1 /*
2 * Copyright (c) 2006-2012 Apple Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * [SPN] Support for _POSIX_SPAWN
26 */
27
28 #define CONFIG_MEMORYSTATUS 1 // <rdar://problem/13604997>
29 #include <sys/types.h> /* for user_size_t */
30 #include <spawn.h>
31 #include <spawn_private.h>
32 #include <sys/spawn_internal.h>
33 #include <sys/process_policy.h>
34 #include <stdlib.h>
35 #include <errno.h>
36 #include <limits.h> /* for OPEN_MAX, PATH_MAX */
37 #include <string.h>
38 #include <strings.h>
39 #include <mach/port.h>
40 #include <mach/mach_param.h> /* for TASK_PORT_REGISTER_MAX */
41 #include <mach/exception_types.h>
42 #include <mach/coalition.h> /* for COALITION_TYPE_MAX */
43 #include <sys/kern_memorystatus.h>
44
45 /*
46 * Actual syscall wrappers.
47 */
48 extern int __posix_spawn(pid_t * __restrict, const char * __restrict,
49 struct _posix_spawn_args_desc *, char *const argv[__restrict],
50 char *const envp[__restrict]);
51 extern int __execve(const char *fname, char * const *argp, char * const *envp);
52
53 /*
54 * Function pointers that are NULL in Libsyscall_static, and get populated with
55 * the real implementations in Libsyscall_dynamic from _libkernel_init.c when
56 * os_feature_enabled(Libsystem, posix_spawn_filtering) is on.
57 *
58 * Since launchd cannot read feature flags during process startup (data volume
59 * is not mounted yet), it reads them later and sets these function pointers via
60 * Libsystem and __libkernel_init_after_boot_tasks.
61 *
62 * Usually NULL. Always NULL on customer installs.
63 */
64 __attribute__((visibility("hidden")))
65 bool (*posix_spawn_with_filter)(pid_t *pid, const char *fname,
66 char * const *argp, char * const *envp, struct _posix_spawn_args_desc *adp,
67 int *ret);
68
69 __attribute__((visibility("hidden")))
70 int (*execve_with_filter)(const char *fname, char * const *argp,
71 char * const *envp);
72
73 __attribute__((visibility("hidden")))
74 void
__posix_spawnattr_init(struct _posix_spawnattr * psattrp)75 __posix_spawnattr_init(struct _posix_spawnattr *psattrp)
76 {
77 /*
78 * The default value of this attribute shall be as if no
79 * flags were set
80 */
81 psattrp->psa_flags = 0;
82
83 /*
84 * The default value of this attribute shall be an empty
85 * signal set
86 */
87 psattrp->psa_sigdefault = 0;
88
89 /* The default value of this attribute is unspecified */
90 psattrp->psa_sigmask = 0;
91
92 /* The default value of this attribute shall be zero */
93 psattrp->psa_pgroup = 0; /* doesn't matter */
94
95 /* Default is no binary preferences, i.e. use normal grading */
96 memset(psattrp->psa_binprefs, 0,
97 sizeof(psattrp->psa_binprefs));
98 memset(psattrp->psa_subcpuprefs, 0xff /* CPU_SUBTYPE_ANY */,
99 sizeof(psattrp->psa_subcpuprefs));
100
101 /* Default is no port actions to take */
102 psattrp->psa_ports = NULL;
103
104 /*
105 * The default value of this attribute shall be an no
106 * process control on resource starvation
107 */
108 psattrp->psa_pcontrol = 0;
109
110 /*
111 * Initializing the alignment paddings.
112 */
113
114 psattrp->short_padding = 0;
115 psattrp->flags_padding = 0;
116
117 /* Default is no new apptype requested */
118 psattrp->psa_apptype = POSIX_SPAWN_PROCESS_TYPE_DEFAULT;
119
120 /* Jetsam related */
121 psattrp->psa_jetsam_flags = 0;
122 psattrp->psa_priority = -1;
123 psattrp->psa_memlimit_active = -1;
124 psattrp->psa_memlimit_inactive = -1;
125
126 /* Default is no thread limit */
127 psattrp->psa_thread_limit = 0;
128
129 /* Default is no CPU usage monitor active. */
130 psattrp->psa_cpumonitor_percent = 0;
131 psattrp->psa_cpumonitor_interval = 0;
132
133 /* Default is no MAC policy extensions. */
134 psattrp->psa_mac_extensions = NULL;
135
136 /* Default is to inherit parent's coalition(s) */
137 psattrp->psa_coalition_info = NULL;
138
139 psattrp->psa_persona_info = NULL;
140
141 psattrp->psa_posix_cred_info = NULL;
142
143 /*
144 * old coalition field
145 * For backwards compatibility reasons, we set this to 1
146 * which is the first valid coalition id. This will allow
147 * newer user space code to properly spawn processes on
148 * older kernels
149 * (they will just all end up in the same coalition).
150 */
151 psattrp->psa_reserved = 1;
152
153 /* Default is no new clamp */
154 psattrp->psa_qos_clamp = POSIX_SPAWN_PROC_CLAMP_NONE;
155
156 /* Default is no change to role */
157 psattrp->psa_darwin_role = POSIX_SPAWN_DARWIN_ROLE_NONE;
158
159 psattrp->psa_max_addr = 0;
160
161 psattrp->psa_no_smt = false;
162 psattrp->psa_tecs = false;
163
164 /* Default is no subsystem root path */
165 psattrp->psa_subsystem_root_path = NULL;
166
167 /* Default is no platform given */
168 psattrp->psa_platform = 0;
169
170 /* Default is no option */
171 psattrp->psa_options = PSA_OPTION_NONE;
172
173 /* Default is no port limit */
174 psattrp->psa_port_soft_limit = 0;
175 psattrp->psa_port_hard_limit = 0;
176
177 /* Default is no file descriptor limit */
178 psattrp->psa_filedesc_soft_limit = 0;
179 psattrp->psa_filedesc_hard_limit = 0;
180 }
181
182 /*
183 * posix_spawnattr_init
184 *
185 * Description: Initialize a spawn attributes object attr with default values
186 *
187 * Parameters: attr The spawn attributes object to be
188 * initialized
189 *
190 * Returns: 0 Success
191 * ENOMEM Insufficient memory exists to
192 * initialize the spawn attributes object.
193 *
194 * Note: As an implementation detail, the externally visibily type
195 * posix_spawnattr_t is defined to be a void *, and initialization
196 * involves allocation of a memory object. Subsequent changes to
197 * the spawn attributes may result in reallocation under the
198 * covers.
199 *
200 * Reinitialization of an already initialized spawn attributes
201 * object will result in memory being leaked. Because spawn
202 * attributes are not required to be used in conjunction with a
203 * static initializer, there is no way to distinguish a spawn
204 * attribute with stack garbage from one that's been initialized.
205 * This is arguably an API design error.
206 */
207 int
posix_spawnattr_init(posix_spawnattr_t * attr)208 posix_spawnattr_init(posix_spawnattr_t *attr)
209 {
210 _posix_spawnattr_t *psattrp = (_posix_spawnattr_t *)attr;
211 int err = 0;
212
213 if ((*psattrp = (_posix_spawnattr_t)malloc(sizeof(struct _posix_spawnattr))) == NULL) {
214 err = ENOMEM;
215 } else {
216 __posix_spawnattr_init(*psattrp);
217 }
218
219 return err;
220 }
221
222
223 /*
224 * posix_spawnattr_destroy
225 *
226 * Description: Destroy a spawn attributes object that was previously
227 * initialized via posix_spawnattr_init() by freeing any
228 * memory associated with it and setting it to an invalid value.
229 *
230 * Parameters: attr The spawn attributes object to be
231 * destroyed.
232 *
233 * Returns: 0 Success
234 *
235 * Notes: The destroyed spawn attribute results in the void * pointer
236 * being set to NULL; subsequent use without reinitialization
237 * will result in explicit program failure (rather than merely
238 * "undefined behaviour").
239 *
240 * NOTIMP: Allowed failures (checking NOT required):
241 * EINVAL The value specified by attr is invalid.
242 */
243 static int posix_spawn_destroyportactions_np(posix_spawnattr_t *);
244 static int posix_spawn_destroycoalition_info_np(posix_spawnattr_t *);
245 static int posix_spawn_destroypersona_info_np(posix_spawnattr_t *);
246 static int posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t *);
247 static int posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t *);
248 static int posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t *);
249
250 int
posix_spawnattr_destroy(posix_spawnattr_t * attr)251 posix_spawnattr_destroy(posix_spawnattr_t *attr)
252 {
253 _posix_spawnattr_t psattr;
254
255 if (attr == NULL || *attr == NULL) {
256 return EINVAL;
257 }
258
259 psattr = *(_posix_spawnattr_t *)attr;
260 posix_spawn_destroyportactions_np(attr);
261 posix_spawn_destroycoalition_info_np(attr);
262 posix_spawn_destroypersona_info_np(attr);
263 posix_spawn_destroyposix_cred_info_np(attr);
264 posix_spawn_destroymacpolicy_info_np(attr);
265 posix_spawn_destroysubsystem_root_path_np(attr);
266
267 free(psattr);
268 *attr = NULL;
269
270 return 0;
271 }
272
273
274 /*
275 * posix_spawnattr_setflags
276 *
277 * Description: Set the spawn flags attribute for the spawn attribute object
278 * referred to by 'attr'.
279 *
280 * Parameters: attr The spawn attributes object whose flags
281 * are to be set
282 * flags The flags value to set
283 *
284 * Returns: 0 Success
285 *
286 * NOTIMP: Allowed failures (checking NOT required):
287 * EINVAL The value specified by attr is invalid.
288 * EINVAL The value of the attribute being set is not valid.
289 */
290 int
posix_spawnattr_setflags(posix_spawnattr_t * attr,short flags)291 posix_spawnattr_setflags(posix_spawnattr_t *attr, short flags)
292 {
293 _posix_spawnattr_t psattr;
294
295 if (attr == NULL || *attr == NULL) {
296 return EINVAL;
297 }
298
299 psattr = *(_posix_spawnattr_t *)attr;
300 psattr->psa_flags = flags;
301
302 return 0;
303 }
304
305
306 /*
307 * posix_spawnattr_getflags
308 *
309 * Description: Retrieve the spawn attributes flag for the spawn attributes
310 * object referenced by 'attr' and place them in the memory
311 * location referenced by 'flagsp'
312 *
313 * Parameters: attr The spawn attributes object whose flags
314 * are to be retrieved
315 * flagsp A pointer to a short value to receive
316 * the flags
317 *
318 * Returns: 0 Success
319 *
320 * Implicit Returns:
321 * *flagps (modified) The flags value from the spawn
322 * attributes object
323 *
324 * NOTIMP: Allowed failures (checking NOT required):
325 * EINVAL The value specified by attr is invalid.
326 * EINVAL The value of the attribute being set is not valid.
