[lldb] Add an option to inherit TCC permissions from parent.

Add an option that allows the user to decide to not make the inferior is responsible for its own TCC permissions. If you don't make the inferior responsible, it inherits the permissions of its parent. The motivation is the scenario of running the LLDB test suite from an external hard drive. If the inferior is responsible, every test needs to be granted access to the external volume. When the permissions are inherited, approval needs to be granted only once. Differential revision: https://reviews.llvm.org/D85237
2020-08-05 10:02:51 -07:00 · 2020-08-05 10:02:51 -07:00 · 249a1d4f1b
parent 882d8e60dd
commit 249a1d4f1b
8 changed files with 46 additions and 4 deletions
--- a/lldb/include/lldb/Target/Target.h
+++ b/lldb/include/lldb/Target/Target.h
@ -93,6 +93,10 @@ public:

  void SetDisableASLR(bool b);

+  bool GetInheritTCC() const;
+
+  void SetInheritTCC(bool b);
+
  bool GetDetachOnError() const;

  void SetDetachOnError(bool b);
@ -225,6 +229,7 @@ private:
  void ErrorPathValueChangedCallback();
  void DetachOnErrorValueChangedCallback();
  void DisableASLRValueChangedCallback();
+  void InheritTCCValueChangedCallback();
  void DisableSTDIOValueChangedCallback();

  Environment ComputeEnvironment() const;
--- a/lldb/include/lldb/lldb-enumerations.h
+++ b/lldb/include/lldb/lldb-enumerations.h
@ -126,6 +126,9 @@ FLAGS_ENUM(LaunchFlags){
    eLaunchFlagShellExpandArguments =
        (1u << 10), ///< Perform shell-style argument expansion
    eLaunchFlagCloseTTYOnExit = (1u << 11), ///< Close the open TTY on exit
+    eLaunchFlagInheritTCCFromParent =
+        (1u << 12), ///< Don't make the inferior responsible for its own TCC
+                    ///< permissions but instead inherit them from its parent.
 };

 /// Thread Run Modes.
--- a/lldb/packages/Python/lldbsuite/test/lldbtest.py
+++ b/lldb/packages/Python/lldbsuite/test/lldbtest.py
@ -717,6 +717,9 @@ class Base(unittest2.TestCase):
            # differ in the debug info, which is not being hashed.
            "settings set symbols.enable-external-lookup false",

+            # Inherit the TCC permissions from the inferior's parent.
+            "settings set target.inherit-tcc true",
+
            # Disable fix-its by default so that incorrect expressions in tests don't
            # pass just because Clang thinks it has a fix-it.
            "settings set target.auto-apply-fixits false",
--- a/lldb/source/Commands/CommandObjectProcess.cpp
+++ b/lldb/source/Commands/CommandObjectProcess.cpp
@ -184,6 +184,9 @@ protected:
    else
      m_options.launch_info.GetFlags().Clear(eLaunchFlagDisableASLR);

+    if (target->GetInheritTCC())
+      m_options.launch_info.GetFlags().Set(eLaunchFlagInheritTCCFromParent);
+
    if (target->GetDetachOnError())
      m_options.launch_info.GetFlags().Set(eLaunchFlagDetachOnError);

--- a/lldb/source/Host/macosx/objcxx/Host.mm
+++ b/lldb/source/Host/macosx/objcxx/Host.mm
@ -1095,10 +1095,11 @@ static Status LaunchProcessPosixSpawn(const char *exe_path,
    is_graphical = session_attributes & sessionHasGraphicAccess;
 #endif

-  //  When lldb is ran through a graphical session, this makes the debuggee
-  //  process responsible for the TCC prompts. Otherwise, lldb will use the
-  //  launching process privileges.
-  if (is_graphical && launch_info.GetFlags().Test(eLaunchFlagDebug)) {
+  //  When lldb is ran through a graphical session, make the debuggee process
+  //  responsible for its own TCC permissions instead of inheriting them from
+  //  its parent.
+  if (is_graphical && launch_info.GetFlags().Test(eLaunchFlagDebug) &&
+      !launch_info.GetFlags().Test(eLaunchFlagInheritTCCFromParent)) {
    error.SetError(setup_posix_spawn_responsible_flag(&attr), eErrorTypePOSIX);
    if (error.Fail()) {
      LLDB_LOG(log, "error: {0}, setup_posix_spawn_responsible_flag(&attr)",
--- a/lldb/source/Target/Target.cpp
+++ b/lldb/source/Target/Target.cpp
@ -3430,6 +3430,8 @@ TargetProperties::TargetProperties(Target *target)
    });
    m_collection_sp->SetValueChangedCallback(
        ePropertyDisableASLR, [this] { DisableASLRValueChangedCallback(); });
+    m_collection_sp->SetValueChangedCallback(
+        ePropertyInheritTCC, [this] { InheritTCCValueChangedCallback(); });
    m_collection_sp->SetValueChangedCallback(
        ePropertyDisableSTDIO, [this] { DisableSTDIOValueChangedCallback(); });

