proc.h
1 /* 2 * Copyright (c) 2000-2018 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 /* Copyright (c) 1995, 1997 Apple Computer, Inc. All Rights Reserved */ 29 /*- 30 * Copyright (c) 1986, 1989, 1991, 1993 31 * The Regents of the University of California. All rights reserved. 32 * (c) UNIX System Laboratories, Inc. 33 * All or some portions of this file are derived from material licensed 34 * to the University of California by American Telephone and Telegraph 35 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 36 * the permission of UNIX System Laboratories, Inc. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. All advertising materials mentioning features or use of this software 47 * must display the following acknowledgement: 48 * This product includes software developed by the University of 49 * California, Berkeley and its contributors. 50 * 4. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * @(#)proc.h 8.15 (Berkeley) 5/19/95 67 */ 68 69 #ifndef _SYS_PROC_H_ 70 #define _SYS_PROC_H_ 71 72 #include <sys/appleapiopts.h> 73 #include <sys/cdefs.h> 74 #include <sys/select.h> /* For struct selinfo. */ 75 #include <sys/queue.h> 76 #include <sys/lock.h> 77 #include <sys/param.h> 78 #include <sys/event.h> 79 #include <sys/time.h> 80 #ifdef KERNEL 81 #include <sys/kernel_types.h> 82 #include <uuid/uuid.h> 83 #endif 84 #include <mach/boolean.h> 85 86 #ifdef XNU_KERNEL_PRIVATE 87 #include <mach/coalition.h> /* COALITION_NUM_TYPES */ 88 #endif 89 90 #ifndef KERNEL 91 #include <Availability.h> 92 #endif 93 94 #if defined(XNU_KERNEL_PRIVATE) || !defined(KERNEL) 95 96 struct session; 97 struct pgrp; 98 struct proc; 99 struct proc_ident; 100 101 /* Exported fields for kern sysctls */ 102 struct extern_proc { 103 union { 104 struct { 105 struct proc *__p_forw; /* Doubly-linked run/sleep queue. */ 106 struct proc *__p_back; 107 } p_st1; 108 struct timeval __p_starttime; /* process start time */ 109 } p_un; 110 #define p_forw p_un.p_st1.__p_forw 111 #define p_back p_un.p_st1.__p_back 112 #define p_starttime p_un.__p_starttime 113 struct vmspace *p_vmspace; /* Address space. */ 114 struct sigacts *p_sigacts; /* Signal actions, state (PROC ONLY). */ 115 int p_flag; /* P_* flags. */ 116 char p_stat; /* S* process status. */ 117 pid_t p_pid; /* Process identifier. */ 118 pid_t p_oppid; /* Save parent pid during ptrace. XXX */ 119 int p_dupfd; /* Sideways return value from fdopen. XXX */ 120 /* Mach related */ 121 caddr_t user_stack; /* where user stack was allocated */ 122 void *exit_thread; /* XXX Which thread is exiting? */ 123 int p_debugger; /* allow to debug */ 124 boolean_t sigwait; /* indication to suspend */ 125 /* scheduling */ 126 u_int p_estcpu; /* Time averaged value of p_cpticks. */ 127 int p_cpticks; /* Ticks of cpu time. */ 128 fixpt_t p_pctcpu; /* %cpu for this process during p_swtime */ 129 void *p_wchan; /* Sleep address. */ 130 char *p_wmesg; /* Reason for sleep. */ 131 u_int p_swtime; /* Time swapped in or out. */ 132 u_int p_slptime; /* Time since last blocked. */ 133 struct itimerval p_realtimer; /* Alarm timer. */ 134 struct timeval p_rtime; /* Real time. */ 135 u_quad_t p_uticks; /* Statclock hits in user mode. */ 136 u_quad_t p_sticks; /* Statclock hits in system mode. */ 137 u_quad_t p_iticks; /* Statclock hits processing intr. */ 138 int p_traceflag; /* Kernel trace points. */ 139 struct vnode *p_tracep; /* Trace to vnode. */ 140 int p_siglist; /* DEPRECATED. */ 141 struct vnode *p_textvp; /* Vnode of