xnu-1504.9.26.tar.gz

diff --git a/bsd/kern/kern_exit.c b/bsd/kern/kern_exit.c
index 83f7c60dd3f6de9dae563efb4890c94f422073ce..811b4fb7d7e010b90249269707d8a587d5537292 100644 (file)
--- a/bsd/kern/kern_exit.c
+++ b/bsd/kern/kern_exit.c
@@ -117,6 +117,8 @@
 #include <kern/thread_call.h>
 #include <kern/sched_prim.h>
 #include <kern/assert.h>
+#include <sys/codesign.h>
+
 #if CONFIG_DTRACE
 /* Do not include dtrace.h, it redefines kmem_[alloc/free] */
 extern void (*dtrace_fasttrap_exit_ptr)(proc_t);
@@ -300,7 +302,7 @@ proc_prepareexit(proc_t p, int rv)
        ut = get_bsdthread_info(self);
 
        /* If a core should be generated, notify crash reporter */
-       if (hassigprop(WTERMSIG(rv), SA_CORE)) {
+       if (hassigprop(WTERMSIG(rv), SA_CORE) || ((p->p_csflags & CS_KILLED) != 0)) {
                /* 
                 * Workaround for processes checking up on PT_DENY_ATTACH:
                 * should be backed out post-Leopard (details in 5431025).

diff --git a/bsd/kern/kern_fork.c b/bsd/kern/kern_fork.c
index 1a164a8c8cc746bd18f6d35bebff44e7b7737b86..a5b1350d382d4d6467ab7e36a7bd48e533c1df62 100644 (file)
--- a/bsd/kern/kern_fork.c
+++ b/bsd/kern/kern_fork.c
@@ -1277,7 +1277,7 @@ retry:
        TAILQ_INIT(&child_proc->p_aio_doneq);
 
        /* Inherit the parent flags for code sign */
-       child_proc->p_csflags = parent_proc->p_csflags;
+       child_proc->p_csflags = (parent_proc->p_csflags & ~CS_KILLED);
 
        /*
         * All processes have work queue locks; cleaned up by

diff --git a/bsd/kern/kern_proc.c b/bsd/kern/kern_proc.c
index 81c86f484cdbc88bab027e662d0051de55173542..ba7505008877f30cf31197aae0b8ef86e95c086e 100644 (file)
--- a/bsd/kern/kern_proc.c
+++ b/bsd/kern/kern_proc.c
@@ -156,6 +156,8 @@ lck_attr_t * lctx_lck_attr;
 static void    lctxinit(void);
 #endif
 
+int cs_debug;  /* declared further down in this file */
+
 #if DEBUG
 #define __PROC_INTERNAL_DEBUG 1
 #endif
@@ -1715,7 +1717,13 @@ csops(__unused proc_t p, struct csops_args *uap, __unused int32_t *retval)
                        if ((pt->p_csflags & CS_VALID) == CS_VALID) {   /* is currently valid */
                                pt->p_csflags &= ~CS_VALID;     /* set invalid */
                                if ((pt->p_csflags & CS_KILL) == CS_KILL) {
+                                       pt->p_csflags |= CS_KILLED;
                                        proc_unlock(pt);
+                                       if (cs_debug) {
+                                               printf("CODE SIGNING: marked invalid by pid %d: "
+                                               "p=%d[%s] honoring CS_KILL, final status 0x%x\n",
+                                               proc_selfpid(), pt->p_pid, pt->p_comm, pt->p_csflags);
+                                       }
                                        psignal(pt, SIGKILL);
                                } else
                                        proc_unlock(pt);
@@ -2623,11 +2631,12 @@ cs_invalid_page(
 
        /* CS_KILL triggers us to send a kill signal. Nothing else. */
        if (p->p_csflags & CS_KILL) {
+               p->p_csflags |= CS_KILLED;
                proc_unlock(p);
                if (cs_debug) {
                        printf("CODE SIGNING: cs_invalid_page(0x%llx): "
-                              "p=%d[%s] honoring CS_KILL\n",
-                              vaddr, p->p_pid, p->p_comm);
+                              "p=%d[%s] honoring CS_KILL, final status 0x%x\n",
+                              vaddr, p->p_pid, p->p_comm, p->p_csflags);
                }
                cs_procs_killed++;
                psignal(p, SIGKILL);

diff --git a/bsd/kern/ubc_subr.c b/bsd/kern/ubc_subr.c
index 0fb29a31c4ded30575aaf0c3827b53a0cc4e356e..473ae0a7854aaacefb22718ad599f9a698c5fe01 100644 (file)
--- a/bsd/kern/ubc_subr.c
+++ b/bsd/kern/ubc_subr.c
@@ -2470,7 +2470,7 @@ ubc_cs_blob_add(
                cs_blob_size_max = (UInt32) blob->csb_mem_size;
        }
 
-       if (cs_debug) {
+       if (cs_debug > 1) {
                proc_t p;
 
                p = current_proc();

diff --git a/bsd/sys/codesign.h b/bsd/sys/codesign.h
index 5f36a2c7aece8f9d8f76fddacad5fe612a873b6d..56ae21668a0b86b15d47b444e69de80a17deca79 100644 (file)
--- a/bsd/sys/codesign.h
+++ b/bsd/sys/codesign.h
@@ -37,6 +37,7 @@
 #define        CS_KILL                 0x0200  /* kill process if it becomes invalid */
 #define CS_EXEC_SET_HARD       0x1000  /* set CS_HARD on any exec'ed process */
 #define CS_EXEC_SET_KILL       0x2000  /* set CS_KILL on any exec'ed process */
+#define CS_KILLED              0x10000 /* was killed by kernel for invalidity */
 
 /* csops  operations */
 #define        CS_OPS_STATUS           0       /* return status */

diff --git a/config/MasterVersion b/config/MasterVersion
index 15b5f95238e34b0bc36f53285103da09d3944882..a3aa9069f6443ead0666c6aeb0c19d021abdbdf2 100644 (file)
--- a/config/MasterVersion
+++ b/config/MasterVersion
@@ -1,4 +1,4 @@
-10.5.0
+10.6.0
 
 # The first line of this file contains the master version number for the kernel.
 # All other instances of the kernel version in xnu are derived from this file.