSystemColorMap));
+    RenderThemeIOS::setFocusRingColor(parameters.focusRingColor);
 #endif
 }