+/*
+ * Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// csgeneric - generic Code representative
+//
+#include "csgeneric.h"
+#include "cs.h"
+#include "StaticCode.h"
+#include <securityd_client/cshosting.h>
+#include <sys/param.h>
+
+namespace Security {
+namespace CodeSigning {
+
+using MachPlusPlus::Port;
+
+
+//
+// Common call-out code for cshosting RPC service
+//
+#define CALL(host, name, args...) \
+ OSStatus result; \
+ if (cshosting_client_ ## name (host, mig_get_reply_port(), &result, args)) \
+ MacOSError::throwMe(errSecCSNotAHost); \
+ MacOSError::check(result);
+
+
+//
+// Construct a running process representation
+//
+GenericCode::GenericCode(SecCode *host, SecGuestRef guestRef)
+ : SecCode(host), mGuestRef(guestRef)
+{
+}
+
+
+//
+// Identify a guest by attribute set, and return a new GenericCode representing it.
+// This uses cshosting RPCs to ask the host (or its proxy).
+//
+SecCode *GenericCode::locateGuest(CFDictionaryRef attributes)
+{
+ if (Port host = hostingPort()) {
+ CFRef<CFDataRef> attrData;
+ void *attrPtr = NULL; size_t attrLength = 0;
+ if (attributes) {
+ attrData.take(CFPropertyListCreateXMLData(NULL, attributes));
+ attrPtr = (void *)CFDataGetBytePtr(attrData);
+ attrLength = CFDataGetLength(attrData);
+ }
+ GuestChain guestPath;
+ mach_msg_type_number_t guestPathLength;
+ mach_port_t subport;
+ CALL(host, findGuest, guestRef(), attrPtr, attrLength,
+ &guestPath, &guestPathLength, &subport);
+ CODESIGN_GUEST_LOCATE_GENERIC(this, guestPath, guestPathLength, subport);
+ SecPointer<SecCode> code = this;
+ for (unsigned n = 0; n < guestPathLength; n++)
+ code = new GenericCode(code, guestPath[n]);
+ return code.yield();
+ } else
+ return NULL; // not found, no error
+}
+
+
+//
+// Identify a guest by returning its StaticCode and running CodeDirectory hash.
+// This uses cshosting RPCs to ask the host (or its proxy).
+//
+SecStaticCode *GenericCode::identifyGuest(SecCode *guest, CFDataRef *cdhashOut)
+{
+ if (GenericCode *iguest = dynamic_cast<GenericCode *>(guest)) {
+ FilePathOut path;
+ CFRef<CFDataRef> cdhash;
+ CFDictionary attributes(errSecCSHostProtocolInvalidAttribute);
+ identifyGuest(iguest->guestRef(), path, cdhash.aref(), attributes.aref());
+ DiskRep::Context ctx;
+ if (CFNumberRef architecture = attributes.get<CFNumberRef>(kSecGuestAttributeArchitecture)) {
+ cpu_type_t cpu = cfNumber<cpu_type_t>(architecture);
+ if (CFNumberRef subarchitecture = attributes.get<CFNumberRef>(kSecGuestAttributeSubarchitecture))
+ ctx.arch = Architecture(cpu, cfNumber<cpu_subtype_t>(subarchitecture));
+ else
+ ctx.arch = Architecture(cpu);
+ }
+ SecPointer<GenericStaticCode> code = new GenericStaticCode(DiskRep::bestGuess(path, &ctx));
+ CODESIGN_GUEST_IDENTIFY_GENERIC(iguest, iguest->guestRef(), code);
+ if (cdhash) {
+ CODESIGN_GUEST_CDHASH_GENERIC(iguest, (void *)CFDataGetBytePtr(cdhash), CFDataGetLength(cdhash));
+ *cdhashOut = cdhash.yield();
+ }
+ return code.yield();
+ } else
+ MacOSError::throwMe(errSecCSNotAHost);
+}
+