327 */
328 int
posix_spawnattr_getflags(const posix_spawnattr_t * __restrict attr,short * __restrict flagsp)329 posix_spawnattr_getflags(const posix_spawnattr_t * __restrict attr,
330 short * __restrict flagsp)
331 {
332 _posix_spawnattr_t psattr;
333
334 if (attr == NULL || *attr == NULL) {
335 return EINVAL;
336 }
337
338 psattr = *(_posix_spawnattr_t *)attr;
339 *flagsp = psattr->psa_flags;
340
341 return 0;
342 }
343
344
345 /*
346 * posix_spawnattr_getsigdefault
347 *
348 * Description: Retrieve the set of signals to be set to default according to
349 * the spawn attribute value referenced by 'attr' and place the
350 * result into the memory containing the sigset_t referenced by
351 * 'sigdefault'
352 *
353 * Parameters: attr The spawn attributes object whose
354 * signal set for default signals is to
355 * be retrieved
356 * sigdefault A pointer to the sigset_t to receive
357 * the signal set
358 *
359 * Returns: 0 Success
360 *
361 * Implicit Returns:
362 * *sigdefault (modified) The signal set of signals to default
363 * from the spawn attributes object
364 */
365 int
posix_spawnattr_getsigdefault(const posix_spawnattr_t * __restrict attr,sigset_t * __restrict sigdefault)366 posix_spawnattr_getsigdefault(const posix_spawnattr_t * __restrict attr,
367 sigset_t * __restrict sigdefault)
368 {
369 _posix_spawnattr_t psattr;
370
371 if (attr == NULL || *attr == NULL) {
372 return EINVAL;
373 }
374
375 psattr = *(_posix_spawnattr_t *)attr;
376 *sigdefault = psattr->psa_sigdefault;
377
378 return 0;
379 }
380
381
382 /*
383 * posix_spawnattr_getpgroup
384 *
385 * Description: Obtain the value of the spawn process group attribute from the
386 * spawn attributes object referenced by 'attr' and place the
387 * results in the memory location referenced by 'pgroup'
388 *
389 * Parameters: attr The spawn attributes object whose
390 * process group information is to be
391 * retrieved
392 * pgroup A pointer to the pid_t to receive the
393 * process group
394 *
395 * Returns: 0 Success
396 *
397 * Implicit Returns:
398 * *pgroup (modified) The process group information from the
399 * spawn attributes object
400 */
401 int
posix_spawnattr_getpgroup(const posix_spawnattr_t * __restrict attr,pid_t * __restrict pgroup)402 posix_spawnattr_getpgroup(const posix_spawnattr_t * __restrict attr,
403 pid_t * __restrict pgroup)
404 {
405 _posix_spawnattr_t psattr;
406
407 if (attr == NULL || *attr == NULL) {
408 return EINVAL;
409 }
410
411 psattr = *(_posix_spawnattr_t *)attr;
412 *pgroup = psattr->psa_pgroup;
413
414 return 0;
415 }
416
417
418 /*
419 * posix_spawnattr_getsigmask
420 *
421 * Description: Obtain the value of the spawn signal mask attribute from the
422 * spawn attributes object referenced by 'attr' and place the
423 * result into the memory containing the sigset_t referenced by
424 * 'sigmask'
425 *
426 * Parameters: attr The spawn attributes object whose
427 * signal set for masked signals is to
428 * be retrieved
429 * sigmask A pointer to the sigset_t to receive
430 * the signal set
431 *
432 * Returns: 0 Success
433 *
434 * Implicit Returns:
435 * *sigmask (modified) The signal set of signals to mask
436 * from the spawn attributes object
437 */
438 int
posix_spawnattr_getsigmask(const posix_spawnattr_t * __restrict attr,sigset_t * __restrict sigmask)439 posix_spawnattr_getsigmask(const posix_spawnattr_t * __restrict attr,
440 sigset_t * __restrict sigmask)
441 {
442 _posix_spawnattr_t psattr;
443
444 if (attr == NULL || *attr == NULL) {
445 return EINVAL;
446 }
447
448 psattr = *(_posix_spawnattr_t *)attr;
449 *sigmask = psattr->psa_sigmask;
450
451 return 0;
452 }
453
454 /*
455 * posix_spawnattr_getbinpref_np
456 *
457 * Description: Obtain the value of the spawn binary preferences attribute from
458 * the spawn attributes object referenced by 'attr' and place the
459 * result into the memory referenced by 'pref'.
460 *
461 * Parameters: attr The spawn attributes object whose
462 * binary preferences are to be retrieved
463 * count The size of the cpu_type_t array
464 * pref An array of cpu types
465 * ocount The actual number copied
466 *
467 * Returns: 0 No binary preferences found
468 * > 0 The number of cpu types (less than
469 * count) copied over from 'attr'.
470 *
471 * Implicit Returns:
472 * *pref (modified) The binary preferences array
473 * from the spawn attributes object
474 */
475 int
posix_spawnattr_getbinpref_np(const posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,size_t * __restrict ocount)476 posix_spawnattr_getbinpref_np(const posix_spawnattr_t * __restrict attr,
477 size_t count, cpu_type_t *pref, size_t * __restrict ocount)
478 {
479 _posix_spawnattr_t psattr;
480 int i = 0;
481
482 if (attr == NULL || *attr == NULL || pref == NULL) {
483 return EINVAL;
484 }
485
486 psattr = *(_posix_spawnattr_t *)attr;
487 for (i = 0; i < count && i < NBINPREFS; i++) {
488 pref[i] = psattr->psa_binprefs[i];
489 }
490
491 if (ocount) {
492 *ocount = i;
493 }
494 return 0;
495 }
496
497 /*
498 * posix_spawnattr_getarchpref_np
499 *
500 * Description: Obtain the value of the spawn binary preferences attribute from
501 * the spawn attributes object referenced by 'attr' and place the
502 * result into the memory referenced by 'pref' and 'subpref'.
503 *
504 * Parameters: attr The spawn attributes object whose
505 * binary preferences are to be retrieved
506 * count The size of the cpu_type_t array
507 * pref An array of cpu types
508 * subpref An array of subcpu types
509 * ocount The actual number copied
510 *
511 * Returns: 0 No cpu/subcpu preferences found
512 * > 0 The number of types (less than
513 * count) copied over from 'attr'.
514 *
515 * Implicit Returns:
516 * *pref (modified) The cpu preferences array
517 * from the spawn attributes object
518 * *subpref (modified) The subcpu preferences array
519 * from the spawn attributes object
520 */
521 int
posix_spawnattr_getarchpref_np(const posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,cpu_subtype_t * subpref,size_t * __restrict ocount)522 posix_spawnattr_getarchpref_np(const posix_spawnattr_t * __restrict attr,
523 size_t count, cpu_type_t *pref, cpu_subtype_t *subpref, size_t * __restrict ocount)
524 {
525 _posix_spawnattr_t psattr;
526 int i = 0;
527
528 if (attr == NULL || *attr == NULL || pref == NULL || subpref == NULL) {
529 return EINVAL;
530 }
531
532 psattr = *(_posix_spawnattr_t *)attr;
533 for (i = 0; i < count && i < NBINPREFS; i++) {
534 pref[i] = psattr->psa_binprefs[i];
535 subpref[i] = psattr->psa_subcpuprefs[i];
536 }
537
538 if (ocount) {
539 *ocount = i;
540 }
541 return 0;
542 }
543
544
545 /*
546 * posix_spawnattr_getpcontrol_np
547 *
548 * Description: Retrieve the process control property set default according to
549 * the spawn attribute value referenced by 'attr' and place the
550 * result into the memory containing the control referenced by
551 * 'pcontrol'
552 *
553 * Parameters: attr The spawn attributes object whose
554 * signal set for default signals is to
555 * be retrieved
556 * pcontrol A pointer to an int to receive
557 * the process control info
558 *
559 * Returns: 0 Success
560 *
561 * Implicit Returns:
562 * *pcontrol (modified) The signal set of signals to default
563 * from the spawn attributes object
564 */
565 int
posix_spawnattr_getpcontrol_np(const posix_spawnattr_t * __restrict attr,int * __restrict pcontrol)566 posix_spawnattr_getpcontrol_np(const posix_spawnattr_t * __restrict attr,
567 int * __restrict pcontrol)
568 {
569 _posix_spawnattr_t psattr;
570
571 if (attr == NULL || *attr == NULL) {
572 return EINVAL;
573 }
574
575 psattr = *(_posix_spawnattr_t *)attr;
576 *pcontrol = psattr->psa_pcontrol;
577
578 return 0;
579 }
580
581 /*
582 * posix_spawnattr_getprocesstype_np
583 *
584 * Description: Retrieve the process specific behaviors and app launch types
585 * spawn attribute value referenced by 'attr' and place the
586 * result into the memory containing the control referenced by
587 * 'proctype'
588 *
589 * Parameters: attr The spawn attributes object whose
590 * signal set for default signals is to
591 * be retrieved
592 * proctype A pointer to an int to receive
593 * the process type info
594 *
595 * Returns: 0 Success
596 *
597 * Implicit Returns:
598 * *proctype (modified) The process type set to value
599 * from the spawn attributes object
600 */
601 int
posix_spawnattr_getprocesstype_np(const posix_spawnattr_t * __restrict attr,int * __restrict proctype)602 posix_spawnattr_getprocesstype_np(const posix_spawnattr_t * __restrict attr,
603 int * __restrict proctype)
604 {
605 _posix_spawnattr_t psattr;
606
607 if (attr == NULL || *attr == NULL) {
608 return EINVAL;
609 }
610
611 psattr = *(_posix_spawnattr_t *)attr;
612 *proctype = psattr->psa_apptype;
613
614 return 0;
615 }
616 /*
617 * posix_spawnattr_setsigdefault
618 *
619 * Description: Set the set of signals to be set to default for the spawn
620 * attribute value referenced by 'attr' from the memory
621 * containing the sigset_t referenced by 'sigdefault'
622 *
623 * Parameters: attr The spawn attributes object whose
624 * signal set for default signals is to
625 * be set
626 * sigdefault A pointer to the sigset_t from which to
627 * obtain the signal set
628 *
629 * Returns: 0 Success
630 */
631 int
posix_spawnattr_setsigdefault(posix_spawnattr_t * __restrict attr,const sigset_t * __restrict sigdefault)632 posix_spawnattr_setsigdefault(posix_spawnattr_t * __restrict attr,
633 const sigset_t * __restrict sigdefault)
634 {
635 _posix_spawnattr_t psattr;
636
637 if (attr == NULL || *attr == NULL) {
638 return EINVAL;
639 }
640
641 psattr = *(_posix_spawnattr_t *)attr;
642 psattr->psa_sigdefault = *sigdefault;
643
644 return 0;
645 }
646
647
648 /*
649 * posix_spawnattr_setpgroup
650 *
651 * Description: Set the value of the spawn process group attribute for the
652 * spawn attributes object referenced by 'attr' from the value
653 * of 'pgroup'
654 *
655 * Parameters: attr The spawn attributes object for which
656 * the process group information is to be
657 * set
658 * pgroup The process group to set
659 *
660 * Returns: 0 Success
661 */
662 int
posix_spawnattr_setpgroup(posix_spawnattr_t * attr,pid_t pgroup)663 posix_spawnattr_setpgroup(posix_spawnattr_t * attr, pid_t pgroup)
664 {
665 _posix_spawnattr_t psattr;
666
667 if (attr == NULL || *attr == NULL) {
668 return EINVAL;
669 }
670
671 psattr = *(_posix_spawnattr_t *)attr;
672 psattr->psa_pgroup = pgroup;
673
674 return 0;
675 }
676
677
678 /*
679 * posix_spawnattr_setsigmask
680 *
681 * Description: Set the set of signals to be masked for the spawn attribute
682 * value referenced by 'attr' from the memory containing the
683 * sigset_t referenced by 'sigmask'
684 *
685 * Parameters: attr The spawn attributes object whose
686 * signal set for masked signals is to
687 * be set
688 * sigmask A pointer to the sigset_t from which to
689 * obtain the signal set
690 *
691 * Returns: 0 Success
692 */
693 int
posix_spawnattr_setsigmask(posix_spawnattr_t * __restrict attr,const sigset_t * __restrict sigmask)694 posix_spawnattr_setsigmask(posix_spawnattr_t * __restrict attr,
695 const sigset_t * __restrict sigmask)
696 {
697 _posix_spawnattr_t psattr;
698
699 if (attr == NULL || *attr == NULL) {
700 return EINVAL;
701 }
702
703 psattr = *(_posix_spawnattr_t *)attr;
704 psattr->psa_sigmask = *sigmask;
705
706 return 0;
707 }
708
709
710 /*
711 * posix_spawnattr_setbinpref_np
712 *
713 * Description: Set the universal binary preferences for the spawn attribute
714 * value referenced by 'attr' from the memory containing the
715 * cpu_type_t array referenced by 'pref', size of 'count'
716 *
717 * Parameters: attr The spawn attributes object whose
718 * binary preferences are to be set
719 * count Size of the array pointed to by 'pref'
720 * pref cpu_type_t array of binary preferences
721 * ocount The actual number copied
722 *
723 * Returns: 0 No preferences copied
724 * > 0 Number of preferences copied
725 *
726 * Note: The posix_spawnattr_t currently only holds four cpu_type_t's.
727 * If the caller provides more preferences than this limit, they
728 * will be ignored, as reflected in the return value.
729 */
730 int
posix_spawnattr_setbinpref_np(posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,size_t * __restrict ocount)731 posix_spawnattr_setbinpref_np(posix_spawnattr_t * __restrict attr,
732 size_t count, cpu_type_t *pref, size_t * __restrict ocount)
733 {
734 _posix_spawnattr_t psattr;
735 int i = 0;
736
737 if (attr == NULL || *attr == NULL || pref == NULL) {
738 return EINVAL;
739 }
740
741 psattr = *(_posix_spawnattr_t *)attr;
742 for (i = 0; i < count && i < NBINPREFS; i++) {
743 psattr->psa_binprefs[i] = pref[i];
744 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
745 }
746
747 /* return number of binprefs copied over */
748 if (ocount) {
749 *ocount = i;
750 }
751
752 for (; i < NBINPREFS; i++) {
753 psattr->psa_binprefs[i] = 0;
754 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
755 }
756
757 return 0;
758 }
759
760 /*
761 * posix_spawnattr_setarchpref_np
762 *
763 * Description: Set the universal binary preferences for the spawn attribute
764 * value referenced by 'attr' from the memory containing the
765 * cpu_type_t array referenced by 'pref', the cpu_subtype_t array
766 * referenced by 'subpref' and size of 'count'
767 *
768 * Parameters: attr The spawn attributes object whose
769 * binary preferences are to be set
770 * count Size of the array pointed to by 'pref'
771 * pref cpu_type_t array of cpu binary preferences
772 * subpref cpu_subtype_t array of subcpu binary preferences
773 * ocount The actual number copied
774 *
775 * Returns: 0 No preferences copied
776 * > 0 Number of preferences copied
777 *
778 * Note: The posix_spawnattr_t currently only holds four
779 * cpu_type_t/cpu_subtype_t pairs.
