X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/91447636331957f3d9b5ca5b508f07c526b0074d..b0d623f7f2ae71ed96e60569f61f9a9a27016e80:/osfmk/ipc/ipc_object.c diff --git a/osfmk/ipc/ipc_object.c b/osfmk/ipc/ipc_object.c index 0874e7a31..4b1dc1c85 100644 --- a/osfmk/ipc/ipc_object.c +++ b/osfmk/ipc/ipc_object.c @@ -1,23 +1,29 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2007 Apple Inc. All rights reserved. * - * @APPLE_LICENSE_HEADER_START@ + * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. The rights granted to you under the License + * may not be used to create, or enable the creation or redistribution of, + * unlawful or unlicensed copies of an Apple operating system, or to + * circumvent, violate, or enable the circumvention or violation of, any + * terms of an Apple operating system software license agreement. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * - * @APPLE_LICENSE_HEADER_END@ + * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ */ /* * @OSF_COPYRIGHT@ @@ -47,6 +53,13 @@ * any improvements or extensions that they make and grant Carnegie Mellon * the rights to redistribute these changes. */ +/* + * NOTICE: This file was modified by McAfee Research in 2004 to introduce + * support for mandatory and extensible security protections. This notice + * is included in support of clause 2.2 (b) of the Apple Public License, + * Version 2.0. + * Copyright (c) 2005-2006 SPARTA, Inc. + */ /* */ /* @@ -67,6 +80,7 @@ #include #include +#include #include #include @@ -77,6 +91,9 @@ #include #include #include +#include + +#include zone_t ipc_object_zones[IOT_NUMBER]; @@ -328,6 +345,9 @@ ipc_object_alloc( ipc_port_t port = (ipc_port_t)object; bzero((char *)port, sizeof(*port)); +#if CONFIG_MACF_MACH + mac_port_label_init(&port->ip_label); +#endif } else if (otype == IOT_PORT_SET) { ipc_pset_t pset = (ipc_pset_t)object; @@ -335,7 +355,7 @@ ipc_object_alloc( } io_lock_init(object); - *namep = (mach_port_name_t)object; + *namep = CAST_MACH_PORT_TO_NAME(object); kr = ipc_entry_alloc(space, namep, &entry); if (kr != KERN_SUCCESS) { io_free(otype, object); @@ -396,6 +416,9 @@ ipc_object_alloc_name( ipc_port_t port = (ipc_port_t)object; bzero((char *)port, sizeof(*port)); +#if CONFIG_MACF_MACH + mac_port_label_init(&port->ip_label); +#endif } else if (otype == IOT_PORT_SET) { ipc_pset_t pset = (ipc_pset_t)object; @@ -705,7 +728,7 @@ ipc_object_copyout( break; } - name = (mach_port_name_t)object; + name = CAST_MACH_PORT_TO_NAME(object); kr = ipc_entry_get(space, &name, &entry); if (kr != KERN_SUCCESS) { /* unlocks/locks space, so must start again */ @@ -972,7 +995,31 @@ ipc_object_rename( return kr; } -#if MACH_ASSERT +/* + * Get a label out of a port, to be used by a kernel call + * that takes a security label as a parameter. In this case, we want + * to use the label stored in the label handle and not the label on its + * port. + * + * The port should be locked for this call. The lock protecting + * label handle contents should not be necessary, as they can only + * be modified when a label handle with one reference is a task label. + * User allocated label handles can never be modified. + */ +#if CONFIG_MACF_MACH +struct label *io_getlabel (ipc_object_t objp) +{ + ipc_port_t port = (ipc_port_t)objp; + + assert(io_otype(objp) == IOT_PORT); + + if (ip_kotype(port) == IKOT_LABELH) + return &((ipc_labelh_t) port->ip_kobject)->lh_label; + else + return &port->ip_label; +} +#endif + /* * Check whether the object is a port if so, free it. But * keep track of that fact. @@ -989,16 +1036,20 @@ io_free( #if MACH_ASSERT ipc_port_track_dealloc(port); #endif /* MACH_ASSERT */ + +#if CONFIG_MACF_MACH + /* Port label should have been initialized after creation. */ + mac_port_label_destroy(&port->ip_label); +#endif } + io_lock_destroy(object); zfree(ipc_object_zones[otype], object); } -#endif /* MACH_ASSERT */ #include #if MACH_KDB #include -#include #define printf kdbprintf @@ -1041,10 +1092,17 @@ const char *ikot_print_array[IKOT_MAX_TYPE] = { "(IOKIT_CONNECT) ", "(IOKIT_OBJECT) ", /* 30 */ "(UPL) ", - /* << new entries here */ + "(MEM_OBJ_CONTROL) ", + "(AU_SESSIONPORT) ", /* 33 */ +#if CONFIG_MACF_MACH + "(LABELH) ", +#endif +/* + * Add new entries here. + * Please keep in sync with kern/ipc_kobject.h + */ "(UNKNOWN) " /* magic catchall */ }; -/* Please keep in sync with kern/ipc_kobject.h */ void ipc_object_print(