config: add uid client criteria

jay-config/src/_private.rs

@@ -82,6 +82,7 @@ pub enum ClientCriterionIpc {
         regex: bool,
     },
     Sandboxed,
+    Uid(i32),
 }
 
 #[derive(Serialize, Deserialize, Clone, Debug, Hash, Eq, PartialEq)]

jay-config/src/_private/client.rs

@@ -1542,6 +1542,7 @@ impl ConfigClient {
             ClientCriterion::SandboxInstanceId(t) => string!(t, SandboxInstanceId, false),
             ClientCriterion::SandboxInstanceIdRegex(t) => string!(t, SandboxInstanceId, true),
             ClientCriterion::Sandboxed => ClientCriterionIpc::Sandboxed,
+            ClientCriterion::Uid(p) => ClientCriterionIpc::Uid(p),
         };
         let res = self.send_with_response(&ClientMessage::CreateClientMatcher { criterion });
         get_response!(

jay-config/src/client.rs

@@ -77,6 +77,8 @@ pub enum ClientCriterion<'a> {
     SandboxInstanceIdRegex(&'a str),
     /// Matches if the client is sandboxed.
     Sandboxed,
+    /// Matches the user ID of the client.
+    Uid(i32),
 }
 
 impl ClientCriterion<'_> {

src/config/handler.rs

@@ -1885,6 +1885,7 @@ impl ConfigProxyHandler {
                 }
             }
             ClientCriterionIpc::Sandboxed => mgr.sandboxed(),
+            ClientCriterionIpc::Uid(p) => mgr.uid(*p),
         };
         let cached = Rc::new(CachedCriterion {
             crit: criterion.clone(),

src/criteria/clm.rs

@@ -11,6 +11,7 @@ use {
                 clmm_string::{
                     ClmMatchSandboxAppId, ClmMatchSandboxEngine, ClmMatchSandboxInstanceId,
                 },
+                clmm_uid::ClmMatchUid,
             },
             crit_graph::{
                 CritMgr, CritRoot, CritRootFixed, CritTarget, CritTargetOwner, WeakCritTargetOwner,
@@ -52,6 +53,7 @@ pub struct RootMatchers {
     sandbox_app_id: ClmRootMatcherMap<ClmMatchSandboxAppId>,
     sandbox_engine: ClmRootMatcherMap<ClmMatchSandboxEngine>,
     sandbox_instance_id: ClmRootMatcherMap<ClmMatchSandboxInstanceId>,
+    uid: ClmRootMatcherMap<ClmMatchUid>,
 }
 
 pub async fn handle_cl_changes(state: Rc<State>) {
@@ -151,6 +153,7 @@ impl ClMatcherManager {
             unconditional!(sandbox_instance_id);
             unconditional!(sandbox_app_id);
             unconditional!(sandbox_engine);
+            unconditional!(uid);
             fixed!(sandboxed);
             self.constant[true].handle(data);
         }
@@ -171,6 +174,10 @@ impl ClMatcherManager {
     pub fn sandboxed(&self) -> Rc<ClmUpstreamNode> {
         self.sandboxed[true].clone()
     }
+
+    pub fn uid(&self, pid: i32) -> Rc<ClmUpstreamNode> {
+        self.root(ClmMatchUid(pid as _))
+    }
 }
 
 impl CritTarget for Rc<Client> {

src/criteria/clm/clm_matchers.rs

@@ -19,3 +19,4 @@ macro_rules! fixed_root_criterion {
 
 pub mod clmm_sandboxed;
 pub mod clmm_string;
+pub mod clmm_uid;

src/criteria/clm/clm_matchers/clmm_uid.rs

@@ -0,0 +1,20 @@
+use {
+    crate::{
+        client::Client,
+        criteria::{RootMatcherMap, clm::RootMatchers, crit_graph::CritRootCriterion},
+    },
+    std::rc::Rc,
+    uapi::c,
+};
+
+pub struct ClmMatchUid(pub c::uid_t);
+
+impl CritRootCriterion<Rc<Client>> for ClmMatchUid {
+    fn matches(&self, data: &Rc<Client>) -> bool {
+        data.pid_info.uid == self.0
+    }
+
+    fn nodes(roots: &RootMatchers) -> Option<&RootMatcherMap<Rc<Client>, Self>> {
+        Some(&roots.uid)
+    }
+}

toml-config/src/config.rs

@@ -232,6 +232,7 @@ pub struct ClientMatch {
     pub sandbox_instance_id: Option<String>,
     pub sandbox_instance_id_regex: Option<String>,
     pub sandboxed: Option<bool>,
+    pub uid: Option<i32>,
 }
 
