src/process.h

   1 /*
   2  * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // process - track a single client process and its belongings
  27 //
  28 #ifndef _H_PROCESS
  29 #define _H_PROCESS
  30
  31 #include "structure.h"
  32 #include <security_agent_client/agentclient.h>
  33 #include <security_utilities/refcount.h>
  34 #include <security_utilities/ccaudit.h>
  35 #include <security_utilities/vproc++.h>
  36 #include "clientid.h"
  37 #include "csproxy.h"
  38 #include "localkey.h"
  39 #include "notifications.h"
  40 #include <string>
  41
  42 using MachPlusPlus::Port;
  43 using MachPlusPlus::TaskPort;
  44
  45 class Session;
  46 class LocalDatabase;
  47 class AuthorizationToken;
  48
  49
  50 //
  51 // A Process object represents a UNIX process (and associated Mach Task) that has
  52 // had contact with us and may have some state associated with it. It primarily tracks
  53 // the process nature of the client. Individual threads in the client are tracked by
  54 // Connection objects.
  55 //
  56 // Code Signing-style Guest identities are managed in two of our mix-ins. The two play
  57 // distinct but related roles:
  58 // * CodeSigningHost manages the public identity of guests within the client.
  59 //   In this relationship, securityd provides registry and proxy services to the client.
  60 // * ClientIdentification tracks the identity of guests in the client *as securityd clients*.
  61 //   It is concerned with which guest is asking for securityd services, and whether this
  62 //   should be granted.
  63 // Often, the two form a loop: ClientIdentification uses CodeSigningHost to determine
  64 // the guest client identity, but it does so through public (Mach IPC) interfaces, because
  65 // clients may implement their own proxy (though currently not registry) services.
  66 // We could short-circuit the IPC leg in those cases where securityd serves itself,
  67 // but there's no evidence (yet) that this is worth the trouble.
  68 //
  69 class Process : public PerProcess,
  70                                 public CodeSigningHost,
  71                                 public ClientIdentification,
  72                                 private VProc::Transaction {
  73 public:
  74         Process(Port servicePort, TaskPort tPort,
  75                 const ClientSetupInfo *info, const char *identity,
  76                 const CommonCriteria::AuditToken &audit);
  77         virtual ~Process();
  78
  79         void reset(Port servicePort, TaskPort tPort,
  80                 const ClientSetupInfo *info, const char *identity,
  81                 const CommonCriteria::AuditToken &audit);
  82
  83     uid_t uid() const                   { return mUid; }
  84     gid_t gid() const                   { return mGid; }
  85     pid_t pid() const                   { return mPid; }
  86     TaskPort taskPort() const   { return mTaskPort; }
  87         bool byteFlipped() const        { return mByteFlipped; }
  88
  89         void addAuthorization(AuthorizationToken *auth);
  90         void checkAuthorization(AuthorizationToken *auth);
  91         bool removeAuthorization(AuthorizationToken *auth);
  92
  93         using PerProcess::kill;
  94         void kill();
  95
  96         void changeSession(Port servicePort);   // very special indeed
  97
  98         Session& session() const;
  99
 100         LocalDatabase &localStore();
 101         Key *makeTemporaryKey(const CssmKey &key, CSSM_KEYATTR_FLAGS moreAttributes,
 102                 const AclEntryPrototype *owner);
 103
 104         // aclSequence is taken to serialize ACL validations to pick up mutual changes
 105         Mutex aclSequence;
 106
 107         IFDUMP(void dumpNode());
 108
 109 private:
 110         void setup(const ClientSetupInfo *info);
 111
 112 private:
 113         // peer state: established during connection startup; fixed thereafter
 114     TaskPort mTaskPort;                                 // task port
 115         bool mByteFlipped;                                      // client's byte order is reverse of ours
 116     pid_t mPid;                                                 // process id
 117     uid_t mUid;                                                 // UNIX uid credential
 118     gid_t mGid;                                                 // primary UNIX gid credential
 119
 120         // authorization dictionary
 121         typedef multiset<AuthorizationToken *> AuthorizationSet;
 122         AuthorizationSet mAuthorizations;       // set of valid authorizations for process
 123
 124         // canonical local (transient) key store
 125         RefPointer<LocalDatabase> mLocalStore;
 126 };
 127
 128
 129 //
 130 // Convenience comparison
 131 //
 132 inline bool operator == (const Process &p1, const Process &p2)
 133 {
 134         return &p1 == &p2;
 135 }
 136
 137
 138 #endif //_H_PROCESS