{ int32_t newval = OSAtomicAdd32(-1, &vp->refcount); if (newval < 0) { _vproc_set_crash_log_message("Over-release of vproc_t."); abort(); } else if (newval == 0) { mach_port_deallocate(mach_task_self(), vp->j_port); free(vp); } } #pragma mark Transactions static void _vproc_transaction_init_once(void *arg __unused) { launch_globals_t globals = _launch_globals(); int64_t enable_transactions = 0; (void)vproc_swap_integer(NULL, VPROC_GSK_TRANSACTIONS_ENABLED, 0, &enable_transactions); if (enable_transactions != 0) { (void)os_assumes_zero(proc_track_dirty(getpid(), PROC_DIRTY_TRACK)); globals->_vproc_transaction_enabled = 1; } globals->_vproc_transaction_queue = dispatch_queue_create("com.apple.idle-exit-queue", NULL); } void _vproc_transactions_enable_internal(void *arg __unused) { launch_globals_t globals = _launch_globals();
void launch_client_init(void) { struct sockaddr_un sun; char *where = getenv(LAUNCHD_SOCKET_ENV); char *_launchd_fd = getenv(LAUNCHD_TRUSTED_FD_ENV); int dfd, lfd = -1, cifd = -1; kern_return_t kr; name_t spath; if (_launchd_fd) { cifd = strtol(_launchd_fd, NULL, 10); if ((dfd = dup(cifd)) >= 0) { close(dfd); _fd(cifd); } else { cifd = -1; } unsetenv(LAUNCHD_TRUSTED_FD_ENV); } memset(&sun, 0, sizeof(sun)); sun.sun_family = AF_UNIX; /* The rules are as follows. * - All users (including root) talk to their per-user launchd's by default. * - If we have been invoked under sudo, talk to the system launchd. * - If we're the root user and the __USE_SYSTEM_LAUNCHD environment variable is set, then * talk to the system launchd. */ if (where && where[0] != '\0') { strncpy(sun.sun_path, where, sizeof(sun.sun_path)); } else { kr = _vprocmgr_getsocket(spath); if (kr == 0) { if ((getenv("SUDO_COMMAND") || getenv("__USE_SYSTEM_LAUNCHD")) && geteuid() == 0) { /* Talk to the system launchd. */ strncpy(sun.sun_path, LAUNCHD_SOCK_PREFIX "/sock", sizeof(sun.sun_path)); } else { /* Talk to our per-user launchd. */ size_t min_len; min_len = sizeof(sun.sun_path) < sizeof(spath) ? sizeof(sun.sun_path) : sizeof(spath); strncpy(sun.sun_path, spath, min_len); } } else fprintf(stderr, "_vprocmgr_getsocket(): 0x%x\n", kr); } launch_globals_t globals = _launch_globals(); if ((lfd = _fd(socket(AF_UNIX, SOCK_STREAM, 0))) == -1) { goto out_bad; } #if TARGET_OS_EMBEDDED (void)vproc_swap_integer(NULL, VPROC_GSK_EMBEDDEDROOTEQUIVALENT, NULL, &globals->s_am_embedded_god); #endif if (-1 == connect(lfd, (struct sockaddr *)&sun, sizeof(sun))) { if (cifd != -1 || globals->s_am_embedded_god) { /* There is NO security enforced by this check. This is just a hint to our * library that we shouldn't error out due to failing to open this socket. If * we inherited a trusted file descriptor, we shouldn't fail. This should be * adequate for clients' expectations. */ close(lfd); lfd = -1; } else { goto out_bad; } } if (!(globals->l = launchd_fdopen(lfd, cifd))) { goto out_bad; } if (!(globals->async_resp = launch_data_alloc(LAUNCH_DATA_ARRAY))) { goto out_bad; } return; out_bad: if (globals->l) { launchd_close(globals->l, close); globals->l = NULL; } else if (lfd != -1) { close(lfd); } if (cifd != -1) { close(cifd); } }