2 * Copyright (c) 2007-2009,2012-2015 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 #include <sys/queue.h>
27 #include <vproc_priv.h>
29 #include <CoreFoundation/CoreFoundation.h>
30 #include <Security/SecItem.h>
31 #include <Security/SecBasePriv.h>
32 #include <Security/SecInternal.h>
33 #include <Security/SecuritydXPC.h>
34 #include <Security/SecTask.h>
35 #include <Security/SecItemPriv.h>
37 #include <utilities/debugging.h>
38 #include <utilities/SecCFError.h>
39 #include <utilities/SecXPCError.h>
40 #include <utilities/SecCFWrappers.h>
41 #include <utilities/SecDispatchRelease.h>
42 #include <utilities/SecDb.h> // TODO Fixme this gets us SecError().
43 #include <ipc/securityd_client.h>
45 struct securityd
*gSecurityd
;
51 /* Hardcoded Access Groups for the server itself */
52 static CFArrayRef
SecServerCopyAccessGroups(void) {
53 return CFArrayCreateForCFTypes(kCFAllocatorDefault
,
57 CFSTR("lockdown-identities"),
58 CFSTR("123456.test.group"),
59 CFSTR("123456.test.group2"),
63 CFSTR("com.apple.security.sos"),
64 CFSTR("com.apple.sbd"),
65 CFSTR("com.apple.lakitu"),
66 kSecAttrAccessGroupToken
,
70 static SecurityClient gClient
;
74 SecSecuritySetMusrMode(bool mode
, uid_t uid
, int activeUser
)
76 gClient
.inMultiUser
= mode
;
78 gClient
.activeUser
= activeUser
;
83 SecSecurityClientGet(void)
85 static dispatch_once_t onceToken
;
86 dispatch_once(&onceToken
, ^{
88 gClient
.accessGroups
= SecServerCopyAccessGroups();
89 gClient
.allowSystemKeychain
= true;
90 gClient
.allowSyncBubbleKeychain
= true;
91 gClient
.isNetworkExtension
= false;
93 gClient
.inMultiUser
= false;
94 gClient
.activeUser
= 501;
100 CFArrayRef
SecAccessGroupsGetCurrent(void) {
101 SecurityClient
*client
= SecSecurityClientGet();
102 assert(client
&& client
->accessGroups
);
103 return client
->accessGroups
;
107 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups
);
108 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups
) {
109 // Not thread safe at all, but OK because it is meant to be used only by tests.
110 gClient
.accessGroups
= accessGroups
;
113 #if !TARGET_OS_IPHONE
114 static bool securityd_in_system_context(void) {
115 static bool runningInSystemContext
;
116 static dispatch_once_t onceToken
;
117 dispatch_once(&onceToken
, ^{
118 runningInSystemContext
= (getuid() == 0);
119 if (!runningInSystemContext
) {
121 if (vproc_swap_string(NULL
, VPROC_GSK_MGR_NAME
, NULL
, &manager
) == NULL
) {
122 runningInSystemContext
= (!strcmp(manager
, VPROCMGR_SESSION_SYSTEM
) ||
123 !strcmp(manager
, VPROCMGR_SESSION_LOGINWINDOW
));
128 return runningInSystemContext
;
132 static const char *securityd_service_name(void) {
133 return kSecuritydXPCServiceName
;
136 static xpc_connection_t
securityd_create_connection(const char *name
, uint64_t flags
) {
137 const char *serviceName
= name
;
139 serviceName
= securityd_service_name();
141 xpc_connection_t connection
;
142 connection
= xpc_connection_create_mach_service(serviceName
, NULL
, flags
);
143 xpc_connection_set_event_handler(connection
, ^(xpc_object_t event
) {
144 const char *description
= xpc_dictionary_get_string(event
, XPC_ERROR_KEY_DESCRIPTION
);
145 secnotice("xpc", "got event: %s", description
);
147 xpc_connection_resume(connection
);
151 static xpc_connection_t sSecuritydConnection
;
152 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR))
153 static xpc_connection_t sTrustdConnection
;
156 static xpc_connection_t
securityd_connection(void) {
157 static dispatch_once_t once
;
158 dispatch_once(&once
, ^{
159 sSecuritydConnection
= securityd_create_connection(kSecuritydXPCServiceName
, 0);
161 return sSecuritydConnection
;
164 static xpc_connection_t
