kpp.h 42 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130
  1. //
  2. // kpp.h
  3. // g0blin
  4. //
  5. // Created by Sticktron on 2017-12-26.
  6. // Copyright © 2017 xerub. All rights reserved.
  7. // Copyright © 2017 qwertyoruiop. All rights reserved.
  8. //
  9. #ifndef kpp_h
  10. #define kpp_h
  11. #include <dlfcn.h>
  12. #include <copyfile.h>
  13. #include <stdio.h>
  14. #include <spawn.h>
  15. #include <unistd.h>
  16. #include <mach/mach.h>
  17. #include <mach-o/dyld.h>
  18. #include <sys/stat.h>
  19. #include <sys/mount.h>
  20. #include <sys/utsname.h>
  21. #include <Foundation/Foundation.h>
  22. kern_return_t do_kpp(int nukesb, int uref, uint64_t kernbase, uint64_t slide, task_t tfp0);
  23. size_t kpp_kread(uint64_t where, void *p, size_t size);
  24. uint64_t kread_uint64(uint64_t where);
  25. uint32_t kread_uint32(uint64_t where);
  26. size_t kpp_kwrite(uint64_t where, const void *p, size_t size);
  27. size_t kwrite_uint64(uint64_t where, uint64_t value);
  28. size_t kwrite_uint32(uint64_t where, uint32_t value);
  29. void kx2(uint64_t fptr, uint64_t arg1, uint64_t arg2);
  30. uint32_t kx5(uint64_t fptr, uint64_t arg1, uint64_t arg2, uint64_t arg3, uint64_t arg4, uint64_t arg5);
  31. //------------------------------------------------------------------------------
  32. // From Yalu102
  33. //------------------------------------------------------------------------------
  34. //struct mac_policy_ops {
  35. // uint64_t mpo_audit_check_postselect;
  36. // uint64_t mpo_audit_check_preselect;
  37. // uint64_t mpo_bpfdesc_label_associate;
  38. // uint64_t mpo_bpfdesc_label_destroy;
  39. // uint64_t mpo_bpfdesc_label_init;
  40. // uint64_t mpo_bpfdesc_check_receive;
  41. // uint64_t mpo_cred_check_label_update_execve;
  42. // uint64_t mpo_cred_check_label_update;
  43. // uint64_t mpo_cred_check_visible;
  44. // uint64_t mpo_cred_label_associate_fork;
  45. // uint64_t mpo_cred_label_associate_kernel;
  46. // uint64_t mpo_cred_label_associate;
  47. // uint64_t mpo_cred_label_associate_user;
  48. // uint64_t mpo_cred_label_destroy;
  49. // uint64_t mpo_cred_label_externalize_audit;
  50. // uint64_t mpo_cred_label_externalize;
  51. // uint64_t mpo_cred_label_init;
  52. // uint64_t mpo_cred_label_internalize;
  53. // uint64_t mpo_cred_label_update_execve;
  54. // uint64_t mpo_cred_label_update;
  55. // uint64_t mpo_devfs_label_associate_device;
  56. // uint64_t mpo_devfs_label_associate_directory;
  57. // uint64_t mpo_devfs_label_copy;
  58. // uint64_t mpo_devfs_label_destroy;
  59. // uint64_t mpo_devfs_label_init;
  60. // uint64_t mpo_devfs_label_update;
  61. // uint64_t mpo_file_check_change_offset;
  62. // uint64_t mpo_file_check_create;
  63. // uint64_t mpo_file_check_dup;
  64. // uint64_t mpo_file_check_fcntl;
  65. // uint64_t mpo_file_check_get_offset;
  66. // uint64_t mpo_file_check_get;
  67. // uint64_t mpo_file_check_inherit;
  68. // uint64_t mpo_file_check_ioctl;
  69. // uint64_t mpo_file_check_lock;
  70. // uint64_t mpo_file_check_mmap_downgrade;
  71. // uint64_t mpo_file_check_mmap;
  72. // uint64_t mpo_file_check_receive;
  73. // uint64_t mpo_file_check_set;
  74. // uint64_t mpo_file_label_init;
  75. // uint64_t mpo_file_label_destroy;
  76. // uint64_t mpo_file_label_associate;
  77. // uint64_t mpo_ifnet_check_label_update;
  78. // uint64_t mpo_ifnet_check_transmit;
  79. // uint64_t mpo_ifnet_label_associate;
  80. // uint64_t mpo_ifnet_label_copy;
  81. // uint64_t mpo_ifnet_label_destroy;
  82. // uint64_t mpo_ifnet_label_externalize;
  83. // uint64_t mpo_ifnet_label_init;
  84. // uint64_t mpo_ifnet_label_internalize;
  85. // uint64_t mpo_ifnet_label_update;
  86. // uint64_t mpo_ifnet_label_recycle;
  87. // uint64_t mpo_inpcb_check_deliver;
  88. // uint64_t mpo_inpcb_label_associate;
  89. // uint64_t mpo_inpcb_label_destroy;
  90. // uint64_t mpo_inpcb_label_init;
  91. // uint64_t mpo_inpcb_label_recycle;
  92. // uint64_t mpo_inpcb_label_update;
  93. // uint64_t mpo_iokit_check_device;
  94. // uint64_t mpo_ipq_label_associate;
  95. // uint64_t mpo_ipq_label_compare;
  96. // uint64_t mpo_ipq_label_destroy;
  97. // uint64_t mpo_ipq_label_init;
  98. // uint64_t mpo_ipq_label_update;
  99. // uint64_t mpo_file_check_library_validation;
  100. // uint64_t mpo_vnode_notify_setacl;
  101. // uint64_t mpo_vnode_notify_setattrlist;
  102. // uint64_t mpo_vnode_notify_setextattr;
  103. // uint64_t mpo_vnode_notify_setflags;
  104. // uint64_t mpo_vnode_notify_setmode;
  105. // uint64_t mpo_vnode_notify_setowner;
  106. // uint64_t mpo_vnode_notify_setutimes;
  107. // uint64_t mpo_vnode_notify_truncate;
  108. // uint64_t mpo_mbuf_label_associate_bpfdesc;
  109. // uint64_t mpo_mbuf_label_associate_ifnet;
  110. // uint64_t mpo_mbuf_label_associate_inpcb;
  111. // uint64_t mpo_mbuf_label_associate_ipq;
  112. // uint64_t mpo_mbuf_label_associate_linklayer;
  113. // uint64_t mpo_mbuf_label_associate_multicast_encap;
  114. // uint64_t mpo_mbuf_label_associate_netlayer;
  115. // uint64_t mpo_mbuf_label_associate_socket;
  116. // uint64_t mpo_mbuf_label_copy;
  117. // uint64_t mpo_mbuf_label_destroy;
  118. // uint64_t mpo_mbuf_label_init;
  119. // uint64_t mpo_mount_check_fsctl;
  120. // uint64_t mpo_mount_check_getattr;
  121. // uint64_t mpo_mount_check_label_update;
  122. // uint64_t mpo_mount_check_mount;
  123. // uint64_t mpo_mount_check_remount;
  124. // uint64_t mpo_mount_check_setattr;
  125. // uint64_t mpo_mount_check_stat;
  126. // uint64_t mpo_mount_check_umount;
  127. // uint64_t mpo_mount_label_associate;
  128. // uint64_t mpo_mount_label_destroy;
  129. // uint64_t mpo_mount_label_externalize;
  130. // uint64_t mpo_mount_label_init;
  131. // uint64_t mpo_mount_label_internalize;
  132. // uint64_t mpo_netinet_fragment;
  133. // uint64_t mpo_netinet_icmp_reply;
  134. // uint64_t mpo_netinet_tcp_reply;
  135. // uint64_t mpo_pipe_check_ioctl;
  136. // uint64_t mpo_pipe_check_kqfilter;
  137. // uint64_t mpo_pipe_check_label_update;
  138. // uint64_t mpo_pipe_check_read;
  139. // uint64_t mpo_pipe_check_select;
  140. // uint64_t mpo_pipe_check_stat;
  141. // uint64_t mpo_pipe_check_write;
  142. // uint64_t mpo_pipe_label_associate;
  143. // uint64_t mpo_pipe_label_copy;
  144. // uint64_t mpo_pipe_label_destroy;
  145. // uint64_t mpo_pipe_label_externalize;
  146. // uint64_t mpo_pipe_label_init;
  147. // uint64_t mpo_pipe_label_internalize;
  148. // uint64_t mpo_pipe_label_update;
  149. // uint64_t mpo_policy_destroy;
  150. // uint64_t mpo_policy_init;
  151. // uint64_t mpo_policy_initbsd;
  152. // uint64_t mpo_policy_syscall;
  153. // uint64_t mpo_system_check_sysctlbyname;
  154. // uint64_t mpo_proc_check_inherit_ipc_ports;
  155. // uint64_t mpo_vnode_check_rename;
  156. // uint64_t mpo_kext_check_query;
  157. // uint64_t mpo_iokit_check_nvram_get;
  158. // uint64_t mpo_iokit_check_nvram_set;
  159. // uint64_t mpo_iokit_check_nvram_delete;
  160. // uint64_t mpo_proc_check_expose_task;
  161. // uint64_t mpo_proc_check_set_host_special_port;
  162. // uint64_t mpo_proc_check_set_host_exception_port;
  163. // uint64_t mpo_exc_action_check_exception_send;
  164. // uint64_t mpo_exc_action_label_associate;
  165. // uint64_t mpo_exc_action_label_copy;
  166. // uint64_t mpo_exc_action_label_destroy;
  167. // uint64_t mpo_exc_action_label_init;
  168. // uint64_t mpo_exc_action_label_update;
  169. // uint64_t mpo_reserved1;
  170. // uint64_t mpo_reserved2;
  171. // uint64_t mpo_reserved3;
  172. // uint64_t mpo_reserved4;
  173. // uint64_t mpo_reserved5;
  174. // uint64_t mpo_reserved6;
  175. // uint64_t mpo_posixsem_check_create;
  176. // uint64_t mpo_posixsem_check_open;
  177. // uint64_t mpo_posixsem_check_post;
  178. // uint64_t mpo_posixsem_check_unlink;
  179. // uint64_t mpo_posixsem_check_wait;
  180. // uint64_t mpo_posixsem_label_associate;
  181. // uint64_t mpo_posixsem_label_destroy;
  182. // uint64_t mpo_posixsem_label_init;
  183. // uint64_t mpo_posixshm_check_create;
  184. // uint64_t mpo_posixshm_check_mmap;
  185. // uint64_t mpo_posixshm_check_open;
  186. // uint64_t mpo_posixshm_check_stat;
  187. // uint64_t mpo_posixshm_check_truncate;
  188. // uint64_t mpo_posixshm_check_unlink;
  189. // uint64_t mpo_posixshm_label_associate;
  190. // uint64_t mpo_posixshm_label_destroy;
  191. // uint64_t mpo_posixshm_label_init;
  192. // uint64_t mpo_proc_check_debug;
  193. // uint64_t mpo_proc_check_fork;
  194. // uint64_t mpo_proc_check_get_task_name;
  195. // uint64_t mpo_proc_check_get_task;
  196. // uint64_t mpo_proc_check_getaudit;
  197. // uint64_t mpo_proc_check_getauid;
  198. // uint64_t mpo_proc_check_getlcid;
  199. // uint64_t mpo_proc_check_mprotect;
  200. // uint64_t mpo_proc_check_sched;
  201. // uint64_t mpo_proc_check_setaudit;
  202. // uint64_t mpo_proc_check_setauid;
  203. // uint64_t mpo_proc_check_setlcid;
  204. // uint64_t mpo_proc_check_signal;
  205. // uint64_t mpo_proc_check_wait;
  206. // uint64_t mpo_proc_label_destroy;
  207. // uint64_t mpo_proc_label_init;
  208. // uint64_t mpo_socket_check_accept;
  209. // uint64_t mpo_socket_check_accepted;
  210. // uint64_t mpo_socket_check_bind;
  211. // uint64_t mpo_socket_check_connect;
  212. // uint64_t mpo_socket_check_create;
  213. // uint64_t mpo_socket_check_deliver;
  214. // uint64_t mpo_socket_check_kqfilter;
  215. // uint64_t mpo_socket_check_label_update;
  216. // uint64_t mpo_socket_check_listen;
  217. // uint64_t mpo_socket_check_receive;
  218. // uint64_t mpo_socket_check_received;
  219. // uint64_t mpo_socket_check_select;
  220. // uint64_t mpo_socket_check_send;
  221. // uint64_t mpo_socket_check_stat;
  222. // uint64_t mpo_socket_check_setsockopt;
  223. // uint64_t mpo_socket_check_getsockopt;
  224. // uint64_t mpo_socket_label_associate_accept;
  225. // uint64_t mpo_socket_label_associate;
  226. // uint64_t mpo_socket_label_copy;
  227. // uint64_t mpo_socket_label_destroy;
  228. // uint64_t mpo_socket_label_externalize;
  229. // uint64_t mpo_socket_label_init;
  230. // uint64_t mpo_socket_label_internalize;
  231. // uint64_t mpo_socket_label_update;
  232. // uint64_t mpo_socketpeer_label_associate_mbuf;
  233. // uint64_t mpo_socketpeer_label_associate_socket;
  234. // uint64_t mpo_socketpeer_label_destroy;
  235. // uint64_t mpo_socketpeer_label_externalize;
  236. // uint64_t mpo_socketpeer_label_init;
  237. // uint64_t mpo_system_check_acct;
  238. // uint64_t mpo_system_check_audit;
  239. // uint64_t mpo_system_check_auditctl;
  240. // uint64_t mpo_system_check_auditon;
  241. // uint64_t mpo_system_check_host_priv;
  242. // uint64_t mpo_system_check_nfsd;
  243. // uint64_t mpo_system_check_reboot;
  244. // uint64_t mpo_system_check_settime;
  245. // uint64_t mpo_system_check_swapoff;
  246. // uint64_t mpo_system_check_swapon;
  247. // uint64_t mpo_reserved7;
  248. // uint64_t mpo_sysvmsg_label_associate;
  249. // uint64_t mpo_sysvmsg_label_destroy;
  250. // uint64_t mpo_sysvmsg_label_init;
  251. // uint64_t mpo_sysvmsg_label_recycle;
  252. // uint64_t mpo_sysvmsq_check_enqueue;
  253. // uint64_t mpo_sysvmsq_check_msgrcv;
  254. // uint64_t mpo_sysvmsq_check_msgrmid;
  255. // uint64_t mpo_sysvmsq_check_msqctl;
  256. // uint64_t mpo_sysvmsq_check_msqget;
  257. // uint64_t mpo_sysvmsq_check_msqrcv;
  258. // uint64_t mpo_sysvmsq_check_msqsnd;
  259. // uint64_t mpo_sysvmsq_label_associate;