780 * If the caller provides more preferences than this limit, they
781 * will be ignored, as reflected in the return value.
782 */
783 int
posix_spawnattr_setarchpref_np(posix_spawnattr_t * __restrict attr,size_t count,cpu_type_t * pref,cpu_subtype_t * subpref,size_t * __restrict ocount)784 posix_spawnattr_setarchpref_np(posix_spawnattr_t * __restrict attr,
785 size_t count, cpu_type_t *pref, cpu_subtype_t *subpref,
786 size_t * __restrict ocount)
787 {
788 _posix_spawnattr_t psattr;
789 int i = 0;
790
791 if (attr == NULL || *attr == NULL || pref == NULL || subpref == NULL) {
792 return EINVAL;
793 }
794
795 psattr = *(_posix_spawnattr_t *)attr;
796 for (i = 0; i < count && i < NBINPREFS; i++) {
797 psattr->psa_binprefs[i] = pref[i];
798 psattr->psa_subcpuprefs[i] = subpref[i];
799 }
800
801 /* return number of binprefs copied over */
802 if (ocount) {
803 *ocount = i;
804 }
805
806 for (; i < NBINPREFS; i++) {
807 psattr->psa_binprefs[i] = 0;
808 psattr->psa_subcpuprefs[i] = CPU_SUBTYPE_ANY;
809 }
810
811 return 0;
812 }
813
814 /*
815 * posix_spawnattr_setpcontrol_np
816 *
817 * Description: Set the process control property according to
818 * attribute value referenced by 'attr' from the memory
819 * containing the int value 'pcontrol'
820 *
821 * Parameters: attr The spawn attributes object whose
822 * signal set for default signals is to
823 * be set
824 * pcontrol An int value of the process control info
825 *
826 * Returns: 0 Success
827 */
828 int
posix_spawnattr_setpcontrol_np(posix_spawnattr_t * __restrict attr,const int pcontrol)829 posix_spawnattr_setpcontrol_np(posix_spawnattr_t * __restrict attr,
830 const int pcontrol)
831 {
832 _posix_spawnattr_t psattr;
833
834 if (attr == NULL || *attr == NULL) {
835 return EINVAL;
836 }
837
838 psattr = *(_posix_spawnattr_t *)attr;
839 psattr->psa_pcontrol = pcontrol;
840
841 return 0;
842 }
843
844
845 /*
846 * posix_spawnattr_setprocesstype_np
847 *
848 * Description: Set the process specific behaviors and app launch type
849 * attribute value referenced by 'attr' from the memory
850 * containing the int value 'proctype'
851 *
852 * Parameters: attr The spawn attributes object whose
853 * signal set for default signals is to
854 * be set
855 * proctype An int value of the process type info
856 *
857 * Returns: 0 Success
858 */
859 int
posix_spawnattr_setprocesstype_np(posix_spawnattr_t * __restrict attr,const int proctype)860 posix_spawnattr_setprocesstype_np(posix_spawnattr_t * __restrict attr,
861 const int proctype)
862 {
863 _posix_spawnattr_t psattr;
864
865 if (attr == NULL || *attr == NULL) {
866 return EINVAL;
867 }
868
869 psattr = *(_posix_spawnattr_t *)attr;
870 psattr->psa_apptype = proctype;
871
872 return 0;
873 }
874
875 /*
876 * posix_spawn_createportactions_np
877 * Description: create a new posix_spawn_port_actions struct and link
878 * it into the posix_spawnattr.
879 */
880 static int
posix_spawn_createportactions_np(posix_spawnattr_t * attr)881 posix_spawn_createportactions_np(posix_spawnattr_t *attr)
882 {
883 _posix_spawnattr_t psattr;
884 _posix_spawn_port_actions_t acts;
885
886 if (attr == NULL || *attr == NULL) {
887 return EINVAL;
888 }
889
890 psattr = *(_posix_spawnattr_t *)attr;
891 acts = (_posix_spawn_port_actions_t)malloc(PS_PORT_ACTIONS_SIZE(2));
892 if (acts == NULL) {
893 return ENOMEM;
894 }
895
896 acts->pspa_alloc = 2;
897 acts->pspa_count = 0;
898
899 psattr->psa_ports = acts;
900 return 0;
901 }
902
903 /*
904 * posix_spawn_growportactions_np
905 * Description: Enlarge the size of portactions if necessary
906 */
907 static int
posix_spawn_growportactions_np(posix_spawnattr_t * attr)908 posix_spawn_growportactions_np(posix_spawnattr_t *attr)
909 {
910 _posix_spawnattr_t psattr;
911 _posix_spawn_port_actions_t acts;
912
913 if (attr == NULL || *attr == NULL) {
914 return EINVAL;
915 }
916
917 psattr = *(_posix_spawnattr_t *)attr;
918 acts = psattr->psa_ports;
919 if (acts == NULL) {
920 return EINVAL;
921 }
922
923 /* Double number of port actions allocated for */
924 int newnum = 0;
925 if (os_mul_overflow(acts->pspa_alloc, 2, &newnum)) {
926 return ENOMEM;
927 }
928 size_t newsize = PS_PORT_ACTIONS_SIZE(newnum);
929 if (newsize == 0) {
930 return ENOMEM;
931 }
932
933 acts = realloc(acts, newsize);
934 if (acts == NULL) {
935 return ENOMEM;
936 }
937
938 acts->pspa_alloc = newnum;
939 psattr->psa_ports = acts;
940 return 0;
941 }
942
943 /*
944 * posix_spawn_destroyportactions_np
945 * Description: clean up portactions struct in posix_spawnattr_t attr
946 */
947 static int
posix_spawn_destroyportactions_np(posix_spawnattr_t * attr)948 posix_spawn_destroyportactions_np(posix_spawnattr_t *attr)
949 {
950 _posix_spawnattr_t psattr;
951 _posix_spawn_port_actions_t acts;
952
953 if (attr == NULL || *attr == NULL) {
954 return EINVAL;
955 }
956
957 psattr = *(_posix_spawnattr_t *)attr;
958 acts = psattr->psa_ports;
959 if (acts == NULL) {
960 return EINVAL;
961 }
962
963 free(acts);
964 return 0;
965 }
966
967 /*
968 * posix_spawn_destroycoalition_info_np
969 * Description: clean up coalition_info struct in posix_spawnattr_t attr
970 */
971 static int
posix_spawn_destroycoalition_info_np(posix_spawnattr_t * attr)972 posix_spawn_destroycoalition_info_np(posix_spawnattr_t *attr)
973 {
974 _posix_spawnattr_t psattr;
975 struct _posix_spawn_coalition_info *coal_info;
976
977 if (attr == NULL || *attr == NULL) {
978 return EINVAL;
979 }
980
981 psattr = *(_posix_spawnattr_t *)attr;
982 coal_info = psattr->psa_coalition_info;
983 if (coal_info == NULL) {
984 return EINVAL;
985 }
986
987 psattr->psa_coalition_info = NULL;
988 free(coal_info);
989 return 0;
990 }
991
992 /*
993 * posix_spawn_destroypersona_info_np
994 * Description: clean up persona_info struct in posix_spawnattr_t attr
995 */
996 static int
posix_spawn_destroypersona_info_np(posix_spawnattr_t * attr)997 posix_spawn_destroypersona_info_np(posix_spawnattr_t *attr)
998 {
999 _posix_spawnattr_t psattr;
1000 struct _posix_spawn_persona_info *persona;
1001
1002 if (attr == NULL || *attr == NULL) {
1003 return EINVAL;
1004 }
1005
1006 psattr = *(_posix_spawnattr_t *)attr;
1007 persona = psattr->psa_persona_info;
1008 if (persona == NULL) {
1009 return EINVAL;
1010 }
1011
1012 psattr->psa_persona_info = NULL;
1013 free(persona);
1014 return 0;
1015 }
1016
1017 /*
1018 * posix_spawn_destroyposix_cred_info_np
1019 * Description: clean up posix_cred_info struct in posix_spawnattr_t attr
1020 */
1021 static int
posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t * attr)1022 posix_spawn_destroyposix_cred_info_np(posix_spawnattr_t *attr)
1023 {
1024 _posix_spawnattr_t psattr;
1025 struct _posix_spawn_posix_cred_info *pspci;
1026
1027 if (attr == NULL || *attr == NULL) {
1028 return EINVAL;
1029 }
1030
1031 psattr = *(_posix_spawnattr_t *)attr;
1032 pspci = psattr->psa_posix_cred_info;
1033 if (pspci == NULL) {
1034 return EINVAL;
1035 }
1036
1037 psattr->psa_posix_cred_info = NULL;
1038 free(pspci);
1039 return 0;
1040 }
1041
1042 /*
1043 * posix_spawn_set_subsystem_root_path
1044 * Description: Set path as the subsystem root path for attr; clears if NULL
1045 */
1046 int
posix_spawnattr_set_subsystem_root_path_np(posix_spawnattr_t * attr,char * path)1047 posix_spawnattr_set_subsystem_root_path_np(posix_spawnattr_t *attr, char *path)
1048 {
1049 _posix_spawnattr_t psattr;
1050 char * buf = NULL;
1051 char * old_buf;
1052 size_t bytes;
1053
1054 if (attr == NULL || *attr == NULL) {
1055 return EINVAL;
1056 }
1057
1058 psattr = *(_posix_spawnattr_t *)attr;
1059
1060 if (path) {
1061 buf = malloc(MAXPATHLEN);
1062
1063 if (buf == NULL) {
1064 return ENOMEM;
1065 }
1066
1067 bytes = strlcpy(buf, path, MAXPATHLEN);
1068
1069 if (bytes >= MAXPATHLEN) {
1070 free(buf);
1071 return ENAMETOOLONG;
1072 }
1073 }
1074
1075 old_buf = psattr->psa_subsystem_root_path;
1076 psattr->psa_subsystem_root_path = buf;
1077
1078 free(old_buf);
1079
1080 return 0;
1081 }
1082
1083 /*
1084 * posix_spawn_destroy_subsystem_root_path_np
1085 * Description: clean up subsystem_root_path string in posix_spawnattr_t attr
1086 */
1087 static int
posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t * attr)1088 posix_spawn_destroysubsystem_root_path_np(posix_spawnattr_t *attr)
1089 {
1090 _posix_spawnattr_t psattr;
1091 char * subsystem_root_path;
1092
1093 if (attr == NULL || *attr == NULL) {
1094 return EINVAL;
1095 }
1096
1097 psattr = *(_posix_spawnattr_t *)attr;
1098 subsystem_root_path = psattr->psa_subsystem_root_path;
1099
1100 if (subsystem_root_path == NULL) {
1101 return EINVAL;
1102 }
1103
1104 psattr->psa_subsystem_root_path = NULL;
1105 free(subsystem_root_path);
1106 return 0;
1107 }
1108
1109 /*
1110 * posix_spawnattr_set_platform_np
1111 * Description: sets the platform in posix_spawnattr_t attr
1112 *
1113 * To be implemented.
1114 */
1115 int
posix_spawnattr_set_platform_np(posix_spawnattr_t * attr,int platform,uint32_t flags)1116 posix_spawnattr_set_platform_np(posix_spawnattr_t *attr, int platform, uint32_t flags)
1117 {
1118 _posix_spawnattr_t psattr;
1119
1120 if (attr == NULL || *attr == NULL) {
1121 return EINVAL;
1122 }
1123
1124 psattr = *(_posix_spawnattr_t *)attr;
1125 psattr->psa_platform = platform;
1126
1127 (void)flags;
1128 return 0;
1129 }
1130
1131 /*
1132 * posix_spawnattr_disable_ptr_auth_a_keys_np
1133 * Description: Set flag to disable A keys for Ptr Auth
1134 */
1135 int
posix_spawnattr_disable_ptr_auth_a_keys_np(posix_spawnattr_t * attr,uint32_t flags)1136 posix_spawnattr_disable_ptr_auth_a_keys_np(posix_spawnattr_t *attr, uint32_t flags)
1137 {
1138 _posix_spawnattr_t psattr;
1139
1140 if (attr == NULL || *attr == NULL) {
1141 return EINVAL;
1142 }
1143
1144 psattr = *(_posix_spawnattr_t *)attr;
1145
1146 psattr->psa_options |= PSA_OPTION_PLUGIN_HOST_DISABLE_A_KEYS;
1147 (void)flags;
1148 return 0;
1149 }
1150
1151 /*
1152 * posix_spawnattr_set_alt_rosetta_np
1153 * Description: Set flag to use alternative Rosetta runtime
1154 */
1155 int
posix_spawnattr_set_alt_rosetta_np(posix_spawnattr_t * attr,uint32_t flags)1156 posix_spawnattr_set_alt_rosetta_np(posix_spawnattr_t *attr, uint32_t flags)
1157 {
1158 _posix_spawnattr_t psattr;
1159
1160 if (attr == NULL || *attr == NULL) {
1161 return EINVAL;
1162 }
1163
1164 psattr = *(_posix_spawnattr_t *)attr;
1165
1166 psattr->psa_options |= PSA_OPTION_ALT_ROSETTA;
1167 (void)flags;
1168 return 0;
1169 }
1170
1171 /*
1172 * posix_spawn_appendportaction_np
1173 * Description: append a port action, grow the array if necessary
1174 */
1175 static int
posix_spawn_appendportaction_np(posix_spawnattr_t * attr,_ps_port_action_t * act)1176 posix_spawn_appendportaction_np(posix_spawnattr_t *attr, _ps_port_action_t *act)
1177 {
1178 _posix_spawnattr_t psattr;
1179 _posix_spawn_port_actions_t acts;
1180
1181 if (attr == NULL || *attr == NULL || act == NULL) {
1182 return EINVAL;
1183 }
1184
1185 psattr = *(_posix_spawnattr_t *)attr;
1186 acts = psattr->psa_ports;
1187
1188 // Have any port actions been created yet?
