]> git.saurik.com Git - apple/security.git/blob - OSX/sec/ipc/client.c
Security-57740.1.18.tar.gz
[apple/security.git] / OSX / sec / ipc / client.c
1 /*
2 * Copyright (c) 2007-2009,2012-2015 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include <stdbool.h>
25 #include <sys/queue.h>
26 #include <syslog.h>
27 #include <vproc_priv.h>
28
29 #include <CoreFoundation/CoreFoundation.h>
30 #include <Security/SecItem.h>
31 #include <Security/SecBasePriv.h>
32 #include <Security/SecInternal.h>
33 #include <Security/SecuritydXPC.h>
34 #include <Security/SecTask.h>
35 #include <Security/SecItemPriv.h>
36
37 #include <utilities/debugging.h>
38 #include <utilities/SecCFError.h>
39 #include <utilities/SecXPCError.h>
40 #include <utilities/SecCFWrappers.h>
41 #include <utilities/SecDispatchRelease.h>
42 #include <utilities/SecDb.h> // TODO Fixme this gets us SecError().
43 #include <ipc/securityd_client.h>
44
45 struct securityd *gSecurityd;
46
47 //
48 // MARK: XPC IPC.
49 //
50
51 /* Hardcoded Access Groups for the server itself */
52 static CFArrayRef SecServerCopyAccessGroups(void) {
53 return CFArrayCreateForCFTypes(kCFAllocatorDefault,
54 #if NO_SERVER
55 CFSTR("test"),
56 CFSTR("apple"),
57 CFSTR("lockdown-identities"),
58 CFSTR("123456.test.group"),
59 CFSTR("123456.test.group2"),
60 #else
61 CFSTR("sync"),
62 #endif
63 CFSTR("com.apple.security.sos"),
64 CFSTR("com.apple.sbd"),
65 CFSTR("com.apple.lakitu"),
66 kSecAttrAccessGroupToken,
67 NULL);
68 }
69
70 static SecurityClient gClient;
71
72 #if TARGET_OS_IOS
73 void
74 SecSecuritySetMusrMode(bool mode, uid_t uid, int activeUser)
75 {
76 gClient.inMultiUser = mode;
77 gClient.uid = uid;
78 gClient.activeUser = activeUser;
79 }
80 #endif
81
82 SecurityClient *
83 SecSecurityClientGet(void)
84 {
85 static dispatch_once_t onceToken;
86 dispatch_once(&onceToken, ^{
87 gClient.task = NULL,
88 gClient.accessGroups = SecServerCopyAccessGroups();
89 gClient.allowSystemKeychain = true;
90 gClient.allowSyncBubbleKeychain = true;
91 gClient.isNetworkExtension = false;
92 #if TARGET_OS_IPHONE
93 gClient.inMultiUser = false;
94 gClient.activeUser = 501;
95 #endif
96 });
97 return &gClient;
98 }
99
100 CFArrayRef SecAccessGroupsGetCurrent(void) {
101 SecurityClient *client = SecSecurityClientGet();
102 assert(client && client->accessGroups);
103 return client->accessGroups;
104 }
105
106 // Only for testing.
107 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups);
108 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups) {
109 // Not thread safe at all, but OK because it is meant to be used only by tests.
110 gClient.accessGroups = accessGroups;
111 }
112
113 #if !TARGET_OS_IPHONE
114 static bool securityd_in_system_context(void) {
115 static bool runningInSystemContext;
116 static dispatch_once_t onceToken;
117 dispatch_once(&onceToken, ^{
118 runningInSystemContext = (getuid() == 0);
119 if (!runningInSystemContext) {
120 char *manager;
121 if (vproc_swap_string(NULL, VPROC_GSK_MGR_NAME, NULL, &manager) == NULL) {
122 runningInSystemContext = (!strcmp(manager, VPROCMGR_SESSION_SYSTEM) ||
123 !strcmp(manager, VPROCMGR_SESSION_LOGINWINDOW));
124 free(manager);
125 }
126 }
127 });
128 return runningInSystemContext;
129 }
130 #endif
131
132 static const char *securityd_service_name(void) {
133 return kSecuritydXPCServiceName;
134 }
135
136 static xpc_connection_t securityd_create_connection(const char *name, uint64_t flags) {
137 const char *serviceName = name;
138 if (!serviceName) {
139 serviceName = securityd_service_name();
140 }
141 xpc_connection_t connection;
142 connection = xpc_connection_create_mach_service(serviceName, NULL, flags);
143 xpc_connection_set_event_handler(connection, ^(xpc_object_t event) {
144 const char *description = xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION);
145 secnotice("xpc", "got event: %s", description);
146 });
147 xpc_connection_resume(connection);
148 return connection;
149 }
150
151 static xpc_connection_t sSecuritydConnection;
152 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR))
153 static xpc_connection_t sTrustdConnection;
154 #endif
155
156 static xpc_connection_t securityd_connection(void) {
157 static dispatch_once_t once;
158 dispatch_once(&once, ^{
159 sSecuritydConnection = securityd_create_connection(kSecuritydXPCServiceName, 0);
