;;; Copyright (c) 2017 Apple Inc.  All Rights reserved.
;;;
;;; WARNING: The sandbox rules in this file currently constitute
;;; Apple System Private Interface and are subject to change at any time and
;;; without notice.
;;;
(version 1)

;; replace `deny` with allow (with report)` if you want to change default behavior
(deny default)
(deny file-map-executable process-info* nvram*)
(deny dynamic-code-generation)
(deny mach-priv-host-port)

(import "system.sb")
(import "com.apple.corefoundation.sb")

(corefoundation)
(allow user-preference-read
    (preference-domain
        "com.apple.SoftwareUpdate"
        "com.apple.speech.recognition.AppleSpeechRecognition.prefs")) ;; for SpeechObjects+DictationServices

;;; Homedir-relative path filters
(define (home-regex home-relative-regex)
    (regex (string-append "^" (regex-quote (param "HOME")) home-relative-regex)))

(define (home-subpath home-relative-subpath)
    (subpath (string-append (param "HOME") home-relative-subpath)))

(define (home-prefix home-relative-prefix)
    (prefix (string-append (param "HOME") home-relative-prefix)))

(define (home-literal home-relative-literal)
    (literal (string-append (param "HOME") home-relative-literal)))
    
(require-all
  (require-any
    (subpath "/System/Library/AssetsV2"))
  (extension "com.apple.assets.read"))
(allow mach-lookup
  (global-name "com.apple.mobileassetd")
  (global-name "com.apple.mobileassetd.v2"))

(allow process-info* (target self))

;; For resolving symlinks, realpath(3), and equivalents.
(allow file-read-metadata)

;; For validating the entitlements of clients.
(allow process-info-codesignature)

;; Your preference domain
(allow user-preference-read user-preference-write
       (preference-domain "com.apple.triald"))

;; Read/write access to a temporary directory.
(allow file-read* file-write*
       (subpath (param "TMPDIR"))
       (subpath (param "DARWIN_CACHE_DIR"))
       )
(allow file-read* file-write*
    (mount-relative-literal "/.TemporaryItems")
    (mount-relative-regex #"^/\.TemporaryItems/folders.[0-9]+(/|$)"))

;; Read/write cache access
(let ((cache-path-filter (home-subpath "/Library/Caches/com.apple.triald")))
  (allow file-read* file-write* cache-path-filter)
  (allow file-issue-extension
    (require-all
      (extension-class "com.apple.app-sandbox.read" "com.apple.app-sandbox.read-write")
      cache-path-filter)))

;; Read absolute path
(allow file-read*
    (subpath "/usr/libexec"))

;; Write absolute path
(allow file-read* file-write*
    (subpath "/private/var/tmp/com.apple.triald"))

;; Write to Trial subdirectory of any app container
(allow file-read* file-write*
    (home-regex "/Library/Containers/[^/]+/Data/Library/Trial(/|$)")
    (home-regex "/Library/Group Containers/[^/]+/Library/Trial(/|$)"))


;; Allow read-write access to Asset store
;; Is write access reasonable here? We need to link assets to the local treatments folder.
;; Since triald will have write access to the treatments folder it also needs write access to the asset store otherwise it won't be able to link between the two.
(allow file-read* file-write*
    (regex "/Library/Trial/[^/]+/AssetStore/"))

;; Allow read access to the global treatments folder.
;; Used to read and re-copy the existing protobuf files when creating flatbuffer files.
(allow file-read*
    (subpath "/Library/Trial/Treatments/"))


;; Allow read-write access to $HOME/Library/Trial
(allow file-read* file-write*
    (home-subpath "/Library/Trial"))

;; Allow read-write access to $HOME//Library/Logs/Trial
(allow file-read* file-write*
    (home-subpath "/Library/Logs/Trial"))

;; Generic use of CloudKit - mostly copied from common.sb on embedded platforms
(allow user-preference-read
    (preference-domain "com.apple.CloudKit"))
    