trustd_connection(void) {
165 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR))
166 static dispatch_once_t once
;
167 dispatch_once(&once
, ^{
168 bool sysCtx
= securityd_in_system_context();
169 uint64_t flags
= (sysCtx
) ? XPC_CONNECTION_MACH_SERVICE_PRIVILEGED
: 0;
170 const char *serviceName
= (sysCtx
) ? kTrustdXPCServiceName
: kTrustdAgentXPCServiceName
;
171 sTrustdConnection
= securityd_create_connection(serviceName
, flags
);
173 return sTrustdConnection
;
175 // on iOS all operations are still handled by securityd
176 return securityd_connection();
180 static bool is_trust_operation(enum SecXPCOperation op
) {
182 case sec_trust_store_contains_id
:
183 case sec_trust_store_set_trust_settings_id
:
184 case sec_trust_store_remove_certificate_id
:
185 case sec_trust_evaluate_id
:
186 case sec_trust_store_copy_all_id
:
187 case sec_trust_store_copy_usage_constraints_id
:
195 static xpc_connection_t
securityd_connection_for_operation(enum SecXPCOperation op
) {
196 bool isTrustOp
= is_trust_operation(op
);
197 #if SECTRUST_VERBOSE_DEBUG
199 bool sysCtx
= securityd_in_system_context();
200 const char *serviceName
= (sysCtx
) ? kTrustdXPCServiceName
: kTrustdAgentXPCServiceName
;
201 syslog(LOG_ERR
, "Will connect to: %s (op=%d)",
202 (isTrustOp
) ? serviceName
: kSecuritydXPCServiceName
, (int)op
);
205 return (isTrustOp
) ? trustd_connection() : securityd_connection();
208 // NOTE: This is not thread safe, but this SPI is for testing only.
209 void SecServerSetMachServiceName(const char *name
) {
210 // Make sure sSecXPCServer.queue exists.
211 securityd_connection();
213 xpc_connection_t oldConection
= sSecuritydConnection
;
214 sSecuritydConnection
= securityd_create_connection(name
, 0);
216 xpc_release(oldConection
);
220 securityd_message_with_reply_sync(xpc_object_t message
, CFErrorRef
*error
)
222 xpc_object_t reply
= NULL
;
223 uint64_t operation
= xpc_dictionary_get_uint64(message
, kSecXPCKeyOperation
);
224 xpc_connection_t connection
= securityd_connection_for_operation((enum SecXPCOperation
)operation
);
226 const int max_tries
= 4; // Per <rdar://problem/17829836> N61/12A342: Audio Playback... for why this needs to be at least 3, so we made it 4.
228 unsigned int tries_left
= max_tries
;
230 if (reply
) xpc_release(reply
);
231 reply
= xpc_connection_send_message_with_reply_sync(connection
, message
);
232 } while (reply
== XPC_ERROR_CONNECTION_INTERRUPTED
&& --tries_left
> 0);
234 if (xpc_get_type(reply
) == XPC_TYPE_ERROR
) {
236 if (reply
== XPC_ERROR_CONNECTION_INTERRUPTED
|| reply
== XPC_ERROR_CONNECTION_INVALID
) {
237 code
= kSecXPCErrorConnectionFailed
;
239 seccritical("Failed to talk to %s after %d attempts.", "securityd",
242 seccritical("Failed to talk to %s after %d attempts.",
243 (is_trust_operation((enum SecXPCOperation
)operation
)) ? "trustd" : "secd",
246 } else if (reply
== XPC_ERROR_TERMINATION_IMMINENT
)
247 code
= kSecXPCErrorUnknown
;
249 code
= kSecXPCErrorUnknown
;
251 char *conn_desc
= xpc_copy_description(connection
);
252 const char *description
= xpc_dictionary_get_string(reply
, XPC_ERROR_KEY_DESCRIPTION
);
253 SecCFCreateErrorWithFormat(code
, sSecXPCErrorDomain
, NULL
, error
, NULL
, CFSTR("%s: %s"), conn_desc
, description
);
262 xpc_object_t
securityd_create_message(enum SecXPCOperation op
, CFErrorRef
* error
)
264 xpc_object_t message
= xpc_dictionary_create(NULL
, NULL
, 0);
266 xpc_dictionary_set_uint64(message
, kSecXPCKeyOperation
, op
);
268 SecCFCreateError(kSecXPCErrorConnectionFailed
, sSecXPCErrorDomain
,
269 CFSTR("xpc_dictionary_create returned NULL"), NULL
, error
);
274 // Return true if there is no error in message, return false and set *error if there is.
