Dynamically generate media-related mach connections when not using the GPU Process
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 15 Feb 2020 01:20:19 +0000 (01:20 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 15 Feb 2020 01:20:19 +0000 (01:20 +0000)
https://bugs.webkit.org/show_bug.cgi?id=207743
<rdar://problem/59449750>

Reviewed by Per Arne Vollan.

Stop using permanent sandbox permissions to connect to media-related XPC services. Instead,
create them dynamically in the UIProcess and vend them to the relevant WebContent process
as needed. If all media features are active in the GPU process, do not emit extensions since
they should not be needed in the WebContent process at that point.

Tested by existing media and GPU process tests.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Remove permanet rules in
preference for dynamic extensions.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const): Serialize new service connections.
(WebKit::WebProcessCreationParameters::decode): Ditto.
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::mediaRelatedMachServices): Helper function listing needed services.
(WebKit::WebProcessPool::platformInitializeWebProcess): Create service connections when
needed.
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess): Consume media-related connections
when needed.
* WebProcess/com.apple.WebProcess.sb.in: Remove permanet rules in preference for
dynamic extensions.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@256660 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
Source/WebKit/Shared/WebProcessCreationParameters.cpp
Source/WebKit/Shared/WebProcessCreationParameters.h
Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm
Source/WebKit/WebProcess/com.apple.WebProcess.sb.in

index ec13aff..038bf14 100644 (file)
@@ -1,3 +1,34 @@
+2020-02-14  Brent Fulgham  <bfulgham@apple.com>
+
+        Dynamically generate media-related mach connections when not using the GPU Process
+        https://bugs.webkit.org/show_bug.cgi?id=207743
+        <rdar://problem/59449750>
+
+        Reviewed by Per Arne Vollan.
+
+        Stop using permanent sandbox permissions to connect to media-related XPC services. Instead,
+        create them dynamically in the UIProcess and vend them to the relevant WebContent process
+        as needed. If all media features are active in the GPU process, do not emit extensions since
+        they should not be needed in the WebContent process at that point.
+
+        Tested by existing media and GPU process tests.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Remove permanet rules in
+        preference for dynamic extensions.
+        * Shared/WebProcessCreationParameters.cpp:
+        (WebKit::WebProcessCreationParameters::encode const): Serialize new service connections.
+        (WebKit::WebProcessCreationParameters::decode): Ditto.
+        * Shared/WebProcessCreationParameters.h:
+        * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+        (WebKit::mediaRelatedMachServices): Helper function listing needed services.
+        (WebKit::WebProcessPool::platformInitializeWebProcess): Create service connections when
+        needed.
+        * WebProcess/cocoa/WebProcessCocoa.mm:
+        (WebKit::WebProcess::platformInitializeWebProcess): Consume media-related connections
+        when needed.
+        * WebProcess/com.apple.WebProcess.sb.in: Remove permanet rules in preference for
+        dynamic extensions.
+
 2020-02-14  Youenn Fablet  <youenn@apple.com>
 
         Introduce MediaStreamPrivate::forEachTrack
index 71ea932..389fad8 100644 (file)
@@ -1,4 +1,4 @@
-; Copyright (C) 2010-2019 Apple Inc. All rights reserved.
+; Copyright (C) 2010-2020 Apple Inc. All rights reserved.
 ;
 ; Redistribution and use in source and binary forms, with or without
 ; modification, are permitted provided that the following conditions
                (global-name "com.apple.mobileassetd" "com.apple.mobileassetd.v2"))
         (mobile-preferences-read "com.apple.MobileAsset")))
 
