-
Notifications
You must be signed in to change notification settings - Fork 3
/
security.h
76 lines (66 loc) · 2.79 KB
/
security.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*
* security.h
* kext_tools
*
* Copyright 20012 Apple Inc. All rights reserved.
*
*/
#ifndef _SECURITY_H
#define _SECURITY_H
#include <CoreFoundation/CoreFoundation.h>
#include <IOKit/kext/OSKext.h>
#include <mach/mach_error.h>
// <rdar://problem/12435992>
#include <asl.h>
#include <Security/SecCode.h>
#include <Security/SecCodeSigner.h>
#include <Security/SecStaticCode.h>
#include <Security/SecRequirement.h>
#include <Security/SecRequirementPriv.h>
#include <Security/SecCodePriv.h>
#define kMessageTracerDomainKey "com.apple.message.domain"
#define kMessageTracerHashKey "com.apple.message.hash"
#define kMessageTracerBundleIDKey "com.apple.message.bundleID"
#define kMessageTracerVersionKey "com.apple.message.version"
#define kMessageTracerKextNameKey "com.apple.message.kextname"
#define kMessageTracerFatKey "com.apple.message.fat"
#define kMessageTracerArchKey "com.apple.message.architecture"
#define kMessageTracerTeamIdKey "com.apple.message.teamid"
#define kMessageTracerSubjectCNKey "com.apple.message.subjectcn"
#define kMessageTracerIssuerCNKey "com.apple.message.issuercn"
#define kMessageTracerSignatureTypeKey "com.apple.message.signaturetype"
#define kMessageTracerPathKey "com.apple.message.kextpath"
#define kAppleKextWithAppleRoot \
"Apple kext with Apple root"
#define k3rdPartyKextWithAppleRoot \
"3rd-party kext with Apple root"
#define k3rdPartyKextWithoutAppleRoot \
"3rd-party kext without Apple root"
#define k3rdPartyKextWithDevIdPlus \
"3rd-party kext with devid+ certificate"
#define k3rdPartyKextWithRevokedDevIdPlus \
"3rd-party kext with revoked devid+ certificate"
#define kUnsignedKext \
"Unsigned kext"
/* "com.apple.libkext.kext.loading" was used in 10.8
* "com.apple.libkext.kext.loading.v3" is used in 10.9 */
#define kMTKextLoadingDomain "com.apple.libkext.kext.loading.v3"
#define kMTKextBlockedDomain "com.apple.libkext.kext.blocked"
void messageTraceExcludedKext(OSKextRef aKext);
void recordKextLoadListForMT(CFArrayRef kextList);
void recordKextLoadForMT(OSKextRef aKext);
OSStatus checkKextSignature(OSKextRef aKext,
Boolean checkExceptionList,
Boolean earlyBoot);
OSStatus checkSignaturesOfDependents(OSKextRef theKext,
Boolean checkExceptionList,
Boolean earlyBoot);
Boolean isInExceptionList(OSKextRef theKext, CFURLRef theKextURL, Boolean useCache);
Boolean isInLibraryExtensionsFolder(OSKextRef theKext);
Boolean isInSystemLibraryExtensionsFolder(OSKextRef theKext);
//Boolean isDevMode(void);
Boolean isPrelinkedKernelAutoRebuildDisabled(void);
Boolean isInvalidSignatureAllowed(void);
Boolean isKextdRunning(void);
int callSecKeychainMDSInstall( void );
#endif // _SECURITY_H