xnu-1504.9.26

Imported from https://opensource.apple.com/tarballs/xnu/xnu-1504.9.26.tar.gz
zerocc2014 · Jun 4, 2017 · 6f8055e · 6f8055e
1 parent ba332a2
commit 6f8055e
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 6 deletions.
diff --git a/bsd/kern/kern_exit.c b/bsd/kern/kern_exit.c
@@ -117,6 +117,8 @@
 #include <kern/thread_call.h>
 #include <kern/sched_prim.h>
 #include <kern/assert.h>
+#include <sys/codesign.h>
+
 #if CONFIG_DTRACE
 /* Do not include dtrace.h, it redefines kmem_[alloc/free] */
 extern void (*dtrace_fasttrap_exit_ptr)(proc_t);
@@ -300,7 +302,7 @@ proc_prepareexit(proc_t p, int rv)
 	ut = get_bsdthread_info(self);
 
  	/* If a core should be generated, notify crash reporter */
-	if (hassigprop(WTERMSIG(rv), SA_CORE)) {
+	if (hassigprop(WTERMSIG(rv), SA_CORE) || ((p->p_csflags & CS_KILLED) != 0)) {
 		/* 
 		 * Workaround for processes checking up on PT_DENY_ATTACH:
 		 * should be backed out post-Leopard (details in 5431025).

diff --git a/bsd/kern/kern_fork.c b/bsd/kern/kern_fork.c
@@ -1277,7 +1277,7 @@ forkproc(proc_t parent_proc)
 	TAILQ_INIT(&child_proc->p_aio_doneq);
 
 	/* Inherit the parent flags for code sign */
-	child_proc->p_csflags = parent_proc->p_csflags;
+	child_proc->p_csflags = (parent_proc->p_csflags & ~CS_KILLED);
 
 	/*
 	 * All processes have work queue locks; cleaned up by

diff --git a/bsd/kern/kern_proc.c b/bsd/kern/kern_proc.c
@@ -156,6 +156,8 @@ lck_attr_t * lctx_lck_attr;
 static	void	lctxinit(void);
 #endif
 
+int cs_debug;	/* declared further down in this file */
+
 #if DEBUG
 #define __PROC_INTERNAL_DEBUG 1
 #endif
@@ -1715,7 +1717,13 @@ csops(__unused proc_t p, struct csops_args *uap, __unused int32_t *retval)
 			if ((pt->p_csflags & CS_VALID) == CS_VALID) {	/* is currently valid */
 				pt->p_csflags &= ~CS_VALID;	/* set invalid */
 				if ((pt->p_csflags & CS_KILL) == CS_KILL) {
+					pt->p_csflags |= CS_KILLED;
 					proc_unlock(pt);
+					if (cs_debug) {
+						printf("CODE SIGNING: marked invalid by pid %d: "
+			       			"p=%d[%s] honoring CS_KILL, final status 0x%x\n",
+			       			proc_selfpid(), pt->p_pid, pt->p_comm, pt->p_csflags);
+					}
 					psignal(pt, SIGKILL);
 				} else
 					proc_unlock(pt);
@@ -2623,11 +2631,12 @@ cs_invalid_page(
 
 	/* CS_KILL triggers us to send a kill signal. Nothing else. */
 	if (p->p_csflags & CS_KILL) {
+		p->p_csflags |= CS_KILLED;
 		proc_unlock(p);
 		if (cs_debug) {
 			printf("CODE SIGNING: cs_invalid_page(0x%llx): "
-			       "p=%d[%s] honoring CS_KILL\n",
-			       vaddr, p->p_pid, p->p_comm);
+			       "p=%d[%s] honoring CS_KILL, final status 0x%x\n",
+			       vaddr, p->p_pid, p->p_comm, p->p_csflags);
 		}
 		cs_procs_killed++;
 		psignal(p, SIGKILL);

diff --git a/bsd/kern/ubc_subr.c b/bsd/kern/ubc_subr.c
@@ -2470,7 +2470,7 @@ ubc_cs_blob_add(
 		cs_blob_size_max = (UInt32) blob->csb_mem_size;
 	}
 
-	if (cs_debug) {
+	if (cs_debug > 1) {
 		proc_t p;
 
 		p = current_proc();

diff --git a/bsd/sys/codesign.h b/bsd/sys/codesign.h
@@ -37,6 +37,7 @@
 #define	CS_KILL			0x0200	/* kill process if it becomes invalid */
 #define CS_EXEC_SET_HARD	0x1000	/* set CS_HARD on any exec'ed process */
 #define CS_EXEC_SET_KILL	0x2000	/* set CS_KILL on any exec'ed process */
+#define CS_KILLED		0x10000	/* was killed by kernel for invalidity */
 
 /* csops  operations */
 #define	CS_OPS_STATUS		0	/* return status */

diff --git a/config/MasterVersion b/config/MasterVersion
@@ -1,4 +1,4 @@
-10.5.0
+10.6.0
 
 # The first line of this file contains the master version number for the kernel.
 # All other instances of the kernel version in xnu are derived from this file.