[apple/xnu.git] / osfmk / mach / security.defs


/* -*- C++ -*- */

subsystem
#if	KERNEL_SERVER
	  KernelServer
#endif	KERNEL_SERVER
	  security 5200;

#include <mach/std_types.defs>
#include <mach/mach_types.defs>

type labelstr_t = c_string[*:512];

/**
  @brief Retrieve a task label as a label handle
  @param task Target's task port
  @param label Returned label handle

  This call retrieves the label handle of the specified task.

  @return Standard MiG return values (0 for success)
*/

routine mach_get_task_label(task      : ipc_space_t;
			    out label : mach_port_name_t);

/**
  @brief Retrieve a task label in textual form
  @param task Target's task port
  @param policies Comma-delimited list of policies to query
  @param label Returned label text

  This call retrieves an externalized task label for the
  specified task, with respect to the specified policies.

  @return Standard MiG return values (0 for success)
*/

routine mach_get_task_label_text(task      : ipc_space_t;
				 policies  : labelstr_t;
				 out label : labelstr_t);

/**
  @brief Retrieve a port label as a label handle
  @param task Issuer's task port
  @param port Port to query label from
  @param label Returned label handle

  This call retrieves a new label handle for the specified port.
  If the port represents a label handle, KERN_INVALID_ARGUMENT is
  returned.

  @return Standard MiG return values (0 for success)
*/

routine mach_get_label(task      : ipc_space_t;
		       port      : mach_port_name_t;
		       out label : mach_port_name_t);

/**
  @brief Retrieve a port label in textual form
  @param task Issuer's task port
  @param name Port to query label from
  @param policies Comma-delimited list of policies to query
  @param label Returned label text

  This call retrieves an externalized port label for the specified port,
  with respect to the specified policies. If the port represents a label
  handle, the returned label text refers to the stored label and not the
  access control label.

  @return Standard MiG return values (0 for success)
*/

routine mach_get_label_text(task      : ipc_space_t;
			    name      : mach_port_name_t;
			    policies  : labelstr_t;
			    out label : labelstr_t);

/**
  @brief Relabel a port
  @param task Task containing specified ports
  @param name Port to relabel
  @param label String representation of new label

  This call attempts to relabel the specified port to the
  label specified. For label handles, it changes the access control
  label and not the stored label.

  @return Standard MiG return values (0 for success)
*/

routine mach_set_port_label(task      : ipc_space_t;
			    name      : mach_port_name_t;
			    label     : labelstr_t);

/**
  @brief Generic access control check
  @param task Any task port
  @param subj subject label in textual form
  @param obj object label in textual form
  @param serv Service or object class name
  @param perm Permission, or method, within the specified service

  This function provides a general way for a user process to query
  an arbitrary access control decision from the system's security policies.
  Currently, there are no standards for the format of the service and
  permission names. 

  @return Standard MiG return values (0 for success)
*/

routine mac_check_service(task    : ipc_space_t;
			  subject : labelstr_t;
			  object  : labelstr_t;
			  service : labelstr_t;
			  perm    : labelstr_t);

/**
  @brief Generic access control check
  @param task Task containing specified ports (usually caller's)
  @param subj subject label in textual form
  @param obj port containing object label
  @param serv Service or object class name
  @param perm Permission, or method, within the specified service

  This function provides a general way for a user process to query
  an arbitrary access control decision from the system's security policies.
  Currently, there are no standards for the format of the service and
  permission names. If the port is a label handle, the stored label is
  used. Otherwise, its access control label is used.

  @return Standard MiG return values (0 for success)
*/

routine mac_port_check_service_obj(task    : ipc_space_t;
				   subject : labelstr_t;
				   object  : mach_port_name_t;
				   service : labelstr_t;
				   perm    : labelstr_t);

/**
  @brief Generic access control check
  @param task Task containing specified ports (usually caller's)
  @param subj port containing subject label
  @param obj port containing object label
  @param serv Service or object class name
  @param perm Permission, or method, within the specified service

  This function provides a general way for a user process to query
  an arbitrary access control decision from the system's security policies.
  Currently, there are no standards for the format of the service and
  permission names. If any ports are label handles, the stored label is
  used. Otherwise, the access control labels are used.

