1 /*
2 * Copyright (c) 2006-2012 Apple Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * [SPN] Support for _POSIX_SPAWN
26 */
27
28 #define CONFIG_MEMORYSTATUS 1 // <rdar://problem/13604997>
29 #include <sys/types.h> /* for user_size_t */
30 #include <spawn.h>
31 #include <spawn_private.h>
32 #include <sys/spawn_internal.h>
33 #include <sys/process_policy.h>
34 #include <stdlib.h>
35 #include <errno.h>
36 #include <limits.h> /* for OPEN_MAX, PATH_MAX */
37 #include <string.h>
38 #include <strings.h>
39 #include <mach/port.h>
40 #include <mach/mach_param.h> /* for TASK_PORT_REGISTER_MAX */
41 #include <mach/exception_types.h>
42 #include <mach/coalition.h> /* for COALITION_TYPE_MAX */
43 #include <sys/kern_memorystatus.h>
44
45 /*
46 * Actual syscall wrappers.
47 */
48 extern int __posix_spawn(pid_t * __restrict, const char * __restrict,
49 struct _posix_spawn_args_desc *, char *const argv[__restrict],
50 char *const envp[__restrict]);
51 extern int __execve(const char *fname, char * const *argp, char * const *envp);
52
53 /*
54 * Function pointers that are NULL in Libsyscall_static, and get populated with
55 * the real implementations in Libsyscall_dynamic from _libkernel_init.c when
56 * os_feature_enabled(Libsystem, posix_spawn_filtering) is on.
57 *
58 * Since launchd cannot read feature flags during process startup (data volume
59 * is not mounted yet), it reads them later and sets these function pointers via
60 * Libsystem and __libkernel_init_after_boot_tasks.
61 *
62 * Usually NULL. Always NULL on customer installs.
63 */
64 __attribute__((visibility("hidden")))
65 bool (*posix_spawn_with_filter)(pid_t *pid, const char *fname,
66 char * const *argp, char * const *envp, struct _posix_spawn_args_desc *adp,
67 int *ret);
68
69 __attribute__((visibility("hidden")))
70 int (*execve_with_filter)(const char *fname, char * const *argp,
71 char * const *envp);
72
73 __attribute__((visibility("hidden")))
74 void
__posix_spawnattr_init(struct _posix_spawnattr * psattrp)75 __posix_spawnattr_init(struct _posix_spawnattr *psattrp)
76 {
77 /*
78 * The default value of this attribute shall be as if no
79 * flags were set
80 */
81 psattrp->psa_flags = 0;
82
83 /*
84 * The default value of this attribute shall be an empty
85 * signal set
86 */
87 psattrp->psa_sigdefault = 0;
88
89 /* The default value of this attribute is unspecified */
90 psattrp->psa_sigmask = 0;
91
92 /* The default value of this attribute shall be zero */
93 psattrp->psa_pgroup = 0; /* doesn't matter */
94
95 /* Default is no binary preferences, i.e. use normal grading */
96 memset(psattrp->psa_binprefs, 0,
97 sizeof(psattrp->psa_binprefs));
98 memset(psattrp->psa_subcpuprefs, 0xff /* CPU_SUBTYPE_ANY */,
99 sizeof(psattrp->psa_subcpuprefs));
100
101 /* Default is no port actions to take */
102 psattrp->psa_ports = NULL;
103
104 /*
105 * The default value of this attribute shall be an no
106 * process control on resource starvation
107 */
108 psattrp->psa_pcontrol = 0;
109
110 /*
111 * Initializing the alignment paddings.
112 */
113
114 psattrp->short_padding = 0;
115 psattrp->flags_padding = 0;
116
117 /* Default is no new apptype requested */
118 psattrp->psa_apptype = POSIX_SPAWN_PROCESS_TYPE_DEFAULT;
119
120 /* Jetsam related */
121 psattrp->psa_jetsam_flags = 0;
122 psattrp->psa_priority = -1;
123 psattrp->psa_memlimit_active = -1;
124 psattrp->psa_memlimit_inactive = -1;
125
126 /* Default is no thread limit */
127 psattrp->psa_thread_limit = 0;
128
129 /* Default is no CPU usage monitor active. */
130 psattrp->psa_cpumonitor_percent = 0;
131 psattrp->psa_cpumonitor_interval = 0;
132
133 /* Default is no MAC policy extensions. */
134 psattrp->psa_mac_extensions = NULL;
135
136 /* Default is to inherit parent's coalition(s) */
137 psattrp->psa_coalition_info = NULL;
138
139 psattrp->psa_persona_info = NULL;
140
141 psattrp->psa_posix_cred_info = NULL;
142
143 /*
144 * old coalition field
145 * For backwards compatibility reasons, we set this to 1
146 * which is the first valid coalition id. This will allow
147 * newer user space code to properly spawn processes on
148 * older kernels
149 * (they will just all end up in the same coalition).
150 */
151 psattrp->psa_reserved = 1;
152
153 /* Default is no new clamp */
154 psattrp->psa_qos_clamp = POSIX_SPAWN_PROC_CLAMP_NONE;
155
156 /* Default is no change to role */
157 psattrp->psa_darwin_role = POSIX_SPAWN_DARWIN_ROLE_NONE;
158
159 psattrp->psa_max_addr = 0;
160
161 psattrp->psa_no_smt = false;
162 psattrp->psa_tecs = false;
163
164 psattrp->psa_crash_count = 0;
165 psattrp->psa_throttle_timeout = 0;
166
167 /* Default is no subsystem root path */
168 psattrp->psa_subsystem_root_path = NULL;
169
170 /* Default is no platform given */
171 psattrp->psa_platform = 0;
172
173 /* Default is no option */
174 psattrp->psa_options = PSA_OPTION_NONE;
175
176 /* Default is no port limit */
177 psattrp->psa_port_soft_limit = 0;
178 psattrp->psa_port_hard_limit = 0;
179
180 /* Default is no file descriptor limit */
181 psattrp->psa_filedesc_soft_limit = 0;
182 psattrp->psa_filedesc_hard_limit = 0;
183
184 psattrp->psa_crash_behavior = 0;
185 psattrp->psa_crash_behavior_deadline = 0;
186 psattrp->psa_launch_type = 0;
187 psattrp->psa_dataless_iopolicy = 0;
188 }
189
190 /*
191 * posix_spawnattr_init
192 *
193 * Description: Initialize a spawn attributes object attr with default values
194 *
195 * Parameters: attr The spawn attributes object to be
196 * initialized
197 *
198 * Returns: 0 Success
199 * ENOMEM Insufficient memory exists to
200 * initialize the spawn attributes object.
201 *
202 * Note: As an implementation detail, the externally visibily type
203 * posix_spawnattr_t is defined to be a void *, and initialization
204 * involves allocation of a memory object. Subsequent changes to
205 * the spawn attributes may result in reallocation under the
206 * covers.
207 *
208 * Reinitialization of an already initialized spawn attributes
209 * object will result in memory being leaked. Because spawn
210 * attributes are not required to be used in conjunction with a
211 * static initializer, there is no way to distinguish a spawn
212 * attribute with stack garbage from one that's been initialized.
213 * This is arguably an API design error.
214 */
215 int
posix_spawnattr_init(posix_spawnattr_t * attr)216 posix_spawnattr_init(posix_spawnattr_t *attr)
217 {
218 _posix_spawnattr_t *psattrp = (_posix_spawnattr_t *)attr;
219 int err = 0;
220
221 if ((*psattrp = (_posix_spawnattr_t)malloc(sizeof(struct _posix_spawnattr))) == NULL) {
222 err = ENOMEM;
223 } else {
224 __posix_spawnattr_init(*psattrp);
225 }
226
227 return err;
228 }
229
230
231 /*
232 * posix_spawnattr_destroy
233 *
234 * Description: Destroy a spawn attributes object that was previously
235 * initialized via posix_spawnattr_init() by freeing any
236 * memory associated with it and setting it to an invalid value.
237 *
238 * Parameters: attr The spawn attributes object to be
239 * destroyed.
240 *
241 * Returns: 0 Success
242 *
243 * Notes: The destroyed spawn attribute results in the void * pointer
244 * being set to NULL; subsequent use without reinitialization
245 * will result in explicit program failure (rather than merely
246 * "undefined behaviour").
247 *
248 * NOTIMP: Allowed failures (checking NOT required):
249 * EINVAL The value specified by attr is invalid.
250 */
251 static int posix_spawn_destroyportactions_np(posix_spawnattr_t *);
252 static int posix_spawn_destroycoalition_info_np(posix_spawnattr_t *);
253 static int posix_spawn_destroypersona_info_np(posix_spawnattr_t *);
254 static int posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t *);
255 static int posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t *);
256 static int posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t *);
257
258 int
posix_spawnattr_destroy(posix_spawnattr_t * attr)259 posix_spawnattr_destroy(posix_spawnattr_t *attr)
260 {
261 _posix_spawnattr_t psattr;
262
263 if (attr == NULL || *attr == NULL) {
264 return EINVAL;
265 }
266
267 psattr = *(_posix_spawnattr_t *)attr;
268 posix_spawn_destroyportactions_np(attr);
269 posix_spawn_destroycoalition_info_np(attr);
270 posix_spawn_destroypersona_info_np(attr);
271 posix_spawn_destroyposix_cred_info_np(attr);
272 posix_spawn_destroymacpolicy_info_np(attr);
273 posix_spawn_destroysubsystem_root_path_np(attr);
274
275 free(psattr);
276 *attr = NULL;
277
278 return 0;
279 }
280
281
282 /*
283 * posix_spawnattr_setflags
284 *
285 * Description: Set the spawn flags attribute for the spawn attribute object
286 * referred to by 'attr'.
287 *
288 * Parameters: attr The spawn attributes object whose flags
289 * are to be set
290 * flags The flags value to set
291 *
292 * Returns: 0 Success
293 *
294 * NOTIMP: Allowed failures (checking NOT required):
295 * EINVAL The value specified by attr is invalid.
296 * EINVAL The value of the attribute being set is not valid.
297 */
298 int
posix_spawnattr_setflags(posix_spawnattr_t * attr,short flags)299 posix_spawnattr_setflags(posix_spawnattr_t *attr, short flags)
300 {
301 _posix_spawnattr_t psattr;
302
303 if (attr == NULL || *attr == NULL) {
304 return EINVAL;
305 }
306
307 psattr = *(_posix_spawnattr_t *)attr;
308 psattr->psa_flags = flags;
309
310 return 0;
311 }
312
313
314 /*
315 * posix_spawnattr_getflags
316 *
317 * Description: Retrieve the spawn attributes flag for the spawn attributes
318 * object referenced by 'attr' and place them in the memory
319 * location referenced by 'flagsp'
320 *
321 * Parameters: attr The spawn attributes object whose flags
322 * are to be retrieved
323 * flagsp A pointer to a short value to receive
324 * the flags
325 *
326 * Returns: 0 Success
327 *
328 * Implicit Returns:
329 * *flagps (modified) The flags value from the spawn
330 * attributes object
331 *
332 * NOTIMP: Allowed failures (checking NOT required):
333 * EINVAL The value specified by attr is invalid.
334 * EINVAL The value of the attribute being set is not valid.
