#include <sys/cdefs.h>
#include <mach/boolean.h>
#include <sys/_types.h> /* __offsetof() */
+#include <sys/syslimits.h> /* NGROUPS_MAX */
#ifdef __APPLE_API_EVOLVING
#define KAUTH_UID_NONE (~(uid_t)0 - 100) /* not a valid UID */
#define KAUTH_GID_NONE (~(gid_t)0 - 100) /* not a valid GID */
-#ifndef _KAUTH_GUID
-#define _KAUTH_GUID
-/* Apple-style globally unique identifier */
-typedef struct {
-#define KAUTH_GUID_SIZE 16 /* 128-bit identifier */
- unsigned char g_guid[KAUTH_GUID_SIZE];
-} guid_t;
-#define _GUID_T
-#endif /* _KAUTH_GUID */
+#include <sys/_types/_guid_t.h>
/* NT Security Identifier, structure as defined by Microsoft */
#pragma pack(1) /* push packing of 1 byte */
#define KAUTH_EXTLOOKUP_WANT_PWNAM (1<<16)
#define KAUTH_EXTLOOKUP_VALID_GRNAM (1<<17)
#define KAUTH_EXTLOOKUP_WANT_GRNAM (1<<18)
+#define KAUTH_EXTLOOKUP_VALID_SUPGRPS (1<<19)
+#define KAUTH_EXTLOOKUP_WANT_SUPGRPS (1<<20)
__darwin_pid_t el_info_pid; /* request on behalf of PID */
u_int64_t el_extend; /* extension field */
ntsid_t el_gsid; /* group SID */
u_int32_t el_gsid_valid; /* TTL on translation result (seconds) */
u_int32_t el_member_valid; /* TTL on group lookup result */
+ u_int32_t el_sup_grp_cnt; /* count of supplemental groups up to NGROUPS */
+ gid_t el_sup_groups[NGROUPS_MAX]; /* supplemental group list */
};
struct kauth_cache_sizes {
#define KAUTH_SET_CACHE_SIZES (1<<4)
#define KAUTH_CLEAR_CACHES (1<<5)
+#define IDENTITYSVC_ENTITLEMENT "com.apple.private.identitysvc"
+
#ifdef KERNEL
/*
extern int kauth_cred_guid2ntsid(guid_t *_guid, ntsid_t *_sidp);
extern int kauth_cred_ismember_gid(kauth_cred_t _cred, gid_t _gid, int *_resultp);
extern int kauth_cred_ismember_guid(kauth_cred_t _cred, guid_t *_guidp, int *_resultp);
+extern int kauth_cred_nfs4domain2dsnode(char *nfs4domain, char *dsnode);
+extern int kauth_cred_dsnode2nfs4domain(char *dsnode, char *nfs4domain);
extern int groupmember(gid_t gid, kauth_cred_t cred);
struct uthread;
extern void kauth_cred_uthread_update(struct uthread *, proc_t);
#ifdef CONFIG_MACF
-extern int kauth_proc_label_update_execve(struct proc *p, struct vfs_context *ctx, struct vnode *vp, struct label *scriptlabel, struct label *execlabel);
+extern void kauth_proc_label_update_execve(struct proc *p, struct vfs_context *ctx, struct vnode *vp, off_t offset, struct vnode *scriptvp, struct label *scriptlabel, struct label *execlabel, unsigned int *csflags, void *psattr, int *disjoint, int *update_return);
#endif
extern int kauth_cred_getgroups(kauth_cred_t _cred, gid_t *_groups, int *_groupcount);
extern int kauth_cred_assume(uid_t _uid);
#define KAUTH_FILEOP_LINK 5
#define KAUTH_FILEOP_EXEC 6
#define KAUTH_FILEOP_DELETE 7
+#define KAUTH_FILEOP_WILL_RENAME 8
/*
* arguments passed to KAUTH_FILEOP_OPEN listeners
* arg0 is pointer to vnode (vnode *) for file to be closed.
* arg1 is pointer to path (char *) of file to be closed.
* arg2 is close flags.
+ * arguments passed to KAUTH_FILEOP_WILL_RENAME listeners
+ * arg0 is pointer to vnode (vnode *) of the file being renamed
+ * arg1 is pointer to the "from" path (char *)
+ * arg2 is pointer to the "to" path (char *)
* arguments passed to KAUTH_FILEOP_RENAME listeners
* arg0 is pointer to "from" path (char *).
* arg1 is pointer to "to" path (char *).
extern lck_grp_t *kauth_lck_grp;
#ifdef XNU_KERNEL_PRIVATE
__BEGIN_DECLS
-extern void kauth_init(void) __attribute__((section("__TEXT, initcode")));
-extern void kauth_cred_init(void) __attribute__((section("__TEXT, initcode")));
+extern void kauth_init(void);
+extern void kauth_cred_init(void);
#if CONFIG_EXT_RESOLVER
-extern void kauth_identity_init(void) __attribute__((section("__TEXT, initcode")));
-extern void kauth_groups_init(void) __attribute__((section("__TEXT, initcode")));
-extern void kauth_resolver_init(void) __attribute__((section("__TEXT, initcode")));
+extern void kauth_identity_init(void);
+extern void kauth_groups_init(void);
+extern void kauth_resolver_init(void);
#endif
__END_DECLS
#endif /* XNU_KERNEL_PRIVATE */
projects / apple / xnu.git / blobdiff