executable. */ 142 int p_holdcnt; /* If non-zero, don't swap. */ 143 sigset_t p_sigmask; /* DEPRECATED. */ 144 sigset_t p_sigignore; /* Signals being ignored. */ 145 sigset_t p_sigcatch; /* Signals being caught by user. */ 146 u_char p_priority; /* Process priority. */ 147 u_char p_usrpri; /* User-priority based on p_cpu and p_nice. */ 148 char p_nice; /* Process "nice" value. */ 149 char p_comm[MAXCOMLEN + 1]; 150 struct pgrp *p_pgrp; /* Pointer to process group. */ 151 struct user *p_addr; /* Kernel virtual addr of u-area (PROC ONLY). */ 152 u_short p_xstat; /* Exit status for wait; also stop signal. */ 153 u_short p_acflag; /* Accounting flags. */ 154 struct rusage *p_ru; /* Exit information. XXX */ 155 }; 156 157 158 /* Status values. */ 159 #define SIDL 1 /* Process being created by fork. */ 160 #define SRUN 2 /* Currently runnable. */ 161 #define SSLEEP 3 /* Sleeping on an address. */ 162 #define SSTOP 4 /* Process debugging or suspension. */ 163 #define SZOMB 5 /* Awaiting collection by parent. */ 164 165 /* These flags are kept in extern_proc.p_flag. */ 166 #define P_ADVLOCK 0x00000001 /* Process may hold POSIX adv. lock */ 167 #define P_CONTROLT 0x00000002 /* Has a controlling terminal */ 168 #define P_LP64 0x00000004 /* Process is LP64 */ 169 #define P_NOCLDSTOP 0x00000008 /* No SIGCHLD when children stop */ 170 171 #define P_PPWAIT 0x00000010 /* Parent waiting for chld exec/exit */ 172 #define P_PROFIL 0x00000020 /* Has started profiling */ 173 #define P_SELECT 0x00000040 /* Selecting; wakeup/waiting danger */ 174 #define P_CONTINUED 0x00000080 /* Process was stopped and continued */ 175 176 #define P_SUGID 0x00000100 /* Has set privileges since last exec */ 177 #define P_SYSTEM 0x00000200 /* Sys proc: no sigs, stats or swap */ 178 #define P_TIMEOUT 0x00000400 /* Timing out during sleep */ 179 #define P_TRACED 0x00000800 /* Debugged process being traced */ 180 181 #define P_DISABLE_ASLR 0x00001000 /* Disable address space layout randomization */ 182 #define P_WEXIT 0x00002000 /* Working on exiting */ 183 #define P_EXEC 0x00004000 /* Process called exec. */ 184 185 /* Should be moved to machine-dependent areas. */ 186 #define P_OWEUPC 0x00008000 /* Owe process an addupc() call at next ast. */ 187 188 #define P_AFFINITY 0x00010000 /* xxx */ 189 #define P_TRANSLATED 0x00020000 /* xxx */ 190 #define P_CLASSIC P_TRANSLATED /* xxx */ 191 192 #define P_DELAYIDLESLEEP 0x00040000 /* Process is marked to delay idle sleep on disk IO */ 193 #define P_CHECKOPENEVT 0x00080000 /* check if a vnode has the OPENEVT flag set on open */ 194 195 #define P_DEPENDENCY_CAPABLE 0x00100000 /* process is ok to call vfs_markdependency() */ 196 #define P_REBOOT 0x00200000 /* Process called reboot() */ 197 #define P_RESV6 0x00400000 /* used to be P_TBE */ 198 #define P_RESV7 0x00800000 /* (P_SIGEXC)signal exceptions */ 199 200 #define P_THCWD 0x01000000 /* process has thread cwd */ 201 #define P_RESV9 0x02000000 /* (P_VFORK)process has vfork children */ 202 #define P_ADOPTPERSONA 0x04000000 /* process adopted a persona (used to be P_NOATTACH) */ 203 #define P_RESV11 0x08000000 /* (P_INVFORK) proc in vfork */ 204 205 #define P_NOSHLIB 0x10000000 /* no shared libs are in use for proc */ 206 /* flag set on exec */ 207 #define P_FORCEQUOTA 0x20000000 /* Force quota for root */ 208 #define P_NOCLDWAIT 0x40000000 /* No zombies when chil procs exit */ 209 #define P_NOREMOTEHANG 0x80000000 /* Don't hang on remote FS ops */ 210 211 #define P_INMEM 0 /* Obsolete: retained for compilation */ 212 #define P_NOSWAP 0 /* Obsolete: retained for compilation */ 213 #define P_PHYSIO 0 /* Obsolete: retained for compilation */ 214 #define P_FSTRACE 0 /* Obsolete: retained for compilation */ 215 #define P_SSTEP 0 /* Obsolete: retained for compilation */ 216 217 #define P_DIRTY_TRACK 0x00000001 /* track dirty state */ 218 #define P_DIRTY_ALLOW_IDLE_EXIT 0x00000002 /* process can be idle-exited when clean */ 219 #define P_DIRTY_DEFER 0x00000004 /* defer initial opt-in to idle-exit */ 220 #define P_DIRTY 0x00000008 /* process is dirty */ 221 #define P_DIRTY_SHUTDOWN 0x00000010 /* process is dirty during shutdown */ 222 #define P_DIRTY_TERMINATED 0x00000020 /* process has been marked for termination */ 223 #define P_DIRTY_BUSY 0x00000040 /* serialization flag */ 224 #define P_DIRTY_MARKED 0x00000080 /* marked dirty previously */ 225 #define P_DIRTY_AGING_IN_PROGRESS 0x00000100 /* aging in one of the 'aging bands' */ 226 #define P_DIRTY_LAUNCH_IN_PROGRESS 0x00000200 /* launch is in progress */ 227 #define P_DIRTY_DEFER_ALWAYS 0x00000400 /* defer going to idle-exit after every dirty->clean transition. 228 * For legacy jetsam policy only. This is the default with the other policies.*/ 229 230 #define P_DIRTY_IS_DIRTY (P_DIRTY | P_DIRTY_SHUTDOWN) 231 #define P_DIRTY_IDLE_EXIT_ENABLED (P_DIRTY_TRACK|P_DIRTY_ALLOW_IDLE_EXIT) 232 233 #endif /* XNU_KERNEL_PRIVATE || !KERNEL */ 234 235 #ifdef KERNEL 236 __BEGIN_DECLS 237 238 extern proc_t kernproc; 239 240 extern int proc_is_classic(proc_t p); 241 extern bool proc_is_exotic(proc_t p); 242 extern bool proc_is_alien(proc_t p); 243 proc_t current_proc_EXTERNAL(void); 244 245 extern int msleep(void *chan, lck_mtx_t *mtx, int pri, const char *wmesg, struct timespec * ts ); 246 extern void wakeup(void *chan); 247 extern void wakeup_one(caddr_t chan); 248 249 /* proc kpis */ 250 /* this routine returns the pid of the current process */ 251 extern int proc_selfpid(void); 252 /* this routine returns the pid of the parent of the current process */ 253 extern int proc_selfppid(void); 254 /* this routine returns the csflags of the current process */ 255 extern uint64_t proc_selfcsflags(void); 256 /* this routine populates the given flags param with the csflags of the given process. Returns 0 on success, -1 on error. */ 257 extern int proc_csflags(proc_t p, uint64_t* flags); 258 /* this routine returns sends a signal signum to the process identified by the pid */ 259 extern void proc_signal(int pid, int signum); 260 /* this routine checks whether any signal identified by the mask are pending in the process identified by the pid. The check is on all threads of the process. */ 261 extern int proc_issignal(int pid, sigset_t mask); 262 /* this routine returns 1 if the pid1 is inferior of pid2 */ 263 extern int proc_isinferior(int pid1, int pid2); 264 /* this routine copies the process's name of the executable to the passed in buffer. It 265 * is always null terminated. The size of the buffer is to be passed in as well. This 266 * routine is to be used typically for debugging 267 */ 268 void proc_name(int pid, char * buf, int size); 269 /* returns the 32-byte name if it exists, otherwise returns the 16-byte name */ 270 extern char *proc_best_name(proc_t p); 271 /* This routine is simillar to proc_name except it returns for current process */ 272 void proc_selfname(char * buf, int size); 273 274 /* find a process with a given pid. This comes with a reference which needs to be dropped by