Changeset 23260

Timestamp:

05/22/07 13:08:55 (19 months ago)

Author:

zarzycki@…

Message:

<rdar://problem/5158497> bootstrap_set_policy: policy should be inherited

Files:

• trunk/launchd/src/launchd_core_logic.c (modified) (8 diffs)

trunk/launchd/src/launchd_core_logic.c

@@ -108 +108 @@
 };
 
-static bool mspolicy_new(job_t j, const char *name, bool allow, bool pid_local);
+static bool mspolicy_new(job_t j, const char *name, bool allow, bool pid_local, bool skip_check);
+static bool mspolicy_copy(job_t j_to, job_t j_from);
 static void mspolicy_setup(launch_data_t obj, const char *key, void *context);
 static bool mspolicy_check(job_t j, const char *name, bool pid_local);
@@ -978 +979 @@
 {
         int mib[] = { CTL_KERN, KERN_PROC, KERN_PROC_PID, anonpid };
-        struct kinfo_proc kp, ppid_kp;
+        struct kinfo_proc kp;
         size_t len = sizeof(kp);
         bool shutdown_state;
-        job_t jr = NULL;
+        job_t jp = NULL, jr = NULL;
 
         if (!jobmgr_assumes(jm, sysctl(mib, 4, &kp, &len, NULL, 0) != -1)) {
@@ -987 +988 @@
         }
 
-        mib[3] = kp.kp_eproc.e_ppid;
-
-        if (!jobmgr_assumes(jm, sysctl(mib, 4, &ppid_kp, &len, NULL, 0) != -1)) {
-                return NULL;
+        switch (kp.kp_eproc.e_ppid) {
+        case 0:
+                /* the kernel */
+                break;
+        case 1:
+                if (getpid() != 1) {
+                        break;
+                }
+                /* fall through */
+        default:
+                jp = jobmgr_find_by_pid(jm, kp.kp_eproc.e_ppid, true);
+                jobmgr_assumes(jm, jp != NULL);
+                break;
         }
 
@@ -1004 +1014 @@
                 jr->anonymous = true;
                 jr->p = anonpid;
+
                 /* anonymous process reaping is messy */
                 LIST_INSERT_HEAD(&jm->active_jobs[ACTIVE_JOB_HASH(jr->p)], jr, pid_hash_sle);
                 job_assumes(jr, kevent_mod(jr->p, EVFILT_PROC, EV_ADD, proc_fflags, 0, root_jobmgr) != -1);
+
+                if (jp) {
+                        job_assumes(jr, mspolicy_copy(jr, jp));
+                }
+
                 if (shutdown_state && jm->hopefully_first_cnt == 0) {
-                        job_log(jr, LOG_APPLEONLY, "This process showed up to the party while all the guests were leaving. Odds are that it will have a miserable time. Blame PID %u: %s",
-                                kp.kp_eproc.e_ppid, ppid_kp.kp_proc.p_comm);
-                }
-                job_log(jr, LOG_DEBUG, "Created anonymously by PPID %u: %s", kp.kp_eproc.e_ppid, ppid_kp.kp_proc.p_comm);
+                        job_log(jr, LOG_APPLEONLY, "This process showed up to the party while all the guests were leaving. Odds are that it will have a miserable time.");
+                }
+
+                job_log(jr, LOG_DEBUG, "Created anonymously by PPID %u%s%s", kp.kp_eproc.e_ppid, jp ? ": " : "", jp ? jp->label : "");
         }
 
@@ -5573 +5589 @@
                 job_log(j, LOG_DEBUG, "Setting policy on job \"%s\" for Mach service: %s", target_j->label, target_service);
                 if (target_service[0]) {
-                        job_assumes(j, mspolicy_new(target_j, target_service, flags & BOOTSTRAP_ALLOW_LOOKUP, flags & BOOTSTRAP_PER_PID_SERVICE));
+                        job_assumes(j, mspolicy_new(target_j, target_service, flags & BOOTSTRAP_ALLOW_LOOKUP, flags & BOOTSTRAP_PER_PID_SERVICE, false));
                 } else {
                         target_j->deny_unknown_mslookups = !(flags & BOOTSTRAP_ALLOW_LOOKUP);
@@ -5710 +5726 @@
 
 bool
-mspolicy_new(job_t j, const char *name, bool allow, bool pid_local)
+mspolicy_copy(job_t j_to, job_t j_from)
 {
         struct mspolicy *msp;
 
-        SLIST_FOREACH(msp, &j->mspolicies, sle) {
+        SLIST_FOREACH(msp, &j_from->mspolicies, sle) {
+                if (!mspolicy_new(j_to, msp->name, msp->allow, msp->per_pid, true)) {
+                        return false;
+                }
+        }
+
+        return true;
+}
+
+bool
+mspolicy_new(job_t j, const char *name, bool allow, bool pid_local, bool skip_check)
+{
+        struct mspolicy *msp;
+
+        if (!skip_check) SLIST_FOREACH(msp, &j->mspolicies, sle) {
                 if (msp->per_pid != pid_local) {
                         continue;
@@ -5728 +5758 @@
         strcpy((char *)msp->name, name);
         msp->per_pid = pid_local;
+        msp->allow = allow;
 
         SLIST_INSERT_HEAD(&j->mspolicies, msp, sle);
@@ -5744 +5775 @@
         }
 
-        job_assumes(j, mspolicy_new(j, key, launch_data_get_bool(obj), false));
+        job_assumes(j, mspolicy_new(j, key, launch_data_get_bool(obj), false, false));
 }