[launchd-changes] [22890] trunk/launchd/src
source_changes at macosforge.org
source_changes at macosforge.org
Thu Oct 12 12:13:23 PDT 2006
Revision: 22890
http://trac.macosforge.org/projects/launchd/changeset/22890
Author: zarzycki at apple.com
Date: 2006-10-12 12:13:23 -0700 (Thu, 12 Oct 2006)
Log Message:
-----------
Make the remote creds accessible at any time.
Modified Paths:
--------------
trunk/launchd/src/launchd_core_logic.c
trunk/launchd/src/launchd_runtime.c
trunk/launchd/src/launchd_runtime.h
trunk/launchd/src/protocol_legacy.defs
Modified: trunk/launchd/src/launchd_core_logic.c
===================================================================
--- trunk/launchd/src/launchd_core_logic.c 2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_core_logic.c 2006-10-12 19:13:23 UTC (rev 22890)
@@ -88,16 +88,6 @@
static au_asid_t inherited_asid;
mach_port_t inherited_bootstrap_port;
-struct ldcred {
- uid_t euid;
- uid_t uid;
- gid_t egid;
- gid_t gid;
- pid_t pid;
- au_asid_t asid;
-};
-
-static void audit_token_to_launchd_cred(audit_token_t au_tok, struct ldcred *ldc);
static bool trusted_client_check(job_t j, struct ldcred *ldc);
@@ -3473,13 +3463,12 @@
}
kern_return_t
-job_mig_create_server(job_t j, cmd_t server_cmd, uid_t server_uid, boolean_t on_demand,
- audit_token_t au_tok, mach_port_t *server_portp)
+job_mig_create_server(job_t j, cmd_t server_cmd, uid_t server_uid, boolean_t on_demand, mach_port_t *server_portp)
{
struct ldcred ldc;
job_t js;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
job_log(j, LOG_DEBUG, "Server create attempt: %s", server_cmd);
@@ -3527,12 +3516,12 @@
}
kern_return_t
-job_mig_get_self(job_t j, audit_token_t au_tok, mach_port_t *unprivportp)
+job_mig_get_self(job_t j, mach_port_t *unprivportp)
{
struct ldcred ldc;
job_t j2;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
job_log(j, LOG_DEBUG, "Requested unprivileged bootstrap port");
@@ -3557,13 +3546,13 @@
kern_return_t
-job_mig_check_in(job_t j, name_t servicename, audit_token_t au_tok, mach_port_t *serviceportp)
+job_mig_check_in(job_t j, name_t servicename, mach_port_t *serviceportp)
{
static pid_t last_warned_pid = 0;
struct machservice *ms;
struct ldcred ldc;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
ms = job_lookup_service(j, servicename, true);
@@ -3593,13 +3582,13 @@
}
kern_return_t
-job_mig_register(job_t j, audit_token_t au_tok, name_t servicename, mach_port_t serviceport)
+job_mig_register(job_t j, name_t servicename, mach_port_t serviceport)
{
struct machservice *ms;
struct ldcred ldc;
job_t j2;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
if (j == job_get_bs(j)) {
j2 = job_find_by_pid(j, ldc.pid, false);
@@ -3641,12 +3630,12 @@
}
kern_return_t
-job_mig_look_up(job_t j, audit_token_t au_tok, name_t servicename, mach_port_t *serviceportp, mach_msg_type_name_t *ptype)
+job_mig_look_up(job_t j, name_t servicename, mach_port_t *serviceportp, mach_msg_type_name_t *ptype)
{
struct machservice *ms;
struct ldcred ldc;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
ms = job_lookup_service(j, servicename, true);
@@ -3896,17 +3885,17 @@
}
kern_return_t
-job_mig_wait(job_t j, mach_port_t srp, audit_token_t au_tok, integer_t *waitstatus)
+job_mig_wait(job_t j, mach_port_t srp, integer_t *waitstatus)
{
#if 0
struct ldcred ldc;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
#endif
return job_handle_mpm_wait(j, srp, waitstatus);
}
kern_return_t
-job_mig_uncork_fork(job_t j, audit_token_t au_tok)
+job_mig_uncork_fork(job_t j)
{
if (!j) {
return BOOTSTRAP_NOT_PRIVILEGED;
@@ -3918,8 +3907,7 @@
}
kern_return_t
-job_mig_spawn(job_t j, audit_token_t au_tok,
- _internal_string_t charbuf, mach_msg_type_number_t charbuf_cnt,
+job_mig_spawn(job_t j, _internal_string_t charbuf, mach_msg_type_number_t charbuf_cnt,
uint32_t argc, uint32_t envc, uint64_t flags, uint16_t mig_umask,
pid_t *child_pid, mach_port_t *obsvr_port)
{
@@ -3933,7 +3921,7 @@
const char *workingdir = NULL;
size_t argv_i = 0, env_i = 0;
- audit_token_to_launchd_cred(au_tok, &ldc);
+ runtime_get_caller_creds(&ldc);
#if 0
if (ldc.asid != inherited_asid) {
@@ -3993,14 +3981,6 @@
return BOOTSTRAP_SUCCESS;
}
-void
-audit_token_to_launchd_cred(audit_token_t au_tok, struct ldcred *ldc)
-{
- audit_token_to_au32(au_tok, /* audit UID */ NULL, &ldc->euid,
- &ldc->egid, &ldc->uid, &ldc->gid, &ldc->pid,
