Cradicle Explorer
darling-security
/ OSX / libsecurity_codesigning / lib / cskernel.h
cskernel.h
 1  /*
 2   * Copyright (c) 2006,2011,2014 Apple Inc. All Rights Reserved.
 3   * 
 4   * @APPLE_LICENSE_HEADER_START@
 5   * 
 6   * This file contains Original Code and/or Modifications of Original Code
 7   * as defined in and that are subject to the Apple Public Source License
 8   * Version 2.0 (the 'License'). You may not use this file except in
 9   * compliance with the License. Please obtain a copy of the License at
10   * http://www.opensource.apple.com/apsl/ and read it before using this
11   * file.
12   * 
13   * The Original Code and all software distributed under the License are
14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18   * Please see the License for the specific language governing rights and
19   * limitations under the License.
20   * 
21   * @APPLE_LICENSE_HEADER_END@
22   */
23  
24  //
25  // cskernel - Kernel implementation of the Code Signing Host Interface
26  //
27  #ifndef _H_CSKERNEL
28  #define _H_CSKERNEL
29  
30  #include "Code.h"
31  #include "StaticCode.h"
32  #include <security_utilities/utilities.h>
33  
34  namespace Security {
35  namespace CodeSigning {
36  
37  
38  class ProcessCode;
39  
40  
41  //
42  // The nominal StaticCode representing the kernel on disk.
43  // This is barely used, since we don't validate the kernel (it's the root of trust)
44  // and we don't activate new kernels at runtime.
45  //
46  class KernelStaticCode : public SecStaticCode {
47  public:
48  	KernelStaticCode();
49  
50  private:
51  };
52  
53  
54  //
55  // A SecCode that represents the system's running kernel.
56  // We usually only have one of those in the system at one time. :-)
57  //
58  class KernelCode : public SecCode {
59  public:
60  	KernelCode();
61  
62  	SecCode *locateGuest(CFDictionaryRef attributes);
63  	SecStaticCode *identifyGuest(SecCode *guest, CFDataRef *cdhash);
64  	SecCodeStatus getGuestStatus(SecCode *guest);
65  	void changeGuestStatus(SecCode *guest, SecCodeStatusOperation operation, CFDictionaryRef arguments);
66  	
67  	static KernelCode *active()		{ return globals().code; }
68  	
69  public:
70  	struct Globals {
71  		Globals();
72  		SecPointer<KernelCode> code;
73  		SecPointer<KernelStaticCode> staticCode;
74  	};
75  	static ModuleNexus<Globals> globals;
76  
77  protected:
78  	void identify();
79  	void csops(ProcessCode *proc, unsigned int op, void *addr = NULL, size_t length = 0);
80  };
81  
82  
83  } // end namespace CodeSigning
84  } // end namespace Security
85  
86  #endif // !_H_CSKERNEL