335 */
336 int
posix_spawnattr_getflags(const posix_spawnattr_t * __restrict attr,short * __restrict flagsp)337 posix_spawnattr_getflags(const posix_spawnattr_t * __restrict attr,
338 short * __restrict flagsp)
339 {
340 _posix_spawnattr_t psattr;
341
342 if (attr == NULL || *attr == NULL) {
343 return EINVAL;
344 }
345
346 psattr = *(_posix_spawnattr_t *)attr;
347 *flagsp = psattr->psa_flags;
348
349 return 0;
350 }
351
352
353 /*
354 * posix_spawnattr_getsigdefault
355 *
356 * Description: Retrieve the set of signals to be set to default according to
357 * the spawn attribute value referenced by 'attr' and place the
358 * result into the memory containing the sigset_t referenced by
359 * 'sigdefault'
360 *
361 * Parameters: attr The spawn attributes object whose
362 * signal set for default signals is to
363 * be retrieved
364 * sigdefault A pointer to the sigset_t to receive
365 * the signal set
366 *
367 * Returns: 0 Success
368 *
369 * Implicit Returns:
370 * *sigdefault (modified) The signal set of signals to default
371 * from the spawn attributes object
372 */
373 int
posix_spawnattr_getsigdefault(const posix_spawnattr_t * __restrict attr,sigset_t * __restrict sigdefault)374 posix_spawnattr_getsigdefault(const posix_spawnattr_t * __restrict attr,
375 sigset_t * __restrict sigdefault)
376 {
377 _posix_spawnattr_t psattr;
378
379 if (attr == NULL || *attr == NULL) {
380 return EINVAL;
381 }
382
383 psattr = *(_posix_spawnattr_t *)attr;
384 *sigdefault = psattr->psa_sigdefault;
385
386 return 0;
387 }
388
389
390 /*
391 * posix_spawnattr_getpgroup
392 *
393 * Description: Obtain the value of the spawn process group attribute from the
394 * spawn attributes object referenced by 'attr' and place the
395 * results in the memory location referenced by 'pgroup'
396 *
397 * Parameters: attr The spawn attributes object whose
398 * process group information is to be
399 * retrieved
400 * pgroup A pointer to the pid_t to receive the
401 * process group
402 *
403 * Returns: 0 Success
404 *
405 * Implicit Returns:
406 * *pgroup (modified) The process group information from the
407 * spawn attributes object
408 */
409 int
posix_spawnattr_getpgroup(const posix_spawnattr_t * __restrict attr,pid_t * __restrict pgroup)410 posix_spawnattr_getpgroup(const posix_spawnattr_t * __restrict attr,
411 pid_t * __restrict pgroup)
412 {
413 _posix_spawnattr_t psattr;
414
415 if (attr == NULL || *attr == NULL) {
416 return EINVAL;
417 }
418
419 psattr = *(_posix_spawnattr_t *)attr;
420 *pgroup = psattr->psa_pgroup;
421
422 return 0;
423 }
424
425
426 /*
427 * posix_spawnattr_getsigmask
428 *
429 * Description: Obtain the value of the spawn signal mask attribute from the
430 * spawn attributes object referenced by 'attr' and place the
431 * result into the memory containing the sigset_t referenced by
432 * 'sigmask'
433 *
434 * Parameters: attr The spawn attributes object whose
435 * signal set for masked signals is to
436 * be retrieved
437 * sigmask A pointer to the sigset_t to receive
438 * the signal set
439 *
440 * Returns: 0 Success
441 *
442 * Implicit Returns:
443 * *sigmask (modified) The signal set of signals to mask
444 * from the spawn attributes object
445 */
446 int
posix_spawnattr_getsigmask(const posix_spawnattr_t * __restrict attr,sigset_t * __restrict sigmask)447 posix_spawnattr_getsigmask(const posix_spawnattr_t * __restrict attr,
448 sigset_t * __restrict sigmask)
449 {
450 _posix_spawnattr_t psattr;
451
452 if (attr == NULL || *attr == NULL) {
453 return EINVAL;
454 }
455
456 psattr = *(_posix_spawnattr_t *)attr;
457 *sigmask = psattr->psa_sigmask;
458
459 return 0;
460 }
461
462 /*
463 * posix_spawnattr_getbinpref_np
464 *
465 * Description: Obtain the value of the spawn binary preferences attribute from
466 * the spawn attributes object referenced by 'attr' and place the
467 * result into the memory referenced by 'pref'.
468 *
469 * Parameters: attr The spawn attributes object whose
470 * binary preferences are to be retrieved
471 * count The size of the cpu_type_t array
472 * pref An array of cpu types
473 * ocount The actual number copied
474 *
475 * Returns: 0 No binary preferences found
476 * > 0 The number of cpu types (less than
477 * count) copied over from 'attr'.
478 *
479 * Implicit Returns:
480 * *pref (modified) The binary preferences array
481 * from the spawn attributes object
482 */
483 int
posix_spawnattr_getbinpref_np(const posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,size_t * __restrict ocount)484 posix_spawnattr_getbinpref_np(const posix_spawnattr_t * __restrict attr,
485 size_t count, cpu_type_t *pref, size_t * __restrict ocount)
486 {
487 _posix_spawnattr_t psattr;
488 int i = 0;
489
490 if (attr == NULL || *attr == NULL || pref == NULL) {
491 return EINVAL;
492 }
493
494 psattr = *(_posix_spawnattr_t *)attr;
495 for (i = 0; i < count && i < NBINPREFS; i++) {
496 pref[i] = psattr->psa_binprefs[i];
497 }
498
499 if (ocount) {
500 *ocount = i;
501 }
502 return 0;
503 }
504
505 /*
506 * posix_spawnattr_getarchpref_np
507 *
508 * Description: Obtain the value of the spawn binary preferences attribute from
509 * the spawn attributes object referenced by 'attr' and place the
510 * result into the memory referenced by 'pref' and 'subpref'.
511 *
512 * Parameters: attr The spawn attributes object whose
513 * binary preferences are to be retrieved
514 * count The size of the cpu_type_t array
515 * pref An array of cpu types
516 * subpref An array of subcpu types
517 * ocount The actual number copied
518 *
519 * Returns: 0 No cpu/subcpu preferences found
520 * > 0 The number of types (less than
521 * count) copied over from 'attr'.
522 *
523 * Implicit Returns:
524 * *pref (modified) The cpu preferences array
525 * from the spawn attributes object
526 * *subpref (modified) The subcpu preferences array
527 * from the spawn attributes object
528 */
529 int
posix_spawnattr_getarchpref_np(const posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,cpu_subtype_t * subpref,size_t * __restrict ocount)530 posix_spawnattr_getarchpref_np(const posix_spawnattr_t * __restrict attr,
531 size_t count, cpu_type_t *pref, cpu_subtype_t *subpref, size_t * __restrict ocount)
532 {
533 _posix_spawnattr_t psattr;
534 int i = 0;
535
536 if (attr == NULL || *attr == NULL || pref == NULL || subpref == NULL) {
537 return EINVAL;
538 }
539
540 psattr = *(_posix_spawnattr_t *)attr;
541 for (i = 0; i < count && i < NBINPREFS; i++) {
542 pref[i] = psattr->psa_binprefs[i];
543 subpref[i] = psattr->psa_subcpuprefs[i];
544 }
545
546 if (ocount) {
547 *ocount = i;
548 }
549 return 0;
550 }
551
552
553 /*
554 * posix_spawnattr_getpcontrol_np
555 *
556 * Description: Retrieve the process control property set default according to
557 * the spawn attribute value referenced by 'attr' and place the
558 * result into the memory containing the control referenced by
559 * 'pcontrol'
560 *
561 * Parameters: attr The spawn attributes object whose
562 * signal set for default signals is to
563 * be retrieved
564 * pcontrol A pointer to an int to receive
565 * the process control info
566 *
567 * Returns: 0 Success
568 *
569 * Implicit Returns:
570 * *pcontrol (modified) The signal set of signals to default
571 * from the spawn attributes object
572 */
573 int
posix_spawnattr_getpcontrol_np(const posix_spawnattr_t * __restrict attr,int * __restrict pcontrol)574 posix_spawnattr_getpcontrol_np(const posix_spawnattr_t * __restrict attr,
575 int * __restrict pcontrol)
576 {
577 _posix_spawnattr_t psattr;
578
579 if (attr == NULL || *attr == NULL) {
580 return EINVAL;
581 }
582
583 psattr = *(_posix_spawnattr_t *)attr;
584 *pcontrol = psattr->psa_pcontrol;
585
586 return 0;
587 }
588
589 /*
590 * posix_spawnattr_getprocesstype_np
591 *
592 * Description: Retrieve the process specific behaviors and app launch types
593 * spawn attribute value referenced by 'attr' and place the
594 * result into the memory containing the control referenced by
595 * 'proctype'
596 *
597 * Parameters: attr The spawn attributes object whose
598 * signal set for default signals is to
599 * be retrieved
600 * proctype A pointer to an int to receive
601 * the process type info
602 *
603 * Returns: 0 Success
604 *
605 * Implicit Returns:
606 * *proctype (modified) The process type set to value
607 * from the spawn attributes object
608 */
609 int
posix_spawnattr_getprocesstype_np(const posix_spawnattr_t * __restrict attr,int * __restrict proctype)610 posix_spawnattr_getprocesstype_np(const posix_spawnattr_t * __restrict attr,
611 int * __restrict proctype)
612 {
613 _posix_spawnattr_t psattr;
614
615 if (attr == NULL || *attr == NULL) {
616 return EINVAL;
617 }
618
619 psattr = *(_posix_spawnattr_t *)attr;
620 *proctype = psattr->psa_apptype;
621
622 return 0;
623 }
624 /*
625 * posix_spawnattr_setsigdefault
626 *
627 * Description: Set the set of signals to be set to default for the spawn
628 * attribute value referenced by 'attr' from the memory
629 * containing the sigset_t referenced by 'sigdefault'
630 *
631 * Parameters: attr The spawn attributes object whose
632 * signal set for default signals is to
633 * be set
634 * sigdefault A pointer to the sigset_t from which to
635 * obtain the signal set
636 *
637 * Returns: 0 Success
638 */
639 int
posix_spawnattr_setsigdefault(posix_spawnattr_t * __restrict attr,const sigset_t * __restrict sigdefault)640 posix_spawnattr_setsigdefault(posix_spawnattr_t * __restrict attr,
641 const sigset_t * __restrict sigdefault)
642 {
643 _posix_spawnattr_t psattr;
644
645 if (attr == NULL || *attr == NULL) {
646 return EINVAL;
647 }
648
649 psattr = *(_posix_spawnattr_t *)attr;
650 psattr->psa_sigdefault = *sigdefault;
651
652 return 0;
653 }
654
655
656 /*
657 * posix_spawnattr_setpgroup
658 *
659 * Description: Set the value of the spawn process group attribute for the
660 * spawn attributes object referenced by 'attr' from the value
661 * of 'pgroup'
662 *
663 * Parameters: attr The spawn attributes object for which
664 * the process group information is to be
665 * set
666 * pgroup The process group to set
667 *
668 * Returns: 0 Success
669 */
670 int
posix_spawnattr_setpgroup(posix_spawnattr_t * attr,pid_t pgroup)671 posix_spawnattr_setpgroup(posix_spawnattr_t * attr, pid_t pgroup)
672 {
673 _posix_spawnattr_t psattr;
674
675 if (attr == NULL || *attr == NULL) {
676 return EINVAL;
677 }
678
679 psattr = *(_posix_spawnattr_t *)attr;
680 psattr->psa_pgroup = pgroup;
681
682 return 0;
683 }
684
685
686 /*
687 * posix_spawnattr_setsigmask
688 *
689 * Description: Set the set of signals to be masked for the spawn attribute
690 * value referenced by 'attr' from the memory containing the
691 * sigset_t referenced by 'sigmask'
692 *
693 * Parameters: attr The spawn attributes object whose
694 * signal set for masked signals is to
695 * be set
696 * sigmask A pointer to the sigset_t from which to
697 * obtain the signal set
698 *
699 * Returns: 0 Success
700 */
701 int
posix_spawnattr_setsigmask(posix_spawnattr_t * __restrict attr,const sigset_t * __restrict sigmask)702 posix_spawnattr_setsigmask(posix_spawnattr_t * __restrict attr,
703 const sigset_t * __restrict sigmask)
704 {
705 _posix_spawnattr_t psattr;
706
707 if (attr == NULL || *attr == NULL) {
708 return EINVAL;
709 }
710
711 psattr = *(_posix_spawnattr_t *)attr;
712 psattr->psa_sigmask = *sigmask;
713
714 return 0;
715 }
716
717
718 /*
719 * posix_spawnattr_setbinpref_np
720 *
721 * Description: Set the universal binary preferences for the spawn attribute
722 * value referenced by 'attr' from the memory containing the
723 * cpu_type_t array referenced by 'pref', size of 'count'
724 *
725 * Parameters: attr The spawn attributes object whose
726 * binary preferences are to be set
727 * count Size of the array pointed to by 'pref'
728 * pref cpu_type_t array of binary preferences
729 * ocount The actual number copied
730 *
731 * Returns: 0 No preferences copied
732 * > 0 Number of preferences copied
733 *
734 * Note: The posix_spawnattr_t currently only holds four cpu_type_t's.
735 * If the caller provides more preferences than this limit, they
736 * will be ignored, as reflected in the return value.
737 */
738 int
posix_spawnattr_setbinpref_np(posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,size_t * __restrict ocount)739 posix_spawnattr_setbinpref_np(posix_spawnattr_t * __restrict attr,
740 size_t count, cpu_type_t *pref, size_t * __restrict ocount)
741 {
742 _posix_spawnattr_t psattr;
743 int i = 0;
744
745 if (attr == NULL || *attr == NULL || pref == NULL) {
746 return EINVAL;
747 }
748
749 psattr = *(_posix_spawnattr_t *)attr;
750 for (i = 0; i < count && i < NBINPREFS; i++) {
751 psattr->psa_binprefs[i] = pref[i];
752 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
753 }
754
755 /* return number of binprefs copied over */
756 if (ocount) {
757 *ocount = i;
758 }
759
760 for (; i < NBINPREFS; i++) {
761 psattr->psa_binprefs[i] = 0;
762 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
763 }
764
765 return 0;
766 }
767
768 /*
769 * posix_spawnattr_setarchpref_np
770 *
771 * Description: Set the universal binary preferences for the spawn attribute
772 * value referenced by 'attr' from the memory containing the
773 * cpu_type_t array referenced by 'pref', the cpu_subtype_t array
774 * referenced by 'subpref' and size of 'count'
775 *
776 * Parameters: attr The spawn attributes object whose
777 * binary preferences are to be set
778 * count Size of the array pointed to by 'pref'
779 * pref cpu_type_t array of cpu binary preferences
780 * subpref cpu_subtype_t array of subcpu binary preferences
781 * ocount The actual number copied
782 *
783 * Returns: 0 No preferences copied
784 * > 0 Number of preferences copied
785 *
786 * Note: The posix_spawnattr_t currently only holds four
787 * cpu_type_t/cpu_subtype_t pairs.
788 * If the caller provides more preferences than this limit, they
789 * will be ignored, as reflected in the return value.
