Enable library validation on the Web Content service
[WebKit-https.git] / Source / WebKit / UIProcess / Launcher / mac / ProcessLauncherMac.mm
1 /*
2  * Copyright (C) 2010-2016 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #import "config.h"
27 #import "ProcessLauncher.h"
28
29 #import <crt_externs.h>
30 #import <mach-o/dyld.h>
31 #import <mach/machine.h>
32 #import <pal/spi/cocoa/ServersSPI.h>
33 #import <spawn.h>
34 #import <sys/param.h>
35 #import <sys/stat.h>
36 #import <wtf/RunLoop.h>
37 #import <wtf/SoftLinking.h>
38 #import <wtf/Threading.h>
39 #import <wtf/spi/cf/CFBundleSPI.h>
40 #import <wtf/spi/darwin/XPCSPI.h>
41 #import <wtf/text/CString.h>
42 #import <wtf/text/WTFString.h>
43
44 #if PLATFORM(MAC)
45 #import "CodeSigning.h"
46 #endif
47
48 namespace WebKit {
49
50 static const char* serviceName(const ProcessLauncher::LaunchOptions& launchOptions)
51 {
52     switch (launchOptions.processType) {
53     case ProcessLauncher::ProcessType::Web:
54         return launchOptions.nonValidInjectedCodeAllowed ? "com.apple.WebKit.WebContent.Development" : "com.apple.WebKit.WebContent";
55     case ProcessLauncher::ProcessType::Network:
56         return "com.apple.WebKit.Networking";
57     case ProcessLauncher::ProcessType::Storage:
58 #if PLATFORM(IOS) && !PLATFORM(WATCHOS) && !PLATFORM(APPLETV) && !PLATFORM(IOS_SIMULATOR) && __IPHONE_OS_VERSION_MIN_REQUIRED < 110300
59         return "com.apple.WebKit.Databases";
60 #else
61         return "com.apple.WebKit.Storage";
62 #endif
63 #if ENABLE(NETSCAPE_PLUGIN_API)
64     case ProcessLauncher::ProcessType::Plugin32:
65         return "com.apple.WebKit.Plugin.32";
66     case ProcessLauncher::ProcessType::Plugin64:
67         return "com.apple.WebKit.Plugin.64";
68 #endif
69     }
70 }
71
72 static bool shouldLeakBoost(const ProcessLauncher::LaunchOptions& launchOptions)
73 {
74 #if PLATFORM(IOS)
75     // On iOS, leak a boost onto all child processes
76     UNUSED_PARAM(launchOptions);
77     return true;
78 #else
79 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400
80     // Boost the WebContent process if the NSApplication run loop is not used.
81     if (launchOptions.processType == ProcessLauncher::ProcessType::Web)
82         return true;
83 #endif
84     // On Mac, leak a boost onto the NetworkProcess.
85     return launchOptions.processType == ProcessLauncher::ProcessType::Network;
86 #endif
87 }
88
89 static NSString *systemDirectoryPath()
90 {
91     static NSString *path = [^{
92 #if PLATFORM(IOS_SIMULATOR)
93         char *simulatorRoot = getenv("SIMULATOR_ROOT");
94         return simulatorRoot ? [NSString stringWithFormat:@"%s/System/", simulatorRoot] : @"/System/";
95 #else
96         return @"/System/";
97 #endif
98     }() copy];
99
100     return path;
101 }
102
103 void ProcessLauncher::launchProcess()
104 {
105     ASSERT(!m_xpcConnection);
106
107     m_xpcConnection = adoptOSObject(xpc_connection_create(serviceName(m_launchOptions), dispatch_get_main_queue()));
108
109     uuid_t uuid;
110     uuid_generate(uuid);
111     xpc_connection_set_oneshot_instance(m_xpcConnection.get(), uuid);
112
113     // Inherit UI process localization. It can be different from child process default localization:
114     // 1. When the application and system frameworks simply have different localized resources available, we should match the application.
