--- /dev/null
+/*
+ * Copyright (c) 2007-2009 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include <mach/mach.h>
+#include <mach/message.h>
+#include <mach/mach_error.h>
+#include <servers/bootstrap.h>
+
+#include <pthread.h>
+#include <stdbool.h>
+#include <sys/queue.h>
+
+#include <CoreFoundation/CoreFoundation.h>
+#include <Security/SecItem.h>
+#include <Security/SecBasePriv.h>
+#include <Security/SecInternal.h>
+
+#include <security_utilities/debugging.h>
+#include "securityd_client.h"
+#include "securityd_req.h"
+
+#if NO_SERVER
+#define CHECK_ENTITLEMENTS 0
+#else
+#define CHECK_ENTITLEMENTS 1
+#endif
+
+struct securityd *gSecurityd;
+
+/* XXX Not thread safe right now. */
+static CFArrayRef gAccessGroups = NULL;
+
+CFArrayRef SecAccessGroupsGetCurrent(void) {
+#if !CHECK_ENTITLEMENTS
+ if (!gAccessGroups) {
+ /* Initialize gAccessGroups for tests. */
+ const void *agrps[] = {
+ CFSTR("test"),
+#if 1
+ CFSTR("apple"),
+ CFSTR("lockdown-identities"),
+#else
+ CFSTR("*"),
+#endif
+ };
+ gAccessGroups = CFArrayCreate(NULL, agrps,
+ sizeof(agrps) / sizeof(*agrps), &kCFTypeArrayCallBacks);
+ }
+#endif
+ return gAccessGroups;
+}
+
+void SecAccessGroupsSetCurrent(CFArrayRef accessGroups) {
+ if (accessGroups)
+ CFRetain(accessGroups);
+ CFReleaseSafe(gAccessGroups);
+ gAccessGroups = accessGroups;
+}
+
+static mach_port_t securityd_port = MACH_PORT_NULL;
+static pthread_once_t init_once = PTHREAD_ONCE_INIT;
+static pthread_key_t port_key;
+
+static CFStringRef kSecRunLoopModeRef = CFSTR("com.apple.securityd.runloop");
+
+struct request {
+ uint32_t seq_no;
+ uint32_t msgid;
+ SLIST_ENTRY(request) next;
+ int32_t rcode;
+ void *data;
+ size_t length;
+ volatile bool done;
+};
+
+typedef struct per_thread {
+ SLIST_HEAD(request_head, request) head;;
+ CFMachPortRef port;
+ uint32_t seq_no;
+ mach_msg_id_t notification; /* XXX for stacked requests, notifications
+ need to be matched up with seq_nos such
+ that only failed requests error out/retry */
+} *per_thread_t;
+
+
+static void destroy_per_thread(void *ex)
+{
+ per_thread_t pt = (per_thread_t)ex;
+ CFMachPortInvalidate(pt->port);
+ CFRelease(pt->port);
+ free(pt);
+}
+
+static void securityd_port_reset(void)
+{
+ pthread_once_t temp = PTHREAD_ONCE_INIT;
+ init_once = temp;
+ securityd_port = MACH_PORT_NULL;
+}
+
+static void securityd_port_lookup(void)
+{
+ kern_return_t ret;
+ mach_port_t bootstrap_lookup_port = MACH_PORT_NULL;
+
+ /* bootstrap_port is not initialized on embedded */
+ ret = task_get_bootstrap_port(mach_task_self(), &bootstrap_lookup_port);
+ if (ret != KERN_SUCCESS) {
+ secdebug("client", "task_get_bootstrap_port(): 0x%x: %s\n", ret, mach_error_string(ret));
+ }
+
