libsecurity_codesigning/lib/security_codesigning.d

   1 /*
   2  * DTrace static providers at the Code Signing layer
   3  */
   4 #define int32_t int
   5 #define uint32_t unsigned
   6 #define mach_port_t uint32_t
   7
   8
   9 /*
  10  * Basic semantic events of the code signing subsystem
  11  */
  12 provider codesign {
  13         probe diskrep__create__macho(void *me, const char *path, const void *ctx);
  14         probe diskrep__create__bundle__path(void *me, const char *path, void *ctx, void *exec);
  15         probe diskrep__create__bundle__ref(void *me, void *cfbundle, void *ctx, void *exec);
  16         probe diskrep__create__file(void *me, const char *path);
  17         probe diskrep__create__cfm(void *me, const char *path);
  18         probe diskrep__create__slc(void *me, const char *path);
  19         probe diskrep__create__detached(void *me, void *orig, const char *source, void *glob);
  20         probe diskrep__create__kernel(void *me);
  21         probe diskrep__destroy(void *me);
  22
  23         probe static__create(void *me, void *host);
  24         probe dynamic__create(void *me, void *rep);
  25
  26         probe static__cdhash(void *me, const void *cdhash, uint32_t length);
  27         probe static__attach__explicit(void *me, void *rep);
  28         probe static__attach__system(void *me, void *rep);
  29
  30         probe eval__dynamic__start(void *me, const char *path);
  31         probe eval__dynamic__end(void *me);
  32         probe eval__dynamic__root(void *me);
  33
  34         probe eval__static__start(void *me, const char *path);
  35         probe eval__static__end(void *me);
  36         probe eval__static__reset(void *me);
  37
  38         probe eval__static__executable__start(void *me, const char *path, uint32_t pages);
  39         probe eval__static__executable__fail(void *me, uint32_t badPage);
  40         probe eval__static__executable__end(void *me);
  41         probe eval__static__resources__start(void *me, const char *path, int count);
  42         probe eval__static__resources__end(void *me);
  43
  44         probe eval__static__directory(void *me);
  45         probe eval__static__intreq__start(void *me, uint32_t reqType, void *target, int32_t nullError);
  46         probe eval__static__intreq__end(void *me);
  47
  48         probe eval__static__signature__start(void *me, const char *path);
  49         probe eval__static__signature__adhoc(void *me);
  50         probe eval__static__signature__result(void *me, uint32_t result, uint32_t chainLength);
  51         probe eval__static__signature__expired(void *me);
  52         probe eval__static__signature__end(void *me);
  53
  54         probe eval__reqint__start(const void *reqdata, uint32_t reqlength);
  55         probe eval__reqint__end(const void *reqdata, uint32_t result);
  56         probe eval__reqint__op(uint32_t opcode, uint32_t offset);
  57         probe eval__reqint__unknown_false(uint32_t opcode);
  58         probe eval__reqint__unknown_skipped(uint32_t opcode);
  59         probe eval__reqint__fragment__load(const char *type, const char *name, const void *req);
  60         probe eval__reqint__fragment__hit(const char *type, const char *name);
  61
  62         probe guest__hostingport(void *host, mach_port_t hostingPort);
  63         probe guest__locate__generic(void *host, uint32_t *guestPath, uint32_t guestPathLength, mach_port_t subport);
  64         probe guest__identify__process(void *guest, uint32_t guestPid, void *code);
  65         probe guest__cdhash__process(void *code, const void *cdhash, uint32_t length);
  66         probe guest__identify__generic(void *guest, uint32_t guestRef, void *code);
  67         probe guest__cdhash__generic(void *code, const void *cdhash, uint32_t length);
  68
  69         probe allocate__validate(const char *path, uint32_t pid);
  70         probe allocate__arch(const char *arch, uint32_t size);
  71         probe allocate__archn(uint32_t cputype, uint32_t cpusubtype, uint32_t size);
  72         probe allocate__write(const char *arch, off_t offset, uint32_t length, uint32_t available);
  73
  74         probe sign__dep__macho(void *me, const char *name, const void *requirement);
  75         probe sign__dep__interp(void *me, const char *name, const void *requirement);
  76
  77         probe load__antlr();
  78 };
  79
  80
  81 provider syspolicy {
  82         probe assess_api(const char *path, int type, uint64_t flags);
  83
  84         probe assess__outcome__accept(const char *path, int type, const char *label, const void *cdhash);
  85         probe assess__outcome__deny(const char *path, int type, const char *label, const void *cdhash);
  86         probe assess__outcome__default(const char *path, int type, const char *label, const void *cdhash);
  87         probe assess__outcome__unsigned(const char *path, int type);
  88         probe assess__outcome__broken(const char *path, int type, bool exception_made);
  89
  90         probe recorder_mode(const char *path, int type, const char *label, const void *cdhash, int flags);
  91         probe recorder_mode_adhoc_path(const char *path, int type, const char *sig_path);       // path containing adhoc signature recorded
  92
  93         probe assess_cache_hit();
  94         probe assess_local();
  95         probe assess_remote();
  96 };