KVSKeychainSyncingProxy/CKDAKSLockMonitor.m

   1 //
   2 //  CKDAKSLockMonitor.m
   3 //  Security
   4 //
   5 //  Created by Mitch Adler on 11/2/16.
   6 //
   7 //
   8
   9 #import <Foundation/Foundation.h>
  10
  11 #import "CKDAKSLockMonitor.h"
  12
  13 #include <utilities/SecCFRelease.h>
  14 #include <utilities/SecAKSWrappers.h>
  15 #include <utilities/debugging.h>
  16
  17 #include <notify.h>
  18
  19 @interface CKDAKSLockMonitor ()
  20
  21 @property XPCNotificationDispatcher* dispatcher;
  22 @property XPCNotificationBlock notificationBlock;
  23 @property dispatch_queue_t queue;
  24
  25 @end
  26
  27 @implementation CKDAKSLockMonitor
  28
  29 + (instancetype) monitor {
  30     return [[CKDAKSLockMonitor alloc] init];
  31 }
  32
  33 - (instancetype)init {
  34     self = [super init];
  35
  36     if (self) {
  37         XPCNotificationDispatcher* dispatcher = [XPCNotificationDispatcher dispatcher];
  38
  39         _queue = dispatch_queue_create("CKDAKSLockMonitor", NULL);
  40         _locked = true;
  41         _unlockedSinceBoot = false;
  42
  43         /* also use dispatch to make sure */
  44         int token = 0;
  45         __weak typeof(self) weakSelf = self;
  46         notify_register_dispatch(kUserKeybagStateChangeNotification, &token, _queue, ^(int t) {
  47             [weakSelf _onqueueRecheck];
  48         });
  49
  50         [self recheck];
  51
  52         [dispatcher addListener: self];
  53     }
  54
  55     return self;
  56 }
  57
  58 - (void) handleNotification:(const char *)name {
  59     if (strcmp(name, kUserKeybagStateChangeNotification) == 0 || strcmp(name, "com.apple.mobile.keybagd.lock_status") == 0) {
  60         [self recheck];
  61     }
  62 }
  63
  64 - (void) notifyListener {
  65     // Take a strong reference:
  66     __strong __typeof(self.listener) listener = self.listener;
  67
  68     if (listener) {
  69         if (self.locked) {
  70             [listener locked];
  71         } else {
  72             [listener unlocked];
  73         }
  74     }
  75 }
  76
  77 - (void)connectTo: (NSObject<CKDLockListener>*) listener {
  78     _listener = listener;
  79     [self notifyListener];
  80 }
  81
  82 - (void) recheck {
  83     dispatch_async(_queue, ^{
  84         [self _onqueueRecheck];
  85     });
  86 }
  87
  88 - (void) _onqueueRecheck {
  89     CFErrorRef aksError = NULL;
  90     bool locked = true; // Assume locked if we get an error
  91
  92     if (!SecAKSGetIsLocked(&locked, &aksError)) {
  93         secerror("%@ Got error querying lock state: %@", self, aksError);
  94         CFReleaseSafe(aksError);
  95     }
  96
  97     BOOL previousLocked = self.locked;
  98     _locked = locked;
  99
 100     if (!self.locked) {
 101         _unlockedSinceBoot = true;
 102     }
 103
 104     if (previousLocked != self.locked) {
 105         // recheck might get called from ckdkvsproxy_queue (see 30510390)
 106         dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
 107             [self notifyListener];
 108         });
 109     }
 110 }
 111
 112 @end