160 });
161 return sSecuritydConnection;
162 }
163
164 static xpc_connection_t trustd_connection(void) {
165 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE || TARGET_IPHONE_SIMULATOR))
166 static dispatch_once_t once;
167 dispatch_once(&once, ^{
168 bool sysCtx = securityd_in_system_context();
169 uint64_t flags = (sysCtx) ? XPC_CONNECTION_MACH_SERVICE_PRIVILEGED : 0;
170 const char *serviceName = (sysCtx) ? kTrustdXPCServiceName : kTrustdAgentXPCServiceName;
171 sTrustdConnection = securityd_create_connection(serviceName, flags);
172 });
173 return sTrustdConnection;
174 #else
175 // on iOS all operations are still handled by securityd
176 return securityd_connection();
177 #endif
178 }
179
180 static bool is_trust_operation(enum SecXPCOperation op) {
181 switch (op) {
182 case sec_trust_store_contains_id:
183 case sec_trust_store_set_trust_settings_id:
184 case sec_trust_store_remove_certificate_id:
185 case sec_trust_evaluate_id:
186 case sec_trust_store_copy_all_id:
187 case sec_trust_store_copy_usage_constraints_id:
188 return true;
189 default:
190 break;
191 }
192 return false;
193 }
194
195 static xpc_connection_t securityd_connection_for_operation(enum SecXPCOperation op) {
196 bool isTrustOp = is_trust_operation(op);
197 #if SECTRUST_VERBOSE_DEBUG
198 {
199 bool sysCtx = securityd_in_system_context();
200 const char *serviceName = (sysCtx) ? kTrustdXPCServiceName : kTrustdAgentXPCServiceName;
201 syslog(LOG_ERR, "Will connect to: %s (op=%d)",
202 (isTrustOp) ? serviceName : kSecuritydXPCServiceName, (int)op);
203 }
204 #endif
205 return (isTrustOp) ? trustd_connection() : securityd_connection();
206 }
207
208 // NOTE: This is not thread safe, but this SPI is for testing only.
209 void SecServerSetMachServiceName(const char *name) {
210 // Make sure sSecXPCServer.queue exists.
211 securityd_connection();
212
213 xpc_connection_t oldConection = sSecuritydConnection;
214 sSecuritydConnection = securityd_create_connection(name, 0);
215 if (oldConection)
216 xpc_release(oldConection);
217 }
218
219 xpc_object_t
220 securityd_message_with_reply_sync(xpc_object_t message, CFErrorRef *error)
221 {
222 xpc_object_t reply = NULL;
223 uint64_t operation = xpc_dictionary_get_uint64(message, kSecXPCKeyOperation);
224 xpc_connection_t connection = securityd_connection_for_operation((enum SecXPCOperation)operation);
225
226 const int max_tries = 4; // Per <rdar://problem/17829836> N61/12A342: Audio Playback... for why this needs to be at least 3, so we made it 4.
227
228 unsigned int tries_left = max_tries;
229 do {
230 if (reply) xpc_release(reply);
231 reply = xpc_connection_send_message_with_reply_sync(connection, message);
232 } while (reply == XPC_ERROR_CONNECTION_INTERRUPTED && --tries_left > 0);
233
234 if (xpc_get_type(reply) == XPC_TYPE_ERROR) {
235 CFIndex code = 0;
236 if (reply == XPC_ERROR_CONNECTION_INTERRUPTED || reply == XPC_ERROR_CONNECTION_INVALID) {
237 code = kSecXPCErrorConnectionFailed;
238 #if TARGET_OS_IPHONE
239 seccritical("Failed to talk to %s after %d attempts.", "securityd",
240 max_tries);
241 #else
242 seccritical("Failed to talk to %s after %d attempts.",
243 (is_trust_operation((enum SecXPCOperation)operation)) ? "trustd" : "secd",
244 max_tries);
245 #endif
246 } else if (reply == XPC_ERROR_TERMINATION_IMMINENT)
247 code = kSecXPCErrorUnknown;
248 else
249 code = kSecXPCErrorUnknown;
250
251 char *conn_desc = xpc_copy_description(connection);
252 const char *description = xpc_dictionary_get_string(reply, XPC_ERROR_KEY_DESCRIPTION);
253 SecCFCreateErrorWithFormat(code, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("%s: %s"), conn_desc, description);
254 free(conn_desc);
255 xpc_release(reply);
256 reply = NULL;
257 }
258
259 return reply;
260 }
261
262 xpc_object_t securityd_create_message(enum SecXPCOperation op, CFErrorRef* error)
263 {
264 xpc_object_t message = xpc_dictionary_create(NULL, NULL, 0);
265 if (message) {
266 xpc_dictionary_set_uint64(message, kSecXPCKeyOperation, op);
267 } else {
268 SecCFCreateError(kSecXPCErrorConnectionFailed, sSecXPCErrorDomain,
269 CFSTR("xpc_dictionary_create returned NULL"), NULL, error);
270 }
271 return message;
272 }
273
274 // Return true if there is no error in message, return false and set *error if there is.