+// helper to drive the identifyGuest hosting IPC and return results as CF objects
+void GenericCode::identifyGuest(SecGuestRef guest, char *path, CFDataRef &cdhash, CFDictionaryRef &attributes)
+{
+ if (Port host = hostingPort()) {
+ HashDataOut hash;
+ uint32_t hashLength;
+ XMLBlobOut attr;
+ uint32_t attrLength;
+ CALL(host, identifyGuest, guest, path, hash, &hashLength, &attr, &attrLength);
+ if (hashLength)
+ cdhash = makeCFData(hash, hashLength);
+ if (attrLength) {
+ CFRef<CFDataRef> attrData = makeCFData(attr, attrLength);
+ attributes = makeCFDictionaryFrom(attrData);
+#if ROSETTA_TEST_HACK
+ CFMutableDictionaryRef hattr = makeCFMutableDictionary(attributes);
+ CFDictionaryAddValue(hattr, kSecGuestAttributeArchitecture, CFTempNumber(CPU_TYPE_POWERPC));
+ CFRelease(attributes);
+ attributes = hattr;
+#endif
+ }
+ } else
+ MacOSError::throwMe(errSecCSNotAHost);
+}
+
+
+//
+// Get the Code Signing Status Word for a Code.
+// This uses cshosting RPCs to ask the host (or its proxy).
+//
+SecCodeStatus GenericCode::getGuestStatus(SecCode *guest)
+{
+ if (Port host = hostingPort()) {
+ uint32_t status;
+ CALL(host, guestStatus, safe_cast<GenericCode *>(guest)->guestRef(), &status);
+ return status;
+ } else
+ MacOSError::throwMe(errSecCSNotAHost);
+}
+
+
+//
+// Status changes are transmitted through the cshosting RPCs.
+//
+void GenericCode::changeGuestStatus(SecCode *iguest, SecCodeStatusOperation operation, CFDictionaryRef arguments)
+{
+ if (/* GenericCode *guest = */dynamic_cast<GenericCode *>(iguest))
+ switch (operation) {
+ case kSecCodeOperationNull:
+ break;
+ case kSecCodeOperationInvalidate:
+ case kSecCodeOperationSetHard:
+ case kSecCodeOperationSetKill:
+ MacOSError::throwMe(errSecCSUnimplemented);
+ break;
+ default:
+ MacOSError::throwMe(errSecCSUnimplemented);
+ }
+ else
+ MacOSError::throwMe(errSecCSNoSuchCode);
+}
+
+
+//
+// Return the Hosting Port for this Code.
+// May return MACH_PORT_NULL if the code is not a code host.
+// Throws if we can't get the hosting port for some reason (and can't positively
+// determine that there is none).
+//
+// Note that we do NOT cache negative outcomes. Being a host is a dynamic property,
+// and this Code may not have commenced hosting operations yet. For non- (or not-yet-)hosts
+// we simply return NULL.
+//
+Port GenericCode::hostingPort()
+{
+ if (!mHostingPort) {
+ if (staticCode()->codeDirectory()->flags & kSecCodeSignatureHost) {
+ mHostingPort = getHostingPort();
+ CODESIGN_GUEST_HOSTINGPORT(this, mHostingPort);
+ }
+ }
+ return mHostingPort;
+}
+
+
+//
+// A pure GenericHost has no idea where to get a hosting port from.
+// This method must be overridden to get one.
+// However, we do handle a contiguous chain of GenericCodes by deferring
+// to our next-higher host for it.
+//
+mach_port_t GenericCode::getHostingPort()
+{
+ if (GenericCode *genericHost = dynamic_cast<GenericCode *>(host()))
+ return genericHost->getHostingPort();
+ else
+ MacOSError::throwMe(errSecCSNotAHost);
+}
+
+
+} // CodeSigning
+} // Security
projects / apple / security.git / blobdiff