Security-59306.61.1.tar.gz

[apple/security.git] / securityd / src / server.cpp
diff --git a/securityd/src/server.cpp b/securityd/src/server.cpp

index c7f0e26cf8ac671350608872a7c7d7720731df54..d510615c23aa803ccfaa7719c8604920ac5d3595 100644 (file)
--- a/securityd/src/server.cpp
+++ b/securityd/src/server.cpp
@@ -36,6 +36,7 @@
  #include "child.h"
  #include <mach/mach_error.h>
  #include <security_utilities/ccaudit.h>
  #include "child.h"
  #include <mach/mach_error.h>
  #include <security_utilities/ccaudit.h>
+#include <security_utilities/casts.h>
  #include "pcscmonitor.h"
  
  #include "agentquery.h"
  #include "pcscmonitor.h"
  
  #include "agentquery.h"
@@ -43,28 +44,14 @@
  
  using namespace MachPlusPlus;
  
  
  using namespace MachPlusPlus;
  
-//
-// Construct an Authority
-//
-Authority::Authority(const char *configFile)
-: Authorization::Engine(configFile)
-{
-}
-
-Authority::~Authority()
-{
-}
-
-
  //
  // Construct the server object
  //
  //
  // Construct the server object
  //
-Server::Server(Authority &authority, CodeSignatures &signatures, const char *bootstrapName)
+Server::Server(CodeSignatures &signatures, const char *bootstrapName)
    : MachServer(bootstrapName),
      mBootstrapName(bootstrapName),
      mCSPModule(gGuidAppleCSP, mCssm), mCSP(mCSPModule),
    : MachServer(bootstrapName),
      mBootstrapName(bootstrapName),
      mCSPModule(gGuidAppleCSP, mCssm), mCSP(mCSPModule),
-    mAuthority(authority),
-       mCodeSignatures(signatures), 
+       mCodeSignatures(signatures),
         mVerbosity(0),
         mWaitForClients(true), mShuttingDown(false)
  {
         mVerbosity(0),
         mWaitForClients(true), mShuttingDown(false)
  {
@@ -113,8 +100,10 @@ Connection &Server::connection(bool tolerant)
  
  void Server::requestComplete(CSSM_RETURN &rcode)
  {
  
  void Server::requestComplete(CSSM_RETURN &rcode)
  {
+    Server &server = active();
+    StLock<Mutex> lock(server);
         // note: there may not be an active connection if connection setup failed
         // note: there may not be an active connection if connection setup failed
-       if (RefPointer<Connection> &conn = active().mCurrentConnection()) {
+       if (RefPointer<Connection> &conn = server.mCurrentConnection()) {
                 conn->endWork(rcode);
                 conn = NULL;
         }
                 conn->endWork(rcode);
                 conn = NULL;
         }
@@ -190,8 +179,8 @@ void Server::run()
  //
  void Server::threadLimitReached(UInt32 limit)
  {
  //
  void Server::threadLimitReached(UInt32 limit)
  {
-       Syslog::notice("securityd has reached its thread limit (%ld) - service deadlock is possible",
-               limit);
+       Syslog::notice("securityd has reached its thread limit (%d) - service deadlock is possible",
+               (uint32_t) limit);
  }
  
  
  }
  
  
@@ -222,7 +211,7 @@ boolean_t Server::handle(mach_msg_header_t *in, mach_msg_header_t *out)
  void Server::setupConnection(ConnectLevel type, Port replyPort, Port taskPort,
      const audit_token_t &auditToken, const ClientSetupInfo *info)
  {
  void Server::setupConnection(ConnectLevel type, Port replyPort, Port taskPort,
      const audit_token_t &auditToken, const ClientSetupInfo *info)
  {
-       AuditToken audit(auditToken);
+       Security::CommonCriteria::AuditToken audit(auditToken);
         
         // first, make or find the process based on task port
         StLock<Mutex> _(*this);
         
         // first, make or find the process based on task port
         StLock<Mutex> _(*this);
@@ -252,23 +241,6 @@ void Server::setupConnection(ConnectLevel type, Port replyPort, Port taskPort,
         notifyIfDead(replyPort);
  }
  
         notifyIfDead(replyPort);
  }
  
-
-//
-// Synchronously end a Connection.
-// This is due to a request from the client, so no thread races are possible.
-// In practice, this is optional since the DPN for the client thread reply port
-// will destroy the connection anyway when the thread dies.
-//
-void Server::endConnection(Port replyPort)
-{
-       StLock<Mutex> _(*this);
-       PortMap<Connection>::iterator it = mConnections.find(replyPort);
-       assert(it != mConnections.end());
-       it->second->terminate();
-       mConnections.erase(it);
-}
-
-
  //
  // Handling dead-port notifications.
  // This receives DPNs for all kinds of ports we're interested in.
  //
  // Handling dead-port notifications.
  // This receives DPNs for all kinds of ports we're interested in.
@@ -280,23 +252,21 @@ void Server::notifyDeadName(Port port)
         // unbounded time, including calls out to token daemons etc.
         
         StLock<Mutex> serverLock(*this);
         // unbounded time, including calls out to token daemons etc.
         
         StLock<Mutex> serverLock(*this);
-       secdebug("SSports", "port %d is dead", port.port());
-    
+
      // is it a connection?
      PortMap<Connection>::iterator conIt = mConnections.find(port);
      if (conIt != mConnections.end()) {
      // is it a connection?
      PortMap<Connection>::iterator conIt = mConnections.find(port);
      if (conIt != mConnections.end()) {
-               SECURITYD_PORTS_DEAD_CONNECTION(port);
+        secinfo("SecServer", "%p dead connection %d", this, port.port());
          RefPointer<Connection> con = conIt->second;
                 mConnections.erase(conIt);
          serverLock.unlock();
          RefPointer<Connection> con = conIt->second;
                 mConnections.erase(conIt);
          serverLock.unlock();
-               con->abort();        
          return;
      }
      
      // is it a process?
      PortMap<Process>::iterator procIt = mProcesses.find(port);
      if (procIt != mProcesses.end()) {
          return;
      }
      
      // is it a process?
      PortMap<Process>::iterator procIt = mProcesses.find(port);
      if (procIt != mProcesses.end()) {
-               SECURITYD_PORTS_DEAD_PROCESS(port);
+        secinfo("SecServer", "%p dead process %d", this, port.port());
          RefPointer<Process> proc = procIt->second;
                 mPids.erase(proc->pid());
                 mProcesses.erase(procIt);
          RefPointer<Process> proc = procIt->second;
                 mPids.erase(proc->pid());
                 mProcesses.erase(procIt);
@@ -309,8 +279,7 @@ void Server::notifyDeadName(Port port)
      }
      
         // well, what IS IT?!
      }
      
         // well, what IS IT?!
-       SECURITYD_PORTS_DEAD_ORPHAN(port);
-       secdebug("server", "spurious dead port notification for port %d", port.port());
+       secnotice("server", "spurious dead port notification for port %d", port.port());
  }
  
  
  }
  
  
@@ -320,7 +289,7 @@ void Server::notifyDeadName(Port port)
  //
  void Server::notifyNoSenders(Port port, mach_port_mscount_t)
  {
  //
  void Server::notifyNoSenders(Port port, mach_port_mscount_t)
  {
-       SECURITYD_PORTS_DEAD_SESSION(port);
+    secinfo("SecServer", "%p dead session %d", this, port.port());
  }
  
