OSX/libsecurity_translocate/lib/SecTranslocateShared.hpp

   1 /*
   2  * Copyright (c) 2016 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /* Purpose: This header exposes shared functions that actually implement mount creation, policy question
  25     answering and mount deletion.
  26
  27    Important: None of these functions implement synchronization and they all throw exceptions. It is up
  28     to the caller to handle those concerns.
  29  */
  30
  31 #include <string>
  32 #include "SecTranslocateUtilities.hpp"
  33
  34 #ifndef SecTranslocateShared_hpp
  35 #define SecTranslocateShared_hpp
  36
  37 namespace Security {
  38
  39 namespace SecTranslocate {
  40
  41 using namespace std;
  42
  43 /* XPC Function keys */
  44 extern const char* kSecTranslocateXPCFuncCreate;
  45 extern const char* kSecTranslocateXPCFuncCheckIn;
  46
  47 /* XPC message argument keys */
  48 extern const char* kSecTranslocateXPCMessageFunction;
  49 extern const char* kSecTranslocateXPCMessageOriginalPath;
  50 extern const char* kSecTranslocateXPCMessageDestinationPath;
  51 extern const char* kSecTranslocateXPCMessagePid;
  52
  53 /*XPC message reply keys */
  54 extern const char* kSecTranslocateXPCReplyError;
  55 extern const char* kSecTranslocateXPCReplySecurePath;
  56
  57 class TranslocationPath
  58 {
  59 public:
  60     TranslocationPath(string originalPath);
  61     inline bool shouldTranslocate() const { return should; };
  62     inline const string & getOriginalRealPath() const { return realOriginalPath; };
  63     inline const string & getPathToTranslocate() const { return pathToTranslocate; };
  64     inline const string & getPathInsideTranslocation() const { return pathInsideTranslocationPoint; };
  65     inline const string & getComponentNameToTranslocate() const { return componentNameToTranslocate; };
  66     string getTranslocatedPathToOriginalPath(const string &translocationPoint) const;
  67 private:
  68     TranslocationPath() = delete;
  69
  70     bool should;
  71     string realOriginalPath;
  72     string pathToTranslocate;
  73     string componentNameToTranslocate; //the final component of pathToTranslocate
  74     string pathInsideTranslocationPoint;
  75
  76     ExtendedAutoFileDesc findOuterMostCodeBundleForFD(ExtendedAutoFileDesc &fd);
  77 };
  78
  79 string getOriginalPath(const ExtendedAutoFileDesc& fd, bool* isDir); //throws
  80
  81 // For methods below, the caller is responsible for ensuring that only one thread is
  82 // accessing/modifying the mount table at a time
  83 string translocatePathForUser(const TranslocationPath &originalPath, const string &destPath); //throws
  84 bool destroyTranslocatedPathForUser(const string &translocatedPath); //throws
  85 bool destroyTranslocatedPathsForUserOnVolume(const string &volumePath = ""); //throws
  86 void tryToDestroyUnusedTranslocationMounts();
  87
  88 } //namespace SecTranslocate
  89 }// namespace Security
  90
  91 #endif /* SecTranslocateShared_hpp */