1189 if (acts == NULL) {
1190 int err = posix_spawn_createportactions_np(attr);
1191 if (err) {
1192 return err;
1193 }
1194 acts = psattr->psa_ports;
1195 }
1196
1197 // Is there enough room?
1198 if (acts->pspa_alloc == acts->pspa_count) {
1199 int err = posix_spawn_growportactions_np(attr);
1200 if (err) {
1201 return err;
1202 }
1203 acts = psattr->psa_ports;
1204 }
1205
1206 // Add this action to next spot in array
1207 acts->pspa_actions[acts->pspa_count] = *act;
1208 acts->pspa_count++;
1209
1210 return 0;
1211 }
1212
1213 /*
1214 * posix_spawnattr_setspecialport_np
1215 *
1216 * Description: Set a new value for a mach special port in the spawned task.
1217 *
1218 * Parameters: attr The spawn attributes object for the
1219 * new process
1220 * new_port The new value for the special port
1221 * which The particular port to be set
1222 * (see task_set_special_port for details)
1223 *
1224 * Returns: 0 Success
1225 * ENOMEM Couldn't allocate memory
1226 */
1227 int
posix_spawnattr_setspecialport_np(posix_spawnattr_t * attr,mach_port_t new_port,int which)1228 posix_spawnattr_setspecialport_np(
1229 posix_spawnattr_t *attr,
1230 mach_port_t new_port,
1231 int which)
1232 {
1233 _ps_port_action_t action = {
1234 .port_type = PSPA_SPECIAL,
1235 .new_port = new_port,
1236 .which = which,
1237 };
1238 return posix_spawn_appendportaction_np(attr, &action);
1239 }
1240
1241 /*
1242 * posix_spawnattr_setsuidcredport_np
1243 *
1244 * Description: Set an suid cred port to be used to execute with a different UID.
1245 *
1246 * Parameters: attr The spawn attributes object for the
1247 * new process
1248 * port The suid cred port
1249 *
1250 * Returns: 0 Success
1251 */
1252 int
posix_spawnattr_setsuidcredport_np(posix_spawnattr_t * attr,mach_port_t port)1253 posix_spawnattr_setsuidcredport_np(posix_spawnattr_t *attr, mach_port_t port)
1254 {
1255 _ps_port_action_t action = {
1256 .port_type = PSPA_SUID_CRED,
1257 .new_port = port,
1258 };
1259 return posix_spawn_appendportaction_np(attr, &action);
1260 }
1261
1262 /*
1263 * posix_spawnattr_setexceptionports_np
1264 *
1265 * Description: Set a new port for a set of exception ports in the spawned task.
1266 *
1267 * Parameters: attr The spawn attributes object for the
1268 * new process
1269 * mask A bitfield indicating which exceptions
1270 * to associate the port with
1271 * new_port The new value for the exception port
1272 * behavior The default behavior for the port
1273 * flavor The default flavor for the port
1274 * (see task_set_exception_ports)
1275 *
1276 * Returns: 0 Success
1277 */
1278 int
posix_spawnattr_setexceptionports_np(posix_spawnattr_t * attr,exception_mask_t mask,mach_port_t new_port,exception_behavior_t behavior,thread_state_flavor_t flavor)1279 posix_spawnattr_setexceptionports_np(
1280 posix_spawnattr_t *attr,
1281 exception_mask_t mask,
1282 mach_port_t new_port,
1283 exception_behavior_t behavior,
1284 thread_state_flavor_t flavor)
1285 {
1286 _ps_port_action_t action = {
1287 .port_type = PSPA_EXCEPTION,
1288 .mask = mask,
1289 .new_port = new_port,
1290 .behavior = behavior,
1291 .flavor = flavor,
1292 };
1293 return posix_spawn_appendportaction_np(attr, &action);
1294 }
1295
1296 /*
1297 * posix_spawnattr_setauditsessionport_np
1298 *
1299 * Description: Set the audit session port rights attribute in the spawned task.
1300 * This is used to securely set the audit session information for
1301 * the new task.
1302 *
1303 * Parameters: attr The spawn attributes object for the
1304 * new process
1305 * au_sessionport The audit session send port right
1306 *
1307 * Returns: 0 Success
1308 */
1309 int
posix_spawnattr_setauditsessionport_np(posix_spawnattr_t * attr,mach_port_t au_sessionport)1310 posix_spawnattr_setauditsessionport_np(
1311 posix_spawnattr_t *attr,
1312 mach_port_t au_sessionport)
1313 {
1314 _ps_port_action_t action = {
1315 .port_type = PSPA_AU_SESSION,
1316 .new_port = au_sessionport,
1317 };
1318 return posix_spawn_appendportaction_np(attr, &action);
1319 }
1320
1321
1322 /*
1323 * posix_spawn_file_actions_init
1324 *
1325 * Description: Initialize a spawn file actions object attr with default values
1326 *
1327 * Parameters: file_actions The spawn file actions object to be
1328 * initialized
1329 *
1330 * Returns: 0 Success
1331 * ENOMEM Insufficient memory exists to
1332 * initialize the spawn file actions
1333 * object.
1334 *
1335 * Note: As an implementation detail, the externally visibily type
1336 * posix_spawn_file_actions_t is defined to be a void *, and
1337 * initialization involves allocation of a memory object.
1338 * Subsequent changes to the spawn file actions may result in
1339 * reallocation under the covers.
1340 *
1341 * Reinitialization of an already initialized spawn file actions
1342 * object will result in memory being leaked. Because spawn
1343 * file actions are not required to be used in conjunction with a
1344 * static initializer, there is no way to distinguish a spawn
1345 * file actions with stack garbage from one that's been
1346 * initialized. This is arguably an API design error.
1347 */
1348 int
posix_spawn_file_actions_init(posix_spawn_file_actions_t * file_actions)1349 posix_spawn_file_actions_init(posix_spawn_file_actions_t *file_actions)
1350 {
1351 _posix_spawn_file_actions_t *psactsp = (_posix_spawn_file_actions_t *)file_actions;
1352 int err = 0;
1353
1354 if ((*psactsp = (_posix_spawn_file_actions_t)malloc(PSF_ACTIONS_SIZE(PSF_ACTIONS_INIT_COUNT))) == NULL) {
1355 err = ENOMEM;
1356 } else {
1357 (*psactsp)->psfa_act_alloc = PSF_ACTIONS_INIT_COUNT;
1358 (*psactsp)->psfa_act_count = 0;
1359 }
1360
1361 return err;
1362 }
1363
1364
1365 /*
1366 * posix_spawn_file_actions_destroy
1367 *
1368 * Description: Destroy a spawn file actions object that was previously
1369 * initialized via posix_spawn_file_actions_init() by freeing any
1370 * memory associated with it and setting it to an invalid value.
1371 *
1372 * Parameters: attr The spawn file actions object to be
1373 * destroyed.
1374 *
1375 * Returns: 0 Success
1376 *
1377 * Notes: The destroyed spawn file actions results in the void * pointer
1378 * being set to NULL; subsequent use without reinitialization
1379 * will result in explicit program failure (rather than merely
1380 * "undefined behaviour").
1381 *
1382 * NOTIMP: Allowed failures (checking NOT required):
1383 * EINVAL The value specified by file_actions is invalid.
1384 */
1385 int
posix_spawn_file_actions_destroy(posix_spawn_file_actions_t * file_actions)1386 posix_spawn_file_actions_destroy(posix_spawn_file_actions_t *file_actions)
1387 {
1388 _posix_spawn_file_actions_t psacts;
1389
1390 if (file_actions == NULL || *file_actions == NULL) {
1391 return EINVAL;
1392 }
1393
1394 psacts = *(_posix_spawn_file_actions_t *)file_actions;
1395 free(psacts);
1396 *file_actions = NULL;
1397
1398 return 0;
1399 }
1400
1401
1402 /*
1403 * _posix_spawn_file_actions_grow
1404 *
1405 * Description: Grow the available list of file actions associated with the
1406 * pointer to the structure provided; replace the contents of the
1407 * pointer as a side effect.
1408 *
1409 * Parameters: psactsp Pointer to _posix_spawn_file_actions_t
1410 * to grow
1411 *
1412 * Returns: 0 Success
1413 * ENOMEM Insufficient memory for operation
1414 *
1415 * Notes: This code is common to all posix_spawn_file_actions_*()
1416 * functions, since we use a naieve data structure implementation
1417 * at present. Future optimization will likely change this.
1418 */
1419 static int
_posix_spawn_file_actions_grow(_posix_spawn_file_actions_t * psactsp)1420 _posix_spawn_file_actions_grow(_posix_spawn_file_actions_t *psactsp)
1421 {
1422 int newnum = 0;
1423 if (os_mul_overflow((*psactsp)->psfa_act_alloc, 2, &newnum)) {
1424 return ENOMEM;
1425 }
1426
1427 size_t newsize = PSF_ACTIONS_SIZE(newnum);
1428 if (newsize == 0) {
1429 return ENOMEM;
1430 }
1431
1432 /*
1433 * XXX may want to impose an administrative limit here; POSIX does
1434 * XXX not provide for an administrative error return in this case,
1435 * XXX so it's probably acceptable to just fail catastrophically
1436 * XXX instead of implementing one.
1437 */
1438 _posix_spawn_file_actions_t new_psacts;
1439 if ((new_psacts = (_posix_spawn_file_actions_t)realloc((*psactsp), newsize)) == NULL) {
1440 return ENOMEM;
1441 }
1442 new_psacts->psfa_act_alloc = newnum;
1443 *psactsp = new_psacts;
1444
1445 return 0;
1446 }
1447
1448
1449 /*
1450 * posix_spawn_file_actions_addopen
1451 *
1452 * Description: Add an open action to the object referenced by 'file_actions'
1453 * that will cause the file named by 'path' to be attempted to be
1454 * opened with flags 'oflag' and mode 'mode', and, if successful,
1455 * return as descriptor 'filedes' to the spawned process.
1456 *
1457 * Parameters: file_actions File action object to augment
1458 * filedes fd that open is to use
1459 * path path to file to open
1460 * oflag open file flags
1461 * mode open file mode
1462 *
1463 * Returns: 0 Success
1464 * EBADF The value specified by fildes is
1465 * negative or greater than or equal to
1466 * {OPEN_MAX}.
1467 * ENOMEM Insufficient memory exists to add to
1468 * the spawn file actions object.
1469 *
1470 * NOTIMP: Allowed failures (checking NOT required):
1471 * EINVAL The value specified by file_actions is invalid.
1472 */
1473 int
posix_spawn_file_actions_addopen(posix_spawn_file_actions_t * __restrict file_actions,int filedes,const char * __restrict path,int oflag,mode_t mode)1474 posix_spawn_file_actions_addopen(
1475 posix_spawn_file_actions_t * __restrict file_actions,
1476 int filedes, const char * __restrict path, int oflag,
1477 mode_t mode)
1478 {
1479 _posix_spawn_file_actions_t *psactsp;
1480 _psfa_action_t *psfileact;
1481
1482 if (file_actions == NULL || *file_actions == NULL) {
1483 return EINVAL;
1484 }
1485
1486 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1487 /* Range check; required by POSIX */
1488 if (filedes < 0 || filedes >= OPEN_MAX) {
1489 return EBADF;
1490 }
1491
1492 /* If we do not have enough slots, grow the structure */
1493 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1494 /* need to grow file actions structure */
1495 if (_posix_spawn_file_actions_grow(psactsp)) {
1496 return ENOMEM;
1497 }
1498 }
1499
1500 /*
1501 * Allocate next available slot and fill it out
1502 */
1503 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1504
1505 psfileact->psfaa_type = PSFA_OPEN;
1506 psfileact->psfaa_filedes = filedes;
1507 psfileact->psfaa_openargs.psfao_oflag = oflag;
1508 psfileact->psfaa_openargs.psfao_mode = mode;
1509 strlcpy(psfileact->psfaa_openargs.psfao_path, path, PATH_MAX);
1510
1511 return 0;
1512 }
1513
1514
1515 /*
1516 * posix_spawn_file_actions_addclose
1517 *
1518 * Description: Add a close action to the object referenced by 'file_actions'
1519 * that will cause the file referenced by 'filedes' to be
1520 * attempted to be closed in the spawned process.