 #[derive(Debug, Clone)]

toml-config/src/config/parsers/client_match.rs

@@ -3,7 +3,7 @@ use {
         config::{
             ClientMatch, GenericMatch, MatchExactly,
             context::Context,
-            extractor::{Extractor, ExtractorError, arr, bol, n32, opt, str, val},
+            extractor::{Extractor, ExtractorError, arr, bol, n32, opt, s32, str, val},
             parser::{DataType, ParseResult, Parser, UnexpectedDataType},
         },
         toml::{
@@ -49,7 +49,7 @@ impl Parser for ClientMatchParser<'_> {
                 sandbox_app_id,
                 sandbox_app_id_regex,
             ),
-            (sandbox_instance_id, sandbox_instance_id_regex),
+            (sandbox_instance_id, sandbox_instance_id_regex, uid),
         ) = ext.extract((
             (
                 opt(str("name")),
@@ -66,6 +66,7 @@ impl Parser for ClientMatchParser<'_> {
             (
                 opt(str("sandbox-instance-id")),
                 opt(str("sandbox-instance-id-regex")),
+                opt(s32("uid")),
             ),
         ))?;
         let mut not = None;
@@ -106,6 +107,7 @@ impl Parser for ClientMatchParser<'_> {
             sandbox_instance_id: sandbox_instance_id.despan_into(),
             sandbox_instance_id_regex: sandbox_instance_id_regex.despan_into(),
             sandboxed: sandboxed.despan(),
+            uid: uid.despan(),
         })
     }
 }

toml-config/src/rules.rs

@@ -95,6 +95,13 @@ impl Rule for ClientRule {
                 }
             };
         }
+        macro_rules! value {
+            ($ty:ident, $field:ident) => {
+                if let Some(value) = match_.$field {
+                    all.push(m(ClientCriterion::$ty(value)));
+                }
+            };
+        }
         macro_rules! bool {
             ($ty:ident, $field:ident) => {
                 if let Some(value) = &match_.$field {
@@ -113,6 +120,7 @@ impl Rule for ClientRule {
         value_ref!(SandboxAppIdRegex, sandbox_app_id_regex);
         value_ref!(SandboxInstanceId, sandbox_instance_id);
         value_ref!(SandboxInstanceIdRegex, sandbox_instance_id_regex);
+        value!(Uid, uid);
         bool!(Sandboxed, sandboxed);
         Some(())
     }

toml-spec/spec/spec.generated.json

@@ -559,6 +559,10 @@
         "sandbox-instance-id-regex": {
           "type": "string",
           "description": "Matches the instance id of the client's sandbox with a regular expression.\n"
+        },
+        "uid": {
+          "type": "integer",
+          "description": "Matches the user ID of the client."
         }
       },
       "required": []

toml-spec/spec/spec.generated.md

@@ -871,6 +871,14 @@ The table has the following fields:
 
   The value of this field should be a string.
 
+- `uid` (optional):
+
+  Matches the user ID of the client.
+
+  The value of this field should be a number.
+
+  The numbers should be integers.
+
 
 <a name="types-ClientMatchExactly"></a>
 ### `ClientMatchExactly`

toml-spec/spec/spec.yaml

@@ -3237,6 +3237,11 @@ ClientMatch:
       required: false
       description: |
         Matches the instance id of the client's sandbox with a regular expression.
+    uid:
+      kind: number
+      integer_only: true
+      required: false
+      description: Matches the user ID of the client.
 
 
 ClientMatchExactly: