1
2/* -*- C++ -*- */
3
4subsystem
5#if	KERNEL_SERVER
6	  KernelServer
7#endif	KERNEL_SERVER
8	  security 5200;
9
10#include <mach/std_types.defs>
11#include <mach/mach_types.defs>
12
13type labelstr_t = c_string[*:512];
14
15/**
16  @brief Retrieve a task label as a label handle
17  @param task Target's task port
18  @param label Returned label handle
19
20  This call retrieves the label handle of the specified task.
21
22  @return Standard MiG return values (0 for success)
23*/
24
25routine mach_get_task_label(task      : ipc_space_t;
26			    out label : mach_port_name_t);
27
28/**
29  @brief Retrieve a task label in textual form
30  @param task Target's task port
31  @param policies Comma-delimited list of policies to query
32  @param label Returned label text
33
34  This call retrieves an externalized task label for the
35  specified task, with respect to the specified policies.
36
37  @return Standard MiG return values (0 for success)
38*/
39
40routine mach_get_task_label_text(task      : ipc_space_t;
41				 policies  : labelstr_t;
42				 out label : labelstr_t);
43
44/**
45  @brief Retrieve a port label as a label handle
46  @param task Issuer's task port
47  @param port Port to query label from
48  @param label Returned label handle
49
50  This call retrieves a new label handle for the specified port.
51  If the port represents a label handle, KERN_INVALID_ARGUMENT is
52  returned.
53
54  @return Standard MiG return values (0 for success)
55*/
56
57routine mach_get_label(task      : ipc_space_t;
58		       port      : mach_port_name_t;
59		       out label : mach_port_name_t);
60
61/**
62  @brief Retrieve a port label in textual form
63  @param task Issuer's task port
64  @param name Port to query label from
65  @param policies Comma-delimited list of policies to query
66  @param label Returned label text
67
68  This call retrieves an externalized port label for the specified port,
69  with respect to the specified policies. If the port represents a label
70  handle, the returned label text refers to the stored label and not the
71  access control label.
72
73  @return Standard MiG return values (0 for success)
74*/
75
76routine mach_get_label_text(task      : ipc_space_t;
77			    name      : mach_port_name_t;
78			    policies  : labelstr_t;
79			    out label : labelstr_t);
80
81/**
82  @brief Relabel a port
83  @param task Task containing specified ports
84  @param name Port to relabel
85  @param label String representation of new label
86
87  This call attempts to relabel the specified port to the
88  label specified. For label handles, it changes the access control
89  label and not the stored label.
90
91  @return Standard MiG return values (0 for success)
92*/
93
94routine mach_set_port_label(task      : ipc_space_t;
95			    name      : mach_port_name_t;
96			    label     : labelstr_t);
97
98/**
99  @brief Generic access control check
100  @param task Any task port
101  @param subj subject label in textual form
102  @param obj object label in textual form
103  @param serv Service or object class name
104  @param perm Permission, or method, within the specified service
105
106  This function provides a general way for a user process to query
107  an arbitrary access control decision from the system's security policies.
108  Currently, there are no standards for the format of the service and
109  permission names. 
110
111  @return Standard MiG return values (0 for success)
112*/
113
114routine mac_check_service(task    : ipc_space_t;
115			  subject : labelstr_t;
116			  object  : labelstr_t;
117			  service : labelstr_t;
118			  perm    : labelstr_t);
119
120/**
121  @brief Generic access control check
122  @param task Task containing specified ports (usually caller's)
123  @param subj subject label in textual form
124  @param obj port containing object label
125  @param serv Service or object class name
126  @param perm Permission, or method, within the specified service
127
128  This function provides a general way for a user process to query
129  an arbitrary access control decision from the system's security policies.
130  Currently, there are no standards for the format of the service and
131  permission names. If the port is a label handle, the stored label is
132  used. Otherwise, its access control label is used.
133
134  @return Standard MiG return values (0 for success)
135*/
136
137routine mac_port_check_service_obj(task    : ipc_space_t;
138				   subject : labelstr_t;
139				   object  : mach_port_name_t;
140				   service : labelstr_t;
141				   perm    : labelstr_t);
142
143/**
144  @brief Generic access control check
145  @param task Task containing specified ports (usually caller's)
146  @param subj port containing subject label
147  @param obj port containing object label
148  @param serv Service or object class name
149  @param perm Permission, or method, within the specified service
150
151  This function provides a general way for a user process to query
152  an arbitrary access control decision from the system's security policies.
153  Currently, there are no standards for the format of the service and
154  permission names. If any ports are label handles, the stored label is
155  used. Otherwise, the access control labels are used.
156
157  @return Standard MiG return values (0 for success)
158*/
159
160routine mac_port_check_access(task    : ipc_space_t;
161			      subject : mach_port_name_t;
162			      object  : mach_port_name_t;
163			      service : labelstr_t;
164			      perm    : labelstr_t);
165
166/**
167  @brief Create a new label handle
168  @param task Task to receive new ports (usually caller's)
169  @param name Returned label handle port
170  @param label String representation of new label
171
172  Creates a new label handle, with the stored label defined by the
173  given text. Any task may create a label handle with any valid label,
174  not necessarily one that it has permission to access. A port right
175  for the new label handle is inserted into the specified task.
176  Posession of label handles should not imply any security properties.
177
178  @return Standard MiG return values (0 for success)
179*/
180
181routine mac_label_new(task     : ipc_space_t;
182		      out name : mach_port_name_t;
183		      label    : labelstr_t);
184
185/**
186  @brief Request a computed label
187  @param task subj,obj,newlabel relative to this task (usually caller's)
188  @param subj port containing subject label
189  @param obj port containing object label
190  @param serv Service or object class name
191  @param newlabel Returned label handle port
192  
193  Ask the loaded policies to compute a label based on the two input labels
194  and the service name. There is currently no standard for the service name,
195  or even what the input labels represent (Subject and parent object are only
196  a suggestion). If any ports are label handles, the stored label is
197  used. Otherwise, the access control labels are used. A new label handle
198  is created to contain the computed label, and is stored into the
199  specified task.
200
201  @return Standard MiG return values (0 for success)
202*/
203
204routine mac_request_label(task         : ipc_space_t;
205			  subject      : mach_port_name_t;
206			  object       : mach_port_name_t;
207			  service      : labelstr_t;
208			  out newlabel : mach_port_name_t);
209