]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_translocate/lib/SecTranslocateServer.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59754.41.1.tar.gz
[apple/security.git] / OSX / libsecurity_translocate / lib / SecTranslocateServer.cpp
1 /*
2 * Copyright (c) 2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include <string>
25 #include <vector>
26 #include <exception>
27 #include <dispatch/dispatch.h>
28
29 #include "SecTranslocateShared.hpp"
30 #include "SecTranslocateServer.hpp"
31 #include "SecTranslocateUtilities.hpp"
32 #include "SecTranslocateDANotification.hpp"
33 #include "SecTranslocateXPCServer.hpp"
34 #include "SecTranslocateLSNotification.hpp"
35 #undef check //The CoreServices code pulls in a check macro that we don't want
36
37 #include <security_utilities/unix++.h>
38 #include <security_utilities/logging.h>
39
40 namespace Security {
41
42 using namespace Security::UnixPlusPlus;
43
44 namespace SecTranslocate {
45
46 using namespace std;
47
48 /* Try to cleanup every 12 hrs */
49 #define TRANSLOCATION_CLEANUP_INTERVAL 12ULL * 60ULL * 60ULL * NSEC_PER_SEC
50 #define TRANSLOCATION_CLEANUP_LEEWAY TRANSLOCATION_CLEANUP_INTERVAL/2ULL
51
52 /* Initialize a dispatch queue to serialize operations */
53 TranslocatorServer::TranslocatorServer(dispatch_queue_t q):syncQ(q), da(q), ls(q),xpc(q)
54 {
55 if (!q)
56 {
57 Syslog::critical("SecTranslocate: TranslocatorServer failed to create the dispatch queue");
58 UnixError::throwMe(ENOMEM);
59 }
60 dispatch_retain(syncQ);
61
62 setupPeriodicCleanup();
63
64 Syslog::warning("SecTranslocate: Server started");
65 }
66
67 /* Destroy the dispatch queue and listeners when they are no longer needed */
68 TranslocatorServer::~TranslocatorServer()
69 {
70 if( syncQ )
71 {
72 dispatch_release(syncQ);
73 }
74
75 if(cleanupTimer)
76 {
77 dispatch_source_cancel(cleanupTimer);
78 cleanupTimer = NULL;
79 }
80 }
81
82 // This is intended for use by the host process of the server if necessary
83 // Create a translocation for original path if appropriate
84 string TranslocatorServer::translocatePathForUser(const TranslocationPath &originalPath, const string &destPath)
85 {
86 __block string newPath;
87 __block exception_ptr exception(0);
88
89 dispatch_sync(syncQ, ^{
90 try
91 {
92 newPath = Security::SecTranslocate::translocatePathForUser(originalPath,destPath);
93 }
94 catch (...)
95 {
96 exception = current_exception();
97 }
98 });
99 if (exception)
100 {
101 rethrow_exception(exception);
102 }
103 return newPath;
104 }
105
106 string TranslocatorServer::translocatePathForUser(const GenericTranslocationPath &originalPath, const string &destPath)
107 {
108 __block string newPath;
109 __block exception_ptr exception(0);
110
111 dispatch_sync(syncQ, ^{
112 try
113 {
114 newPath = Security::SecTranslocate::translocatePathForUser(originalPath,destPath);
115 }
116 catch (...)
117 {
118 exception = current_exception();
119 }
120 });
121 if (exception)
122 {
123 rethrow_exception(exception);
124 }
125 return newPath;
126 }
127
128 // This is intended for use by the host process of the server if necessary
129 // Destroy the translocation mount at translocatedPath if allowed
130 bool TranslocatorServer::destroyTranslocatedPathForUser(const string &translocatedPath)
131 {
132 __block bool result = false;
133 __block exception_ptr exception(0);
134 dispatch_sync(syncQ, ^{
135 try
136 {
137 result = Security::SecTranslocate::destroyTranslocatedPathForUser(translocatedPath);
138 }
139 catch (...)
140 {
141 exception = current_exception();
142 }
143 });
144 if (exception)
145 {
146 rethrow_exception(exception);
147 }
148 return result;
149 }
150
151 void TranslocatorServer::appLaunchCheckin(pid_t pid)
152 {
153 //This is thrown on the queue as an async task in the call so don't need to do anything extra.
154 ls.checkIn(pid);
155 }
156
157 void TranslocatorServer::setupPeriodicCleanup()
158 {
159 cleanupTimer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, syncQ);
160
161 dispatch_time_t when = dispatch_time(DISPATCH_TIME_NOW, TRANSLOCATION_CLEANUP_INTERVAL);
162 dispatch_source_set_timer(cleanupTimer, when, TRANSLOCATION_CLEANUP_INTERVAL, TRANSLOCATION_CLEANUP_LEEWAY);
163
164 dispatch_source_set_cancel_handler(cleanupTimer, ^{
165 dispatch_release(cleanupTimer);
166 });
167
168 dispatch_source_set_event_handler(cleanupTimer, ^{
169 try
170 {
171 Syslog::notice("SecTranslocate: attempting to cleanup unused translocation points");
172 tryToDestroyUnusedTranslocationMounts();
173 }
174 catch (Security::UnixError err)
175 {
176 int error = err.unixError();
177 Syslog::error("SecTranslocate: got unix error[ %d : %s ] while trying to cleanup translocation points.",error, strerror(error));
178 }
179 catch (...)
180 {
181 Syslog::error("SecTranslocate: unknown error while trying to cleanup translocation points.");
182 }
183 });
184
185 dispatch_resume(cleanupTimer);
186 }
187
188 } //namespace SecTranslocate
189 } //namespace SecTranslocate
mirror of Security