(allow file-read*
    (subpath "/System/Library/PrivateFrameworks/TrialServer.framework")
    (subpath "/AppleInternal/Library/Trial/NamespaceKeys")
    (literal "/AppleInternal/Library/Assistant/InternalConfig.plist"))

(allow mach-lookup
    (global-name "com.apple.accountsd.accountmanager"
                 "com.apple.apsd"
                 "com.apple.ckdiscretionaryd"
                 "com.apple.cloudd"
                 "com.apple.triald.system.from-agent"
                 "com.apple.triald.system.internal"
                 "com.apple.SystemConfiguration.configd"    ;; APS
                 "com.apple.windowserver.active"            ;; APS
                 "com.apple.mobileasset.autoasset"
                 "com.apple.commcenter.coretelephony.xpc"
                 "com.apple.biome.access.user"              ;; Lighthouse's Bitacora logging uses Biome
                 "com.apple.biome.access.system"            ;; Used for Mac OS
                 "com.apple.geod"                           ;; GeoD
    ))

;; CloudKit caches
(allow file-read* file-write*
    (home-subpath "/Library/Caches/CloudKit"))

;; CloudKit - [CKAsset CKDescriptionPropertiesWithPublic:private:shouldExpand:]
(allow mach-lookup
    (global-name "com.apple.system.opendirectoryd.api"))

;; Keyboard Input
(allow file-read* (home-subpath "/Library/Preferences"))
(allow user-preference-read)

;; PET
(allow file-read* file-write*
    (home-subpath "/Library/Caches/com.apple.proactive.eventtracker"))

;; Issue sandbox extensions intended for TrialArchivingService
(allow file-issue-extension
    (require-all
              (extension-class "com.apple.app-sandbox.read" "com.apple.app-sandbox.read-write")
              (home-subpath "/Library/Trial")))

(allow file-issue-extension
    (require-all
              (extension-class "com.apple.app-sandbox.read" "com.apple.app-sandbox.read-write")
              (regex "/Library/Trial/[^/]+/AssetStore/tmp/")))

;; Issue sandbox extensions intended to share tmp directory with triald_system
(allow file-issue-extension
    (require-all
              (extension-class "com.apple.app-sandbox.read" "com.apple.app-sandbox.read-write")
              (subpath (param "TMPDIR"))))

;; CacheDelete 
(allow mach-lookup
    (global-name "com.apple.cache_delete"
                 "com.apple.cache_delete.public"))

;; Diagnostics and Usage Targeting
(allow file-read*
    (subpath "/Library/OSAnalytics/Preferences")
    (subpath "/Library/Application Support/CrashReporter")
)

;; Allow read-write access to /private/tmp/TrialTestFiles
(allow file-read* file-write*
  (subpath "/private/tmp/TrialTestFiles"))

;;; Biome + ANE allowances
(allow iokit-open-service
    (iokit-user-client-class "AppleVirtIONeuralEngineDevice")               ;; ANE purge access
)
(allow iokit-open
    (iokit-user-client-class "AppleVirtIONeuralEngineDeviceUserClient")     ;; ANE purge access
    (iokit-user-client-class "AppleKeyStoreUserClient")                     ;; Biome access
)
(allow mach-lookup (global-name "com.apple.appleneuralengine"))

;; Allow getting scheduled by BGST
;; This is only required for macOS
(allow mach-lookup
    (global-name "com.apple.duetactivityscheduler")
)

;; Support kernel experimentation
;; These are one-time allow-listed sysctls. Future adopters should add their
;; sysctl under the kern.trial namespace instead.
(allow sysctl-write (sysctl-name "kern.testing_experiment_factor"))
(allow sysctl-write (sysctl-name "kern.sched_preemption_disable_threshold_mt"))
(allow sysctl-write (sysctl-name "kern.interrupt_masked_threshold_mt"))
(allow sysctl-write (sysctl-name "kern.timeouts_are_fatal"))

;; Supports kern.trial.* sysctls, like kern.trial.test
(allow sysctl-write (sysctl-name-prefix "kern.trial."))