1521 *
1522 * Parameters: file_actions File action object to augment
1523 * filedes fd to close
1524 *
1525 * Returns: 0 Success
1526 * EBADF The value specified by fildes is
1527 * negative or greater than or equal to
1528 * {OPEN_MAX}.
1529 * ENOMEM Insufficient memory exists to add to
1530 * the spawn file actions object.
1531 *
1532 * NOTIMP: Allowed failures (checking NOT required):
1533 * EINVAL The value specified by file_actions is invalid.
1534 */
1535 int
posix_spawn_file_actions_addclose(posix_spawn_file_actions_t * file_actions,int filedes)1536 posix_spawn_file_actions_addclose(posix_spawn_file_actions_t *file_actions,
1537 int filedes)
1538 {
1539 _posix_spawn_file_actions_t *psactsp;
1540 _psfa_action_t *psfileact;
1541
1542 if (file_actions == NULL || *file_actions == NULL) {
1543 return EINVAL;
1544 }
1545
1546 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1547 /* Range check; required by POSIX */
1548 if (filedes < 0 || filedes >= OPEN_MAX) {
1549 return EBADF;
1550 }
1551
1552 /* If we do not have enough slots, grow the structure */
1553 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1554 /* need to grow file actions structure */
1555 if (_posix_spawn_file_actions_grow(psactsp)) {
1556 return ENOMEM;
1557 }
1558 }
1559
1560 /*
1561 * Allocate next available slot and fill it out
1562 */
1563 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1564
1565 psfileact->psfaa_type = PSFA_CLOSE;
1566 psfileact->psfaa_filedes = filedes;
1567
1568 return 0;
1569 }
1570
1571
1572 /*
1573 * posix_spawn_file_actions_adddup2
1574 *
1575 * Description: Add a dup2 action to the object referenced by 'file_actions'
1576 * that will cause the file referenced by 'filedes' to be
1577 * attempted to be dup2'ed to the descriptor 'newfiledes' in the
1578 * spawned process.
1579 *
1580 * Parameters: file_actions File action object to augment
1581 * filedes fd to dup2
1582 * newfiledes fd to dup2 it to
1583 *
1584 * Returns: 0 Success
1585 * EBADF The value specified by either fildes
1586 * or by newfiledes is negative or greater
1587 * than or equal to {OPEN_MAX}.
1588 * ENOMEM Insufficient memory exists to add to
1589 * the spawn file actions object.
1590 *
1591 * NOTIMP: Allowed failures (checking NOT required):
1592 * EINVAL The value specified by file_actions is invalid.
1593 */
1594 int
posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t * file_actions,int filedes,int newfiledes)1595 posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t *file_actions,
1596 int filedes, int newfiledes)
1597 {
1598 _posix_spawn_file_actions_t *psactsp;
1599 _psfa_action_t *psfileact;
1600
1601 if (file_actions == NULL || *file_actions == NULL) {
1602 return EINVAL;
1603 }
1604
1605 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1606 /* Range check; required by POSIX */
1607 if (filedes < 0 || filedes >= OPEN_MAX ||
1608 newfiledes < 0 || newfiledes >= OPEN_MAX) {
1609 return EBADF;
1610 }
1611
1612 /* If we do not have enough slots, grow the structure */
1613 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1614 /* need to grow file actions structure */
1615 if (_posix_spawn_file_actions_grow(psactsp)) {
1616 return ENOMEM;
1617 }
1618 }
1619
1620 /*
1621 * Allocate next available slot and fill it out
1622 */
1623 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1624
1625 psfileact->psfaa_type = PSFA_DUP2;
1626 psfileact->psfaa_filedes = filedes;
1627 psfileact->psfaa_dup2args.psfad_newfiledes = newfiledes;
1628
1629 return 0;
1630 }
1631
1632 /*
1633 * posix_spawn_file_actions_add_fileportdup2_np
1634 *
1635 * Description: Add a dup2 action to the object referenced by 'file_actions'
1636 * that will cause the file referenced by 'fileport' to be
1637 * attempted to be dup2'ed to the descriptor 'newfiledes' in the
1638 * spawned process.
1639 *
1640 * Parameters: file_actions File action object to augment
1641 * filedes fileport to dup2
1642 * newfiledes fd to dup2 it to
1643 *
1644 * Returns: 0 Success
1645 * EBADF fileport isn't a valid port, or the
1646 * value specified by newfiledes is
1647 * negative or greater than or equal to
1648 * {OPEN_MAX}.
1649 * ENOMEM Insufficient memory exists to add to
1650 * the spawn file actions object.
1651 *
1652 * NOTIMP: Allowed failures (checking NOT required):
1653 * EINVAL The value specified by file_actions is invalid.
1654 */
1655 int
posix_spawn_file_actions_add_fileportdup2_np(posix_spawn_file_actions_t * file_actions,mach_port_t fileport,int newfiledes)1656 posix_spawn_file_actions_add_fileportdup2_np(
1657 posix_spawn_file_actions_t *file_actions,
1658 mach_port_t fileport, int newfiledes)
1659 {
1660 _posix_spawn_file_actions_t *psactsp;
1661 _psfa_action_t *psfileact;
1662
1663 if (file_actions == NULL || *file_actions == NULL) {
1664 return EINVAL;
1665 }
1666
1667 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1668 /* Range check; required by POSIX */
1669 if (!MACH_PORT_VALID(fileport) ||
1670 newfiledes < 0 || newfiledes >= OPEN_MAX) {
1671 return EBADF;
1672 }
1673
1674 /* If we do not have enough slots, grow the structure */
1675 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1676 /* need to grow file actions structure */
1677 if (_posix_spawn_file_actions_grow(psactsp)) {
1678 return ENOMEM;
1679 }
1680 }
1681
1682 /*
1683 * Allocate next available slot and fill it out
1684 */
1685 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1686
1687 psfileact->psfaa_type = PSFA_FILEPORT_DUP2;
1688 psfileact->psfaa_fileport = fileport;
1689 psfileact->psfaa_dup2args.psfad_newfiledes = newfiledes;
1690
1691 return 0;
1692 }
1693
1694 /*
1695 * posix_spawn_file_actions_addinherit_np
1696 *
1697 * Description: Add the "inherit" action to the object referenced by
1698 * 'file_actions' that will cause the file referenced by
1699 * 'filedes' to continue to be available in the spawned
1700 * process via the same descriptor.
1701 *
1702 * Inheritance is the normal default behaviour for
1703 * file descriptors across exec and spawn; but if the
1704 * POSIX_SPAWN_CLOEXEC_DEFAULT flag is set, the usual
1705 * default is reversed for the purposes of the spawn
1706 * invocation. Any pre-existing descriptors that
1707 * need to be made available to the spawned process can
1708 * be marked explicitly as 'inherit' via this interface.
1709 * Otherwise they will be automatically closed.
1710 *
1711 * Note that any descriptors created via the other file
1712 * actions interfaces are automatically marked as 'inherit'.
1713 *
1714 * Parameters: file_actions File action object to augment
1715 * filedes fd to inherit.
1716 *
1717 * Returns: 0 Success
1718 * EBADF The value specified by fildes is
1719 * negative or greater than or equal to
1720 * {OPEN_MAX}.
1721 * ENOMEM Insufficient memory exists to add to
1722 * the spawn file actions object.
1723 *
1724 * NOTIMP: Allowed failures (checking NOT required):
1725 * EINVAL The value specified by file_actions is invalid.
1726 */
1727 int
posix_spawn_file_actions_addinherit_np(posix_spawn_file_actions_t * file_actions,int filedes)1728 posix_spawn_file_actions_addinherit_np(posix_spawn_file_actions_t *file_actions,
1729 int filedes)
1730 {
1731 _posix_spawn_file_actions_t *psactsp;
1732 _psfa_action_t *psfileact;
1733
1734 if (file_actions == NULL || *file_actions == NULL) {
1735 return EINVAL;
1736 }
1737
1738 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1739 /* Range check; required by POSIX */
1740 if (filedes < 0 || filedes >= OPEN_MAX) {
1741 return EBADF;
1742 }
1743
1744 #if defined(POSIX_SPAWN_CLOEXEC_DEFAULT) // TODO: delete this check
1745 /* If we do not have enough slots, grow the structure */
1746 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1747 /* need to grow file actions structure */
1748 if (_posix_spawn_file_actions_grow(psactsp)) {
1749 return ENOMEM;
1750 }
1751 }
1752
1753 /*
1754 * Allocate next available slot and fill it out
1755 */
1756 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1757
1758 psfileact->psfaa_type = PSFA_INHERIT;
1759 psfileact->psfaa_filedes = filedes;
1760 #endif
1761 return 0;
1762 }
1763
1764
1765 /*
1766 * posix_spawn_file_actions_addchdir_np
1767 *
1768 * Description: Add a chdir action to the object referenced by 'file_actions'
1769 * that will cause the current working directory to attempt to be changed
1770 * to that referenced by 'path' in the spawned process.
1771 *
1772 * Parameters: file_actions File action object to augment
1773 * path path of the desired working directory
1774 *
1775 * Returns: 0 Success
1776 * ENOMEM Insufficient memory exists to add to
1777 * the spawn file actions object.
1778 * ENAMETOOLONG The supplied path exceeded PATH_MAX.
1779 *
1780 * NOTIMP: Allowed failures (checking NOT required):
1781 * EINVAL The value specified by file_actions is invalid.
1782 */
1783 int
posix_spawn_file_actions_addchdir_np(posix_spawn_file_actions_t * __restrict file_actions,const char * __restrict path)1784 posix_spawn_file_actions_addchdir_np(
1785 posix_spawn_file_actions_t * __restrict file_actions,
1786 const char * __restrict path)
1787 {
1788 _posix_spawn_file_actions_t *psactsp;
1789 _psfa_action_t *psfileact;
1790
1791 if (file_actions == NULL || *file_actions == NULL) {
1792 return EINVAL;
1793 }
1794
1795 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1796
1797 /* If we do not have enough slots, grow the structure */
1798 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1799 /* need to grow file actions structure */
1800 if (_posix_spawn_file_actions_grow(psactsp)) {
1801 return ENOMEM;
1802 }
1803 }
1804
1805 /*
1806 * Allocate next available slot and fill it out
1807 */
1808 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1809
1810 psfileact->psfaa_type = PSFA_CHDIR;
1811 if (strlcpy(psfileact->psfaa_chdirargs.psfac_path, path, PATH_MAX) >= PATH_MAX) {
1812 (*psactsp)->psfa_act_count--;
1813 return ENAMETOOLONG;
1814 }
1815
1816 return 0;
1817 }
1818
1819
1820 /*
1821 * posix_spawn_file_actions_fchdir_np
1822 *
1823 * Description: Add a fchdir action to the object referenced by 'file_actions'
1824 * that will cause the current working directory to attempt to be changed
1825 * to that referenced by the descriptor 'filedes' in the spawned process.
1826 *
1827 * Parameters: file_actions File action object to augment
1828 * filedes fd to chdir to
1829 *
1830 * Returns: 0 Success
1831 * EBADF The value specified by either fildes is negative or
1832 * greater than or equal to {OPEN_MAX}.
1833 * ENOMEM Insufficient memory exists to add to
1834 * the spawn file actions object.
1835 *
1836 * NOTIMP: Allowed failures (checking NOT required):
1837 * EINVAL The value specified by file_actions is invalid.
