1 2/* -*- C++ -*- */ 3 4subsystem 5#if KERNEL_SERVER 6 KernelServer 7#endif /* KERNEL_SERVER */ 8 security 5200; 9 10#include <mach/std_types.defs> 11#include <mach/mach_types.defs> 12 13type labelstr_t = c_string[*:512]; 14 15/** 16 @brief Retrieve a task label as a label handle 17 @param task Target's task port 18 @param label Returned label handle 19 20 This call retrieves the label handle of the specified task. 21 22 @return Standard MiG return values (0 for success) 23*/ 24 25routine mach_get_task_label(task : ipc_space_t; 26 out label : mach_port_name_t); 27 28/** 29 @brief Retrieve a task label in textual form 30 @param task Target's task port 31 @param policies Comma-delimited list of policies to query 32 @param label Returned label text 33 34 This call retrieves an externalized task label for the 35 specified task, with respect to the specified policies. 36 37 @return Standard MiG return values (0 for success) 38*/ 39 40routine mach_get_task_label_text(task : ipc_space_t; 41 policies : labelstr_t; 42 out label : labelstr_t); 43 44/** 45 @brief Retrieve a port label as a label handle 46 @param task Issuer's task port 47 @param port Port to query label from 48 @param label Returned label handle 49 50 This call retrieves a new label handle for the specified port. 51 If the port represents a label handle, KERN_INVALID_ARGUMENT is 52 returned. 53 54 @return Standard MiG return values (0 for success) 55*/ 56 57routine mach_get_label(task : ipc_space_t; 58 port : mach_port_name_t; 59 out label : mach_port_name_t); 60 61/** 62 @brief Retrieve a port label in textual form 63 @param task Issuer's task port 64 @param name Port to query label from 65 @param policies Comma-delimited list of policies to query 66 @param label Returned label text 67 68 This call retrieves an externalized port label for the specified port, 69 with respect to the specified policies. If the port represents a label 70 handle, the returned label text refers to the stored label and not the 71 access control label. 72 73 @return Standard MiG return values (0 for success) 74*/ 75 76routine mach_get_label_text(task : ipc_space_t; 77 name : mach_port_name_t; 78 policies : labelstr_t; 79 out label : labelstr_t); 80 81/** 82 @brief Relabel a port 83 @param task Task containing specified ports 84 @param name Port to relabel 85 @param label String representation of new label 86 87 This call attempts to relabel the specified port to the 88 label specified. For label handles, it changes the access control 89 label and not the stored label. 90 91 @return Standard MiG return values (0 for success) 92*/ 93 94routine mach_set_port_label(task : ipc_space_t; 95 name : mach_port_name_t; 96 label : labelstr_t); 97 98/** 99 @brief Generic access control check 100 @param task Any task port 101 @param subj subject label in textual form 102 @param obj object label in textual form 103 @param serv Service or object class name 104 @param perm Permission, or method, within the specified service 105 106 This function provides a general way for a user process to query 107 an arbitrary access control decision from the system's security policies. 108 Currently, there are no standards for the format of the service and 109 permission names. 110 111 @return Standard MiG return values (0 for success) 112*/ 113 114routine mac_check_service(task : ipc_space_t; 115 subject : labelstr_t; 116 object : labelstr_t; 117 service : labelstr_t; 118 perm : labelstr_t); 119 120/** 121 @brief Generic access control check 122 @param task Task containing specified ports (usually caller's) 123 @param subj subject label in textual form 124 @param obj port containing object label 125 @param serv Service or object class name 126 @param perm Permission, or method, within the specified service 127 128 This function provides a general way for a user process to query 129 an arbitrary access control decision from the system's security policies. 130 Currently, there are no standards for the format of the service and 131 permission names. If the port is a label handle, the stored label is 132 used. Otherwise, its access control label is used. 133 134 @return Standard MiG return values (0 for success) 135*/ 136 137routine mac_port_check_service_obj(task : ipc_space_t; 138 subject : labelstr_t; 139 object : mach_port_name_t; 140 service : labelstr_t; 141 perm : labelstr_t); 142 143/** 144 @brief Generic access control check 145 @param task Task containing specified ports (usually caller's) 146 @param subj port containing subject label 147 @param obj port containing object label 148 @param serv Service or object class name 149 @param perm Permission, or method, within the specified service 150 151 This function provides a general way for a user process to query 152 an arbitrary access control decision from the system's security policies. 153 Currently, there are no standards for the format of the service and 154 permission names. If any ports are label handles, the stored label is 155 used. Otherwise, the access control labels are used. 156 157 @return Standard MiG return values (0 for success) 158*/ 159 160routine mac_port_check_access(task : ipc_space_t; 161 subject : mach_port_name_t; 162 object : mach_port_name_t; 163 service : labelstr_t; 164 perm : labelstr_t); 165 166/** 167 @brief Create a new label handle 168 @param task Task to receive new ports (usually caller's) 169 @param name Returned label handle port 170 @param label String representation of new label 171 172 Creates a new label handle, with the stored label defined by the 173 given text. Any task may create a label handle with any valid label, 174 not necessarily one that it has permission to access. A port right 175 for the new label handle is inserted into the specified task. 176 Posession of label handles should not imply any security properties. 177 178 @return Standard MiG return values (0 for success) 179*/ 180 181routine mac_label_new(task : ipc_space_t; 182 out name : mach_port_name_t; 183 label : labelstr_t); 184 185/** 186 @brief Request a computed label 187 @param task subj,obj,newlabel relative to this task (usually caller's) 188 @param subj port containing subject label 189 @param obj port containing object label 190 @param serv Service or object class name 191 @param newlabel Returned label handle port 192 193 Ask the loaded policies to compute a label based on the two input labels 194 and the service name. There is currently no standard for the service name, 195 or even what the input labels represent (Subject and parent object are only 196 a suggestion). If any ports are label handles, the stored label is 197 used. Otherwise, the access control labels are used. A new label handle 198 is created to contain the computed label, and is stored into the 199 specified task. 200 201 @return Standard MiG return values (0 for success) 202*/ 203 204routine mac_request_label(task : ipc_space_t; 205 subject : mach_port_name_t; 206 object : mach_port_name_t; 207 service : labelstr_t; 208 out newlabel : mach_port_name_t); 209