cssm_IsFuncCallValid(3)cssm_IsFuncCallValid(3)NAMEcssm_IsFuncCallValid - Check secure linkage (CDSA)
SYNOPSIS
# include <cdsa/cssm.h>
CSSM_RETURN CSSMAPI cssm_IsFuncCallValid (CSSM_MODULE_HANDLE hAddin,
CSSM_PROC_ADDR SrcAddress, /* application */, CSSM_PROC_ADDR DestAd‐
dress, CSSM_PRIVILEGE InPriv, CSSM_PRIVILEGE *OutPriv, CSSM_BITMASK
Hints, CSSM_BOOL * IsOK)
LIBRARY
Common Security Services Manager library (libcssm.so)
PARAMETERS
The handle identifying the attach-session whose caller and callee scope
is being tested by this function. An address to be tested for contain‐
ment within the application that requested and created the attach-ses‐
sion identified by the module handle. An address within a service mod‐
ule. The destination address must be valid for the service provider
associated with the attach-session identified by the module handle.
The privilege value to be checked. Privilege checks apply to both
SrcAddress and DestAddress. If non-NULL, the global privilege will be
checked and returned in OutPriv. A flag providing search hints.
CSSM_TRUE if success, CSSM_FALSE if fail.
DESCRIPTION
This function checks secure linkage between an application and a ser‐
vice module. Based on address scope of the application and the service
module associated with the attach handle, CSSM determines whether the
SrcAddress is within an associated application and DestAddress is
within the associated service module. The scope of the application and
the service module is determined by their respective signed manifest
credentials, which attest to the integrity of each entity.
This function uses the input privilege value InPriv to compare against
the privilege range associated with the ranges for SrcAddress and
DestAddres. The privilege check is performed when the InPriv privilege
value is non-NULL. If the EMM wants the global privilege value to be
checked, InPriv is zero and OutPriv is non-NULL. CSSM will return the
privilege value in OutPriv. If integrity only checks are to be per‐
formed, InPriv is zero and OutPriv is NULL.
Another parameter called Hints is used to help CSSM efficiently perform
the integrity and privilege verification operations. Hints helps CSSM
know where to look to find the desired state information. In the regu‐
lar case, CSSM will look for SrcAddress in the CallerList and DestAd‐
dress in the AttachList. For callback functions, the SrcAddress and
DestAddress are likely to be in AttachList.
RETURN VALUE
A CSSM_RETURN value indicating success or specifying a particular error
condition. The value CSSM_OK indicates success. All other values repre‐
sent an error condition.
ERRORS
Errors are described in the CDSA technical standard. See
CDSA_intro(3).
SEE ALSO
Books
Intel CDSA Application Developer's Guide (see CDSA_intro(3))
Reference Pages
cssm_IsFuncCallValid(3)