1. 09 Apr, 2013 1 commit
    • thiago.santos@intel.com's avatar
      [WK2] Drop WebProcess capabilities on Linux using seccomp filters · 0ee9d4d0
      thiago.santos@intel.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89875
      
      Reviewed by Maciej Stachowiak.
      
      .:
      
      Added the bits to EFL/CMake buildsystem to find the libseccomp
      library.
      
      * Source/cmake/FindLibSeccomp.cmake: Added.
      * Source/cmake/OptionsEfl.cmake:
      * Source/cmake/WebKitFeatures.cmake:
      * Source/cmakeconfig.h.cmake:
      
      Source/WebCore:
      
      Make the DATA_DIR global since it is now needed for WebCore and WebKit2.
      It is now used to set a sandbox policy for the EFL port.
      
      * PlatformEfl.cmake:
      
      Source/WebKit2:
      
      Introduce the foundations of the SeccompFilter-based sandbox. The
      hardening of the WebProcess (and potentially PluginProcess, etc)
      works by a combination of the two things:
      
      - Blocking syscalls that are not used, reducing the size of the attack
      surface.
      - Trapping sensitive syscalls and delegating the execution of these
      syscalls to a separated trusted process subject to a set of policies.
      
      The initial implementation traps the open()-family of syscalls on WebKit
      EFL's and Qt's WebProcess, but it could be easily used by any Linux port,
      since the code is suppose to be Linux-compliant. The list of syscalls handled
      by the broker process should definitely grow as we mature the
      implementation. Other syscalls needs to be handled to get this sandbox
      fully functional, like unlink(), mkdir(), etc.
      
      The broker process should be initialized as early as possible on the
      sandboxed process main() function, because it only does a fork(), which
      is cheap on Linux. That also aims to minimize the resident memory footprint
      of the broker process.
      
      Opening of files for upload and saving downloads is not supported yet,
      since it should be handled to the UIProcess in a similar fashion as
      the Mac port does.
      
      * PlatformEfl.cmake:
      * Shared/linux/SeccompFilters/OpenSyscall.cpp: Added.
      (WebKit):
      (WebKit::OpenSyscall::createFromOpenatContext):
      (WebKit::OpenSyscall::createFromCreatContext):
      (WebKit::OpenSyscall::OpenSyscall):
      (WebKit::OpenSyscall::setResult):
      (WebKit::OpenSyscall::execute):
      (WebKit::OpenSyscall::encode):
      (WebKit::OpenSyscall::decode):
      (WebKit::OpenSyscallResult::OpenSyscallResult):
      (WebKit::OpenSyscallResult::~OpenSyscallResult):
      (WebKit::OpenSyscallResult::encode):
      (WebKit::OpenSyscallResult::decode):
      * Shared/linux/SeccompFilters/OpenSyscall.h: Added.
      (CoreIPC):
      (WebKit):
      (OpenSyscall):
      (WebKit::OpenSyscall::setPath):
      (WebKit::OpenSyscall::setFlags):
      (WebKit::OpenSyscall::setMode):
      (OpenSyscallResult):
      (WebKit::OpenSyscallResult::fd):
      (WebKit::OpenSyscallResult::errorNumber):
      * Shared/linux/SeccompFilters/SeccompBroker.cpp: Added.
      (WebKit):
      (SeccompBrokerClient):
      (WebKit::sendMessage):
      (WebKit::receiveMessage):
      (WebKit::SIGSYSHandler):
      (WebKit::registerSIGSYSHandler):
      (WebKit::SeccompBrokerClient::shared):
      (WebKit::SeccompBrokerClient::SeccompBrokerClient):
      (WebKit::SeccompBrokerClient::~SeccompBrokerClient):
      (WebKit::SeccompBrokerClient::dispatch):
      (WebKit::SeccompBrokerClient::handleIfOpeningOnlineCPUCount):
      (WebKit::SeccompBroker::launchProcess):
      (WebKit::SeccompBroker::initialize):
      (WebKit::SeccompBroker::runLoop):
      * Shared/linux/SeccompFilters/SeccompBroker.h: Added.
      (WebKit):
      (SeccompBroker):
      (WebKit::SeccompBroker::setSyscallPolicy):
      (WebKit::SeccompBroker::SeccompBroker):
      * Shared/linux/SeccompFilters/SeccompFilters.cpp: Added.
      (WebKit):
      (WebKit::SeccompFilters::SeccompFilters):
      (WebKit::SeccompFilters::~SeccompFilters):
      (WebKit::SeccompFilters::addRule):
      (WebKit::SeccompFilters::initialize):
      * Shared/linux/SeccompFilters/SeccompFilters.h: Added.
      (WebKit):
      (SeccompFilters):
      (WebKit::SeccompFilters::context):
      (WebKit::SeccompFilters::platformInitialize):
      * Shared/linux/SeccompFilters/SigactionSyscall.cpp: Added.
      (WebKit):
      (WebKit::SigactionSyscall::createFromContext):
      * Shared/linux/SeccompFilters/SigactionSyscall.h: Added.
      (WebKit):
      (SigactionSyscall):
      * Shared/linux/SeccompFilters/SigprocmaskSyscall.cpp: Added.
      (WebKit):
      (WebKit::SigprocmaskSyscall::createFromContext):
      * Shared/linux/SeccompFilters/SigprocmaskSyscall.h: Added.
      (WebKit):
      (SigprocmaskSyscall):
      * Shared/linux/SeccompFilters/Syscall.cpp: Added.
      (WebKit):
      (WebKit::Syscall::createFromContext):
      (WebKit::Syscall::createFromDecoder):
      (WebKit::Syscall::Syscall):
      (WebKit::SyscallResult::createFromDecoder):
      (WebKit::SyscallResult::SyscallResult):
      * Shared/linux/SeccompFilters/Syscall.h: Added.
      (CoreIPC):
      (WebKit):
      (Syscall):
      (WebKit::Syscall::~Syscall):
      (WebKit::Syscall::type):
      (WebKit::Syscall::setContext):
      (WebKit::Syscall::context):
      (SyscallResult):
      (WebKit::SyscallResult::~SyscallResult):
      (WebKit::SyscallResult::type):
      * Shared/linux/SeccompFilters/SyscallPolicy.cpp: Added.
      (WebKit):
      (WebKit::removeTrailingSlash):
      (WebKit::SyscallPolicy::hasPermissionForPath):
      (WebKit::SyscallPolicy::addFilePermission):
      (WebKit::SyscallPolicy::addDirectoryPermission):
      (WebKit::SyscallPolicy::addDefaultWebProcessPolicy):
      * Shared/linux/SeccompFilters/SyscallPolicy.h: Added.
      (WebKit):
      (SyscallPolicy):
      * Target.pri:
      * WebKit2.pri:
      * WebProcess/efl/SeccompFiltersWebProcessEfl.cpp: Added.
      (WebKit):
      (WebKit::SeccompFiltersWebProcessEfl::SeccompFiltersWebProcessEfl):
      (WebKit::SeccompFiltersWebProcessEfl::platformInitialize):
      * WebProcess/efl/SeccompFiltersWebProcessEfl.h: Added.
      (WebKit):
      (SeccompFiltersWebProcessEfl):
      * WebProcess/qt/SeccompFiltersWebProcessQt.cpp: Added.
      (WebKit):
      (WebKit::SeccompFiltersWebProcessQt::SeccompFiltersWebProcessQt):
      (WebKit::SeccompFiltersWebProcessQt::platformInitialize):
      * WebProcess/qt/SeccompFiltersWebProcessQt.h: Added.
      (WebKit):
      (SeccompFiltersWebProcessQt):
      * WebProcess/qt/WebProcessQt.cpp:
      (WebKit::WebProcess::platformInitializeWebProcess):
      * WebProcess/soup/WebProcessSoup.cpp:
      (WebKit::WebProcess::platformInitializeWebProcess):
      
      Tools:
      
      Add unit tests to verify if the handling of the open, openat, creat syscall
      is being done right. We check if the Read/Write/ReadAndWrite permissions
      are respected, if the canonical path is being resolved and if
      the permissions are falling back to the topmost parent directory with a
      policy set when the directory being opened has no policy.
      
      We also test if any attempt of blocking SIGSYS is silently ignored.
      SIGSYS cannot be blocked because in it's handler is where we hook
      syscalls to the broker process.
      
      Also added libseccomp to EFL's jhbuild to make the life of developers
      willing to help easier.
      
      * Scripts/webkitperl/FeatureList.pm:
      * TestWebKitAPI/PlatformEfl.cmake:
      * TestWebKitAPI/Tests/WebKit2/SeccompFilters.cpp: Added.
      (TestWebKitAPI):
      (SeccompEnvironment):
      (TestWebKitAPI::SeccompEnvironment::SetUp):
      (TestWebKitAPI::SeccompEnvironment::TearDown):
      (TestWebKitAPI::dummyHandler):
      (TestWebKitAPI::TEST):
      (TestWebKitAPI::stressTest):
      * efl/jhbuild.modules:
      * qmake/mkspecs/features/features.pri:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147998 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0ee9d4d0
  2. 19 Feb, 2013 1 commit
    • csaavedra@igalia.com's avatar
      Unreviewed build fix. · 22b47863
      csaavedra@igalia.com authored
      .:
      
      * Source/autotools/FindDependencies.m4:
      * Source/autotools/Versions.m4:
      * Source/cmake/FindHarfBuzz.cmake:
      
      Bump gtk and efl dependencies on harfbuzz
      to 0.9.7. See bug 110145.
      
