]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/kern/mach_process.c
projects / apple / xnu.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
xnu-2050.7.9.tar.gz
[apple/xnu.git] / bsd / kern / mach_process.c
diff --git a/bsd/kern/mach_process.c b/bsd/kern/mach_process.c
index 7ec55c799ee854661105f3361552614e4c2866ca..1a5cac88f387b48a9f0f6d5d4d9ed2d350b3e501 100644 (file)
--- a/bsd/kern/mach_process.c
+++ b/bsd/kern/mach_process.c
@@ -313,6 +313,11 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
                 *      is resumed by adding NSIG to p_cursig. [see issig]
                 */
                proc_unlock(t);
                 *      is resumed by adding NSIG to p_cursig. [see issig]
                 */
                proc_unlock(t);
+#if NOTYET
+               error = mac_proc_check_signal(p, t, SIGKILL);
+               if (0 != error)
+                       goto resume;
+#endif
                psignal(t, SIGKILL);
                goto resume;
 
                psignal(t, SIGKILL);
                goto resume;
 
@@ -342,8 +347,15 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 
                if (uap->req == PT_STEP) {
                        /*
 
                if (uap->req == PT_STEP) {
                        /*
-                        * set trace bit
+                        * set trace bit 
+                        * we use sending SIGSTOP as a comparable security check.
                         */
                         */
+#if NOTYET
+                       error = mac_proc_check_signal(p, t, SIGSTOP);
+                       if (0 != error) {
+                               goto out;
+                       }
+#endif
                        if (thread_setsinglestep(th_act, 1) != KERN_SUCCESS) {
                                error = ENOTSUP;
                                goto out;
                        if (thread_setsinglestep(th_act, 1) != KERN_SUCCESS) {
                                error = ENOTSUP;
                                goto out;
@@ -351,7 +363,14 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
                } else {
                        /*
                         * clear trace bit if on
                } else {
                        /*
                         * clear trace bit if on
+                        * we use sending SIGCONT as a comparable security check.
                         */
                         */
+#if NOTYET
+                       error = mac_proc_check_signal(p, t, SIGCONT);
+                       if (0 != error) {
+                               goto out;
+                       }
+#endif
                        if (thread_setsinglestep(th_act, 0) != KERN_SUCCESS) {
                                error = ENOTSUP;
                                goto out;
                        if (thread_setsinglestep(th_act, 0) != KERN_SUCCESS) {
                                error = ENOTSUP;
                                goto out;
mirror of XNU