[apple/security.git] / securityd / src / notifications.h

/*
 * Copyright (c) 2000-2004,2006-2008 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// notifications - handling of securityd-gated notification messages
//
#ifndef _H_NOTIFICATIONS
#define _H_NOTIFICATIONS

#include <security_utilities/mach++.h>
#include <security_utilities/machserver.h>
#include <security_utilities/globalizer.h>
#include <securityd_client/ssclient.h>
#include "SharedMemoryCommon.h"
#include <map>
#include <queue>

#include "SharedMemoryServer.h"

using MachPlusPlus::Port;
using MachPlusPlus::MachServer;
using SecurityServer::NotificationDomain;
using SecurityServer::NotificationEvent;
using SecurityServer::NotificationMask;

class SharedMemoryListener;

//
// A registered receiver of notifications.
// This is an abstract class; you must subclass to define notifyMe().
//
// All Listeners in existence are collected in an internal map of ports to
// Listener*s, which makes them eligible to have events delivered to them via
// their notifyMe() method. There are (only) two viable lifetime management
// strategies for your Listener subclass:
// (1) Eternal: don't ever destroy your Listener. All is well. By convention,
// such Listeners use the null port.
// (2) Port-based: To get rid of your Listeners, call Listener::remove(port),
// which will delete(!) all Listeners constructed with that port.
// Except for the remove() functionality, Listener does not interpret the port.
//
// If you need another Listener lifetime management strategy, you will probably
// have to change things around here.
//
class Listener: public RefCount {
public:
	Listener(NotificationDomain domain, NotificationMask events,
		mach_port_t port = MACH_PORT_NULL);	
	virtual ~Listener();

	// inject an event into the notification system
    static void notify(NotificationDomain domain,
		NotificationEvent event, const CssmData &data);
    static void notify(NotificationDomain domain,
		NotificationEvent event, uint32 sequence, const CssmData &data, audit_token_t auditToken);
    static bool remove(Port port);

    const NotificationDomain domain;
    const NotificationMask events;
	
	bool wants(NotificationEvent event)
	{ return (1 << event) & events; }

protected:
	class Notification : public RefCount {
	public:
		Notification(NotificationDomain domain, NotificationEvent event,
			uint32 seq, const CssmData &data);
		virtual ~Notification();
		
		const NotificationDomain domain;
		const NotificationEvent event;
		const uint32 sequence;
		const CssmAutoData data;

        std::string description() const;
		size_t size() const
		{ return data.length(); }	//@@@ add "slop" here for heuristic?
	};
	
	virtual void notifyMe(Notification *message) = 0;

    static bool testPredicate(const std::function<bool(const Listener& listener)> test);

public:
	class JitterBuffer {
	public:
		JitterBuffer() : mNotifyLast(0) { }

		bool inSequence(Notification *message);
		RefPointer<Notification> popNotification();
		
	private:
		uint32 mNotifyLast;		// last notification seq processed
		typedef std::map<uint32, RefPointer<Notification> > JBuffer;
		JBuffer mBuffer;		// early messages buffer
	};
	
private:
	static void sendNotification(Notification *message);
    
private:
    typedef multimap<mach_port_t, RefPointer<Listener> > ListenerMap;
    static ListenerMap& listeners;
    static Mutex setLock;
};


class SharedMemoryListener : public Listener, public SharedMemoryServer, public Security::MachPlusPlus::MachServer::Timer
{
protected:
	virtual void action ();
	virtual void notifyMe(Notification *message);

    static bool findUID(uid_t uid);
    static int get_process_euid(pid_t pid, uid_t& out_euid);

    bool needsPrivacyFilter(Notification *notification);
    bool isTrustEvent(Notification *notification);
    uint32 getRecordType(const CssmData& val) const;
    
	bool mActive;

    Mutex mMutex;

public:
	SharedMemoryListener (const char* serverName, u_int32_t serverSize, uid_t uid = 0, gid_t gid = 0);
	virtual ~SharedMemoryListener ();

    static void createDefaultSharedMemoryListener(uid_t uid, gid_t gid);
};

