mac_mach_internal.h
1 /* 2 * Copyright (c) 2007 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 /*- 29 * Copyright (c) 2005 SPARTA, Inc. 30 * All rights reserved. 31 * 32 * Redistribution and use in source and binary forms, with or without 33 * modification, are permitted provided that the following conditions 34 * are met: 35 * 1. Redistributions of source code must retain the above copyright 36 * notice, this list of conditions and the following disclaimer. 37 * 2. Redistributions in binary form must reproduce the above copyright 38 * notice, this list of conditions and the following disclaimer in the 39 * documentation and/or other materials provided with the distribution. 40 * 41 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 */ 53 54 #ifndef _SECURITY_MAC_MACH_INTERNAL_H_ 55 #define _SECURITY_MAC_MACH_INTERNAL_H_ 56 57 #ifndef PRIVATE 58 #warning "MAC policy is not KPI, see Technical Q&A QA1574, this header will be removed in next version" 59 #endif 60 61 /* mac_do_machexc() flags */ 62 #define MAC_DOEXCF_TRACED 0x01 /* Only do mach exeception if 63 being ptrace()'ed */ 64 struct exception_action; 65 struct proc; 66 struct uthread; 67 struct task; 68 69 int mac_do_machexc(int64_t code, int64_t subcode, uint32_t flags __unused); 70 int mac_schedule_userret(void); 71 72 #if CONFIG_MACF 73 void mac_policy_init(void); 74 void mac_policy_initmach(void); 75 76 /* tasks */ 77 int mac_task_check_expose_task(struct task *t, mach_task_flavor_t flavor); 78 int mac_task_check_task_id_token_get_task(struct task *t, mach_task_flavor_t flavor); 79 int mac_task_check_set_host_special_port(struct task *task, 80 int id, struct ipc_port *port); 81 int mac_task_check_set_host_exception_port(struct task *task, 82 unsigned int exception); 83 int mac_task_check_set_host_exception_ports(struct task *task, 84 unsigned int exception_mask); 85 int mac_task_check_get_movable_control_port(void); 86 int mac_task_check_dyld_process_info_notify_register(void); 87 88 /* See rdar://problem/58989880 */ 89 #ifndef bitstr_test 90 # define bitstr_test(name, bit) ((name)[((bit) >> 3)] & (1 << ((bit) & 0x7))) 91 #endif /* ! bitstr_test */ 92 93 typedef int (*mac_task_mach_filter_cbfunc_t)(struct proc *bsdinfo, int num); 94 typedef int (*mac_task_kobj_filter_cbfunc_t)(struct proc *bsdinfo, int msgid, int index); 95 extern mac_task_mach_filter_cbfunc_t mac_task_mach_trap_evaluate; 96 extern mac_task_kobj_filter_cbfunc_t mac_task_kobj_msg_evaluate; 97 extern const int mach_trap_count; 98 extern int mach_kobj_count; 99 100 void mac_task_set_mach_filter_mask(struct task *task, uint8_t *maskptr); 101 void mac_task_set_kobj_filter_mask(struct task *task, uint8_t *maskptr); 102 int mac_task_register_filter_callbacks( 103 const mac_task_mach_filter_cbfunc_t mach_cbfunc, 104 const mac_task_kobj_filter_cbfunc_t kobj_cbfunc); 105 106 /* threads */ 107 void act_set_astmacf(struct thread *); 108 void mac_thread_userret(struct thread *); 109 110 /* exception actions */ 111 struct label *mac_exc_create_label(void); 112 void mac_exc_free_label(struct label *label); 113 114 void mac_exc_associate_action_label(struct exception_action *action, struct label *label); 115 void mac_exc_free_action_label(struct exception_action *action); 116 117 int mac_exc_update_action_label(struct exception_action *action, struct label *newlabel); 118 int mac_exc_inherit_action_label(struct exception_action *parent, struct exception_action *child); 119 int mac_exc_update_task_crash_label(struct task *task, struct label *newlabel); 120 121 int mac_exc_action_check_exception_send(struct task *victim_task, struct exception_action *action); 122 123 void mac_proc_notify_exec_complete(struct proc *proc); 124 int mac_proc_check_remote_thread_create(struct task *task, int flavor, thread_state_t new_state, mach_msg_type_number_t new_state_count); 125 126 struct label *mac_exc_create_label_for_proc(struct proc *proc); 127 struct label *mac_exc_create_label_for_current_proc(void); 128 129 #endif /* MAC */ 130 131 #endif /* !_SECURITY_MAC_MACH_INTERNAL_H_ */