275 bool securityd_message_no_error(xpc_object_t message, CFErrorRef *error) {
276 xpc_object_t xpc_error = xpc_dictionary_get_value(message, kSecXPCKeyError);
277 if (xpc_error == NULL)
278 return true;
279
280 if (error) {
281 *error = SecCreateCFErrorWithXPCObject(xpc_error);
282 }
283 return false;
284 }
285
286 bool securityd_send_sync_and_do(enum SecXPCOperation op, CFErrorRef *error,
287 bool (^add_to_message)(xpc_object_t message, CFErrorRef* error),
288 bool (^handle_response)(xpc_object_t response, CFErrorRef* error)) {
289 xpc_object_t message = securityd_create_message(op, error);
290 bool ok = false;
291 if (message) {
292 if (!add_to_message || add_to_message(message, error)) {
293 xpc_object_t response = securityd_message_with_reply_sync(message, error);
294 if (response) {
295 if (securityd_message_no_error(response, error)) {
296 ok = (!handle_response || handle_response(response, error));
297 }
298 xpc_release(response);
299 }
300 }
301 xpc_release(message);
302 }
303
304 return ok;
305 }
306
307
308 CFDictionaryRef
309 _SecSecuritydCopyWhoAmI(CFErrorRef *error)
310 {
311 CFDictionaryRef reply = NULL;
312 xpc_object_t message = securityd_create_message(kSecXPCOpWhoAmI, error);
313 if (message) {
314 xpc_object_t response = securityd_message_with_reply_sync(message, error);
315 if (response) {
316 reply = _CFXPCCreateCFObjectFromXPCObject(response);
317 xpc_release(response);
318 } else {
319 securityd_message_no_error(response, error);
320 }
321 xpc_release(message);
322 }
323 return reply;
324 }
325
326 bool
327 _SecSyncBubbleTransfer(CFArrayRef services, uid_t uid, CFErrorRef *error)
328 {
329 xpc_object_t message;
330 bool reply = false;
331
332 message = securityd_create_message(kSecXPCOpTransmogrifyToSyncBubble, error);
333 if (message) {
334 xpc_dictionary_set_int64(message, "uid", uid);
335 if (SecXPCDictionarySetPList(message, "services", services, error)) {
336 xpc_object_t response = securityd_message_with_reply_sync(message, error);
337 if (response) {
338 reply = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
339 if (!reply)
340 securityd_message_no_error(response, error);
341 xpc_release(response);
342 }
343 xpc_release(message);
344 }
345 }
346 return reply;
347 }
348
349 bool
350 _SecSystemKeychainTransfer(CFErrorRef *error)
351 {
352 xpc_object_t message;
353 bool reply = false;
354
355 message = securityd_create_message(kSecXPCOpTransmogrifyToSystemKeychain, error);
356 if (message) {
357 xpc_object_t response = securityd_message_with_reply_sync(message, error);
358 if (response) {
359 reply = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
360 if (!reply)
361 securityd_message_no_error(response, error);
362 xpc_release(response);
363 }
364 xpc_release(message);
365 }
366 return reply;
367 }
368
369 bool
370 _SecSyncDeleteUserViews(uid_t uid, CFErrorRef *error)
371 {
372 xpc_object_t message;
373 bool reply = false;
374
375 message = securityd_create_message(kSecXPCOpDeleteUserView, error);
376 if (message) {
377 xpc_dictionary_set_int64(message, "uid", uid);
378
379 xpc_object_t response = securityd_message_with_reply_sync(message, error);
380 if (response) {
381 reply = xpc_dictionary_get_bool(response, kSecXPCKeyResult);
382 if (!reply)
383 securityd_message_no_error(response, error);
384 xpc_release(response);
385 }
386 xpc_release(message);
387 }
388 return reply;
389 }
390
391
392
393 /* vi:set ts=4 sw=4 et: */