diff --git a/Source/common/BUILD b/Source/common/BUILD index 25c57401e..e120c9a3f 100644 --- a/Source/common/BUILD +++ b/Source/common/BUILD @@ -3,7 +3,7 @@ load("@rules_proto_grpc//objc:defs.bzl", "objc_proto_library") package( default_visibility = ["//:santa_package_group"], - features = ["-layering_check"], + features = ["layering_check"], ) licenses(["notice"]) diff --git a/Source/common/SNTCommon.h b/Source/common/SNTCommon.h index 3265b77e0..8ebd9027c 100644 --- a/Source/common/SNTCommon.h +++ b/Source/common/SNTCommon.h @@ -13,48 +13,19 @@ /// limitations under the License. /// -/// Common defines between kernel <-> userspace +/// Common defines between daemon <-> client /// -#ifndef SANTA__COMMON__KERNELCOMMON_H -#define SANTA__COMMON__KERNELCOMMON_H +#ifndef SANTA__COMMON__COMMON_H +#define SANTA__COMMON__COMMON_H #include #include -// Defines the name of the userclient class and the driver bundle ID. -#define USERCLIENT_CLASS "com_google_SantaDriver" -#define USERCLIENT_ID "com.google.santa-driver" - // Branch prediction #define likely(x) __builtin_expect(!!(x), 1) #define unlikely(x) __builtin_expect(!!(x), 0) -// List of methods supported by the driver. -enum SantaDriverMethods { - kSantaUserClientOpen, - kSantaUserClientAllowBinary, - kSantaUserClientAllowCompiler, - kSantaUserClientDenyBinary, - kSantaUserClientAcknowledgeBinary, - kSantaUserClientClearCache, - kSantaUserClientRemoveCacheEntry, - kSantaUserClientCacheCount, - kSantaUserClientCheckCache, - kSantaUserClientCacheBucketCount, - kSantaUserClientFilemodPrefixFilterAdd, - kSantaUserClientFilemodPrefixFilterReset, - - // Any methods supported by the driver should be added above this line to - // ensure this remains the count of methods. - kSantaUserClientNMethods, -}; - -typedef enum { - QUEUETYPE_DECISION, - QUEUETYPE_LOG, -} santa_queuetype_t; - // Enum defining actions that can be passed down the IODataQueue and in // response methods. typedef enum { @@ -137,10 +108,4 @@ typedef struct { void *args_array; } santa_message_t; -// Used for the kSantaUserClientCacheBucketCount request. -typedef struct { - uint16_t per_bucket[1024]; - uint64_t start; -} santa_bucket_count_t; - -#endif // SANTA__COMMON__KERNELCOMMON_H +#endif // SANTA__COMMON__COMMON_H diff --git a/Source/common/SNTCommonEnums.h b/Source/common/SNTCommonEnums.h index 9697d1f9a..43070f20e 100644 --- a/Source/common/SNTCommonEnums.h +++ b/Source/common/SNTCommonEnums.h @@ -101,7 +101,6 @@ typedef NS_ENUM(NSInteger, SNTMetricFormatType) { SNTMetricFormatTypeMonarchJSON, }; -static const char *kKextPath = "/Library/Extensions/santa-driver.kext"; static const char *kSantaDPath = "/Applications/Santa.app/Contents/Library/SystemExtensions/" "com.google.santa.daemon.systemextension/Contents/MacOS/com.google.santa.daemon"; diff --git a/Source/common/SNTLogging.h b/Source/common/SNTLogging.h index 230d9ed86..779caac74 100644 --- a/Source/common/SNTLogging.h +++ b/Source/common/SNTLogging.h @@ -13,27 +13,12 @@ /// limitations under the License. /// -/// Logging definitions, for both kernel and user space. +/// Logging definitions /// #ifndef SANTA__COMMON__LOGGING_H #define SANTA__COMMON__LOGGING_H -#ifdef KERNEL - -#include - -#ifdef DEBUG -#define LOGD(format, ...) IOLog("D santa-driver: " format "\n", ##__VA_ARGS__); -#else // DEBUG -#define LOGD(format, ...) -#endif // DEBUG -#define