]> git.saurik.com Git - apple/security.git/blob - securityd/src/notifications.h
Security-58286.240.4.tar.gz
[apple/security.git] / securityd / src / notifications.h
1 /*
2 * Copyright (c) 2000-2004,2006-2008 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // notifications - handling of securityd-gated notification messages
27 //
28 #ifndef _H_NOTIFICATIONS
29 #define _H_NOTIFICATIONS
30
31 #include <security_utilities/mach++.h>
32 #include <security_utilities/machserver.h>
33 #include <security_utilities/globalizer.h>
34 #include <securityd_client/ssclient.h>
35 #include "SharedMemoryCommon.h"
36 #include <map>
37 #include <queue>
38
39 #include "SharedMemoryServer.h"
40
41 using MachPlusPlus::Port;
42 using MachPlusPlus::MachServer;
43 using SecurityServer::NotificationDomain;
44 using SecurityServer::NotificationEvent;
45 using SecurityServer::NotificationMask;
46
47 class SharedMemoryListener;
48
49 //
50 // A registered receiver of notifications.
51 // This is an abstract class; you must subclass to define notifyMe().
52 //
53 // All Listeners in existence are collected in an internal map of ports to
54 // Listener*s, which makes them eligible to have events delivered to them via
55 // their notifyMe() method. There are (only) two viable lifetime management
56 // strategies for your Listener subclass:
57 // (1) Eternal: don't ever destroy your Listener. All is well. By convention,
58 // such Listeners use the null port.
59 // (2) Port-based: To get rid of your Listeners, call Listener::remove(port),
60 // which will delete(!) all Listeners constructed with that port.
61 // Except for the remove() functionality, Listener does not interpret the port.
62 //
63 // If you need another Listener lifetime management strategy, you will probably
64 // have to change things around here.
65 //
66 class Listener: public RefCount {
67 public:
68 Listener(NotificationDomain domain, NotificationMask events,
69 mach_port_t port = MACH_PORT_NULL);
70 virtual ~Listener();
71
72 // inject an event into the notification system
73 static void notify(NotificationDomain domain,
74 NotificationEvent event, const CssmData &data);
75 static void notify(NotificationDomain domain,
76 NotificationEvent event, uint32 sequence, const CssmData &data, audit_token_t auditToken);
77 static bool remove(Port port);
78
79 const NotificationDomain domain;
80 const NotificationMask events;
81
82 bool wants(NotificationEvent event)
83 { return (1 << event) & events; }
84
85 protected:
86 class Notification : public RefCount {
87 public:
88 Notification(NotificationDomain domain, NotificationEvent event,
89 uint32 seq, const CssmData &data);
90 virtual ~Notification();
91
92 const NotificationDomain domain;
93 const NotificationEvent event;
94 const uint32 sequence;
95 const CssmAutoData data;
96
97 std::string description() const;
98 size_t size() const
99 { return data.length(); } //@@@ add "slop" here for heuristic?
100 };
101
102 virtual void notifyMe(Notification *message) = 0;
103
104 static bool testPredicate(const std::function<bool(const Listener& listener)> test);
105
106 public:
107 class JitterBuffer {
108 public:
109 JitterBuffer() : mNotifyLast(0) { }
110
111 bool inSequence(Notification *message);
112 RefPointer<Notification> popNotification();
113
114 private:
115 uint32 mNotifyLast; // last notification seq processed
116 typedef std::map<uint32, RefPointer<Notification> > JBuffer;
117 JBuffer mBuffer; // early messages buffer
118 };
119
120 private:
121 static void sendNotification(Notification *message);
122
123 private:
124 typedef multimap<mach_port_t, RefPointer<Listener> > ListenerMap;
125 static ListenerMap& listeners;
126 static Mutex setLock;
127 };
128
129
130
131 class SharedMemoryListener : public Listener, public SharedMemoryServer, public Security::MachPlusPlus::MachServer::Timer
132 {
133 protected:
134 virtual void action ();
135 virtual void notifyMe(Notification *message);
136
137 static bool findUID(uid_t uid);
138 static int get_process_euid(pid_t pid, uid_t& out_euid);
139
140 bool needsPrivacyFilter(Notification *notification);
141 bool isTrustEvent(Notification *notification);
142 uint32 getRecordType(const CssmData& val) const;
143
144 bool mActive;
145
146 Mutex mMutex;
147
148 public:
149 SharedMemoryListener (const char* serverName, u_int32_t serverSize, uid_t uid = 0, gid_t gid = 0);
150 virtual ~SharedMemoryListener ();
151
152 static void createDefaultSharedMemoryListener(uid_t uid, gid_t gid);
153 };
154
155 #endif