2 * Copyright (c) 2000-2009,2012 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
26 // process - track a single client process and its belongings
31 #include "tempdatabase.h"
32 #include "child.h" // ServerChild (really UnixPlusPlus::Child)::find()
34 #include <security_utilities/ccaudit.h>
35 #include <security_utilities/logging.h> //@@@ debug only
36 #include "agentquery.h"
40 // Construct a Process object.
42 Process::Process(TaskPort taskPort
, const ClientSetupInfo
*info
, const CommonCriteria::AuditToken
&audit
)
43 : mTaskPort(taskPort
), mByteFlipped(false), mPid(audit
.pid()), mUid(audit
.euid()), mGid(audit
.egid()), mAudit(audit
)
45 StLock
<Mutex
> _(*this);
46 xpc_transaction_begin();
48 parent(Session::find(audit
.sessionId(), true));
50 // let's take a look at our wannabe client...
52 // Not enough to make sure we will get the right process, as
53 // pids get recycled. But we will later create the actual SecCode using
54 // the audit token, which is unique to the one instance of the process,
55 // so this just catches a pid mismatch early.
56 if (mTaskPort
.pid() != mPid
) {
57 secnotice("SecServer", "Task/pid setup mismatch pid=%d task=%d(%d)",
58 mPid
, mTaskPort
.port(), mTaskPort
.pid());
59 CssmError::throwMe(CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED
); // you lied!
63 ClientIdentification::setup(this->audit_token());
66 // This can happen if the process died in the meantime.
67 secnotice("SecServer", "no process created in setup, old pid=%d old task=%d(%d)",
68 mPid
, mTaskPort
.port(), mTaskPort
.pid());
69 CssmError::throwMe(CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED
);
72 // NB: ServerChild::find() should only be used to determine
73 // *existence*. Don't use the returned Child object for anything else,
74 // as it is not protected against its underlying process's destruction.
75 if (this->pid() == getpid() // called ourselves (through some API). Do NOT record this as a "dirty" transaction
76 || ServerChild::find
<ServerChild
>(this->pid())) // securityd's child; do not mark this txn dirty
77 xpc_transaction_end();
79 secinfo("SecServer", "%p client new: pid:%d session:%d %s taskPort:%d uid:%d gid:%d", this, this->pid(), this->session().sessionId(),
80 (char *)codePath(this->processCode()).c_str(), taskPort
.port(), mUid
, mGid
);
85 // Screen a process setup request for an existing process.
86 // This means the client has requested intialization even though we remember having
87 // talked to it in the past. This could either be an exec(2), or the client could just
88 // have forgotten all about its securityd client state. Or it could be an attack...
90 void Process::reset(TaskPort taskPort
, const ClientSetupInfo
*info
, const CommonCriteria::AuditToken
&audit
)
92 StLock
<Mutex
> _(*this);
93 if (taskPort
!= mTaskPort
) {
94 secnotice("SecServer", "Process %p(%d) reset mismatch (tp %d-%d)",
95 this, pid(), taskPort
.port(), mTaskPort
.port());
96 //@@@ CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE); // liar
99 CFCopyRef
<SecCodeRef
> oldCode
= processCode();
101 ClientIdentification::setup(this->audit_token()); // re-constructs processCode()
102 if (CFEqual(oldCode
, processCode())) {
103 secnotice("SecServer", "%p Client reset amnesia", this);
105 secnotice("SecServer", "%p Client reset full", this);
111 // Common set processing
113 void Process::setup(const ClientSetupInfo
*info
)
115 // process setup info
118 if (info
->order
== 0x1234) { // right side up
119 pversion
= info
->version
;
120 mByteFlipped
= false;
121 } else if (info
->order
== 0x34120000) { // flip side up
122 pversion
= flip(info
->version
);
124 } else // non comprende
125 CssmError::throwMe(CSSM_ERRCODE_INCOMPATIBLE_VERSION
);
127 // check wire protocol version
128 if (pversion
!= SSPROTOVERSION
)
129 CssmError::throwMe(CSSM_ERRCODE_INCOMPATIBLE_VERSION
);
134 // Clean up a Process object
138 secinfo("SecServer", "%p client release: %d", this, this->pid());
140 // release our name for the process's task port
142 mTaskPort
.deallocate();
144 xpc_transaction_end();
149 StLock
<Mutex
> _(*this);
151 // release local temp store
154 // standard kill processing
159 Session
& Process::session() const
161 return parent
<Session
>();
165 void Process::checkSession(const audit_token_t
&auditToken
)
167 Security::CommonCriteria::AuditToken
audit(auditToken
);
168 if (audit
.sessionId() != this->session().sessionId())
169 this->changeSession(audit
.sessionId());
173 LocalDatabase
&Process::localStore()
175 StLock
<Mutex
> _(*this);
177 mLocalStore
= new TempDatabase(*this);
181 Key
*Process::makeTemporaryKey(const CssmKey
&key
, CSSM_KEYATTR_FLAGS moreAttributes
,
182 const AclEntryPrototype
*owner
)
184 return safer_cast
<TempDatabase
&>(localStore()).makeKey(key
, moreAttributes
, owner
);
189 // Change the session of a process.
190 // This is the result of SessionCreate from a known process client.
192 void Process::changeSession(Session::SessionId sessionId
)
195 parent(Session::find(sessionId
, true));
196 secnotice("SecServer", "%p client change session to %d", this, this->session().sessionId());
201 // Debug dump support
203 #if defined(DEBUGDUMP)
205 void Process::dumpNode()
207 PerProcess::dumpNode();
209 Debug::dump(" FLIPPED");
210 Debug::dump(" task=%d pid=%d uid/gid=%d/%d",
211 mTaskPort
.port(), mPid
, mUid
, mGid
);
212 ClientIdentification::dump();