osfmk/ipc/ipc_labelh.c

   1 /*
   2  * Copyright (c) 2007 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. The rights granted to you under the License
  10  * may not be used to create, or enable the creation or redistribution of,
  11  * unlawful or unlicensed copies of an Apple operating system, or to
  12  * circumvent, violate, or enable the circumvention or violation of, any
  13  * terms of an Apple operating system software license agreement.
  14  *
  15  * Please obtain a copy of the License at
  16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
  17  *
  18  * The Original Code and all software distributed under the License are
  19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  23  * Please see the License for the specific language governing rights and
  24  * limitations under the License.
  25  *
  26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  27  */
  28 /*-
  29  * Copyright (c) 2005-2006 SPARTA, Inc.
  30  * All rights reserved.
  31  *
  32  * Redistribution and use in source and binary forms, with or without
  33  * modification, are permitted provided that the following conditions
  34  * are met:
  35  * 1. Redistributions of source code must retain the above copyright
  36  *    notice, this list of conditions and the following disclaimer.
  37  * 2. Redistributions in binary form must reproduce the above copyright
  38  *    notice, this list of conditions and the following disclaimer in the
  39  *    documentation and/or other materials provided with the distribution.
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  */
  53
  54 #include <ipc/ipc_space.h>
  55 #include <ipc/ipc_port.h>
  56 #include <ipc/ipc_labelh.h>
  57 #include <kern/ipc_kobject.h>
  58 #include <mach/security.h>
  59 #include <security/mac_mach_internal.h>
  60
  61 #if CONFIG_MACF_MACH
  62 zone_t ipc_labelh_zone;
  63
  64 /*
  65  * Create a new label handle in the task described by the specified space.
  66  * The specified label is used in the label handle.  The associated port
  67  * name is copied out to namep and the task is granted send and receive rights.
  68  */
  69 kern_return_t
  70 labelh_new_user(ipc_space_t space, struct label *inl, mach_port_name_t *namep)
  71 {
  72         kern_return_t kr;
  73         ipc_labelh_t lh;
  74         ipc_entry_t entry;
  75         ipc_port_t port;
  76
  77         if (space == IS_NULL || space->is_task == NULL)
  78                 return (KERN_INVALID_TASK);
  79
  80         /* XXX - perform entrypoint check here? */
  81
  82         /* JMM - redo as port allocation, kobject set, and then copyout */
  83         assert(!CONFIG_MACF_MACH);
  84
  85         /*
  86          * Note: the calling task will have a receive right for the port.
  87          * This is different from label handles that reference tasks
  88          * where the kernel holds the receive right and the caller only
  89          * gets a send right.
  90          */
  91         kr = ipc_port_alloc(space, namep, &port);
  92         if (kr != KERN_SUCCESS)
  93                 return (kr);
  94         ip_reference(port);     /* ipc_port_alloc() does not add a reference */
  95
  96         /* Convert right to MACH_PORT_TYPE_SEND_RECEIVE */
  97         port->ip_mscount++;
  98         port->ip_srights++;
  99         is_write_lock(space);
 100         /* XXX - must validate space is still active and unwind if not */
 101         entry = ipc_entry_lookup(space, *namep);
 102         if (entry != IE_NULL)
 103                 entry->ie_bits |= MACH_PORT_TYPE_SEND;
 104         is_write_unlock(space);
 105
 106         /* Allocate new label handle, insert port and label. */
 107         lh = (ipc_labelh_t)zalloc(ipc_labelh_zone);
 108         lh_lock_init(lh);
 109         lh->lh_port = port;
 110         lh->lh_label = *inl;
 111         lh->lh_type = LABELH_TYPE_USER;
 112         lh->lh_references = 1;          /* unused for LABELH_TYPE_USER */
 113
 114         /* Must call ipc_kobject_set() with port unlocked. */
 115         ip_unlock(lh->lh_port);
 116         ipc_kobject_set(lh->lh_port, (ipc_kobject_t)lh, IKOT_LABELH);
 117
 118         return (KERN_SUCCESS);
 119 }
 120
 121 kern_return_t
 122 mac_label_new(ipc_space_t space, mach_port_name_t *namep, labelstr_t labelstr)
 123 {
 124         struct label inl;
 125         kern_return_t kr;
 126
 127         mac_task_label_init(&inl);
 128         if (mac_task_label_internalize(&inl, labelstr))
 129                 return (KERN_INVALID_ARGUMENT);
 130
 131         kr = labelh_new_user(space, &inl, namep);
 132         if (kr != KERN_SUCCESS) {
 133                 mac_task_label_destroy(&inl);
 134                 return (kr);
 135         }
 136
 137         return (KERN_SUCCESS);
 138 }
 139
 140 /*
 141  * This function should be used to allocate label handles
 142  * that are stored in other kernel objects, such as tasks.
 143  * They must be released along with that object.
 144  * The caller gets one reference, which can be applied to either the
 145  * port or the ipc_label_t structure itself.
 146  */
 147 ipc_labelh_t
 148 labelh_new(int canblock)
 149 {
 150         ipc_labelh_t lh;
 151
 152         lh = (ipc_labelh_t)zalloc_canblock(ipc_labelh_zone, canblock);
 153         lh_lock_init(lh);
 154         lh->lh_port = ipc_port_alloc_kernel();
 155         lh->lh_type = LABELH_TYPE_KERN;
 156         lh->lh_references = 1;
 157         ipc_kobject_set(lh->lh_port, (ipc_kobject_t)lh, IKOT_LABELH);
 158
 159         return (lh);
 160 }
 161
 162 /*
 163  * Call with old label handle locked.
 164  * Returned label handle is unlocked.
 165  */
 166 ipc_labelh_t
 167 labelh_duplicate(ipc_labelh_t old)
 168 {
 169         ipc_labelh_t lh;
 170
 171         lh = labelh_new(0);
 172         ip_lock(lh->lh_port);
 173         mac_task_label_init(&lh->lh_label);
 174         mac_task_label_copy(&old->lh_label, &lh->lh_label);
 175         ip_unlock(lh->lh_port);
 176         return (lh);
 177 }
 178
 179 /*
 180  * Call with old label handle locked.
 181  * Returned label handle is locked.
 182  */
 183 ipc_labelh_t
 184 labelh_modify(ipc_labelh_t old)
 185 {
 186         ipc_labelh_t lh;
 187
 188         /*
 189          * A label handle may only have a single reference.
 190          * If there are no other references this is a no-op.
 191          * Otherwise, make a copy we can write to and return it.
 192          */
 193         if (old->lh_references == 1)
 194                 return (old);
 195         lh = labelh_duplicate(old);
 196         lh_release(old);
 197         lh_check_unlock(old);
 198         lh_lock(lh);
 199         return (lh);
 200 }
 201
 202 /*
 203  * Add or drop a reference on an (unlocked) label handle.
 204  */
 205 ipc_labelh_t
 206 labelh_reference(ipc_labelh_t lh)
 207 {
 208         lh_lock(lh);
 209         lh_reference(lh);
 210         lh_unlock(lh);
 211         return (lh);
 212 }
 213
 214 /*
 215  * Release a reference on an (unlocked) label handle.
 216  */
 217 void
 218 labelh_release(ipc_labelh_t lh)
 219 {
 220         lh_lock(lh);
 221         lh_release(lh);
 222         lh_check_unlock(lh);
 223 }
 224
 225 /*
 226  * Deallocate space associated with the label handle backed by the
 227  * specified port.  For kernel-allocated label handles the
 228  * label handle reference count should be 0.  For user-allocated
 229  * handles the ref count is not used (it was initialized to 1).
 230  */
 231 void
 232 labelh_destroy(ipc_port_t port)
 233 {
 234         ipc_labelh_t lh = (ipc_labelh_t) port->ip_kobject;
 235
 236         mac_task_label_destroy(&lh->lh_label);
 237         zfree(ipc_labelh_zone, (vm_offset_t)lh);
 238 }
 239 #else
 240 kern_return_t
 241 mac_label_new(__unused ipc_space_t space,
 242               __unused mach_port_name_t *namep,
 243               __unused labelstr_t labelstr)
 244 {
 245         return KERN_FAILURE;
 246 }
 247 #endif /* MAC_MACH */