WebSocket streams should have network usage attributed to correct process
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 7 Apr 2017 18:36:03 +0000 (18:36 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 7 Apr 2017 18:36:03 +0000 (18:36 +0000)
https://bugs.webkit.org/show_bug.cgi?id=170322
<rdar://problem/26413551>

Reviewed by Alex Christensen.

Source/WebCore:

Tested manually since it requires a per-app VPN.

* page/SocketProvider.cpp:
(WebCore::SocketProvider::createSocketStreamHandle):
    Sends in an empty struct since it doesn't have access to
    platform dependent sourceApplicationAuditData.
* platform/network/SocketStreamHandle.h:
    Declaration of a per-platform struct to hold CF data for
    Cocoa platforms.
* platform/network/cf/SocketStreamHandleImpl.h:
(WebCore::SocketStreamHandleImpl::create):
    Now takes WebCore::SourceApplicationAuditToken which is
    passed on to the constructor.
* platform/network/cf/SocketStreamHandleImplCFNet.cpp:
(WebCore::SocketStreamHandleImpl::SocketStreamHandleImpl):
    Now takes WebCore::SourceApplicationAuditToken which is
    passed on to the streams once created.
(WebCore::SocketStreamHandleImpl::createStreams):
    Now sets kCFStreamPropertySourceApplication for the two
    streams.
* platform/network/curl/SocketStreamHandleImpl.h:
(WebCore::SocketStreamHandleImpl::create):
    Added unused WebCore::SourceApplicationAuditToken parameter.
* platform/network/soup/SocketStreamHandleImpl.h:
* platform/network/soup/SocketStreamHandleImplSoup.cpp:
(WebCore::SocketStreamHandleImpl::create):
    Added unused WebCore::SourceApplicationAuditToken parameter.

Source/WebKit2:

Changes here are due to the added WebCore::SourceApplicationAuditToken parameter
in WebCore::SocketStreamHandleImpl::create().
WebKit::NetworkSocketStream takes it and passes it on.

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::createSocketStream):
* NetworkProcess/NetworkSocketStream.cpp:
(WebKit::NetworkSocketStream::create):
(WebKit::NetworkSocketStream::NetworkSocketStream):
* NetworkProcess/NetworkSocketStream.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@215104 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12 files changed:
Source/WebCore/ChangeLog
Source/WebCore/page/SocketProvider.cpp
Source/WebCore/platform/network/SocketStreamHandle.h
Source/WebCore/platform/network/cf/SocketStreamHandleImpl.h
Source/WebCore/platform/network/cf/SocketStreamHandleImplCFNet.cpp
Source/WebCore/platform/network/curl/SocketStreamHandleImpl.h
Source/WebCore/platform/network/soup/SocketStreamHandleImpl.h
Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp
Source/WebKit2/ChangeLog
Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.cpp
Source/WebKit2/NetworkProcess/NetworkSocketStream.cpp
Source/WebKit2/NetworkProcess/NetworkSocketStream.h

index 707177e..5755268 100644 (file)
@@ -1,3 +1,39 @@
+2017-04-07  John Wilander  <wilander@apple.com>
+
+        WebSocket streams should have network usage attributed to correct process
+        https://bugs.webkit.org/show_bug.cgi?id=170322
+        <rdar://problem/26413551>
+
+        Reviewed by Alex Christensen.
+
+        Tested manually since it requires a per-app VPN.
+
+        * page/SocketProvider.cpp:
+        (WebCore::SocketProvider::createSocketStreamHandle):
+            Sends in an empty struct since it doesn't have access to
+            platform dependent sourceApplicationAuditData.
+        * platform/network/SocketStreamHandle.h:
+            Declaration of a per-platform struct to hold CF data for
+            Cocoa platforms.
+        * platform/network/cf/SocketStreamHandleImpl.h:
+        (WebCore::SocketStreamHandleImpl::create):
+            Now takes WebCore::SourceApplicationAuditToken which is
+            passed on to the constructor.
+        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
+        (WebCore::SocketStreamHandleImpl::SocketStreamHandleImpl):
+            Now takes WebCore::SourceApplicationAuditToken which is
+            passed on to the streams once created.
+        (WebCore::SocketStreamHandleImpl::createStreams):
+            Now sets kCFStreamPropertySourceApplication for the two
+            streams.
+        * platform/network/curl/SocketStreamHandleImpl.h:
+        (WebCore::SocketStreamHandleImpl::create):
+            Added unused WebCore::SourceApplicationAuditToken parameter.
+        * platform/network/soup/SocketStreamHandleImpl.h:
+        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
+        (WebCore::SocketStreamHandleImpl::create):
+            Added unused WebCore::SourceApplicationAuditToken parameter.
+
 2017-04-07  Alex Christensen  <achristensen@webkit.org>
 
