X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/21362eb3e66fd2c787aee132bce100a44d71a99c..ebb1b9f42b62218f29061826217bb0f71cd375a6:/osfmk/ipc/ipc_object.c

diff --git a/osfmk/ipc/ipc_object.c b/osfmk/ipc/ipc_object.c
index 6abf8eecf..176e80ec8 100644
--- a/osfmk/ipc/ipc_object.c
+++ b/osfmk/ipc/ipc_object.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
@@ -53,6 +53,13 @@
  * any improvements or extensions that they make and grant Carnegie Mellon
  * the rights to redistribute these changes.
  */
+/*
+ * NOTICE: This file was modified by McAfee Research in 2004 to introduce
+ * support for mandatory and extensible security protections.  This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ * Copyright (c) 2005-2006 SPARTA, Inc.
+ */
 /*
  */
 /*
@@ -73,6 +80,7 @@
 
 #include <kern/kern_types.h>
 #include <kern/misc_protos.h>
+#include <kern/ipc_kobject.h>
 
 #include <ipc/ipc_types.h>
 #include <ipc/port.h>
@@ -82,7 +90,11 @@
 #include <ipc/ipc_hash.h>
 #include <ipc/ipc_right.h>
 #include <ipc/ipc_notify.h>
+#include <ipc/ipc_port.h>
 #include <ipc/ipc_pset.h>
+#include <ipc/ipc_labelh.h>
+
+#include <security/mac_mach_internal.h>
 
 zone_t ipc_object_zones[IOT_NUMBER];
 
@@ -334,6 +346,9 @@ ipc_object_alloc(
 		ipc_port_t port = (ipc_port_t)object;
 
 		bzero((char *)port, sizeof(*port));
+#if CONFIG_MACF_MACH
+		mac_port_label_init(&port->ip_label);
+#endif
 	} else if (otype == IOT_PORT_SET) {
 		ipc_pset_t pset = (ipc_pset_t)object;
 
@@ -341,7 +356,7 @@ ipc_object_alloc(
 	}
 
 	io_lock_init(object);
-	*namep = (mach_port_name_t)object;
+	*namep = CAST_MACH_PORT_TO_NAME(object);
 	kr = ipc_entry_alloc(space, namep, &entry);
 	if (kr != KERN_SUCCESS) {
 		io_free(otype, object);
@@ -402,6 +417,9 @@ ipc_object_alloc_name(
 		ipc_port_t port = (ipc_port_t)object;
 
 		bzero((char *)port, sizeof(*port));
+#if CONFIG_MACF_MACH
+		mac_port_label_init(&port->ip_label);
+#endif
 	} else if (otype == IOT_PORT_SET) {
 		ipc_pset_t pset = (ipc_pset_t)object;
 
@@ -663,6 +681,42 @@ ipc_object_destroy(
 	}
 }
 
+/*
+ *	Routine:	ipc_object_destroy_dest
+ *	Purpose:
+ *		Destroys a naked capability for the destination of
+ *		of a message. Consumes a ref for the object.
+ *
+ *	Conditions:
+ *		Nothing locked.
+ */
+
+void
+ipc_object_destroy_dest(
+	ipc_object_t		object,
+	mach_msg_type_name_t	msgt_name)
+{
+	assert(IO_VALID(object));
+	assert(io_otype(object) == IOT_PORT);
+
+	switch (msgt_name) {
+	    case MACH_MSG_TYPE_PORT_SEND:
+		ipc_port_release_send((ipc_port_t) object);
+		break;
+
+	    case MACH_MSG_TYPE_PORT_SEND_ONCE:
+		if (io_active(object) && 
+		    !ip_full_kernel((ipc_port_t) object))
+			ipc_notify_send_once((ipc_port_t) object);
+		else
+			ipc_port_release_sonce((ipc_port_t) object);
+		break;
+
+	    default:
+		panic("ipc_object_destroy_dest: strange rights");
+	}
+}
+
 /*
  *	Routine:	ipc_object_copyout
  *	Purpose:
@@ -711,7 +765,7 @@ ipc_object_copyout(
 			break;
 		}
 
-		name = (mach_port_name_t)object;
+		name = CAST_MACH_PORT_TO_NAME(object);
 		kr = ipc_entry_get(space, &name, &entry);
 		if (kr != KERN_SUCCESS) {
 			/* unlocks/locks space, so must start again */
@@ -978,7 +1032,31 @@ ipc_object_rename(
 	return kr;
 }
 
-#if	MACH_ASSERT
+/*
+ * Get a label out of a port, to be used by a kernel call
+ * that takes a security label as a parameter. In this case, we want
+ * to use the label stored in the label handle and not the label on its
+ * port.
+ *
+ * The port should be locked for this call. The lock protecting
+ * label handle contents should not be necessary, as they can only
+ * be modified when a label handle with one reference is a task label.
+ * User allocated label handles can never be modified.
+ */
+#if CONFIG_MACF_MACH
+struct label *io_getlabel (ipc_object_t objp)
+{
+	ipc_port_t port = (ipc_port_t)objp;
+
+	assert(io_otype(objp) == IOT_PORT);
+
+	if (ip_kotype(port) == IKOT_LABELH)
+		return &((ipc_labelh_t) port->ip_kobject)->lh_label;
+	else
+		return &port->ip_label;
+}
+#endif
+
 /*
  *	Check whether the object is a port if so, free it.  But
  *	keep track of that fact.
@@ -992,19 +1070,16 @@ io_free(
 
 	if (otype == IOT_PORT) {
 		port = (ipc_port_t) object;
-#if	MACH_ASSERT
-		ipc_port_track_dealloc(port);
-#endif	/* MACH_ASSERT */
+		ipc_port_finalize(port);
 	}
+	io_lock_destroy(object);
 	zfree(ipc_object_zones[otype], object);
 }
-#endif	/* MACH_ASSERT */
 
 #include <mach_kdb.h>
 #if	MACH_KDB
 
 #include <ddb/db_output.h>
-#include <kern/ipc_kobject.h>
 
 #define	printf	kdbprintf 
 
@@ -1047,10 +1122,18 @@ const char *ikot_print_array[IKOT_MAX_TYPE] = {
 	"(IOKIT_CONNECT)    ",
 	"(IOKIT_OBJECT)     ",	/* 30 */
 	"(UPL)              ",
-						/* << new entries here	*/
+	"(MEM_OBJ_CONTROL)  ",
+	"(AU_SESSIONPORT)   ",	/* 33 */
+	"(FILEPORT)", /* 34 */
+#if CONFIG_MACF_MACH
+	"(LABELH)           ",
+#endif
+/*
+ * Add new entries here.
+ * Please keep in sync with kern/ipc_kobject.h
+ */
 	"(UNKNOWN)          "	/* magic catchall	*/
 };
-/* Please keep in sync with kern/ipc_kobject.h	*/
 
 void
 ipc_object_print(