1838 */
1839 int
posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t * file_actions,int filedes)1840 posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t *file_actions,
1841 int filedes)
1842 {
1843 _posix_spawn_file_actions_t *psactsp;
1844 _psfa_action_t *psfileact;
1845
1846 if (file_actions == NULL || *file_actions == NULL) {
1847 return EINVAL;
1848 }
1849
1850 psactsp = (_posix_spawn_file_actions_t *)file_actions;
1851 /* Range check; in spirit of POSIX */
1852 if (filedes < 0 || filedes >= OPEN_MAX) {
1853 return EBADF;
1854 }
1855
1856 /* If we do not have enough slots, grow the structure */
1857 if ((*psactsp)->psfa_act_count == (*psactsp)->psfa_act_alloc) {
1858 /* need to grow file actions structure */
1859 if (_posix_spawn_file_actions_grow(psactsp)) {
1860 return ENOMEM;
1861 }
1862 }
1863
1864 /*
1865 * Allocate next available slot and fill it out
1866 */
1867 psfileact = &(*psactsp)->psfa_act_acts[(*psactsp)->psfa_act_count++];
1868
1869 psfileact->psfaa_type = PSFA_FCHDIR;
1870 psfileact->psfaa_filedes = filedes;
1871
1872 return 0;
1873 }
1874
1875 int
posix_spawnattr_setcpumonitor_default(posix_spawnattr_t * __restrict attr)1876 posix_spawnattr_setcpumonitor_default(posix_spawnattr_t * __restrict attr)
1877 {
1878 return posix_spawnattr_setcpumonitor(attr, PROC_POLICY_CPUMON_DEFAULTS, 0);
1879 }
1880
1881 int
posix_spawnattr_setcpumonitor(posix_spawnattr_t * __restrict attr,uint64_t percent,uint64_t interval)1882 posix_spawnattr_setcpumonitor(posix_spawnattr_t * __restrict attr,
1883 uint64_t percent, uint64_t interval)
1884 {
1885 _posix_spawnattr_t psattr;
1886
1887 if (attr == NULL || *attr == NULL) {
1888 return EINVAL;
1889 }
1890
1891 psattr = *(_posix_spawnattr_t *)attr;
1892
1893 psattr->psa_cpumonitor_percent = percent;
1894 psattr->psa_cpumonitor_interval = interval;
1895
1896 return 0;
1897 }
1898
1899 int
posix_spawnattr_getcpumonitor(posix_spawnattr_t * __restrict attr,uint64_t * percent,uint64_t * interval)1900 posix_spawnattr_getcpumonitor(posix_spawnattr_t * __restrict attr,
1901 uint64_t *percent, uint64_t *interval)
1902 {
1903 _posix_spawnattr_t psattr;
1904
1905 if (attr == NULL || *attr == NULL) {
1906 return EINVAL;
1907 }
1908
1909 psattr = *(_posix_spawnattr_t *)attr;
1910
1911 *percent = psattr->psa_cpumonitor_percent;
1912 *interval = psattr->psa_cpumonitor_interval;
1913
1914 return 0;
1915 }
1916
1917 #if (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR)
1918 /*
1919 * posix_spawnattr_setjetsam
1920 *
1921 * Description: Set jetsam attributes for the spawn attribute object
1922 * referred to by 'attr'.
1923 *
1924 * Parameters: flags The flags value to set
1925 * priority Relative jetsam priority
1926 * memlimit Value in megabytes; a memory footprint
1927 * above this level may result in termination.
1928 * Implies both active and inactive limits.
1929 *
1930 * Returns: 0 Success
1931 *
1932 * Note: to be deprecated (not available on desktop)
1933 *
1934 */
1935 int
posix_spawnattr_setjetsam(posix_spawnattr_t * __restrict attr,short flags,int priority,int memlimit)1936 posix_spawnattr_setjetsam(posix_spawnattr_t * __restrict attr,
1937 short flags, int priority, int memlimit)
1938 {
1939 short flags_ext = flags;
1940
1941 if (flags & POSIX_SPAWN_JETSAM_MEMLIMIT_FATAL) {
1942 flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
1943 flags_ext |= POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
1944 } else {
1945 flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_ACTIVE_FATAL;
1946 flags_ext &= ~POSIX_SPAWN_JETSAM_MEMLIMIT_INACTIVE_FATAL;
1947 }
1948
1949 return posix_spawnattr_setjetsam_ext(attr, flags_ext, priority, memlimit, memlimit);
1950 }
1951 #endif /* (TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) */
1952
1953 /*
1954 * posix_spawnattr_setjetsam_ext
1955 *
1956 * Description: Set jetsam attributes for the spawn attribute object
1957 * referred to by 'attr'.
1958 *
1959 * Parameters: flags The flags value to set
1960 * priority Relative jetsam priority
1961 * memlimit_active Value in megabytes; memory footprint
1962 * above this level while process is
1963 * active may result in termination.
1964 * memlimit_inactive Value in megabytes; memory footprint
1965 * above this level while process is
1966 * inactive may result in termination.
1967 *
1968 * Returns: 0 Success
1969 */
1970 int
posix_spawnattr_setjetsam_ext(posix_spawnattr_t * __restrict attr,short flags,int priority,int memlimit_active,int memlimit_inactive)1971 posix_spawnattr_setjetsam_ext(posix_spawnattr_t * __restrict attr,
1972 short flags, int priority, int memlimit_active, int memlimit_inactive)
1973 {
1974 _posix_spawnattr_t psattr;
1975
1976 if (attr == NULL || *attr == NULL) {
1977 return EINVAL;
1978 }
1979
1980 psattr = *(_posix_spawnattr_t *)attr;
1981
1982 psattr->psa_jetsam_flags = flags;
1983 psattr->psa_jetsam_flags |= POSIX_SPAWN_JETSAM_SET;
1984 psattr->psa_priority = priority;
1985 psattr->psa_memlimit_active = memlimit_active;
1986 psattr->psa_memlimit_inactive = memlimit_inactive;
1987
1988 return 0;
1989 }
1990
1991 int
posix_spawnattr_set_threadlimit_ext(posix_spawnattr_t * __restrict attr,int thread_limit)1992 posix_spawnattr_set_threadlimit_ext(posix_spawnattr_t * __restrict attr,
1993 int thread_limit)
1994 {
1995 _posix_spawnattr_t psattr;
1996
1997 if (attr == NULL || *attr == NULL) {
1998 return EINVAL;
1999 }
2000
2001 psattr = *(_posix_spawnattr_t *)attr;
2002
2003 psattr->psa_thread_limit = thread_limit;
2004
2005 return 0;
2006 }
2007
2008
2009 /*
2010 * posix_spawnattr_set_importancewatch_port_np
2011 *
2012 * Description: Mark ports referred to by these rights
2013 * to boost the new task instead of their current task
2014 * for the spawn attribute object referred to by 'attr'.
2015 * Ports must be valid at posix_spawn time. They will NOT be
2016 * consumed by the kernel, so they must be deallocated after the spawn returns.
2017 * (If you are SETEXEC-ing, they are cleaned up by the exec operation).
2018 *
2019 * The maximum number of watch ports allowed is defined by POSIX_SPAWN_IMPORTANCE_PORT_COUNT.
2020 *
2021 * Parameters: count Number of ports in portarray
2022 * portarray Array of rights
2023 *
2024 * Returns: 0 Success
2025 * EINVAL Bad port count
2026 * ENOMEM Insufficient memory exists to add to
2027 * the spawn port actions object.
2028 */
2029 int
posix_spawnattr_set_importancewatch_port_np(posix_spawnattr_t * __restrict attr,int count,mach_port_t portarray[])2030 posix_spawnattr_set_importancewatch_port_np(posix_spawnattr_t * __restrict attr,
2031 int count, mach_port_t portarray[])
2032 {
2033 int err = 0, i;
2034
2035 if (count < 0 || count > POSIX_SPAWN_IMPORTANCE_PORT_COUNT) {
2036 return EINVAL;
2037 }
2038
2039 for (i = 0; i < count; i++) {
2040 _ps_port_action_t action = {
2041 .port_type = PSPA_IMP_WATCHPORTS,
2042 .new_port = portarray[i],
2043 };
2044 err = posix_spawn_appendportaction_np(attr, &action);
2045 if (err) {
2046 break;
2047 }
2048 }
2049 return err;
2050 }
2051
2052 int
posix_spawnattr_set_registered_ports_np(posix_spawnattr_t * __restrict attr,mach_port_t portarray[],uint32_t count)2053 posix_spawnattr_set_registered_ports_np(posix_spawnattr_t * __restrict attr,
2054 mach_port_t portarray[], uint32_t count)
2055 {
2056 int err = 0;
2057
2058 if (count > TASK_PORT_REGISTER_MAX) {
2059 return EINVAL;
2060 }
2061
2062 for (uint32_t i = 0; i < count; i++) {
2063 _ps_port_action_t action = {
2064 .port_type = PSPA_REGISTERED_PORTS,
2065 .new_port = portarray[i],
2066 };
2067 err = posix_spawn_appendportaction_np(attr, &action);
2068 if (err) {
2069 break;
2070 }
2071 }
2072 return err;
2073 }
2074
2075 int
posix_spawnattr_set_ptrauth_task_port_np(posix_spawnattr_t * __restrict attr,mach_port_t port)2076 posix_spawnattr_set_ptrauth_task_port_np(posix_spawnattr_t * __restrict attr,
2077 mach_port_t port)
2078 {
2079 int err = 0;
2080
2081 _ps_port_action_t action = {
2082 .port_type = PSPA_PTRAUTH_TASK_PORT,
2083 .new_port = port,
2084 };
2085
2086 err = posix_spawn_appendportaction_np(attr, &action);
2087 return err;
2088 }
2089
2090 static
2091 _ps_mac_policy_extension_t *
posix_spawnattr_macpolicyinfo_lookup(_posix_spawn_mac_policy_extensions_t psmx,const char * policyname)2092 posix_spawnattr_macpolicyinfo_lookup(_posix_spawn_mac_policy_extensions_t psmx, const char *policyname)
2093 {
2094 int i;
2095
2096 if (psmx == NULL) {
2097 return NULL;
2098 }
2099
2100 for (i = 0; i < psmx->psmx_count; i++) {
2101 _ps_mac_policy_extension_t *extension = &psmx->psmx_extensions[i];
2102 if (strcmp(extension->policyname, policyname) == 0) {
2103 return extension;
2104 }
2105 }
2106 return NULL;
2107 }
2108
2109 int
posix_spawnattr_getmacpolicyinfo_np(const posix_spawnattr_t * __restrict attr,const char * policyname,void ** datap,size_t * datalenp)2110 posix_spawnattr_getmacpolicyinfo_np(const posix_spawnattr_t * __restrict attr,
2111 const char *policyname, void **datap, size_t *datalenp)
2112 {
2113 _posix_spawnattr_t psattr;
2114 _ps_mac_policy_extension_t *extension;
2115
2116 if (attr == NULL || *attr == NULL || policyname == NULL || datap == NULL) {
2117 return EINVAL;
2118 }
2119
2120 psattr = *(_posix_spawnattr_t *)attr;
2121 extension = posix_spawnattr_macpolicyinfo_lookup(psattr->psa_mac_extensions, policyname);
2122 if (extension == NULL) {
2123 return ESRCH;
2124 }
2125 *datap = (void *)(uintptr_t)extension->data;
2126 if (datalenp != NULL) {
2127 *datalenp = (size_t)extension->datalen;
2128 }
2129 return 0;
2130 }
2131
2132 int
posix_spawnattr_setmacpolicyinfo_np(posix_spawnattr_t * __restrict attr,const char * policyname,void * data,size_t datalen)2133 posix_spawnattr_setmacpolicyinfo_np(posix_spawnattr_t * __restrict attr,
2134 const char *policyname, void *data, size_t datalen)
2135 {
2136 _posix_spawnattr_t psattr;
2137 _posix_spawn_mac_policy_extensions_t psmx;
2138 _ps_mac_policy_extension_t *extension;
2139
2140 if (attr == NULL || *attr == NULL || policyname == NULL) {
2141 return EINVAL;
2142 }
2143
2144 psattr = *(_posix_spawnattr_t *)attr;
2145 psmx = psattr->psa_mac_extensions;
2146 extension = posix_spawnattr_macpolicyinfo_lookup(psattr->psa_mac_extensions, policyname);
2147 if (extension != NULL) {
2148 extension->data = (uintptr_t)data;
2149 extension->datalen = datalen;
2150 return 0;
2151 } else if (psmx == NULL) {
2152 psmx = psattr->psa_mac_extensions = malloc(PS_MAC_EXTENSIONS_SIZE(PS_MAC_EXTENSIONS_INIT_COUNT));
2153 if (psmx == NULL) {
2154 return ENOMEM;
2155 }
2156 psmx->psmx_alloc = PS_MAC_EXTENSIONS_INIT_COUNT;
2157 psmx->psmx_count = 0;
2158 } else if (psmx->psmx_count == psmx->psmx_alloc) {
2159 int newnum = 0;
2160 if (os_mul_overflow(psmx->psmx_alloc, 2, &newnum)) {
2161 return ENOMEM;
2162 }
2163 size_t extsize = PS_MAC_EXTENSIONS_SIZE(newnum);
2164 if (extsize == 0) {