         REGRESSION(r204512): WebSocket errors with "Failed to send WebSocket frame."  if too much data is sent
index 836c0e8..fe97ee8 100644 (file)
@@ -34,7 +34,7 @@ namespace WebCore {
     
 Ref<SocketStreamHandle> SocketProvider::createSocketStreamHandle(const URL& url, SocketStreamHandleClient& client, SessionID sessionID, const String& credentialPartition)
 {
-    return SocketStreamHandleImpl::create(url, client, sessionID, credentialPartition);
+    return SocketStreamHandleImpl::create(url, client, sessionID, credentialPartition, { });
 }
     
 }
index f41bd31..79182f4 100644 (file)
@@ -38,6 +38,14 @@ namespace WebCore {
 
 class SocketStreamHandleClient;
 
+typedef struct {
+#if PLATFORM(COCOA)
+    RetainPtr<CFDataRef> sourceApplicationAuditData;
+#else
+    void *empty { nullptr };
+#endif
+} SourceApplicationAuditToken;
+
 class SocketStreamHandle : public ThreadSafeRefCounted<SocketStreamHandle> {
 public:
     enum SocketStreamState { Connecting, Open, Closing, Closed };
index 10d6698..09d2a87 100644 (file)
@@ -46,7 +46,7 @@ class SocketStreamHandleClient;
 
 class SocketStreamHandleImpl : public SocketStreamHandle {
 public:
-    static Ref<SocketStreamHandleImpl> create(const URL& url, SocketStreamHandleClient& client, SessionID sessionID, const String& credentialPartition) { return adoptRef(*new SocketStreamHandleImpl(url, client, sessionID, credentialPartition)); }
+    static Ref<SocketStreamHandleImpl> create(const URL& url, SocketStreamHandleClient& client, SessionID sessionID, const String& credentialPartition, SourceApplicationAuditToken&& auditData) { return adoptRef(*new SocketStreamHandleImpl(url, client, sessionID, credentialPartition, WTFMove(auditData))); }
 
     virtual ~SocketStreamHandleImpl();
 
@@ -57,7 +57,7 @@ private:
     std::optional<size_t> platformSendInternal(const char*, size_t);
     bool sendPendingData();
 
-    WEBCORE_EXPORT SocketStreamHandleImpl(const URL&, SocketStreamHandleClient&, SessionID, const String& credentialPartition);
+    WEBCORE_EXPORT SocketStreamHandleImpl(const URL&, SocketStreamHandleClient&, SessionID, const String& credentialPartition, SourceApplicationAuditToken&&);
     void createStreams();
     void scheduleStreams();
     void chooseProxy();
@@ -101,7 +101,8 @@ private:
     RetainPtr<CFURLRef> m_httpsURL; // ws(s): replaced with https:
     SessionID m_sessionID;
     String m_credentialPartition;
-    
+    SourceApplicationAuditToken m_auditData;
+
     StreamBuffer<char, 1024 * 1024> m_buffer;
     static const unsigned maxBufferSize = 100 * 1024 * 1024;
 };
index b593e41..ed4109a 100644 (file)
@@ -54,6 +54,7 @@
 #endif
 
 #if PLATFORM(IOS) || PLATFORM(MAC)
+extern "C" const CFStringRef kCFStreamPropertySourceApplication;
 extern "C" const CFStringRef _kCFStreamSocketSetNoDelay;
 #endif
 
@@ -63,13 +64,14 @@ extern "C" const CFStringRef _kCFStreamSocketSetNoDelay;
 
 namespace WebCore {
 
-SocketStreamHandleImpl::SocketStreamHandleImpl(const URL& url, SocketStreamHandleClient& client, SessionID sessionID, const String& credentialPartition)
+SocketStreamHandleImpl::SocketStreamHandleImpl(const URL& url, SocketStreamHandleClient& client, SessionID sessionID, const String& credentialPartition, SourceApplicationAuditToken&& auditData)
     : SocketStreamHandle(url, client)
     , m_connectingSubstate(New)
     , m_connectionType(Unknown)
     , m_sentStoredCredentials(false)
     , m_sessionID(sessionID)
     , m_credentialPartition(credentialPartition)
+    , m_auditData(WTFMove(auditData))
 {
     LOG(Network, "SocketStreamHandle %p new client %p", this, &m_client);
 
