this repo has no description
Moving towards a single (original) MacTypes.h Added libauto Added fake libsandbox Added some submodules (which are not built yet, work in progress)
+414
-50
+12
.gitmodules
+12
.gitmodules
···
120
120
path = src/external/libauto
121
121
url = ../darling-libauto.git
122
122
branch = darling
123
+
[submodule "src/external/coretls"]
124
+
path = src/external/coretls
125
+
url = ../darling-coretls.git
126
+
branch = darling
127
+
[submodule "src/external/security"]
128
+
path = src/external/security
129
+
url = ../darling-security.git
130
+
branch = darling
131
+
[submodule "src/external/libxpc"]
132
+
path = src/external/libxpc
133
+
url = ../darling-libxpc.git
134
+
branch = darling
+3
etc/dylib.conf
+3
etc/dylib.conf
···
58
58
/usr/lib/libsqlite3.dylib=libsqlite3.so
59
59
/usr/lib/libsqlite3.0.dylib=libsqlite3.so
60
60
/usr/lib/libauto.dylib=libauto.so
61
+
/usr/lib/libsandbox.dylib=libsandbox.so
62
+
/usr/lib/libsandbox.1.dylib=libsandbox.so
63
+
/usr/lib/libauto.dylib=libauto.so
61
64
62
65
[CoreFoundation.framework]
63
66
A=libCFFExtra.so
+4
-2
src/CMakeLists.txt
+4
-2
src/CMakeLists.txt
···
19
19
message(FATAL_ERROR "BITS is not specified (32/64)")
20
20
endif (NOT BITS)
21
21
22
-
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m${BITS}")
23
-
SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m${BITS}")
22
+
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -m${BITS} -D__APPLE_CC__")
23
+
SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m${BITS} -D__APPLE_CPP__")
24
24
SET(CMAKE_ASM_FLAGS "-m${BITS}")
25
25
SET(CMAKE_ASM-ATT_FLAGS "-m${BITS}")
26
26
···
125
125
add_subdirectory(external/python/2.6/Python-2.6.9)
126
126
add_subdirectory(external/expat)
127
127
add_subdirectory(external/libauto)
128
+
#add_subdirectory(external/security) # work in progress
129
+
add_subdirectory(sandbox)
128
130
add_subdirectory(Cocoa)
129
131
130
132
if (NOT DARLING_NO_EXECUTABLES)
+49
-16
src/CoreServices/DriverServices.cpp
+49
-16
src/CoreServices/DriverServices.cpp
···
27
27
struct timeval boottime, now;
28
28
size_t len = sizeof(boottime);
29
29
int mib[2] = { CTL_KERN, KERN_BOOTTIME };
30
+
uint64_t value;
30
31
31
32
if (sysctl(mib, 2, &boottime, &len, NULL, 0) < 0)
32
-
return 0;
33
+
return { 0, 0};
33
34
34
35
gettimeofday(&now, NULL);
35
36
36
-
return (now.tv_sec-boottime.tv_sec) * 1000000000ll
37
+
value = (now.tv_sec-boottime.tv_sec) * 1000000000ll
37
38
+ (now.tv_usec-boottime.tv_usec) * 1000ll;
39
+
return *reinterpret_cast<AbsoluteTime*>(&value);
38
40
}
39
41
40
42
Nanoseconds AbsoluteToNanoseconds(AbsoluteTime absTime)
41
43
{
42
-
return absTime;
44
+
return *reinterpret_cast<Nanoseconds*>(&absTime);
43
45
}
44
46
45
47
Duration AbsoluteToDuration(AbsoluteTime absTime)
46
48
{
47
-
return Duration(absTime / 1000000ll);
49
+
return Duration(*reinterpret_cast<int64_t*>(&absTime) / 1000000ll);
48
50
}
49
51
50
52
AbsoluteTime NanosecondsToAbsolute(Nanoseconds ns)
51
53
{
52
-
return ns;
54
+
uint64_t value = *reinterpret_cast<uint64_t*>(&ns);
55
+
return *reinterpret_cast<AbsoluteTime*>(&value);
53
56
}
54