  260. // uint64_t mpo_sysvmsq_label_destroy;
  261. // uint64_t mpo_sysvmsq_label_init;
  262. // uint64_t mpo_sysvmsq_label_recycle;
  263. // uint64_t mpo_sysvsem_check_semctl;
  264. // uint64_t mpo_sysvsem_check_semget;
  265. // uint64_t mpo_sysvsem_check_semop;
  266. // uint64_t mpo_sysvsem_label_associate;
  267. // uint64_t mpo_sysvsem_label_destroy;
  268. // uint64_t mpo_sysvsem_label_init;
  269. // uint64_t mpo_sysvsem_label_recycle;
  270. // uint64_t mpo_sysvshm_check_shmat;
  271. // uint64_t mpo_sysvshm_check_shmctl;
  272. // uint64_t mpo_sysvshm_check_shmdt;
  273. // uint64_t mpo_sysvshm_check_shmget;
  274. // uint64_t mpo_sysvshm_label_associate;
  275. // uint64_t mpo_sysvshm_label_destroy;
  276. // uint64_t mpo_sysvshm_label_init;
  277. // uint64_t mpo_sysvshm_label_recycle;
  278. // uint64_t mpo_reserved8;
  279. // uint64_t mpo_reserved9;
  280. // uint64_t mpo_vnode_check_getattr;
  281. // uint64_t mpo_mount_check_snapshot_create;
  282. // uint64_t mpo_mount_check_snapshot_delete;
  283. // uint64_t mpo_vnode_check_clone;
  284. // uint64_t mpo_proc_check_get_cs_info;
  285. // uint64_t mpo_proc_check_set_cs_info;
  286. // uint64_t mpo_iokit_check_hid_control;
  287. // uint64_t mpo_vnode_check_access;
  288. // uint64_t mpo_vnode_check_chdir;
  289. // uint64_t mpo_vnode_check_chroot;
  290. // uint64_t mpo_vnode_check_create;
  291. // uint64_t mpo_vnode_check_deleteextattr;
  292. // uint64_t mpo_vnode_check_exchangedata;
  293. // uint64_t mpo_vnode_check_exec;
  294. // uint64_t mpo_vnode_check_getattrlist;
  295. // uint64_t mpo_vnode_check_getextattr;
  296. // uint64_t mpo_vnode_check_ioctl;
  297. // uint64_t mpo_vnode_check_kqfilter;
  298. // uint64_t mpo_vnode_check_label_update;
  299. // uint64_t mpo_vnode_check_link;
  300. // uint64_t mpo_vnode_check_listextattr;
  301. // uint64_t mpo_vnode_check_lookup;
  302. // uint64_t mpo_vnode_check_open;
  303. // uint64_t mpo_vnode_check_read;
  304. // uint64_t mpo_vnode_check_readdir;
  305. // uint64_t mpo_vnode_check_readlink;
  306. // uint64_t mpo_vnode_check_rename_from;
  307. // uint64_t mpo_vnode_check_rename_to;
  308. // uint64_t mpo_vnode_check_revoke;
  309. // uint64_t mpo_vnode_check_select;
  310. // uint64_t mpo_vnode_check_setattrlist;
  311. // uint64_t mpo_vnode_check_setextattr;
  312. // uint64_t mpo_vnode_check_setflags;
  313. // uint64_t mpo_vnode_check_setmode;
  314. // uint64_t mpo_vnode_check_setowner;
  315. // uint64_t mpo_vnode_check_setutimes;
  316. // uint64_t mpo_vnode_check_stat;
  317. // uint64_t mpo_vnode_check_truncate;
  318. // uint64_t mpo_vnode_check_unlink;
  319. // uint64_t mpo_vnode_check_write;
  320. // uint64_t mpo_vnode_label_associate_devfs;
  321. // uint64_t mpo_vnode_label_associate_extattr;
  322. // uint64_t mpo_vnode_label_associate_file;
  323. // uint64_t mpo_vnode_label_associate_pipe;
  324. // uint64_t mpo_vnode_label_associate_posixsem;
  325. // uint64_t mpo_vnode_label_associate_posixshm;
  326. // uint64_t mpo_vnode_label_associate_singlelabel;
  327. // uint64_t mpo_vnode_label_associate_socket;
  328. // uint64_t mpo_vnode_label_copy;
  329. // uint64_t mpo_vnode_label_destroy;
  330. // uint64_t mpo_vnode_label_externalize_audit;
  331. // uint64_t mpo_vnode_label_externalize;
  332. // uint64_t mpo_vnode_label_init;
  333. // uint64_t mpo_vnode_label_internalize;
  334. // uint64_t mpo_vnode_label_recycle;
  335. // uint64_t mpo_vnode_label_store;
  336. // uint64_t mpo_vnode_label_update_extattr;
  337. // uint64_t mpo_vnode_label_update;
  338. // uint64_t mpo_vnode_notify_create;
  339. // uint64_t mpo_vnode_check_signature;
  340. // uint64_t mpo_vnode_check_uipc_bind;
  341. // uint64_t mpo_vnode_check_uipc_connect;
  342. // uint64_t mpo_proc_check_run_cs_invalid;
  343. // uint64_t mpo_proc_check_suspend_resume;
  344. // uint64_t mpo_thread_userret;
  345. // uint64_t mpo_iokit_check_set_properties;
  346. // uint64_t mpo_system_check_chud;
  347. // uint64_t mpo_vnode_check_searchfs;
  348. // uint64_t mpo_priv_check;
  349. // uint64_t mpo_priv_grant;
  350. // uint64_t mpo_proc_check_map_anon;
  351. // uint64_t mpo_vnode_check_fsgetpath;
  352. // uint64_t mpo_iokit_check_open;
  353. // uint64_t mpo_proc_check_ledger;
  354. // uint64_t mpo_vnode_notify_rename;
  355. // uint64_t mpo_vnode_check_setacl;
  356. // uint64_t mpo_vnode_notify_deleteextattr;
  357. // uint64_t mpo_system_check_kas_info;
  358. // uint64_t mpo_proc_check_cpumon;
  359. // uint64_t mpo_vnode_notify_open;
  360. // uint64_t mpo_system_check_info;
  361. // uint64_t mpo_pty_notify_grant;
  362. // uint64_t mpo_pty_notify_close;
  363. // uint64_t mpo_vnode_find_sigs;
  364. // uint64_t mpo_kext_check_load;
  365. // uint64_t mpo_kext_check_unload;
  366. // uint64_t mpo_proc_check_proc_info;
  367. // uint64_t mpo_vnode_notify_link;
  368. // uint64_t mpo_iokit_check_filter_properties;
  369. // uint64_t mpo_iokit_check_get_property;
  370. //};
  371. //------------------------------------------------------------------------------
  372. // From Tihmstar
  373. //------------------------------------------------------------------------------
  374. /*
  375. struct mac_policy_ops{
  376. uint64_t mpo_audit_check_postselect;
  377. uint64_t mpo_audit_check_preselect;
  378. uint64_t mpo_bpfdesc_label_associate;
  379. uint64_t mpo_bpfdesc_label_destroy;
  380. uint64_t mpo_bpfdesc_label_init;
  381. uint64_t mpo_bpfdesc_check_receive;
  382. uint64_t mpo_cred_check_label_update_execve;
  383. uint64_t mpo_cred_check_label_update;
  384. uint64_t mpo_cred_check_visible;
  385. uint64_t mpo_cred_label_associate_fork;
  386. uint64_t mpo_cred_label_associate_kernel;
  387. uint64_t mpo_cred_label_associate;