  
  }
  
  
@@ -333,9 +302,10 @@ kern_return_t self_server_handleSignal(mach_port_t sport,
         mach_port_t taskPort, int sig)
  {
      try {
         mach_port_t taskPort, int sig)
  {
      try {
-               SECURITYD_SIGNAL_HANDLED(sig);
+        secnotice("SecServer", "signal handled %d", sig);
          if (taskPort != mach_task_self()) {
              Syslog::error("handleSignal: received from someone other than myself");
          if (taskPort != mach_task_self()) {
              Syslog::error("handleSignal: received from someone other than myself");
+            mach_port_deallocate(mach_task_self(), taskPort);
                         return KERN_SUCCESS;
                 }
                 switch (sig) {
                         return KERN_SUCCESS;
                 }
                 switch (sig) {
@@ -343,7 +313,7 @@ kern_return_t self_server_handleSignal(mach_port_t sport,
                         ServerChild::checkChildren();
                         break;
                 case SIGINT:
                         ServerChild::checkChildren();
                         break;
                 case SIGINT:
-                       SECURITYD_SHUTDOWN_NOW();
+            secnotice("SecServer", "shutdown due to SIGINT");
                         Syslog::notice("securityd terminated due to SIGINT");
                         _exit(0);
                 case SIGTERM:
                         Syslog::notice("securityd terminated due to SIGINT");
                         _exit(0);
                 case SIGTERM:
@@ -370,7 +340,7 @@ kern_return_t self_server_handleSignal(mach_port_t sport,
                         assert(false);
          }
      } catch(...) {
                         assert(false);
          }
      } catch(...) {
-               secdebug("SS", "exception handling a signal (ignored)");
+               secnotice("SecServer", "exception handling a signal (ignored)");
         }
      mach_port_deallocate(mach_task_self(), taskPort);
      return KERN_SUCCESS;
         }
      mach_port_deallocate(mach_task_self(), taskPort);
      return KERN_SUCCESS;
@@ -383,12 +353,13 @@ kern_return_t self_server_handleSession(mach_port_t sport,
      try {
          if (taskPort != mach_task_self()) {
              Syslog::error("handleSession: received from someone other than myself");
      try {
          if (taskPort != mach_task_self()) {
              Syslog::error("handleSession: received from someone other than myself");
+            mach_port_deallocate(mach_task_self(), taskPort);
                         return KERN_SUCCESS;
                 }
                         return KERN_SUCCESS;
                 }
-               if (event == AUE_SESSION_CLOSE)
-                       Session::destroy(ident);
+               if (event == AUE_SESSION_END)
+            Session::destroy(int_cast<uint64_t, Session::SessionId>(ident));
      } catch(...) {
      } catch(...) {
-               secdebug("SS", "exception handling a signal (ignored)");
+               secnotice("SecServer", "exception handling a signal (ignored)");
         }
      mach_port_deallocate(mach_task_self(), taskPort);
      return KERN_SUCCESS;
         }
      mach_port_deallocate(mach_task_self(), taskPort);
      return KERN_SUCCESS;
@@ -400,7 +371,7 @@ kern_return_t self_server_handleSession(mach_port_t sport,
  //
  void Server::SleepWatcher::systemWillSleep()
  {
  //
  void Server::SleepWatcher::systemWillSleep()
  {
-       SECURITYD_POWER_SLEEP();
+    secnotice("SecServer", "%p will sleep", this);
      Session::processSystemSleep();
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemWillSleep();
      Session::processSystemSleep();
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemWillSleep();
@@ -408,14 +379,14 @@ void Server::SleepWatcher::systemWillSleep()
  
  void Server::SleepWatcher::systemIsWaking()
  {
  
  void Server::SleepWatcher::systemIsWaking()
  {
-       SECURITYD_POWER_WAKE();
+    secnotice("SecServer", "%p is waking", this);
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemIsWaking();
  }
  
  void Server::SleepWatcher::systemWillPowerOn()
  {
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemIsWaking();
  }
  
  void Server::SleepWatcher::systemWillPowerOn()
  {
-       SECURITYD_POWER_ON();
+    secnotice("SecServer", "%p will power on", this);
         Server::active().longTermActivity();
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemWillPowerOn();
         Server::active().longTermActivity();
         for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
                 (*it)->systemWillPowerOn();
@@ -464,16 +435,17 @@ void Server::beginShutdown()
  {
         StLock<Mutex> _(*this);
         if (!mWaitForClients) {
  {
         StLock<Mutex> _(*this);
         if (!mWaitForClients) {
-               SECURITYD_SHUTDOWN_NOW();
+        secnotice("SecServer", "%p shutting down now", this);
                 _exit(0);
         } else {
                 if (!mShuttingDown) {
                         mShuttingDown = true;
              Session::invalidateAuthHosts();
                 _exit(0);
         } else {
                 if (!mShuttingDown) {
                         mShuttingDown = true;
              Session::invalidateAuthHosts();
-                       SECURITYD_SHUTDOWN_BEGIN();
-                       if (verbosity() >= 2) {
+            secnotice("SecServer", "%p beginning shutdown", this);
+            shutdownReport();           // always tell me about residual clients...
+                       if (verbosity() >= 2) {     // ...and if we really care write to the log, too
                                 reportFile = fopen("/var/log/securityd-shutdown.log", "w");
                                 reportFile = fopen("/var/log/securityd-shutdown.log", "w");
-                               shutdownSnitch();
+                               shutdownReport_file();
                         }
                 }
         }
                         }
                 }
         }
@@ -488,42 +460,45 @@ void Server::beginShutdown()
  //
  void Server::eventDone()
  {
  //
  void Server::eventDone()
  {
+    StLock<Mutex> lock(*this);
         if (this->shuttingDown()) {
         if (this->shuttingDown()) {
-               StLock<Mutex> lazy(*this, false);       // lazy lock acquisition
-               if (SECURITYD_SHUTDOWN_COUNT_ENABLED()) {
-                       lazy.lock();
-                       SECURITYD_SHUTDOWN_COUNT(mProcesses.size(), VProc::Transaction::debugCount());
-               }
+        shutdownReport();
                 if (verbosity() >= 2) {
                 if (verbosity() >= 2) {
-                       lazy.lock();
-                       shutdownSnitch();
+            secnotice("SecServer", "shutting down with %ld processes", mProcesses.size());
+                       shutdownReport_file();
                 }
                 }
-               IFDUMPING("shutdown", NodeCore::dumpAll());
         }
  }
  
