IPC: add a function to check runtime support

Apple sandboxes restrict use of the System V / XSI IPC mechanisms. It's currently the only restriction we check for. Attempting to use them will result in SIGSYS delivered to the application, so we shouldn't try. Linux system call filtration can do the same. In fact, systemd's SystemCallFilter= options do default to SIGSYS too and it has an @ipc group that could be used to block SysV. However, the same group blocks the creation of pipes, so it's not in much use. Change-Id: I12a088d1ae424825abd3fffd171d79f7cd5b2b9d Reviewed-by: Mårten Nordheim <[email protected]>
isolovev · Jan 22, 2023 · 510e091 · 510e091
1 parent 0b79f58
commit 510e091
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/src/corelib/ipc/qtipccommon.cpp b/src/corelib/ipc/qtipccommon.cpp
@@ -85,6 +85,33 @@ static QNativeIpcKey::Type stringToType(QStringView typeString)
     return QNativeIpcKey::Type{};
 }
 
+#if defined(Q_OS_DARWIN) || defined(QT_BUILD_INTERNAL)
+/*!
+    \internal
+
+    Returns whether this IPC type \a ipcType and key type \a keyType is
+    supported on the current machine, with a runtime check.
+*/
+bool QtIpcCommon::isIpcSupportedAtRuntime(IpcType ipcType, QNativeIpcKey::Type keyType)
+{
+    switch (keyType) {
+    case QNativeIpcKey::Type::SystemV:
+        break;
+
+    case QNativeIpcKey::Type::PosixRealtime:
+    case QNativeIpcKey::Type::Windows:
+        return isIpcSupported(ipcType, keyType);
+    }
+
+#  if defined(Q_OS_DARWIN)
+    // System V IPC is not supported on Apple platforms if the application is
+    // currently running in a sandbox.
+    return !qt_apple_isSandboxed();
+#  endif
+    return isIpcSupported(ipcType, keyType);
+}
+#endif
+
 /*!
     \internal
 

diff --git a/src/corelib/ipc/qtipccommon_p.h b/src/corelib/ipc/qtipccommon_p.h
@@ -57,6 +57,11 @@ static constexpr bool isIpcSupported(IpcType ipcType, QNativeIpcKey::Type type)
         return QT_CONFIG(sysv_shm);
     return QT_CONFIG(sysv_sem);
 }
+#if defined(Q_OS_DARWIN) || defined(QT_BUILD_INTERNAL)
+bool isIpcSupportedAtRuntime(IpcType type, QNativeIpcKey::Type);
+#else
+static constexpr auto isIpcSupportedAtRuntime = isIpcSupported;
+#endif
 
 Q_AUTOTEST_EXPORT QString
 legacyPlatformSafeKey(const QString &key, IpcType ipcType,