2 * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
26 // process - track a single client process and its belongings
31 #include "structure.h"
33 #include <security_agent_client/agentclient.h>
34 #include <security_utilities/refcount.h>
35 #include <security_utilities/ccaudit.h>
36 #include <security_utilities/vproc++.h>
40 #include "notifications.h"
43 using MachPlusPlus::Port
;
44 using MachPlusPlus::TaskPort
;
48 class AuthorizationToken
;
52 // A Process object represents a UNIX process (and associated Mach Task) that has
53 // had contact with us and may have some state associated with it. It primarily tracks
54 // the process nature of the client. Individual threads in the client are tracked by
55 // Connection objects.
57 // Code Signing-style Guest identities are managed in two of our mix-ins. The two play
58 // distinct but related roles:
59 // * CodeSigningHost manages the public identity of guests within the client.
60 // In this relationship, securityd provides registry and proxy services to the client.
61 // * ClientIdentification tracks the identity of guests in the client *as securityd clients*.
62 // It is concerned with which guest is asking for securityd services, and whether this
64 // Often, the two form a loop: ClientIdentification uses CodeSigningHost to determine
65 // the guest client identity, but it does so through public (Mach IPC) interfaces, because
66 // clients may implement their own proxy (though currently not registry) services.
67 // We could short-circuit the IPC leg in those cases where securityd serves itself,
68 // but there's no evidence (yet) that this is worth the trouble.
70 class Process
: public PerProcess
,
71 public CodeSigningHost
,
72 public ClientIdentification
,
73 private VProc::Transaction
{
75 Process(TaskPort tPort
, const ClientSetupInfo
*info
, const CommonCriteria::AuditToken
&audit
);
78 void reset(TaskPort tPort
, const ClientSetupInfo
*info
, const CommonCriteria::AuditToken
&audit
);
80 uid_t
uid() const { return mUid
; }
81 gid_t
gid() const { return mGid
; }
82 pid_t
pid() const { return mPid
; }
83 TaskPort
taskPort() const { return mTaskPort
; }
84 bool byteFlipped() const { return mByteFlipped
; }
86 void addAuthorization(AuthorizationToken
*auth
);
87 void checkAuthorization(AuthorizationToken
*auth
);
88 bool removeAuthorization(AuthorizationToken
*auth
);
90 using PerProcess::kill
;
93 void changeSession(Session::SessionId sessionId
);
95 Session
& session() const;
96 void checkSession(const audit_token_t
&auditToken
);
98 LocalDatabase
&localStore();
99 Key
*makeTemporaryKey(const CssmKey
&key
, CSSM_KEYATTR_FLAGS moreAttributes
,
100 const AclEntryPrototype
*owner
);
102 // aclSequence is taken to serialize ACL validations to pick up mutual changes
105 IFDUMP(void dumpNode());
108 void setup(const ClientSetupInfo
*info
);
111 // peer state: established during connection startup; fixed thereafter
112 TaskPort mTaskPort
; // task port
113 bool mByteFlipped
; // client's byte order is reverse of ours
114 pid_t mPid
; // process id
115 uid_t mUid
; // UNIX uid credential
116 gid_t mGid
; // primary UNIX gid credential
118 // authorization dictionary
119 typedef multiset
<AuthorizationToken
*> AuthorizationSet
;
120 AuthorizationSet mAuthorizations
; // set of valid authorizations for process
122 // canonical local (transient) key store
123 RefPointer
<LocalDatabase
> mLocalStore
;
128 // Convenience comparison
130 inline bool operator == (const Process
&p1
, const Process
&p2
)