[iOS] Deny mach lookup access to content filter service in the WebContent sandbox
[WebKit.git] / Source / WebKit / Shared / WebProcessCreationParameters.cpp
1 /*
2  * Copyright (C) 2010-2018 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #include "config.h"
27 #include "WebProcessCreationParameters.h"
28
29 #include "APIData.h"
30 #if PLATFORM(COCOA)
31 #include "ArgumentCodersCF.h"
32 #endif
33 #include "WebCoreArgumentCoders.h"
34
35 namespace WebKit {
36
37 WebProcessCreationParameters::WebProcessCreationParameters(WebProcessCreationParameters&&) = default;
38 WebProcessCreationParameters& WebProcessCreationParameters::operator=(WebProcessCreationParameters&&) = default;
39
40 WebProcessCreationParameters::WebProcessCreationParameters()
41 {
42 }
43
44 WebProcessCreationParameters::~WebProcessCreationParameters()
45 {
46 }
47
48 void WebProcessCreationParameters::encode(IPC::Encoder& encoder) const
49 {
50     encoder << injectedBundlePath;
51     encoder << injectedBundlePathExtensionHandle;
52     encoder << additionalSandboxExtensionHandles;
53     encoder << initializationUserData;
54 #if PLATFORM(IOS_FAMILY)
55     encoder << cookieStorageDirectoryExtensionHandle;
56     encoder << containerCachesDirectoryExtensionHandle;
57     encoder << containerTemporaryDirectoryExtensionHandle;
58 #endif
59     encoder << webCoreLoggingChannels;
60     encoder << webKitLoggingChannels;
61 #if ENABLE(MEDIA_STREAM)
62     encoder << audioCaptureExtensionHandle;
63     encoder << shouldCaptureAudioInUIProcess;
64     encoder << shouldCaptureAudioInGPUProcess;
65     encoder << shouldCaptureVideoInUIProcess;
66     encoder << shouldCaptureDisplayInUIProcess;
67 #endif
68     encoder << urlSchemesRegisteredAsEmptyDocument;
69     encoder << urlSchemesRegisteredAsSecure;
70     encoder << urlSchemesRegisteredAsBypassingContentSecurityPolicy;
71     encoder << urlSchemesForWhichDomainRelaxationIsForbidden;
72     encoder << urlSchemesRegisteredAsLocal;
73     encoder << urlSchemesRegisteredAsNoAccess;
74     encoder << urlSchemesRegisteredAsDisplayIsolated;
75     encoder << urlSchemesRegisteredAsCORSEnabled;
76     encoder << urlSchemesRegisteredAsAlwaysRevalidated;
77     encoder << urlSchemesRegisteredAsCachePartitioned;
78     encoder << urlSchemesServiceWorkersCanHandle;
79     encoder << urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest;
80     encoder.encodeEnum(cacheModel);
81     encoder << shouldAlwaysUseComplexTextCodePath;
82     encoder << shouldEnableMemoryPressureReliefLogging;
83     encoder << shouldSuppressMemoryPressureHandler;
84     encoder << shouldUseFontSmoothing;
85     encoder << fontWhitelist;
86     encoder << terminationTimeout;
87     encoder << languages;
88 #if USE(GSTREAMER)
89     encoder << gstreamerOptions;
90 #endif
91     encoder << textCheckerState;
92     encoder << fullKeyboardAccessEnabled;
93     encoder << defaultRequestTimeoutInterval;
94     encoder << backForwardCacheCapacity;
95 #if PLATFORM(COCOA)
96     encoder << uiProcessBundleIdentifier;
97     encoder << uiProcessSDKVersion;
98 #endif
99     encoder << presentingApplicationPID;
100 #if PLATFORM(COCOA)
101     encoder << accessibilityEnhancedUserInterfaceEnabled;
102     encoder << acceleratedCompositingPort;
103     encoder << uiProcessBundleResourcePath;
104     encoder << uiProcessBundleResourcePathExtensionHandle;
105     encoder << shouldEnableJIT;
106     encoder << shouldEnableFTLJIT;
107     encoder << !!bundleParameterData;
108     if (bundleParameterData)
109         encoder << bundleParameterData->dataReference();
110 #endif
111
112 #if ENABLE(NOTIFICATIONS)
113     encoder << notificationPermissions;
114 #endif
115
116     encoder << plugInAutoStartOrigins;
117     encoder << memoryCacheDisabled;
118     encoder << attrStyleEnabled;
119
120 #if ENABLE(SERVICE_CONTROLS)
121     encoder << hasImageServices;
122     encoder << hasSelectionServices;
123     encoder << hasRichContentServices;