proc_rele */ 275 extern proc_t proc_find(int pid); 276 /* find a process with a given process identity */ 277 extern proc_t proc_find_ident(struct proc_ident const *i); 278 /* returns a handle to current process which is referenced. The reference needs to be dropped with proc_rele */ 279 extern proc_t proc_self(void); 280 /* releases the held reference on the process */ 281 extern int proc_rele(proc_t p); 282 /* returns the pid of the given process */ 283 extern int proc_pid(proc_t); 284 /* returns the pid of the parent of a given process */ 285 extern int proc_ppid(proc_t); 286 /* returns the original pid of the parent of a given process */ 287 extern int proc_original_ppid(proc_t); 288 /* returns the start time of the given process */ 289 extern int proc_starttime(proc_t, struct timeval *); 290 /* returns the platform (macos, ios, watchos, tvos, ...) of the given process */ 291 extern uint32_t proc_platform(const proc_t); 292 /* returns the minimum sdk version used by the current process */ 293 extern uint32_t proc_min_sdk(proc_t); 294 /* returns the sdk version used by the current process */ 295 extern uint32_t proc_sdk(proc_t); 296 /* returns 1 if the process is marked for no remote hangs */ 297 extern int proc_noremotehang(proc_t); 298 /* returns 1 if the process is marked for force quota */ 299 extern int proc_forcequota(proc_t); 300 /* returns 1 if the process is chrooted */ 301 extern int proc_chrooted(proc_t); 302 /* returns TRUE if a sync EXC_RESOURCE should be sent for the process */ 303 extern boolean_t proc_send_synchronous_EXC_RESOURCE(proc_t p); 304 305 /* this routine returns 1 if the process is running with a 64bit address space, else 0 */ 306 extern int proc_is64bit(proc_t); 307 /* this routine returns 1 if the process is running with a 64bit register state, else 0 */ 308 extern int proc_is64bit_data(proc_t); 309 /* this routine returns 1 if the process is initproc */ 310 extern int proc_isinitproc(proc_t); 311 /* is this process exiting? */ 312 extern int proc_exiting(proc_t); 313 /* returns whether the process has started down proc_exit() */ 314 extern int proc_in_teardown(proc_t); 315 /* this routine returns error if the process is not one with super user privileges */ 316 int proc_suser(proc_t p); 317 /* returns the cred assicaited with the process; temporary api */ 318 kauth_cred_t proc_ucred(proc_t p); 319 /* returns 1 if the process is tainted by uid or gid changes,e else 0 */ 320 extern int proc_issetugid(proc_t p); 321 322 extern int proc_tbe(proc_t); 323 324 /*! 325 * @function proc_gettty 326 * @abstract Copies the associated tty vnode for a given process if it exists. The caller needs to decrement the iocount of the vnode. 327 * @return 0 on success. ENOENT if the process has no associated TTY. EINVAL if arguments are NULL or vnode_getwithvid fails. 328 */ 329 extern int proc_gettty(proc_t p, vnode_t *vp); 330 331 /* this routine populates the associated tty device for a given process if it exists, returns 0 on success or else returns EINVAL */ 332 extern int proc_gettty_dev(proc_t p, dev_t *dev); 333 334 /*! 335 * @function proc_selfpgrpid 336 * @abstract Get the process group id for the current process, as with proc_pgrpid(). 337 * @return pgrpid of current process. 338 */ 339 pid_t proc_selfpgrpid(void); 340 341 /*! 342 * @function proc_pgrpid 343 * @abstract Get the process group id for the passed-in process. 344 * @param p Process whose pgrpid to grab. 345 * @return pgrpid for "p". 