@ -3468,6 +3470,7 @@ void TargetProperties::UpdateLaunchInfoFromProperties() {
  ErrorPathValueChangedCallback();
  DetachOnErrorValueChangedCallback();
  DisableASLRValueChangedCallback();
+  InheritTCCValueChangedCallback();
  DisableSTDIOValueChangedCallback();
 }

@ -3550,6 +3553,17 @@ void TargetProperties::SetDisableASLR(bool b) {
  m_collection_sp->SetPropertyAtIndexAsBoolean(nullptr, idx, b);
 }

+bool TargetProperties::GetInheritTCC() const {
+  const uint32_t idx = ePropertyInheritTCC;
+  return m_collection_sp->GetPropertyAtIndexAsBoolean(
+      nullptr, idx, g_target_properties[idx].default_uint_value != 0);
+}
+
+void TargetProperties::SetInheritTCC(bool b) {
+  const uint32_t idx = ePropertyInheritTCC;
+  m_collection_sp->SetPropertyAtIndexAsBoolean(nullptr, idx, b);
+}
+
 bool TargetProperties::GetDetachOnError() const {
  const uint32_t idx = ePropertyDetachOnError;
  return m_collection_sp->GetPropertyAtIndexAsBoolean(
@ -3941,6 +3955,8 @@ void TargetProperties::SetProcessLaunchInfo(
  }
  SetDetachOnError(launch_info.GetFlags().Test(lldb::eLaunchFlagDetachOnError));
  SetDisableASLR(launch_info.GetFlags().Test(lldb::eLaunchFlagDisableASLR));
+  SetInheritTCC(
+      launch_info.GetFlags().Test(lldb::eLaunchFlagInheritTCCFromParent));
  SetDisableSTDIO(launch_info.GetFlags().Test(lldb::eLaunchFlagDisableSTDIO));
 }

@ -4004,6 +4020,13 @@ void TargetProperties::DisableASLRValueChangedCallback() {
    m_launch_info.GetFlags().Clear(lldb::eLaunchFlagDisableASLR);
 }

+void TargetProperties::InheritTCCValueChangedCallback() {
+  if (GetInheritTCC())
+    m_launch_info.GetFlags().Set(lldb::eLaunchFlagInheritTCCFromParent);
+  else
+    m_launch_info.GetFlags().Clear(lldb::eLaunchFlagInheritTCCFromParent);
+}
+
 void TargetProperties::DisableSTDIOValueChangedCallback() {
  if (GetDisableSTDIO())
    m_launch_info.GetFlags().Set(lldb::eLaunchFlagDisableSTDIO);
--- a/lldb/source/Target/TargetProperties.td
+++ b/lldb/source/Target/TargetProperties.td
@ -111,6 +111,9 @@ let Definition = "target" in {
  def DisableSTDIO: Property<"disable-stdio", "Boolean">,
    DefaultFalse,
    Desc<"Disable stdin/stdout for process (e.g. for a GUI application)">;
+  def InheritTCC: Property<"inherit-tcc", "Boolean">,
+    DefaultFalse,
+    Desc<"Inherit the TCC permissions from the inferior's parent instead of making the process itself responsible.">;
  def InlineStrategy: Property<"inline-breakpoint-strategy", "Enum">,
    DefaultEnumValue<"eInlineBreakpointsAlways">,
    EnumValues<"OptionEnumValues(g_inline_breakpoint_enums)">,
--- a/lldb/test/Shell/lit-lldb-init.in
+++ b/lldb/test/Shell/lit-lldb-init.in
@ -4,3 +4,4 @@ settings set plugin.process.gdb-remote.packet-timeout 60
 settings set interpreter.echo-comment-commands false
 settings set symbols.clang-modules-cache-path "@LLDB_TEST_MODULE_CACHE_LLDB@"
 settings set target.auto-apply-fixits false
+settings set target.inherit-tcc true