X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..0d4552ce43ff8bf2e8666a9c5c44c3590eb117a8:/OSX/libsecurity_codesigning/lib/csprocess.cpp diff --git a/OSX/libsecurity_codesigning/lib/csprocess.cpp b/OSX/libsecurity_codesigning/lib/csprocess.cpp index bc406aa3..80b58521 100644 --- a/OSX/libsecurity_codesigning/lib/csprocess.cpp +++ b/OSX/libsecurity_codesigning/lib/csprocess.cpp @@ -36,17 +36,26 @@ namespace CodeSigning { // // Construct a running process representation // -ProcessCode::ProcessCode(pid_t pid, PidDiskRep *pidDiskRep /*= NULL */) - : GenericCode(KernelCode::active()), mPid(pid), mPidBased(pidDiskRep) +ProcessCode::ProcessCode(pid_t pid, const audit_token_t* token, PidDiskRep *pidDiskRep /*= NULL */) + : SecCode(KernelCode::active()), mPid(pid), mPidBased(pidDiskRep) { + if (token) + mAudit = new audit_token_t(*token); + else + mAudit = NULL; } -mach_port_t ProcessCode::getHostingPort() +int ProcessCode::csops(unsigned int ops, void *addr, size_t size) { - return SecurityServer::ClientSession().hostingPort(pid()); + // pass pid and audit token both if we have it, or just the pid if we don't + if (mAudit) + return ::csops_audittoken(mPid, ops, addr, size, mAudit); + else + return ::csops(mPid, ops, addr, size); } + /* * */ @@ -69,7 +78,10 @@ CFDictionaryRef ProcessDynamicCode::infoDictionary() { if (mGuest->pidBased()->supportInfoPlist()) return SecStaticCode::infoDictionary(); - return makeCFDictionary(0); + if (!mEmptyInfoDict) { + mEmptyInfoDict.take(makeCFDictionary(0)); + } + return mEmptyInfoDict; } void ProcessDynamicCode::validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail /* = errSecCSSignatureFailed */)