#include <strings.h>
#include <mach/port.h>
#include <mach/exception_types.h>
-
+#include <mach/coalition.h> /* for COALITION_TYPE_MAX */
+#include <sys/kern_memorystatus.h>
/*
* posix_spawnattr_init
(*psattrp)->short_padding = 0;
(*psattrp)->flags_padding = 0;
- (*psattrp)->int_padding = 0;
/* Default is no new apptype requested */
(*psattrp)->psa_apptype = POSIX_SPAWN_PROCESS_TYPE_DEFAULT;
/* Jetsam related */
(*psattrp)->psa_jetsam_flags = 0;
(*psattrp)->psa_priority = -1;
- (*psattrp)->psa_high_water_mark = -1;
+ (*psattrp)->psa_memlimit_active = -1;
+ (*psattrp)->psa_memlimit_inactive = -1;
/* Default is no CPU usage monitor active. */
(*psattrp)->psa_cpumonitor_percent = 0;
/* Default is no MAC policy extensions. */
(*psattrp)->psa_mac_extensions = NULL;
- /* Default is to inherit parent's coalition */
- (*psattrp)->psa_coalitionid = 0;
+ /* Default is to inherit parent's coalition(s) */
+ (*psattrp)->psa_coalition_info = NULL;
+
+ (*psattrp)->psa_persona_info = NULL;
+
+ /*
+ * old coalition field
+ * For backwards compatibility reasons, we set this to 1
+ * which is the first valid coalition id. This will allow
+ * newer user space code to properly spawn processes on
+ * older kernels
+ * (they will just all end up in the same coalition).
+ */
+ (*psattrp)->psa_reserved = 1;
/* Default is no new clamp */
(*psattrp)->psa_qos_clamp = POSIX_SPAWN_PROC_CLAMP_NONE;
+
+ /* Default is no change to role */
+ (*psattrp)->psa_darwin_role = POSIX_SPAWN_DARWIN_ROLE_NONE;
}
return (err);
* EINVAL The value specified by attr is invalid.
*/
static int posix_spawn_destroyportactions_np(posix_spawnattr_t *);
+static int posix_spawn_destroycoalition_info_np(posix_spawnattr_t *);
+static int posix_spawn_destroypersona_info_np(posix_spawnattr_t *);
int
posix_spawnattr_destroy(posix_spawnattr_t *attr)
psattr = *(_posix_spawnattr_t *)attr;
posix_spawn_destroyportactions_np(attr);
+ posix_spawn_destroycoalition_info_np(attr);
+ posix_spawn_destroypersona_info_np(attr);
free(psattr);
*attr = NULL;
{
_posix_spawnattr_t psattr;
_posix_spawn_port_actions_t acts;
- int newnum;
if (attr == NULL || *attr == NULL)
return EINVAL;
return EINVAL;
/* Double number of port actions allocated for */
- newnum = 2 * acts->pspa_alloc;
- acts = realloc(acts, PS_PORT_ACTIONS_SIZE(newnum));
+ int newnum = 0;
+ if (os_mul_overflow(acts->pspa_alloc, 2, &newnum))
+ return ENOMEM;
+ size_t newsize = PS_PORT_ACTIONS_SIZE(newnum);
+ if (newsize == 0)
+ return ENOMEM;
+
+ acts = realloc(acts, newsize);
if (acts == NULL)
return ENOMEM;
return 0;
}
+/*
+ * posix_spawn_destroycoalition_info_np
+ * Description: clean up coalition_info struct in posix_spawnattr_t attr
+ */
+static int
+posix_spawn_destroycoalition_info_np(posix_spawnattr_t *attr)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_coalition_info *coal_info;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ coal_info = psattr->psa_coalition_info;
+ if (coal_info == NULL)
+ return EINVAL;
+
+ psattr->psa_coalition_info = NULL;
+ free(coal_info);
+ return 0;
+}
+
+/*
+ * posix_spawn_destroypersona_info_np
+ * Description: clean up persona_info struct in posix_spawnattr_t attr
+ */
+static int
+posix_spawn_destroypersona_info_np(posix_spawnattr_t *attr)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_persona_info *persona;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ persona = psattr->psa_persona_info;
+ if (persona == NULL)
+ return EINVAL;
+
+ psattr->psa_persona_info = NULL;
+ free(persona);
+ return 0;
+}
+
/*
* posix_spawn_appendportaction_np
* Description: append a port action, grow the array if necessary
static int
_posix_spawn_file_actions_grow(_posix_spawn_file_actions_t *psactsp)
{
- int new_alloc = (*psactsp)->psfa_act_alloc * 2;
- _posix_spawn_file_actions_t new_psacts;
+ int newnum = 0;
+ if (os_mul_overflow((*psactsp)->psfa_act_alloc, 2, &newnum))
+ return ENOMEM;
+
+ size_t newsize = PSF_ACTIONS_SIZE(newnum);
+ if (newsize == 0)
+ return ENOMEM;
/*
* XXX may want to impose an administrative limit here; POSIX does
* XXX so it's probably acceptable to just fail catastrophically
* XXX instead of implementing one.