346 */ 347 pid_t proc_pgrpid(proc_t p); 348 349 /*! 350 * @function proc_sessionid 351 * @abstract Get the process session id for the passed-in process. 352 * @param p Process whose session id to grab. 353 * @return session id of current process. 354 */ 355 pid_t proc_sessionid(proc_t p); 356 357 #ifdef KERNEL_PRIVATE 358 // mark a process as being allowed to call vfs_markdependency() 359 void bsd_set_dependency_capable(task_t task); 360 #ifdef __arm__ 361 static inline int 362 IS_64BIT_PROCESS(__unused proc_t p) 363 { 364 return 0; 365 } 366 #else 367 extern int IS_64BIT_PROCESS(proc_t); 368 #endif /* __arm__ */ 369 370 extern int tsleep(void *chan, int pri, const char *wmesg, int timo); 371 extern int msleep1(void *chan, lck_mtx_t *mtx, int pri, const char *wmesg, u_int64_t timo); 372 373 task_t proc_task(proc_t); 374 extern int proc_pidversion(proc_t); 375 extern proc_t proc_parent(proc_t); 376 extern void proc_parent_audit_token(proc_t, audit_token_t *); 377 extern uint32_t proc_persona_id(proc_t); 378 extern uint32_t proc_getuid(proc_t); 379 extern uint32_t proc_getgid(proc_t); 380 extern int proc_getcdhash(proc_t, unsigned char *); 381 382 /*! 383 * @function proc_pidbackgrounded 384 * @abstract KPI to determine if a process is currently backgrounded. 385 * @discussion The process may move into or out of background state at any time, 386 * so be prepared for this value to be outdated immediately. 387 * @param pid PID of the process to be queried. 388 * @param state Pointer to a value which will be set to 1 if the process 389 * is currently backgrounded, 0 otherwise. 390 * @return ESRCH if pid cannot be found or has started exiting. 391 * 392 * EINVAL if state is NULL. 393 */ 394 extern int proc_pidbackgrounded(pid_t pid, uint32_t* state); 395 396 /* 397 * This returns an unique 64bit id of a given process. 398 * Caller needs to hold proper reference on the 399 * passed in process strucutre. 400 */ 401 extern uint64_t proc_uniqueid(proc_t); 402 403 /* unique 64bit id for process's original parent */ 404 extern uint64_t proc_puniqueid(proc_t); 405 406 extern void proc_set_responsible_pid(proc_t target_proc, pid_t responsible_pid); 407 408 /* return 1 if process is forcing case-sensitive HFS+ access, 0 for default */ 409 extern int proc_is_forcing_hfs_case_sensitivity(proc_t); 410 411 /* return true if the process is translated, false for default */ 412 extern boolean_t proc_is_translated(proc_t); 413 414 /* true if the process ignores errors from content protection APIs */ 415 extern bool proc_ignores_content_protection(proc_t proc); 416 417 /* true if the file system shouldn't update mtime for operations by the process */ 418 extern bool proc_skip_mtime_update(proc_t proc); 419 420 /*! 421 * @function proc_exitstatus 422 * @abstract KPI to determine a process's exit status. 423 * @discussion This function is not safe to call if the process could be 424 * concurrently stopped or started, but it can be called from a 425 * mpo_proc_notify_exit callback. 426 * @param p The process to be queried. 427 * @return Value in the same format as wait()'s output parameter. 428 */ 429 extern int proc_exitstatus(proc_t p); 430 431 #endif /* KERNEL_PRIVATE */ 432 433 #ifdef XNU_KERNEL_PRIVATE 434 435 extern void proc_getexecutableuuid(proc_t, unsigned char *, unsigned long); 436 extern int proc_get_originatorbgstate(uint32_t *is_backgrounded); 437 438 /* Kernel interface to get the uuid of the originator of the work.