57
55
58
AbsoluteTime DurationToAbsolute(Duration duration)
56
59
{
57
-
return duration * 1000000ll;
60
+
int64_t value = duration * 1000000ll;
61
+
return *reinterpret_cast<AbsoluteTime*>(&value);
58
62
}
59
63
60
64
AbsoluteTime AddAbsoluteToAbsolute(AbsoluteTime time1, AbsoluteTime time2)
61
65
{
62
-
return time1+time2;
66
+
int64_t value;
67
+
value = *reinterpret_cast<int64_t*>(&time1);
68
+
value += *reinterpret_cast<int64_t*>(&time2);
69
+
return *reinterpret_cast<AbsoluteTime*>(&value);
63
70
}
64
71
65
72
AbsoluteTime SubAbsoluteFromAbsolute(AbsoluteTime time1, AbsoluteTime time2)
66
73
{
67
-
return time1-time2;
74
+
int64_t value;
75
+
value = *reinterpret_cast<int64_t*>(&time1);
76
+
value -= *reinterpret_cast<int64_t*>(&time2);
77
+
return *reinterpret_cast<AbsoluteTime*>(&value);
68
78
}
69
79
70
80
AbsoluteTime AddNanosecondsToAbsolute(Nanoseconds ns, AbsoluteTime absTime)
71
81
{
72
-
return absTime + NanosecondsToAbsolute(ns);
82
+
int64_t value;
83
+
value = *reinterpret_cast<int64_t*>(&absTime);
84
+
value += *reinterpret_cast<uint64_t*>(&ns);
85
+
return *reinterpret_cast<AbsoluteTime*>(&value);
73
86
}
74
87
75
88
AbsoluteTime AddDurationToAbsolute(Duration duration, AbsoluteTime absTime)
76
89
{
77
-
return absTime + DurationToAbsolute(duration);
90
+
int64_t value;
91
+
AbsoluteTime at2 = DurationToAbsolute(duration);
92
+
93
+
value = *reinterpret_cast<int64_t*>(&absTime);
94
+
value += *reinterpret_cast<int64_t*>(&at2);
95
+
96
+
return *reinterpret_cast<AbsoluteTime*>(&value);
78
97
}
79
98
80
99
AbsoluteTime SubNanosecondsFromAbsolute(Nanoseconds ns, AbsoluteTime absTime)
81
100
{
82
-
return absTime - NanosecondsToAbsolute(ns);
101
+
int64_t value;
102
+
value = *reinterpret_cast<int64_t*>(&absTime);
103
+
value -= *reinterpret_cast<uint64_t*>(&ns);
104
+
return *reinterpret_cast<AbsoluteTime*>(&value);
83
105
}
84
106
85
107
AbsoluteTime SubDurationFromAbsolute(Duration duration, AbsoluteTime absTime)
86
108
{
87
-
return absTime - DurationToAbsolute(duration);
109
+
int64_t value;
110
+
AbsoluteTime at2 = DurationToAbsolute(duration);
111
+
112
+
value = *reinterpret_cast<int64_t*>(&absTime);
113
+
value -= *reinterpret_cast<int64_t*>(&at2);
114
+
115
+
return *reinterpret_cast<AbsoluteTime*>(&value);
88
116
}
89
117
90
118
Nanoseconds AbsoluteDeltaToNanoseconds(AbsoluteTime time1, AbsoluteTime time2)
91
119
{
92
-
return AbsoluteToNanoseconds(time1 - time2);
120
+
int64_t value = *reinterpret_cast<int64_t*>(&time1)
121
+
- *reinterpret_cast<int64_t*>(&time2);
122
+
123
+
return AbsoluteToNanoseconds(*reinterpret_cast<AbsoluteTime*>(&value));
93
124
}
94
125
95
126
Duration AbsoluteDeltaToDuration(AbsoluteTime time1, AbsoluteTime time2)
96
127
{
97
-
return AbsoluteToDuration(time1 - time2);
128
+
return AbsoluteToDuration(SubAbsoluteFromAbsolute(time1, time2));
98
129
}
99
130
100
131
Nanoseconds DurationToNanoseconds(Duration duration)
101
132
{
102
-
return duration * 1000000ll;
133
+
uint64_t value = duration * 1000000ll;
134
+
return *reinterpret_cast<Nanoseconds*>(&value);
103
135
}
104
136
105
137
Duration NanosecondsToDuration(Nanoseconds ns)
106
138
{
107
-
return Duration(ns / 1000000ll);
139
+
uint64_t value = *reinterpret_cast<uint64_t*>(&ns);
140
+
return Duration(value / 1000000ll);
108
141
}
109
142
+18
-18
src/CoreServices/FixMath.cpp
+18
-18
src/CoreServices/FixMath.cpp
···
135
135
136
136
short WideCompare(const wide* a, const wide* b)
137
137
{
138
-
if (*a > *b)
138
+
if (*reinterpret_cast<const int64_t*>(a) > *reinterpret_cast<const int64_t*>(b))
139
139
return 1;
140
-
else if (*a < *b)
140
+
else if (*reinterpret_cast<const int64_t*>(a) < *reinterpret_cast<const int64_t*>(b))
141
141
return -1;
142
142
else
143
143
return 0;
···
145
145
146
146
wide* WideAdd(wide* dst, const wide* val)
147
147
{
148
-
*dst += *val;
148
+
*reinterpret_cast<int64_t*>(dst) += *reinterpret_cast<const int64_t*>(val);
149
149
return dst;
150
150
}
151
151
152
152
wide* WideSubtract(wide* dst, const wide* val)
153
153
{
154
-
*dst -= *val;
154
+
*reinterpret_cast<int64_t*>(dst) -= *reinterpret_cast<const int64_t*>(val);
155
155
return dst;
156
156
}
157
157
158
158
wide* WideNegate(wide* val)
159
159
{
160
-
*val = -*val;
160
+
*reinterpret_cast<int64_t*>(val) = -*reinterpret_cast<int64_t*>(val);
161
161
return val;
162
162
}
163
163
164
164
wide* WideShift(wide* dst, int32_t shift) // rounds upwards
165
165
{
166
-
wide result, mask;
166
+
int64_t result, mask;
167
167
bool round;
168
168
169
169
if (shift >= 0)
170
170
{
171
-
result = *dst >> shift;
171
+
result = *(reinterpret_cast<int64_t*>(dst)) >> shift;
172
172
mask = result << shift;
173
173
}
174
174
else
175
175
{
176
-
result = *dst << (-shift);
176
+
result = *(reinterpret_cast<int64_t*>(dst)) << (-shift);
177
177
mask = result >> (-shift);
178
178
}
179
179
180
-
round = ((*dst) & ~mask) != 0;
180
+
round = ((*reinterpret_cast<int64_t*>(dst)) & ~mask) != 0;
181
181
182
182
if (round)
183
183
result++;
184
-
*dst = result;
184
+
*reinterpret_cast<int64_t*>(dst) = result;
185
185
186
186
return dst;
187
187
}
188
188
189
189
uint32_t WideSquareRoot(const wide* val)
190
190
{
191
-
return (uint32_t) sqrt(*val);
191
+
return (uint32_t) sqrt(*reinterpret_cast<const int64_t*>(val));
192
192
}
193
193
194
194
wide* WideMultiply(int32_t a, int32_t b, wide* dst)
195
195
{
196
-
*dst = int64_t(a) * int64_t(b);
196
+
*reinterpret_cast<int64_t*>(dst) = int64_t(a) * int64_t(b);
197
197
return dst;
198
198
}
199
199
200
200
int32_t WideDivide(const wide* divd, int32_t divs, int32_t* remainder)
201
201
{
202
202
if (remainder)
203
-
*remainder = *divd % divs;
204
-
return int32_t(*divd / divs);
203
+
*remainder = *reinterpret_cast<const int64_t*>(divd) % divs;
204
+
return int32_t(*reinterpret_cast<const int64_t*>(divd) / divs);
205
205
}
206
206
207
207
wide* WideWideDivide(wide* divd, int32_t divs, int32_t* remainder)
208
208
{
209
209
if (remainder)
210
-
*remainder = *divd % divs;
211
-
*divd /= divs;
210
+
*remainder = *reinterpret_cast<int64_t*>(divd) % divs;
211
+
*reinterpret_cast<int64_t*>(divd) /= divs;
212
212
return divd;
213
213
}
214
214
···
218
218
// negative -> left
219
219
220
220
if (shift >= 0)
221
-
*dst >>= shift;
221
+
*reinterpret_cast<int64_t*>(dst) >>= shift;
222
222
else
223
-
*dst <<= (-shift);
223
+
*reinterpret_cast<int64_t*>(dst) <<= (-shift);
224
224
225
225
return dst;
226
226
}
+3
-3
src/CoreServices/MacTypes.h
+3
-3
src/CoreServices/MacTypes.h
···
27
27
typedef UnsignedFixed* UnsignedFixedPtr;
28
28
typedef short ShortFixed;
29
29
typedef ShortFixed * ShortFixedPtr; // 8/8
30
-
typedef int64_t wide;
31
-
typedef uint64_t UnsignedWide;
32
-
typedef uint64_t AbsoluteTime;
30
+
//typedef int64_t wide;
31
+
//typedef uint64_t UnsignedWide;
32
+
//typedef uint64_t AbsoluteTime;
33
33
typedef int32_t Duration; // milliseconds
34
34
typedef uint8_t Boolean;
35
35
+1
-1
src/CoreServices/Multiprocessing.cpp
+1
-1
src/CoreServices/Multiprocessing.cpp
···
11
11
12
12
OSStatus MPDelayUntil(AbsoluteTime* time)
13
13
{
14
-
struct timespec ts = { time_t(*time / 1000000000ll), long(*time % 1000000000ll) };
14
+
struct timespec ts = { time_t(*reinterpret_cast<uint64_t*>(time) / 1000000000ll), long(*reinterpret_cast<uint64_t*>(time) % 1000000000ll) };
15
15
nanosleep(&ts, nullptr);
16
16
return noErr;
17
17
}
-7
src/CoreServices/Processes.h
-7
src/CoreServices/Processes.h
···
6
6
#include <CoreFoundation/CFDictionary.h>
7
7
#include <sys/types.h>
8
8
9
-
struct ProcessSerialNumber
10
-
{
11
-
unsigned long highLongOfPSN;
12
-
unsigned long lowLongOfPSN;
13
-
};
14
-
typedef ProcessSerialNumber* ProcessSerialNumberPtr;
15
-
16
9
struct ProcessInfoRec
17
10
{
18
11
unsigned long processInfoLength;
+3
-3
src/CoreServices/Timer.cpp
+3
-3
src/CoreServices/Timer.cpp
···
8
8
9
9
time = mach_absolute_time();
10
10
11
-
*tickCount = time / 1000000000ll;
12
-
time -= *tickCount * 1000000000ll;
11
+
*reinterpret_cast<uint64_t*>(tickCount) = time / 1000000000ll;
12
+
time -= *reinterpret_cast<uint64_t*>(tickCount) * 1000000000ll;
13
13
14
-
*tickCount += time / 1000;
14
+
*reinterpret_cast<uint64_t*>(tickCount) += time / 1000;
15
15
}
16
16
+1
src/IOKit/CMakeLists.txt
+1
src/IOKit/CMakeLists.txt
···
15
15
include_directories(${DARLING_TOP_DIRECTORY}/src/external/corefoundation/Headers)
16
16
include_directories(${CMAKE_BINARY_DIR}/src/external/corefoundation/Headers)
17
17
include_directories(${DARLING_TOP_DIRECTORY}/src/external/foundation/Headers)
18
+
include_directories(${DARLING_TOP_DIRECTORY}/basic-headers)
18
19
19
20
add_definitions(-DOBJC2RUNTIME)
20
21
+24
src/sandbox/CMakeLists.txt
+24
src/sandbox/CMakeLists.txt
···
1
+
project(libsandbox)
2
+
3
+
cmake_minimum_required(VERSION 2.4.0)
4
+
5
+
if(COMMAND cmake_policy)
6
+
cmake_policy(SET CMP0003 NEW)
7
+
endif(COMMAND cmake_policy)
8
+
9
+
add_definitions(-D__APPLE__ -D__MACH__)
10
+
add_definitions(-DTARGET_OS_MAC=1)
11
+
add_definitions(-D__APPLE__ -D__DYNAMIC__)
12
+
add_definitions(-D__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__=1080)
13
+
14
+
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -nostdinc -D__DARWIN_UNIX03 -fPIC -w")
15
+
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -nostdlib -Wl,--version-script=${DARLING_TOP_DIRECTORY}/darwin.map")
16
+
17
+
SET(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/darling")
18
+
SET(CMAKE_BUILD_WITH_INSTALL_RPATH TRUE)
19
+
SET(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
20
+
21
+
add_library(sandbox SHARED sandbox.c)
22
+
target_link_libraries(sandbox PRIVATE system)
23
+
24
+
install(TARGETS sandbox DESTINATION ${CMAKE_INSTALL_LIBDIR}/darling)
+115
src/sandbox/sandbox.c
+115
src/sandbox/sandbox.c
···
1
+
#include "sandbox.h"
2
+
#include <stddef.h>
3
+
#include <string.h>
4
+
5
+
// DUMMY implementation
6
+
7
+
int sandbox_init(const char *profile, uint64_t flags, char **errorbuf)
8
+
{
9
+
*errorbuf = strdup("Not implemented");
10
+
return -1;
11
+
}
12
+
13
+
const char kSBXProfileNoInternet[] = "no_internet";
14
+
15
+
const char kSBXProfileNoNetwork[] = "no_network";
16
+
17
+
const char kSBXProfileNoWrite[] = "no_write";
18
+
19
+
const char kSBXProfileNoWriteExceptTemporary[] = "no_write_except_temporary";
20
+
21
+
const char kSBXProfilePureComputation[] = "pure_computation";
22
+
23
+
void sandbox_free_error(char *errorbuf)
24
+
{
25
+
free(errorbuf);
26
+
}
27
+
28
+
int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf)
29
+
{
30
+
*errorbuf = strdup("Not implemented");
31
+
return -1;
32
+
}
33
+
34
+
int sandbox_init_with_extensions(const char *profile, uint64_t flags, const char *const extensions[], char **errorbuf)
35
+
{
36
+
*errorbuf = strdup("Not implemented");
37
+
return -1;
38
+
}
39
+
40
+
int sandbox_check(pid_t pid, const char *operation, enum sandbox_filter_type type, ...)
41
+
{
42
+
return -1;
43
+
}
44
+
45
+
int sandbox_note(const char *note)
46
+
{
47
+
return -1;
48
+
}
49
+
50
+
int sandbox_suspend(pid_t pid)
51
+
{
52
+
return -1;
53
+
}
54
+
55
+
int sandbox_unsuspend(void)
56
+
{
57
+
return -1;
58
+
}
59
+
60
+
int sandbox_issue_extension(const char *path, char **ext_token)
61
+
{
62
+
return -1;
63
+
}
64
+
65
+
int sandbox_issue_fs_extension(const char *path, uint64_t flags, char **ext_token)
66
+
{
67
+
return -1;
68
+
}
69
+
70
+
int sandbox_issue_fs_rw_extension(const char *path, char **ext_token)
71
+
{
72
+
return -1;
73
+
}
74
+
75
+
int sandbox_issue_mach_extension(const char *name, char **ext_token)
76
+
{
77
+
return -1;
78
+
}
79
+
80
+
int sandbox_consume_extension(const char *path, const char *ext_token)
81
+
{
82
+
return -1;
83
+
}
84
+
85
+
int sandbox_consume_fs_extension(const char *ext_token, char **path)
86
+
{
87
+
return -1;
88
+
}
89
+
90
+
int sandbox_consume_mach_extension(const char *ext_token, char **name)
91
+
{
92
+
return -1;
93
+
}
94
+
95
+
int sandbox_release_fs_extension(const char *ext_token)
96
+
{
97
+
return -1;
98
+
}
99
+
100
+
int sandbox_container_path_for_pid(pid_t pid, char *buffer, size_t bufsize)
101
+
{
102
+
return -1;
103
+
}
104
+
105
+
int sandbox_wakeup_daemon(char **errorbuf)
106
+
{
107
+
*errorbuf = strdup("Not implemented");
108
+
return -1;
109
+
}
110
+
111
+
const char *_amkrtemp(const char *unused)
112
+
{
113
+
return NULL;
114
+
}
115
+
+181
src/sandbox/sandbox.h
+181
src/sandbox/sandbox.h
···
1
+
/*
2
+
* Copyright (c) 2006-2010 Apple Inc. All rights reserved.
3
+
*
4
+
* @APPLE_LICENSE_HEADER_START@
5
+
*
6
+
* This file contains Original Code and/or Modifications of Original Code
7
+
* as defined in and that are subject to the Apple Public Source License
8
+
* Version 2.0 (the 'License'). You may not use this file except in
9
+
* compliance with the License. Please obtain a copy of the License at
10
+
* http://www.opensource.apple.com/apsl/ and read it before using this
11
+
* file.
12
+
*
13
+
* The Original Code and all software distributed under the License are
14
+
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15
+
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16
+
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17
+
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18
+
* Please see the License for the specific language governing rights and
19
+
* limitations under the License.
20
+
*
21
+
* @APPLE_LICENSE_HEADER_END@
22
+
*/
23
+
#ifndef _SANDBOX_H_
24
+
#define _SANDBOX_H_
25
+
26
+
#include <sys/cdefs.h>
27
+
#include <stdint.h>
28
+
#include <unistd.h>
29
+
30
+
__BEGIN_DECLS
31
+
/*
32
+
* @function sandbox_init
33
+
* Places the current process in a sandbox with a profile as
34
+
* specified. If the process is already in a sandbox, the new profile
35
+
* is ignored and sandbox_init() returns an error.
36
+
*
37
+
* @param profile (input) The Sandbox profile to be used. The format
38
+
* and meaning of this parameter is modified by the `flags' parameter.
39
+
*
40
+
* @param flags (input) Must be SANDBOX_NAMED. All other
41
+
* values are reserved.
42
+
*
43
+
* @param errorbuf (output) In the event of an error, sandbox_init
44
+
* will set `*errorbuf' to a pointer to a NUL-terminated string
45
+
* describing the error. This string may contain embedded newlines.
46
+
* This error information is suitable for developers and is not
47
+
* intended for end users.
48
+
*
49
+
* If there are no errors, `*errorbuf' will be set to NULL. The
50
+
* buffer `*errorbuf' should be deallocated with `sandbox_free_error'.
51
+
*
52
+
* @result 0 on success, -1 otherwise.
53
+
*/
54
+
int sandbox_init(const char *profile, uint64_t flags, char **errorbuf);
55
+
56
+
/*
57
+
* @define SANDBOX_NAMED The `profile' argument specifies a Sandbox
58
+
* profile named by one of the kSBXProfile* string constants.
59
+
*/
60
+
#define SANDBOX_NAMED 0x0001
61
+
62
+
#ifdef __APPLE_API_PRIVATE
63
+
64
+
/* The following flags are reserved for Mac OS X. Developers should not
65
+
* depend on their availability.
66
+
*/
67
+
68
+
/*
69
+
* @define SANDBOX_NAMED_BUILTIN The `profile' argument specifies the
70
+
* name of a builtin profile that is statically compiled into the
71
+
* system.
72
+
*/
73
+
#define SANDBOX_NAMED_BUILTIN 0x0002
74
+
75
+
/*
76
+
* @define SANDBOX_NAMED_EXTERNAL The `profile' argument specifies the
77
+
* pathname of a Sandbox profile. The pathname may be abbreviated: If
78
+
* the name does not start with a `/' it is treated as relative to
79
+
* /usr/share/sandbox and a `.sb' suffix is appended.
80
+
*/
81
+
#define SANDBOX_NAMED_EXTERNAL 0x0003
82
+
83
+
/*
84
+
* @define SANDBOX_NAMED_MASK Mask for name types: 4 bits, 15 possible
85
+
* name types, 3 currently defined.
86
+
*/
87
+
#define SANDBOX_NAMED_MASK 0x000f
88
+
89
+
#endif /* __APPLE_API_PRIVATE */
90
+
91
+
/*
92
+
* Available Sandbox profiles.
93
+
*/
94
+
95
+
/* TCP/IP networking is prohibited. */
96
+
extern const char kSBXProfileNoInternet[];
97
+
98
+
/* All sockets-based networking is prohibited. */
99
+
extern const char kSBXProfileNoNetwork[];
100
+
101
+
/* File system writes are prohibited. */
102
+
extern const char kSBXProfileNoWrite[];
103
+
104
+
/* File system writes are restricted to temporary folders /var/tmp and
105
+
* confstr(_CS_DARWIN_USER_DIR, ...).
106
+
*/
107
+
extern const char kSBXProfileNoWriteExceptTemporary[];
108
+
109
+
/* All operating system services are prohibited. */
110
+
extern const char kSBXProfilePureComputation[];
111
+
112
+
/*
113
+
* @function sandbox_free_error
114
+
* Deallocates an error string previously allocated by sandbox_init.
115
+
*
116
+
* @param errorbuf (input) The buffer to be freed. Must be a pointer
117
+
* previously returned by sandbox_init in the `errorbuf' argument, or NULL.
118
+
*
119
+
* @result void
120
+
*/
121
+
void sandbox_free_error(char *errorbuf);
122
+
123
+
124
+
#ifdef __APPLE_API_PRIVATE
125
+
126
+
/* The following definitions are reserved for Mac OS X. Developers should not
127
+
* depend on their availability.
128
+
*/
129
+
130
+
int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);
131
+
132
+
int sandbox_init_with_extensions(const char *profile, uint64_t flags, const char *const extensions[], char **errorbuf);
133
+
134
+
enum sandbox_filter_type {
135
+
SANDBOX_FILTER_NONE,
136
+
SANDBOX_FILTER_PATH,
137
+
SANDBOX_FILTER_GLOBAL_NAME,
138
+
SANDBOX_FILTER_LOCAL_NAME,
139
+
SANDBOX_FILTER_APPLEEVENT_DESTINATION,
140
+
SANDBOX_FILTER_RIGHT_NAME,
141
+
};
142
+
143
+
extern const enum sandbox_filter_type SANDBOX_CHECK_NO_REPORT __attribute__((weak_import));
144
+
145
+
enum sandbox_extension_flags {
146
+
FS_EXT_DEFAULTS = 0,
147
+
FS_EXT_FOR_PATH = (1 << 0),
148
+
FS_EXT_FOR_FILE = (1 << 1),
149
+
FS_EXT_READ = (1 << 2),
150
+
FS_EXT_WRITE = (1 << 3),
151
+
FS_EXT_PREFER_FILEID = (1 << 4),
152
+
};
153
+
154
+
int sandbox_check(pid_t pid, const char *operation, enum sandbox_filter_type type, ...);
155
+
156
+
int sandbox_note(const char *note);
157
+
158
+
int sandbox_suspend(pid_t pid);
159
+
int sandbox_unsuspend(void);
160
+
161
+
int sandbox_issue_extension(const char *path, char **ext_token);
162
+
int sandbox_issue_fs_extension(const char *path, uint64_t flags, char **ext_token);
163
+
int sandbox_issue_fs_rw_extension(const char *path, char **ext_token);
164
+
int sandbox_issue_mach_extension(const char *name, char **ext_token);
165
+
166
+
int sandbox_consume_extension(const char *path, const char *ext_token);
167
+
int sandbox_consume_fs_extension(const char *ext_token, char **path);
168
+
int sandbox_consume_mach_extension(const char *ext_token, char **name);
169
+
170
+
int sandbox_release_fs_extension(const char *ext_token);
171
+
172
+
int sandbox_container_path_for_pid(pid_t pid, char *buffer, size_t bufsize);
173
+
174
+
int sandbox_wakeup_daemon(char **errorbuf);
175
+
176
+
const char *_amkrtemp(const char *);
177
+
178
+
#endif /* __APPLE_API_PRIVATE */
179
+
180
+
__END_DECLS
181
+
#endif /* _SANDBOX_H_ */