      Tools:
      
      * efl/jhbuild.modules:
      * gtk/jhbuild.modules:
      
      Bump harfbuzz module to 0.9.7. See related bug 110145.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143345 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      22b47863
  3. 05 Dec, 2012 1 commit
    • commit-queue@webkit.org's avatar
      [CMake] Unify coding style for CMake files · d6fb2c5a
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=103605
      
      Patch by Halton Huo <halton.huo@intel.com> on 2012-12-05
      Reviewed by Laszlo Gombos.
      
      Update cmake files(.cmake, CMakeLists.txt) with following style rules:
      1. Indentation
      1.1 Use spaces, not tabs.
      1.2 Four spaces as indent.
      2. Spacing
      2.1 Place one space between control statements and their parentheses.
          For eg, if (), else (), elseif (), endif (), foreach (),
          endforeach (), while (), endwhile (), break ().
      2.2 Do not place spaces between function and macro statements and
          their parentheses. For eg, macro(), endmacro(), function(),
          endfunction().
      2.3 Do not place spaces between a command or function or macro and its
          parentheses, or between a parenthesis and its content. For eg,
          message("testing") not message( "testing") or message ("testing" )
      2.4 No space at line ending.
      3. Lowercase when call commands macros and functions. For eg,
         add_executable() not ADD_EXECUTABLE(), set() not SET().
      
      .:
      
      * CMakeLists.txt:
      * Source/CMakeLists.txt:
      * Source/PlatformEfl.cmake:
      * Source/cmake/EFLHelpers.cmake:
      * Source/cmake/FindATK.cmake:
      * Source/cmake/FindCFLite.cmake:
      * Source/cmake/FindCairo.cmake:
      * Source/cmake/FindDBus.cmake:
      * Source/cmake/FindDirectX.cmake:
      * Source/cmake/FindE_DBus.cmake:
      * Source/cmake/FindEcore.cmake:
      * Source/cmake/FindEdje.cmake:
      * Source/cmake/FindEet.cmake:
      * Source/cmake/FindEeze.cmake:
      * Source/cmake/FindEfreet.cmake:
      * Source/cmake/FindEina.cmake:
      * Source/cmake/FindElementary.cmake:
      * Source/cmake/FindEnchant.cmake:
      * Source/cmake/FindEvas.cmake:
      * Source/cmake/FindFontconfig.cmake:
      * Source/cmake/FindGLIB.cmake:
      * Source/cmake/FindGStreamer.cmake:
      * Source/cmake/FindGperf.cmake:
      * Source/cmake/FindHarfBuzz.cmake:
      * Source/cmake/FindICU.cmake:
      * Source/cmake/FindLibSoup.cmake:
      * Source/cmake/FindQuickTimeSDK.cmake:
      * Source/cmake/FindSqlite.cmake:
      * Source/cmake/OptionsBlackBerry.cmake:
      * Source/cmake/OptionsCommon.cmake:
      * Source/cmake/OptionsEfl.cmake:
      * Source/cmake/OptionsWinCE.cmake:
      * Source/cmake/OptionsWindows.cmake:
      * Source/cmake/WebKitFS.cmake:
      * Source/cmake/WebKitFeatures.cmake:
      * Source/cmake/WebKitHelpers.cmake:
      * Source/cmake/WebKitMacros.cmake:
      * Source/cmake/WebKitPackaging.cmake:
      * Source/cmake/gtest/CMakeLists.txt:
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * PlatformBlackBerry.cmake:
      * PlatformEfl.cmake:
      * PlatformWinCE.cmake:
      * shell/CMakeLists.txt:
      * shell/PlatformBlackBerry.cmake:
      * shell/PlatformEfl.cmake:
      * shell/PlatformWinCE.cmake:
      
      Source/WebCore:
      
      * CMakeLists.txt:
      * PlatformBlackBerry.cmake:
      * PlatformEfl.cmake:
      * PlatformWinCE.cmake:
      * UseJSC.cmake:
      * UseV8.cmake:
      
      Source/WebKit:
      
      * CMakeLists.txt:
      * PlatformBlackBerry.cmake:
      * PlatformEfl.cmake:
      * PlatformWinCE.cmake:
      
      Source/WebKit/efl:
      
      * DefaultTheme/CMakeLists.txt:
      
      Source/WebKit2:
      
      * CMakeLists.txt:
      * PlatformEfl.cmake:
      * win/WebKit2ExportGenerator.vcproj:
      * win/WebKit2ExportGeneratorCommon.vsprops:
      
      Source/WTF:
      
      * CMakeLists.txt:
      * wtf/CMakeLists.txt:
      * wtf/PlatformBlackBerry.cmake:
      * wtf/PlatformEfl.cmake:
      * wtf/PlatformWinCE.cmake:
      