  @return Standard MiG return values (0 for success)
*/

routine mac_port_check_access(task    : ipc_space_t;
			      subject : mach_port_name_t;
			      object  : mach_port_name_t;
			      service : labelstr_t;
			      perm    : labelstr_t);

/**
  @brief Create a new label handle
  @param task Task to receive new ports (usually caller's)
  @param name Returned label handle port
  @param label String representation of new label

  Creates a new label handle, with the stored label defined by the
  given text. Any task may create a label handle with any valid label,
  not necessarily one that it has permission to access. A port right
  for the new label handle is inserted into the specified task.
  Posession of label handles should not imply any security properties.

  @return Standard MiG return values (0 for success)
*/

routine mac_label_new(task     : ipc_space_t;
		      out name : mach_port_name_t;
		      label    : labelstr_t);

/**
  @brief Request a computed label
  @param task subj,obj,newlabel relative to this task (usually caller's)
  @param subj port containing subject label
  @param obj port containing object label
  @param serv Service or object class name
  @param newlabel Returned label handle port
  
  Ask the loaded policies to compute a label based on the two input labels
  and the service name. There is currently no standard for the service name,
  or even what the input labels represent (Subject and parent object are only
  a suggestion). If any ports are label handles, the stored label is
  used. Otherwise, the access control labels are used. A new label handle
  is created to contain the computed label, and is stored into the
  specified task.