-(define-once (play-audio)
-    (allow mach-lookup
-           (global-name "com.apple.audio.AURemoteIOServer"))
-    (allow mach-lookup (with report) (with telemetry)
-           (xpc-service-name "com.apple.audio.toolbox.reporting.service")))
-
 (define-once (play-media . filters)
     (if (not (null? filters))
         ;; <rdar://problem/9875794>
             (extension-class "com.apple.mediaserverd.read-write")
             (extension "com.apple.security.exception.files.absolute-path.read-write"
                        "com.apple.security.exception.files.home-relative-path.read-write")))
-    ;; CoreMedia framework.
-    (allow mach-lookup
-           (global-name "com.apple.coremedia.admin")
-           (global-name "com.apple.coremedia.asset.xpc")
-           (global-name "com.apple.coremedia.assetimagegenerator.xpc")
-           (global-name "com.apple.coremedia.audiodeviceclock.xpc") ; Needed for CMTimeBase
-           (global-name "com.apple.coremedia.audioprocessingtap.xpc")
-           (global-name "com.apple.coremedia.capturesession")      ; Actually for video capture
-           (global-name "com.apple.coremedia.capturesource")       ; Also for video capture (<rdar://problem/15794291>).
-           (global-name "com.apple.coremedia.cpe.xpc") ; Needed for HDR playback.
-           (global-name "com.apple.coremedia.customurlloader.xpc") ; Needed for custom media loading
-           (global-name "com.apple.coremedia.formatreader.xpc")
-           (global-name "com.apple.coremedia.player.xpc")
-           (global-name "com.apple.coremedia.remaker")
-           (global-name "com.apple.coremedia.remotequeue")
-           (global-name "com.apple.coremedia.routediscoverer.xpc")
-           (global-name "com.apple.coremedia.routingcontext.xpc")
-           (global-name "com.apple.coremedia.samplebufferaudiorenderer.xpc")
-           (global-name "com.apple.coremedia.samplebufferrendersynchronizer.xpc")
-           (global-name "com.apple.coremedia.sandboxserver.xpc")
-           (global-name "com.apple.coremedia.systemcontroller.xpc")
-           (global-name "com.apple.coremedia.volumecontroller.xpc"))
-
-    (allow mach-lookup (with report) (with telemetry)
-        (global-name "com.apple.coremedia.cpeprotector.xpc")
-        (global-name "com.apple.coremedia.endpoint.xpc")
-        (global-name "com.apple.coremedia.figcontentkeysession.xpc")
-        (global-name "com.apple.coremedia.figcpecryptor")
-        (global-name "com.apple.coremedia.routingsessionmanager.xpc")
-        (global-name "com.apple.coremedia.sts"))
 
     (mobile-preferences-read
         "com.apple.avfoundation"
     (allow file-read*
         (literal "/private/var/preferences/com.apple.networkd.plist"))
 
-    ;; Required by the MediaPlayer framework.
-    (allow mach-lookup
-        (global-name "com.apple.audio.AudioSession"))
-
-    (allow mach-lookup (with report) (with telemetry)
-        (global-name "com.apple.airplay.apsynccontroller.xpc"))
-
     ;; Allow mediaserverd to issue file extensions for the purposes of reading media
     (allow file-issue-extension (require-all
         (extension "com.apple.app-sandbox.read")
     (mobile-preferences-read
         "com.apple.mediaremote"
         "com.apple.mobileipod")
-    (allow mach-lookup
-           (global-name "com.apple.mediaremoted.xpc"))
-    (allow mach-lookup (with report) (with telemetry)
-        (xpc-service-name "com.apple.MediaPlayer.RemotePlayerService"))
 )
 
 (define-once (media-capture-support)
         (allow file-read* (subpath "/Library/CoreMediaIO/Plug-Ins/DAL"))
         (allow mach-lookup (extension "com.apple.app-sandbox.mach"))
         (allow device-camera))
-
-    ;; Support incoming video connections
-    (allow mach-lookup
-        (global-name "com.apple.coremedia.compressionsession")
-        (global-name "com.apple.coremedia.decompressionsession")
-        (global-name "com.apple.coremedia.videoqueue"))
 )
 
 (define-once (accessibility-support)
 )
 
 (define-once (media-accessibility-support)
-    ;; <rdar://problem/12801477>
-    (allow mach-lookup
-        (global-name "com.apple.accessibility.mediaaccessibilityd"))
-
     ;; <rdar://problem/12250145>
     (mobile-preferences-read "com.apple.mediaaccessibility")
     (mobile-preferences-read-write "com.apple.mediaaccessibility.public")
 ;;;
 
 ;; Any app can play audio & movies.
-(play-audio)
 (play-media)
 
 ;; Access to media controls
 
 (speech-synthesis-and-voiceover)
 
-(allow mach-lookup (with report) (with telemetry)
-    (global-name "com.apple.audio.AudioComponentRegistrar"))
-
 ;; Permit reading assets via MobileAsset framework.
 (asset-access 'with-media-playback)
 