790 */
791 int
posix_spawnattr_setarchpref_np(posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,cpu_subtype_t * subpref,size_t * __restrict ocount)792 posix_spawnattr_setarchpref_np(posix_spawnattr_t * __restrict attr,
793 size_t count, cpu_type_t *pref, cpu_subtype_t *subpref,
794 size_t * __restrict ocount)
795 {
796 _posix_spawnattr_t psattr;
797 int i = 0;
798
799 if (attr == NULL || *attr == NULL || pref == NULL || subpref == NULL) {
800 return EINVAL;
801 }
802
803 psattr = *(_posix_spawnattr_t *)attr;
804 for (i = 0; i < count && i < NBINPREFS; i++) {
805 psattr->psa_binprefs[i] = pref[i];
806 psattr->psa_subcpuprefs[i] = subpref[i];
807 }
808
809 /* return number of binprefs copied over */
810 if (ocount) {
811 *ocount = i;
812 }
813
814 for (; i < NBINPREFS; i++) {
815 psattr->psa_binprefs[i] = 0;
816 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
817 }
818
819 return 0;
820 }
821
822 /*
823 * posix_spawnattr_setpcontrol_np
824 *
825 * Description: Set the process control property according to
826 * attribute value referenced by 'attr' from the memory
827 * containing the int value 'pcontrol'
828 *
829 * Parameters: attr The spawn attributes object whose
830 * signal set for default signals is to
831 * be set
832 * pcontrol An int value of the process control info
833 *
834 * Returns: 0 Success
835 */
836 int
posix_spawnattr_setpcontrol_np(posix_spawnattr_t * __restrict attr,const int pcontrol)837 posix_spawnattr_setpcontrol_np(posix_spawnattr_t * __restrict attr,
838 const int pcontrol)
839 {
840 _posix_spawnattr_t psattr;
841
842 if (attr == NULL || *attr == NULL) {
843 return EINVAL;
844 }
845
846 psattr = *(_posix_spawnattr_t *)attr;
847 psattr->psa_pcontrol = pcontrol;
848
849 return 0;
850 }
851
852
853 /*
854 * posix_spawnattr_setprocesstype_np
855 *
856 * Description: Set the process specific behaviors and app launch type
857 * attribute value referenced by 'attr' from the memory
858 * containing the int value 'proctype'
859 *
860 * Parameters: attr The spawn attributes object whose
861 * signal set for default signals is to
862 * be set
863 * proctype An int value of the process type info
864 *
865 * Returns: 0 Success
866 */
867 int
posix_spawnattr_setprocesstype_np(posix_spawnattr_t * __restrict attr,const int proctype)868 posix_spawnattr_setprocesstype_np(posix_spawnattr_t * __restrict attr,
869 const int proctype)
870 {
871 _posix_spawnattr_t psattr;
872
873 if (attr == NULL || *attr == NULL) {
874 return EINVAL;
875 }
876
877 psattr = *(_posix_spawnattr_t *)attr;
878 psattr->psa_apptype = proctype;
879
880 return 0;
881 }
882
883
884 /*
885 * posix_spawnattr_setdataless_iopolicy_np
886 *
887 * Description: Set the process iopolicy to materialize dataless files
888 *
889 * Parameters: attr The spawn attributes object whose
890 * iopolicy to materialize dataless files
891 * is to be set
892 * policy io policy for dataless files
893 *
894 * Returns: 0 Success
895 * EINVAL Invalid Input
896 */
897 int
posix_spawnattr_setdataless_iopolicy_np(posix_spawnattr_t * __restrict attr,const int policy)898 posix_spawnattr_setdataless_iopolicy_np(posix_spawnattr_t * __restrict attr,
899 const int policy)
900 {
901 _posix_spawnattr_t psattr;
902
903 if (attr == NULL || *attr == NULL) {
904 return EINVAL;
905 }
906
907 psattr = *(_posix_spawnattr_t *)attr;
908 psattr->psa_options |= PSA_OPTION_DATALESS_IOPOLICY;
909 psattr->psa_dataless_iopolicy = policy;
910
911 return 0;
912 }
913
914
915 /*
916 * posix_spawn_createportactions_np
917 * Description: create a new posix_spawn_port_actions struct and link
918 * it into the posix_spawnattr.
919 */
920 static int
posix_spawn_createportactions_np(posix_spawnattr_t * attr)921 posix_spawn_createportactions_np(posix_spawnattr_t *attr)
922 {
923 _posix_spawnattr_t psattr;
924 _posix_spawn_port_actions_t acts;
925
926 if (attr == NULL || *attr == NULL) {
927 return EINVAL;
928 }
929
930 psattr = *(_posix_spawnattr_t *)attr;
931 acts = (_posix_spawn_port_actions_t)malloc(PS_PORT_ACTIONS_SIZE(2));
932 if (acts == NULL) {
933 return ENOMEM;
934 }
935
936 acts->pspa_alloc = 2;
937 acts->pspa_count = 0;
938
939 psattr->psa_ports = acts;
940 return 0;
941 }
942
943 /*
944 * posix_spawn_growportactions_np
945 * Description: Enlarge the size of portactions if necessary
946 */
947 static int
posix_spawn_growportactions_np(posix_spawnattr_t * attr)948 posix_spawn_growportactions_np(posix_spawnattr_t *attr)
949 {
950 _posix_spawnattr_t psattr;
951 _posix_spawn_port_actions_t acts;
952
953 if (attr == NULL || *attr == NULL) {
954 return EINVAL;
955 }
956
957 psattr = *(_posix_spawnattr_t *)attr;
958 acts = psattr->psa_ports;
959 if (acts == NULL) {
960 return EINVAL;
961 }
962
963 /* Double number of port actions allocated for */
964 int newnum = 0;
965 if (os_mul_overflow(acts->pspa_alloc, 2, &newnum)) {
966 return ENOMEM;
967 }
968 size_t newsize = PS_PORT_ACTIONS_SIZE(newnum);
969 if (newsize == 0) {
970 return ENOMEM;
971 }
972
973 acts = realloc(acts, newsize);
974 if (acts == NULL) {
975 return ENOMEM;
976 }
977
978 acts->pspa_alloc = newnum;
979 psattr->psa_ports = acts;
980 return 0;
981 }
982
983 /*
984 * posix_spawn_destroyportactions_np
985 * Description: clean up portactions struct in posix_spawnattr_t attr
986 */
987 static int
posix_spawn_destroyportactions_np(posix_spawnattr_t * attr)988 posix_spawn_destroyportactions_np(posix_spawnattr_t *attr)
989 {
990 _posix_spawnattr_t psattr;
991 _posix_spawn_port_actions_t acts;
992
993 if (attr == NULL || *attr == NULL) {
994 return EINVAL;
995 }
996
997 psattr = *(_posix_spawnattr_t *)attr;
998 acts = psattr->psa_ports;
999 if (acts == NULL) {
1000 return EINVAL;
1001 }
1002
1003 free(acts);
1004 return 0;
1005 }
1006
1007 /*
1008 * posix_spawn_destroycoalition_info_np
1009 * Description: clean up coalition_info struct in posix_spawnattr_t attr
1010 */
1011 static int
posix_spawn_destroycoalition_info_np(posix_spawnattr_t * attr)1012 posix_spawn_destroycoalition_info_np(posix_spawnattr_t *attr)
1013 {
1014 _posix_spawnattr_t psattr;
1015 struct _posix_spawn_coalition_info *coal_info;
1016
1017 if (attr == NULL || *attr == NULL) {
1018 return EINVAL;
1019 }
1020
1021 psattr = *(_posix_spawnattr_t *)attr;
1022 coal_info = psattr->psa_coalition_info;
1023 if (coal_info == NULL) {
1024 return EINVAL;
1025 }
1026
1027 psattr->psa_coalition_info = NULL;
1028 free(coal_info);
1029 return 0;
1030 }
1031
1032 /*
1033 * posix_spawn_destroypersona_info_np
1034 * Description: clean up persona_info struct in posix_spawnattr_t attr
1035 */
1036 static int
posix_spawn_destroypersona_info_np(posix_spawnattr_t * attr)1037 posix_spawn_destroypersona_info_np(posix_spawnattr_t *attr)
1038 {
1039 _posix_spawnattr_t psattr;
1040 struct _posix_spawn_persona_info *persona;
1041
1042 if (attr == NULL || *attr == NULL) {
1043 return EINVAL;
1044 }
1045
1046 psattr = *(_posix_spawnattr_t *)attr;
1047 persona = psattr->psa_persona_info;
1048 if (persona == NULL) {
1049 return EINVAL;
1050 }
1051
1052 psattr->psa_persona_info = NULL;
1053 free(persona);
1054 return 0;
1055 }
1056
1057 /*
1058 * posix_spawn_destroyposix_cred_info_np
1059 * Description: clean up posix_cred_info struct in posix_spawnattr_t attr
1060 */
1061 static int
posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t * attr)1062 posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t *attr)
1063 {
1064 _posix_spawnattr_t psattr;
1065 struct _posix_spawn_posix_cred_info *pspci;
1066
1067 if (attr == NULL || *attr == NULL) {
1068 return EINVAL;
1069 }
1070
1071 psattr = *(_posix_spawnattr_t *)attr;
1072 pspci = psattr->psa_posix_cred_info;
1073 if (pspci == NULL) {
1074 return EINVAL;
1075 }
1076
1077 psattr->psa_posix_cred_info = NULL;
1078 free(pspci);
1079 return 0;
1080 }
1081
1082 /*
1083 * posix_spawn_set_subsystem_root_path
1084 * Description: Set path as the subsystem root path for attr; clears if NULL
1085 */
1086 int
posix_spawnattr_set_subsystem_root_path_np(posix_spawnattr_t * attr,char * path)1087 posix_spawnattr_set_subsystem_root_path_np(posix_spawnattr_t *attr, char *path)
1088 {
1089 _posix_spawnattr_t psattr;
1090 char * buf = NULL;
1091 char * old_buf;
1092 size_t bytes;
1093
1094 if (attr == NULL || *attr == NULL) {
1095 return EINVAL;
1096 }
1097
1098 psattr = *(_posix_spawnattr_t *)attr;
1099
1100 if (path) {
1101 buf = malloc(MAXPATHLEN);
1102
1103 if (buf == NULL) {
1104 return ENOMEM;
1105 }
1106
1107 bytes = strlcpy(buf, path, MAXPATHLEN);
1108
1109 if (bytes >= MAXPATHLEN) {
1110 free(buf);
1111 return ENAMETOOLONG;
1112 }
1113 }
1114
1115 old_buf = psattr->psa_subsystem_root_path;
1116 psattr->psa_subsystem_root_path = buf;
1117
1118 free(old_buf);
1119
1120 return 0;
1121 }
1122
1123 /*
1124 * posix_spawn_destroy_subsystem_root_path_np
1125 * Description: clean up subsystem_root_path string in posix_spawnattr_t attr
1126 */
1127 static int
posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t * attr)1128 posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t *attr)
1129 {
1130 _posix_spawnattr_t psattr;
1131 char * subsystem_root_path;
1132
1133 if (attr == NULL || *attr == NULL) {
1134 return EINVAL;
1135 }
1136
1137 psattr = *(_posix_spawnattr_t *)attr;
1138 subsystem_root_path = psattr->psa_subsystem_root_path;
1139
1140 if (subsystem_root_path == NULL) {
1141 return EINVAL;
1142 }
1143
1144 psattr->psa_subsystem_root_path = NULL;
1145 free(subsystem_root_path);
1146 return 0;
1147 }
1148
1149 /*
1150 * posix_spawnattr_set_platform_np
1151 * Description: sets the platform in posix_spawnattr_t attr
1152 *
1153 * To be implemented.
1154 */
1155 int
posix_spawnattr_set_platform_np(posix_spawnattr_t * attr,int platform,uint32_t flags)1156 posix_spawnattr_set_platform_np(posix_spawnattr_t *attr, int platform, uint32_t flags)
1157 {
1158 _posix_spawnattr_t psattr;
1159
1160 if (attr == NULL || *attr == NULL) {
1161 return EINVAL;
1162 }
1163
1164 psattr = *(_posix_spawnattr_t *)attr;
1165 psattr->psa_platform = platform;
1166
1167 (void)flags;
1168 return 0;
1169 }
1170
1171 /*
1172 * posix_spawnattr_disable_ptr_auth_a_keys_np
1173 * Description: Set flag to disable A keys for Ptr Auth
1174 */
1175 int
posix_spawnattr_disable_ptr_auth_a_keys_np(posix_spawnattr_t * attr,uint32_t flags)1176 posix_spawnattr_disable_ptr_auth_a_keys_np(posix_spawnattr_t *attr, uint32_t flags)
1177 {
1178 _posix_spawnattr_t psattr;
1179
1180 if (attr == NULL || *attr == NULL) {
1181 return EINVAL;
1182 }
1183
1184 psattr = *(_posix_spawnattr_t *)attr;
1185
1186 psattr->psa_options |= PSA_OPTION_PLUGIN_HOST_DISABLE_A_KEYS;
1187 (void)flags;
1188 return 0;
1189 }
1190
1191 /*
1192 * posix_spawnattr_set_alt_rosetta_np
1193 * Description: Set flag to use alternative Rosetta runtime
1194 */
1195 int
posix_spawnattr_set_alt_rosetta_np(posix_spawnattr_t * attr,uint32_t flags)1196 posix_spawnattr_set_alt_rosetta_np(posix_spawnattr_t *attr, uint32_t flags)
1197 {
1198 _posix_spawnattr_t psattr;
1199
1200 if (attr == NULL || *attr == NULL) {
1201 return EINVAL;
1202 }
1203
1204 psattr = *(_posix_spawnattr_t *)attr;
1205
1206 psattr->psa_options |= PSA_OPTION_ALT_ROSETTA;
1207 (void)flags;
1208 return 0;
1209 }
1210
1211 /*
1212 * posix_spawnattr_set_crash_behavior_np
1213 * Description: Set flags to control behavior of the process on crash
1214 */
1215 int
posix_spawnattr_set_crash_behavior_np(posix_spawnattr_t * attr,uint32_t flags)1216 posix_spawnattr_set_crash_behavior_np(posix_spawnattr_t *attr, uint32_t flags)
1217 {
1218 _posix_spawnattr_t psattr;
1219
1220 if (attr == NULL || *attr == NULL) {
1221 return EINVAL;
1222 }
1223
1224 psattr = *(_posix_spawnattr_t *)attr;
1225
1226 psattr->psa_crash_behavior = flags;
1227 return 0;
1228 }
1229
1230 /*
1231 * posix_spawnattr_set_crash_behavior_deadline_np
1232 * Description: Set mach_continuous_time deadline for crash_behavior to panic
1233 * A deadline of 0 indicates no deadline
1234 * A non-zero deadline indicates that the crash behavior mode will be valid
1235 * until the deadline. After the deadline the crash behavior field will
1236 * be ignored.