@@ -313,9 +315,14 @@ void SocketStreamHandleImpl::createStreams()
     CFReadStreamRef readStream = 0;
     CFWriteStreamRef writeStream = 0;
     CFStreamCreatePairWithSocketToHost(0, host.get(), port(), &readStream, &writeStream);
-#if PLATFORM(IOS) || PLATFORM(MAC)
+#if PLATFORM(COCOA)
     // <rdar://problem/12855587> _kCFStreamSocketSetNoDelay is not exported on Windows
     CFWriteStreamSetProperty(writeStream, _kCFStreamSocketSetNoDelay, kCFBooleanTrue);
+    if (m_auditData.sourceApplicationAuditData && m_auditData.sourceApplicationAuditData.get()) {
+        CFReadStreamSetProperty(readStream, kCFStreamPropertySourceApplication, m_auditData.sourceApplicationAuditData.get());
+        CFWriteStreamSetProperty(writeStream, kCFStreamPropertySourceApplication, m_auditData.sourceApplicationAuditData.get());
+    }
+    
 #endif
 
     m_readStream = adoptCF(readStream);
index 5f9e095..7bd7b2d 100644 (file)
@@ -51,7 +51,7 @@ class SocketStreamHandleClient;
 
 class SocketStreamHandleImpl : public SocketStreamHandle {
 public:
-    static Ref<SocketStreamHandleImpl> create(const URL& url, SocketStreamHandleClient& client, SessionID, const String&) { return adoptRef(*new SocketStreamHandleImpl(url, client)); }
+    static Ref<SocketStreamHandleImpl> create(const URL& url, SocketStreamHandleClient& client, SessionID, const String&, SourceApplicationAuditToken&&) { return adoptRef(*new SocketStreamHandleImpl(url, client)); }
 
     virtual ~SocketStreamHandleImpl();
 
index 94b8765..c2ffca9 100644 (file)
@@ -49,7 +49,7 @@ class SocketStreamHandleClient;
 class SocketStreamHandleImpl final : public SocketStreamHandle {
 public:
     static Ref<SocketStreamHandleImpl> create(const URL&, SocketStreamHandleClient&, SessionID, const String&);
-    static Ref<SocketStreamHandle> create(GSocketConnection*, SocketStreamHandleClient&);
+    static Ref<SocketStreamHandle> create(GSocketConnection*, SocketStreamHandleClient&, SourceApplicationAuditToken&&);
 
     virtual ~SocketStreamHandleImpl();
 
index 7761662..5973201 100644 (file)
@@ -62,7 +62,7 @@ static void wssSocketClientEventCallback(GSocketClient*, GSocketClientEvent even
     g_signal_connect(connection, "accept-certificate", G_CALLBACK(wssConnectionAcceptCertificateCallback), nullptr);
 }
 
-Ref<SocketStreamHandleImpl> SocketStreamHandleImpl::create(const URL& url, SocketStreamHandleClient& client, SessionID, const String&)
+Ref<SocketStreamHandleImpl> SocketStreamHandleImpl::create(const URL& url, SocketStreamHandleClient& client, SessionID, const String&, SourceApplicationAuditToken&&)
 {
     Ref<SocketStreamHandleImpl> socket = adoptRef(*new SocketStreamHandleImpl(url, client));
 
index f7e9eba..5a72d9f 100644 (file)
@@ -1,3 +1,22 @@
+2017-04-07  John Wilander  <wilander@apple.com>
+
+        WebSocket streams should have network usage attributed to correct process
+        https://bugs.webkit.org/show_bug.cgi?id=170322
+        <rdar://problem/26413551>
+
+        Reviewed by Alex Christensen.
+
+        Changes here are due to the added WebCore::SourceApplicationAuditToken parameter
+        in WebCore::SocketStreamHandleImpl::create().
+        WebKit::NetworkSocketStream takes it and passes it on.
+
+        * NetworkProcess/NetworkConnectionToWebProcess.cpp:
+        (WebKit::NetworkConnectionToWebProcess::createSocketStream):
+        * NetworkProcess/NetworkSocketStream.cpp:
+        (WebKit::NetworkSocketStream::create):
+        (WebKit::NetworkSocketStream::NetworkSocketStream):
+        * NetworkProcess/NetworkSocketStream.h:
+
 2017-04-07  Michael Catanzaro  <mcatanzaro@igalia.com>
 