         }
  }
  
+void Server::shutdownReport()
+{
+    PidMap mPidsCopy = PidMap(mPids);
+    secnotice("shutdown", "Residual clients count: %d", int(mPidsCopy.size()));
+    for (PidMap::const_iterator it = mPidsCopy.begin(); it != mPidsCopy.end(); ++it) {
+        secnotice("shutdown", "Residual client: %d", it->first);
+    }
+}
  
  
-void Server::shutdownSnitch()
+void Server::shutdownReport_file()
  {
         time_t now;
         time(&now);
         fprintf(reportFile, "%.24s %d residual clients:\n",     ctime(&now), int(mPids.size()));
  {
         time_t now;
         time(&now);
         fprintf(reportFile, "%.24s %d residual clients:\n",     ctime(&now), int(mPids.size()));
-       for (PidMap::const_iterator it = mPids.begin(); it != mPids.end(); ++it)
-               if (SecCodeRef clientCode = it->second->processCode()) {
-                       CFRef<CFURLRef> path;
-                       OSStatus rc = SecCodeCopyPath(clientCode, kSecCSDefaultFlags, &path.aref());
-                       if (path)
-                               fprintf(reportFile, " %s (%d)\n", cfString(path).c_str(), it->first);
-                       else
-                               fprintf(reportFile,  "pid=%d (error %d)\n", it->first, int32_t(rc));
-               }
+       for (PidMap::const_iterator it = mPids.begin(); it != mPids.end(); ++it) {
+               string path = it->second->getPath();
+               fprintf(reportFile, " %s (%d)\n", path.c_str(), it->first);
+       }
         fprintf(reportFile, "\n");
         fflush(reportFile);
  }
  
  bool Server::inDarkWake()
  {
         fprintf(reportFile, "\n");
         fflush(reportFile);
  }
  
  bool Server::inDarkWake()
  {
-    return IOPMIsADarkWake(IOPMConnectionGetSystemCapabilities());
+    bool inDarkWake = IOPMIsADarkWake(IOPMConnectionGetSystemCapabilities());
+    if (inDarkWake) {
+        secnotice("SecServer", "Server::inDarkWake returned inDarkWake");
+    }
+    return inDarkWake;
  }
  
  //
  }
  
  //
@@ -536,18 +511,19 @@ void Server::loadCssm(bool mdsIsInstalled)
  {
         if (!mCssm->isActive()) {
                 StLock<Mutex> _(*this);
  {
         if (!mCssm->isActive()) {
                 StLock<Mutex> _(*this);
-               VProc::Transaction xact;
+        xpc_transaction_begin();
                 if (!mCssm->isActive()) {
              if (!mdsIsInstalled) {  // non-system securityd instance should not reinitialize MDS
                 if (!mCssm->isActive()) {
              if (!mdsIsInstalled) {  // non-system securityd instance should not reinitialize MDS
-                secdebug("SS", "Installing MDS");
+                secnotice("SecServer", "Installing MDS");
                  IFDEBUG(if (geteuid() == 0))
                                 MDSClient::mds().install();
              }
                  IFDEBUG(if (geteuid() == 0))
                                 MDSClient::mds().install();
              }
-                       secdebug("SS", "CSSM initializing");
+                       secnotice("SecServer", "CSSM initializing");
                         mCssm->init();
                         mCSP->attach();
                         mCssm->init();
                         mCSP->attach();
-                       secdebug("SS", "CSSM ready with CSP %s", mCSP->guid().toString().c_str());
+                       secnotice("SecServer", "CSSM ready with CSP %s", mCSP->guid().toString().c_str());
                 }
                 }
+        xpc_transaction_end();
         }
  }
  
         }
  }