*/
- if ((new_psacts = (_posix_spawn_file_actions_t)realloc((*psactsp), PSF_ACTIONS_SIZE(new_alloc))) == NULL) {
- return (ENOMEM);
+ _posix_spawn_file_actions_t new_psacts;
+ if ((new_psacts = (_posix_spawn_file_actions_t)realloc((*psactsp), newsize)) == NULL) {
+ return ENOMEM;
}
- new_psacts->psfa_act_alloc = new_alloc;
+ new_psacts->psfa_act_alloc = newnum;
*psactsp = new_psacts;
- return (0);
+ return 0;
}
return (0);
}
+#if TARGET_OS_EMBEDDED
+/*
+ * posix_spawnattr_setjetsam
+ *
+ * Description: Set jetsam attributes for the spawn attribute object
+ * referred to by 'attr'.
+ *
+ * Parameters: flags The flags value to set
+ * priority Relative jetsam priority
+ * memlimit Value in megabytes; a memory footprint
+ * above this level may result in termination.
+ * Implies both active and inactive limits.
+ *
+ * Returns: 0 Success
+ *
+ * Note: to be deprecated (not available on desktop)
+ *
+ */
+int
+posix_spawnattr_setjetsam(posix_spawnattr_t * __restrict attr,
+ short flags, int priority, int memlimit)
+{
+ short flags_ext = flags;
+
+ if (flags & POSIX_SPAWN_JETSAM_MEMLIMIT_FATAL) {
+ flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
+ flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
+ } else {
+ flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
+ flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
+ }
+
+ return (posix_spawnattr_setjetsam_ext(attr, flags_ext, priority, memlimit, memlimit));
+}
+#endif /* TARGET_OS_EMBEDDED */
+
+/*
+ * posix_spawnattr_setjetsam_ext
+ *
+ * Description: Set jetsam attributes for the spawn attribute object
+ * referred to by 'attr'.
+ *
+ * Parameters: flags The flags value to set
+ * priority Relative jetsam priority
+ * memlimit_active Value in megabytes; memory footprint
+ * above this level while process is
+ * active may result in termination.
+ * memlimit_inactive Value in megabytes; memory footprint
+ * above this level while process is
+ * inactive may result in termination.