1237 */
1238 int
posix_spawnattr_set_crash_behavior_deadline_np(posix_spawnattr_t * attr,uint64_t deadline,uint32_t flags)1239 posix_spawnattr_set_crash_behavior_deadline_np(posix_spawnattr_t *attr, uint64_t deadline, uint32_t flags)
1240 {
1241 _posix_spawnattr_t psattr;
1242
1243 if (attr == NULL || *attr == NULL) {
1244 return EINVAL;
1245 }
1246
1247 psattr = *(_posix_spawnattr_t *)attr;
1248
1249 psattr->psa_crash_behavior_deadline = deadline;
1250 (void)flags;
1251 return 0;
1252 }
1253
1254 /*
1255 * posix_spawnattr_set_crash_count_np
1256 *
1257 * Description: Set the process crash count and throttle timeout for
1258 * exponential backoff.
1259 *
1260 * Parameters: attr The spawn attributes object for the
1261 * new process
1262 * crash_count Consecutive crash count
1263 * timeout Exponential throttling timeout
1264 *
1265 * Returns: 0 Success
1266 * EINVAL Invalid Input
1267 */
1268 int
posix_spawnattr_set_crash_count_np(posix_spawnattr_t * __restrict attr,uint32_t crash_count,uint32_t timeout)1269 posix_spawnattr_set_crash_count_np(posix_spawnattr_t * __restrict attr,
1270 uint32_t crash_count, uint32_t timeout)
1271 {
1272 _posix_spawnattr_t psattr;
1273
1274 if (attr == NULL || *attr == NULL) {
1275 return EINVAL;
1276 }
1277
1278 psattr = *(_posix_spawnattr_t *)attr;
1279 psattr->psa_crash_count = crash_count;
1280 psattr->psa_throttle_timeout = timeout;
1281
1282 return 0;
1283 }
1284
1285 /*
1286 * posix_spawn_appendportaction_np
1287 * Description: append a port action, grow the array if necessary
1288 */
1289 static int
posix_spawn_appendportaction_np(posix_spawnattr_t * attr,_ps_port_action_t * act)1290 posix_spawn_appendportaction_np(posix_spawnattr_t *attr, _ps_port_action_t *act)
1291 {
1292 _posix_spawnattr_t psattr;
1293 _posix_spawn_port_actions_t acts;
1294
1295 if (attr == NULL || *attr == NULL || act == NULL) {
1296 return EINVAL;
1297 }
1298
1299 psattr = *(_posix_spawnattr_t *)attr;
1300 acts = psattr->psa_ports;
1301
1302 // Have any port actions been created yet?
1303 if (acts == NULL) {
1304 int err = posix_spawn_createportactions_np(attr);
1305 if (err) {
1306 return err;
1307 }
1308 acts = psattr->psa_ports;
1309 }
1310
1311 // Is there enough room?
1312 if (acts->pspa_alloc == acts->pspa_count) {
1313 int err = posix_spawn_growportactions_np(attr);
1314 if (err) {
1315 return err;
1316 }
1317 acts = psattr->psa_ports;
1318 }
1319
1320 // Add this action to next spot in array
1321 acts->pspa_actions[acts->pspa_count] = *act;
1322 acts->pspa_count++;
1323
1324 return 0;
1325 }
1326
1327 /*
1328 * posix_spawnattr_setspecialport_np
1329 *
1330 * Description: Set a new value for a mach special port in the spawned task.
1331 *
1332 * Parameters: attr The spawn attributes object for the
1333 * new process
1334 * new_port The new value for the special port
1335 * which The particular port to be set
1336 * (see task_set_special_port for details)
1337 *
1338 * Returns: 0 Success
1339 * ENOMEM Couldn't allocate memory
1340 */
1341 int
posix_spawnattr_setspecialport_np(posix_spawnattr_t * attr,mach_port_t new_port,int which)1342 posix_spawnattr_setspecialport_np(
1343 posix_spawnattr_t *attr,
1344 mach_port_t new_port,
1345 int which)
1346 {
1347 _ps_port_action_t action = {
1348 .port_type = PSPA_SPECIAL,
1349 .new_port = new_port,
1350 .which = which,
1351 };
1352 return posix_spawn_appendportaction_np(attr, &action);
1353 }
1354
1355 /*
1356 * posix_spawnattr_setexceptionports_np
1357 *
1358 * Description: Set a new port for a set of exception ports in the spawned task.
1359 *
1360 * Parameters: attr The spawn attributes object for the
1361 * new process
1362 * mask A bitfield indicating which exceptions
1363 * to associate the port with
1364 * new_port The new value for the exception port
1365 * behavior The default behavior for the port
1366 * flavor The default flavor for the port
1367 * (see task_set_exception_ports)
1368 *
1369 * Returns: 0 Success
1370 */
1371 int
posix_spawnattr_setexceptionports_np(posix_spawnattr_t * attr,exception_mask_t mask,mach_port_t new_port,exception_behavior_t behavior,thread_state_flavor_t flavor)1372 posix_spawnattr_setexceptionports_np(
1373 posix_spawnattr_t *attr,
1374 exception_mask_t mask,
1375 mach_port_t new_port,
1376 exception_behavior_t behavior,
1377 thread_state_flavor_t flavor)
1378 {
1379 _ps_port_action_t action = {
1380 .port_type = PSPA_EXCEPTION,
1381 .mask = mask,
1382 .new_port = new_port,
1383 .behavior = behavior,
1384 .flavor = flavor,
1385 };
1386 return posix_spawn_appendportaction_np(attr, &action);
1387 }
1388
1389 /*
1390 * posix_spawnattr_setauditsessionport_np
1391 *
1392 * Description: Set the audit session port rights attribute in the spawned task.
1393 * This is used to securely set the audit session information for
1394 * the new task.
1395 *
1396 * Parameters: attr The spawn attributes object for the
1397 * new process
1398 * au_sessionport The audit session send port right
1399 *
1400 * Returns: 0 Success
1401 */
1402 int
posix_spawnattr_setauditsessionport_np(posix_spawnattr_t * attr,mach_port_t au_sessionport)1403 posix_spawnattr_setauditsessionport_np(
1404 posix_spawnattr_t *attr,
1405 mach_port_t au_sessionport)
1406 {
1407 _ps_port_action_t action = {
1408 .port_type = PSPA_AU_SESSION,
1409 .new_port = au_sessionport,
1410 };
1411 return posix_spawn_appendportaction_np(attr, &action);
1412 }
1413
1414
1415 /*
1416 * posix_spawn_file_actions_init
1417 *
1418 * Description: Initialize a spawn file actions object attr with default values
1419 *
1420 * Parameters: file_actions The spawn file actions object to be
1421 * initialized
1422 *
1423 * Returns: 0 Success
1424 * ENOMEM Insufficient memory exists to
1425 * initialize the spawn file actions
1426 * object.
1427 *
1428 * Note: As an implementation detail, the externally visibily type
1429 * posix_spawn_file_actions_t is defined to be a void *, and
1430 * initialization involves allocation of a memory object.
1431 * Subsequent changes to the spawn file actions may result in
1432 * reallocation under the covers.
1433 *
1434 * Reinitialization of an already initialized spawn file actions
1435 * object will result in memory being leaked. Because spawn
1436 * file actions are not required to be used in conjunction with a
1437 * static initializer, there is no way to distinguish a spawn
1438 * file actions with stack garbage from one that's been
1439 * initialized. This is arguably an API design error.
1440 */
1441 int
posix_spawn_file_actions_init(posix_spawn_file_actions_t * file_actions)1442 posix_spawn_file_actions_init(posix_spawn_file_actions_t *file_actions)
1443 {
1444 _posix_spawn_file_actions_t *psactsp = (_posix_spawn_file_actions_t *)file_actions;
1445 int err = 0;
1446
1447 if ((*psactsp = (_posix_spawn_file_actions_t)malloc(PSF_ACTIONS_SIZE(PSF_ACTIONS_INIT_COUNT))) == NULL) {
1448 err = ENOMEM;
1449 } else {
1450 (*psactsp)->psfa_act_alloc = PSF_ACTIONS_INIT_COUNT;
1451 (*psactsp)->psfa_act_count = 0;
1452 }
1453
1454 return err;
1455 }
1456
1457
1458 /*
1459 * posix_spawn_file_actions_destroy
1460 *
1461 * Description: Destroy a spawn file actions object that was previously
1462 * initialized via posix_spawn_file_actions_init() by freeing any
1463 * memory associated with it and setting it to an invalid value.
1464 *
1465 * Parameters: attr The spawn file actions object to be
1466 * destroyed.
1467 *
1468 * Returns: 0 Success
1469 *
1470 * Notes: The destroyed spawn file actions results in the void * pointer
1471 * being set to NULL; subsequent use without reinitialization
1472 * will result in explicit program failure (rather than merely
1473 * "undefined behaviour").
1474 *
1475 * NOTIMP: Allowed failures (checking NOT required):
1476 * EINVAL The value specified by file_actions is invalid.
1477 */
1478 int
posix_spawn_file_actions_destroy(posix_spawn_file_actions_t * file_actions)1479 posix_spawn_file_actions_destroy(posix_spawn_file_actions_t *file_actions)
1480 {
1481 _posix_spawn_file_actions_t psacts;
1482
1483 if (file_actions == NULL || *file_actions == NULL) {
1484 return EINVAL;
1485 }
1486
1487 psacts = *(_posix_spawn_file_actions_t *)file_actions;
1488 free(psacts);
1489 *file_actions = NULL;
1490
1491 return 0;
1492 }
1493
1494
1495 /*
1496 * _posix_spawn_file_actions_grow
1497 *
1498 * Description: Grow the available list of file actions associated with the
1499 * pointer to the structure provided; replace the contents of the
1500 * pointer as a side effect.
1501 *
1502 * Parameters: psactsp Pointer to _posix_spawn_file_actions_t
1503 * to grow
1504 *
1505 * Returns: 0 Success
1506 * ENOMEM Insufficient memory for operation
1507 *
1508 * Notes: This code is common to all posix_spawn_file_actions_*()
1509 * functions, since we use a naieve data structure implementation
1510 * at present. Future optimization will likely change this.
1511 */
1512 static int
_posix_spawn_file_actions_grow(_posix_spawn_file_actions_t * psactsp)1513 _posix_spawn_file_actions_grow(_posix_spawn_file_actions_t *psactsp)
1514 {
1515 int newnum = 0;
1516 if (os_mul_overflow((*psactsp)->psfa_act_alloc, 2, &newnum)) {
1517 return ENOMEM;
1518 }
1519
1520 size_t newsize = PSF_ACTIONS_SIZE(newnum);
1521 if (newsize == 0) {
1522 return ENOMEM;
1523 }
1524
1525 /*
1526 * XXX may want to impose an administrative limit here; POSIX does
1527 * XXX not provide for an administrative error return in this case,
1528 * XXX so it's probably acceptable to just fail catastrophically
1529 * XXX instead of implementing one.
1530 */
1531 _posix_spawn_file_actions_t new_psacts;
1532 if ((new_psacts = (_posix_spawn_file_actions_t)realloc((*psactsp), newsize)) == NULL) {
1533 return ENOMEM;
1534 }
1535 new_psacts->psfa_act_alloc = newnum;
1536 *psactsp = new_psacts;
1537
1538 return 0;
1539 }
1540
1541
1542 /*
1543 * posix_spawn_file_actions_addopen
1544 *
1545 * Description: Add an open action to the object referenced by 'file_actions'
1546 * that will cause the file named by 'path' to be attempted to be
1547 * opened with flags 'oflag' and mode 'mode', and, if successful,
1548 * return as descriptor 'filedes' to the spawned process.