+ ret = bootstrap_look_up(bootstrap_lookup_port,
+ SECURITYSERVER_BOOTSTRAP_NAME,
+ &securityd_port);
+ if (ret != KERN_SUCCESS) {
+ secdebug("client", "bootstrap_look_up(): 0x%x: %s\n", ret, mach_error_string(ret));
+ }
+
+ pthread_key_create(&port_key, destroy_per_thread);
+
+ int err = pthread_atfork(NULL, NULL, securityd_port_reset);
+ if (err) {
+ secdebug("client", "pthread_atfork(): %d: %s\n", errno, strerror(errno));
+ }
+}
+
+union max_msg_size_union {
+ union __RequestUnion__securityd_client_securityd_request_subsystem request;
+};
+
+static uint8_t reply_buffer[sizeof(union max_msg_size_union) + MAX_TRAILER_SIZE];
+
+static boolean_t maybe_notification(mach_msg_header_t *request)
+{
+ mach_no_senders_notification_t * notify = (mach_no_senders_notification_t *)request;
+ if ((notify->not_header.msgh_id > MACH_NOTIFY_LAST) ||
+ (notify->not_header.msgh_id < MACH_NOTIFY_FIRST))
+ return false; /* if this is not a notification message */
+
+ per_thread_t pt = (per_thread_t)pthread_getspecific(port_key);
+ assert(pt);
+ mach_msg_id_t notification_id = notify->not_header.msgh_id;
+
+ switch(notification_id) {
+ case MACH_NOTIFY_SEND_ONCE:
+ /* our send-once right for a reply died in the hands of another */
+ pt->notification = notification_id;
+ CFRunLoopStop(CFRunLoopGetCurrent());
+ break;
+ default:
+ secdebug("client", "unexpected notification %d", pt->notification);
+ break;
+ }
+ return true;
+}
+
+extern boolean_t securityd_reply_server
+(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP);
+
+static void cfmachport_callback(CFMachPortRef port, void *msg, CFIndex size, void *info)
+{
+ if (!maybe_notification((mach_msg_header_t *)msg))
+ securityd_reply_server(msg, (mach_msg_header_t *)reply_buffer);
+}
+
+static int32_t send_receive(uint32_t msg_id, const void *data_in, size_t length_in,
+ void **data_out, size_t *length_out)
+{
+ pthread_once(&init_once, securityd_port_lookup);
+
+ CFRunLoopRef rl = CFRunLoopGetCurrent();
+
+ per_thread_t pt = (per_thread_t)pthread_getspecific(port_key);
+ if (!pt) {
+ pt = calloc(1, sizeof(*pt));
+ SLIST_INIT(&pt->head);
+ pt->port = CFMachPortCreate (NULL, cfmachport_callback, NULL, false);
+ CFRunLoopSourceRef source = CFMachPortCreateRunLoopSource(NULL, pt->port, 0/*order*/);
+ CFRunLoopAddSource(rl, source, kSecRunLoopModeRef);
+ CFRelease(source);
+ pthread_setspecific(port_key, pt);
+ }
+
+ struct request req = { pt->seq_no++, msg_id, };
+ SLIST_INSERT_HEAD(&pt->head, &req, next);
+
+ int retries = 1;
+ kern_return_t ret;
+ do {
+ /* 64 bits cast: worst case here is the client send a truncated query, which the server will reject */
+ /* Debug check: The size of the request is of type natural_t.
+ The following is correct as long as natural_t is unsigned int */
+ assert(length_in<=UINT_MAX);
+ ret = securityd_client_request(securityd_port,
+ CFMachPortGetPort(pt->port), req.seq_no, msg_id,
+ (void *)data_in, (unsigned int) length_in);
+ secdebug("client", "securityd_client_request %d sent, retry %d, result %d\n",
+ req.seq_no, retries, ret);
+
+ if (!ret) {
+ pt->notification = 0;
+ while (!pt->notification && !req.done) {
+ CFRunLoopRunInMode(kSecRunLoopModeRef, 10000, true);
+ secdebug("client", "return from runloop, notification %d, request %d %sdone\n",
+ pt->notification, req.seq_no, !req.done ? "not " : "");
+ }
+ } else {
+ secdebug("client", "failed to send request to securityd (err=%d).", ret);
+ }
+
+ } while ((ret || pt->notification) && retries--);
+
+ SLIST_REMOVE_HEAD(&pt->head, next);
+
+ struct request *next_head = SLIST_FIRST(&pt->head);
+ if (next_head) {
+ /* stop runloop if "new head" is also already done */
+ if (pt->notification || next_head->done)
+ CFRunLoopStop(rl);
+ }
+
+ if (req.done) {
+ if (data_out)
+ *data_out = req.data;
+ if (length_out)
+ *length_out = req.length;
+ return req.rcode;
+ }
+
+ return errSecNotAvailable;
+}
+
+kern_return_t securityd_server_reply(mach_port_t receiver,
+ uint32_t seq_no, int32_t rcode,
+ uint8_t *msg_data, mach_msg_type_number_t msg_length);
+
+kern_return_t securityd_server_reply(mach_port_t receiver,
+ uint32_t seq_no, int32_t rcode,
+ uint8_t *msg_data, mach_msg_type_number_t msg_length)
+{
+ secdebug("client", "reply from port %d request_id %d data(%d,%p)\n",
+ receiver, seq_no, msg_length, msg_data);
+ per_thread_t pt = (per_thread_t)pthread_getspecific(port_key);
+ assert(pt);
+ struct request *req;
+ SLIST_FOREACH(req, &pt->head, next) {
+ if (req->seq_no == seq_no) {
+ req->rcode = rcode;
+ if (msg_length && msg_data) {
+ req->data = malloc(msg_length);
+ if (req->data) {
+ req->length = msg_length;
+ memcpy(req->data, msg_data, msg_length);
+ } else
+ req->length = 0;
+ }
+ req->done = true;
+ /* if multiple requests were queued during nested invocations
+ we wait until the last one inserted which is the deepest
+ nested one is done */
+ if (req == SLIST_FIRST(&pt->head))
+ CFRunLoopStop(CFRunLoopGetCurrent());
+ break;
+ }
+ }
+ return 0;
+}
+
+OSStatus ServerCommandSendReceive(uint32_t id, CFTypeRef in, CFTypeRef *out)
+{
+ CFDataRef data_in = NULL, data_out = NULL;
+ void *bytes_out = NULL; size_t length_out = 0;
+
+ if (in) {
+#ifndef NDEBUG
+ CFDataRef query_debug = CFPropertyListCreateXMLData(kCFAllocatorDefault, in);
+ if (query_debug) {
+ secdebug("client", "securityd query: %.*s\n",
+ CFDataGetLength(query_debug), CFDataGetBytePtr(query_debug));
+ CFReleaseSafe(query_debug);
+ }
+#endif
+ CFErrorRef error = NULL;
+ data_in = CFPropertyListCreateData(kCFAllocatorDefault, in,
+ kCFPropertyListBinaryFormat_v1_0,
+ 0, &error);
+ if (!data_in) {
+ secdebug("client", "failed to encode query: %@", error);
+ CFReleaseSafe(error);
+ return errSecItemIllegalQuery;
+ }
+ }
+
+ OSStatus status = send_receive(id, data_in ? CFDataGetBytePtr(data_in) : NULL,
+ data_in ? CFDataGetLength(data_in) : 0, &bytes_out, &length_out);
+ if (data_in) CFRelease(data_in);
+
+ if (bytes_out && length_out) {
+ data_out = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, bytes_out, length_out, kCFAllocatorMalloc);
+ if (out)
+ *out = CFPropertyListCreateFromXMLData(kCFAllocatorDefault, data_out, kCFPropertyListImmutable, NULL);
+ CFRelease(data_out);
+ }
+ else
+ if (!status && out)
+ *out = NULL;
+
+ return status;
+}
+
+/* vi:set ts=4 sw=4 et: */
projects / apple / security.git / blobdiff