+ *
+ * Returns: 0 Success
+ */
+int
+posix_spawnattr_setjetsam_ext(posix_spawnattr_t * __restrict attr,
+ short flags, int priority, int memlimit_active, int memlimit_inactive)
+{
+ _posix_spawnattr_t psattr;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+
+ psattr->psa_jetsam_flags = flags;
+ psattr->psa_jetsam_flags |= POSIX_SPAWN_JETSAM_SET;
+ psattr->psa_priority = priority;
+ psattr->psa_memlimit_active = memlimit_active;
+ psattr->psa_memlimit_inactive = memlimit_inactive;
+
+ return (0);
+}
/*
psmx->psmx_count = 0;
}
else if (psmx->psmx_count == psmx->psmx_alloc) {
- psmx = psattr->psa_mac_extensions = reallocf(psmx, PS_MAC_EXTENSIONS_SIZE(psmx->psmx_alloc * 2));
+ int newnum = 0;
+ if (os_mul_overflow(psmx->psmx_alloc, 2, &newnum))
+ return ENOMEM;
+ size_t extsize = PS_MAC_EXTENSIONS_SIZE(newnum);
+ if (extsize == 0)
+ return ENOMEM;
+ psmx = psattr->psa_mac_extensions = reallocf(psmx, extsize);
if (psmx == NULL)
return ENOMEM;
- psmx->psmx_alloc *= 2;
+ psmx->psmx_alloc = newnum;
}
extension = &psmx->psmx_extensions[psmx->psmx_count];
strlcpy(extension->policyname, policyname, sizeof(extension->policyname));
return 0;
}
-int posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr, uint64_t coalitionid)
+int posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr,
+ uint64_t coalitionid, int type, int role)
{
_posix_spawnattr_t psattr;
+ struct _posix_spawn_coalition_info *coal_info;
if (attr == NULL || *attr == NULL) {
return EINVAL;
}
+ if (type < 0 || type > COALITION_TYPE_MAX)
+ return EINVAL;
psattr = *(_posix_spawnattr_t *)attr;
- psattr->psa_coalitionid = coalitionid;
+
+ coal_info = psattr->psa_coalition_info;
+ if (!coal_info) {
+ coal_info = (struct _posix_spawn_coalition_info *)malloc(sizeof(*coal_info));
+ if (!coal_info)
+ return ENOMEM;
+ memset(coal_info, 0, sizeof(*coal_info));
+ psattr->psa_coalition_info = coal_info;
+ }
+
+ coal_info->psci_info[type].psci_id = coalitionid;
+ coal_info->psci_info[type].psci_role = role;
return 0;
}
return (0);
}
+int posix_spawnattr_set_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t darwin_role)
+{
+ _posix_spawnattr_t psattr;
+
+ if (attr == NULL || *attr == NULL) {
+ return EINVAL;
+ }
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ psattr->psa_darwin_role = darwin_role;
+
+ return 0;
+}
+
+int
+posix_spawnattr_get_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t * __restrict darwin_rolep)
+{
+ _posix_spawnattr_t psattr;
+
+ if (attr == NULL || *attr == NULL) {
+ return EINVAL;
+ }
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ *darwin_rolep = psattr->psa_darwin_role;
+
+ return (0);
+}
+
+
+int
+posix_spawnattr_set_persona_np(const posix_spawnattr_t * __restrict attr, uid_t persona_id, uint32_t flags)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_persona_info *persona;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ if (flags & ~POSIX_SPAWN_PERSONA_ALL_FLAGS)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+
+ persona = psattr->psa_persona_info;
+ if (!persona) {
+ persona = (struct _posix_spawn_persona_info *)malloc(sizeof(*persona));
+ if (!persona)
+ return ENOMEM;
+ persona->pspi_uid = 0;
+ persona->pspi_gid = 0;
+ persona->pspi_ngroups = 0;
+ persona->pspi_groups[0] = 0;
+
+ psattr->psa_persona_info = persona;
+ }
+
+ persona->pspi_id = persona_id;
+ persona->pspi_flags = flags;
+
+ return 0;
+}
+
+int
+posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t * __restrict attr, uid_t uid)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_persona_info *persona;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ persona = psattr->psa_persona_info;
+ if (!persona)
+ return EINVAL;
+
+ if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY)))
+ return EINVAL;
+
+ persona->pspi_uid = uid;
+
+ persona->pspi_flags |= POSIX_SPAWN_PERSONA_UID;
+
+ return 0;
+}
+
+int
+posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t * __restrict attr, gid_t gid)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_persona_info *persona;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ persona = psattr->psa_persona_info;
+ if (!persona)
+ return EINVAL;
+
+ if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY)))
+ return EINVAL;
+
+ persona->pspi_gid = gid;
+
+ persona->pspi_flags |= POSIX_SPAWN_PERSONA_GID;
+
+ return 0;
+}
+
+int
+posix_spawnattr_set_persona_groups_np(const posix_spawnattr_t * __restrict attr, int ngroups, gid_t *gidarray, uid_t gmuid)
+{
+ _posix_spawnattr_t psattr;
+ struct _posix_spawn_persona_info *persona;
+
+ if (attr == NULL || *attr == NULL)
+ return EINVAL;
+
+ if (gidarray == NULL)
+ return EINVAL;
+
+ if (ngroups > NGROUPS || ngroups < 0)
+ return EINVAL;
+
+ psattr = *(_posix_spawnattr_t *)attr;
+ persona = psattr->psa_persona_info;
+ if (!persona)
+ return EINVAL;
+
+ if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY)))
+ return EINVAL;
+
+ persona->pspi_ngroups = ngroups;
+ for (int i = 0; i < ngroups; i++)
+ persona->pspi_groups[i] = gidarray[i];
+
+ persona->pspi_gmuid = gmuid;
+
+ persona->pspi_flags |= POSIX_SPAWN_PERSONA_GROUPS;
+
+ return 0;
+}
+
+
/*
* posix_spawn
ad.attrp = psattr;
if (psattr->psa_ports != NULL) {
+ size_t psact_size = PS_PORT_ACTIONS_SIZE(psattr->psa_ports->pspa_count);
+ if (psact_size == 0 && psattr->psa_ports->pspa_count != 0) {
+ errno = EINVAL;
+ ret = -1;
+ goto out;
+ }
ad.port_actions = psattr->psa_ports;
- ad.port_actions_size = PS_PORT_ACTIONS_SIZE(
- ad.port_actions->pspa_count);
+ ad.port_actions_size = psact_size;
}
if (psattr->psa_mac_extensions != NULL) {
+ size_t macext_size = PS_MAC_EXTENSIONS_SIZE(psattr->psa_mac_extensions->psmx_count);
+ if (macext_size == 0 && psattr->psa_mac_extensions->psmx_count != 0) {
+ errno = EINVAL;
+ ret = -1;
+ goto out;
+ }
ad.mac_extensions = psattr->psa_mac_extensions;
- ad.mac_extensions_size = PS_MAC_EXTENSIONS_SIZE(
- ad.mac_extensions->psmx_count);
+ ad.mac_extensions_size = macext_size;
+ }
+ if (psattr->psa_coalition_info != NULL) {
+ ad.coal_info_size = sizeof(struct _posix_spawn_coalition_info);
+ ad.coal_info = psattr->psa_coalition_info;
+ }
+ if (psattr->psa_persona_info != NULL) {
+ ad.persona_info_size = sizeof(struct _posix_spawn_persona_info);
+ ad.persona_info = psattr->psa_persona_info;
}
}
if (file_actions != NULL && *file_actions != NULL) {
*(_posix_spawn_file_actions_t *)file_actions;
if (psactsp->psfa_act_count > 0) {
- ad.file_actions_size = PSF_ACTIONS_SIZE(psactsp->psfa_act_count);
+ size_t fa_size = PSF_ACTIONS_SIZE(psactsp->psfa_act_count);
+ if (fa_size == 0 && psactsp->psfa_act_count != 0) {
+ errno = EINVAL;
+ ret = -1;
+ goto out;
+ }
+ ad.file_actions_size = fa_size;
ad.file_actions = psactsp;
}
}
} else
ret = __posix_spawn(pid, path, NULL, argv, envp);
+out:
if (ret < 0)
ret = errno;
errno = saveerrno;
projects / apple / xnu.git / blobdiff