*/ 439 extern int proc_pidoriginatoruuid(uuid_t uuid_buf, uint32_t buffersize); 440 441 extern uint64_t proc_was_throttled(proc_t); 442 extern uint64_t proc_did_throttle(proc_t); 443 extern bool proc_is_traced(proc_t p); 444 445 extern void proc_coalitionids(proc_t, uint64_t[COALITION_NUM_TYPES]); 446 447 #ifdef CONFIG_32BIT_TELEMETRY 448 extern void proc_log_32bit_telemetry(proc_t p); 449 #endif /* CONFIG_32BIT_TELEMETRY */ 450 extern uint64_t get_current_unique_pid(void); 451 #endif /* XNU_KERNEL_PRIVATE*/ 452 453 #ifdef KERNEL_PRIVATE 454 /* If buf argument is NULL, the necessary length to allocate will be set in buflen */ 455 extern int proc_selfexecutableargs(uint8_t *buf, size_t *buflen); 456 extern off_t proc_getexecutableoffset(proc_t p); 457 extern vnode_t proc_getexecutablevnode(proc_t); /* Returned with iocount, use vnode_put() to drop */ 458 extern int networking_memstatus_callout(proc_t p, uint32_t); 459 460 /* System call filtering for BSD syscalls, mach traps and kobject routines. */ 461 #define SYSCALL_MASK_UNIX 0 462 #define SYSCALL_MASK_MACH 1 463 #define SYSCALL_MASK_KOBJ 2 464 465 #define SYSCALL_FILTER_CALLBACK_VERSION 1 466 typedef int (*syscall_filter_cbfunc_t)(proc_t p, int num); 467 typedef int (*kobject_filter_cbfunc_t)(proc_t p, int msgid, int idx); 468 struct syscall_filter_callbacks { 469 int version; 470 const syscall_filter_cbfunc_t unix_filter_cbfunc; 471 const syscall_filter_cbfunc_t mach_filter_cbfunc; 472 const kobject_filter_cbfunc_t kobj_filter_cbfunc; 473 }; 474 typedef struct syscall_filter_callbacks * syscall_filter_cbs_t; 475 476 extern int proc_set_syscall_filter_callbacks(syscall_filter_cbs_t callback); 477 extern int proc_set_syscall_filter_index(int which, int num, int index); 478 extern size_t proc_get_syscall_filter_mask_size(int which); 479 extern int proc_set_syscall_filter_mask(proc_t p, int which, unsigned char *maskptr, size_t masklen); 480 481 extern int proc_set_filter_message_flag(proc_t p, boolean_t flag); 482 extern int proc_get_filter_message_flag(proc_t p, boolean_t *flag); 483 484 #endif /* KERNEL_PRIVATE */ 485 486 __END_DECLS 487 488 #endif /* KERNEL */ 489 490 #ifdef PRIVATE 491 492 /* Values for pid_shutdown_sockets */ 493 #define SHUTDOWN_SOCKET_LEVEL_DISCONNECT_SVC 0x00000001 494 #define SHUTDOWN_SOCKET_LEVEL_DISCONNECT_ALL 0x00000002 495 496 #ifdef KERNEL 497 #define SHUTDOWN_SOCKET_LEVEL_DISCONNECT_INTERNAL 0x10000000 498 #define SHUTDOWN_SOCKET_LEVEL_NECP 0x20000000 499 #define SHUTDOWN_SOCKET_LEVEL_CONTENT_FILTER 0x40000000 500 #endif 501 502 #ifndef KERNEL 503 504 __BEGIN_DECLS 505 506 int pid_suspend(int pid); 507 int pid_resume(int pid); 508 __API_AVAILABLE(macos(11.3), ios(14.5), tvos(14.5), watchos(7.3)) 509 int task_inspect_for_pid(unsigned int target_tport, int pid, unsigned int *t); /* Returns task inspect port */ 510 __API_AVAILABLE(macos(11.3), ios(14.5), tvos(14.5), watchos(7.3)) 511 int task_read_for_pid(unsigned int target_tport, int pid, unsigned int *t); /* Returns task read port */ 512 513 #if defined(__arm__) || defined(__arm64__) 514 int pid_hibernate(int pid); 515 #endif /* defined(__arm__) || defined(__arm64__) */ 516 int pid_shutdown_sockets(int pid, int level); 517 int pid_shutdown_networking(int pid, int level); 518 __END_DECLS 519 520 #endif /* !KERNEL */ 521 522 /* Entitlement to allow non-root processes to suspend/resume any task */ 523 #define PROCESS_RESUME_SUSPEND_ENTITLEMENT "com.apple.private.process.suspend-resume.any" 524 525 #endif /* PRIVATE */ 526 527 #endif /* !_SYS_PROC_H_ */