[apple/xnu.git] / security / mac_alloc.c

/*
 * Copyright (c) 2007 Apple Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 *
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
/*
 *
 */

#include <kern/kalloc.h>
#include <kern/zalloc.h>

#include <sys/param.h>
#include <sys/queue.h>
#include <sys/systm.h>
#include <sys/mbuf.h>

#include <vm/vm_map.h>

#include "mac_alloc.h"

/*
 * XXXMAC: We should probably make sure only registered policies can
 * call these, otherwise we're effectively changing Apple's plan wrt
 * exported allocators.
 */

/*
 * Kernel allocator
 */
void *
mac_kalloc(vm_size_t size, int how)
{
	if (how == M_WAITOK) {
		return kalloc(size);
	} else {
		return kalloc_noblock(size);
	}
}

/*
 * for temporary binary compatibility
 */
void *  mac_kalloc_noblock(vm_size_t size);
void *
mac_kalloc_noblock(vm_size_t size)
{
	return kalloc_noblock(size);
}

void
mac_kfree(void * data, vm_size_t size)
{
	kfree(data, size);
}

/*
 * MBuf tag allocator.
 */

void *
mac_mbuf_alloc(int len, int wait)
{
#if CONFIG_MACF_SOCKET_SUBSET
	struct m_tag *t;

	t = m_tag_alloc(KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_MAC_POLICY_LABEL,
	    len, wait);
	if (t == NULL) {
		return NULL;
	}

	return (void *)(t + 1);
#else
#pragma unused(len, wait)
	return NULL;
#endif
}

void
mac_mbuf_free(void *data)
{
#if CONFIG_MACF_SOCKET_SUBSET
	struct m_tag *t;

	t = (struct m_tag *)((char *)data - sizeof(struct m_tag));
	m_tag_free(t);
#else
#pragma unused(data)
#endif
}

/*
 * VM functions
 */

extern vm_map_t kalloc_map;

int
mac_wire(void *start, void *end)
{
	return vm_map_wire_kernel(kalloc_map, CAST_USER_ADDR_T(start),
	           CAST_USER_ADDR_T(end), VM_PROT_READ | VM_PROT_WRITE, VM_KERN_MEMORY_SECURITY, FALSE);
}

int
mac_unwire(void *start, void *end)
{
	return vm_map_unwire(kalloc_map, CAST_USER_ADDR_T(start),
	           CAST_USER_ADDR_T(end), FALSE);
}

/*
 * Zone allocator
 */
zone_t
mac_zinit(vm_size_t size, vm_size_t maxmem, vm_size_t alloc, const char *name)
{
	return zinit(size, maxmem, alloc, name);
}

void
mac_zone_change(zone_t zone, unsigned int item, boolean_t value)
{
	zone_change(zone, item, value);
}

void *
mac_zalloc(zone_t zone, int how)
{
	if (how == M_WAITOK) {
		return zalloc(zone);
	} else {
		return zalloc_noblock(zone);
	}
}

void
mac_zfree(zone_t zone, void *elem)
{
	zfree(zone, elem);
}
Commit	Line	Data
2d21ac55 A	1	/*
	2	* Copyright (c) 2007 Apple Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
0a7de745	5	*
2d21ac55 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
0a7de745	14	*
2d21ac55 A	15	* Please obtain a copy of the License at
2d21ac55 A	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
0a7de745	17	*
2d21ac55 A	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
0a7de745	25	*
2d21ac55 A	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28	/*
	29	*
	30	*/
	31
	32	#include <kern/kalloc.h>
	33	#include <kern/zalloc.h>
	34
	35	#include <sys/param.h>
	36	#include <sys/queue.h>
	37	#include <sys/systm.h>
	38	#include <sys/mbuf.h>
	39
	40	#include <vm/vm_map.h>
	41
	42	#include "mac_alloc.h"
	43
	44	/*
	45	* XXXMAC: We should probably make sure only registered policies can
	46	* call these, otherwise we're effectively changing Apple's plan wrt
	47	* exported allocators.
	48	*/
	49
	50	/*
	51	* Kernel allocator
	52	*/
	53	void *
	54	mac_kalloc(vm_size_t size, int how)
	55	{
0a7de745	56	if (how == M_WAITOK) {
2d21ac55	57	return kalloc(size);
0a7de745	58	} else {
2d21ac55	59	return kalloc_noblock(size);
0a7de745	60	}
2d21ac55 A	61	}
	62
	63	/*
	64	* for temporary binary compatibility
	65	*/
0a7de745	66	void * mac_kalloc_noblock(vm_size_t size);
2d21ac55 A	67	void *
	68	mac_kalloc_noblock(vm_size_t size)
	69	{
	70	return kalloc_noblock(size);
	71	}
	72
	73	void
	74	mac_kfree(void * data, vm_size_t size)
	75	{
0a7de745	76	kfree(data, size);
2d21ac55 A	77	}
	78
	79	/*
	80	* MBuf tag allocator.
	81	*/
	82
	83	void *
	84	mac_mbuf_alloc(int len, int wait)
	85	{
39236c6e	86	#if CONFIG_MACF_SOCKET_SUBSET
2d21ac55 A	87	struct m_tag *t;
	88
	89	t = m_tag_alloc(KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_MAC_POLICY_LABEL,
0a7de745 A	90	len, wait);
	91	if (t == NULL) {
	92	return NULL;
	93	}
2d21ac55	94
0a7de745	95	return (void *)(t + 1);
39236c6e A	96	#else
	97	#pragma unused(len, wait)
	98	return NULL;
	99	#endif
2d21ac55 A	100	}
	101
	102	void
	103	mac_mbuf_free(void *data)
	104	{
39236c6e	105	#if CONFIG_MACF_SOCKET_SUBSET
2d21ac55 A	106	struct m_tag *t;
	107
	108	t = (struct m_tag )((char )data - sizeof(struct m_tag));
	109	m_tag_free(t);
39236c6e A	110	#else
	111	#pragma unused(data)
	112	#endif
2d21ac55 A	113	}
	114
	115	/*
	116	* VM functions
	117	*/
	118
	119	extern vm_map_t kalloc_map;
	120
	121	int
	122	mac_wire(void start, void end)
	123	{
0a7de745 A	124	return vm_map_wire_kernel(kalloc_map, CAST_USER_ADDR_T(start),
0a7de745 A	125	CAST_USER_ADDR_T(end), VM_PROT_READ \| VM_PROT_WRITE, VM_KERN_MEMORY_SECURITY, FALSE);
2d21ac55 A	126	}
	127
	128	int
	129	mac_unwire(void start, void end)
	130	{
0a7de745 A	131	return vm_map_unwire(kalloc_map, CAST_USER_ADDR_T(start),
0a7de745 A	132	CAST_USER_ADDR_T(end), FALSE);
2d21ac55 A	133	}
	134
	135	/*
	136	* Zone allocator
	137	*/
	138	zone_t
	139	mac_zinit(vm_size_t size, vm_size_t maxmem, vm_size_t alloc, const char *name)
	140	{
2d21ac55 A	141	return zinit(size, maxmem, alloc, name);
	142	}
	143
	144	void
	145	mac_zone_change(zone_t zone, unsigned int item, boolean_t value)
	146	{
2d21ac55 A	147	zone_change(zone, item, value);
	148	}
	149
	150	void *
	151	mac_zalloc(zone_t zone, int how)
	152	{
0a7de745	153	if (how == M_WAITOK) {
2d21ac55	154	return zalloc(zone);
0a7de745	155	} else {
2d21ac55	156	return zalloc_noblock(zone);
0a7de745	157	}
2d21ac55 A	158	}
	159
	160	void
	161	mac_zfree(zone_t zone, void *elem)
	162	{
2d21ac55 A	163	zfree(zone, elem);
2d21ac55 A	164	}