  388. uint64_t mpo_cred_label_associate_user;
  389. uint64_t mpo_cred_label_destroy;
  390. uint64_t mpo_cred_label_externalize_audit;
  391. uint64_t mpo_cred_label_externalize;
  392. uint64_t mpo_cred_label_init;
  393. uint64_t mpo_cred_label_internalize;
  394. uint64_t mpo_cred_label_update_execve;
  395. uint64_t mpo_cred_label_update;
  396. uint64_t mpo_devfs_label_associate_device;
  397. uint64_t mpo_devfs_label_associate_directory;
  398. uint64_t mpo_devfs_label_copy;
  399. uint64_t mpo_devfs_label_destroy;
  400. uint64_t mpo_devfs_label_init;
  401. uint64_t mpo_devfs_label_update;
  402. uint64_t mpo_file_check_change_offset;
  403. uint64_t mpo_file_check_create;
  404. uint64_t mpo_file_check_dup;
  405. uint64_t mpo_file_check_fcntl;
  406. uint64_t mpo_file_check_get_offset;
  407. uint64_t mpo_file_check_get;
  408. uint64_t mpo_file_check_inherit;
  409. uint64_t mpo_file_check_ioctl;
  410. uint64_t mpo_file_check_library_validation;
  411. uint64_t mpo_file_check_lock;
  412. uint64_t mpo_file_check_mmap_downgrade;
  413. uint64_t mpo_file_check_mmap;
  414. uint64_t mpo_file_check_receive;
  415. uint64_t mpo_file_check_set;
  416. uint64_t mpo_file_label_init;
  417. uint64_t mpo_file_label_destroy;
  418. uint64_t mpo_file_label_associate;
  419. uint64_t mpo_ifnet_check_label_update;
  420. uint64_t mpo_ifnet_check_transmit;
  421. uint64_t mpo_ifnet_label_associate;
  422. uint64_t mpo_ifnet_label_copy;
  423. uint64_t mpo_ifnet_label_destroy;
  424. uint64_t mpo_ifnet_label_externalize;
  425. uint64_t mpo_ifnet_label_init;
  426. uint64_t mpo_ifnet_label_internalize;
  427. uint64_t mpo_ifnet_label_update;
  428. uint64_t mpo_ifnet_label_recycle;
  429. uint64_t mpo_inpcb_check_deliver;
  430. uint64_t mpo_inpcb_label_associate;
  431. uint64_t mpo_inpcb_label_destroy;
  432. uint64_t mpo_inpcb_label_init;
  433. uint64_t mpo_inpcb_label_recycle;
  434. uint64_t mpo_inpcb_label_update;
  435. uint64_t mpo_iokit_check_device;
  436. uint64_t mpo_ipq_label_associate;
  437. uint64_t mpo_ipq_label_compare;
  438. uint64_t mpo_ipq_label_destroy;
  439. uint64_t mpo_ipq_label_init;
  440. uint64_t mpo_ipq_label_update;
  441. uint64_t mpo_mbuf_label_associate_bpfdesc;
  442. uint64_t mpo_mbuf_label_associate_ifnet;
  443. uint64_t mpo_mbuf_label_associate_inpcb;
  444. uint64_t mpo_mbuf_label_associate_ipq;
  445. uint64_t mpo_mbuf_label_associate_linklayer;
  446. uint64_t mpo_mbuf_label_associate_multicast_encap;
  447. uint64_t mpo_mbuf_label_associate_netlayer;
  448. uint64_t mpo_mbuf_label_associate_socket;
  449. uint64_t mpo_mbuf_label_copy;
  450. uint64_t mpo_mbuf_label_destroy;
  451. uint64_t mpo_mbuf_label_init;
  452. uint64_t mpo_mount_check_fsctl;
  453. uint64_t mpo_mount_check_getattr;
  454. uint64_t mpo_mount_check_label_update;
  455. uint64_t mpo_mount_check_mount;
  456. uint64_t mpo_mount_check_remount;
  457. uint64_t mpo_mount_check_setattr;
  458. uint64_t mpo_mount_check_stat;
  459. uint64_t mpo_mount_check_umount;
  460. uint64_t mpo_mount_label_associate;
  461. uint64_t mpo_mount_label_destroy;
  462. uint64_t mpo_mount_label_externalize;
  463. uint64_t mpo_mount_label_init;
  464. uint64_t mpo_mount_label_internalize;
  465. uint64_t mpo_mount_check_snapshot_create;
  466. uint64_t mpo_mount_check_snapshot_delete;
  467. uint64_t mpo_mount_check_snapshot_revert;
  468. uint64_t mpo_netinet_fragment;
  469. uint64_t mpo_netinet_icmp_reply;
  470. uint64_t mpo_netinet_tcp_reply;
  471. uint64_t mpo_pipe_check_ioctl;
  472. uint64_t mpo_pipe_check_kqfilter;
  473. uint64_t mpo_pipe_check_label_update;
  474. uint64_t mpo_pipe_check_read;
  475. uint64_t mpo_pipe_check_select;
  476. uint64_t mpo_pipe_check_stat;
  477. uint64_t mpo_pipe_check_write;
  478. uint64_t mpo_pipe_label_associate;
  479. uint64_t mpo_pipe_label_copy;
  480. uint64_t mpo_pipe_label_destroy;
  481. uint64_t mpo_pipe_label_externalize;
  482. uint64_t mpo_pipe_label_init;
  483. uint64_t mpo_pipe_label_internalize;
  484. uint64_t mpo_pipe_label_update;
  485. uint64_t mpo_policy_destroy;
  486. uint64_t mpo_policy_init;
  487. uint64_t mpo_policy_initbsd;
  488. uint64_t mpo_policy_syscall;
  489. uint64_t mpo_kext_check_load;
  490. uint64_t mpo_kext_check_query;
  491. uint64_t mpo_kext_check_unload;
  492. uint64_t mpo_iokit_check_filter_properties;
  493. uint64_t mpo_iokit_check_get_property;
  494. uint64_t mpo_iokit_check_hid_control;
  495. uint64_t mpo_iokit_check_nvram_get;
  496. uint64_t mpo_iokit_check_nvram_set;
  497. uint64_t mpo_iokit_check_nvram_delete;
  498. uint64_t mpo_iokit_check_open;
  499. uint64_t mpo_iokit_check_set_properties;
  500. uint64_t mpo_exc_action_check_exception_send;
  501. uint64_t mpo_exc_action_label_associate;
  502. uint64_t mpo_exc_action_label_copy;
  503. uint64_t mpo_exc_action_label_destroy;
  504. uint64_t mpo_exc_action_label_init;
  505. uint64_t mpo_exc_action_label_update;
  506. uint64_t mpo_reserved_hook;
  507. uint64_t mpo_reserved_hook_t1;
  508. uint64_t mpo_reserved_hook_t2;
  509. uint64_t mpo_reserved_hook_t3;
  510. uint64_t mpo_reserved_hook_t4;
  511. uint64_t mpo_reserved_hook_t5;
  512. uint64_t mpo_posixsem_check_create;
  513. uint64_t mpo_posixsem_check_open;
  514. uint64_t mpo_posixsem_check_post;
  515. uint64_t mpo_posixsem_check_unlink;
  516. uint64_t mpo_posixsem_check_wait;
  517. uint64_t mpo_posixsem_label_associate;
  518. uint64_t mpo_posixsem_label_destroy;
  519. uint64_t mpo_posixsem_label_init;
  520. uint64_t mpo_posixshm_check_create;
  521. uint64_t mpo_posixshm_check_mmap;
  522. uint64_t mpo_posixshm_check_open;
  523. uint64_t mpo_posixshm_check_stat;
  524. uint64_t mpo_posixshm_check_truncate;
  525. uint64_t mpo_posixshm_check_unlink;
  526. uint64_t mpo_posixshm_label_associate;
  527. uint64_t mpo_posixshm_label_destroy;
  528. uint64_t mpo_posixshm_label_init;
  529. uint64_t mpo_priv_check;
  530. uint64_t mpo_priv_grant;
  531. uint64_t mpo_pty_notify_grant;
  532. uint64_t mpo_pty_notify_close;
  533. uint64_t mpo_proc_check_cpumon;
  534. uint64_t mpo_proc_check_debug;
  535. uint64_t mpo_proc_check_expose_task;
  536. uint64_t mpo_proc_check_fork;
  537. uint64_t mpo_proc_check_get_task_name;
  538. uint64_t mpo_proc_check_get_task;
  539. uint64_t mpo_proc_check_getaudit;
  540. uint64_t mpo_proc_check_getauid;
  541. uint64_t mpo_proc_check_getlcid;
  542. uint64_t mpo_proc_check_inherit_ipc_ports;
  543. uint64_t mpo_proc_check_ledger;
  544. uint64_t mpo_proc_check_map_anon;
  545. uint64_t mpo_proc_check_mprotect;
  546. uint64_t mpo_proc_check_proc_info;
  547. uint64_t mpo_proc_check_run_cs_invalid;
  548. uint64_t mpo_proc_check_sched;
  549. uint64_t mpo_proc_check_setaudit;
  550. uint64_t mpo_proc_check_setauid;
  551. uint64_t mpo_proc_check_setlcid;
  552. uint64_t mpo_proc_check_signal;
  553. uint64_t mpo_proc_check_suspend_resume;
  554. uint64_t mpo_proc_check_wait;
  555. uint64_t mpo_proc_check_get_cs_info;
  556. uint64_t mpo_proc_check_set_cs_info;
  557. uint64_t mpo_proc_check_set_host_special_port;
  558. uint64_t mpo_proc_check_set_host_exception_port;
  559. uint64_t mpo_proc_label_destroy;
  560. uint64_t mpo_proc_label_init;
  561. uint64_t mpo_reserved_hook_t6;
  562. uint64_t mpo_reserved_hook_t7;
  563. uint64_t mpo_socket_check_accept;
  564. uint64_t mpo_socket_check_accepted;
  565. uint64_t mpo_socket_check_bind;
  566. uint64_t mpo_socket_check_connect;
  567. uint64_t mpo_socket_check_create;
  568. uint64_t mpo_socket_check_deliver;
  569. uint64_t mpo_socket_check_kqfilter;
  570. uint64_t mpo_socket_check_label_update;
  571. uint64_t mpo_socket_check_listen;
  572. uint64_t mpo_socket_check_receive;
  573. uint64_t mpo_socket_check_received;
  574. uint64_t mpo_socket_check_select;
  575. uint64_t mpo_socket_check_send;
  576. uint64_t mpo_socket_check_stat;
  577. uint64_t mpo_socket_check_setsockopt;
  578. uint64_t mpo_socket_check_getsockopt;
  579. uint64_t mpo_socket_label_associate_accept;
  580. uint64_t mpo_socket_label_associate;
  581. uint64_t mpo_socket_label_copy;
  582. uint64_t mpo_socket_label_destroy;
  583. uint64_t mpo_socket_label_externalize;
  584. uint64_t mpo_socket_label_init;
  585. uint64_t mpo_socket_label_internalize;
  586. uint64_t mpo_socket_label_update;
  587. uint64_t mpo_socketpeer_label_associate_mbuf;
  588. uint64_t mpo_socketpeer_label_associate_socket;
  589. uint64_t mpo_socketpeer_label_destroy;
  590. uint64_t mpo_socketpeer_label_externalize;
  591. uint64_t mpo_socketpeer_label_init;
  592. uint64_t mpo_system_check_acct;
  593. uint64_t mpo_system_check_audit;
  594. uint64_t mpo_system_check_auditctl;
  595. uint64_t mpo_system_check_auditon;
  596. uint64_t mpo_system_check_chud;
  597. uint64_t mpo_system_check_host_priv;
  598. uint64_t mpo_system_check_info;
  599. uint64_t mpo_system_check_kas_info;
  600. uint64_t mpo_system_check_nfsd;
  601. uint64_t mpo_system_check_reboot;
  602. uint64_t mpo_system_check_settime;
  603. uint64_t mpo_system_check_sysctlbyname;
  604. uint64_t mpo_system_check_swapoff;
  605. uint64_t mpo_system_check_swapon;
  606. uint64_t mpo_sysvmsg_label_associate;
  607. uint64_t mpo_sysvmsg_label_destroy;
  608. uint64_t mpo_sysvmsg_label_init;
  609. uint64_t mpo_sysvmsg_label_recycle;
  610. uint64_t mpo_sysvmsq_check_enqueue;
  611. uint64_t mpo_sysvmsq_check_msgrcv;
  612. uint64_t mpo_sysvmsq_check_msgrmid;
  613. uint64_t mpo_sysvmsq_check_msqctl;
  614. uint64_t mpo_sysvmsq_check_msqget;
  615. uint64_t mpo_sysvmsq_check_msqrcv;
  616. uint64_t mpo_sysvmsq_check_msqsnd;
  617. uint64_t mpo_sysvmsq_label_associate;
  618. uint64_t mpo_sysvmsq_label_destroy;
  619. uint64_t mpo_sysvmsq_label_init;
  620. uint64_t mpo_sysvmsq_label_recycle;
  621. uint64_t mpo_sysvsem_check_semctl;
  622. uint64_t mpo_sysvsem_check_semget;
  623. uint64_t mpo_sysvsem_check_semop;
  624. uint64_t mpo_sysvsem_label_associate;
  625. uint64_t mpo_sysvsem_label_destroy;
  626. uint64_t mpo_sysvsem_label_init;
  627. uint64_t mpo_sysvsem_label_recycle;
  628. uint64_t mpo_sysvshm_check_shmat;
  629. uint64_t mpo_sysvshm_check_shmctl;
  630. uint64_t mpo_sysvshm_check_shmdt;
  631. uint64_t mpo_sysvshm_check_shmget;
  632. uint64_t mpo_sysvshm_label_associate;
  633. uint64_t mpo_sysvshm_label_destroy;
  634. uint64_t mpo_sysvshm_label_init;
  635. uint64_t mpo_sysvshm_label_recycle;
  636. uint64_t mpo_thread_userret;
  637. uint64_t mpo_vnode_check_access;
  638. uint64_t mpo_vnode_check_chdir;
  639. uint64_t mpo_vnode_check_chroot;
  640. uint64_t mpo_vnode_check_clone;
  641. uint64_t mpo_vnode_check_create;
  642. uint64_t mpo_vnode_check_deleteextattr;
  643. uint64_t mpo_vnode_check_exchangedata;
  644. uint64_t mpo_vnode_check_exec;
  645. uint64_t mpo_vnode_check_fsgetpath;
  646. uint64_t mpo_vnode_check_getattr;
  647. uint64_t mpo_vnode_check_getattrlist;
  648. uint64_t mpo_vnode_check_getextattr;
  649. uint64_t mpo_vnode_check_ioctl;
  650. uint64_t mpo_vnode_check_kqfilter;
  651. uint64_t mpo_vnode_check_label_update;
  652. uint64_t mpo_vnode_check_link;
  653. uint64_t mpo_vnode_check_listextattr;
  654. uint64_t mpo_vnode_check_lookup;
  655. uint64_t mpo_vnode_check_open;
  656. uint64_t mpo_vnode_check_read;
  657. uint64_t mpo_vnode_check_readdir;
  658. uint64_t mpo_vnode_check_readlink;
  659. uint64_t mpo_vnode_check_rename;
  660. uint64_t mpo_vnode_check_rename_from;
  661. uint64_t mpo_vnode_check_rename_to;
  662. uint64_t mpo_vnode_check_revoke;
  663. uint64_t mpo_vnode_check_searchfs;
  664. uint64_t mpo_vnode_check_select;
  665. uint64_t mpo_vnode_check_setacl;
  666. uint64_t mpo_vnode_check_setattrlist;
  667. uint64_t mpo_vnode_check_setextattr;
  668. uint64_t mpo_vnode_check_setflags;
  669. uint64_t mpo_vnode_check_setmode;
  670. uint64_t mpo_vnode_check_setowner;
  671. uint64_t mpo_vnode_check_setutimes;
  672. uint64_t mpo_vnode_check_signature;
  673. uint64_t mpo_vnode_check_stat;
  674. uint64_t mpo_vnode_check_truncate;
  675. uint64_t mpo_vnode_check_uipc_bind;
  676. uint64_t mpo_vnode_check_uipc_connect;
  677. uint64_t mpo_vnode_check_unlink;
  678. uint64_t mpo_vnode_check_write;
  679. uint64_t mpo_vnode_find_sigs;
  680. uint64_t mpo_vnode_label_associate_devfs;
  681. uint64_t mpo_vnode_label_associate_extattr;
  682. uint64_t mpo_vnode_label_associate_file;
  683. uint64_t mpo_vnode_label_associate_pipe;
  684. uint64_t mpo_vnode_label_associate_posixsem;
  685. uint64_t mpo_vnode_label_associate_posixshm;
  686. uint64_t mpo_vnode_label_associate_singlelabel;
  687. uint64_t mpo_vnode_label_associate_socket;
  688. uint64_t mpo_vnode_label_copy;
  689. uint64_t mpo_vnode_label_destroy;
  690. uint64_t mpo_vnode_label_externalize_audit;
  691. uint64_t mpo_vnode_label_externalize;
  692. uint64_t mpo_vnode_label_init;
  693. uint64_t mpo_vnode_label_internalize;
  694. uint64_t mpo_vnode_label_recycle;
  695. uint64_t mpo_vnode_label_store;
  696. uint64_t mpo_vnode_label_update_extattr;
  697. uint64_t mpo_vnode_label_update;
  698. uint64_t mpo_vnode_notify_create;
  699. uint64_t mpo_vnode_notify_deleteextattr;
  700. uint64_t mpo_vnode_notify_link;
  701. uint64_t mpo_vnode_notify_open;
  702. uint64_t mpo_vnode_notify_rename;
  703. uint64_t mpo_vnode_notify_setacl;
  704. uint64_t mpo_vnode_notify_setattrlist;
  705. uint64_t mpo_vnode_notify_setextattr;
  706. uint64_t mpo_vnode_notify_setflags;
  707. uint64_t mpo_vnode_notify_setmode;
  708. uint64_t mpo_vnode_notify_setowner;
  709. uint64_t mpo_vnode_notify_setutimes;
  710. uint64_t mpo_vnode_notify_truncate;
  711. };
  712. */
  713. struct mac_policy_ops {
  714. uint64_t mpo_audit_check_postselect;
  715. uint64_t mpo_audit_check_preselect;
  716. uint64_t mpo_bpfdesc_label_associate;
  717. uint64_t mpo_bpfdesc_label_destroy;
  718. uint64_t mpo_bpfdesc_label_init;
  719. uint64_t mpo_bpfdesc_check_receive;
  720. uint64_t mpo_cred_check_label_update_execve;
  721. uint64_t mpo_cred_check_label_update;
  722. uint64_t mpo_cred_check_visible;
  723. uint64_t mpo_cred_label_associate_fork;
  724. uint64_t mpo_cred_label_associate_kernel;
  725. uint64_t mpo_cred_label_associate;
  726. uint64_t mpo_cred_label_associate_user;
  727. uint64_t mpo_cred_label_destroy;
  728. uint64_t mpo_cred_label_externalize_audit;
  729. uint64_t mpo_cred_label_externalize;
  730. uint64_t mpo_cred_label_init;
  731. uint64_t mpo_cred_label_internalize;
  732. uint64_t mpo_cred_label_update_execve;
  733. uint64_t mpo_cred_label_update;
  734. uint64_t mpo_devfs_label_associate_device;
  735. uint64_t mpo_devfs_label_associate_directory;
  736. uint64_t mpo_devfs_label_copy;
  737. uint64_t mpo_devfs_label_destroy;
  738. uint64_t mpo_devfs_label_init;
  739. uint64_t mpo_devfs_label_update;
  740. uint64_t mpo_file_check_change_offset;
  741. uint64_t mpo_file_check_create;
  742. uint64_t mpo_file_check_dup;
  743. uint64_t mpo_file_check_fcntl;
  744. uint64_t mpo_file_check_get_offset;
  745. uint64_t mpo_file_check_get;
  746. uint64_t mpo_file_check_inherit;
  747. uint64_t mpo_file_check_ioctl;
  748. uint64_t mpo_file_check_lock;
  749. uint64_t mpo_file_check_mmap_downgrade;
  750. uint64_t mpo_file_check_mmap;
  751. uint64_t mpo_file_check_receive;
  752. uint64_t mpo_file_check_set;
  753. uint64_t mpo_file_label_init;
  754. uint64_t mpo_file_label_destroy;
  755. uint64_t mpo_file_label_associate;
  756. uint64_t mpo_ifnet_check_label_update;
  757. uint64_t mpo_ifnet_check_transmit;
  758. uint64_t mpo_ifnet_label_associate;
  759. uint64_t mpo_ifnet_label_copy;
  760. uint64_t mpo_ifnet_label_destroy;
  761. uint64_t mpo_ifnet_label_externalize;
  762. uint64_t mpo_ifnet_label_init;
  763. uint64_t mpo_ifnet_label_internalize;
  764. uint64_t mpo_ifnet_label_update;
  765. uint64_t mpo_ifnet_label_recycle;
  766. uint64_t mpo_inpcb_check_deliver;
  767. uint64_t mpo_inpcb_label_associate;
  768. uint64_t mpo_inpcb_label_destroy;
  769. uint64_t mpo_inpcb_label_init;
  770. uint64_t mpo_inpcb_label_recycle;
  771. uint64_t mpo_inpcb_label_update;
  772. uint64_t mpo_iokit_check_device;
  773. uint64_t mpo_ipq_label_associate;
  774. uint64_t mpo_ipq_label_compare;
  775. uint64_t mpo_ipq_label_destroy;
  776. uint64_t mpo_ipq_label_init;
  777. uint64_t mpo_ipq_label_update;
  778. uint64_t mpo_file_check_library_validation;
  779. uint64_t mpo_vnode_notify_setacl;
  780. uint64_t mpo_vnode_notify_setattrlist;
  781. uint64_t mpo_vnode_notify_setextattr;
  782. uint64_t mpo_vnode_notify_setflags;
  783. uint64_t mpo_vnode_notify_setmode;
  784. uint64_t mpo_vnode_notify_setowner;
  785. uint64_t mpo_vnode_notify_setutimes;
  786. uint64_t mpo_vnode_notify_truncate;
  787. uint64_t mpo_mbuf_label_associate_bpfdesc;
  788. uint64_t mpo_mbuf_label_associate_ifnet;
  789. uint64_t mpo_mbuf_label_associate_inpcb;
  790. uint64_t mpo_mbuf_label_associate_ipq;
  791. uint64_t mpo_mbuf_label_associate_linklayer;
  792. uint64_t mpo_mbuf_label_associate_multicast_encap;
  793. uint64_t mpo_mbuf_label_associate_netlayer;
  794. uint64_t mpo_mbuf_label_associate_socket;
  795. uint64_t mpo_mbuf_label_copy;
  796. uint64_t mpo_mbuf_label_destroy;
  797. uint64_t mpo_mbuf_label_init;