115     // 1.1. An important case is WebKitTestRunner, where we should use English localizations for all system frameworks.
116     // 2. When AppleLanguages is passed as command line argument for UI process, or set in its preferences, we should respect it in child processes.
117     auto initializationMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
118     _CFBundleSetupXPCBootstrap(initializationMessage.get());
119 #if PLATFORM(IOS)
120     // Clients that set these environment variables explicitly do not have the values automatically forwarded by libxpc.
121     auto containerEnvironmentVariables = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
122     if (const char* environmentHOME = getenv("HOME"))
123         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "HOME", environmentHOME);
124     if (const char* environmentCFFIXED_USER_HOME = getenv("CFFIXED_USER_HOME"))
125         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "CFFIXED_USER_HOME", environmentCFFIXED_USER_HOME);
126     if (const char* environmentTMPDIR = getenv("TMPDIR"))
127         xpc_dictionary_set_string(containerEnvironmentVariables.get(), "TMPDIR", environmentTMPDIR);
128     xpc_dictionary_set_value(initializationMessage.get(), "ContainerEnvironmentVariables", containerEnvironmentVariables.get());
129 #endif
130
131     auto languagesIterator = m_launchOptions.extraInitializationData.find("OverrideLanguages");
132     if (languagesIterator != m_launchOptions.extraInitializationData.end()) {
133         auto languages = adoptOSObject(xpc_array_create(nullptr, 0));
134         Vector<String> languageVector;
135         languagesIterator->value.split(",", false, languageVector);
136         for (auto& language : languageVector)
137             xpc_array_set_string(languages.get(), XPC_ARRAY_APPEND, language.utf8().data());
138         xpc_dictionary_set_value(initializationMessage.get(), "OverrideLanguages", languages.get());
139     }
140
141 #if PLATFORM(MAC)
142     xpc_dictionary_set_string(initializationMessage.get(), "WebKitBundleVersion", [[NSBundle bundleWithIdentifier:@"com.apple.WebKit"].infoDictionary[(__bridge NSString *)kCFBundleVersionKey] UTF8String]);
143 #endif
144     xpc_connection_set_bootstrap(m_xpcConnection.get(), initializationMessage.get());
145
146     if (shouldLeakBoost(m_launchOptions)) {
147         auto preBootstrapMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
148         xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap");
149         xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get());
150     }
151     
152     // Create the listening port.
153     mach_port_t listeningPort;
154     mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort);
155     
156     // Insert a send right so we can send to it.
157     mach_port_insert_right(mach_task_self(), listeningPort, listeningPort, MACH_MSG_TYPE_MAKE_SEND);
158
159     mach_port_t previousNotificationPort;
160     mach_port_request_notification(mach_task_self(), listeningPort, MACH_NOTIFY_NO_SENDERS, 0, listeningPort, MACH_MSG_TYPE_MAKE_SEND_ONCE, &previousNotificationPort);
161     ASSERT(!previousNotificationPort);
162
163     String clientIdentifier;
164 #if PLATFORM(MAC)
165     clientIdentifier = codeSigningIdentifierForCurrentProcess();
166 #endif
167     if (clientIdentifier.isNull())
168         clientIdentifier = [[NSBundle mainBundle] bundleIdentifier];
169
170     // FIXME: Switch to xpc_connection_set_bootstrap once it's available everywhere we need.
