Revision: 22875 http://trac.macosforge.org/projects/launchd/changeset/22875 Author: zarzycki@apple.com Date: 2006-09-23 15:23:38 -0700 (Sat, 23 Sep 2006) Log Message: ----------- Structural and semantic reorganization: The old privileged versus unprivileged bootstrap port was a messy and confusing concept. All jobs now run with what was known as an "unprivileged bootstrap port." Modified Paths: -------------- trunk/launchd/src/bootstrap.defs trunk/launchd/src/bootstrap_public.c trunk/launchd/src/bootstrap_public.h trunk/launchd/src/launchd_core_logic.c trunk/launchd/src/launchd_core_logic.h trunk/launchd/src/launchd_mach_ipc.c Modified: trunk/launchd/src/bootstrap.defs =================================================================== --- trunk/launchd/src/bootstrap.defs 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/bootstrap.defs 2006-09-23 22:23:38 UTC (rev 22875) @@ -50,9 +50,7 @@ ServerAuditToken __token : audit_token_t; out __server_port : mach_port_make_send_t); -routine bootstrap_unprivileged( - __bs_port : mach_port_t; - out __unpriv_port : mach_port_make_send_t); +skip; /* Last used in 10.4. Was bootstrap_unprivileged() */ routine bootstrap_check_in( __bs_port : mach_port_t; @@ -126,3 +124,9 @@ routine mpm_uncork_fork( __bs_port : mach_port_t; ServerAuditToken __token : audit_token_t); + +/* Essentially the inverse of bootstrap_unprivileged() */ +routine bootstrap_get_self( + __bs_port : mach_port_t; + ServerAuditToken __token : audit_token_t; + out __job_port : mach_port_make_send_t); Modified: trunk/launchd/src/bootstrap_public.c =================================================================== --- trunk/launchd/src/bootstrap_public.c 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/bootstrap_public.c 2006-09-23 22:23:38 UTC (rev 22875) @@ -34,6 +34,10 @@ #include <stdlib.h> #include <errno.h> +static mach_port_t vproc_self; + +static void vproc_get_self(void); + kern_return_t _launchd_to_launchd(mach_port_t bp, mach_port_t *reqport, mach_port_t *rcvright, name_array_t *service_names, mach_msg_type_number_t *service_namesCnt, @@ -160,7 +164,17 @@ kern_return_t bootstrap_unprivileged(mach_port_t bp, mach_port_t *unpriv_port) { - return raw_bootstrap_unprivileged(bp, unpriv_port); + kern_return_t kr; + + *unpriv_port = MACH_PORT_NULL; + + kr = mach_port_mod_refs(mach_task_self(), bp, MACH_PORT_RIGHT_SEND, 1); + + if (kr == KERN_SUCCESS) { + *unpriv_port = bp; + } + + return kr; } kern_return_t @@ -190,7 +204,13 @@ kern_return_t bootstrap_check_in(mach_port_t bp, name_t service_name, mach_port_t *sp) { - return raw_bootstrap_check_in(bp, service_name, sp); + if(bp != bootstrap_port) { + return BOOTSTRAP_NOT_PRIVILEGED; + } + + vproc_get_self(); + + return raw_bootstrap_check_in(vproc_self, service_name, sp); } kern_return_t @@ -238,11 +258,6 @@ if (bootstrap_check_in(bp, service_name, &p) == BOOTSTRAP_SUCCESS) { mach_port_mod_refs(mach_task_self(), p, MACH_PORT_RIGHT_RECEIVE, -1); *service_active = BOOTSTRAP_STATUS_ON_DEMAND; - if (raw_bootstrap_unprivileged(bp, &p) == BOOTSTRAP_SUCCESS) { - if (bp == p) - *service_active = BOOTSTRAP_STATUS_INACTIVE; - mach_port_deallocate(mach_task_self(), p); - } return BOOTSTRAP_SUCCESS; } else if (bootstrap_look_up(bp, service_name, &p) == BOOTSTRAP_SUCCESS) { mach_port_deallocate(mach_task_self(), p); @@ -262,6 +277,23 @@ service_active, service_activeCnt); } + +void +vproc_get_self(void) +{ + mach_port_t bp_self; + + if (vproc_self != MACH_PORT_NULL) { + return; + } + + if (raw_bootstrap_get_self(bootstrap_port, &bp_self) != 0) { + return; + } + + vproc_self = bp_self; +} + const char * bootstrap_strerror(kern_return_t r) { Modified: trunk/launchd/src/bootstrap_public.h =================================================================== --- trunk/launchd/src/bootstrap_public.h 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/bootstrap_public.h 2006-09-23 22:23:38 UTC (rev 22875) @@ -196,7 +196,8 @@ */ kern_return_t bootstrap_unprivileged( mach_port_t bp, - mach_port_t *unpriv_port); + mach_port_t *unpriv_port) + AVAILABLE_MAC_OS_X_VERSION_10_0_AND_LATER_BUT_DEPRECATED_IN_MAC_OS_X_VERSION_10_5; /* * bootstrap_parent() Modified: trunk/launchd/src/launchd_core_logic.c =================================================================== --- trunk/launchd/src/launchd_core_logic.c 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/launchd_core_logic.c 2006-09-23 22:23:38 UTC (rev 22875) @@ -1244,16 +1244,20 @@ } job_t -job_find_by_pid(job_t j, pid_t p) +job_find_by_pid(job_t j, pid_t p, bool recurse) { job_t jr, ji; - if (j->p == p) + if (j->p == p) { return j; + } SLIST_FOREACH(ji, &j->jobs, sle) { - if ((jr = job_find_by_pid(ji, p))) + if (ji->p == p) { + return ji; + } else if (recurse && (jr = job_find_by_pid(ji, p, recurse))) { return jr; + } } errno = ESRCH; @@ -1521,7 +1525,7 @@ job_assumes(j, launchd_mport_notify_req(j->bs_port, MACH_NOTIFY_NO_SENDERS) == KERN_SUCCESS); } - switch (c = job_fork(j->bs_port ? j : j->parent)) { + switch (c = job_fork(j->legacy_mach_job ? j : j->parent)) { case -1: job_log_error(j, LOG_ERR, "fork() failed, will try again in one second"); job_assumes(j, close(execspair[0]) == 0); Modified: trunk/launchd/src/launchd_core_logic.h =================================================================== --- trunk/launchd/src/launchd_core_logic.h 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/launchd_core_logic.h 2006-09-23 22:23:38 UTC (rev 22875) @@ -42,7 +42,7 @@ job_t job_find(job_t j, const char *label); -job_t job_find_by_pid(job_t j, pid_t p); +job_t job_find_by_pid(job_t j, pid_t p, bool recurse); job_t job_find_by_port(mach_port_t mp); job_t job_import(launch_data_t pload); launch_data_t job_import_bulk(launch_data_t pload); Modified: trunk/launchd/src/launchd_mach_ipc.c =================================================================== --- trunk/launchd/src/launchd_mach_ipc.c 2006-09-23 20:25:10 UTC (rev 22874) +++ trunk/launchd/src/launchd_mach_ipc.c 2006-09-23 22:23:38 UTC (rev 22875) @@ -189,16 +189,24 @@ } kern_return_t -x_bootstrap_unprivileged(mach_port_t bp, mach_port_t *unprivportp) +x_bootstrap_get_self(mach_port_t bp, audit_token_t au_tok, mach_port_t *unprivportp) { - job_t j = job_find_by_port(bp); + job_t j2, j = job_find_by_port(bp); + struct ldcred ldc; + audit_token_to_launchd_cred(au_tok, &ldc); + job_log(j, LOG_DEBUG, "Requested unprivileged bootstrap port"); - j = job_get_bs(j); + j2 = job_find_by_pid(j, ldc.pid, false); - *unprivportp = job_get_bsport(j); + if (!j2) { + job_log(j, LOG_NOTICE, "PID %u not managed by launchd", ldc.pid); + return BOOTSTRAP_NOT_PRIVILEGED; + } + *unprivportp = job_get_bsport(j2); + return BOOTSTRAP_SUCCESS; } @@ -250,7 +258,7 @@ audit_token_to_launchd_cred(au_tok, &ldc); - j2 = job_find_by_pid(root_job, ldc.pid); + j2 = job_find_by_pid(root_job, ldc.pid, true); if (j2 && job_get_bs(j2) == j) { j = j2;