 (allow mach-lookup
     (require-all
         (extension "com.apple.webkit.extension.mach")
-        (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open" "com.apple.mobileassetd" "com.apple.mobileassetd.v2" "com.apple.frontboard.systemappservices" "com.apple.iconservices")))
+        (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open" "com.apple.mobileassetd" "com.apple.mobileassetd.v2" "com.apple.frontboard.systemappservices" "com.apple.iconservices"
+
+            ;;; FIXME(207716): The following should be removed when the GPU process is complete
+            "com.apple.airplay.apsynccontroller.xpc" "com.apple.audio.AURemoteIOServer" "com.apple.audio.AudioComponentRegistrar"
+            "com.apple.audio.AudioComponentRegistrar" "com.apple.audio.AudioSession" "com.apple.coremedia.admin" "com.apple.coremedia.asset.xpc"
+            "com.apple.coremedia.assetimagegenerator.xpc" "com.apple.coremedia.audiodeviceclock.xpc" "com.apple.coremedia.audioprocessingtap.xpc"
+            "com.apple.coremedia.capturesession" "com.apple.coremedia.capturesource" "com.apple.coremedia.compressionsession" "com.apple.coremedia.cpe.xpc"
+            "com.apple.coremedia.cpeprotector.xpc" "com.apple.coremedia.customurlloader.xpc" "com.apple.coremedia.decompressionsession"
+            "com.apple.coremedia.endpoint.xpc" "com.apple.coremedia.figcontentkeysession.xpc" "com.apple.coremedia.figcpecryptor"
+            "com.apple.coremedia.formatreader.xpc" "com.apple.coremedia.player.xpc" "com.apple.coremedia.remaker" "com.apple.coremedia.remotequeue"
+            "com.apple.coremedia.routediscoverer.xpc" "com.apple.coremedia.routingcontext.xpc" "com.apple.coremedia.routingsessionmanager.xpc"
+            "com.apple.coremedia.samplebufferaudiorenderer.xpc" "com.apple.coremedia.samplebufferrendersynchronizer.xpc" "com.apple.coremedia.sandboxserver.xpc"
+            "com.apple.coremedia.sts" "com.apple.coremedia.systemcontroller.xpc" "com.apple.coremedia.videoqueue" "com.apple.coremedia.volumecontroller.xpc"
+            "com.apple.mediaremoted.xpc"
+            ;;; FIXME(207716): End services to remove.
+)))
+
+(allow mach-lookup
+    (require-all
+        (extension "com.apple.webkit.extension.mach")
+        (xpc-service-name
+            ;;; FIXME(207716): The following should be removed when the GPU process is complete
+            "com.apple.MediaPlayer.RemotePlayerService"
+            "com.apple.accessibility.mediaaccessibilityd"
+            "com.apple.audio.toolbox.reporting.service"
+            ;;; FIXME(207716): End services to remove.
+        )
+    )
+)
 
 (allow mach-lookup
     (require-all
index be07eed..d4c46c1 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -176,6 +176,11 @@ void WebProcessCreationParameters::encode(IPC::Encoder& encoder) const
     encoder << cssValueToSystemColorMap;
     encoder << focusRingColor;
 #endif
+
+#if PLATFORM(COCOA)
+    // FIXME(207716): The following should be removed when the GPU process is complete.
+    encoder << mediaExtensionHandles;
+#endif
 }
 
 bool WebProcessCreationParameters::decode(IPC::Decoder& decoder, WebProcessCreationParameters& parameters)
@@ -471,6 +476,16 @@ bool WebProcessCreationParameters::decode(IPC::Decoder& decoder, WebProcessCreat
     parameters.focusRingColor = WTFMove(*focusRingColor);
 #endif
 
+#if PLATFORM(COCOA)
+    // FIXME(207716): The following should be removed when the GPU process is complete.
+    Optional<SandboxExtension::HandleArray> mediaExtensionHandles;
+    decoder >> mediaExtensionHandles;
+    if (!mediaExtensionHandles)
+        return false;
+    parameters.mediaExtensionHandles = WTFMove(*mediaExtensionHandles);
+    // FIXME(207716): End region to remove.
+#endif
+
     return true;
 }
 
index c23a0a7..6fe7d29 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -218,6 +218,10 @@ struct WebProcessCreationParameters {
     WebCore::RenderThemeIOS::CSSValueToSystemColorMap cssValueToSystemColorMap;
     WebCore::Color focusRingColor;
 #endif
+
+#if PLATFORM(COCOA)
+    SandboxExtension::HandleArray mediaExtensionHandles; // FIXME(207716): Remove when GPU process is complete.
+#endif
 };
 
 } // namespace WebKit
index 2e0df76..143013f 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2019 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -216,6 +216,41 @@ static bool isInternalInstall()
 }
 #endif
 
