Checking identity and team ID of process' code signature in a kext

In order to add more security to certain functionality in a kext, given a proc_t*, I would like to verify certain aspects of the code signature on a process, such as identity or Team ID. Unfortunately, the csproc_* and csblob_* functions declared in bsd/sys/codesign.h, which seem to exist for exactly that purpose, are private. Is there an Apple-supported way to check code signature information on processes for certain criteria from within a kext?

Up vote post of droe Down vote post of droe
753 views
Posted by
droe
Reply
Add a Comment

Replies

Is there an Apple-supported way to check code signature information on processes for certain criteria from within a kext?

No. The only supported mechanisms for checking code signatures are in user space.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment