{
int32_t newval = OSAtomicAdd32(-1, &vp->refcount);
if (newval < 0) {
_vproc_set_crash_log_message("Over-release of vproc_t.");
abort();
} else if (newval == 0) {
mach_port_deallocate(mach_task_self(), vp->j_port);
free(vp);
}
}
#pragma mark Transactions
static void
_vproc_transaction_init_once(void *arg __unused)
{
launch_globals_t globals = _launch_globals();
int64_t enable_transactions = 0;
(void)vproc_swap_integer(NULL, VPROC_GSK_TRANSACTIONS_ENABLED, 0, &enable_transactions);
if (enable_transactions != 0) {
(void)os_assumes_zero(proc_track_dirty(getpid(), PROC_DIRTY_TRACK));
globals->_vproc_transaction_enabled = 1;
}
globals->_vproc_transaction_queue = dispatch_queue_create("com.apple.idle-exit-queue", NULL);
}
void
_vproc_transactions_enable_internal(void *arg __unused)
{
launch_globals_t globals = _launch_globals();
void
launch_client_init(void)
{
struct sockaddr_un sun;
char *where = getenv(LAUNCHD_SOCKET_ENV);
char *_launchd_fd = getenv(LAUNCHD_TRUSTED_FD_ENV);
int dfd, lfd = -1, cifd = -1;
kern_return_t kr;
name_t spath;
if (_launchd_fd) {
cifd = strtol(_launchd_fd, NULL, 10);
if ((dfd = dup(cifd)) >= 0) {
close(dfd);
_fd(cifd);
} else {
cifd = -1;
}
unsetenv(LAUNCHD_TRUSTED_FD_ENV);
}
memset(&sun, 0, sizeof(sun));
sun.sun_family = AF_UNIX;
/* The rules are as follows.
* - All users (including root) talk to their per-user launchd's by default.
* - If we have been invoked under sudo, talk to the system launchd.
* - If we're the root user and the __USE_SYSTEM_LAUNCHD environment variable is set, then
* talk to the system launchd.
*/
if (where && where[0] != '\0') {
strncpy(sun.sun_path, where, sizeof(sun.sun_path));
} else {
kr = _vprocmgr_getsocket(spath);
if (kr == 0) {
if ((getenv("SUDO_COMMAND") || getenv("__USE_SYSTEM_LAUNCHD")) && geteuid() == 0) {
/* Talk to the system launchd. */
strncpy(sun.sun_path, LAUNCHD_SOCK_PREFIX "/sock", sizeof(sun.sun_path));
} else {
/* Talk to our per-user launchd. */
size_t min_len;
min_len = sizeof(sun.sun_path) < sizeof(spath) ? sizeof(sun.sun_path) : sizeof(spath);
strncpy(sun.sun_path, spath, min_len);
}
} else
fprintf(stderr, "_vprocmgr_getsocket(): 0x%x\n", kr);
}
launch_globals_t globals = _launch_globals();
if ((lfd = _fd(socket(AF_UNIX, SOCK_STREAM, 0))) == -1) {
goto out_bad;
}
#if TARGET_OS_EMBEDDED
(void)vproc_swap_integer(NULL, VPROC_GSK_EMBEDDEDROOTEQUIVALENT, NULL, &globals->s_am_embedded_god);
#endif
if (-1 == connect(lfd, (struct sockaddr *)&sun, sizeof(sun))) {
if (cifd != -1 || globals->s_am_embedded_god) {
/* There is NO security enforced by this check. This is just a hint to our
* library that we shouldn't error out due to failing to open this socket. If
* we inherited a trusted file descriptor, we shouldn't fail. This should be
* adequate for clients' expectations.
*/
close(lfd);
lfd = -1;
} else {
goto out_bad;
}
}
if (!(globals->l = launchd_fdopen(lfd, cifd))) {
goto out_bad;
}
if (!(globals->async_resp = launch_data_alloc(LAUNCH_DATA_ARRAY))) {
goto out_bad;
}
return;
out_bad:
if (globals->l) {
launchd_close(globals->l, close);
globals->l = NULL;
} else if (lfd != -1) {
close(lfd);
}
if (cifd != -1) {
close(cifd);
}
}