+// FIXME(207716): The following should be removed when the GPU process is complete.
+static const Vector<String>& mediaRelatedMachServices()
+{
+    ASSERT(isMainThread());
+    static const auto services = makeNeverDestroyed(Vector<String> {
+        "com.apple.audio.AudioComponentRegistrar", "com.apple.coremedia.endpoint.xpc",
+        "com.apple.coremedia.routediscoverer.xpc", "com.apple.coremedia.routingcontext.xpc",
+        "com.apple.coremedia.volumecontroller.xpc", "com.apple.accessibility.mediaaccessibilityd",
+        "com.apple.mediaremoted.xpc",
+#if PLATFORM(IOS_FAMILY)
+        "com.apple.audio.AudioSession", "com.apple.MediaPlayer.RemotePlayerService",
+        "com.apple.audio.toolbox.reporting.service", "com.apple.coremedia.admin",
+        "com.apple.coremedia.asset.xpc", "com.apple.coremedia.assetimagegenerator.xpc",
+        "com.apple.coremedia.audiodeviceclock.xpc", "com.apple.coremedia.audioprocessingtap.xpc",
+        "com.apple.coremedia.capturesession", "com.apple.coremedia.capturesource",
+        "com.apple.coremedia.compressionsession", "com.apple.coremedia.cpe.xpc",
+        "com.apple.coremedia.cpeprotector.xpc", "com.apple.coremedia.customurlloader.xpc",
+        "com.apple.coremedia.decompressionsession", "com.apple.coremedia.figcontentkeysession.xpc",
+        "com.apple.coremedia.figcpecryptor", "com.apple.coremedia.formatreader.xpc",
+        "com.apple.coremedia.player.xpc", "com.apple.coremedia.remaker",
+        "com.apple.coremedia.remotequeue", "com.apple.coremedia.routingsessionmanager.xpc",
+        "com.apple.coremedia.samplebufferaudiorenderer.xpc", "com.apple.coremedia.samplebufferrendersynchronizer.xpc",
+        "com.apple.coremedia.sandboxserver.xpc", "com.apple.coremedia.sts",
+        "com.apple.coremedia.systemcontroller.xpc", "com.apple.coremedia.videoqueue",
+        "com.apple.airplay.apsynccontroller.xpc", "com.apple.audio.AURemoteIOServer"
+#endif
+#if PLATFORM(MAC)
+        "com.apple.coremedia.endpointstream.xpc", "com.apple.coremedia.endpointplaybacksession.xpc",
+        "com.apple.coremedia.endpointremotecontrolsession.xpc", "com.apple.coremedia.videodecoder",
+        "com.apple.coremedia.videoencoder"
+#endif
+    });
+    return services;
+}
+
 void WebProcessPool::platformInitializeWebProcess(const WebProcessProxy& process, WebProcessCreationParameters& parameters)
 {
     parameters.mediaMIMETypes = process.mediaMIMETypes();
@@ -336,15 +371,16 @@ void WebProcessPool::platformInitializeWebProcess(const WebProcessProxy& process
     
 #if PLATFORM(COCOA)
     if ([getNEFilterSourceClass() filterRequired]) {
-        SandboxExtension::Handle handle;
-        SandboxExtension::createHandleForMachLookup("com.apple.nehelper", WTF::nullopt, handle);
-        parameters.neHelperExtensionHandle = WTFMove(handle);
+        SandboxExtension::Handle helperHandle;
+        SandboxExtension::createHandleForMachLookup("com.apple.nehelper", WTF::nullopt, helperHandle);
+        parameters.neHelperExtensionHandle = WTFMove(helperHandle);
+        SandboxExtension::Handle managerHandle;
 #if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED < 101500
-        SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager", WTF::nullopt, handle);
+        SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager", WTF::nullopt, managerHandle);
 #else
-        SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager.content-filter", WTF::nullopt, handle);
+        SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager.content-filter", WTF::nullopt, managerHandle);
 #endif
-        parameters.neSessionManagerExtensionHandle = WTFMove(handle);
+        parameters.neSessionManagerExtensionHandle = WTFMove(managerHandle);
     }
     parameters.systemHasBattery = systemHasBattery();
 #endif
@@ -364,6 +400,20 @@ void WebProcessPool::platformInitializeWebProcess(const WebProcessProxy& process
     parameters.cssValueToSystemColorMap = RenderThemeIOS::cssValueToSystemColorMap();
     parameters.focusRingColor = RenderTheme::singleton().focusRingColor(OptionSet<StyleColor::Options>());
 #endif
+
+    
+    // Allow microphone access if either preference is set because WebRTC requires microphone access.
+    bool needWebProcessExtensions = !m_defaultPageGroup->preferences().useGPUProcessForMedia()
+        || !m_defaultPageGroup->preferences().captureAudioInGPUProcessEnabled()
+        || !m_defaultPageGroup->preferences().captureVideoInGPUProcessEnabled();
+
+    if (needWebProcessExtensions) {
+        // FIXME(207716): The following should be removed when the GPU process is complete.
+        const auto& services = mediaRelatedMachServices();
+        parameters.mediaExtensionHandles.allocate(services.size());
+        for (size_t i = 0, size = services.size(); i < size; ++i)
+            SandboxExtension::createHandleForMachLookup(services[i], WTF::nullopt, parameters.mediaExtensionHandles[i]);
+    }
 }
 
