xref: /xnu-8020.140.41/bsd/sys/proc_uuid_policy.h (revision 27b03b360a988dfd3dfdf34262bb0042026747cc) 
1 /*
2  * Copyright (c) 2013 Apple Inc. All rights reserved.
3  *
4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5  *
6  * This file contains Original Code and/or Modifications of Original Code
7  * as defined in and that are subject to the Apple Public Source License
8  * Version 2.0 (the 'License'). You may not use this file except in
9  * compliance with the License. The rights granted to you under the License
10  * may not be used to create, or enable the creation or redistribution of,
11  * unlawful or unlicensed copies of an Apple operating system, or to
12  * circumvent, violate, or enable the circumvention or violation of, any
13  * terms of an Apple operating system software license agreement.
14  *
15  * Please obtain a copy of the License at
16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
17  *
18  * The Original Code and all software distributed under the License are
19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23  * Please see the License for the specific language governing rights and
24  * limitations under the License.
25  *
26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27  */
28 
29 #ifndef _SYS_PROC_UUID_POLICY_H
30 #define _SYS_PROC_UUID_POLICY_H
31 
32 #include <sys/cdefs.h>
33 #include <sys/param.h>
34 #include <sys/types.h>
35 #include <stdint.h>
36 #include <uuid/uuid.h>
37 
38 __BEGIN_DECLS
39 
40 /*
41  * The proc_uuid_policy subsystem allows a privileged client to
42  * upload policies to the kernel keyed by Mach-O executable
43  * UUID. In-kernel clients can query this policy table cheaply
44  * to determine if a resource or process should by governed
45  * by the policy flags. During early boot, the policy table
46  * may be empty or sparse, which in-kernel clients should
47  * have a specified behavior for.
48  */
49 
50 #define PROC_UUID_POLICY_OPERATION_CLEAR        0x00000000
51 #define PROC_UUID_POLICY_OPERATION_ADD          0x00000001
52 #define PROC_UUID_POLICY_OPERATION_REMOVE       0x00000002
53 
54 /* The namespace of flags are managed by in-kernel clients */
55 #define PROC_UUID_POLICY_FLAGS_NONE                     0x00000000
56 #define PROC_UUID_NO_CELLULAR                           0x00000001
57 #define PROC_UUID_NECP_APP_POLICY                       0x00000002
58 #define PROC_UUID_ALT_DYLD_POLICY                       0x00000004
59 #define PROC_UUID_ALT_ROSETTA_POLICY                    0x00000008
60 
61 /* To be removed, replaced by PROC_UUID_NECP_APP_POLICY */
62 #define PROC_UUID_FLOW_DIVERT                           0x00000002
63 
64 #ifdef BSD_KERNEL_PRIVATE
65 /*
66  * Look up a policy indexed by UUID.
67  *
68  * Paramaters:
69  *     uuid          UUID to look up, must be not the zero-uuid
70  *     flags         Flags that have been associated with the UUID on successful
71  *                   lookup.
72  *     gencount      The generation count of the internal policy table representation.
73  *
74  *     Initial lookups by an in-kernel subsystem should pass 0 for flags/gencount.
75  *     Subsequent lookups for the same UUID with the same flags and gencount passed
76  *     in can short-circuit the lookup if the generation count has not changed.
77  *
78  * Return:
79  *     0        Success, UUID was found, flags and gencount are returned
80  *     EINVAL   Bad UUID or other pointer parameter
81  *     ENOENT   UUID not found
82  *
83  */
84 extern int proc_uuid_policy_lookup(uuid_t uuid, uint32_t *flags, int32_t *gencount);
85 
86 extern void proc_uuid_policy_init(void);
87 
88 extern int proc_uuid_policy_kernel(uint32_t operation, uuid_t uuid, uint32_t flags);
89 #endif /* BSD_KERNEL_PRIVATE */
90 
91 #ifndef KERNEL
92 /*
93  * Upload a policy indexed by UUID.
94  *
95  * Parameters:
96  *     operation     CLEAR    Clear specified flags for all entries.
97  *                            Entries are removed if they have no remaining flags.
98  *                   ADD      Add the specified UUID and flags to the policy table.
99  *                            Flags are ORed  with existing entries for the UUID.
100  *                   REMOVE   Mask out flags in the entry for the specified UUID.
101  *                            Entry is removed if it has no remaining flags.
102  *     uuid          Pointer to UUID for Mach-O executable
103  *     uuidlen       sizeof(uuid_t)
104  *     flags         Flags to be stored in the policy table. See operation notes above.
105  *
106  * Return:
107  *     0        Success, operation completed without error.
108  *     -1       Failure, errno can contain:
109  *         ENOENT   REMOVE operation specified a UUID not in the policy table.
110  *         EPERM    Call is not privileged to call this system call
111  *         EINVAL   Invalid parameter
112  *         ERANGE   Invalid uuidlen
113  *         ENOMEM   Too many entries exist
114  */
115 extern int proc_uuid_policy(uint32_t operation, uuid_t uuid, size_t uuidlen, uint32_t flags);
116 #endif /* !KERNEL */
117 
118 __END_DECLS
119 
120 #endif /*_SYS_PROC_UUID_POLICY_H */
121