171     auto bootstrapMessage = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
172     xpc_dictionary_set_string(bootstrapMessage.get(), "message-name", "bootstrap");
173
174     xpc_dictionary_set_mach_send(bootstrapMessage.get(), "server-port", listeningPort);
175     mach_port_deallocate(mach_task_self(), listeningPort);
176
177     xpc_dictionary_set_string(bootstrapMessage.get(), "client-identifier", !clientIdentifier.isEmpty() ? clientIdentifier.utf8().data() : *_NSGetProgname());
178     xpc_dictionary_set_string(bootstrapMessage.get(), "process-identifier", String::number(m_launchOptions.processIdentifier.toUInt64()).utf8().data());
179     xpc_dictionary_set_string(bootstrapMessage.get(), "ui-process-name", [[[NSProcessInfo processInfo] processName] UTF8String]);
180
181     bool isWebKitDevelopmentBuild = ![[[[NSBundle bundleWithIdentifier:@"com.apple.WebKit"] bundlePath] stringByDeletingLastPathComponent] hasPrefix:systemDirectoryPath()];
182     if (isWebKitDevelopmentBuild) {
183         xpc_dictionary_set_fd(bootstrapMessage.get(), "stdout", STDOUT_FILENO);
184         xpc_dictionary_set_fd(bootstrapMessage.get(), "stderr", STDERR_FILENO);
185     }
186
187     auto extraInitializationData = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0));
188
189     for (const auto& keyValuePair : m_launchOptions.extraInitializationData)
190         xpc_dictionary_set_string(extraInitializationData.get(), keyValuePair.key.utf8().data(), keyValuePair.value.utf8().data());
191
192     xpc_dictionary_set_value(bootstrapMessage.get(), "extra-initialization-data", extraInitializationData.get());
193
194     auto weakProcessLauncher = m_weakPtrFactory.createWeakPtr(*this);
195     xpc_connection_set_event_handler(m_xpcConnection.get(), [weakProcessLauncher, listeningPort](xpc_object_t event) {
196         ASSERT(xpc_get_type(event) == XPC_TYPE_ERROR);
197
198         auto processLauncher = weakProcessLauncher.get();
199         if (!processLauncher)
200             return;
201
202         if (!processLauncher->isLaunching())
203             return;
204
205         // We failed to launch. Release the send right.
206         mach_port_deallocate(mach_task_self(), listeningPort);
207
208         // And the receive right.
209         mach_port_mod_refs(mach_task_self(), listeningPort, MACH_PORT_RIGHT_RECEIVE, -1);
210
211         if (processLauncher->m_xpcConnection)
212             xpc_connection_cancel(processLauncher->m_xpcConnection.get());
213         processLauncher->m_xpcConnection = nullptr;
214
215         processLauncher->didFinishLaunchingProcess(0, IPC::Connection::Identifier());
216     });
217
218     xpc_connection_resume(m_xpcConnection.get());
219
220     ref();
221     xpc_connection_send_message_with_reply(m_xpcConnection.get(), bootstrapMessage.get(), dispatch_get_main_queue(), ^(xpc_object_t reply) {
222         // Errors are handled in the event handler.
223         if (xpc_get_type(reply) != XPC_TYPE_ERROR) {
224             ASSERT(xpc_get_type(reply) == XPC_TYPE_DICTIONARY);
225             ASSERT(!strcmp(xpc_dictionary_get_string(reply, "message-name"), "process-finished-launching"));
226
227             if (!m_xpcConnection) {
228                 // The process was terminated.
229                 didFinishLaunchingProcess(0, IPC::Connection::Identifier());
230                 return;
231             }
232
233             // The process has finished launching, grab the pid from the connection.
234             pid_t processIdentifier = xpc_connection_get_pid(m_xpcConnection.get());
235
236             didFinishLaunchingProcess(processIdentifier, IPC::Connection::Identifier(listeningPort, m_xpcConnection));
237             m_xpcConnection = nullptr;
238         }
239
240         deref();
241     });
242 }
243
244 void ProcessLauncher::terminateProcess()
245 {
246     if (m_isLaunching) {
247         invalidate();
248         return;
249     }
250
251     if (!m_processIdentifier)
252         return;
253     
254     kill(m_processIdentifier, SIGKILL);
255     m_processIdentifier = 0;
256 }
257     
258 void ProcessLauncher::platformInvalidate()
259 {
260     if (!m_xpcConnection)
261         return;
262
263     xpc_connection_cancel(m_xpcConnection.get());
264     xpc_connection_kill(m_xpcConnection.get(), SIGKILL);
265     m_xpcConnection = nullptr;
266 }
267
268 } // namespace WebKit