 void WebProcessPool::platformInitializeNetworkProcess(NetworkProcessCreationParameters& parameters)
index 01028ee..1b8325b 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2018 Apple Inc. All rights reserved.
+ * Copyright (C) 2010-2020 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -272,6 +272,12 @@ void WebProcess::platformInitializeWebProcess(WebProcessCreationParameters& para
     RenderThemeIOS::setCSSValueToSystemColorMap(WTFMove(parameters.cssValueToSystemColorMap));
     RenderThemeIOS::setFocusRingColor(parameters.focusRingColor);
 #endif
+
+#if PLATFORM(COCOA)
+    // FIXME(207716): The following should be removed when the GPU process is complete.
+    for (size_t i = 0, size = parameters.mediaExtensionHandles.size(); i < size; ++i)
+        SandboxExtension::consumePermanently(parameters.mediaExtensionHandles[i]);
+#endif
 }
 
 void WebProcess::platformSetWebsiteDataStoreParameters(WebProcessDataStoreParameters&& parameters)
index d264969..9807d66 100644 (file)
 (deny mach-lookup (xpc-service-name-prefix ""))
 (allow mach-lookup
     (xpc-service-name "com.apple.PerformanceAnalysis.animationperfd")
-    (xpc-service-name "com.apple.accessibility.mediaaccessibilityd")
     (xpc-service-name "com.apple.audio.SandboxHelper")
-    (xpc-service-name "com.apple.coremedia.videodecoder")
-    (xpc-service-name "com.apple.coremedia.videoencoder")
     (xpc-service-name "com.apple.hiservices-xpcservice")
     (xpc-service-name "com.apple.print.normalizerd")
 )
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500
     (with report) (with telemetry)
 #endif
-    (global-name "com.apple.audio.AudioComponentRegistrar")
     (global-name "com.apple.awdd")
     (global-name "com.apple.cookied")
     (global-name "com.apple.diagnosticd")
        (global-name "com.apple.audio.SystemSoundServer-OSX")
        (global-name "com.apple.audio.audiohald")
        (global-name "com.apple.fonts")
-       (global-name "com.apple.mediaremoted.xpc")
        (global-name "com.apple.logd")
        (global-name "com.apple.logd.events")
        (global-name "com.apple.lskdd") ;; <rdar://problem/49123855>
        (home-subpath "/Library/Input Methods"))
 #endif
 
-;; AirPlay
-(allow mach-lookup
-    (global-name "com.apple.coremedia.endpoint.xpc")
-    (global-name "com.apple.coremedia.endpointstream.xpc")
-    (global-name "com.apple.coremedia.endpointplaybacksession.xpc")
-    ; <rdar://problem/35509194>
-    (global-name "com.apple.coremedia.endpointremotecontrolsession.xpc")
-    (global-name "com.apple.coremedia.routediscoverer.xpc")
-    (global-name "com.apple.coremedia.routingcontext.xpc")
-    (global-name "com.apple.coremedia.volumecontroller.xpc")
-)
-
 ;; Data Detectors
 (allow file-read* (subpath "/private/var/db/datadetectors/sys"))
 
 #else
             "com.apple.nesessionmanager"
 #endif
+
+            ;;; FIXME(207716): The following should be removed when the GPU process is complete
+            "com.apple.audio.AudioComponentRegistrar" "com.apple.coremedia.endpoint.xpc" "com.apple.coremedia.endpointstream.xpc"
+            "com.apple.coremedia.endpointplaybacksession.xpc" "com.apple.coremedia.endpointremotecontrolsession.xpc" "com.apple.coremedia.routediscoverer.xpc"
+            "com.apple.coremedia.routingcontext.xpc" "com.apple.coremedia.volumecontroller.xpc" "com.apple.mediaremoted.xpc"
+            ;;; FIXME(207716): End services to remove.
+        )
+    )
+)
+
+(allow mach-lookup
+    (require-all
+        (extension "com.apple.webkit.extension.mach")
+        (xpc-service-name
+            ;;; FIXME(207716): The following should be removed when the GPU process is complete
+            "com.apple.accessibility.mediaaccessibilityd" "com.apple.coremedia.videodecoder" "com.apple.coremedia.videoencoder"
+            ;;; FIXME(207716): End services to remove.
         )
     )
 )