RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 16:47:36 +00:00
Code Issues Activity Actions

ConfigServer+LibConfig: Add pledge_domains() API

Browse source 
This API lets applications specify which configuration domains they
will be accessing throughout their lifetime. It works similarly in
spirit to the kernel's pledge().

You cannot pledge_domains() more than once, and once you have used it,
it's no longer possible to access any other configuration domain.

This is obviously just a first cut of this mechanism, and we may need
to tweak it further as we go.
This commit is contained in:
Andreas Kling 2021-08-25 20:02:10 +02:00
parent 870ecd5190
commit eeddaa988a
5 changed files with 64 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Userland/Libraries/LibConfig/Client.cpp
View file

@ -19,6 +19,11 @@ Client& Client::the()
return *s_the; return *s_the;
} }
void Client::pledge_domains(Vector<String> const& domains)
{
async_pledge_domains(domains);
}
String Client::read_string(StringView domain, StringView group, StringView key, StringView fallback) String Client::read_string(StringView domain, StringView group, StringView key, StringView fallback)
{ {
return read_string_value(domain, group, key).value_or(fallback); return read_string_value(domain, group, key).value_or(fallback);

12
Userland/Libraries/LibConfig/Client.h
View file

@ -21,6 +21,8 @@ class Client final
C_OBJECT(Client); C_OBJECT(Client);
public: public:
void pledge_domains(Vector<String> const&);
String read_string(StringView domain, StringView group, StringView key, StringView fallback); String read_string(StringView domain, StringView group, StringView key, StringView fallback);
i32 read_i32(StringView domain, StringView group, StringView key, i32 fallback); i32 read_i32(StringView domain, StringView group, StringView key, i32 fallback);
bool read_bool(StringView domain, StringView group, StringView key, bool fallback); bool read_bool(StringView domain, StringView group, StringView key, bool fallback);
@ -68,4 +70,14 @@ inline void write_bool(StringView domain, StringView group, StringView key, bool
Client::the().write_bool(domain, group, key, value); Client::the().write_bool(domain, group, key, value);
} }
inline void pledge_domains(Vector<String> const& domains)
{
Client::the().pledge_domains(domains);
}
inline void pledge_domains(String const& domains)
{
Client::the().pledge_domains({ domains });
}
} }

39
Userland/Services/ConfigServer/ClientConnection.cpp
View file

@ -27,8 +27,32 @@ void ClientConnection::die()
s_connections.remove(client_id()); s_connections.remove(client_id());
} }
void ClientConnection::pledge_domains(Vector<String> const& domains)
{
if (m_has_pledged) {
did_misbehave("Tried to pledge domains twice.");
return;
}
m_has_pledged = true;
for (auto& domain : domains)
m_pledged_domains.set(domain);
}
bool ClientConnection::validate_access(String const& domain, String const& group, String const& key)
{
if (!m_has_pledged)
return true;
if (m_pledged_domains.contains(domain))
return true;
did_misbehave(String::formatted("Blocked attempt to access domain '{}', group={}, key={}", domain, group, key).characters());
return false;
}
Messages::ConfigServer::ReadStringValueResponse ClientConnection::read_string_value(String const& domain, String const& group, String const& key) Messages::ConfigServer::ReadStringValueResponse ClientConnection::read_string_value(String const& domain, String const& group, String const& key)
{ {
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain); auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key)) if (!config->has_key(group, key))
return Optional<String> {}; return Optional<String> {};
@ -37,6 +61,9 @@ Messages::ConfigServer::ReadStringValueResponse ClientConnection::read_string_va
Messages::ConfigServer::ReadI32ValueResponse ClientConnection::read_i32_value(String const& domain, String const& group, String const& key) Messages::ConfigServer::ReadI32ValueResponse ClientConnection::read_i32_value(String const& domain, String const& group, String const& key)
{ {
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain); auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key)) if (!config->has_key(group, key))
return Optional<i32> {}; return Optional<i32> {};
@ -45,6 +72,9 @@ Messages::ConfigServer::ReadI32ValueResponse ClientConnection::read_i32_value(St
Messages::ConfigServer::ReadBoolValueResponse ClientConnection::read_bool_value(String const& domain, String const& group, String const& key) Messages::ConfigServer::ReadBoolValueResponse ClientConnection::read_bool_value(String const& domain, String const& group, String const& key)
{ {
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain); auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key)) if (!config->has_key(group, key))
return Optional<bool> {}; return Optional<bool> {};
@ -53,18 +83,27 @@ Messages::ConfigServer::ReadBoolValueResponse ClientConnection::read_bool_value(
void ClientConnection::write_string_value(String const& domain, String const& group, String const& key, String const& value) void ClientConnection::write_string_value(String const& domain, String const& group, String const& key, String const& value)
{ {
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes); auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_entry(group, key, value); config->write_entry(group, key, value);
} }
void ClientConnection::write_i32_value(String const& domain, String const& group, String const& key, i32 value) void ClientConnection::write_i32_value(String const& domain, String const& group, String const& key, i32 value)
{ {
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes); auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_num_entry(group, key, value); config->write_num_entry(group, key, value);
} }
void ClientConnection::write_bool_value(String const& domain, String const& group, String const& key, bool value) void ClientConnection::write_bool_value(String const& domain, String const& group, String const& key, bool value)
{ {
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes); auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_bool_entry(group, key, value); config->write_bool_entry(group, key, value);
} }

6
Userland/Services/ConfigServer/ClientConnection.h
View file

@ -23,12 +23,18 @@ public:
private: private:
explicit ClientConnection(NonnullRefPtr<Core::LocalSocket>, int client_id); explicit ClientConnection(NonnullRefPtr<Core::LocalSocket>, int client_id);
virtual void pledge_domains(Vector<String> const&) override;
virtual Messages::ConfigServer::ReadStringValueResponse read_string_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override; virtual Messages::ConfigServer::ReadStringValueResponse read_string_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override;
virtual Messages::ConfigServer::ReadI32ValueResponse read_i32_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override; virtual Messages::ConfigServer::ReadI32ValueResponse read_i32_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override;
virtual Messages::ConfigServer::ReadBoolValueResponse read_bool_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override; virtual Messages::ConfigServer::ReadBoolValueResponse read_bool_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key) override;
virtual void write_string_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] String const& value) override; virtual void write_string_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] String const& value) override;
virtual void write_i32_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] i32 value) override; virtual void write_i32_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] i32 value) override;
virtual void write_bool_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] bool value) override; virtual void write_bool_value([[maybe_unused]] String const& domain, [[maybe_unused]] String const& group, [[maybe_unused]] String const& key, [[maybe_unused]] bool value) override;
bool validate_access(String const& domain, String const& group, String const& key);
bool m_has_pledged { false };
HashTable<String> m_pledged_domains;
}; };
} }

2
Userland/Services/ConfigServer/ConfigServer.ipc
View file

@ -1,5 +1,7 @@
endpoint ConfigServer endpoint ConfigServer
{ {
pledge_domains(Vector<String> domains) =|
read_string_value(String domain, String group, String key) => (Optional<String> value) read_string_value(String domain, String group, String key) => (Optional<String> value)
read_i32_value(String domain, String group, String key) => (Optional<i32> value) read_i32_value(String domain, String group, String key) => (Optional<i32> value)
read_bool_value(String domain, String group, String key) => (Optional<bool> value) read_bool_value(String domain, String group, String key) => (Optional<bool> value)