/*
 * Copyright (c) 2014 Apple Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */

#include <pexpert/pexpert.h>
#include <sys/csr.h>
#include <sys/errno.h>
#include <sys/sysproto.h>
#include <sys/systm.h>
#include <sys/types.h>

/* allow everything by default? */
/* XXX: set this to 0 later: <rdar://problem/16040413> */
static int csr_allow_all = 1;

/* allow everything if CSR_ALLOW_APPLE_INTERNAL is set */
static int csr_allow_internal = 1;

/* Current boot-arg policy:
 * rootless=0
 *    csr_allow_all = 1
 * rootless=1
 *    csr_allow_all = 0
 *    csr_allow_internal = 0
 *
 * After <rdar://problem/16239861>:
 * rootless=0
 *    no effect
 * rootless=1
 *    csr_allow_internal = 0
 *
 * Enforcement policy:
 * ===============================
 *            | csr_allow_internal
 *            |   0         1
 * ===============================
 *   csr_   0 | always   customer
 *  allow_    |
 *   all    1 | never    never
 * ===============================
 * NB: "customer" means enforce when
 * CSR_ALLOW_APPLE_INTERNAL not set */

void
csr_init(void)
{
	boot_args *args = (boot_args *)PE_state.bootArgs;
	if (args->flags & kBootArgsFlagCSRBoot) {
		/* special booter; allow everything */
		csr_allow_all = 1;
	}

	int rootless_boot_arg;
	if (PE_parse_boot_argn("rootless", &rootless_boot_arg, sizeof(rootless_boot_arg))) {
		/* XXX: set csr_allow_all to boot arg value for now
		 * (to be removed by <rdar://problem/16239861>) */
		csr_allow_all = !rootless_boot_arg;
		/* if rootless=1, do not allow everything when CSR_ALLOW_APPLE_INTERNAL is set */
		csr_allow_internal &= !rootless_boot_arg;
	}
}

int
csrctl(__unused proc_t p, struct csrctl_args *uap, __unused int32_t *retval)
{
	int error = 0;

	if (uap->useraddr == 0)
		return EINVAL;
	if (uap->usersize != sizeof(csr_config_t))
		return EINVAL;

	switch (uap->op) {
		case CSR_OP_CHECK:
		{
			csr_config_t mask;
			error = copyin(uap->useraddr, &mask, sizeof(csr_config_t));

			if (error)
				return error;

			error = csr_check(mask);
			break;
		}

		case CSR_OP_GET_ACTIVE_CONFIG:
		case CSR_OP_GET_PENDING_CONFIG: /* fall through */
		{
			csr_config_t config = 0;
			if (uap->op == CSR_OP_GET_ACTIVE_CONFIG)
				error = csr_get_active_config(&config);
			else
				error = csr_get_pending_config(&config);

			if (error)
				return error;

			error = copyout(&config, uap->useraddr, sizeof(csr_config_t));
			break;
		}

		default:
			error = EINVAL;
			break;
	}

	return error;
}

int
csr_get_active_config(csr_config_t *config)
{
	boot_args *args = (boot_args *)PE_state.bootArgs;
	if (args->flags & kBootArgsFlagCSRActiveConfig) {
		*config = args->csrActiveConfig & CSR_VALID_FLAGS;
	} else {
		/* XXX: change to 0 when <rdar://problem/16239698> is in the build */
		*config = CSR_ALLOW_APPLE_INTERNAL;
	}

	return 0;
}

int
csr_get_pending_config(csr_config_t *config)
{
	boot_args *args = (boot_args *)PE_state.bootArgs;
	if (args->flags & kBootArgsFlagCSRPendingConfig) {
		*config = args->csrPendingConfig & CSR_VALID_FLAGS;
		return 0;
	} else {
		return ENOENT;
	}
}

int
csr_check(csr_config_t mask)
{
	if (csr_allow_all) {
		return 0;
	}

	csr_config_t config;
	int error = csr_get_active_config(&config);
	if (error) {
		return error;
	}

	if (csr_allow_internal && (config & CSR_ALLOW_APPLE_INTERNAL)) {
		return 0;
	}

	if (mask == 0) {
		/* pass 0 to check if Rootless enforcement is active */
		return -1;
	}

	error = (config & mask) ? 0 : EPERM;
	return error;
}

void
csr_set_allow_all(int value)
{
	csr_allow_all = !!value; // force value to 0 or 1
}