[HDR] Introduce GainMap and ShareableGainMap
ff6f5a8
Source/WebCore/platform/graphics/cocoa/ShareableGainMap.cpp
+RetainPtr<CGImageRef> ShareableGainMap::applyGainMapToBaseImage(CGImageRef baseImage) const
+{
+ auto basePixelBuffer = createMetalCompatibleCVPixelBufferFromImage(baseImage);
+ if (!basePixelBuffer) return nullptr;
+ auto outputPixelBuffer = createScratchMetalCompatibleCVPixelBuffer(*basePixelBuffer);
+ if (!outputPixelBuffer) return nullptr;
+ OSStatus status = CGImageApplyHDRGainMap(basePixelBuffer.get(), m_gainMapPixelBuffer.get(), outputPixelBuffer.get(), nullptr);
+ if (status) return nullptr;
+ return createCGImageFromCVPixelBuffer(outputPixelBuffer.get());
+}
WebKit's GPU process model isolates rendering from web content; ShareableBitmap is the shared-memory primitive used to pass rasterized image data across the boundary. CVPixelBuffer is a CoreVideo reference-counted pixel buffer type. ISO gain maps (standardized in HEIF/JPEG-XL) encode per-pixel HDR headroom as auxiliary image layers; Apple's private CGImageApplyHDRGainMap SPI composites them onto a base image via Metal. This commit threads GainMap (CVPixelBuffer + metadata + colorSpace) through NativeImage and ShareableBitmapConfiguration, with ShareableBitmap::createPlatformImage() conditionally invoking the SPI in the GPU process.
Significance
This lays cross-process plumbing for HDR rendering, introducing new IPC-serialized CVPixelBuffer data flowing from WebProcess into the GPU process — a new attack surface with pixel-buffer lifetime management and private SPI invocation passing a null options dict.
Audit directions
a Aaaaa Aaaaaaaaaaaaaaa Aa Aaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaaa Aaaaaaaa Aaaaaaaaaa Aaa Aaaaaaaaaa Aaa Aaaaaaaaaaaa Aa Aaa Aaa Aaaaaaa Aaa Aaaaaa Aaaaaaaa Aa Aaaaaaa Aaaaa Aaa Aaaa a Aaaa Aaaaaaa Aaaaaaaaaa a Aaaaaa Aaaaaaaa Aaaaaaaaaaa
a Aaaaaaaaaaaaaa Aaaaaaaaa Aaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaa Aaaaaaaaaa Aaaa Aaa Aaaa Aaaaaa a Aaaaaaaa Aaaaaaa Aaaaaaaa Aaa Aaaaaaaaaa Aaaaaaaaaa Aaa Aaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaa Aaaaa Aaaaaaa Aaa Aaaaaa Aaa Aaaa
a Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaa Aaa Aaaaaaaa Aaaaaaaaaaaa Aaaaaa Aaa Aaaaaaa Aaaaaa Aaa Aaaaaaaa Aaaaaaaaa Aaa Aaaaaa Aaaaaa a Aaaaa Aaaaaaaaaaaaaaa Aaaaa Aaaaaaaaaaaa
a Aaaaaaaaaaaaaaaaaaaa Aa Aaaaaaaaaa Aaaaaaa Aaa Aaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaa Aaaaa Aaaaaaaaaaa Aaaaaa Aaaaaaaaaa Aaa Aaaaa Aaaaaaa Aaa Aaa Aaaaaa Aaaaaaa Aaaaa Aaaaaaaaaa Aaaaaaaa Aaaaaa Aaaaaa Aaaaaa Aaaa
🔒New cross-process pixel-buffer and metadata paths feed private SPI — edge cases in dimension validation and lifetime handling are worth auditing.
Subscribe to read more