  798. uint64_t mpo_mount_check_fsctl;
  799. uint64_t mpo_mount_check_getattr;
  800. uint64_t mpo_mount_check_label_update;
  801. uint64_t mpo_mount_check_mount;
  802. uint64_t mpo_mount_check_remount;
  803. uint64_t mpo_mount_check_setattr;
  804. uint64_t mpo_mount_check_stat;
  805. uint64_t mpo_mount_check_umount;
  806. uint64_t mpo_mount_label_associate;
  807. uint64_t mpo_mount_label_destroy;
  808. uint64_t mpo_mount_label_externalize;
  809. uint64_t mpo_mount_label_init;
  810. uint64_t mpo_mount_label_internalize;
  811. uint64_t mpo_netinet_fragment;
  812. uint64_t mpo_netinet_icmp_reply;
  813. uint64_t mpo_netinet_tcp_reply;
  814. uint64_t mpo_pipe_check_ioctl;
  815. uint64_t mpo_pipe_check_kqfilter;
  816. uint64_t mpo_pipe_check_label_update;
  817. uint64_t mpo_pipe_check_read;
  818. uint64_t mpo_pipe_check_select;
  819. uint64_t mpo_pipe_check_stat;
  820. uint64_t mpo_pipe_check_write;
  821. uint64_t mpo_pipe_label_associate;
  822. uint64_t mpo_pipe_label_copy;
  823. uint64_t mpo_pipe_label_destroy;
  824. uint64_t mpo_pipe_label_externalize;
  825. uint64_t mpo_pipe_label_init;
  826. uint64_t mpo_pipe_label_internalize;
  827. uint64_t mpo_pipe_label_update;
  828. uint64_t mpo_policy_destroy;
  829. uint64_t mpo_policy_init;
  830. uint64_t mpo_policy_initbsd;
  831. uint64_t mpo_policy_syscall;
  832. uint64_t mpo_system_check_sysctlbyname;
  833. uint64_t mpo_proc_check_inherit_ipc_ports;
  834. uint64_t mpo_vnode_check_rename;
  835. uint64_t mpo_kext_check_query;
  836. uint64_t mpo_iokit_check_nvram_get;
  837. uint64_t mpo_iokit_check_nvram_set;
  838. uint64_t mpo_iokit_check_nvram_delete;
  839. uint64_t mpo_proc_check_expose_task;
  840. uint64_t mpo_proc_check_set_host_special_port;
  841. uint64_t mpo_proc_check_set_host_exception_port;
  842. uint64_t mpo_exc_action_check_exception_send;
  843. uint64_t mpo_exc_action_label_associate;
  844. uint64_t mpo_exc_action_label_copy;
  845. uint64_t mpo_exc_action_label_destroy;
  846. uint64_t mpo_exc_action_label_init;
  847. uint64_t mpo_exc_action_label_update;
  848. uint64_t mpo_reserved1;
  849. uint64_t mpo_reserved2;
  850. uint64_t mpo_reserved3;
  851. uint64_t mpo_reserved4;
  852. uint64_t mpo_reserved5;
  853. uint64_t mpo_reserved6;
  854. uint64_t mpo_posixsem_check_create;
  855. uint64_t mpo_posixsem_check_open;
  856. uint64_t mpo_posixsem_check_post;
  857. uint64_t mpo_posixsem_check_unlink;
  858. uint64_t mpo_posixsem_check_wait;
  859. uint64_t mpo_posixsem_label_associate;
  860. uint64_t mpo_posixsem_label_destroy;
  861. uint64_t mpo_posixsem_label_init;
  862. uint64_t mpo_posixshm_check_create;
  863. uint64_t mpo_posixshm_check_mmap;
  864. uint64_t mpo_posixshm_check_open;
  865. uint64_t mpo_posixshm_check_stat;
  866. uint64_t mpo_posixshm_check_truncate;
  867. uint64_t mpo_posixshm_check_unlink;
  868. uint64_t mpo_posixshm_label_associate;
  869. uint64_t mpo_posixshm_label_destroy;
  870. uint64_t mpo_posixshm_label_init;
  871. uint64_t mpo_proc_check_debug;
  872. uint64_t mpo_proc_check_fork;
  873. uint64_t mpo_proc_check_get_task_name;
  874. uint64_t mpo_proc_check_get_task;
  875. uint64_t mpo_proc_check_getaudit;
  876. uint64_t mpo_proc_check_getauid;
  877. uint64_t mpo_proc_check_getlcid;
  878. uint64_t mpo_proc_check_mprotect;
  879. uint64_t mpo_proc_check_sched;
  880. uint64_t mpo_proc_check_setaudit;
  881. uint64_t mpo_proc_check_setauid;
  882. uint64_t mpo_proc_check_setlcid;
  883. uint64_t mpo_proc_check_signal;
  884. uint64_t mpo_proc_check_wait;
  885. uint64_t mpo_proc_label_destroy;
  886. uint64_t mpo_proc_label_init;
  887. uint64_t mpo_socket_check_accept;
  888. uint64_t mpo_socket_check_accepted;
  889. uint64_t mpo_socket_check_bind;
  890. uint64_t mpo_socket_check_connect;
  891. uint64_t mpo_socket_check_create;
  892. uint64_t mpo_socket_check_deliver;
  893. uint64_t mpo_socket_check_kqfilter;
  894. uint64_t mpo_socket_check_label_update;
  895. uint64_t mpo_socket_check_listen;
  896. uint64_t mpo_socket_check_receive;
  897. uint64_t mpo_socket_check_received;
  898. uint64_t mpo_socket_check_select;
  899. uint64_t mpo_socket_check_send;
  900. uint64_t mpo_socket_check_stat;
  901. uint64_t mpo_socket_check_setsockopt;
  902. uint64_t mpo_socket_check_getsockopt;
  903. uint64_t mpo_socket_label_associate_accept;
  904. uint64_t mpo_socket_label_associate;
  905. uint64_t mpo_socket_label_copy;
  906. uint64_t mpo_socket_label_destroy;
  907. uint64_t mpo_socket_label_externalize;
  908. uint64_t mpo_socket_label_init;
  909. uint64_t mpo_socket_label_internalize;
  910. uint64_t mpo_socket_label_update;
  911. uint64_t mpo_socketpeer_label_associate_mbuf;
  912. uint64_t mpo_socketpeer_label_associate_socket;
  913. uint64_t mpo_socketpeer_label_destroy;
  914. uint64_t mpo_socketpeer_label_externalize;
  915. uint64_t mpo_socketpeer_label_init;
  916. uint64_t mpo_system_check_acct;
  917. uint64_t mpo_system_check_audit;
  918. uint64_t mpo_system_check_auditctl;
  919. uint64_t mpo_system_check_auditon;
  920. uint64_t mpo_system_check_host_priv;
  921. uint64_t mpo_system_check_nfsd;
  922. uint64_t mpo_system_check_reboot;
  923. uint64_t mpo_system_check_settime;
  924. uint64_t mpo_system_check_swapoff;
  925. uint64_t mpo_system_check_swapon;
  926. uint64_t mpo_reserved7;
  927. uint64_t mpo_sysvmsg_label_associate;
  928. uint64_t mpo_sysvmsg_label_destroy;
  929. uint64_t mpo_sysvmsg_label_init;
  930. uint64_t mpo_sysvmsg_label_recycle;
  931. uint64_t mpo_sysvmsq_check_enqueue;
  932. uint64_t mpo_sysvmsq_check_msgrcv;
  933. uint64_t mpo_sysvmsq_check_msgrmid;
  934. uint64_t mpo_sysvmsq_check_msqctl;
  935. uint64_t mpo_sysvmsq_check_msqget;
