[Lldb-commits] [lldb] r252228 - Add support for one API used to detect if a process

[Jason Molenda via lldb-commits]

Author: jmolenda
Date: Thu Nov  5 17:04:57 2015
New Revision: 252228

URL: http://llvm.org/viewvc/llvm-project?rev=252228&view=rev
Log:
Add support for one API used to detect if a process
is running under System Integrity Protection on 
Mac OS X 10.11.  The rootless_allows_task_for_pid() spi
(see debugserver RNBRemote.cpp) is the final SPI that
is used for this - should add support for that too at
some point.


Modified:
    lldb/trunk/tools/darwin-threads/examine-threads.c

Modified: lldb/trunk/tools/darwin-threads/examine-threads.c
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/tools/darwin-threads/examine-threads.c?rev=252228&r1=252227&r2=252228&view=diff
==============================================================================
--- lldb/trunk/tools/darwin-threads/examine-threads.c (original)
+++ lldb/trunk/tools/darwin-threads/examine-threads.c Thu Nov  5 17:04:57 2015
@@ -10,6 +10,11 @@
 #include <errno.h>
 #include <dispatch/dispatch.h>
 
+// from System.framework/Versions/B/PrivateHeaders/sys/codesign.h
+#define CS_OPS_STATUS           0       /* return status */
+#define CS_RESTRICT             0x0000800       /* tell dyld to treat restricted */
+int csops(pid_t pid, unsigned int  ops, void * useraddr, size_t usersize);
+
 /* Step through the process table, find a matching process name, return
    the pid of that matched process.
    If there are multiple processes with that name, issue a warning on stdout
@@ -367,6 +372,13 @@ main (int argc, char **argv)
 
   printf ("\n");
 
+  int csops_flags = 0;
+  if (csops (pid, CS_OPS_STATUS, &csops_flags, sizeof (csops_flags)) != -1
+      && (csops_flags & CS_RESTRICT))
+  {
+      printf ("pid %d (%s) is restricted so nothing can attach to it.\n", pid, process_name);
+  }
+
   kr = task_for_pid (mach_task_self (), pid, &task);
   if (kr != KERN_SUCCESS)
     {