]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/lib/Code.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.251.4.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / lib / Code.cpp
diff --git a/OSX/libsecurity_codesigning/lib/Code.cpp b/OSX/libsecurity_codesigning/lib/Code.cpp
index d5de3047c3f453b74e003eeb480f6585d72278c5..919ff0bce28db5d4804e3776e6ce82fc98fc8ab0 100644 (file)
--- a/OSX/libsecurity_codesigning/lib/Code.cpp
+++ b/OSX/libsecurity_codesigning/lib/Code.cpp
@@ -30,6 +30,7 @@
 #include "cskernel.h"
 #include <security_utilities/cfmunge.h>
 #include <security_utilities/debugging.h>
 #include "cskernel.h"
 #include <security_utilities/cfmunge.h>
 #include <security_utilities/debugging.h>
+#include "SecInternalReleasePriv.h"
 
 namespace Security {
 namespace CodeSigning {
 
 namespace Security {
 namespace CodeSigning {
@@ -210,9 +211,20 @@ void SecCode::checkValidity(SecCSFlags flags)
                myDisk->diskRep()->strictValidate(myDisk->codeDirectory(), DiskRep::ToleratedErrors(), flags);
 
        // check my own dynamic state
                myDisk->diskRep()->strictValidate(myDisk->codeDirectory(), DiskRep::ToleratedErrors(), flags);
 
        // check my own dynamic state
-       if (!(this->host()->getGuestStatus(this) & kSecCodeStatusValid))
-               MacOSError::throwMe(errSecCSGuestInvalid);
-       
+       SecCodeStatus dynamic_status = this->host()->getGuestStatus(this);
+       bool isValid = (dynamic_status & kSecCodeStatusValid) != 0;
+       if (!isValid) {
+               bool isDebugged = (dynamic_status & kSecCodeStatusDebugged) != 0;
+               bool isPlatform = (dynamic_status & kSecCodeStatusPlatform) != 0;
+               bool isInternal = SecIsInternalRelease();
+
+               if (!isDebugged || (isPlatform && !isInternal)) {
+                       // fatal if the code is invalid and not being debugged, but
+                       // never let platform code be debugged except on internal systems.
+                       MacOSError::throwMe(errSecCSGuestInvalid);
+               }
+       }
+
        // check that static and dynamic views are consistent
        if (this->cdHash() && !CFEqual(this->cdHash(), myDisk->cdHash()))
                MacOSError::throwMe(errSecCSStaticCodeChanged);
        // check that static and dynamic views are consistent
        if (this->cdHash() && !CFEqual(this->cdHash(), myDisk->cdHash()))
                MacOSError::throwMe(errSecCSStaticCodeChanged);
@@ -255,6 +267,7 @@ void SecCode::changeGuestStatus(SecCode *guest, SecCodeStatusOperation operation
 //
 SecCode *SecCode::autoLocateGuest(CFDictionaryRef attributes, SecCSFlags flags)
 {
 //
 SecCode *SecCode::autoLocateGuest(CFDictionaryRef attributes, SecCSFlags flags)
 {
+#if TARGET_OS_OSX
        // special case: with no attributes at all, return the root of trust
        if (CFDictionaryGetCount(attributes) == 0)
                return KernelCode::active()->retain();
        // special case: with no attributes at all, return the root of trust
        if (CFDictionaryGetCount(attributes) == 0)
                return KernelCode::active()->retain();
@@ -280,6 +293,7 @@ SecCode *SecCode::autoLocateGuest(CFDictionaryRef attributes, SecCSFlags flags)
                        return code.yield();
                }
        }
                        return code.yield();
                }
        }
+#endif // TARGET_OS_OSX
        MacOSError::throwMe(errSecCSNoSuchCode);
 }
 
        MacOSError::throwMe(errSecCSNoSuchCode);
 }
 
mirror of Security