Cradicle Explorer
darling-security
/ OSX / libsecurity_codesigning / lib / csprocess.cpp
csprocess.cpp
 1  /*
 2   * Copyright (c) 2006,2011,2013-2014 Apple Inc. All Rights Reserved.
 3   * 
 4   * @APPLE_LICENSE_HEADER_START@
 5   * 
 6   * This file contains Original Code and/or Modifications of Original Code
 7   * as defined in and that are subject to the Apple Public Source License
 8   * Version 2.0 (the 'License'). You may not use this file except in
 9   * compliance with the License. Please obtain a copy of the License at
10   * http://www.opensource.apple.com/apsl/ and read it before using this
11   * file.
12   * 
13   * The Original Code and all software distributed under the License are
14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18   * Please see the License for the specific language governing rights and
19   * limitations under the License.
20   * 
21   * @APPLE_LICENSE_HEADER_END@
22   */
23  
24  //
25  // csprocess - UNIX process implementation of the Code Signing Host Interface
26  //
27  #include "csprocess.h"
28  #include "cskernel.h"
29  #include <securityd_client/ssclient.h>
30  #include <System/sys/codesign.h>
31  
32  namespace Security {
33  namespace CodeSigning {
34  
35  
36  //
37  // Construct a running process representation
38  //
39  ProcessCode::ProcessCode(pid_t pid, const audit_token_t* token, PidDiskRep *pidDiskRep /*= NULL */)
40  	: SecCode(KernelCode::active()), mPid(pid), mPidBased(pidDiskRep)
41  {
42  	if (token)
43  		mAudit = new audit_token_t(*token);
44  	else
45  		mAudit = NULL;
46  }
47  
48  
49  int ProcessCode::csops(unsigned int ops, void *addr, size_t size)
50  {
51  	// pass pid and audit token both if we have it, or just the pid if we don't
52  	if (mAudit)
53  		return ::csops_audittoken(mPid, ops, addr, size, mAudit);
54  	else
55  		return ::csops(mPid, ops, addr, size);
56  }
57  
58  
59  /*
60   *
61   */
62          
63  ProcessDynamicCode::ProcessDynamicCode(ProcessCode *guest)
64          : SecStaticCode(guest->pidBased()), mGuest(guest)
65  {
66  }
67  
68  CFDataRef ProcessDynamicCode::component(CodeDirectory::SpecialSlot slot, OSStatus fail /* = errSecCSSignatureFailed */)
69  {
70          if (slot == cdInfoSlot && !mGuest->pidBased()->supportInfoPlist())
71                  return NULL;
72          else if (slot == cdResourceDirSlot)
73                  return NULL;
74          return SecStaticCode::component(slot, fail);
75  }
76  
77  CFDictionaryRef ProcessDynamicCode::infoDictionary()
78  {
79          if (mGuest->pidBased()->supportInfoPlist())
80                  return SecStaticCode::infoDictionary();
81          if (!mEmptyInfoDict) {
82                  mEmptyInfoDict.take(makeCFDictionary(0));
83          }
84          return mEmptyInfoDict;
85  }
86  
87  void ProcessDynamicCode::validateComponent(CodeDirectory::SpecialSlot slot, OSStatus fail /* = errSecCSSignatureFailed */)
88  {
89          if (slot == cdInfoSlot && !mGuest->pidBased()->supportInfoPlist())
90                  return;
91          else if (slot == cdResourceDirSlot)
92                  return;
93          SecStaticCode::validateComponent(slot, fail);
94  }
95  
96  
97          
98  } // CodeSigning
99  } // Security