X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..0d4552ce43ff8bf2e8666a9c5c44c3590eb117a8:/OSX/libsecurity_codesigning/lib/csprocess.cpp

diff --git a/OSX/libsecurity_codesigning/lib/csprocess.cpp b/OSX/libsecurity_codesigning/lib/csprocess.cpp
index bc406aa3..80b58521 100644
--- a/OSX/libsecurity_codesigning/lib/csprocess.cpp
+++ b/OSX/libsecurity_codesigning/lib/csprocess.cpp
@@ -36,17 +36,26 @@ namespace CodeSigning {
 //
 // Construct a running process representation
 //
-ProcessCode::ProcessCode(pid_t pid, PidDiskRep *pidDiskRep /*= NULL */)
-	: GenericCode(KernelCode::active()), mPid(pid), mPidBased(pidDiskRep)
+ProcessCode::ProcessCode(pid_t pid, const audit_token_t* token, PidDiskRep *pidDiskRep /*= NULL */)
+	: SecCode(KernelCode::active()), mPid(pid), mPidBased(pidDiskRep)
 {
+	if (token)
+		mAudit = new audit_token_t(*token);
+	else
+		mAudit = NULL;
 }
 
 
-mach_port_t ProcessCode::getHostingPort()
+int ProcessCode::csops(unsigned int ops, void *addr, size_t size)
 {
-	return SecurityServer::ClientSession().hostingPort(pid());
+	// pass pid and audit token both if we have it, or just the pid if we don't
+	if (mAudit)
+		return ::csops_audittoken(mPid, ops, addr, size, mAudit);
+	else
+		return ::csops(mPid, ops, addr, size);
 }
 
+
 /*
  *
  */
@@ -69,7 +78,10 @@ CFDictionaryRef ProcessDynamicCode::infoDictionary()
 {
         if (mGuest->pidBased()->supportInfoPlist())
                 return SecStaticCode::infoDictionary();
-        return makeCFDictionary(0);
+        if (!mEmptyInfoDict) {
+                mEmptyInfoDict.take(makeCFDictionary(0));
+        }
+        return mEmptyInfoDict;
 }
 
 void ProcessDynamicCode::validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail /* = errSecCSSignatureFailed */)