X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/3e170ce000f1506b7b5d2c5c7faec85ceabb573d..3903760236c30e3b5ace7a4eefac3a269d68957c:/bsd/sys/fcntl.h

diff --git a/bsd/sys/fcntl.h b/bsd/sys/fcntl.h
index 08ad4e546..2de689085 100644
--- a/bsd/sys/fcntl.h
+++ b/bsd/sys/fcntl.h
@@ -362,6 +362,7 @@
 #endif
 
 #define F_ADDFILESIGS_RETURN	97	/* Add signature from same file, return end offset in structure on sucess */
+#define F_CHECK_LV		98	/* Check if Library Validation allows this Mach-O file to be mapped into the calling process */
 
 
 // FS-specific fcntl()'s numbers begin at 0x00010000 and go up
@@ -527,7 +528,7 @@ typedef struct fsignatures {
 	size_t		fs_blob_size;
 } fsignatures_t;
 #ifdef KERNEL
-/* LP64 version of fsignatures.  all pointers 
+/* LP64 version of fsignatures.  all pointers
  * grow when we're dealing with a 64-bit process.
  * WARNING - keep in sync with fsignatures
  */
@@ -547,6 +548,43 @@ typedef struct user_fsignatures {
 } user_fsignatures_t;
 #endif /* KERNEL */
 
+/*
+ * DYLD needs to check if the object is allowed to be combined
+ * into the main binary. This is done between the code signature
+ * is loaded and dyld is doing all the work to process the LOAD commands.
+ *
+ * While this could be done in F_ADDFILESIGS.* family the hook into
+ * the MAC module doesn't say no when LV isn't enabled and then that
+ * is cached on the vnode, and the MAC module never gets change once
+ * a process that library validation enabled.
+ */
+typedef struct fchecklv {
+	off_t		lv_file_start;
+	size_t		lv_error_message_size;
+	void		*lv_error_message;
+} fchecklv_t;
+
+#ifdef KERNEL
+/* LP64 version of fchecklv.  all pointers
+ * grow when we're dealing with a 64-bit process.
+ * WARNING - keep in sync with fsignatures
+ */
+
+typedef struct user32_fchecklv {
+	user32_off_t	lv_file_start;
+	user32_size_t	lv_error_message_size;
+	user32_addr_t	lv_error_message;
+} user32_fchecklv_t;
+
+typedef struct user_fchecklv {
+	off_t		lv_file_start;
+	user_size_t	lv_error_message_size;
+	user_addr_t	lv_error_message;
+} user_fchecklv_t;
+
+#endif /* KERNEL */
+
+
 /* lock operations for flock(2) */
 #define	LOCK_SH		0x01		/* shared file lock */
 #define	LOCK_EX		0x02		/* exclusive file lock */
@@ -572,7 +610,7 @@ typedef struct fbootstraptransfer {
 } fbootstraptransfer_t;
 
 #ifdef KERNEL
-/* LP64 version of fbootstraptransfer.  all pointers 
+/* LP64 version of fbootstraptransfer.  all pointers
  * grow when we're dealing with a 64-bit process.
  * WARNING - keep in sync with fbootstraptransfer
  */