2165 return ENOMEM;
2166 }
2167 psmx = psattr->psa_mac_extensions = reallocf(psmx, extsize);
2168 if (psmx == NULL) {
2169 return ENOMEM;
2170 }
2171 psmx->psmx_alloc = newnum;
2172 }
2173 extension = &psmx->psmx_extensions[psmx->psmx_count];
2174 strlcpy(extension->policyname, policyname, sizeof(extension->policyname));
2175 extension->data = (uintptr_t)data;
2176 extension->datalen = datalen;
2177 psmx->psmx_count += 1;
2178 return 0;
2179 }
2180
2181 /*
2182 * posix_spawn_destroymacpolicy_info_np
2183 * Description: cleanup the macpolicy struct in posix_spawnattr_t attr
2184 */
2185 static int
posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t * attr)2186 posix_spawn_destroymacpolicy_info_np(posix_spawnattr_t *attr)
2187 {
2188 _posix_spawnattr_t psattr;
2189 _posix_spawn_mac_policy_extensions_t psmx;
2190
2191 if (attr == NULL || *attr == NULL) {
2192 return EINVAL;
2193 }
2194
2195 psattr = *(_posix_spawnattr_t *)attr;
2196 psmx = psattr->psa_mac_extensions;
2197 if (psmx == NULL) {
2198 return EINVAL;
2199 }
2200
2201 psattr->psa_mac_extensions = NULL;
2202 free(psmx);
2203 return 0;
2204 }
2205
2206 int
posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr,uint64_t coalitionid,int type,int role)2207 posix_spawnattr_setcoalition_np(const posix_spawnattr_t * __restrict attr,
2208 uint64_t coalitionid, int type, int role)
2209 {
2210 _posix_spawnattr_t psattr;
2211 struct _posix_spawn_coalition_info *coal_info;
2212
2213 if (attr == NULL || *attr == NULL) {
2214 return EINVAL;
2215 }
2216 if (type < 0 || type > COALITION_TYPE_MAX) {
2217 return EINVAL;
2218 }
2219
2220 psattr = *(_posix_spawnattr_t *)attr;
2221
2222 coal_info = psattr->psa_coalition_info;
2223 if (!coal_info) {
2224 coal_info = (struct _posix_spawn_coalition_info *)malloc(sizeof(*coal_info));
2225 if (!coal_info) {
2226 return ENOMEM;
2227 }
2228 memset(coal_info, 0, sizeof(*coal_info));
2229 psattr->psa_coalition_info = coal_info;
2230 }
2231
2232 coal_info->psci_info[type].psci_id = coalitionid;
2233 coal_info->psci_info[type].psci_role = role;
2234
2235 return 0;
2236 }
2237
2238
2239 int
posix_spawnattr_set_qos_clamp_np(const posix_spawnattr_t * __restrict attr,uint64_t qos_clamp)2240 posix_spawnattr_set_qos_clamp_np(const posix_spawnattr_t * __restrict attr, uint64_t qos_clamp)
2241 {
2242 _posix_spawnattr_t psattr;
2243
2244 if (attr == NULL || *attr == NULL) {
2245 return EINVAL;
2246 }
2247
2248 if (qos_clamp >= POSIX_SPAWN_PROC_CLAMP_LAST) {
2249 return EINVAL;
2250 }
2251
2252 psattr = *(_posix_spawnattr_t *)attr;
2253 psattr->psa_qos_clamp = qos_clamp;
2254
2255 return 0;
2256 }
2257
2258 int
posix_spawnattr_get_qos_clamp_np(const posix_spawnattr_t * __restrict attr,uint64_t * __restrict qos_clampp)2259 posix_spawnattr_get_qos_clamp_np(const posix_spawnattr_t * __restrict attr, uint64_t * __restrict qos_clampp)
2260 {
2261 _posix_spawnattr_t psattr;
2262
2263 if (attr == NULL || *attr == NULL) {
2264 return EINVAL;
2265 }
2266
2267 psattr = *(_posix_spawnattr_t *)attr;
2268 *qos_clampp = psattr->psa_qos_clamp;
2269
2270 return 0;
2271 }
2272
2273 int
posix_spawnattr_set_darwin_role_np(const posix_spawnattr_t * __restrict attr,uint64_t darwin_role)2274 posix_spawnattr_set_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t darwin_role)
2275 {
2276 _posix_spawnattr_t psattr;
2277
2278 if (attr == NULL || *attr == NULL) {
2279 return EINVAL;
2280 }
2281
2282 psattr = *(_posix_spawnattr_t *)attr;
2283 psattr->psa_darwin_role = darwin_role;
2284
2285 return 0;
2286 }
2287
2288 int
posix_spawnattr_get_darwin_role_np(const posix_spawnattr_t * __restrict attr,uint64_t * __restrict darwin_rolep)2289 posix_spawnattr_get_darwin_role_np(const posix_spawnattr_t * __restrict attr, uint64_t * __restrict darwin_rolep)
2290 {
2291 _posix_spawnattr_t psattr;
2292
2293 if (attr == NULL || *attr == NULL) {
2294 return EINVAL;
2295 }
2296
2297 psattr = *(_posix_spawnattr_t *)attr;
2298 *darwin_rolep = psattr->psa_darwin_role;
2299
2300 return 0;
2301 }
2302
2303
2304 int
posix_spawnattr_set_persona_np(const posix_spawnattr_t * __restrict attr,uid_t persona_id,uint32_t flags)2305 posix_spawnattr_set_persona_np(const posix_spawnattr_t * __restrict attr, uid_t persona_id, uint32_t flags)
2306 {
2307 _posix_spawnattr_t psattr;
2308 struct _posix_spawn_persona_info *persona;
2309
2310 if (attr == NULL || *attr == NULL) {
2311 return EINVAL;
2312 }
2313
2314 if (flags & ~POSIX_SPAWN_PERSONA_ALL_FLAGS) {
2315 return EINVAL;
2316 }
2317
2318 psattr = *(_posix_spawnattr_t *)attr;
2319
2320 persona = psattr->psa_persona_info;
2321 if (!persona) {
2322 persona = (struct _posix_spawn_persona_info *)malloc(sizeof(*persona));
2323 if (!persona) {
2324 return ENOMEM;
2325 }
2326 persona->pspi_uid = 0;
2327 persona->pspi_gid = 0;
2328 persona->pspi_ngroups = 0;
2329 persona->pspi_groups[0] = 0;
2330 persona->pspi_gmuid = 0;
2331
2332 psattr->psa_persona_info = persona;
2333 }
2334
2335 persona->pspi_id = persona_id;
2336 persona->pspi_flags = flags;
2337
2338 return 0;
2339 }
2340
2341 int
posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t * __restrict attr,uid_t uid)2342 posix_spawnattr_set_persona_uid_np(const posix_spawnattr_t * __restrict attr, uid_t uid)
2343 {
2344 _posix_spawnattr_t psattr;
2345 struct _posix_spawn_persona_info *persona;
2346
2347 if (attr == NULL || *attr == NULL) {
2348 return EINVAL;
2349 }
2350
2351 psattr = *(_posix_spawnattr_t *)attr;
2352 persona = psattr->psa_persona_info;
2353 if (!persona) {
2354 return EINVAL;
2355 }
2356
2357 if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY))) {
2358 return EINVAL;
2359 }
2360
2361 persona->pspi_uid = uid;
2362
2363 persona->pspi_flags |= POSIX_SPAWN_PERSONA_UID;
2364
2365 return 0;
2366 }
2367
2368 int
posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t * __restrict attr,gid_t gid)2369 posix_spawnattr_set_persona_gid_np(const posix_spawnattr_t * __restrict attr, gid_t gid)
2370 {
2371 _posix_spawnattr_t psattr;
2372 struct _posix_spawn_persona_info *persona;
2373
2374 if (attr == NULL || *attr == NULL) {
2375 return EINVAL;
2376 }
2377
2378 psattr = *(_posix_spawnattr_t *)attr;
2379 persona = psattr->psa_persona_info;
2380 if (!persona) {
2381 return EINVAL;
2382 }
2383
2384 if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY))) {
2385 return EINVAL;
2386 }
2387
2388 persona->pspi_gid = gid;
2389
2390 persona->pspi_flags |= POSIX_SPAWN_PERSONA_GID;
2391
2392 return 0;
2393 }
2394
2395 int
posix_spawnattr_set_persona_groups_np(const posix_spawnattr_t * __restrict attr,int ngroups,gid_t * gidarray,uid_t gmuid)2396 posix_spawnattr_set_persona_groups_np(const posix_spawnattr_t * __restrict attr, int ngroups, gid_t *gidarray, uid_t gmuid)
2397 {
2398 _posix_spawnattr_t psattr;
2399 struct _posix_spawn_persona_info *persona;
2400
2401 if (attr == NULL || *attr == NULL) {
2402 return EINVAL;
2403 }
2404
2405 if (gidarray == NULL) {
2406 return EINVAL;
2407 }
2408
2409 if (ngroups > NGROUPS || ngroups < 0) {
2410 return EINVAL;
2411 }
2412
2413 psattr = *(_posix_spawnattr_t *)attr;
2414 persona = psattr->psa_persona_info;
2415 if (!persona) {
2416 return EINVAL;
2417 }
2418
2419 if (!(persona->pspi_flags & (POSIX_SPAWN_PERSONA_FLAGS_OVERRIDE | POSIX_SPAWN_PERSONA_FLAGS_VERIFY))) {
2420 return EINVAL;
2421 }
2422
2423 persona->pspi_ngroups = ngroups;
2424 for (int i = 0; i < ngroups; i++) {
2425 persona->pspi_groups[i] = gidarray[i];
2426 }
2427
2428 persona->pspi_gmuid = gmuid;
2429
2430 persona->pspi_flags |= POSIX_SPAWN_PERSONA_GROUPS;
2431
2432 return 0;
2433 }
2434
2435 int
posix_spawnattr_set_max_addr_np(const posix_spawnattr_t * __restrict attr,uint64_t max_addr)2436 posix_spawnattr_set_max_addr_np(const posix_spawnattr_t * __restrict attr, uint64_t max_addr)
2437 {
2438 _posix_spawnattr_t psattr;
2439
2440 if (attr == NULL || *attr == NULL) {
2441 return EINVAL;
2442 }
2443
2444 psattr = *(_posix_spawnattr_t *)attr;
2445 psattr->psa_max_addr = max_addr;
2446
2447 return 0;
2448 }
2449
2450 int
posix_spawnattr_setnosmt_np(const posix_spawnattr_t * __restrict attr)2451 posix_spawnattr_setnosmt_np(const posix_spawnattr_t * __restrict attr)
2452 {
2453 _posix_spawnattr_t psattr;
2454
2455 if (attr == NULL || *attr == NULL) {
2456 return EINVAL;
2457 }
2458
2459 psattr = *(_posix_spawnattr_t *)attr;
2460 psattr->psa_no_smt = true;
2461
2462 return 0;
2463 }
2464
2465 int
posix_spawnattr_set_csm_np(const posix_spawnattr_t * __restrict attr,uint32_t flags)2466 posix_spawnattr_set_csm_np(const posix_spawnattr_t * __restrict attr, uint32_t flags)
2467 {
2468 _posix_spawnattr_t psattr;
2469
2470 if (attr == NULL || *attr == NULL) {
2471 return EINVAL;
2472 }
2473
2474 const uint32_t mask = POSIX_SPAWN_NP_CSM_ALL | POSIX_SPAWN_NP_CSM_TECS | POSIX_SPAWN_NP_CSM_NOSMT;
2475 if ((flags & ~mask) != 0) {
2476 return EINVAL;
2477 }
2478
2479 psattr = *(_posix_spawnattr_t *)attr;
2480
2481 if (flags & (POSIX_SPAWN_NP_CSM_TECS | POSIX_SPAWN_NP_CSM_ALL)) {
2482 psattr->psa_tecs = true;
2483 }
2484 if (flags & (POSIX_SPAWN_NP_CSM_NOSMT | POSIX_SPAWN_NP_CSM_ALL)) {
2485 psattr->psa_no_smt = true;
2486 }
2487
2488 return 0;
2489 }
2490
2491 static struct _posix_spawn_posix_cred_info *
_posix_spawnattr_get_posix_creds_info(_posix_spawnattr_t psattr)2492 _posix_spawnattr_get_posix_creds_info(_posix_spawnattr_t psattr)
2493 {
2494 struct _posix_spawn_posix_cred_info *pspci = psattr->psa_posix_cred_info;
2495
2496 if (pspci == NULL) {
2497 pspci = malloc(sizeof(struct _posix_spawn_posix_cred_info));
2498 if (pspci != NULL) {
2499 pspci->pspci_flags = 0;
2500 pspci->pspci_uid = 0;
2501 pspci->pspci_gid = 0;
2502 pspci->pspci_ngroups = 0;
2503 pspci->pspci_groups[0] = 0;
2504 pspci->pspci_gmuid = 0;
2505 pspci->pspci_login[0] = '\0';
2506 psattr->psa_posix_cred_info = pspci;
2507 }
2508 }
2509 return pspci;
2510 }
2511
2512 int
posix_spawnattr_set_uid_np(const posix_spawnattr_t * attr,uid_t uid)2513 posix_spawnattr_set_uid_np(const posix_spawnattr_t *attr, uid_t uid)
2514 {
2515 struct _posix_spawn_posix_cred_info *pspci;
2516
2517 if (attr == NULL || *attr == NULL) {
2518 return EINVAL;
2519 }
2520
2521 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2522 if (pspci == NULL) {
2523 return ENOMEM;
2524 }
2525
2526 pspci->pspci_uid = uid;
2527
2528 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_UID;
2529
2530 return 0;
2531 }
2532
2533 int
posix_spawnattr_set_gid_np(const posix_spawnattr_t * attr,gid_t gid)2534 posix_spawnattr_set_gid_np(const posix_spawnattr_t *attr, gid_t gid)
2535 {
2536 struct _posix_spawn_posix_cred_info *pspci;
2537
2538 if (attr == NULL || *attr == NULL) {
2539 return EINVAL;
2540 }
2541
2542 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2543 if (pspci == NULL) {
2544 return ENOMEM;
2545 }
2546
2547 pspci->pspci_gid = gid;
2548