LOGI(format, ...) IOLog("I santa-driver: " format "\n", ##__VA_ARGS__); -#define LOGW(format, ...) IOLog("W santa-driver: " format "\n", ##__VA_ARGS__); -#define LOGE(format, ...) IOLog("E santa-driver: " format "\n", ##__VA_ARGS__); - -#else // KERNEL - #ifdef __cplusplus extern "C" { #endif @@ -68,6 +53,4 @@ void logMessage(LogLevel level, FILE *destination, NSString *format, ...) } // extern C #endif -#endif // KERNEL - #endif // SANTA__COMMON__LOGGING_H diff --git a/Source/common/SNTPrefixTree.cc b/Source/common/SNTPrefixTree.cc index f6c07cdf7..4d1de21f6 100644 --- a/Source/common/SNTPrefixTree.cc +++ b/Source/common/SNTPrefixTree.cc @@ -14,13 +14,6 @@ #include "Source/common/SNTPrefixTree.h" -#ifdef KERNEL -#include - -#include "Source/common/SNTLogging.h" - -#else - #include #include @@ -46,25 +39,14 @@ #define lck_mtx_lock(l) l->lock() #define lck_mtx_unlock(l) l->unlock() -#endif // KERNEL SNTPrefixTree::SNTPrefixTree(uint32_t max_nodes) { root_ = new SantaPrefixNode(); node_count_ = 0; max_nodes_ = max_nodes; -#ifdef KERNEL - spt_lock_grp_attr_ = lck_grp_attr_alloc_init(); - spt_lock_grp_ = - lck_grp_alloc_init("santa-prefix-tree-lock", spt_lock_grp_attr_); - spt_lock_attr_ = lck_attr_alloc_init(); - - spt_lock_ = lck_rw_alloc_init(spt_lock_grp_, spt_lock_attr_); - spt_add_lock_ = lck_mtx_alloc_init(spt_lock_grp_, spt_lock_attr_); -#else pthread_rwlock_init(&spt_lock_, nullptr); spt_add_lock_ = new std::mutex; -#endif } IOReturn SNTPrefixTree::AddPrefix(const char *prefix, uint64_t *node_count) { @@ -241,32 +223,5 @@ SNTPrefixTree::~SNTPrefixTree() { root_ = nullptr; lck_rw_unlock_exclusive(spt_lock_); -#ifdef KERNEL - if (spt_lock_) { - lck_rw_free(spt_lock_, spt_lock_grp_); - spt_lock_ = nullptr; - } - - if (spt_add_lock_) { - lck_mtx_free(spt_add_lock_, spt_lock_grp_); - spt_add_lock_ = nullptr; - } - - if (spt_lock_attr_) { - lck_attr_free(spt_lock_attr_); - spt_lock_attr_ = nullptr; - } - - if (spt_lock_grp_) { - lck_grp_free(spt_lock_grp_); - spt_lock_grp_ = nullptr; - } - - if (spt_lock_grp_attr_) { - lck_grp_attr_free(spt_lock_grp_attr_); - spt_lock_grp_attr_ = nullptr; - } -#else pthread_rwlock_destroy(&spt_lock_); -#endif } diff --git a/Source/common/SNTPrefixTree.h b/Source/common/SNTPrefixTree.h index 7530f618f..a396d8ed9 100644 --- a/Source/common/SNTPrefixTree.h +++ b/Source/common/SNTPrefixTree.h @@ -18,15 +18,11 @@ #include #include -#ifdef KERNEL -#include -#else // Support for unit testing. #include #include #include -#endif // KERNEL /// /// SantaPrefixTree is a simple prefix tree implementation. @@ -88,16 +84,8 @@ class SNTPrefixTree { uint32_t max_nodes_; uint32_t node_count_; -#ifdef KERNEL - lck_grp_t *spt_lock_grp_; - lck_grp_attr_t *spt_lock_grp_attr_; - lck_attr_t *spt_lock_attr_; - lck_rw_t *spt_lock_; - lck_mtx_t *spt_add_lock_; -#else // KERNEL pthread_rwlock_t spt_lock_; std::mutex *spt_add_lock_; -#endif // KERNEL }; #endif /* SANTA__SANTA_DRIVER__SANTAPREFIXTREE_H */ diff --git a/Source/common/SantaCache.h b/Source/common/SantaCache.h index 35b8f2189..404c09fff 100644 --- a/Source/common/SantaCache.h +++ b/Source/common/SantaCache.h @@ -20,28 +20,19 @@ #include #include -#include "Source/common/SNTCommon.h" - -#ifdef KERNEL -#include -#else // KERNEL -// Support for unit testing. #include #include #include + +#include "Source/common/SNTCommon.h" + #define panic(args...) \ printf(args); \ printf("\n"); \ abort() -#define IOMallocAligned(sz, alignment) malloc(sz); -#define IOFreeAligned(addr, sz) free(addr) -#define OSTestAndSet OSAtomicTestAndSet -#define OSTestAndClear(bit, addr) OSAtomicTestAndClear(bit, addr) == 0 -#define OSIncrementAtomic(addr) OSAtomicIncrement64((volatile int64_t *)addr) -#define OSDecrementAtomic(addr) OSAtomicDecrement64((volatile int64_t *)addr) + #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" -#endif // KERNEL /** A type to specialize to help SantaCache with its hashing. @@ -88,8 +79,7 @@ class SantaCache { (1 << (32 - __builtin_clz((((uint32_t)max_size_ / per_bucket) - 1) ?: 1))); if (unlikely(bucket_count_ > UINT32_MAX)) bucket_count_ = UINT32_MAX; - buckets_ = (struct bucket *)IOMallocAligned( - bucket_count_ * sizeof(struct bucket), 2); + buckets_ = (struct bucket *)malloc(bucket_count_ * sizeof(struct bucket)); bzero(buckets_, bucket_count_ * sizeof(struct bucket)); } @@ -98,7 +88,7 @@ class SantaCache { */ ~SantaCache() { clear(); - IOFreeAligned(buckets_, bucket_count_ * sizeof(struct bucket)); + free(buckets_); } /** @@ -173,7 +163,7 @@ class SantaCache { struct entry *entry = (struct entry *)((uintptr_t)bucket->head - 1); while (entry != nullptr) { struct entry *next_entry = entry->next; - IOFreeAligned(entry, sizeof(struct entry)); + free(entry); entry = next_entry; } } @@ -284,8 +274,8 @@ class SantaCache { } else { bucket->head = (struct entry *)((uintptr_t)entry->next + 1); } - IOFreeAligned(entry, sizeof(struct entry)); - OSDecrementAtomic(&count_); + free(entry); + OSAtomicDecrement64((volatile int64_t *)&count_); } unlock(bucket); @@ -318,14 +308,13 @@ class SantaCache { // Allocate a new entry, set the key and value, then put this new entry at // the head of this bucket's linked list. - struct entry *new_entry = - (struct entry *)IOMallocAligned(sizeof(struct entry), 2); + struct entry *new_entry = (struct entry *)malloc(sizeof(struct entry)); bzero(new_entry, sizeof(struct entry)); new_entry->key = key; new_entry->value = value; new_entry->next = (struct entry *)((uintptr_t)bucket->head - 1); bucket->head = (struct entry *)((uintptr_t)new_entry + 1); - OSIncrementAtomic(&count_); + OSAtomicIncrement64((volatile int64_t *)&count_); unlock(bucket); return true; @@ -335,7 +324,7 @@ class SantaCache { Lock a bucket. Spins until the lock is acquired. */ inline void lock(struct bucket *bucket) const { - while (OSTestAndSet(7, (volatile uint8_t *)&bucket->head)) + while (OSAtomicTestAndSet(7, (volatile uint8_t *)&bucket->head)) ; } @@ -343,7 +332,8 @@ class SantaCache { Unlock a bucket. Panics if the lock wasn't locked. */ inline void unlock(struct bucket *bucket) const { - if (unlikely(OSTestAndClear(7, (volatile uint8_t *)&bucket->head))) { + if (unlikely(OSAtomicTestAndClear(7, (volatile uint8_t *)&bucket->head) == + 0)) { panic("SantaCache::unlock(): Tried to unlock an unlocked lock"); } } @@ -375,8 +365,6 @@ class SantaCache { } }; -#ifndef KERNEL #pragma clang diagnostic pop -#endif #endif // SANTA__SANTA_DRIVER__SANTACACHE_H diff --git a/Source/santactl/BUILD b/Source/santactl/BUILD index c7f02f2ee..ccd8f25cf 100644 --- a/Source/santactl/BUILD +++ b/Source/santactl/BUILD @@ -5,7 +5,7 @@ licenses(["notice"]) package( default_visibility = ["//:santa_package_group"], - features = ["-layering_check"], + features = ["layering_check"], ) objc_library(