  936. uint64_t mpo_sysvmsq_check_msqrcv;
  937. uint64_t mpo_sysvmsq_check_msqsnd;
  938. uint64_t mpo_sysvmsq_label_associate;
  939. uint64_t mpo_sysvmsq_label_destroy;
  940. uint64_t mpo_sysvmsq_label_init;
  941. uint64_t mpo_sysvmsq_label_recycle;
  942. uint64_t mpo_sysvsem_check_semctl;
  943. uint64_t mpo_sysvsem_check_semget;
  944. uint64_t mpo_sysvsem_check_semop;
  945. uint64_t mpo_sysvsem_label_associate;
  946. uint64_t mpo_sysvsem_label_destroy;
  947. uint64_t mpo_sysvsem_label_init;
  948. uint64_t mpo_sysvsem_label_recycle;
  949. uint64_t mpo_sysvshm_check_shmat;
  950. uint64_t mpo_sysvshm_check_shmctl;
  951. uint64_t mpo_sysvshm_check_shmdt;
  952. uint64_t mpo_sysvshm_check_shmget;
  953. uint64_t mpo_sysvshm_label_associate;
  954. uint64_t mpo_sysvshm_label_destroy;
  955. uint64_t mpo_sysvshm_label_init;
  956. uint64_t mpo_sysvshm_label_recycle;
  957. uint64_t mpo_reserved8;
  958. uint64_t mpo_mount_check_snapshot_revert;
  959. uint64_t mpo_vnode_check_getattr;
  960. uint64_t mpo_mount_check_snapshot_create;
  961. uint64_t mpo_mount_check_snapshot_delete;
  962. uint64_t mpo_vnode_check_clone;
  963. uint64_t mpo_proc_check_get_cs_info;
  964. uint64_t mpo_proc_check_set_cs_info;
  965. uint64_t mpo_iokit_check_hid_control;
  966. uint64_t mpo_vnode_check_access;
  967. uint64_t mpo_vnode_check_chdir;
  968. uint64_t mpo_vnode_check_chroot;
  969. uint64_t mpo_vnode_check_create;
  970. uint64_t mpo_vnode_check_deleteextattr;
  971. uint64_t mpo_vnode_check_exchangedata;
  972. uint64_t mpo_vnode_check_exec;
  973. uint64_t mpo_vnode_check_getattrlist;
  974. uint64_t mpo_vnode_check_getextattr;
  975. uint64_t mpo_vnode_check_ioctl;
  976. uint64_t mpo_vnode_check_kqfilter;
  977. uint64_t mpo_vnode_check_label_update;
  978. uint64_t mpo_vnode_check_link;
  979. uint64_t mpo_vnode_check_listextattr;
  980. uint64_t mpo_vnode_check_lookup;
  981. uint64_t mpo_vnode_check_open;
  982. uint64_t mpo_vnode_check_read;
  983. uint64_t mpo_vnode_check_readdir;
  984. uint64_t mpo_vnode_check_readlink;
  985. uint64_t mpo_vnode_check_rename_from;
  986. uint64_t mpo_vnode_check_rename_to;
  987. uint64_t mpo_vnode_check_revoke;
  988. uint64_t mpo_vnode_check_select;
  989. uint64_t mpo_vnode_check_setattrlist;
  990. uint64_t mpo_vnode_check_setextattr;
  991. uint64_t mpo_vnode_check_setflags;
  992. uint64_t mpo_vnode_check_setmode;
  993. uint64_t mpo_vnode_check_setowner;
  994. uint64_t mpo_vnode_check_setutimes;
  995. uint64_t mpo_vnode_check_stat;
  996. uint64_t mpo_vnode_check_truncate;
  997. uint64_t mpo_vnode_check_unlink;
  998. uint64_t mpo_vnode_check_write;
  999. uint64_t mpo_vnode_label_associate_devfs;
  1000. uint64_t mpo_vnode_label_associate_extattr;
  1001. uint64_t mpo_vnode_label_associate_file;
  1002. uint64_t mpo_vnode_label_associate_pipe;
  1003. uint64_t mpo_vnode_label_associate_posixsem;
  1004. uint64_t mpo_vnode_label_associate_posixshm;
  1005. uint64_t mpo_vnode_label_associate_singlelabel;
  1006. uint64_t mpo_vnode_label_associate_socket;
  1007. uint64_t mpo_vnode_label_copy;
  1008. uint64_t mpo_vnode_label_destroy;
  1009. uint64_t mpo_vnode_label_externalize_audit;
  1010. uint64_t mpo_vnode_label_externalize;
  1011. uint64_t mpo_vnode_label_init;
  1012. uint64_t mpo_vnode_label_internalize;
  1013. uint64_t mpo_vnode_label_recycle;
  1014. uint64_t mpo_vnode_label_store;
  1015. uint64_t mpo_vnode_label_update_extattr;
  1016. uint64_t mpo_vnode_label_update;
  1017. uint64_t mpo_vnode_notify_create;
  1018. uint64_t mpo_vnode_check_signature;
  1019. uint64_t mpo_vnode_check_uipc_bind;
  1020. uint64_t mpo_vnode_check_uipc_connect;
  1021. uint64_t mpo_proc_check_run_cs_invalid;
  1022. uint64_t mpo_proc_check_suspend_resume;
  1023. uint64_t mpo_thread_userret;
  1024. uint64_t mpo_iokit_check_set_properties;
  1025. uint64_t mpo_system_check_chud;
  1026. uint64_t mpo_vnode_check_searchfs;
  1027. uint64_t mpo_priv_check;
  1028. uint64_t mpo_priv_grant;
  1029. uint64_t mpo_proc_check_map_anon;
  1030. uint64_t mpo_vnode_check_fsgetpath;
  1031. uint64_t mpo_iokit_check_open;
  1032. uint64_t mpo_proc_check_ledger;
  1033. uint64_t mpo_vnode_notify_rename;
  1034. uint64_t mpo_vnode_check_setacl;
  1035. uint64_t mpo_vnode_notify_deleteextattr;
  1036. uint64_t mpo_system_check_kas_info;
  1037. uint64_t mpo_proc_check_cpumon;
  1038. uint64_t mpo_vnode_notify_open;
  1039. uint64_t mpo_system_check_info;
  1040. uint64_t mpo_pty_notify_grant;
  1041. uint64_t mpo_pty_notify_close;
  1042. uint64_t mpo_vnode_find_sigs;
  1043. uint64_t mpo_kext_check_load;
  1044. uint64_t mpo_kext_check_unload;
  1045. uint64_t mpo_proc_check_proc_info;
  1046. uint64_t mpo_vnode_notify_link;
  1047. uint64_t mpo_iokit_check_filter_properties;
  1048. uint64_t mpo_iokit_check_get_property;
  1049. };
  1050. kern_return_t mach_vm_read_overwrite(vm_map_t target_task, mach_vm_address_t address, mach_vm_size_t size, mach_vm_address_t data, mach_vm_size_t *outsize);
  1051. kern_return_t mach_vm_write(vm_map_t target_task, mach_vm_address_t address, vm_offset_t data, mach_msg_type_number_t dataCnt);
  1052. kern_return_t mach_vm_protect(vm_map_t target_task, mach_vm_address_t address, mach_vm_size_t size, boolean_t set_maximum, vm_prot_t new_protection);
  1053. kern_return_t mach_vm_allocate(vm_map_t target, mach_vm_address_t *address, mach_vm_size_t size, int flags);
  1054. #define ReadAnywhere32 kread_uint32
  1055. #define WriteAnywhere32 kwrite_uint32
  1056. #define ReadAnywhere64 kread_uint64
  1057. #define WriteAnywhere64 kwrite_uint64
  1058. #define copyin(to, from, size) kpp_kread(from, to, size)
  1059. #define copyout(to, from, size) kpp_kwrite(to, from, size)
  1060. #endif /* kpp_h */