- &ldc->asid, /* au_tid_t */ NULL);
-}
-
bool
trusted_client_check(job_t j, struct ldcred *ldc)
{
Modified: trunk/launchd/src/launchd_runtime.c
===================================================================
--- trunk/launchd/src/launchd_runtime.c 2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_runtime.c 2006-10-12 19:13:23 UTC (rev 22890)
@@ -79,6 +79,7 @@
static size_t mig_cb_table_sz;
static timeout_callback runtime_idle_callback;
static mach_msg_timeout_t runtime_idle_timeout;
+static audit_token_t *au_tok;
void
launchd_runtime_init(void)
@@ -475,6 +476,38 @@
return KERN_SUCCESS;
}
+static void
+record_caller_creds(mach_msg_header_t *mh)
+{
+ mach_msg_max_trailer_t *tp;
+ size_t trailer_size;
+
+ tp = (mach_msg_max_trailer_t *)((vm_offset_t)mh + round_msg(mh->msgh_size));
+
+ trailer_size = tp->msgh_trailer_size - (mach_msg_size_t)(sizeof(mach_msg_trailer_type_t) - sizeof(mach_msg_trailer_size_t));
+
+ if (trailer_size < (mach_msg_size_t)sizeof(audit_token_t)) {
+ au_tok = NULL;
+ return;
+ }
+
+ au_tok = &tp->msgh_audit;
+}
+
+bool
+runtime_get_caller_creds(struct ldcred *ldc)
+{
+ if (!au_tok) {
+ return false;
+ }
+
+ audit_token_to_au32(*au_tok, /* audit UID */ NULL, &ldc->euid,
+ &ldc->egid, &ldc->uid, &ldc->gid, &ldc->pid,
+ &ldc->asid, /* au_tid_t */ NULL);
+
+ return true;
+}
+
void
launchd_runtime2(mach_msg_size_t msg_size, mig_reply_error_t *bufRequest, mig_reply_error_t *bufReply)
{
@@ -555,6 +588,8 @@
break;
}
+ record_caller_creds(&bufRequest->Head);
+
if (the_demux(&bufRequest->Head, &bufReply->Head) == FALSE) {
/* XXX - also gross */
if (bufRequest->Head.msgh_id == MACH_NOTIFY_NO_SENDERS) {
Modified: trunk/launchd/src/launchd_runtime.h
===================================================================
--- trunk/launchd/src/launchd_runtime.h 2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/launchd_runtime.h 2006-10-12 19:13:23 UTC (rev 22890)
@@ -22,6 +22,15 @@
#include <mach/mach.h>
+struct ldcred {
+ uid_t euid;
+ uid_t uid;
+ gid_t egid;
+ gid_t gid;
+ pid_t pid;
+ au_asid_t asid;
+};
+
/*
* Use launchd_assumes() when we can recover, even if it means we leak or limp along.
*
@@ -50,7 +59,9 @@
void runtime_set_timeout(timeout_callback to_cb, mach_msg_timeout_t to);
kern_return_t runtime_add_mport(mach_port_t name, mig_callback demux, mach_msg_size_t msg_size);
kern_return_t runtime_remove_mport(mach_port_t name);
+bool runtime_get_caller_creds(struct ldcred *ldc);
+
int kevent_mod(uintptr_t ident, short filter, u_short flags, u_int fflags, intptr_t data, void *udata);
kern_return_t launchd_set_bport(mach_port_t name);
Modified: trunk/launchd/src/protocol_legacy.defs
===================================================================
--- trunk/launchd/src/protocol_legacy.defs 2006-10-11 00:09:19 UTC (rev 22889)
+++ trunk/launchd/src/protocol_legacy.defs 2006-10-12 19:13:23 UTC (rev 22890)
@@ -39,7 +39,6 @@
__server_cmd : cmd_t;
__server_uid : natural_t;
__on_demand : boolean_t;
- ServerAuditToken __token : audit_token_t;
out __server_port : mach_port_make_send_t);
skip; /* Last used in 10.4. Was bootstrap_unprivileged() */
@@ -47,18 +46,15 @@
routine check_in(
__bs_port : job_t;
__service_name : name_t;
- ServerAuditToken __token : audit_token_t;
out __service_port : mach_port_move_receive_t);
routine register(
__bs_port : job_t;
- ServerAuditToken __token : audit_token_t;
__service_name : name_t;
__service_port : mach_port_t);
routine look_up(
__bs_port : job_t;
- ServerAuditToken __token : audit_token_t;
__service_name : name_t;
out __service_port : mach_port_send_t);
@@ -99,7 +95,6 @@
routine spawn(
__bs_port : job_t;
- ServerAuditToken __token : audit_token_t;
__chars : _internal_string_t;
__argc : uint32_t;
__envc : uint32_t;
@@ -111,15 +106,12 @@
routine wait(
__bs_port : job_t;
sreplyport __rport : mach_port_make_send_once_t;
- ServerAuditToken __token : audit_token_t;
out __waitval : integer_t);
routine uncork_fork(
- __bs_port : job_t;
- ServerAuditToken __token : audit_token_t);
+ __bs_port : job_t);
/* Essentially the inverse of bootstrap_unprivileged() */
routine get_self(
__bs_port : job_t;
- ServerAuditToken __token : audit_token_t;
out __job_port : mach_port_make_send_t);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/launchd-changes/attachments/20061012/dc1d5738/attachment.html
More information about the launchd-changes
mailing list