xnu-3789.1.32.tar.gz

[apple/xnu.git] / bsd / sys / fcntl.h

diff --git a/bsd/sys/fcntl.h b/bsd/sys/fcntl.h
index 08ad4e546f54a13b2bc0e5bc9e4e0590c44402b5..2de689085a19c2e05c4f7879f824b05a6c5d221b 100644 (file)
--- a/bsd/sys/fcntl.h
+++ b/bsd/sys/fcntl.h
@@ -362,6 +362,7 @@
 #endif
 
 #define F_ADDFILESIGS_RETURN   97      /* Add signature from same file, return end offset in structure on sucess */
+#define F_CHECK_LV             98      /* Check if Library Validation allows this Mach-O file to be mapped into the calling process */
 
 
 // FS-specific fcntl()'s numbers begin at 0x00010000 and go up
@@ -527,7 +528,7 @@ typedef struct fsignatures {
        size_t          fs_blob_size;
 } fsignatures_t;
 #ifdef KERNEL
-/* LP64 version of fsignatures.  all pointers 
+/* LP64 version of fsignatures.  all pointers
  * grow when we're dealing with a 64-bit process.
  * WARNING - keep in sync with fsignatures
  */
@@ -547,6 +548,43 @@ typedef struct user_fsignatures {
 } user_fsignatures_t;
 #endif /* KERNEL */
 
+/*
+ * DYLD needs to check if the object is allowed to be combined
+ * into the main binary. This is done between the code signature
+ * is loaded and dyld is doing all the work to process the LOAD commands.
+ *
+ * While this could be done in F_ADDFILESIGS.* family the hook into
+ * the MAC module doesn't say no when LV isn't enabled and then that
+ * is cached on the vnode, and the MAC module never gets change once
+ * a process that library validation enabled.
+ */
+typedef struct fchecklv {
+       off_t           lv_file_start;
+       size_t          lv_error_message_size;
+       void            *lv_error_message;
+} fchecklv_t;
+
+#ifdef KERNEL
+/* LP64 version of fchecklv.  all pointers
+ * grow when we're dealing with a 64-bit process.
+ * WARNING - keep in sync with fsignatures
+ */
+
+typedef struct user32_fchecklv {
+       user32_off_t    lv_file_start;
+       user32_size_t   lv_error_message_size;
+       user32_addr_t   lv_error_message;
+} user32_fchecklv_t;
+
+typedef struct user_fchecklv {
+       off_t           lv_file_start;
+       user_size_t     lv_error_message_size;
+       user_addr_t     lv_error_message;
+} user_fchecklv_t;
+
+#endif /* KERNEL */
+
+
 /* lock operations for flock(2) */
 #define        LOCK_SH         0x01            /* shared file lock */
 #define        LOCK_EX         0x02            /* exclusive file lock */
@@ -572,7 +610,7 @@ typedef struct fbootstraptransfer {
 } fbootstraptransfer_t;
 
 #ifdef KERNEL
-/* LP64 version of fbootstraptransfer.  all pointers 
+/* LP64 version of fbootstraptransfer.  all pointers
  * grow when we're dealing with a 64-bit process.
  * WARNING - keep in sync with fbootstraptransfer
  */