#endif
Commit	Line	Data
d8f41ccd A	1	/*
	2	* Copyright (c) 2000-2004,2006-2008 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// notifications - handling of securityd-gated notification messages
	27	//
	28	#ifndef _H_NOTIFICATIONS
	29	#define _H_NOTIFICATIONS
	30
	31	#include <security_utilities/mach++.h>
	32	#include <security_utilities/machserver.h>
	33	#include <security_utilities/globalizer.h>
	34	#include <securityd_client/ssclient.h>
6b200bc3	35	#include "SharedMemoryCommon.h"
d8f41ccd A	36	#include <map>
	37	#include <queue>
	38
	39	#include "SharedMemoryServer.h"
	40
	41	using MachPlusPlus::Port;
	42	using MachPlusPlus::MachServer;
	43	using SecurityServer::NotificationDomain;
	44	using SecurityServer::NotificationEvent;
	45	using SecurityServer::NotificationMask;
	46
	47	class SharedMemoryListener;
	48
	49	//
	50	// A registered receiver of notifications.
	51	// This is an abstract class; you must subclass to define notifyMe().
	52	//
	53	// All Listeners in existence are collected in an internal map of ports to
	54	// Listener*s, which makes them eligible to have events delivered to them via
	55	// their notifyMe() method. There are (only) two viable lifetime management
	56	// strategies for your Listener subclass:
	57	// (1) Eternal: don't ever destroy your Listener. All is well. By convention,
	58	// such Listeners use the null port.
	59	// (2) Port-based: To get rid of your Listeners, call Listener::remove(port),
	60	// which will delete(!) all Listeners constructed with that port.
	61	// Except for the remove() functionality, Listener does not interpret the port.
	62	//
	63	// If you need another Listener lifetime management strategy, you will probably
	64	// have to change things around here.
	65	//
	66	class Listener: public RefCount {
	67	public:
	68	Listener(NotificationDomain domain, NotificationMask events,
	69	mach_port_t port = MACH_PORT_NULL);
	70	virtual ~Listener();
	71
	72	// inject an event into the notification system
	73	static void notify(NotificationDomain domain,
	74	NotificationEvent event, const CssmData &data);
	75	static void notify(NotificationDomain domain,
6b200bc3	76	NotificationEvent event, uint32 sequence, const CssmData &data, audit_token_t auditToken);
d8f41ccd A	77	static bool remove(Port port);
	78
	79	const NotificationDomain domain;
	80	const NotificationMask events;
	81
	82	bool wants(NotificationEvent event)
	83	{ return (1 << event) & events; }
	84
	85	protected:
	86	class Notification : public RefCount {
	87	public:
	88	Notification(NotificationDomain domain, NotificationEvent event,
	89	uint32 seq, const CssmData &data);
	90	virtual ~Notification();
	91
	92	const NotificationDomain domain;
	93	const NotificationEvent event;
	94	const uint32 sequence;
	95	const CssmAutoData data;
6b200bc3 A	96
6b200bc3 A	97	std::string description() const;
d8f41ccd A	98	size_t size() const
	99	{ return data.length(); } //@@@ add "slop" here for heuristic?
	100	};
	101
	102	virtual void notifyMe(Notification *message) = 0;
6b200bc3 A	103
	104	static bool testPredicate(const std::function<bool(const Listener& listener)> test);
	105
d8f41ccd A	106	public:
	107	class JitterBuffer {
	108	public:
	109	JitterBuffer() : mNotifyLast(0) { }
	110
	111	bool inSequence(Notification *message);
	112	RefPointer<Notification> popNotification();
	113
	114	private:
	115	uint32 mNotifyLast; // last notification seq processed
	116	typedef std::map<uint32, RefPointer<Notification> > JBuffer;
	117	JBuffer mBuffer; // early messages buffer
	118	};
	119
	120	private:
	121	static void sendNotification(Notification *message);
	122
	123	private:
	124	typedef multimap<mach_port_t, RefPointer<Listener> > ListenerMap;
	125	static ListenerMap& listeners;
	126	static Mutex setLock;
	127	};
	128
	129
	130
	131	class SharedMemoryListener : public Listener, public SharedMemoryServer, public Security::MachPlusPlus::MachServer::Timer
	132	{
	133	protected:
	134	virtual void action ();
	135	virtual void notifyMe(Notification *message);
	136
6b200bc3 A	137	static bool findUID(uid_t uid);
	138	static int get_process_euid(pid_t pid, uid_t& out_euid);
	139
	140	bool needsPrivacyFilter(Notification *notification);
	141	bool isTrustEvent(Notification *notification);
	142	uint32 getRecordType(const CssmData& val) const;
	143
d8f41ccd A	144	bool mActive;
d8f41ccd A	145
79b9da22 A	146	Mutex mMutex;
79b9da22 A	147
d8f41ccd	148	public:
6b200bc3	149	SharedMemoryListener (const char* serverName, u_int32_t serverSize, uid_t uid = 0, gid_t gid = 0);
d8f41ccd	150	virtual ~SharedMemoryListener ();
6b200bc3 A	151
6b200bc3 A	152	static void createDefaultSharedMemoryListener(uid_t uid, gid_t gid);
d8f41ccd A	153	};
	154
	155	#endif