124 #endif
125
126 #if ENABLE(NETSCAPE_PLUGIN_API)
127     encoder << pluginLoadClientPolicies;
128 #endif
129
130 #if PLATFORM(COCOA)
131     IPC::encode(encoder, networkATSContext.get());
132 #endif
133
134 #if PLATFORM(WAYLAND)
135     encoder << waylandCompositorDisplayName;
136 #endif
137
138 #if USE(SOUP)
139     encoder << proxySettings;
140 #endif
141
142 #if ENABLE(RESOURCE_LOAD_STATISTICS) && !RELEASE_LOG_DISABLED
143     encoder << shouldLogUserInteraction;
144 #endif
145
146 #if PLATFORM(COCOA)
147     encoder << mediaMIMETypes;
148 #endif
149
150 #if PLATFORM(MAC)
151     encoder << screenProperties;
152     encoder << useOverlayScrollbars;
153 #endif
154
155 #if USE(WPE_RENDERER)
156     encoder << isServiceWorkerProcess;
157     encoder << hostClientFileDescriptor;
158     encoder << implementationLibraryName;
159 #endif
160
161     encoder << websiteDataStoreParameters;
162     
163 #if PLATFORM(IOS)
164     encoder << compilerServiceExtensionHandle;
165     encoder << contentFilterExtensionHandle;
166 #endif
167     
168 #if PLATFORM(COCOA)
169     encoder << neHelperExtensionHandle;
170     encoder << neSessionManagerExtensionHandle;
171 #endif
172 }
173
174 bool WebProcessCreationParameters::decode(IPC::Decoder& decoder, WebProcessCreationParameters& parameters)
175 {
176     if (!decoder.decode(parameters.injectedBundlePath))
177         return false;
178     
179     Optional<SandboxExtension::Handle> injectedBundlePathExtensionHandle;
180     decoder >> injectedBundlePathExtensionHandle;
181     if (!injectedBundlePathExtensionHandle)
182         return false;
183     parameters.injectedBundlePathExtensionHandle = WTFMove(*injectedBundlePathExtensionHandle);
184
185     Optional<SandboxExtension::HandleArray> additionalSandboxExtensionHandles;
186     decoder >> additionalSandboxExtensionHandles;
187     if (!additionalSandboxExtensionHandles)
188         return false;
189     parameters.additionalSandboxExtensionHandles = WTFMove(*additionalSandboxExtensionHandles);
190     if (!decoder.decode(parameters.initializationUserData))
191         return false;
192
193 #if PLATFORM(IOS_FAMILY)
194     
195     Optional<SandboxExtension::Handle> cookieStorageDirectoryExtensionHandle;
196     decoder >> cookieStorageDirectoryExtensionHandle;
197     if (!cookieStorageDirectoryExtensionHandle)
198         return false;
199     parameters.cookieStorageDirectoryExtensionHandle = WTFMove(*cookieStorageDirectoryExtensionHandle);
200
201     Optional<SandboxExtension::Handle> containerCachesDirectoryExtensionHandle;
202     decoder >> containerCachesDirectoryExtensionHandle;
203     if (!containerCachesDirectoryExtensionHandle)
204         return false;
205     parameters.containerCachesDirectoryExtensionHandle = WTFMove(*containerCachesDirectoryExtensionHandle);
206
207     Optional<SandboxExtension::Handle> containerTemporaryDirectoryExtensionHandle;
208     decoder >> containerTemporaryDirectoryExtensionHandle;
209     if (!containerTemporaryDirectoryExtensionHandle)
210         return false;
211     parameters.containerTemporaryDirectoryExtensionHandle = WTFMove(*containerTemporaryDirectoryExtensionHandle);
212
213 #endif
214     if (!decoder.decode(parameters.webCoreLoggingChannels))
215         return false;
216     if (!decoder.decode(parameters.webKitLoggingChannels))
217         return false;
218
219 #if ENABLE(MEDIA_STREAM)
220
221     Optional<SandboxExtension::Handle> audioCaptureExtensionHandle;
222     decoder >> audioCaptureExtensionHandle;
223     if (!audioCaptureExtensionHandle)
224         return false;
225     parameters.audioCaptureExtensionHandle = WTFMove(*audioCaptureExtensionHandle);
226
227     if (!decoder.decode(parameters.shouldCaptureAudioInUIProcess))
228         return false;
229     if (!decoder.decode(parameters.shouldCaptureAudioInGPUProcess))
230         return false;
231     if (!decoder.decode(parameters.shouldCaptureVideoInUIProcess))
232         return false;
233     if (!decoder.decode(parameters.shouldCaptureDisplayInUIProcess))
234         return false;
235 #endif
236     if (!decoder.decode(parameters.urlSchemesRegisteredAsEmptyDocument))
237         return false;
238     if (!decoder.decode(parameters.urlSchemesRegisteredAsSecure))
239         return false;
240     if (!decoder.decode(parameters.urlSchemesRegisteredAsBypassingContentSecurityPolicy))
241         return false;
242     if (!decoder.decode(parameters.urlSchemesForWhichDomainRelaxationIsForbidden))
243         return false;
244     if (!decoder.decode(parameters.urlSchemesRegisteredAsLocal))
245         return false;
246     if (!decoder.decode(parameters.urlSchemesRegisteredAsNoAccess))
247         return false;
248     if (!decoder.decode(parameters.urlSchemesRegisteredAsDisplayIsolated))
249         return false;
250     if (!decoder.decode(parameters.urlSchemesRegisteredAsCORSEnabled))
251         return false;
252     if (!decoder.decode(parameters.urlSchemesRegisteredAsAlwaysRevalidated))
253         return false;
254     if (!decoder.decode(parameters.urlSchemesRegisteredAsCachePartitioned))
255         return false;
256     if (!decoder.decode(parameters.urlSchemesServiceWorkersCanHandle))
257         return false;
258     if (!decoder.decode(parameters.urlSchemesRegisteredAsCanDisplayOnlyIfCanRequest))
259         return false;
260     if (!decoder.decodeEnum(parameters.cacheModel))
261         return false;
262     if (!decoder.decode(parameters.shouldAlwaysUseComplexTextCodePath))
263         return false;
264     if (!decoder.decode(parameters.shouldEnableMemoryPressureReliefLogging))
265         return false;
266     if (!decoder.decode(parameters.shouldSuppressMemoryPressureHandler))
267         return false;
268     if (!decoder.decode(parameters.shouldUseFontSmoothing))
269         return false;
270     if (!decoder.decode(parameters.fontWhitelist))
271         return false;
272     if (!decoder.decode(parameters.terminationTimeout))
273         return false;
274     if (!decoder.decode(parameters.languages))
275         return false;
276 #if USE(GSTREAMER)
277     if (!decoder.decode(parameters.gstreamerOptions))
278         return false;
279 #endif
280     if (!decoder.decode(parameters.textCheckerState))
281         return false;
282     if (!decoder.decode(parameters.fullKeyboardAccessEnabled))
283         return false;
284     if (!decoder.decode(parameters.defaultRequestTimeoutInterval))
285         return false;
286     if (!decoder.decode(parameters.backForwardCacheCapacity))
287         return false;
288 #if PLATFORM(COCOA)
289     if (!decoder.decode(parameters.uiProcessBundleIdentifier))
290         return false;
291     if (!decoder.decode(parameters.uiProcessSDKVersion))
292         return false;
293 #endif
294     if (!decoder.decode(parameters.presentingApplicationPID))
295         return false;
296 #if PLATFORM(COCOA)
297     if (!decoder.decode(parameters.accessibilityEnhancedUserInterfaceEnabled))
298         return false;
299     if (!decoder.decode(parameters.acceleratedCompositingPort))
300         return false;
301     if (!decoder.decode(parameters.uiProcessBundleResourcePath))
302         return false;
303     
304     Optional<SandboxExtension::Handle> uiProcessBundleResourcePathExtensionHandle;
305     decoder >> uiProcessBundleResourcePathExtensionHandle;
306     if (!uiProcessBundleResourcePathExtensionHandle)
307         return false;
308     parameters.uiProcessBundleResourcePathExtensionHandle = WTFMove(*uiProcessBundleResourcePathExtensionHandle);
309
310     if (!decoder.decode(parameters.shouldEnableJIT))
311         return false;
312     if (!decoder.decode(parameters.shouldEnableFTLJIT))
313         return false;
314
315     bool hasBundleParameterData;
316     if (!decoder.decode(hasBundleParameterData))
317         return false;
318
319     if (hasBundleParameterData) {
320         IPC::DataReference dataReference;
321         if (!decoder.decode(dataReference))
322             return false;
323
324         parameters.bundleParameterData = API::Data::create(dataReference.data(), dataReference.size());
325     }
326 #endif
327
328 #if ENABLE(NOTIFICATIONS)
329     if (!decoder.decode(parameters.notificationPermissions))
330         return false;
331 #endif
332
333     if (!decoder.decode(parameters.plugInAutoStartOrigins))
334         return false;
335     if (!decoder.decode(parameters.memoryCacheDisabled))
336         return false;
337     if (!decoder.decode(parameters.attrStyleEnabled))
338         return false;
339
340 #if ENABLE(SERVICE_CONTROLS)
341     if (!decoder.decode(parameters.hasImageServices))
342         return false;
343     if (!decoder.decode(parameters.hasSelectionServices))
344         return false;
345     if (!decoder.decode(parameters.hasRichContentServices))
346         return false;
347 #endif
348
349 #if ENABLE(NETSCAPE_PLUGIN_API)
350     if (!decoder.decode(parameters.pluginLoadClientPolicies))
351         return false;
352 #endif
353
354 #if PLATFORM(COCOA)
355     if (!IPC::decode(decoder, parameters.networkATSContext))
356         return false;
357 #endif
358
359 #if PLATFORM(WAYLAND)
360     if (!decoder.decode(parameters.waylandCompositorDisplayName))
361         return false;
362 #endif
363
364 #if USE(SOUP)
365     if (!decoder.decode(parameters.proxySettings))
366         return false;
367 #endif
368
369 #if ENABLE(RESOURCE_LOAD_STATISTICS) && !RELEASE_LOG_DISABLED
370     if (!decoder.decode(parameters.shouldLogUserInteraction))
371         return false;
372 #endif
373
374 #if PLATFORM(COCOA)
375     if (!decoder.decode(parameters.mediaMIMETypes))
376         return false;
377 #endif
378
379 #if PLATFORM(MAC)
380     Optional<WebCore::ScreenProperties> screenProperties;
381     decoder >> screenProperties;
382     if (!screenProperties)
383         return false;
384     parameters.screenProperties = WTFMove(*screenProperties);
385     if (!decoder.decode(parameters.useOverlayScrollbars))
386         return false;
387 #endif
388
389 #if USE(WPE_RENDERER)
390     if (!decoder.decode(parameters.isServiceWorkerProcess))
391         return false;
392     if (!decoder.decode(parameters.hostClientFileDescriptor))
393         return false;
394     if (!decoder.decode(parameters.implementationLibraryName))
395         return false;
396 #endif
397
398     Optional<Optional<WebProcessDataStoreParameters>> websiteDataStoreParameters;
399     decoder >> websiteDataStoreParameters;
400     if (!websiteDataStoreParameters)
401         return false;
402     parameters.websiteDataStoreParameters = WTFMove(*websiteDataStoreParameters);
403
404 #if PLATFORM(IOS)
405     Optional<Optional<SandboxExtension::Handle>> compilerServiceExtensionHandle;
406     decoder >> compilerServiceExtensionHandle;
407     if (!compilerServiceExtensionHandle)
408         return false;
409     parameters.compilerServiceExtensionHandle = WTFMove(*compilerServiceExtensionHandle);
410
411     Optional<Optional<SandboxExtension::Handle>> contentFilterExtensionHandle;
412     decoder >> contentFilterExtensionHandle;
413     if (!contentFilterExtensionHandle)
414         return false;
415     parameters.contentFilterExtensionHandle = WTFMove(*contentFilterExtensionHandle);
416 #endif
417
418 #if PLATFORM(COCOA)
419     Optional<Optional<SandboxExtension::Handle>> neHelperExtensionHandle;
420     decoder >> neHelperExtensionHandle;
421     if (!neHelperExtensionHandle)
422         return false;
423     parameters.neHelperExtensionHandle = WTFMove(*neHelperExtensionHandle);
424
425     Optional<Optional<SandboxExtension::Handle>> neSessionManagerExtensionHandle;
426     decoder >> neSessionManagerExtensionHandle;
427     if (!neSessionManagerExtensionHandle)
428         return false;
429     parameters.neSessionManagerExtensionHandle = WTFMove(*neSessionManagerExtensionHandle);
430 #endif
431
432     return true;
433 }
434
435 } // namespace WebKit