• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /macosx-10.5.8/xnu-1228.15.4/bsd/kern/

Lines Matching defs:blob

134 	CSMAGIC_REQUIREMENT = 0xfade0c00,		/* single Requirement blob */
136 	CSMAGIC_CODEDIRECTORY = 0xfade0c02,		/* CodeDirectory blob */
167 	uint32_t length;				/* total length of CodeDirectory blob */
185  * Locate the CodeDirectory from an embedded signature blob
218 		 * without a blob.
2129 SYSCTL_INT(_vm, OID_AUTO, cs_blob_size_max, CTLFLAG_RD, &cs_blob_size_max, 0, "Size of biggest code signature blob");
2174 	struct cs_blob		*blob, *oblob;
2184 	blob = (struct cs_blob *) kalloc(sizeof (struct cs_blob));
2185 	if (blob == NULL) {
2190 	/* get a memory entry on the blob */
2215 	/* fill in the new blob */
2216 	blob->csb_cpu_type = cputype;
2217 	blob->csb_base_offset = base_offset;
2218 	blob->csb_mem_size = size;
2219 	blob->csb_mem_offset = 0;
2220 	blob->csb_mem_handle = blob_handle;
2221 	blob->csb_mem_kaddr = addr;
2224 	 * Validate the blob's contents
2229 		(char *) addr + blob->csb_mem_size);
2231 		/* no code directory => useless blob ! */
2232 		blob->csb_flags = 0;
2233 		blob->csb_start_offset = 0;
2234 		blob->csb_end_offset = 0;
2239 		blob->csb_flags = ntohl(cd->flags) | CS_VALID;
2240 		blob->csb_end_offset = round_page(ntohl(cd->codeLimit));
2241 		blob->csb_start_offset = (blob->csb_end_offset -
2243 		/* compute the blob's SHA1 hash */
2248 		SHA1Final(blob->csb_sha1, &sha1ctxt);
2252 	 * Let policy module check whether the blob's signature is accepted.
2255 	error = mac_vnode_check_signature(vp, blob->csb_sha1, (void*)addr, size);
2261 	 * Validate the blob's coverage
2263 	blob_start_offset = blob->csb_base_offset + blob->csb_start_offset;
2264 	blob_end_offset = blob->csb_base_offset + blob->csb_end_offset;
2269 		/* reject empty or backwards blob */
2282 	/* check if this new blob overlaps with an existing blob */
2294 			 /* no conflict with this existing blob */
2299 			     blob->csb_mem_size == oblob->csb_mem_size &&
2300 			     blob->csb_flags == oblob->csb_flags &&
2301 			     (blob->csb_cpu_type == CPU_TYPE_ANY ||
2303 			      blob->csb_cpu_type == oblob->csb_cpu_type) &&
2304 			     !bcmp(blob->csb_sha1,
2308 				  * We already have this blob:
2310 				  * throw away the new blob.
2314 					  * The old blob matches this one
2325 				 /* different blob: reject the new one */
2344 	 * Add this blob to the list of blobs for this vnode.
2346 	 * blob from the list, so ubc_cs_get_blobs() can return whatever
2350 	blob->csb_next = uip->cs_blobs;
2351 	uip->cs_blobs = blob;
2357 	OSAddAtomic(+blob->csb_mem_size, &cs_blob_size);
2361 	if (blob->csb_mem_size > cs_blob_size_max) {
2362 		cs_blob_size_max = blob->csb_mem_size;
2373 		       blob->csb_cpu_type == -1 ? "detached" : "embedded",
2375 		       blob->csb_base_offset + blob->csb_start_offset,
2376 		       blob->csb_base_offset + blob->csb_end_offset,
2377 		       blob->csb_flags);
2387 		if (blob) {
2388 			kfree(blob, sizeof (*blob));
2389 			blob = NULL;
2400 		 * to add an existing blob again.  We cleaned the new
2401 		 * blob and we want to return success.
2421 	struct cs_blob	*blob;
2427 		blob = NULL;
2432 	for (blob = uip->cs_blobs;
2433 	     blob != NULL;
2434 	     blob = blob->csb_next) {
2435 		if (cputype != -1 && blob->csb_cpu_type == cputype) {
2439 			offset_in_blob = offset - blob->csb_base_offset;
2440 			if (offset_in_blob >= blob->csb_start_offset &&
2441 			    offset_in_blob < blob->csb_end_offset) {
2442 				/* our offset is covered by this blob */
2451 	return blob;
2458 	struct cs_blob	*blob, *next_blob;
2460 	for (blob = uip->cs_blobs;
2461 	     blob != NULL;
2462 	     blob = next_blob) {
2463 		next_blob = blob->csb_next;
2464 		if (blob->csb_mem_kaddr != 0) {
2465 			ubc_cs_blob_deallocate(blob->csb_mem_kaddr,
2466 					       blob->csb_mem_size);
2467 			blob->csb_mem_kaddr = 0;
2469 		if (blob->csb_mem_handle != IPC_PORT_NULL) {
2470 			mach_memory_entry_port_release(blob->csb_mem_handle);
2472 		blob->csb_mem_handle = IPC_PORT_NULL;
2474 		OSAddAtomic(-blob->csb_mem_size, &cs_blob_size);
2475 		kfree(blob, sizeof (*blob));
2516 	struct cs_blob		*blobs, *blob;
2536 	for (blob = blobs;
2537 	     blob != NULL;
2538 	     blob = blob->csb_next) {
2539 		offset = page_offset - blob->csb_base_offset;
2540 		if (offset < blob->csb_start_offset ||
2541 		    offset >= blob->csb_end_offset) {
2542 			/* our page is not covered by this blob */
2546 		/* map the blob in the kernel address space */
2547 		kaddr = blob->csb_mem_kaddr;
2549 			ksize = (vm_size_t) (blob->csb_mem_size +
2550 					     blob->csb_mem_offset);
2556 				    blob->csb_mem_handle,
2564 				printf("cs_validate_page: failed to map blob, "
2566 				       blob->csb_mem_size, kr);
2570 		blob_addr = kaddr + blob->csb_mem_offset;
2573 		upper_bound = lower_bound + blob->csb_mem_size;
2581 				/* bogus blob ? */
2587 			offset = page_offset - blob->csb_base_offset;
2590 				/* our page is not covered by this blob */
2675 	struct cs_blob *blobs, *blob;
2679 	for (blob = blobs;
2680 	     blob != NULL;
2681 	     blob = blob->csb_next) {
2682 		/* compute offset relative to this blob */
2683 		rel_offset = offset - blob->csb_base_offset;
2684 		if (rel_offset >= blob->csb_start_offset &&
2685 		    rel_offset < blob->csb_end_offset) {
2686 			/* this blob does cover our "offset" ! */
2691 	if (blob == NULL) {
2692 		/* we didn't find a blob covering "offset" */
2696 	/* get the SHA1 hash of that blob */
2697 	bcopy(blob->csb_sha1, cdhash, sizeof (blob->csb_sha1));