#ifndef _H_CSPROCESS
#define _H_CSPROCESS
-#include "csgeneric.h"
+#include "Code.h"
#include "StaticCode.h"
-#include "PidDiskRep.h"
+#include "piddiskrep.h"
#include <security_utilities/utilities.h>
namespace Security {
//
// A SecCode that represents a running UNIX process.
-// Processes are identified by pid.
+// Processes are identified by pid and audit token.
//
-// ProcessCode inherits GenericCode's access to the cshosting Mach protocol to
-// deal with guests.
-//
-class ProcessCode : public GenericCode {
+class ProcessCode : public SecCode {
public:
- ProcessCode(pid_t pid, PidDiskRep *pidDiskRep = NULL);
- ~ProcessCode() throw () { }
+ ProcessCode(pid_t pid, const audit_token_t* token, PidDiskRep *pidDiskRep = NULL);
+ ~ProcessCode() throw () { delete mAudit; }
pid_t pid() const { return mPid; }
- PidDiskRep *pidBased() const { return mPidBased; }
-
- mach_port_t getHostingPort();
+ const audit_token_t* audit() const { return mAudit; }
+
+ PidDiskRep *pidBased() const { return mPidBased; }
+
+ int csops(unsigned int ops, void *addr, size_t size);
private:
pid_t mPid;
+ audit_token_t* mAudit;
RefPointer<PidDiskRep> mPidBased;
};
void validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail = errSecCSSignatureFailed);
private:
ProcessCode *mGuest;
-
+ CFRef<CFDictionaryRef> mEmptyInfoDict;
};
} // end namespace CodeSigning
projects / apple / security.git / blobdiff