Copyright Digital Equipment Corp. All rights reserved.

cssm_IsFuncCallValid

NAME
  cssm_IsFuncCallValid - Check secure linkage (CDSA)

SYNOPSIS
  # include <cssm.h>

       CSSM_RETURN CSSMAPI cssm_IsFuncCallValid
       (CSSM_MODULE_HANDLE hAddin,
       CSSM_PROC_ADDR SrcAddress, /* application */,
       CSSM_PROC_ADDR DestAddress,
       CSSM_PRIVILEGE InPriv,
       CSSM_PRIVILEGE *OutPriv,
       CSSM_BITMASK Hints,
       CSSM_BOOL * IsOK)

LIBRARY
  Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

PARAMETERS
  hAddIn (input)
          The handle identifying the attach-session whose caller and
          callee scope is being tested by this function.

  SrcAddress (input/optional)
          An address to be tested for containment within the
          application that requested and created the attach-session
          identified by the module handle.

  DestAddress (input/optional)
          An address within a service module. The destination address
          must be valid for the service provider associated with the
          attach-session identified by the module handle.

  InPriv (input)
          The privilege value to be checked. Privilege checks apply
          to both SrcAddress and DestAddress.

  OutPriv (output)
          If non-NULL, the global privilege will be checked and
          returned in OutPriv.

  Hints (input)
          A flag providing search hints.

  IsOK (output)
          CSSM_TRUE if success, CSSM_FALSE if fail.

DESCRIPTION
  This function checks secure linkage between an application and a
  service module. Based on address scope of the application and the
  service module associated with the attach handle, CSSM determines
  whether the SrcAddress is within an associated application and
  DestAddress is within the associated service module. The scope of
  the application and the service module is determined by their
  respective signed manifest credentials, which attest to the
  integrity of each entity.

  This function uses the input privilege value InPriv to compare
  against the privilege range associated with the ranges for
  SrcAddress and DestAddres.  The privilege check is performed
  when the InPriv privilege value is non-NULL.   If the EMM wants
  the global privilege value to be checked, InPriv is zero and
  OutPriv is non-NULL. CSSM will return the privilege value in
  OutPriv. If integrity only checks are to be performed, InPriv
  is zero and OutPriv is NULL.

  Another parameter called Hints is used to help CSSM efficiently
  perform the integrity and privilege verification operations.
  Hints helps CSSM know where to look to find the desired state
  information.  In the regular case, CSSM will look for SrcAddress
  in the CallerList and DestAddress in the AttachList. For callback
  functions, the SrcAddress and DestAddress are likely to be in
  AttachList.

RETURN VALUE
  A CSSM_RETURN value indicating success or specifying a particular
  error condition. The value CSSM_OK indicates success. All other
  values represent an error condition.

ERRORS
  Errors are described in the CDSA technical standard.  See CDSA.

SEE ALSO
  Books

  Intel CDSA Application Developer's Guide (see CDSA)

  Other Help Topics