[22890] trunk/launchd/src

12 Oct 2006

Revision: 22890
          http://trac.macosforge.org/projects/launchd/changeset/22890
Author:   zarzycki@apple.com
Date:     2006-10-12 12:13:23 -0700 (Thu, 12 Oct 2006)

Log Message:
-----------
Make the remote creds accessible at any time.

Modified Paths:
--------------
    trunk/launchd/src/launchd_core_logic.c
    trunk/launchd/src/launchd_runtime.c
    trunk/launchd/src/launchd_runtime.h
    trunk/launchd/src/protocol_legacy.defs

Modified: trunk/launchd/src/launchd_core_logic.c
===================================================================

--- trunk/launchd/src/launchd_core_logic.c	2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_core_logic.c	2006-10-12 19:13:23 UTC (rev 22890)
@@ -88,16 +88,6 @@
 static au_asid_t inherited_asid;
 mach_port_t inherited_bootstrap_port;
 
-struct ldcred {
-	uid_t   euid;
-	uid_t   uid;
-	gid_t   egid;
-	gid_t   gid;
-	pid_t   pid;
-	au_asid_t asid;
-};
-
-static void audit_token_to_launchd_cred(audit_token_t au_tok, struct ldcred *ldc);
 static bool trusted_client_check(job_t j, struct ldcred *ldc);
 
 
@@ -3473,13 +3463,12 @@
 }
 
 kern_return_t
-job_mig_create_server(job_t j, cmd_t server_cmd, uid_t server_uid, boolean_t on_demand,
-		audit_token_t au_tok, mach_port_t *server_portp)
+job_mig_create_server(job_t j, cmd_t server_cmd, uid_t server_uid, boolean_t on_demand, mach_port_t *server_portp)
 {
 	struct ldcred ldc;
 	job_t js;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 	job_log(j, LOG_DEBUG, "Server create attempt: %s", server_cmd);
 
@@ -3527,12 +3516,12 @@
 }
 
 kern_return_t
-job_mig_get_self(job_t j, audit_token_t au_tok, mach_port_t *unprivportp)
+job_mig_get_self(job_t j, mach_port_t *unprivportp)
 {
 	struct ldcred ldc;
 	job_t j2;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 	job_log(j, LOG_DEBUG, "Requested unprivileged bootstrap port");
 
@@ -3557,13 +3546,13 @@
 
   
 kern_return_t
-job_mig_check_in(job_t j, name_t servicename, audit_token_t au_tok, mach_port_t *serviceportp)
+job_mig_check_in(job_t j, name_t servicename, mach_port_t *serviceportp)
 {
 	static pid_t last_warned_pid = 0;
 	struct machservice *ms;
 	struct ldcred ldc;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 	ms = job_lookup_service(j, servicename, true);
 
@@ -3593,13 +3582,13 @@
 }
 
 kern_return_t
-job_mig_register(job_t j, audit_token_t au_tok, name_t servicename, mach_port_t serviceport)
+job_mig_register(job_t j, name_t servicename, mach_port_t serviceport)
 {
 	struct machservice *ms;
 	struct ldcred ldc;
 	job_t j2;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 	if (j == job_get_bs(j)) {
 		j2 = job_find_by_pid(j, ldc.pid, false);
@@ -3641,12 +3630,12 @@
 }
 
 kern_return_t
-job_mig_look_up(job_t j, audit_token_t au_tok, name_t servicename, mach_port_t *serviceportp, mach_msg_type_name_t *ptype)
+job_mig_look_up(job_t j, name_t servicename, mach_port_t *serviceportp, mach_msg_type_name_t *ptype)
 {
 	struct machservice *ms;
 	struct ldcred ldc;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 	ms = job_lookup_service(j, servicename, true);
 
@@ -3896,17 +3885,17 @@
 }
 
 kern_return_t
-job_mig_wait(job_t j, mach_port_t srp, audit_token_t au_tok, integer_t *waitstatus)
+job_mig_wait(job_t j, mach_port_t srp, integer_t *waitstatus)
 {
 #if 0
 	struct ldcred ldc;
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 #endif
 	return job_handle_mpm_wait(j, srp, waitstatus);
 }
 
 kern_return_t
-job_mig_uncork_fork(job_t j, audit_token_t au_tok)
+job_mig_uncork_fork(job_t j)
 {
 	if (!j) {
 		return BOOTSTRAP_NOT_PRIVILEGED;
@@ -3918,8 +3907,7 @@
 }
 
 kern_return_t
-job_mig_spawn(job_t j, audit_token_t au_tok,
-		_internal_string_t charbuf, mach_msg_type_number_t charbuf_cnt,
+job_mig_spawn(job_t j, _internal_string_t charbuf, mach_msg_type_number_t charbuf_cnt,
 		uint32_t argc, uint32_t envc, uint64_t flags, uint16_t mig_umask,
 		pid_t *child_pid, mach_port_t *obsvr_port)
 {
@@ -3933,7 +3921,7 @@
 	const char *workingdir = NULL;
 	size_t argv_i = 0, env_i = 0;
 
-	audit_token_to_launchd_cred(au_tok, &ldc);
+	runtime_get_caller_creds(&ldc);
 
 #if 0
 	if (ldc.asid != inherited_asid) {
@@ -3993,14 +3981,6 @@
 	return BOOTSTRAP_SUCCESS;
 }
 
-void
-audit_token_to_launchd_cred(audit_token_t au_tok, struct ldcred *ldc)
-{
-	audit_token_to_au32(au_tok, /* audit UID */ NULL, &ldc->euid,
-			&ldc->egid, &ldc->uid, &ldc->gid, &ldc->pid,
-			&ldc->asid, /* au_tid_t */ NULL);
-}
-
 bool
 trusted_client_check(job_t j, struct ldcred *ldc)
 {