1549 *
1550 * Parameters: file_actions File action object to augment
1551 * filedes fd that open is to use
1552 * path path to file to open
1553 * oflag open file flags
1554 * mode open file mode
1555 *
1556 * Returns: 0 Success
1557 * EBADF The value specified by fildes is
1558 * negative or greater than or equal to
1559 * {OPEN_MAX}.
1560 * ENOMEM Insufficient memory exists to add to
1561 * the spawn file actions object.
1562 *
1563 * NOTIMP: Allowed failures (checking NOT required):
1564 * EINVAL The value specified by file_actions is invalid.
1565 */
1566 int
posix_spawn_file_actions_addopen(posix_spawn_file_actions_t * __restrict file_actions,int filedes,const char * __restrict path,int oflag,mode_t mode)1567 posix_spawn_file_actions_addopen(
1568 posix_spawn_file_actions_t * __restrict file_actions,
1569 int filedes, const char * __restrict path, int oflag,
1570 mode_t mode)
1571 {
1572 _posix_spawn_file_actions_t *psactsp;
1573 _psfa_action_t *psfileact;
1574
1575 if (file_actions == NULL || *file_actions == NULL) {
1576 return EINVAL;
1577 }
1578
1579 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1580 /* Range check; required by POSIX */
1581 if (filedes < 0 || filedes >= OPEN_MAX) {
1582 return EBADF;
1583 }
1584
1585 /* If we do not have enough slots, grow the structure */
1586 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1587 /* need to grow file actions structure */
1588 if (_posix_spawn_file_actions_grow(psactsp)) {
1589 return ENOMEM;
1590 }
1591 }
1592
1593 /*
1594 * Allocate next available slot and fill it out
1595 */
1596 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1597
1598 psfileact->psfaa_type = PSFA_OPEN;
1599 psfileact->psfaa_filedes = filedes;
1600 psfileact->psfaa_openargs.psfao_oflag = oflag;
1601 psfileact->psfaa_openargs.psfao_mode = mode;
1602 strlcpy(psfileact->psfaa_openargs.psfao_path, path, PATH_MAX);
1603
1604 return 0;
1605 }
1606
1607
1608 /*
1609 * posix_spawn_file_actions_addclose
1610 *
1611 * Description: Add a close action to the object referenced by 'file_actions'
1612 * that will cause the file referenced by 'filedes' to be
1613 * attempted to be closed in the spawned process.
1614 *
1615 * Parameters: file_actions File action object to augment
1616 * filedes fd to close
1617 *
1618 * Returns: 0 Success
1619 * EBADF The value specified by fildes is
1620 * negative or greater than or equal to
1621 * {OPEN_MAX}.
1622 * ENOMEM Insufficient memory exists to add to
1623 * the spawn file actions object.
1624 *
1625 * NOTIMP: Allowed failures (checking NOT required):
1626 * EINVAL The value specified by file_actions is invalid.
1627 */
1628 int
posix_spawn_file_actions_addclose(posix_spawn_file_actions_t * file_actions,int filedes)1629 posix_spawn_file_actions_addclose(posix_spawn_file_actions_t *file_actions,
1630 int filedes)
1631 {
1632 _posix_spawn_file_actions_t *psactsp;
1633 _psfa_action_t *psfileact;
1634
1635 if (file_actions == NULL || *file_actions == NULL) {
1636 return EINVAL;
1637 }
1638
1639 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1640 /* Range check; required by POSIX */
1641 if (filedes < 0 || filedes >= OPEN_MAX) {
1642 return EBADF;
1643 }
1644
1645 /* If we do not have enough slots, grow the structure */
1646 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1647 /* need to grow file actions structure */
1648 if (_posix_spawn_file_actions_grow(psactsp)) {
1649 return ENOMEM;
1650 }
1651 }
1652
1653 /*
1654 * Allocate next available slot and fill it out
1655 */
1656 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1657
1658 psfileact->psfaa_type = PSFA_CLOSE;
1659 psfileact->psfaa_filedes = filedes;
1660
1661 return 0;
1662 }
1663
1664
1665 /*
1666 * posix_spawn_file_actions_adddup2
1667 *
1668 * Description: Add a dup2 action to the object referenced by 'file_actions'
1669 * that will cause the file referenced by 'filedes' to be
1670 * attempted to be dup2'ed to the descriptor 'newfiledes' in the
1671 * spawned process.
1672 *
1673 * Parameters: file_actions File action object to augment
1674 * filedes fd to dup2
1675 * newfiledes fd to dup2 it to
1676 *
1677 * Returns: 0 Success
1678 * EBADF The value specified by either fildes
1679 * or by newfiledes is negative or greater
1680 * than or equal to {OPEN_MAX}.
1681 * ENOMEM Insufficient memory exists to add to
1682 * the spawn file actions object.
1683 *
1684 * NOTIMP: Allowed failures (checking NOT required):
1685 * EINVAL The value specified by file_actions is invalid.
1686 */
1687 int
posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t * file_actions,int filedes,int newfiledes)1688 posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t *file_actions,
1689 int filedes, int newfiledes)
1690 {
1691 _posix_spawn_file_actions_t *psactsp;
1692 _psfa_action_t *psfileact;
1693
1694 if (file_actions == NULL || *file_actions == NULL) {
1695 return EINVAL;
1696 }
1697
1698 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1699 /* Range check; required by POSIX */
1700 if (filedes < 0 || filedes >= OPEN_MAX ||
1701 newfiledes < 0 || newfiledes >= OPEN_MAX) {
1702 return EBADF;
1703 }
1704
1705 /* If we do not have enough slots, grow the structure */
1706 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1707 /* need to grow file actions structure */
1708 if (_posix_spawn_file_actions_grow(psactsp)) {
1709 return ENOMEM;
1710 }
1711 }
1712
1713 /*
1714 * Allocate next available slot and fill it out
1715 */
1716 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1717
1718 psfileact->psfaa_type = PSFA_DUP2;
1719 psfileact->psfaa_filedes = filedes;
1720 psfileact->psfaa_dup2args.psfad_newfiledes = newfiledes;
1721
1722 return 0;
1723 }
1724
1725 /*
1726 * posix_spawn_file_actions_add_fileportdup2_np
1727 *
1728 * Description: Add a dup2 action to the object referenced by 'file_actions'
1729 * that will cause the file referenced by 'fileport' to be
1730 * attempted to be dup2'ed to the descriptor 'newfiledes' in the
1731 * spawned process.
1732 *
1733 * Parameters: file_actions File action object to augment
1734 * filedes fileport to dup2
1735 * newfiledes fd to dup2 it to
1736 *
1737 * Returns: 0 Success
1738 * EBADF fileport isn't a valid port, or the
1739 * value specified by newfiledes is
1740 * negative or greater than or equal to
1741 * {OPEN_MAX}.
1742 * ENOMEM Insufficient memory exists to add to
1743 * the spawn file actions object.
1744 *
1745 * NOTIMP: Allowed failures (checking NOT required):
1746 * EINVAL The value specified by file_actions is invalid.
1747 */
1748 int
posix_spawn_file_actions_add_fileportdup2_np(posix_spawn_file_actions_t * file_actions,mach_port_t fileport,int newfiledes)1749 posix_spawn_file_actions_add_fileportdup2_np(
1750 posix_spawn_file_actions_t *file_actions,
1751 mach_port_t fileport, int newfiledes)
1752 {
1753 _posix_spawn_file_actions_t *psactsp;
1754 _psfa_action_t *psfileact;
1755
1756 if (file_actions == NULL || *file_actions == NULL) {
1757 return EINVAL;
1758 }
1759
1760 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1761 /* Range check; required by POSIX */
1762 if (!MACH_PORT_VALID(fileport) ||
1763 newfiledes < 0 || newfiledes >= OPEN_MAX) {
1764 return EBADF;
1765 }
1766
1767 /* If we do not have enough slots, grow the structure */
1768 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1769 /* need to grow file actions structure */
1770 if (_posix_spawn_file_actions_grow(psactsp)) {
1771 return ENOMEM;
1772 }
1773 }
1774
1775 /*
1776 * Allocate next available slot and fill it out
1777 */
1778 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1779
1780 psfileact->psfaa_type = PSFA_FILEPORT_DUP2;
1781 psfileact->psfaa_fileport = fileport;
1782 psfileact->psfaa_dup2args.psfad_newfiledes = newfiledes;
1783
1784 return 0;
1785 }
1786
1787 /*
1788 * posix_spawn_file_actions_addinherit_np
1789 *
1790 * Description: Add the "inherit" action to the object referenced by
1791 * 'file_actions' that will cause the file referenced by
1792 * 'filedes' to continue to be available in the spawned
1793 * process via the same descriptor.
1794 *
1795 * Inheritance is the normal default behaviour for
1796 * file descriptors across exec and spawn; but if the
1797 * POSIX_SPAWN_CLOEXEC_DEFAULT flag is set, the usual
1798 * default is reversed for the purposes of the spawn
1799 * invocation. Any pre-existing descriptors that
1800 * need to be made available to the spawned process can
1801 * be marked explicitly as 'inherit' via this interface.
1802 * Otherwise they will be automatically closed.
1803 *
1804 * Note that any descriptors created via the other file
1805 * actions interfaces are automatically marked as 'inherit'.
1806 *
1807 * Parameters: file_actions File action object to augment
1808 * filedes fd to inherit.
1809 *
1810 * Returns: 0 Success
1811 * EBADF The value specified by fildes is
1812 * negative or greater than or equal to
1813 * {OPEN_MAX}.
1814 * ENOMEM Insufficient memory exists to add to
1815 * the spawn file actions object.
1816 *
1817 * NOTIMP: Allowed failures (checking NOT required):
1818 * EINVAL The value specified by file_actions is invalid.
1819 */
1820 int
posix_spawn_file_actions_addinherit_np(posix_spawn_file_actions_t * file_actions,int filedes)1821 posix_spawn_file_actions_addinherit_np(posix_spawn_file_actions_t *file_actions,
1822 int filedes)
1823 {
1824 _posix_spawn_file_actions_t *psactsp;
1825 _psfa_action_t *psfileact;
1826
1827 if (file_actions == NULL || *file_actions == NULL) {
1828 return EINVAL;
1829 }
1830
1831 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1832 /* Range check; required by POSIX */
1833 if (filedes < 0 || filedes >= OPEN_MAX) {
1834 return EBADF;
1835 }
1836
1837 #if defined(POSIX_SPAWN_CLOEXEC_DEFAULT) // TODO: delete this check
1838 /* If we do not have enough slots, grow the structure */
1839 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1840 /* need to grow file actions structure */
1841 if (_posix_spawn_file_actions_grow(psactsp)) {
1842 return ENOMEM;
1843 }
1844 }
1845
1846 /*
1847 * Allocate next available slot and fill it out
1848 */
1849 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1850
1851 psfileact->psfaa_type = PSFA_INHERIT;
1852 psfileact->psfaa_filedes = filedes;
1853 #endif
1854 return 0;
1855 }
1856
1857
1858 /*
1859 * posix_spawn_file_actions_addchdir_np
1860 *
1861 * Description: Add a chdir action to the object referenced by 'file_actions'
1862 * that will cause the current working directory to attempt to be changed
1863 * to that referenced by 'path' in the spawned process.
1864 *
1865 * Parameters: file_actions File action object to augment
1866 * path path of the desired working directory
1867 *
1868 * Returns: 0 Success
1869 * ENOMEM Insufficient memory exists to add to
1870 * the spawn file actions object.
1871 * ENAMETOOLONG The supplied path exceeded PATH_MAX.
1872 *
1873 * NOTIMP: Allowed failures (checking NOT required):
1874 * EINVAL The value specified by file_actions is invalid.
1875 */
1876 int
posix_spawn_file_actions_addchdir_np(posix_spawn_file_actions_t * __restrict file_actions,const char * __restrict path)1877 posix_spawn_file_actions_addchdir_np(
1878 posix_spawn_file_actions_t * __restrict file_actions,
1879 const char * __restrict path)
1880 {
1881 _posix_spawn_file_actions_t *psactsp;
1882 _psfa_action_t *psfileact;
1883
1884 if (file_actions == NULL || *file_actions == NULL) {
1885 return EINVAL;
1886 }
1887
1888 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1889
1890 /* If we do not have enough slots, grow the structure */
1891 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1892 /* need to grow file actions structure */
1893 if (_posix_spawn_file_actions_grow(psactsp)) {
1894 return ENOMEM;
1895 }
1896 }
1897
1898 /*
1899 * Allocate next available slot and fill it out
1900 */
1901 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1902
1903 psfileact->psfaa_type = PSFA_CHDIR;
1904 if (strlcpy(psfileact->psfaa_chdirargs.psfac_path, path, PATH_MAX) >= PATH_MAX) {
1905 (*psactsp)->psfa_act_count--;
1906 return ENAMETOOLONG;
1907 }
1908
1909 return 0;
1910 }
1911
1912
1913 /*
1914 * posix_spawn_file_actions_fchdir_np
1915 *
1916 * Description: Add a fchdir action to the object referenced by 'file_actions'
1917 * that will cause the current working directory to attempt to be changed
1918 * to that referenced by the descriptor 'filedes' in the spawned process.
1919 *
1920 * Parameters: file_actions File action object to augment
1921 * filedes fd to chdir to
1922 *
1923 * Returns: 0 Success
1924 * EBADF The value specified by either fildes is negative or
1925 * greater than or equal to {OPEN_MAX}.
