xnu-2050.22.13.tar.gz

[apple/xnu.git] / bsd / sys / codesign.h

diff --git a/bsd/sys/codesign.h b/bsd/sys/codesign.h
index f8fd235c97dd153bf53baad48dfd3053f4b5f174..5894d982cf544d5be96cd0b5f9c3082380bd5b43 100644 (file)
--- a/bsd/sys/codesign.h
+++ b/bsd/sys/codesign.h
@@ -37,6 +37,8 @@
 #define        CS_KILL                 0x0200  /* kill process if it becomes invalid */
 #define CS_EXEC_SET_HARD       0x1000  /* set CS_HARD on any exec'ed process */
 #define CS_EXEC_SET_KILL       0x2000  /* set CS_KILL on any exec'ed process */
+#define CS_KILLED              0x10000 /* was killed by kernel for invalidity */
+#define CS_RESTRICT            0x20000 /* tell dyld to treat restricted */
 
 /* csops  operations */
 #define        CS_OPS_STATUS           0       /* return status */
@@ -45,6 +47,9 @@
 #define        CS_OPS_MARKKILL         3       /* set KILL flag (sticky) */
 #define        CS_OPS_PIDPATH          4       /* get executable's pathname */
 #define        CS_OPS_CDHASH           5       /* get code directory hash */
+#define CS_OPS_PIDOFFSET       6       /* get offset of active Mach-o slice */
+#define CS_OPS_ENTITLEMENTS_BLOB 7     /* get entitlements blob */
+#define CS_OPS_MARKRESTRICT    8       /* set RESTRICT flag (sticky) */
 
 #ifndef KERNEL
 
@@ -52,6 +57,8 @@ __BEGIN_DECLS
 
 /* code sign operations */
 int csops(pid_t pid, unsigned int  ops, void * useraddr, size_t usersize);
+/* works only with CS_OPS_PIDPATH and CS_OPS_ENTITLEMENTS_BLOB */
+int csops_audittoken(pid_t pid, unsigned int  ops, void * useraddr, size_t usersize, audit_token_t * token);
 
 __END_DECLS