275 bool securityd_message_no_error(xpc_object_t message
, CFErrorRef
*error
) {
276 xpc_object_t xpc_error
= xpc_dictionary_get_value(message
, kSecXPCKeyError
);
277 if (xpc_error
== NULL
)
281 *error
= SecCreateCFErrorWithXPCObject(xpc_error
);
286 bool securityd_send_sync_and_do(enum SecXPCOperation op
, CFErrorRef
*error
,
287 bool (^add_to_message
)(xpc_object_t message
, CFErrorRef
* error
),
288 bool (^handle_response
)(xpc_object_t response
, CFErrorRef
* error
)) {
289 xpc_object_t message
= securityd_create_message(op
, error
);
292 if (!add_to_message
|| add_to_message(message
, error
)) {
293 xpc_object_t response
= securityd_message_with_reply_sync(message
, error
);
295 if (securityd_message_no_error(response
, error
)) {
296 ok
= (!handle_response
|| handle_response(response
, error
));
298 xpc_release(response
);
301 xpc_release(message
);
309 _SecSecuritydCopyWhoAmI(CFErrorRef
*error
)
311 CFDictionaryRef reply
= NULL
;
312 xpc_object_t message
= securityd_create_message(kSecXPCOpWhoAmI
, error
);
314 xpc_object_t response
= securityd_message_with_reply_sync(message
, error
);
316 reply
= _CFXPCCreateCFObjectFromXPCObject(response
);
317 xpc_release(response
);
319 securityd_message_no_error(response
, error
);
321 xpc_release(message
);
327 _SecSyncBubbleTransfer(CFArrayRef services
, uid_t uid
, CFErrorRef
*error
)
329 xpc_object_t message
;
332 message
= securityd_create_message(kSecXPCOpTransmogrifyToSyncBubble
, error
);
334 xpc_dictionary_set_int64(message
, "uid", uid
);
335 if (SecXPCDictionarySetPList(message
, "services", services
, error
)) {
336 xpc_object_t response
= securityd_message_with_reply_sync(message
, error
);
338 reply
= xpc_dictionary_get_bool(response
, kSecXPCKeyResult
);
340 securityd_message_no_error(response
, error
);
341 xpc_release(response
);
343 xpc_release(message
);
350 _SecSystemKeychainTransfer(CFErrorRef
*error
)
352 xpc_object_t message
;
355 message
= securityd_create_message(kSecXPCOpTransmogrifyToSystemKeychain
, error
);
357 xpc_object_t response
= securityd_message_with_reply_sync(message
, error
);
359 reply
= xpc_dictionary_get_bool(response
, kSecXPCKeyResult
);
361 securityd_message_no_error(response
, error
);
362 xpc_release(response
);
364 xpc_release(message
);
370 _SecSyncDeleteUserViews(uid_t uid
, CFErrorRef
*error
)
372 xpc_object_t message
;
375 message
= securityd_create_message(kSecXPCOpDeleteUserView
, error
);
377 xpc_dictionary_set_int64(message
, "uid", uid
);
379 xpc_object_t response
= securityd_message_with_reply_sync(message
, error
);
381 reply
= xpc_dictionary_get_bool(response
, kSecXPCKeyResult
);
383 securityd_message_no_error(response
, error
);
384 xpc_release(response
);
386 xpc_release(message
);
393 /* vi:set ts=4 sw=4 et: */