  @return Standard MiG return values (0 for success)
*/

routine mac_request_label(task         : ipc_space_t;
			  subject      : mach_port_name_t;
			  object       : mach_port_name_t;
			  service      : labelstr_t;
			  out newlabel : mach_port_name_t);
Commit	Line	Data
2d21ac55 A	1
	2	/* -- C++ -- */
	3
	4	subsystem
	5	#if KERNEL_SERVER
	6	KernelServer
	7	#endif KERNEL_SERVER
	8	security 5200;
	9
	10	#include <mach/std_types.defs>
	11	#include <mach/mach_types.defs>
	12
	13	type labelstr_t = c_string[*:512];
	14
	15	/**
	16	@brief Retrieve a task label as a label handle
	17	@param task Target's task port
	18	@param label Returned label handle
	19
	20	This call retrieves the label handle of the specified task.
	21
	22	@return Standard MiG return values (0 for success)
	23	*/
	24
	25	routine mach_get_task_label(task : ipc_space_t;
	26	out label : mach_port_name_t);
	27
	28	/**
	29	@brief Retrieve a task label in textual form
	30	@param task Target's task port
	31	@param policies Comma-delimited list of policies to query
	32	@param label Returned label text
	33
	34	This call retrieves an externalized task label for the
	35	specified task, with respect to the specified policies.
	36
	37	@return Standard MiG return values (0 for success)
	38	*/
	39
	40	routine mach_get_task_label_text(task : ipc_space_t;
	41	policies : labelstr_t;
	42	out label : labelstr_t);
	43
	44	/**
	45	@brief Retrieve a port label as a label handle
	46	@param task Issuer's task port
	47	@param port Port to query label from
	48	@param label Returned label handle
	49
	50	This call retrieves a new label handle for the specified port.
	51	If the port represents a label handle, KERN_INVALID_ARGUMENT is
	52	returned.
	53
	54	@return Standard MiG return values (0 for success)
	55	*/
	56
	57	routine mach_get_label(task : ipc_space_t;
	58	port : mach_port_name_t;
	59	out label : mach_port_name_t);
	60
	61	/**
	62	@brief Retrieve a port label in textual form
	63	@param task Issuer's task port
	64	@param name Port to query label from
65	@param policies Comma-delimited list of policies to query
66	@param label Returned label text
67
68	This call retrieves an externalized port label for the specified port,
69	with respect to the specified policies. If the port represents a label
70	handle, the returned label text refers to the stored label and not the
71	access control label.
72
73	@return Standard MiG return values (0 for success)
74	*/
75
76	routine mach_get_label_text(task : ipc_space_t;
77	name : mach_port_name_t;
78	policies : labelstr_t;
79	out label : labelstr_t);
80
81	/**
82	@brief Relabel a port
83	@param task Task containing specified ports
84	@param name Port to relabel
85	@param label String representation of new label
86
87	This call attempts to relabel the specified port to the
88	label specified. For label handles, it changes the access control
89	label and not the stored label.
90
91	@return Standard MiG return values (0 for success)
92	*/
93
94	routine mach_set_port_label(task : ipc_space_t;
95	name : mach_port_name_t;
96	label : labelstr_t);
97
98	/**
99	@brief Generic access control check
100	@param task Any task port
101	@param subj subject label in textual form
102	@param obj object label in textual form
103	@param serv Service or object class name
104	@param perm Permission, or method, within the specified service
105
106	This function provides a general way for a user process to query
107	an arbitrary access control decision from the system's security policies.
108	Currently, there are no standards for the format of the service and
109	permission names.
110
111	@return Standard MiG return values (0 for success)
112	*/
113
114	routine mac_check_service(task : ipc_space_t;
115	subject : labelstr_t;
116	object : labelstr_t;
117	service : labelstr_t;
118	perm : labelstr_t);
119
120	/**
121	@brief Generic access control check
122	@param task Task containing specified ports (usually caller's)
123	@param subj subject label in textual form
124	@param obj port containing object label
125	@param serv Service or object class name
126	@param perm Permission, or method, within the specified service
127
128	This function provides a general way for a user process to query
129	an arbitrary access control decision from the system's security policies.
130	Currently, there are no standards for the format of the service and
131	permission names. If the port is a label handle, the stored label is
132	used. Otherwise, its access control label is used.
133
134	@return Standard MiG return values (0 for success)
135	*/
136
137	routine mac_port_check_service_obj(task : ipc_space_t;
138	subject : labelstr_t;
139	object : mach_port_name_t;
140	service : labelstr_t;
141	perm : labelstr_t);
142
143	/**
144	@brief Generic access control check
145	@param task Task containing specified ports (usually caller's)
146	@param subj port containing subject label
147	@param obj port containing object label
148	@param serv Service or object class name
149	@param perm Permission, or method, within the specified service
150
151	This function provides a general way for a user process to query
152	an arbitrary access control decision from the system's security policies.
153	Currently, there are no standards for the format of the service and
154	permission names. If any ports are label handles, the stored label is
155	used. Otherwise, the access control labels are used.
156
157	@return Standard MiG return values (0 for success)
158	*/
159
160	routine mac_port_check_access(task : ipc_space_t;
161	subject : mach_port_name_t;
162	object : mach_port_name_t;
163	service : labelstr_t;
164	perm : labelstr_t);
165
166	/**
167	@brief Create a new label handle
168	@param task Task to receive new ports (usually caller's)
169	@param name Returned label handle port
170	@param label String representation of new label
171
172	Creates a new label handle, with the stored label defined by the
173	given text. Any task may create a label handle with any valid label,
174	not necessarily one that it has permission to access. A port right
175	for the new label handle is inserted into the specified task.
176	Posession of label handles should not imply any security properties.
177
178	@return Standard MiG return values (0 for success)
179	*/
180
181	routine mac_label_new(task : ipc_space_t;
182	out name : mach_port_name_t;
183	label : labelstr_t);
184
185	/**
186	@brief Request a computed label
187	@param task subj,obj,newlabel relative to this task (usually caller's)
188	@param subj port containing subject label
189	@param obj port containing object label
190	@param serv Service or object class name
191	@param newlabel Returned label handle port
192
193	Ask the loaded policies to compute a label based on the two input labels
194	and the service name. There is currently no standard for the service name,
195	or even what the input labels represent (Subject and parent object are only
196	a suggestion). If any ports are label handles, the stored label is
197	used. Otherwise, the access control labels are used. A new label handle
198	is created to contain the computed label, and is stored into the
199	specified task.
200
201	@return Standard MiG return values (0 for success)
202	*/
203
204	routine mac_request_label(task : ipc_space_t;
205	subject : mach_port_name_t;
206	object : mach_port_name_t;
207	service : labelstr_t;
208	out newlabel : mach_port_name_t);