X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/91447636331957f3d9b5ca5b508f07c526b0074d..6d2010ae8f7a6078e10b361c6962983bab233e0f:/osfmk/kern/ipc_kobject.c

diff --git a/osfmk/kern/ipc_kobject.c b/osfmk/kern/ipc_kobject.c
index 62230a676..8963abea6 100644
--- a/osfmk/kern/ipc_kobject.c
+++ b/osfmk/kern/ipc_kobject.c
@@ -1,23 +1,29 @@
 /*
- * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
  *
- * @APPLE_LICENSE_HEADER_START@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License").  You may not use this file except in compliance with the
- * License.  Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
  * 
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
- * License for the specific language governing rights and limitations
- * under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
  * 
- * @APPLE_LICENSE_HEADER_END@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  */
 /*
  * @OSF_COPYRIGHT@
@@ -47,6 +53,13 @@
  * any improvements or extensions that they make and grant Carnegie Mellon
  * the rights to redistribute these changes.
  */
+/*
+ * NOTICE: This file was modified by McAfee Research in 2004 to introduce
+ * support for mandatory and extensible security protections.  This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ * Copyright (c) 2005 SPARTA, Inc.
+ */
 /*
  */
 /*
@@ -71,6 +84,7 @@
 #include <mach/mig_errors.h>
 #include <mach/notify.h>
 #include <mach/ndr.h>
+#include <mach/vm_param.h>
 
 #include <mach/mach_vm_server.h>
 #include <mach/mach_port_server.h>
@@ -88,9 +102,10 @@
 #include <mach/memory_object_name_server.h>
 #include <mach/processor_server.h>
 #include <mach/processor_set_server.h>
-#include <mach/semaphore_server.h>
 #include <mach/task_server.h>
-#include <mach/vm_map_server.h>
+#if VM32_SUPPORT
+#include <mach/vm32_map_server.h>
+#endif
 #include <mach/thread_act_server.h>
 
 #include <device/device_types.h>
@@ -98,6 +113,10 @@
 
 #include <UserNotification/UNDReplyServer.h>
 
+#if	CONFIG_AUDIT
+#include <kern/audit_sessionport.h>
+#endif
+
 #if     MACH_MACHINE_ROUTINES
 #include <machine/machine_routines.h>
 #endif	/* MACH_MACHINE_ROUTINES */
@@ -107,17 +126,20 @@
 
 #include <kern/ipc_tt.h>
 #include <kern/ipc_mig.h>
+#include <kern/ipc_misc.h>
 #include <kern/ipc_kobject.h>
 #include <kern/host_notify.h>
 #include <kern/mk_timer.h>
 #include <kern/misc_protos.h>
 #include <ipc/ipc_kmsg.h>
 #include <ipc/ipc_port.h>
+#include <ipc/ipc_labelh.h>
 #include <kern/counters.h>
 
-#include <vm/vm_shared_memory_server.h>
 #include <vm/vm_protos.h>
 
+#include <security/mac_mach_internal.h>
+
 /*
  *	Routine:	ipc_kobject_notify
  *	Purpose:
@@ -148,6 +170,9 @@ mig_hash_t mig_buckets[MAX_MIG_ENTRIES];
 int mig_table_max_displ;
 mach_msg_size_t mig_reply_size;
 
+#if CONFIG_MACF
+#include <mach/security_server.h>
+#endif
 
 
 
@@ -165,10 +190,11 @@ const struct mig_subsystem *mig_e[] = {
         (const struct mig_subsystem *)&memory_object_name_subsystem,
 	(const struct mig_subsystem *)&lock_set_subsystem,
 	(const struct mig_subsystem *)&ledger_subsystem,
-	(const struct mig_subsystem *)&semaphore_subsystem,
 	(const struct mig_subsystem *)&task_subsystem,
 	(const struct mig_subsystem *)&thread_act_subsystem,
-	(const struct mig_subsystem *)&vm_map_subsystem,
+#if VM32_SUPPORT
+	(const struct mig_subsystem *)&vm32_map_subsystem,
+#endif
 	(const struct mig_subsystem *)&UNDReply_subsystem,
 	(const struct mig_subsystem *)&default_pager_object_subsystem,
 
@@ -181,6 +207,10 @@ const struct mig_subsystem *mig_e[] = {
 #if     MCMSG && iPSC860
 	(const struct mig_subsystem *)&mcmsg_info_subsystem,
 #endif  /* MCMSG && iPSC860 */
+
+#if CONFIG_MACF
+	(const struct mig_subsystem *)&security_subsystem,
+#endif
 };
 
 void
@@ -202,7 +232,7 @@ mig_init(void)
 	    nentry = j + mig_e[i]->start;	
 	    for (pos = MIG_HASH(nentry) % MAX_MIG_ENTRIES, howmany = 1;
 		 mig_buckets[pos].num;
-		 pos = ++pos % MAX_MIG_ENTRIES, howmany++) {
+		 pos++, pos = pos % MAX_MIG_ENTRIES, howmany++) {
 	         if (mig_buckets[pos].num == nentry) {
 		        printf("message id = %d\n", nentry);
 		 	panic("multiple entries with the same msgh_id");
@@ -427,6 +457,11 @@ ipc_kobject_set(
 {
 	ip_lock(port);
 	ipc_kobject_set_atomically(port, kobject, type);
+
+#if CONFIG_MACF_MACH
+	mac_port_label_update_kobject (&port->ip_label, type);
+#endif
+
 	ip_unlock(port);
 }
 
@@ -476,6 +511,12 @@ ipc_kobject_destroy(
 		host_notify_port_destroy(port);
 		break;
 
+#if CONFIG_MACF_MACH
+	case IKOT_LABELH:
+		labelh_destroy(port);
+		break;
+#endif
+
 	default:
 		break;
 	}
@@ -510,11 +551,20 @@ ipc_kobject_notify(
 				(mach_port_mscount_t) 
 				((mach_no_senders_notification_t *) 
 				 request_header)->not_count);
-			   (ipc_port_t)reply_header->msgh_remote_port
-				   = MACH_PORT_NULL;
+			   reply_header->msgh_remote_port = MACH_PORT_NULL;
 			   return TRUE;
 		   }
-				
+#if	CONFIG_AUDIT
+		   if (ip_kotype(port) == IKOT_AU_SESSIONPORT) {
+			   audit_session_nosenders(request_header);
+			   return TRUE;
+		   }
+#endif
+		   if (ip_kotype(port) == IKOT_FILEPORT) {
+			fileport_notify(request_header);
+			return TRUE;
+		   }
+
 	  	   break;
 
 		case MACH_NOTIFY_PORT_DELETED:
@@ -585,7 +635,7 @@ kobjserver_stats(void)
 	    nentry = j + mig_e[i]->start;	
 	    for (pos = MIG_HASH(nentry) % MAX_MIG_ENTRIES, howmany = 1;
 		 mig_buckets[pos].num;
-		 pos = ++pos % MAX_MIG_ENTRIES, howmany++) {
+		 pos++, pos = pos % MAX_MIG_ENTRIES, howmany++) {
 		    if (mig_buckets[pos].num == nentry)
 			bucket_stats_print(&mig_buckets[pos]);
 	    }