         Unreviewed, fix missing return value warning
index 5d0d9b3..7d3d729 100644 (file)
@@ -175,7 +175,11 @@ void NetworkConnectionToWebProcess::didReceiveInvalidMessage(IPC::Connection&, I
 void NetworkConnectionToWebProcess::createSocketStream(URL&& url, SessionID sessionID, String cachePartition, uint64_t identifier)
 {
     ASSERT(!m_networkSocketStreams.contains(identifier));
-    m_networkSocketStreams.set(identifier, NetworkSocketStream::create(WTFMove(url), sessionID, cachePartition, identifier, m_connection));
+    WebCore::SourceApplicationAuditToken token = { };
+#if PLATFORM(COCOA)
+    token = { NetworkProcess::singleton().sourceApplicationAuditData() };
+#endif
+    m_networkSocketStreams.set(identifier, NetworkSocketStream::create(WTFMove(url), sessionID, cachePartition, identifier, m_connection, WTFMove(token)));
 }
 
 void NetworkConnectionToWebProcess::destroySocketStream(uint64_t identifier)
index 258b8e1..bdede90 100644 (file)
@@ -35,13 +35,13 @@ using namespace WebCore;
 
 namespace WebKit {
 
-Ref<NetworkSocketStream> NetworkSocketStream::create(WebCore::URL&& url, WebCore::SessionID sessionID, const String& credentialPartition, uint64_t identifier, IPC::Connection& connection)
+Ref<NetworkSocketStream> NetworkSocketStream::create(WebCore::URL&& url, WebCore::SessionID sessionID, const String& credentialPartition, uint64_t identifier, IPC::Connection& connection, SourceApplicationAuditToken&& auditData)
 {
-    return adoptRef(*new NetworkSocketStream(WTFMove(url), sessionID, credentialPartition, identifier, connection));
+    return adoptRef(*new NetworkSocketStream(WTFMove(url), sessionID, credentialPartition, identifier, connection, WTFMove(auditData)));
 }
 
-NetworkSocketStream::NetworkSocketStream(URL&& url, SessionID sessionID, const String& credentialPartition, uint64_t identifier, IPC::Connection& connection)
-    : m_impl(SocketStreamHandleImpl::create(url, *this, sessionID, credentialPartition))
+NetworkSocketStream::NetworkSocketStream(URL&& url, SessionID sessionID, const String& credentialPartition, uint64_t identifier, IPC::Connection& connection, SourceApplicationAuditToken&& auditData)
+    : m_impl(SocketStreamHandleImpl::create(url, *this, sessionID, credentialPartition, WTFMove(auditData)))
     , m_identifier(identifier)
     , m_connection(connection)
 {
index 202f43f..1cdfa7b 100644 (file)
@@ -46,7 +46,7 @@ namespace WebKit {
 
 class NetworkSocketStream : public RefCounted<NetworkSocketStream>, public IPC::MessageSender, public IPC::MessageReceiver, public WebCore::SocketStreamHandleClient {
 public:
-    static Ref<NetworkSocketStream> create(WebCore::URL&&, WebCore::SessionID, const String& credentialPartition, uint64_t, IPC::Connection&);
+    static Ref<NetworkSocketStream> create(WebCore::URL&&, WebCore::SessionID, const String& credentialPartition, uint64_t, IPC::Connection&, WebCore::SourceApplicationAuditToken&&);
     ~NetworkSocketStream();
 
     void didReceiveMessage(IPC::Connection&, IPC::Decoder&);
@@ -66,7 +66,7 @@ private:
     IPC::Connection* messageSenderConnection() final;
     uint64_t messageSenderDestinationID() final;
 
-    NetworkSocketStream(WebCore::URL&&, WebCore::SessionID, const String& credentialPartition, uint64_t, IPC::Connection&);
+    NetworkSocketStream(WebCore::URL&&, WebCore::SessionID, const String& credentialPartition, uint64_t, IPC::Connection&, WebCore::SourceApplicationAuditToken&&);
     Ref<WebCore::SocketStreamHandleImpl> m_impl;
     uint64_t m_identifier;
     IPC::Connection& m_connection;