projects / apple / libsecurity_codesigning.git / blame
| Commit | Line | Data |
|---|---|---|
| d1c1ab47 A |
1 | /* |
| 2 | * DTrace static providers at the Code Signing layer | |
| 3 | */ | |
| 4 | #define int32_t int | |
| 5 | #define uint32_t unsigned | |
| 6 | #define mach_port_t uint32_t | |
| 7 | ||
| 8 | ||
| 9 | /* | |
| 10 | * Basic semantic events of the code signing subsystem | |
| 11 | */ | |
| 12 | provider codesign { | |
| 13 | probe diskrep__create__macho(void *me, const char *path, const void *ctx); | |
| 14 | probe diskrep__create__bundle__path(void *me, const char *path, void *ctx, void *exec); | |
| 15 | probe diskrep__create__bundle__ref(void *me, void *cfbundle, void *ctx, void *exec); | |
| 16 | probe diskrep__create__file(void *me, const char *path); | |
| 17 | probe diskrep__create__cfm(void *me, const char *path); | |
| 18 | probe diskrep__create__slc(void *me, const char *path); | |
| 19 | probe diskrep__create__detached(void *me, void *orig, const char *source, void *glob); | |
| 20 | probe diskrep__create__kernel(void *me); | |
| 21 | probe diskrep__destroy(void *me); | |
| 22 | ||
| 23 | probe static__create(void *me, void *host); | |
| 24 | probe dynamic__create(void *me, void *rep); | |
| 25 | ||
| 26 | probe static__cdhash(void *me, const void *cdhash, uint32_t length); | |
| 27 | probe static__attach__explicit(void *me, void *rep); | |
| 28 | probe static__attach__system(void *me, void *rep); | |
| 29 | ||
| 30 | probe eval__dynamic__start(void *me, const char *path); | |
| 31 | probe eval__dynamic__end(void *me); | |
| f60086fc | 32 | probe eval__dynamic__root(void *me); |
| d1c1ab47 A |
33 | |
| 34 | probe eval__static__start(void *me, const char *path); | |
| 35 | probe eval__static__end(void *me); | |
| 36 | probe eval__static__reset(void *me); | |
| 37 | ||
| 38 | probe eval__static__executable__start(void *me, const char *path, uint32_t pages); | |
| 39 | probe eval__static__executable__fail(void *me, uint32_t badPage); | |
| 40 | probe eval__static__executable__end(void *me); | |
| 41 | probe eval__static__resources__start(void *me, const char *path, int count); | |
| 42 | probe eval__static__resources__end(void *me); | |
| 43 | ||
| 44 | probe eval__static__directory(void *me); | |
| 45 | probe eval__static__intreq__start(void *me, uint32_t reqType, void *target, int32_t nullError); | |
| 46 | probe eval__static__intreq__end(void *me); | |
| 47 | ||
| 48 | probe eval__static__signature__start(void *me, const char *path); | |
| 49 | probe eval__static__signature__adhoc(void *me); | |
| 50 | probe eval__static__signature__result(void *me, uint32_t result, uint32_t chainLength); | |
| 51 | probe eval__static__signature__expired(void *me); | |
| 52 | probe eval__static__signature__end(void *me); | |
| 53 | ||
| 54 | probe eval__reqint__start(const void *reqdata, uint32_t reqlength); | |
| f60086fc | 55 | probe eval__reqint__end(const void *reqdata, uint32_t result); |
| d1c1ab47 A |
56 | probe eval__reqint__op(uint32_t opcode, uint32_t offset); |
| 57 | probe eval__reqint__unknown_false(uint32_t opcode); | |
| 58 | probe eval__reqint__unknown_skipped(uint32_t opcode); | |
| f60086fc A |
59 | probe eval__reqint__fragment__load(const char *type, const char *name, const void *req); |
| 60 | probe eval__reqint__fragment__hit(const char *type, const char *name); | |
| d1c1ab47 A |
61 | |
| 62 | probe guest__hostingport(void *host, mach_port_t hostingPort); | |
| 63 | probe guest__locate__generic(void *host, uint32_t *guestPath, uint32_t guestPathLength, mach_port_t subport); | |
| 64 | probe guest__identify__process(void *guest, uint32_t guestPid, void *code); | |
| 65 | probe guest__cdhash__process(void *code, const void *cdhash, uint32_t length); | |
| 66 | probe guest__identify__generic(void *guest, uint32_t guestRef, void *code); | |
| 67 | probe guest__cdhash__generic(void *code, const void *cdhash, uint32_t length); | |
| 68 | ||
| 69 | probe allocate__validate(const char *path, uint32_t pid); | |
| 70 | probe allocate__arch(const char *arch, uint32_t size); | |
| 71 | probe allocate__archn(uint32_t cputype, uint32_t cpusubtype, uint32_t size); | |
| 72 | probe allocate__write(const char *arch, off_t offset, uint32_t length, uint32_t available); | |
| f60086fc A |
73 | |
| 74 | probe sign__dep__macho(void *me, const char *name, const void *requirement); | |
| 75 | probe sign__dep__interp(void *me, const char *name, const void *requirement); | |
| d1c1ab47 A |
76 | |
| 77 | probe load__antlr(); | |
| 78 | }; | |
| f60086fc A |
79 | |
| 80 | ||
| 81 | provider syspolicy { | |
| 62e4ed3d A |
82 | probe assess_api(const char *path, int type, uint64_t flags); |
| 83 | ||
| 84 | probe assess__outcome__accept(const char *path, int type, const char *label, const void *cdhash); | |
| 85 | probe assess__outcome__deny(const char *path, int type, const char *label, const void *cdhash); | |
| 86 | probe assess__outcome__default(const char *path, int type, const char *label, const void *cdhash); | |
| 87 | probe assess__outcome__unsigned(const char *path, int type); | |
| 88 | probe assess__outcome__broken(const char *path, int type, bool exception_made); | |
| 89 | ||
| 90 | probe recorder_mode(const char *path, int type, const char *label, const void *cdhash, int flags); | |
| 91 | probe recorder_mode_adhoc_path(const char *path, int type, const char *sig_path); // path containing adhoc signature recorded | |
| 92 | ||
| f60086fc A |
93 | probe assess_cache_hit(); |
| 94 | probe assess_local(); | |
| 95 | probe assess_remote(); | |
| 62e4ed3d | 96 | }; |