#include <sys/vnode.h>
#include <sys/ubc.h>
#include <sys/mman.h>
+#include <sys/codesign.h>
#include <sys/cdefs.h>
#include <kern/locks.h>
#include <mach/memory_object_types.h>
-#include <libkern/crypto/sha1.h>
-
#define UBC_INFO_NULL ((struct ubc_info *) 0)
struct cl_wextent cl_clusters[MAX_CLUSTERS]; /* packed write behind clusters */
};
+struct cs_hash;
+
+uint8_t cs_hash_type(struct cs_hash const *);
struct cs_blob {
struct cs_blob *csb_next;
off_t csb_base_offset; /* Offset of Mach-O binary in fat binary */
off_t csb_start_offset; /* Blob coverage area start, from csb_base_offset */
off_t csb_end_offset; /* Blob coverage area end, from csb_base_offset */
- ipc_port_t csb_mem_handle;
vm_size_t csb_mem_size;
vm_offset_t csb_mem_offset;
vm_address_t csb_mem_kaddr;
- unsigned char csb_sha1[SHA1_RESULTLEN];
- unsigned int csb_sigpup;
+ unsigned char csb_cdhash[CS_CDHASH_LEN];
+ const struct cs_hash *csb_hashtype;
+ vm_size_t csb_hash_pagesize; /* each hash entry represent this many bytes in the file */
+ vm_size_t csb_hash_pagemask;
+ vm_size_t csb_hash_pageshift;
+ vm_size_t csb_hash_firstlevel_pagesize; /* First hash this many bytes, then hash the hashes together */
+ const CS_CodeDirectory *csb_cd;
const char *csb_teamid;
- unsigned int csb_platform_binary;
+ const CS_GenericBlob *csb_entitlements_blob; /* raw blob, subrange of csb_mem_kaddr */
+ void * csb_entitlements; /* The entitlements as an OSDictionary */
+ unsigned int csb_signer_type;
+
+ unsigned int csb_reconstituted; /* signature has potentially been modified after validation */
+ /* The following two will be replaced by the csb_signer_type. */
+ unsigned int csb_platform_binary:1;
+ unsigned int csb_platform_path:1;
+
};
/*
/* internal only */
__private_extern__ void cluster_release(struct ubc_info *);
-__private_extern__ uint32_t cluster_max_io_size(mount_t, int);
__private_extern__ uint32_t cluster_throttle_io_limit(vnode_t, uint32_t *);
#define UBC_FOR_PAGEOUT 0x0002
memory_object_control_t ubc_getobject(vnode_t, int);
-boolean_t ubc_strict_uncached_IO(vnode_t);
int ubc_info_init(vnode_t);
int ubc_info_init_withsize(vnode_t, off_t);
int ubc_getcdhash(vnode_t, off_t, unsigned char *);
-__attribute__((pure)) boolean_t ubc_is_mapped(const struct vnode *, boolean_t *writable);
-__attribute__((pure)) boolean_t ubc_is_mapped_writable(const struct vnode *);
-
#ifdef XNU_KERNEL_PRIVATE
int UBCINFOEXISTS(const struct vnode *);
#endif /* XNU_KERNEL_PRIVATE */
/* code signing */
struct cs_blob;
-int ubc_cs_blob_add(vnode_t, cpu_type_t, off_t, vm_address_t, vm_size_t, int);
+int ubc_cs_blob_add(vnode_t, cpu_type_t, off_t, vm_address_t *, vm_size_t, struct image_params *, int, struct cs_blob **);
int ubc_cs_sigpup_add(vnode_t, vm_address_t, vm_size_t);
struct cs_blob *ubc_get_cs_blobs(vnode_t);
void ubc_get_cs_mtime(vnode_t, struct timespec *);
int ubc_cs_getcdhash(vnode_t, off_t, unsigned char *);
kern_return_t ubc_cs_blob_allocate(vm_offset_t *, vm_size_t *);
void ubc_cs_blob_deallocate(vm_offset_t, vm_size_t);
+boolean_t ubc_cs_is_range_codesigned(vnode_t, mach_vm_offset_t, mach_vm_size_t);
kern_return_t ubc_cs_validation_bitmap_allocate( vnode_t );
void ubc_cs_validation_bitmap_deallocate( vnode_t );
projects / apple / xnu.git / blobdiff