2549 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_GID;
2550
2551 return 0;
2552 }
2553
2554 int
posix_spawnattr_set_groups_np(const posix_spawnattr_t * attr,int ngroups,gid_t * gidarray,uid_t gmuid)2555 posix_spawnattr_set_groups_np(const posix_spawnattr_t *attr,
2556 int ngroups, gid_t *gidarray, uid_t gmuid)
2557 {
2558 struct _posix_spawn_posix_cred_info *pspci;
2559
2560 if (attr == NULL || *attr == NULL) {
2561 return EINVAL;
2562 }
2563
2564 if (gidarray == NULL) {
2565 return EINVAL;
2566 }
2567
2568 if (ngroups > NGROUPS || ngroups < 0) {
2569 return EINVAL;
2570 }
2571
2572 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2573 if (pspci == NULL) {
2574 return ENOMEM;
2575 }
2576
2577 pspci->pspci_ngroups = ngroups;
2578 for (int i = 0; i < ngroups; i++) {
2579 pspci->pspci_groups[i] = gidarray[i];
2580 }
2581
2582 pspci->pspci_gmuid = gmuid;
2583
2584 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_GROUPS;
2585
2586 return 0;
2587 }
2588
2589 int
posix_spawnattr_set_login_np(const posix_spawnattr_t * attr,const char * login)2590 posix_spawnattr_set_login_np(const posix_spawnattr_t *attr, const char *login)
2591 {
2592 struct _posix_spawn_posix_cred_info *pspci;
2593
2594 if (attr == NULL || *attr == NULL) {
2595 return EINVAL;
2596 }
2597
2598 if (strlen(login) > MAXLOGNAME) {
2599 return ERANGE;
2600 }
2601
2602 pspci = _posix_spawnattr_get_posix_creds_info(*(_posix_spawnattr_t *)attr);
2603 if (pspci == NULL) {
2604 return ENOMEM;
2605 }
2606
2607 strlcpy(pspci->pspci_login, login, sizeof(pspci->pspci_login));
2608
2609 pspci->pspci_flags |= POSIX_SPAWN_POSIX_CRED_LOGIN;
2610
2611 return 0;
2612 }
2613
2614 int
posix_spawnattr_set_portlimits_ext(posix_spawnattr_t * __restrict attr,uint32_t port_soft_limit,uint32_t port_hard_limit)2615 posix_spawnattr_set_portlimits_ext(posix_spawnattr_t * __restrict attr,
2616 uint32_t port_soft_limit, uint32_t port_hard_limit)
2617 {
2618 _posix_spawnattr_t psattr;
2619
2620 if (attr == NULL || *attr == NULL) {
2621 return EINVAL;
2622 }
2623
2624 psattr = *(_posix_spawnattr_t *)attr;
2625
2626 psattr->psa_port_soft_limit = port_soft_limit;
2627 psattr->psa_port_hard_limit = port_hard_limit;
2628
2629 return 0;
2630 }
2631
2632 int
posix_spawnattr_set_filedesclimit_ext(posix_spawnattr_t * __restrict attr,uint32_t filedesc_soft_limit,uint32_t filedesc_hard_limit)2633 posix_spawnattr_set_filedesclimit_ext(posix_spawnattr_t * __restrict attr,
2634 uint32_t filedesc_soft_limit, uint32_t filedesc_hard_limit)
2635 {
2636 _posix_spawnattr_t psattr;
2637
2638 if (attr == NULL || *attr == NULL) {
2639 return EINVAL;
2640 }
2641
2642 psattr = *(_posix_spawnattr_t *)attr;
2643
2644 psattr->psa_filedesc_soft_limit = filedesc_soft_limit;
2645 psattr->psa_filedesc_hard_limit = filedesc_hard_limit;
2646
2647 return 0;
2648 }
2649
2650 /*
2651 * posix_spawnattr_set_jetsam_ttr_np
2652 *
2653 * Description: Pass data regarding recent relaunch behavior when jetsammed for the process.
2654 * The recent history is effectively converted into a histogram and the highest
2655 * frequency bucket defines the "type" of the process. The type is passed along
2656 * to the jetsam code as part of psa_jetsam_flags.
2657 *
2658 * Parameters: count Number of entries in the ttrs_millis array
2659 * ttrs_millis Array of raw data for relaunch behavior
2660 *
2661 * Returns: 0 Success
2662 * EINVAL Bad attr pointer or empty data array
2663 */
2664 int
posix_spawnattr_set_jetsam_ttr_np(const posix_spawnattr_t * __restrict attr,uint32_t count,uint32_t * ttrs_millis)2665 posix_spawnattr_set_jetsam_ttr_np(const posix_spawnattr_t * __restrict attr, uint32_t count, uint32_t *ttrs_millis)
2666 {
2667 _posix_spawnattr_t psattr;
2668
2669 /*
2670 * Define the bucketizing policy which would be used to generate the histogram. These
2671 * values are based on looking at data from various Avg. Joanna runs.
2672 */
2673 static const uint32_t relaunch_buckets_msecs[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {
2674 5000,
2675 10000,
2676 UINT32_MAX
2677 };
2678 static const uint32_t relaunch_jetsam_flags[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {
2679 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_HIGH,
2680 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_MED,
2681 POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_LOW
2682 };
2683
2684 /* Make sure the attr pointer is valid */
2685 if (attr == NULL || *attr == NULL) {
2686 return EINVAL;
2687 }
2688
2689 /* Make sure the count of entries is non-zero */
2690 if (count == 0) {
2691 return EINVAL;
2692 }
2693
2694 psattr = *(_posix_spawnattr_t *)attr;
2695
2696 /* Generate a histogram based on the relaunch data while maintaining highest frequency bucket info */
2697 int relaunch_histogram[POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS] = {0};
2698 int max_frequency = -1;
2699 int highest_frequency_bucket = -1;
2700
2701 for (uint32_t i = 0; i < count; i++) {
2702 /* For each data point passed in via launchd, find the bucket it lands in */
2703 for (uint32_t bucket = 0; bucket < POSIX_SPAWN_JETSAM_RELAUNCH_BEHAVIOR_BUCKETS; bucket++) {
2704 if (ttrs_millis[i] <= relaunch_buckets_msecs[bucket]) {
2705 relaunch_histogram[bucket]++;
2706
2707 /* Check if the bucket is the highest frequency bucket now */
2708 if (relaunch_histogram[bucket] > max_frequency) {
2709 max_frequency = relaunch_histogram[bucket];
2710 highest_frequency_bucket = bucket;
2711 }
2712 break;
2713 }
2714 }
2715 }
2716 psattr->psa_jetsam_flags |= relaunch_jetsam_flags[highest_frequency_bucket];
2717 return 0;
2718 }
2719
2720 /*
2721 * posix_spawn
2722 *
2723 * Description: Create a new process from the process image corresponding to
2724 * the supplied 'path' argument.
2725 *
2726 * Parameters: pid Pointer to pid_t to receive the
2727 * PID of the spawned process, if
2728 * successful and 'pid' != NULL
2729 * path Path of image file to spawn
2730 * file_actions spawn file actions object which
2731 * describes file actions to be
2732 * performed during the spawn
2733 * attrp spawn attributes object which
2734 * describes attributes to be
2735 * applied during the spawn
2736 * argv argument vector array; NULL
2737 * terminated
2738 * envp environment vector array; NULL
2739 * terminated
2740 *
2741 * Returns: 0 Success
2742 * !0 An errno value indicating the
2743 * cause of the failure to spawn
2744 *
2745 * Notes: Unlike other system calls, the return value of this system
2746 * call is expected to either be a 0 or an errno, rather than a
2747 * 0 or a -1, with the 'errno' variable being set.
2748 */
2749 int
posix_spawn(pid_t * __restrict pid,const char * __restrict path,const posix_spawn_file_actions_t * file_actions,const posix_spawnattr_t * __restrict attrp,char * const argv[__restrict],char * const envp[__restrict])2750 posix_spawn(pid_t * __restrict pid, const char * __restrict path,
2751 const posix_spawn_file_actions_t *file_actions,
2752 const posix_spawnattr_t * __restrict attrp,
2753 char *const argv[__restrict], char *const envp[__restrict])
2754 {
2755 int saveerrno = errno;
2756 int ret = 0;
2757 struct _posix_spawn_args_desc ad;
2758 struct _posix_spawn_args_desc *adp = NULL;
2759 /*
2760 * Only do extra work if we have file actions or attributes to push
2761 * down. We use a descriptor to push this information down, since we
2762 * want to have size information, which will let us (1) preallocate a
2763 * single chunk of memory for the copyin(), and (2) allow us to do a
2764 * single copyin() per attributes or file actions as a monlithic block.
2765 *
2766 * Note: A future implementation may attempt to do the same
2767 * thing for the argv/envp data, which could potentially
2768 * result in a performance improvement due to increased
2769 * kernel efficiency, even though it would mean copying
2770 * the data in user space.
2771 */
2772 if ((file_actions != NULL && (*file_actions != NULL) && (*(_posix_spawn_file_actions_t *)file_actions)->psfa_act_count > 0) || attrp != NULL) {
2773 memset(&ad, 0, sizeof(ad));
2774 adp = &ad;
2775 if (attrp != NULL && *attrp != NULL) {
2776 _posix_spawnattr_t psattr = *(_posix_spawnattr_t *)attrp;
2777 ad.attr_size = sizeof(struct _posix_spawnattr);
2778 ad.attrp = psattr;
2779
2780 if (psattr->psa_ports != NULL) {
2781 size_t psact_size = PS_PORT_ACTIONS_SIZE(psattr->psa_ports->pspa_count);
2782 if (psact_size == 0 && psattr->psa_ports->pspa_count != 0) {
2783 errno = EINVAL;
2784 ret = -1;
2785 goto out;
2786 }
2787 ad.port_actions = psattr->psa_ports;
2788 ad.port_actions_size = psact_size;
2789 }
2790 if (psattr->psa_mac_extensions != NULL) {
2791 size_t macext_size = PS_MAC_EXTENSIONS_SIZE(psattr->psa_mac_extensions->psmx_count);
2792 if (macext_size == 0 && psattr->psa_mac_extensions->psmx_count != 0) {
2793 errno = EINVAL;
2794 ret = -1;
2795 goto out;
2796 }
2797 ad.mac_extensions = psattr->psa_mac_extensions;
2798 ad.mac_extensions_size = macext_size;
2799 }
2800 if (psattr->psa_coalition_info != NULL) {
2801 ad.coal_info_size = sizeof(struct _posix_spawn_coalition_info);
2802 ad.coal_info = psattr->psa_coalition_info;
2803 }
2804 if (psattr->psa_persona_info != NULL) {
2805 ad.persona_info_size = sizeof(struct _posix_spawn_persona_info);
2806 ad.persona_info = psattr->psa_persona_info;
2807 }
2808 if (psattr->psa_posix_cred_info != NULL) {
2809 ad.posix_cred_info_size = sizeof(struct _posix_spawn_posix_cred_info);
2810 ad.posix_cred_info = psattr->psa_posix_cred_info;
2811 }
2812 if (psattr->psa_subsystem_root_path != NULL) {
2813 ad.subsystem_root_path_size = MAXPATHLEN;
2814 ad.subsystem_root_path = psattr->psa_subsystem_root_path;
2815 }
2816 }
2817 if (file_actions != NULL && *file_actions != NULL) {
2818 _posix_spawn_file_actions_t psactsp =
2819 *(_posix_spawn_file_actions_t *)file_actions;
2820
2821 if (psactsp->psfa_act_count > 0) {
2822 size_t fa_size = PSF_ACTIONS_SIZE(psactsp->psfa_act_count);
2823 if (fa_size == 0 && psactsp->psfa_act_count != 0) {
2824 errno = EINVAL;
2825 ret = -1;
2826 goto out;
2827 }
2828 ad.file_actions_size = fa_size;
2829 ad.file_actions = psactsp;
2830 }
2831 }
2832 }
2833
2834 if (!posix_spawn_with_filter ||
2835 !posix_spawn_with_filter(pid, path, argv, envp, adp, &ret)) {
2836 ret = __posix_spawn(pid, path, adp, argv, envp);
2837 }
2838
2839 out:
2840 if (ret < 0) {
2841 ret = errno;
2842 }
2843 errno = saveerrno;
2844 return ret;
2845 }
2846
2847 int
execve(const char * fname,char * const * argp,char * const * envp)2848 execve(const char *fname, char * const *argp, char * const *envp)
2849 {
2850 int ret;
2851 if (execve_with_filter) {
2852 /* Noinline slow path to avoid a large stack frame in the common case */
2853 return execve_with_filter(fname, argp, envp);
2854 }
2855
2856 ret = __execve(fname, argp, envp);
2857 return ret;
2858 }
2859