Modified: trunk/launchd/src/launchd_runtime.c
===================================================================
--- trunk/launchd/src/launchd_runtime.c	2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_runtime.c	2006-10-12 19:13:23 UTC (rev 22890)
@@ -79,6 +79,7 @@
 static size_t mig_cb_table_sz;
 static timeout_callback runtime_idle_callback;
 static mach_msg_timeout_t runtime_idle_timeout;
+static audit_token_t *au_tok;
 
 void
 launchd_runtime_init(void)
@@ -475,6 +476,38 @@
 	return KERN_SUCCESS;
 }
 
+static void
+record_caller_creds(mach_msg_header_t *mh)
+{
+	mach_msg_max_trailer_t *tp;
+	size_t trailer_size;
+
+	tp = (mach_msg_max_trailer_t *)((vm_offset_t)mh + round_msg(mh->msgh_size));
+
+	trailer_size = tp->msgh_trailer_size - (mach_msg_size_t)(sizeof(mach_msg_trailer_type_t) - sizeof(mach_msg_trailer_size_t));
+
+	if (trailer_size < (mach_msg_size_t)sizeof(audit_token_t)) {
+		au_tok = NULL;
+		return;
+	}
+
+	au_tok = &tp->msgh_audit;
+}
+
+bool
+runtime_get_caller_creds(struct ldcred *ldc)
+{
+	if (!au_tok) {
+		return false;
+	}
+
+	audit_token_to_au32(*au_tok, /* audit UID */ NULL, &ldc->euid,
+			&ldc->egid, &ldc->uid, &ldc->gid, &ldc->pid,
+			&ldc->asid, /* au_tid_t */ NULL);
+
+	return true;
+}
+
 void
 launchd_runtime2(mach_msg_size_t msg_size, mig_reply_error_t *bufRequest, mig_reply_error_t *bufReply)
 {
@@ -555,6 +588,8 @@
 			break;
 		}
 
+		record_caller_creds(&bufRequest->Head);
+
 		if (the_demux(&bufRequest->Head, &bufReply->Head) == FALSE) {
 			/* XXX - also gross */
 			if (bufRequest->Head.msgh_id == MACH_NOTIFY_NO_SENDERS) {

Modified: trunk/launchd/src/launchd_runtime.h
===================================================================
--- trunk/launchd/src/launchd_runtime.h	2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_runtime.h	2006-10-12 19:13:23 UTC (rev 22890)
@@ -22,6 +22,15 @@
 
 #include <mach/mach.h>
 
+struct ldcred {
+	uid_t   euid;
+	uid_t   uid;
+	gid_t   egid;
+	gid_t   gid;
+	pid_t   pid;
+	au_asid_t asid;
+};
+
 /*
  * Use launchd_assumes() when we can recover, even if it means we leak or limp along.
  *
@@ -50,7 +59,9 @@
 void runtime_set_timeout(timeout_callback to_cb, mach_msg_timeout_t to);
 kern_return_t runtime_add_mport(mach_port_t name, mig_callback demux, mach_msg_size_t msg_size);
 kern_return_t runtime_remove_mport(mach_port_t name);
+bool runtime_get_caller_creds(struct ldcred *ldc);
 
+
 int kevent_mod(uintptr_t ident, short filter, u_short flags, u_int fflags, intptr_t data, void *udata);
 
 kern_return_t launchd_set_bport(mach_port_t name);

Modified: trunk/launchd/src/protocol_legacy.defs
===================================================================
--- trunk/launchd/src/protocol_legacy.defs	2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/protocol_legacy.defs	2006-10-12 19:13:23 UTC (rev 22890)
@@ -39,7 +39,6 @@
 		__server_cmd	: cmd_t;
 		__server_uid	: natural_t;
 		__on_demand	: boolean_t;
-	ServerAuditToken	__token	: audit_token_t;
 	out	__server_port	: mach_port_make_send_t);
 
 skip; /* Last used in 10.4. Was bootstrap_unprivileged() */
@@ -47,18 +46,15 @@
 routine check_in(
 			__bs_port	: job_t;
 			__service_name	: name_t;
-	ServerAuditToken	__token	: audit_token_t;
 		out	__service_port	: mach_port_move_receive_t);
 
 routine register(
 		__bs_port	: job_t;
-	ServerAuditToken	__token	: audit_token_t;
 		__service_name	: name_t;
 		__service_port	: mach_port_t);
 
 routine look_up(
 		__bs_port	: job_t;
-	ServerAuditToken	__token	: audit_token_t;
 		__service_name	: name_t;
 	out	__service_port	: mach_port_send_t);
 
@@ -99,7 +95,6 @@
 
 routine spawn(
 		__bs_port	: job_t;
-	ServerAuditToken	__token	: audit_token_t;
 		__chars		: _internal_string_t;
 		__argc		: uint32_t;
 		__envc		: uint32_t;
@@ -111,15 +106,12 @@
 routine wait(
 		__bs_port	: job_t;
 	sreplyport		__rport	: mach_port_make_send_once_t;
-	ServerAuditToken	__token	: audit_token_t;
 	out	__waitval	: integer_t);
 
 routine uncork_fork(
-		__bs_port	: job_t;
-	ServerAuditToken	__token	: audit_token_t);
+		__bs_port	: job_t);
 
 /* Essentially the inverse of bootstrap_unprivileged() */
 routine get_self(
 		__bs_port	: job_t;
-	ServerAuditToken        __token : audit_token_t;
 	out	__job_port	: mach_port_make_send_t);

    

source_changes＠macosforge.org

tags

participants (1)