Verify identity of process attaching to cdev

Open droe opened this issue 7 years ago • 2 comments

The kext should verify the identity of the userspace process attaching to /dev/xnumon based on its code signature and refuse attaching if the code is unsigned or signed by the wrong team.

Sep 20 '18 07:09 droe

This seems not to be easily possible with the current cdev interface and using supported KPIs only, because the KPIs in bsd/sys/codesign.h are private.

Sep 20 '18 23:09 droe

Reference: https://forums.developer.apple.com/thread/108803

Sep 21 '18 20:09 droe