      Tools:
      
      * CMakeLists.txt:
      * DumpRenderTree/TestNetscapePlugIn/CMakeLists.txt:
      * DumpRenderTree/efl/CMakeLists.txt:
      * EWebLauncher/CMakeLists.txt:
      * EWebLauncher/ControlTheme/CMakeLists.txt:
      * MiniBrowser/efl/CMakeLists.txt:
      * TestWebKitAPI/CMakeLists.txt:
      * TestWebKitAPI/PlatformEfl.cmake:
      * WebKitTestRunner/CMakeLists.txt:
      * WebKitTestRunner/PlatformEfl.cmake:
      * WinCELauncher/CMakeLists.txt:
      * clang/ReportMemoryUsagePlugin/CMakeLists.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@136790 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d6fb2c5a
  4. 03 Aug, 2012 1 commit
  5. 27 Jul, 2012 1 commit
    • commit-queue@webkit.org's avatar
      [Cairo] Add complex font drawing using HarfbuzzNG · 868e06e2
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=91864
      
      Patch by Dominik Röttsches <dominik.rottsches@intel.com> on 2012-07-27
      Reviewed by Simon Hausmann and Martin Robinson.
      
      .:
      
      Configuring Freetype backend to use HarfBuzz by default.
      
      * Source/cmake/FindHarfBuzz.cmake: Added pkgconfig based discovery of HarfBuzz.
      * Source/cmake/OptionsEfl.cmake: Adding Harfbuzz configuration.
      
      Source/WebCore:
      
      Adding Harfbuzz support to EFL by implementing it with the help of cairo and cairo-ft.
      Reusing Chromium's Harfbuzz-NG support.
      
      No new tests, complex font support is covered by existing tests.
      
      * CMakeLists.txt: Adding new cairo based implementations, removing emtpy FontEfl.cpp
      * WebCore.gypi: Removing FontEfl.cpp
      * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp: Added. New implementation that implements cairo & harfbuzz-ng based complex font drawing.
      (WebCore):
      (WebCore::Font::drawComplexText):
      (WebCore::Font::drawEmphasisMarksForComplexText):
      (WebCore::Font::canReturnFallbackFontsForComplexText):
      (WebCore::Font::canExpandAroundIdeographsInComplexText):
      (WebCore::Font::floatWidthForComplexText):
      (WebCore::Font::offsetForPositionForComplexText):
      (WebCore::Font::selectionRectForComplexText):
      * platform/graphics/efl/FontEfl.cpp: Removed.
      * platform/graphics/freetype/FontPlatformData.h: Adding a getter that retrieves a harfbuzz face.
      (FontPlatformData):
      * platform/graphics/freetype/FontPlatformDataFreeType.cpp: Adding a getter that retrieves a harfbuzz face.
      (WebCore::FontPlatformData::operator=):
      (WebCore::FontPlatformData::FontPlatformData):
      (WebCore):
      (WebCore::FontPlatformData::harfbuzzFace):
      * platform/graphics/harfbuzz/ng/HarfBuzzNGFaceCairo.cpp: Added. Cairo-freetype based approach to get complex font metrics.
      (WebCore):
      (CairoFtFaceLocker):
      (WebCore::CairoFtFaceLocker::CairoFtFaceLocker):
      (WebCore::CairoFtFaceLocker::lock):
      (WebCore::CairoFtFaceLocker::~CairoFtFaceLocker):
      (WebCore::floatToHarfBuzzPosition):
      (WebCore::doubleToHarfBuzzPosition):
      (WebCore::CairoGetGlyphWidthAndExtents):
      (WebCore::harfbuzzGetGlyph):
      (WebCore::harfbuzzGetGlyphHorizontalAdvance):
      (WebCore::harfbuzzGetGlyphHorizontalOrigin):
      (WebCore::harfbuzzGetGlyphExtents):
      (WebCore::harfbuzzCairoTextGetFontFuncs):
      (WebCore::harfbuzzCairoGetTable):
      (WebCore::HarfBuzzNGFace::createFace):
      (WebCore::HarfBuzzNGFace::createFont):
      (WebCore::HarfBuzzShaper::createGlyphBufferAdvance):
      
      Source/WebKit:
      
      Adding includes for harfbuzz folders.
      
      * CMakeLists.txt:
      
      Source/WebKit2:
      
      Adding includes for harfbuzz folders.
      
      * CMakeLists.txt:
      
      Tools:
      
      Bringing Harfbuzz support to EFL with this patch, so we need HarfBuzz in the pulled in jhbuild dependencies.
      
      * WebKitTestRunner/CMakeLists.txt: Adding additional header include directories.
      * efl/jhbuild.modules: Adding source for HarfBuzz release version 0.9.0.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@123864 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      868e06e2