1926 * ENOMEM Insufficient memory exists to add to
1927 * the spawn file actions object.
1928 *
1929 * NOTIMP: Allowed failures (checking NOT required):
1930 * EINVAL The value specified by file_actions is invalid.
1931 */
1932 int
posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t * file_actions,int filedes)1933 posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t *file_actions,
1934 int filedes)
1935 {
1936 _posix_spawn_file_actions_t *psactsp;
1937 _psfa_action_t *psfileact;
1938
1939 if (file_actions == NULL || *file_actions == NULL) {
1940 return EINVAL;
1941 }
1942
1943 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1944 /* Range check; in spirit of POSIX */
1945 if (filedes < 0 || filedes >= OPEN_MAX) {
1946 return EBADF;
1947 }
1948
1949 /* If we do not have enough slots, grow the structure */
1950 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1951 /* need to grow file actions structure */
1952 if (_posix_spawn_file_actions_grow(psactsp)) {
1953 return ENOMEM;
1954 }
1955 }
1956
1957 /*
1958 * Allocate next available slot and fill it out
1959 */
1960 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1961
1962 psfileact->psfaa_type = PSFA_FCHDIR;
1963 psfileact->psfaa_filedes = filedes;
1964
1965 return 0;
1966 }
1967
1968 int
posix_spawnattr_setcpumonitor_default(posix_spawnattr_t * __restrict attr)1969 posix_spawnattr_setcpumonitor_default(posix_spawnattr_t * __restrict attr)
1970 {
1971 return posix_spawnattr_setcpumonitor(attr, PROC_POLICY_CPUMON_DEFAULTS, 0);
1972 }
1973
1974 int
posix_spawnattr_setcpumonitor(posix_spawnattr_t * __restrict attr,uint64_t percent,uint64_t interval)1975 posix_spawnattr_setcpumonitor(posix_spawnattr_t * __restrict attr,
1976 uint64_t percent, uint64_t interval)
1977 {
1978 _posix_spawnattr_t psattr;
1979
1980 if (attr == NULL || *attr == NULL) {
1981 return EINVAL;
1982 }
1983
1984 psattr = *(_posix_spawnattr_t *)attr;
1985
1986 psattr->psa_cpumonitor_percent = percent;
1987 psattr->psa_cpumonitor_interval = interval;
1988
1989 return 0;
1990 }
1991
1992 int
posix_spawnattr_getcpumonitor(posix_spawnattr_t * __restrict attr,uint64_t * percent,uint64_t * interval)1993 posix_spawnattr_getcpumonitor(posix_spawnattr_t * __restrict attr,
1994 uint64_t *percent, uint64_t *interval)
1995 {
1996 _posix_spawnattr_t psattr;
1997
1998 if (attr == NULL || *attr == NULL) {
1999 return EINVAL;
2000 }
2001
2002 psattr = *(_posix_spawnattr_t *)attr;
2003
2004 *percent = psattr->psa_cpumonitor_percent;
2005 *interval = psattr->psa_cpumonitor_interval;
2006
2007 return 0;
2008 }
2009
2010 #if (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
2011 /*
2012 * posix_spawnattr_setjetsam
2013 *
2014 * Description: Set jetsam attributes for the spawn attribute object
2015 * referred to by 'attr'.
2016 *
2017 * Parameters: flags The flags value to set
2018 * priority Relative jetsam priority
2019 * memlimit Value in megabytes; a memory footprint
2020 * above this level may result in termination.
2021 * Implies both active and inactive limits.
2022 *
2023 * Returns: 0 Success
2024 *
2025 * Note: to be deprecated (not available on desktop)
2026 *
2027 */
2028 int
posix_spawnattr_setjetsam(posix_spawnattr_t * __restrict attr,short flags,int priority,int memlimit)2029 posix_spawnattr_setjetsam(posix_spawnattr_t * __restrict attr,
2030 short flags, int priority, int memlimit)
2031 {
2032 short flags_ext = flags;
2033
2034 if (flags & POSIX_SPAWN_JETSAM_MEMLIMIT_FATAL) {
2035 flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
2036 flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
2037 } else {
2038 flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
2039 flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
2040 }
2041
2042 return posix_spawnattr_setjetsam_ext(attr, flags_ext, priority, memlimit, memlimit);
2043 }
2044 #endif /* (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) */
2045
2046 /*
2047 * posix_spawnattr_setjetsam_ext
2048 *
2049 * Description: Set jetsam attributes for the spawn attribute object
2050 * referred to by 'attr'.
2051 *
2052 * Parameters: flags The flags value to set
2053 * priority Relative jetsam priority
2054 * memlimit_active Value in megabytes; memory footprint
2055 * above this level while process is
2056 * active may result in termination.
2057 * memlimit_inactive Value in megabytes; memory footprint
2058 * above this level while process is
2059 * inactive may result in termination.
2060 *
2061 * Returns: 0 Success
2062 */
2063 int
posix_spawnattr_setjetsam_ext(posix_spawnattr_t * __restrict attr,short flags,int priority,int memlimit_active,int memlimit_inactive)2064 posix_spawnattr_setjetsam_ext(posix_spawnattr_t * __restrict attr,
2065 short flags, int priority, int memlimit_active, int memlimit_inactive)
2066 {
2067 _posix_spawnattr_t psattr;
2068
2069 if (attr == NULL || *attr == NULL) {
2070 return EINVAL;
2071 }
2072
2073 psattr = *(_posix_spawnattr_t *)attr;
2074
2075 psattr->psa_jetsam_flags = flags;
2076 psattr->psa_jetsam_flags |= POSIX_SPAWN_JETSAM_SET;
2077 psattr->psa_priority = priority;
2078 psattr->psa_memlimit_active = memlimit_active;
2079 psattr->psa_memlimit_inactive = memlimit_inactive;
2080
2081 return 0;
2082 }
2083
2084 int
posix_spawnattr_set_threadlimit_ext(posix_spawnattr_t * __restrict attr,int thread_limit)2085 posix_spawnattr_set_threadlimit_ext(posix_spawnattr_t * __restrict attr,
2086 int thread_limit)
2087 {
2088 _posix_spawnattr_t psattr;
2089
2090 if (attr == NULL || *attr == NULL) {
2091 return EINVAL;
2092 }
2093
2094 psattr = *(_posix_spawnattr_t *)attr;
2095
2096 psattr->psa_thread_limit = thread_limit;
2097
2098 return 0;
2099 }
2100
2101
2102 /*
2103 * posix_spawnattr_set_importancewatch_port_np
2104 *
2105 * Description: Mark ports referred to by these rights
2106 * to boost the new task instead of their current task
2107 * for the spawn attribute object referred to by 'attr'.
2108 * Ports must be valid at posix_spawn time. They will NOT be
2109 * consumed by the kernel, so they must be deallocated after the spawn returns.
2110 * (If you are SETEXEC-ing, they are cleaned up by the exec operation).
2111 *
2112 * The maximum number of watch ports allowed is defined by POSIX_SPAWN_IMPORTANCE_PORT_COUNT.
2113 *
2114 * Parameters: count Number of ports in portarray
2115 * portarray Array of rights
2116 *
2117 * Returns: 0 Success
2118 * EINVAL Bad port count
2119 * ENOMEM Insufficient memory exists to add to
2120 * the spawn port actions object.
2121 */
2122 int
posix_spawnattr_set_importancewatch_port_np(posix_spawnattr_t * __restrict attr,int count,mach_port_t portarray[])2123 posix_spawnattr_set_importancewatch_port_np(posix_spawnattr_t * __restrict attr,
2124 int count, mach_port_t portarray[])
2125 {
2126 int err = 0, i;
2127
2128 if (count < 0 || count > POSIX_SPAWN_IMPORTANCE_PORT_COUNT) {
2129 return EINVAL;
2130 }
2131
2132 for (i = 0; i < count; i++) {
2133 _ps_port_action_t action = {
2134 .port_type = PSPA_IMP_WATCHPORTS,
2135 .new_port = portarray[i],
2136 };
2137 err = posix_spawn_appendportaction_np(attr, &action);
2138 if (err) {
2139 break;
2140 }
2141 }
2142 return err;
2143 }
2144
2145 int
posix_spawnattr_set_registered_ports_np(posix_spawnattr_t * __restrict attr,mach_port_t portarray[],uint32_t count)2146 posix_spawnattr_set_registered_ports_np(posix_spawnattr_t * __restrict attr,
2147 mach_port_t portarray[], uint32_t count)
2148 {
2149 int err = 0;
2150
2151 if (count > TASK_PORT_REGISTER_MAX) {
2152 return EINVAL;
2153 }
2154
2155 for (uint32_t i = 0; i < count; i++) {
2156 _ps_port_action_t action = {
2157 .port_type = PSPA_REGISTERED_PORTS,
2158 .new_port = portarray[i],
2159 };
2160 err = posix_spawn_appendportaction_np(attr, &action);
2161 if (err) {
2162 break;
2163 }
2164 }
2165 return err;
2166 }
2167
2168 int
posix_spawnattr_set_ptrauth_task_port_np(posix_spawnattr_t * __restrict attr,mach_port_t port)2169 posix_spawnattr_set_ptrauth_task_port_np(posix_spawnattr_t * __restrict attr,
2170 mach_port_t port)
2171 {
2172 int err = 0;
2173
2174 _ps_port_action_t action = {
2175 .port_type = PSPA_PTRAUTH_TASK_PORT,
2176 .new_port = port,
2177 };
2178
2179 err = posix_spawn_appendportaction_np(attr, &action);
2180 return err;
2181 }
2182
2183 static
2184 _ps_mac_policy_extension_t *
posix_spawnattr_macpolicyinfo_lookup(_posix_spawn_mac_policy_extensions_t psmx,const char * policyname)2185 posix_spawnattr_macpolicyinfo_lookup(_posix_spawn_mac_policy_extensions_t psmx, const char *policyname)
2186 {
2187 int i;
2188
2189 if (psmx == NULL) {
2190 return NULL;
2191 }
2192
2193 for (i = 0; i < psmx->psmx_count; i++) {
2194 _ps_mac_policy_extension_t *extension = &psmx->psmx_extensions[i];
2195 if (strcmp(extension->policyname, policyname) == 0) {
2196 return extension;
2197 }
2198 }
2199 return NULL;
2200 }
2201
2202 int
posix_spawnattr_getmacpolicyinfo_np(const posix_spawnattr_t * __restrict attr,const char * policyname,void ** datap,size_t * datalenp)2203 posix_spawnattr_getmacpolicyinfo_np(const posix_spawnattr_t * __restrict attr,
2204 const char *policyname, void **datap, size_t *datalenp)
2205 {
2206 _posix_spawnattr_t psattr;
2207 _ps_mac_policy_extension_t *extension;
2208
2209 if (attr == NULL || *attr == NULL || policyname == NULL || datap == NULL) {
2210 return EINVAL;
2211 }
2212
2213 psattr = *(_posix_spawnattr_t *)attr;
2214 extension = posix_spawnattr_macpolicyinfo_lookup(psattr->psa_mac_extensions, policyname);
2215 if (extension == NULL) {
2216 return ESRCH;
2217 }
2218 *datap = (void *)(uintptr_t)extension->data;
2219 if (datalenp != NULL) {
2220 *datalenp = (size_t)extension->datalen;
2221 }
2222 return 0;
2223 }
2224
2225 int
posix_spawnattr_setmacpolicyinfo_np(posix_spawnattr_t * __restrict attr,const char * policyname,void * data,size_t datalen)2226 posix_spawnattr_setmacpolicyinfo_np(posix_spawnattr_t * __restrict attr,
2227 const char *policyname, void *data, size_t datalen)
2228 {
2229 _posix_spawnattr_t psattr;
2230 _posix_spawn_mac_policy_extensions_t psmx;
2231 _ps_mac_policy_extension_t *extension;
2232
2233 if (attr == NULL || *attr == NULL || policyname == NULL) {
2234 return EINVAL;
2235 }
2236
2237 psattr = *(_posix_spawnattr_t *)attr;
2238 psmx = psattr->psa_mac_extensions;
2239 extension = posix_spawnattr_macpolicyinfo_lookup(psattr->psa_mac_extensions, policyname);
2240 if (extension != NULL) {
2241 extension->data = (uintptr_t)data;
2242 extension->datalen = datalen;
2243 return 0;
2244 } else if (psmx == NULL) {
2245 psmx = psattr->psa_mac_extensions = malloc(PS_MAC_EXTENSIONS_SIZE(PS_MAC_EXTENSIONS_INIT_COUNT));
2246 if (psmx == NULL) {
2247 return ENOMEM;
2248 }
2249 psmx->psmx_alloc = PS_MAC_EXTENSIONS_INIT_COUNT;
2250 psmx->psmx_count = 0;
2251 } else if (psmx->psmx_count == psmx->psmx_alloc) {
2252 int newnum = 0;
2253 if (os_mul_overflow(psmx->psmx_alloc, 2, &newnum)) {
2254 return ENOMEM;
2255 }
2256 size_t extsize = PS_MAC_EXTENSIONS_SIZE(newnum);
2257 if (extsize == 0) {
2258 return ENOMEM;
2259 }
2260 psmx = psattr->psa_mac_extensions = reallocf(psmx, extsize);
2261 if (psmx == NULL) {
2262 return ENOMEM;
2263 }
2264 psmx->psmx_alloc = newnum;
2265 }
2266 extension = &psmx->psmx_extensions[psmx->psmx_count];
2267 strlcpy(extension->policyname, policyname, sizeof(extension->policyname));
2268 extension->data = (uintptr_t)data;
2269 extension->datalen = datalen;
2270 psmx->psmx_count += 1;
2271 return 0;
2272 }
2273
2274 /*
2275 * posix_spawn_destroymacpolicy_info_np
2276 * Description: cleanup the macpolicy struct in posix_spawnattr_t attr
2277 */
2278 static int
posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t * attr)2279 posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t *attr)
2280 {
2281 _posix_spawnattr_t psattr;
2282 _posix_spawn_mac_policy_extensions_t psmx;
2283
2284 if (attr == NULL || *attr == NULL) {
2285 return EINVAL;
2286 }
2287
2288 psattr = *(_posix_spawnattr_t *)attr;
2289 psmx = psattr->psa_mac_extensions;
2290 if (psmx == NULL) {
2291 return EINVAL;
2292 }
2293
2294 psattr->psa_mac_extensions = NULL;
2295 free(psmx);
2296 return 0;
2297 }
2298
2299 int
posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr,uint64_t coalitionid,int type,int role)2300 posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr,
2301 uint64_t coalitionid, int type, int role)
2302 {
2303 _posix_spawnattr_t psattr;
2304 struct _posix_spawn_coalition_info *coal_info;
2305
2306 if (attr == NULL || *attr == NULL) {
2307 return EINVAL;
2308 }
2309 if (type < 0 || type > COALITION_TYPE_MAX) {
2310 return EINVAL;
2311 }
2312
2313 psattr = *(_posix_spawnattr_t *)attr;
2314
2315 coal_info = psattr->psa_coalition_info;
2316 if (!coal_info) {
2317 coal_info = (struct _posix_spawn_coalition_info *)malloc(sizeof(*coal_info));
2318 if (!coal_info) {
2319 return ENOMEM;
2320 }
2321 memset(coal_info, 0, sizeof(*coal_info));
2322 psattr->psa_coalition_info = coal_info;
2323 }
2324
2325 coal_info->psci_info[type].psci_id = coalitionid;
2326 coal_info->psci_info[type].psci_role = role;
2327
2328 return 0;
2329 }
2330
2331
2332 int
posix_spawnattr_set_qos_clamp_np(const posix_spawnattr_t * __restrict attr,uint64_t qos_clamp)2333 posix_spawnattr_set_qos_clamp_np(const posix_spawnattr_t * __restrict attr, uint64_t qos_clamp)
2334 {
2335 _posix_spawnattr_t psattr;
2336
2337 if (attr == NULL || *attr == NULL) {
2338 return EINVAL;
2339 }
2340
2341 if (qos_clamp >= POSIX_SPAWN_PROC_CLAMP_LAST) {
2342 return EINVAL;
2343 }
2344
2345 psattr = *(_posix_spawnattr_t *)attr;
2346 psattr->psa_qos_clamp = qos_clamp;
2347
2348 return 0;
2349 }
2350
2351 int
posix_spawnattr_get_qos_clamp_np(const posix_spawnattr_t * __restrict attr,uint64_t * __restrict qos_clampp)2352 posix_spawnattr_get_qos_clamp_np(const posix_spawnattr_t * __restrict attr, uint64_t * __restrict qos_clampp)
2353 {
2354 _posix_spawnattr_t psattr;
2355
2356 if (attr == NULL || *attr == NULL) {
2357 return EINVAL;
2358 }
2359
2360 psattr = *(_posix_spawnattr_t *)attr;
2361 *qos_clampp = psattr->psa_qos_clamp;
2362
2363 return 0;
2364 }
2365
2366 int
posix_spawnattr_set_darwin_role_np(const posix_spawnattr_t * __restrict attr,uint64_t darwin_role)2367 posix_spawnattr_set_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t darwin_role)
2368 {
2369 _posix_spawnattr_t psattr;
2370
2371 if (attr == NULL || *attr == NULL) {
2372 return EINVAL;
2373 }
2374
2375 psattr = *(_posix_spawnattr_t *)attr;
2376 psattr->psa_darwin_role = darwin_role;
2377
2378 return 0;
2379 }
2380
2381 int
posix_spawnattr_get_darwin_role_np(const posix_spawnattr_t * __restrict attr,uint64_t * __restrict darwin_rolep)2382 posix_spawnattr_get_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t * __restrict darwin_rolep)
2383 {
2384 _posix_spawnattr_t psattr;
2385
2386 if (attr == NULL || *attr == NULL) {
2387 return EINVAL;
2388 }
2389
2390 psattr = *(_posix_spawnattr_t *)attr;
2391 *darwin_rolep = psattr->psa_darwin_role;
2392
2393 return 0;
2394 }
2395
2396
2397 int
posix_spawnattr_set_persona_np(const posix_spawnattr_t * __restrict attr,uid_t persona_id,uint32_t flags)2398 posix_spawnattr_set_persona_np(const posix_spawnattr_t * __restrict attr, uid_t persona_id, uint32_t flags)
2399 {
2400 _posix_spawnattr_t psattr;
2401 struct _posix_spawn_persona_info *persona;
2402
2403 if (attr == NULL || *attr == NULL) {
2404 return EINVAL;
2405 }
2406
2407 if (flags & ~POSIX_SPAWN_PERSONA_ALL_FLAGS) {
2408 return EINVAL;
2409 }
2410
2411 psattr = *(_posix_spawnattr_t *)attr;
2412
2413 persona = psattr->psa_persona_info;
2414 if (!persona) {
2415 persona = (struct _posix_spawn_persona_info *)malloc(sizeof(*persona));
2416 if (!persona) {
2417 return ENOMEM;
2418 }
2419 persona->pspi_uid = 0;
2420 persona->pspi_gid = 0;
2421 persona->pspi_ngroups = 0;
2422 persona->pspi_groups[0] = 0;
2423 persona->pspi_gmuid = 0;
2424
2425 psattr->psa_persona_info = persona;
2426 }
2427
2428 persona->pspi_id = persona_id;
2429 persona->pspi_flags = flags;
2430
2431 return 0;
2432 }
2433
2434 int
posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t * __restrict attr,uid_t uid)2435 posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t * __restrict attr, uid_t uid)
2436 {
2437 _posix_spawnattr_t psattr;
2438 struct _posix_spawn_persona_info *persona;
2439
2440 if (attr == NULL || *attr == NULL) {
2441 return EINVAL;
2442 }
2443
2444 psattr = *(_posix_spawnattr_t *)attr;
2445 persona = psattr->psa_persona_info;
2446 if (!persona) {
2447 return EINVAL;
2448 }
2449
2450 persona->pspi_uid = uid;
2451
2452 persona->pspi_flags |= POSIX_SPAWN_PERSONA_UID;
2453
2454 return 0;
2455 }
2456
2457 int
posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t * __restrict attr,gid_t gid)2458 posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t * __restrict attr, gid_t gid)
2459 {
2460 _posix_spawnattr_t psattr;
2461 struct _posix_spawn_persona_info *persona;
2462
2463 if (attr == NULL || *attr == NULL) {
2464 return EINVAL;
2465 }
2466
2467 psattr = *(_posix_spawnattr_t *)attr;
2468 persona = psattr->psa_persona_info;
2469 if (!persona) {
2470 return EINVAL;
2471 }
2472
2473 persona->pspi_gid = gid;
2474
2475 persona->pspi_flags |= POSIX_SPAWN_PERSONA_GID;
2476
2477 return 0;
2478 }
2479
2480 int
posix_spawnattr_set_persona_groups_np(const posix_spawnattr_t * __restrict attr,int ngroups,gid_t * gidarray,uid_t gmuid)2481 posix_spawnattr_set_persona_groups_np(const posix_spawnattr_t * __restrict attr, int ngroups, gid_t *gidarray, uid_t gmuid)
2482 {
2483 _posix_spawnattr_t psattr;
2484 struct _posix_spawn_persona_info *persona;
2485
2486 if (attr == NULL || *attr == NULL) {
2487 return EINVAL;
2488 }
2489
2490 if (gidarray == NULL) {
2491 return EINVAL;
2492 }
2493
2494 if (ngroups > NGROUPS || ngroups < 0) {
2495 return EINVAL;
2496 }
2497
2498 psattr = *(_posix_spawnattr_t *)attr;
2499 persona = psattr->psa_persona_info;
2500 if (!persona) {
2501 return EINVAL;
2502 }
2503
2504 persona->pspi_ngroups = ngroups;
2505 for (int i = 0; i < ngroups; i++) {
2506 persona->pspi_groups[i] = gidarray[i];
2507 }
2508
2509 persona->pspi_gmuid = gmuid;
2510
2511 persona->pspi_flags |= POSIX_SPAWN_PERSONA_GROUPS;
2512
2513 return 0;
2514 }
2515
2516 int
posix_spawnattr_set_max_addr_np(const posix_spawnattr_t * __restrict attr,uint64_t max_addr)2517 posix_spawnattr_set_max_addr_np(const posix_spawnattr_t * __restrict attr, uint64_t max_addr)
2518 {
2519 _posix_spawnattr_t psattr;
2520
2521 if (attr == NULL || *attr == NULL) {
2522 return EINVAL;
2523 }
2524
2525 psattr = *(_posix_spawnattr_t *)attr;
2526 psattr->psa_max_addr = max_addr;
2527
2528 return 0;
2529 }
2530
2531 int
posix_spawnattr_setnosmt_np(const posix_spawnattr_t * __restrict attr)2532 posix_spawnattr_setnosmt_np(const posix_spawnattr_t * __restrict attr)
2533 {
2534 _posix_spawnattr_t psattr;
2535
2536 if (attr == NULL || *attr == NULL) {
2537 return EINVAL;
2538 }
2539
2540 psattr = *(_posix_spawnattr_t *)attr;
2541 psattr->psa_no_smt = true;
2542
2543 return 0;
2544 }
2545
2546 int
posix_spawnattr_set_csm_np(const posix_spawnattr_t * __restrict attr,uint32_t flags)2547 posix_spawnattr_set_csm_np(const posix_spawnattr_t * __restrict attr, uint32_t flags)
2548 {
2549 _posix_spawnattr_t psattr;
2550
2551 if (attr == NULL || *attr == NULL) {
2552 return EINVAL;
2553 }
2554
2555 const uint32_t mask = POSIX_SPAWN_NP_CSM_ALL | POSIX_SPAWN_NP_CSM_TECS | POSIX_SPAWN_NP_CSM_NOSMT;
2556 if ((flags & ~mask) != 0) {
2557 return EINVAL;
2558 }
2559
2560 psattr = *(_posix_spawnattr_t *)attr;
2561
2562 if (flags & (POSIX_SPAWN_NP_CSM_TECS | POSIX_SPAWN_NP_CSM_ALL)) {
2563 psattr->psa_tecs = true;
2564 }
2565 if (flags & (POSIX_SPAWN_NP_CSM_NOSMT | POSIX_SPAWN_NP_CSM_ALL)) {
2566 psattr->psa_no_smt = true;
2567 }
2568
2569 return 0;
2570 }
2571
2572 static struct _posix_spawn_posix_cred_info *
_posix_spawnattr_get_posix_creds_info(_posix_spawnattr_t psattr)2573 _posix_spawnattr_get_posix_creds_info(_posix_spawnattr_t psattr)
2574 {
2575 struct _posix_spawn_posix_cred_info *pspci = psattr->psa_posix_cred_info;
2576
2577 if (pspci == NULL) {
2578 pspci = malloc(sizeof(struct _posix_spawn_posix_cred_info));
2579 if (pspci != NULL) {
2580 pspci->pspci_flags = 0;
2581 pspci->pspci_uid = 0;
2582 pspci->pspci_gid = 0;
2583 pspci->pspci_ngroups = 0;
2584 pspci->pspci_groups[0] = 0;
2585 pspci->pspci_gmuid = 0;
2586 pspci->pspci_login[0] = '\0';
2587 psattr->psa_posix_cred_info = pspci;
2588 }
2589 }
2590 return pspci;
2591 }
2592
2593 int
posix_spawnattr_set_uid_np(const posix_spawnattr_t * attr,uid_t uid)2594 posix_spawnattr_set_uid_np(const posix_spawnattr_t *attr, uid_t uid)
2595 {
2596 struct _posix_spawn_posix_cred_info *pspci;
2597
2598 if (attr == NULL || *attr == NULL) {
2599 return EINVAL;
2600 }
2601
2602 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2603 if (pspci == NULL) {
2604 return ENOMEM;
2605 }
2606
2607 pspci->pspci_uid = uid;
2608
2609 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_UID;
2610
2611 return 0;
2612 }
2613
2614 int
posix_spawnattr_set_gid_np(const posix_spawnattr_t * attr,gid_t gid)2615 posix_spawnattr_set_gid_np(const posix_spawnattr_t *attr, gid_t gid)
2616 {
2617 struct _posix_spawn_posix_cred_info *pspci;
2618
2619 if (attr == NULL || *attr == NULL) {
2620 return EINVAL;
2621 }
2622
2623 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2624 if (pspci == NULL) {
2625 return ENOMEM;
2626 }
2627
2628 pspci->pspci_gid = gid;
2629
2630 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_GID;
2631
2632 return 0;
2633 }
2634
2635 int
posix_spawnattr_set_groups_np(const posix_spawnattr_t * attr,int ngroups,gid_t * gidarray,uid_t gmuid)2636 posix_spawnattr_set_groups_np(const posix_spawnattr_t *attr,
2637 int ngroups, gid_t *gidarray, uid_t gmuid)
2638 {
2639 struct _posix_spawn_posix_cred_info *pspci;
2640
2641 if (attr == NULL || *attr == NULL) {
2642 return EINVAL;
2643 }
2644
2645 if (gidarray == NULL) {
2646 return EINVAL;
2647 }
2648
2649 if (ngroups > NGROUPS || ngroups < 0) {
2650 return EINVAL;
2651 }
2652
2653 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2654 if (pspci == NULL) {
2655 return ENOMEM;
2656 }
2657
2658 pspci->pspci_ngroups = ngroups;
2659 for (int i = 0; i < ngroups; i++) {
2660 pspci->pspci_groups[i] = gidarray[i];
2661 }
2662
2663 pspci->pspci_gmuid = gmuid;
2664
2665 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_GROUPS;
2666
2667 return 0;
2668 }
2669
2670 int
posix_spawnattr_set_login_np(const posix_spawnattr_t * attr,const char * login)2671 posix_spawnattr_set_login_np(const posix_spawnattr_t *attr, const char *login)
2672 {
2673 struct _posix_spawn_posix_cred_info *pspci;
2674
2675 if (attr == NULL || *attr == NULL) {
2676 return EINVAL;
2677 }
2678
2679 if (strlen(login) > MAXLOGNAME) {
2680 return ERANGE;
2681 }
2682
2683 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2684 if (pspci == NULL) {
2685 return ENOMEM;
2686 }
2687
2688 strlcpy(pspci->pspci_login, login, sizeof(pspci->pspci_login));
2689
2690 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_LOGIN;
2691
2692 return 0;
2693 }
2694
2695 int
posix_spawnattr_set_portlimits_ext(posix_spawnattr_t * __restrict attr,uint32_t port_soft_limit,uint32_t port_hard_limit)2696 posix_spawnattr_set_portlimits_ext(posix_spawnattr_t * __restrict attr,
2697 uint32_t port_soft_limit, uint32_t port_hard_limit)
2698 {
2699 _posix_spawnattr_t psattr;
2700
2701 if (attr == NULL || *attr == NULL) {
2702 return EINVAL;
2703 }
2704
2705 psattr = *(_posix_spawnattr_t *)attr;
2706
2707 psattr->psa_port_soft_limit = port_soft_limit;
2708 psattr->psa_port_hard_limit = port_hard_limit;
2709
2710 return 0;
2711 }
2712
2713 int
posix_spawnattr_set_filedesclimit_ext(posix_spawnattr_t * __restrict attr,uint32_t filedesc_soft_limit,uint32_t filedesc_hard_limit)2714 posix_spawnattr_set_filedesclimit_ext(posix_spawnattr_t * __restrict attr,
2715 uint32_t filedesc_soft_limit, uint32_t filedesc_hard_limit)
2716 {
2717 _posix_spawnattr_t psattr;
2718
2719 if (attr == NULL || *attr == NULL) {
2720 return EINVAL;
2721 }
2722
2723 psattr = *(_posix_spawnattr_t *)attr;
2724
2725 psattr->psa_filedesc_soft_limit = filedesc_soft_limit;
2726 psattr->psa_filedesc_hard_limit = filedesc_hard_limit;
2727
2728 return 0;
2729 }
2730
2731 /*
2732 * posix_spawnattr_set_jetsam_ttr_np
2733 *
2734 * Description: Pass data regarding recent relaunch behavior when jetsammed for the process.
