1/* 2 * security.h 3 * kext_tools 4 * 5 * Copyright 20012 Apple Inc. All rights reserved. 6 * 7 */ 8#ifndef _SECURITY_H 9#define _SECURITY_H 10 11#include <CoreFoundation/CoreFoundation.h> 12#include <IOKit/kext/OSKext.h> 13#include <mach/mach_error.h> 14 15// <rdar://problem/12435992> 16#include <asl.h> 17#include <Security/SecCode.h> 18#include <Security/SecCodeSigner.h> 19#include <Security/SecStaticCode.h> 20#include <Security/SecRequirement.h> 21#include <Security/SecRequirementPriv.h> 22#include <Security/SecCodePriv.h> 23#include <Security/cssmerr.h> 24 25#define kMessageTracerDomainKey "com.apple.message.domain" 26#define kMessageTracerHashKey "com.apple.message.hash" 27#define kMessageTracerBundleIDKey "com.apple.message.bundleID" 28#define kMessageTracerVersionKey "com.apple.message.version" 29#define kMessageTracerKextNameKey "com.apple.message.kextname" 30#define kMessageTracerFatKey "com.apple.message.fat" 31#define kMessageTracerArchKey "com.apple.message.architecture" 32 33#define kMessageTracerTeamIdKey "com.apple.message.teamid" 34#define kMessageTracerSubjectCNKey "com.apple.message.subjectcn" 35#define kMessageTracerIssuerCNKey "com.apple.message.issuercn" 36 37#define kMessageTracerSignatureTypeKey "com.apple.message.signaturetype" 38#define kMessageTracerPathKey "com.apple.message.kextpath" 39 40#define kAppleKextWithAppleRoot \ 41"Apple kext with Apple root" 42#define k3rdPartyKextWithAppleRoot \ 43"3rd-party kext with Apple root" 44#define k3rdPartyKextWithoutAppleRoot \ 45"3rd-party kext without Apple root" 46#define k3rdPartyKextWithDevIdPlus \ 47"3rd-party kext with devid+ certificate" 48#define k3rdPartyKextWithRevokedDevIdPlus \ 49"3rd-party kext with revoked devid+ certificate" 50#define kUnsignedKext \ 51"Unsigned kext" 52 53/* "com.apple.libkext.kext.loading" was used in 10.8 54 * "com.apple.libkext.kext.loading.v3" is used in 10.9 */ 55#define kMTKextLoadingDomain "com.apple.libkext.kext.loading.v3" 56#define kMTKextBlockedDomain "com.apple.libkext.kext.blocked" 57 58void messageTraceExcludedKext(OSKextRef aKext); 59void recordKextLoadListForMT(CFArrayRef kextList); 60void recordKextLoadForMT(OSKextRef aKext); 61 62Boolean isDebugSetInBootargs(void); 63OSStatus checkKextSignature(OSKextRef aKext, Boolean checkExceptionList); 64Boolean isInExceptionList(OSKextRef aKext, Boolean useCache); 65Boolean isInLibraryExtensionsFolder(OSKextRef theKext); 66 67#endif // _SECURITY_H 68