From 2c101c9eb63eaaa95c9e37a898f60a110f46f4bf Mon Sep 17 00:00:00 2001
From: "cdumez@apple.com"
 <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Thu, 21 May 2015 03:06:53 +0000
Subject: [PATCH] [WK2][iOS] Update WebContent process sandbox profile for AWD
 logging https://bugs.webkit.org/show_bug.cgi?id=145229
 <rdar://problem/20543269>

Reviewed by Alexey Proskuryakov.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:


git-svn-id: https://svn.webkit.org/repository/webkit/trunk@184693 268f45cc-cd09-0410-ab3c-d52691b4dbfc
---
 Source/WebKit2/ChangeLog                               | 10 ++++++++++
 .../SandboxProfiles/ios/com.apple.WebKit.WebContent.sb |  8 ++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/Source/WebKit2/ChangeLog b/Source/WebKit2/ChangeLog
index 62c8fc22fa12..d39adc9783b3 100644
--- a/Source/WebKit2/ChangeLog
+++ b/Source/WebKit2/ChangeLog
@@ -1,3 +1,13 @@
+2015-05-20  Chris Dumez  <cdumez@apple.com>
+
+        [WK2][iOS] Update WebContent process sandbox profile for AWD logging
+        https://bugs.webkit.org/show_bug.cgi?id=145229
+        <rdar://problem/20543269>
+
+        Reviewed by Alexey Proskuryakov.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
 2015-05-20  Gavin Barraclough  <barraclough@apple.com>
 
         dispatchViewStateChange should not wait for sync reply if the page isn't visible
diff --git a/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb b/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
index fe9c4d223596..0fb66f7d8469 100644
--- a/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
+++ b/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
@@ -75,10 +75,14 @@
 ;; Various services required by CFNetwork and other frameworks
 (allow mach-lookup
     (global-name "com.apple.PowerManagement.control")
-    (global-name "com.apple.accountsd.accountmanager")
-    (global-name "com.apple.awdd"))
+    (global-name "com.apple.accountsd.accountmanager"))
 
 (deny file-write-create (vnode-type SYMLINK))
 (deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\."))
 
+;; AWD logging
+(allow mach-lookup (global-name "com.apple.awdd"))
+(allow file-read* file-write*
+    (literal "/private/var/mobile/Library/Logs/awd/awd-com.apple.WebKit.WebContent.log"))
+
 (network-client (remote tcp))
-- 
2.36.0