osfmk/mach/security.defs

   1
   2 /* -*- C++ -*- */
   3
   4 subsystem
   5 #if     KERNEL_SERVER
   6           KernelServer
   7 #endif  /* KERNEL_SERVER */
   8           security 5200;
   9
  10 #include <mach/std_types.defs>
  11 #include <mach/mach_types.defs>
  12
  13 type labelstr_t = c_string[*:512];
  14
  15 /**
  16   @brief Retrieve a task label as a label handle
  17   @param task Target's task port
  18   @param label Returned label handle
  19
  20   This call retrieves the label handle of the specified task.
  21
  22   @return Standard MiG return values (0 for success)
  23 */
  24
  25 routine mach_get_task_label(task      : ipc_space_t;
  26                             out label : mach_port_name_t);
  27
  28 /**
  29   @brief Retrieve a task label in textual form
  30   @param task Target's task port
  31   @param policies Comma-delimited list of policies to query
  32   @param label Returned label text
  33
  34   This call retrieves an externalized task label for the
  35   specified task, with respect to the specified policies.
  36
  37   @return Standard MiG return values (0 for success)
  38 */
  39
  40 routine mach_get_task_label_text(task      : ipc_space_t;
  41                                  policies  : labelstr_t;
  42                                  out label : labelstr_t);
  43
  44 /**
  45   @brief Retrieve a port label as a label handle
  46   @param task Issuer's task port
  47   @param port Port to query label from
  48   @param label Returned label handle
  49
  50   This call retrieves a new label handle for the specified port.
  51   If the port represents a label handle, KERN_INVALID_ARGUMENT is
  52   returned.
  53
  54   @return Standard MiG return values (0 for success)
  55 */
  56
  57 routine mach_get_label(task      : ipc_space_t;
  58                        port      : mach_port_name_t;
  59                        out label : mach_port_name_t);
  60
  61 /**
  62   @brief Retrieve a port label in textual form
  63   @param task Issuer's task port
  64   @param name Port to query label from
  65   @param policies Comma-delimited list of policies to query
  66   @param label Returned label text
  67
  68   This call retrieves an externalized port label for the specified port,
  69   with respect to the specified policies. If the port represents a label
  70   handle, the returned label text refers to the stored label and not the
  71   access control label.
  72
  73   @return Standard MiG return values (0 for success)
  74 */
  75
  76 routine mach_get_label_text(task      : ipc_space_t;
  77                             name      : mach_port_name_t;
  78                             policies  : labelstr_t;
  79                             out label : labelstr_t);
  80
  81 /**
  82   @brief Relabel a port
  83   @param task Task containing specified ports
  84   @param name Port to relabel
  85   @param label String representation of new label
  86
  87   This call attempts to relabel the specified port to the
  88   label specified. For label handles, it changes the access control
  89   label and not the stored label.
  90
  91   @return Standard MiG return values (0 for success)
  92 */
  93
  94 routine mach_set_port_label(task      : ipc_space_t;
  95                             name      : mach_port_name_t;
  96                             label     : labelstr_t);
  97
  98 /**
  99   @brief Generic access control check
 100   @param task Any task port
 101   @param subj subject label in textual form
 102   @param obj object label in textual form
 103   @param serv Service or object class name
 104   @param perm Permission, or method, within the specified service
 105
 106   This function provides a general way for a user process to query
 107   an arbitrary access control decision from the system's security policies.
 108   Currently, there are no standards for the format of the service and
 109   permission names.
 110
 111   @return Standard MiG return values (0 for success)
 112 */
 113
 114 routine mac_check_service(task    : ipc_space_t;
 115                           subject : labelstr_t;
 116                           object  : labelstr_t;
 117                           service : labelstr_t;
 118                           perm    : labelstr_t);
 119
 120 /**
 121   @brief Generic access control check
 122   @param task Task containing specified ports (usually caller's)
 123   @param subj subject label in textual form
 124   @param obj port containing object label
 125   @param serv Service or object class name
 126   @param perm Permission, or method, within the specified service
 127
 128   This function provides a general way for a user process to query
 129   an arbitrary access control decision from the system's security policies.
 130   Currently, there are no standards for the format of the service and
 131   permission names. If the port is a label handle, the stored label is
 132   used. Otherwise, its access control label is used.
 133
 134   @return Standard MiG return values (0 for success)
 135 */
 136
 137 routine mac_port_check_service_obj(task    : ipc_space_t;
 138                                    subject : labelstr_t;
 139                                    object  : mach_port_name_t;
 140                                    service : labelstr_t;
 141                                    perm    : labelstr_t);
 142
 143 /**
 144   @brief Generic access control check
 145   @param task Task containing specified ports (usually caller's)
 146   @param subj port containing subject label
 147   @param obj port containing object label
 148   @param serv Service or object class name
 149   @param perm Permission, or method, within the specified service
 150
 151   This function provides a general way for a user process to query
 152   an arbitrary access control decision from the system's security policies.
 153   Currently, there are no standards for the format of the service and
 154   permission names. If any ports are label handles, the stored label is
 155   used. Otherwise, the access control labels are used.
 156
 157   @return Standard MiG return values (0 for success)
 158 */
 159
 160 routine mac_port_check_access(task    : ipc_space_t;
 161                               subject : mach_port_name_t;
 162                               object  : mach_port_name_t;
 163                               service : labelstr_t;
 164                               perm    : labelstr_t);
 165
 166 /**
 167   @brief Create a new label handle
 168   @param task Task to receive new ports (usually caller's)
 169   @param name Returned label handle port
 170   @param label String representation of new label
 171
 172   Creates a new label handle, with the stored label defined by the
 173   given text. Any task may create a label handle with any valid label,
 174   not necessarily one that it has permission to access. A port right
 175   for the new label handle is inserted into the specified task.
 176   Posession of label handles should not imply any security properties.
 177
 178   @return Standard MiG return values (0 for success)
 179 */
 180
 181 routine mac_label_new(task     : ipc_space_t;
 182                       out name : mach_port_name_t;
 183                       label    : labelstr_t);
 184
 185 /**
 186   @brief Request a computed label
 187   @param task subj,obj,newlabel relative to this task (usually caller's)
 188   @param subj port containing subject label
 189   @param obj port containing object label
 190   @param serv Service or object class name
 191   @param newlabel Returned label handle port
 192
 193   Ask the loaded policies to compute a label based on the two input labels
 194   and the service name. There is currently no standard for the service name,
 195   or even what the input labels represent (Subject and parent object are only
 196   a suggestion). If any ports are label handles, the stored label is
 197   used. Otherwise, the access control labels are used. A new label handle
 198   is created to contain the computed label, and is stored into the
 199   specified task.
 200
 201   @return Standard MiG return values (0 for success)
 202 */
 203
 204 routine mac_request_label(task         : ipc_space_t;
 205                           subject      : mach_port_name_t;
 206                           object       : mach_port_name_t;
 207                           service      : labelstr_t;
 208                           out newlabel : mach_port_name_t);