1/* 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// process - track a single client process and its belongings 27// 28#ifndef _H_PROCESS 29#define _H_PROCESS 30 31#include "structure.h" 32#include "session.h" 33#include <security_agent_client/agentclient.h> 34#include <security_utilities/refcount.h> 35#include <security_utilities/ccaudit.h> 36#include <security_utilities/vproc++.h> 37#include "clientid.h" 38#include "csproxy.h" 39#include "localkey.h" 40#include "notifications.h" 41#include <string> 42 43using MachPlusPlus::Port; 44using MachPlusPlus::TaskPort; 45 46class Session; 47class LocalDatabase; 48class AuthorizationToken; 49 50 51// 52// A Process object represents a UNIX process (and associated Mach Task) that has 53// had contact with us and may have some state associated with it. It primarily tracks 54// the process nature of the client. Individual threads in the client are tracked by 55// Connection objects. 56// 57// Code Signing-style Guest identities are managed in two of our mix-ins. The two play 58// distinct but related roles: 59// * CodeSigningHost manages the public identity of guests within the client. 60// In this relationship, securityd provides registry and proxy services to the client. 61// * ClientIdentification tracks the identity of guests in the client *as securityd clients*. 62// It is concerned with which guest is asking for securityd services, and whether this 63// should be granted. 64// Often, the two form a loop: ClientIdentification uses CodeSigningHost to determine 65// the guest client identity, but it does so through public (Mach IPC) interfaces, because 66// clients may implement their own proxy (though currently not registry) services. 67// We could short-circuit the IPC leg in those cases where securityd serves itself, 68// but there's no evidence (yet) that this is worth the trouble. 69// 70class Process : public PerProcess, 71 public CodeSigningHost, 72 public ClientIdentification, 73 private VProc::Transaction { 74public: 75 Process(TaskPort tPort, const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit); 76 virtual ~Process(); 77 78 void reset(TaskPort tPort, const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit); 79 80 uid_t uid() const { return mUid; } 81 gid_t gid() const { return mGid; } 82 pid_t pid() const { return mPid; } 83 TaskPort taskPort() const { return mTaskPort; } 84 bool byteFlipped() const { return mByteFlipped; } 85 86 void addAuthorization(AuthorizationToken *auth); 87 void checkAuthorization(AuthorizationToken *auth); 88 bool removeAuthorization(AuthorizationToken *auth); 89 90 using PerProcess::kill; 91 void kill(); 92 93 void changeSession(Session::SessionId sessionId); 94 95 Session& session() const; 96 void checkSession(const audit_token_t &auditToken); 97 98 LocalDatabase &localStore(); 99 Key *makeTemporaryKey(const CssmKey &key, CSSM_KEYATTR_FLAGS moreAttributes, 100 const AclEntryPrototype *owner); 101 102 // aclSequence is taken to serialize ACL validations to pick up mutual changes 103 Mutex aclSequence; 104 105 IFDUMP(void dumpNode()); 106 107private: 108 void setup(const ClientSetupInfo *info); 109 110private: 111 // peer state: established during connection startup; fixed thereafter 112 TaskPort mTaskPort; // task port 113 bool mByteFlipped; // client's byte order is reverse of ours 114 pid_t mPid; // process id 115 uid_t mUid; // UNIX uid credential 116 gid_t mGid; // primary UNIX gid credential 117 118 // authorization dictionary 119 typedef multiset<AuthorizationToken *> AuthorizationSet; 120 AuthorizationSet mAuthorizations; // set of valid authorizations for process 121 122 // canonical local (transient) key store 123 RefPointer<LocalDatabase> mLocalStore; 124}; 125 126 127// 128// Convenience comparison 129// 130inline bool operator == (const Process &p1, const Process &p2) 131{ 132 return &p1 == &p2; 133} 134 135 136#endif //_H_PROCESS 137