2735 * The recent history is effectively converted into a histogram and the highest
2736 * frequency bucket defines the "type" of the process. The type is passed along
2737 * to the jetsam code as part of psa_jetsam_flags.
2738 *
2739 * Parameters: count Number of entries in the ttrs_millis array
2740 * ttrs_millis Array of raw data for relaunch behavior
2741 *
2742 * Returns: 0 Success
2743 * EINVAL Bad attr pointer or empty data array
2744 */
2745 int
posix_spawnattr_set_jetsam_ttr_np(const posix_spawnattr_t * __restrict attr,uint32_t count,uint32_t * ttrs_millis)2746 posix_spawnattr_set_jetsam_ttr_np(const posix_spawnattr_t * __restrict attr, uint32_t count, uint32_t *ttrs_millis)
2747 {
2748 _posix_spawnattr_t psattr;
2749
2750 /*
2751 * Define the bucketizing policy which would be used to generate the histogram. These
2752 * values are based on looking at data from various Avg. Joanna runs.
2753 */
2754 static const uint32_t relaunch_buckets_msecs[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {
2755 5000,
2756 10000,
2757 UINT32_MAX
2758 };
2759 static const uint32_t relaunch_jetsam_flags[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {
2760 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_HIGH,
2761 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_MED,
2762 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_LOW
2763 };
2764
2765 /* Make sure the attr pointer is valid */
2766 if (attr == NULL || *attr == NULL) {
2767 return EINVAL;
2768 }
2769
2770 /* Make sure the count of entries is non-zero */
2771 if (count == 0) {
2772 return EINVAL;
2773 }
2774
2775 psattr = *(_posix_spawnattr_t *)attr;
2776
2777 /* Generate a histogram based on the relaunch data while maintaining highest frequency bucket info */
2778 int relaunch_histogram[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {0};
2779 int max_frequency = -1;
2780 int highest_frequency_bucket = -1;
2781
2782 for (uint32_t i = 0; i < count; i++) {
2783 /* For each data point passed in via launchd, find the bucket it lands in */
2784 for (uint32_t bucket = 0; bucket < POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS; bucket++) {
2785 if (ttrs_millis[i] <= relaunch_buckets_msecs[bucket]) {
2786 relaunch_histogram[bucket]++;
2787
2788 /* Check if the bucket is the highest frequency bucket now */
2789 if (relaunch_histogram[bucket] > max_frequency) {
2790 max_frequency = relaunch_histogram[bucket];
2791 highest_frequency_bucket = bucket;
2792 }
2793 break;
2794 }
2795 }
2796 }
2797 psattr->psa_jetsam_flags |= relaunch_jetsam_flags[highest_frequency_bucket];
2798 return 0;
2799 }
2800
2801 /*
2802 * posix_spawnattr_set_launch_type_np
2803 * Description: sets the launch type in posix_spawnattr_t attr
2804 */
2805 int
posix_spawnattr_set_launch_type_np(posix_spawnattr_t * attr,uint8_t launch_type)2806 posix_spawnattr_set_launch_type_np(posix_spawnattr_t *attr, uint8_t launch_type)
2807 {
2808 _posix_spawnattr_t psattr;
2809
2810 if (attr == NULL || *attr == NULL) {
2811 return EINVAL;
2812 }
2813
2814 psattr = *(_posix_spawnattr_t *)attr;
2815 psattr->psa_launch_type = launch_type;
2816
2817 return 0;
2818 }
2819
2820 /*
2821 * posix_spawn
2822 *
2823 * Description: Create a new process from the process image corresponding to
2824 * the supplied 'path' argument.
2825 *
2826 * Parameters: pid Pointer to pid_t to receive the
2827 * PID of the spawned process, if
2828 * successful and 'pid' != NULL
2829 * path Path of image file to spawn
2830 * file_actions spawn file actions object which
2831 * describes file actions to be
2832 * performed during the spawn
2833 * attrp spawn attributes object which
2834 * describes attributes to be
2835 * applied during the spawn
2836 * argv argument vector array; NULL
2837 * terminated
2838 * envp environment vector array; NULL
2839 * terminated
2840 *
2841 * Returns: 0 Success
2842 * !0 An errno value indicating the
2843 * cause of the failure to spawn
2844 *
2845 * Notes: Unlike other system calls, the return value of this system
2846 * call is expected to either be a 0 or an errno, rather than a
2847 * 0 or a -1, with the 'errno' variable being set.
2848 */
2849 int
posix_spawn(pid_t * __restrict pid,const char * __restrict path,const posix_spawn_file_actions_t * file_actions,const posix_spawnattr_t * __restrict attrp,char * const argv[__restrict],char * const envp[__restrict])2850 posix_spawn(pid_t * __restrict pid, const char * __restrict path,
2851 const posix_spawn_file_actions_t *file_actions,
2852 const posix_spawnattr_t * __restrict attrp,
2853 char *const argv[__restrict], char *const envp[__restrict])
2854 {
2855 int saveerrno = errno;
2856 int ret = 0;
2857 struct _posix_spawn_args_desc ad;
2858 struct _posix_spawn_args_desc *adp = NULL;
2859 /*
2860 * Only do extra work if we have file actions or attributes to push
2861 * down. We use a descriptor to push this information down, since we
2862 * want to have size information, which will let us (1) preallocate a
2863 * single chunk of memory for the copyin(), and (2) allow us to do a
2864 * single copyin() per attributes or file actions as a monlithic block.
2865 *
2866 * Note: A future implementation may attempt to do the same
2867 * thing for the argv/envp data, which could potentially
2868 * result in a performance improvement due to increased
2869 * kernel efficiency, even though it would mean copying
2870 * the data in user space.
2871 */
2872 if ((file_actions != NULL && (*file_actions != NULL) && (*(_posix_spawn_file_actions_t *)file_actions)->psfa_act_count > 0) || attrp != NULL) {
2873 memset(&ad, 0, sizeof(ad));
2874 adp = &ad;
2875 if (attrp != NULL && *attrp != NULL) {
2876 _posix_spawnattr_t psattr = *(_posix_spawnattr_t *)attrp;
2877 ad.attr_size = sizeof(struct _posix_spawnattr);
2878 ad.attrp = psattr;
2879
2880 if (psattr->psa_ports != NULL) {
2881 size_t psact_size = PS_PORT_ACTIONS_SIZE(psattr->psa_ports->pspa_count);
2882 if (psact_size == 0 && psattr->psa_ports->pspa_count != 0) {
2883 errno = EINVAL;
2884 ret = -1;
2885 goto out;
2886 }
2887 ad.port_actions = psattr->psa_ports;
2888 ad.port_actions_size = psact_size;
2889 }
2890 if (psattr->psa_mac_extensions != NULL) {
2891 size_t macext_size = PS_MAC_EXTENSIONS_SIZE(psattr->psa_mac_extensions->psmx_count);
2892 if (macext_size == 0 && psattr->psa_mac_extensions->psmx_count != 0) {
2893 errno = EINVAL;
2894 ret = -1;
2895 goto out;
2896 }
2897 ad.mac_extensions = psattr->psa_mac_extensions;
2898 ad.mac_extensions_size = macext_size;
2899 }
2900 if (psattr->psa_coalition_info != NULL) {
2901 ad.coal_info_size = sizeof(struct _posix_spawn_coalition_info);
2902 ad.coal_info = psattr->psa_coalition_info;
2903 }
2904 if (psattr->psa_persona_info != NULL) {
2905 ad.persona_info_size = sizeof(struct _posix_spawn_persona_info);
2906 ad.persona_info = psattr->psa_persona_info;
2907 }
2908 if (psattr->psa_posix_cred_info != NULL) {
2909 ad.posix_cred_info_size = sizeof(struct _posix_spawn_posix_cred_info);
2910 ad.posix_cred_info = psattr->psa_posix_cred_info;
2911 }
2912 if (psattr->psa_subsystem_root_path != NULL) {
2913 ad.subsystem_root_path_size = MAXPATHLEN;
2914 ad.subsystem_root_path = psattr->psa_subsystem_root_path;
2915 }
2916 }
2917 if (file_actions != NULL && *file_actions != NULL) {
2918 _posix_spawn_file_actions_t psactsp =
2919 *(_posix_spawn_file_actions_t *)file_actions;
2920
2921 if (psactsp->psfa_act_count > 0) {
2922 size_t fa_size = PSF_ACTIONS_SIZE(psactsp->psfa_act_count);
2923 if (fa_size == 0 && psactsp->psfa_act_count != 0) {
2924 errno = EINVAL;
2925 ret = -1;
2926 goto out;
2927 }
2928 ad.file_actions_size = fa_size;
2929 ad.file_actions = psactsp;
2930 }
2931 }
2932 }
2933
2934 if (!posix_spawn_with_filter ||
2935 !posix_spawn_with_filter(pid, path, argv, envp, adp, &ret)) {
2936 ret = __posix_spawn(pid, path, adp, argv, envp);
2937 }
2938
2939 out:
2940 if (ret < 0) {
2941 ret = errno;
2942 }
2943 errno = saveerrno;
2944 return ret;
2945 }
2946
2947 int
execve(const char * fname,char * const * argp,char * const * envp)2948 execve(const char *fname, char * const *argp, char * const *envp)
2949 {
2950 int ret;
2951 if (execve_with_filter) {
2952 /* Noinline slow path to avoid a large stack frame in the common case */
2953 return execve_with_filter(fname, argp, envp);
2954 }
2955
2956 ret = __execve(fname, argp, envp);
2957 return ret;
2958 }
2959