From 2634e8c8ff4e4f253723a34a696d8568109d3f10 Mon Sep 17 00:00:00 2001 From: Tristan Gingold Date: Fri, 16 Dec 2011 10:23:01 +0000 Subject: [PATCH] binutils/ 2011-12-16 Tristan Gingold * od-macho.c: Include mach-o/codesign.h (OPT_CODESIGN): Define. (options): Add an entry for codesign. (mach_o_help): Likewise. (dump_header): Fix indentation. (dump_thread): Do not test result of xmalloc. (bfd_mach_o_cs_magic, bfd_mach_o_cs_hash_type): New. (dump_code_signature_superblob): New function. (swap_code_codedirectory_v1_in): Likewise. (hexdump): Likewise. (dump_code_signature_codedirectory): Likewise. (dump_code_signature_blob, dump_code_signature): Likewise. (dump_load_command): Dump code signature. (mach_o_dump): Likewise. include/mach-o/ 2011-12-16 Tristan Gingold * codesign.h: New file. --- binutils/ChangeLog | 17 +++ binutils/od-macho.c | 233 ++++++++++++++++++++++++++++++++++++-- include/mach-o/ChangeLog | 4 + include/mach-o/codesign.h | 85 ++++++++++++++ 4 files changed, 332 insertions(+), 7 deletions(-) create mode 100644 include/mach-o/codesign.h diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 646dd83cd4..9c6b58f3b5 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,20 @@ +2011-12-16 Tristan Gingold + + * od-macho.c: Include mach-o/codesign.h + (OPT_CODESIGN): Define. + (options): Add an entry for codesign. + (mach_o_help): Likewise. + (dump_header): Fix indentation. + (dump_thread): Do not test result of xmalloc. + (bfd_mach_o_cs_magic, bfd_mach_o_cs_hash_type): New. + (dump_code_signature_superblob): New function. + (swap_code_codedirectory_v1_in): Likewise. + (hexdump): Likewise. + (dump_code_signature_codedirectory): Likewise. + (dump_code_signature_blob, dump_code_signature): Likewise. + (dump_load_command): Dump code signature. + (mach_o_dump): Likewise. + 2011-12-15 Andreas Tobler * readelf.c (get_symbol_type): Add ELFOSABI_FREEBSD to the diff --git a/binutils/od-macho.c b/binutils/od-macho.c index 7f8efadd6c..c5e315dad3 100644 --- a/binutils/od-macho.c +++ b/binutils/od-macho.c @@ -29,6 +29,7 @@ #include "bfdlink.h" #include "mach-o.h" #include "mach-o/external.h" +#include "mach-o/codesign.h" /* Index of the options in the options[] array. */ #define OPT_HEADER 0 @@ -36,6 +37,7 @@ #define OPT_MAP 2 #define OPT_LOAD 3 #define OPT_DYSYMTAB 4 +#define OPT_CODESIGN 5 /* List of actions. */ static struct objdump_private_option options[] = @@ -45,6 +47,7 @@ static struct objdump_private_option options[] = { "map", 0 }, { "load", 0 }, { "dysymtab", 0 }, + { "codesign", 0 }, { NULL, 0 } }; @@ -60,6 +63,7 @@ For Mach-O files:\n\ map Display the section map\n\ load Display the load commands\n\ dysymtab Display the dynamic symbol table\n\ + codesign Display code signature section\n\ ")); } @@ -253,11 +257,11 @@ dump_header (bfd *abfd) fputs (_("Mach-O header:\n"), stdout); printf (_(" magic : %08lx\n"), h->magic); printf (_(" cputype : %08lx (%s)\n"), h->cputype, - bfd_mach_o_get_name (bfd_mach_o_cpu_name, h->cputype)); + bfd_mach_o_get_name (bfd_mach_o_cpu_name, h->cputype)); printf (_(" cpusubtype: %08lx\n"), h->cpusubtype); printf (_(" filetype : %08lx (%s)\n"), - h->filetype, - bfd_mach_o_get_name (bfd_mach_o_filetype_name, h->filetype)); + h->filetype, + bfd_mach_o_get_name (bfd_mach_o_filetype_name, h->filetype)); printf (_(" ncmds : %08lx (%lu)\n"), h->ncmds, h->ncmds); printf (_(" sizeofcmds: %08lx\n"), h->sizeofcmds); printf (_(" flags : %08lx ("), h->flags); @@ -627,16 +631,226 @@ dump_thread (bfd *abfd, bfd_mach_o_load_command *cmd) { char *buf = xmalloc (flavour->size); - if (buf - && bfd_seek (abfd, flavour->offset, SEEK_SET) == 0 - && (bfd_bread (buf, flavour->size, abfd) - == flavour->size)) + if (bfd_seek (abfd, flavour->offset, SEEK_SET) == 0 + && bfd_bread (buf, flavour->size, abfd) == flavour->size) (*bed->_bfd_mach_o_print_thread)(abfd, flavour, stdout, buf); + free (buf); } } } +static const bfd_mach_o_xlat_name bfd_mach_o_cs_magic[] = +{ + { "embedded signature", BFD_MACH_O_CS_MAGIC_EMBEDDED_SIGNATURE }, + { "requirement", BFD_MACH_O_CS_MAGIC_REQUIREMENT }, + { "requirements", BFD_MACH_O_CS_MAGIC_REQUIREMENTS }, + { "code directory", BFD_MACH_O_CS_MAGIC_CODEDIRECTORY }, + { "embedded entitlements", BFD_MACH_O_CS_MAGIC_EMBEDDED_ENTITLEMENTS }, + { "blob wrapper", BFD_MACH_O_CS_MAGIC_BLOB_WRAPPER }, + { NULL, 0 } +}; + +static const bfd_mach_o_xlat_name bfd_mach_o_cs_hash_type[] = +{ + { "no-hash", BFD_MACH_O_CS_NO_HASH }, + { "sha1", BFD_MACH_O_CS_HASH_SHA1 }, + { "sha256", BFD_MACH_O_CS_HASH_SHA256 }, + { "skein 160", BFD_MACH_O_CS_HASH_PRESTANDARD_SKEIN_160x256 }, + { "skein 256", BFD_MACH_O_CS_HASH_PRESTANDARD_SKEIN_256x512 }, + { NULL, 0 } +}; + +static unsigned int +dump_code_signature_blob (bfd *abfd, const unsigned char *buf, unsigned int len); + +static void +dump_code_signature_superblob (bfd *abfd ATTRIBUTE_UNUSED, + const unsigned char *buf, unsigned int len) +{ + unsigned int count; + unsigned int i; + + if (len < 12) + { + printf (_(" [bad block length]\n")); + return; + } + count = bfd_getb32 (buf + 8); + printf (_(" %u index entries:\n"), count); + if (len < 12 + 8 * count) + { + printf (_(" [bad block length]\n")); + return; + } + for (i = 0; i < count; i++) + { + unsigned int type; + unsigned int off; + + type = bfd_getb32 (buf + 12 + 8 * i); + off = bfd_getb32 (buf + 12 + 8 * i + 4); + printf (_(" index entry %u: type: %08x, offset: %08x\n"), + i, type, off); + + dump_code_signature_blob (abfd, buf + off, len - off); + } +} + +static void +swap_code_codedirectory_v1_in + (const struct mach_o_codesign_codedirectory_external_v1 *src, + struct mach_o_codesign_codedirectory_v1 *dst) +{ + dst->version = bfd_getb32 (src->version); + dst->flags = bfd_getb32 (src->flags); + dst->hash_offset = bfd_getb32 (src->hash_offset); + dst->ident_offset = bfd_getb32 (src->ident_offset); + dst->nbr_special_slots = bfd_getb32 (src->nbr_special_slots); + dst->nbr_code_slots = bfd_getb32 (src->nbr_code_slots); + dst->code_limit = bfd_getb32 (src->code_limit); + dst->hash_size = src->hash_size[0]; + dst->hash_type = src->hash_type[0]; + dst->spare1 = src->spare1[0]; + dst->page_size = src->page_size[0]; + dst->spare2 = bfd_getb32 (src->spare2); +} + +static void +hexdump (unsigned int start, unsigned int len, + const unsigned char *buf) +{ + unsigned int i, j; + + for (i = 0; i < len; i += 16) + { + printf ("%08x:", start + i); + for (j = 0; j < 16; j++) + { + fputc (j == 8 ? '-' : ' ', stdout); + if (i + j < len) + printf ("%02x", buf[i + j]); + else + fputs (" ", stdout); + } + fputc (' ', stdout); + for (j = 0; j < 16; j++) + { + if (i + j < len) + fputc (ISPRINT (buf[i + j]) ? buf[i + j] : '.', stdout); + else + fputc (' ', stdout); + } + fputc ('\n', stdout); + } +} + +static void +dump_code_signature_codedirectory (bfd *abfd ATTRIBUTE_UNUSED, + const unsigned char *buf, unsigned int len) +{ + struct mach_o_codesign_codedirectory_v1 cd; + const char *id; + + if (len < sizeof (struct mach_o_codesign_codedirectory_external_v1)) + { + printf (_(" [bad block length]\n")); + return; + } + + swap_code_codedirectory_v1_in + ((const struct mach_o_codesign_codedirectory_external_v1 *) (buf + 8), &cd); + + printf (_(" version: %08x\n"), cd.version); + printf (_(" flags: %08x\n"), cd.flags); + printf (_(" hash offset: %08x\n"), cd.hash_offset); + id = (const char *) buf + cd.ident_offset; + printf (_(" ident offset: %08x (- %08x)\n"), + cd.ident_offset, cd.ident_offset + (unsigned) strlen (id) + 1); + printf (_(" identity: %s\n"), id); + printf (_(" nbr special slots: %08x (at offset %08x)\n"), + cd.nbr_special_slots, + cd.hash_offset - cd.nbr_special_slots * cd.hash_size); + printf (_(" nbr code slots: %08x\n"), cd.nbr_code_slots); + printf (_(" code limit: %08x\n"), cd.code_limit); + printf (_(" hash size: %02x\n"), cd.hash_size); + printf (_(" hash type: %02x (%s)\n"), + cd.hash_type, + bfd_mach_o_get_name (bfd_mach_o_cs_hash_type, cd.hash_type)); + printf (_(" spare1: %02x\n"), cd.spare1); + printf (_(" page size: %02x\n"), cd.page_size); + printf (_(" spare2: %08x\n"), cd.spare2); + if (cd.version >= 0x20100) + printf (_(" scatter offset: %08x\n"), + (unsigned) bfd_getb32 (buf + 44)); +} + +static unsigned int +dump_code_signature_blob (bfd *abfd, const unsigned char *buf, unsigned int len) +{ + unsigned int magic; + unsigned int length; + + if (len < 8) + { + printf (_(" [truncated block]\n")); + return 0; + } + magic = bfd_getb32 (buf); + length = bfd_getb32 (buf + 4); + if (magic == 0 || length == 0) + return 0; + + printf (_(" magic : %08x (%s)\n"), magic, + bfd_mach_o_get_name (bfd_mach_o_cs_magic, magic)); + printf (_(" length: %08x\n"), length); + if (length > len) + { + printf (_(" [bad block length]\n")); + return 0; + } + + switch (magic) + { + case BFD_MACH_O_CS_MAGIC_EMBEDDED_SIGNATURE: + dump_code_signature_superblob (abfd, buf, length); + break; + case BFD_MACH_O_CS_MAGIC_CODEDIRECTORY: + dump_code_signature_codedirectory (abfd, buf, length); + break; + default: + hexdump (0, length - 8, buf + 8); + break; + } + return length; +} + +static void +dump_code_signature (bfd *abfd, bfd_mach_o_linkedit_command *cmd) +{ + unsigned char *buf = xmalloc (cmd->datasize); + unsigned int off; + + if (bfd_seek (abfd, cmd->dataoff, SEEK_SET) != 0 + || bfd_bread (buf, cmd->datasize, abfd) != cmd->datasize) + { + non_fatal (_("cannot read code signature data")); + free (buf); + return; + } + for (off = 0; off < cmd->datasize;) + { + unsigned int len; + + len = dump_code_signature_blob (abfd, buf + off, cmd->datasize - off); + + if (len == 0) + break; + off += len; + } + free (buf); +} + static void dump_load_command (bfd *abfd, bfd_mach_o_load_command *cmd, bfd_boolean verbose) @@ -716,6 +930,9 @@ dump_load_command (bfd *abfd, bfd_mach_o_load_command *cmd, " dataoff: 0x%08lx datasize: 0x%08lx (endoff: 0x%08lx)\n", linkedit->dataoff, linkedit->datasize, linkedit->dataoff + linkedit->datasize); + + if (verbose && cmd->type == BFD_MACH_O_LC_CODE_SIGNATURE) + dump_code_signature (abfd, linkedit); break; } case BFD_MACH_O_LC_SUB_FRAMEWORK: @@ -785,6 +1002,8 @@ mach_o_dump (bfd *abfd) dump_load_commands (abfd, 0, 0); if (options[OPT_DYSYMTAB].selected) dump_load_commands (abfd, BFD_MACH_O_LC_DYSYMTAB, 0); + if (options[OPT_CODESIGN].selected) + dump_load_commands (abfd, BFD_MACH_O_LC_CODE_SIGNATURE, 0); } /* Vector for Mach-O. */ diff --git a/include/mach-o/ChangeLog b/include/mach-o/ChangeLog index 2276d01459..9e5150582c 100644 --- a/include/mach-o/ChangeLog +++ b/include/mach-o/ChangeLog @@ -1,3 +1,7 @@ +2011-12-16 Tristan Gingold + + * codesign.h: New file. + 2011-08-08 Tristan Gingold * loader.h (bfd_mach_o_load_command_type): Add diff --git a/include/mach-o/codesign.h b/include/mach-o/codesign.h new file mode 100644 index 0000000000..ee2f792acc --- /dev/null +++ b/include/mach-o/codesign.h @@ -0,0 +1,85 @@ +/* Mach-O support for BFD. + Copyright 2011 + Free Software Foundation, Inc. + + This file is part of BFD, the Binary File Descriptor library. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, + MA 02110-1301, USA. */ + +#ifndef _MACH_O_CODESIGN_H +#define _MACH_O_CODESIGN_H + +/* Codesign blob magics. */ + +/* Superblob containing all the components. */ +#define BFD_MACH_O_CS_MAGIC_EMBEDDED_SIGNATURE 0xfade0cc0 + +/* Individual code requirement. */ +#define BFD_MACH_O_CS_MAGIC_REQUIREMENT 0xfade0c00 + +/* Collection of code requirements, indexed by type. */ +#define BFD_MACH_O_CS_MAGIC_REQUIREMENTS 0xfade0c01 + +/* Directory. */ +#define BFD_MACH_O_CS_MAGIC_CODEDIRECTORY 0xfade0c02 + +/* Entitlements blob. */ +#define BFD_MACH_O_CS_MAGIC_EMBEDDED_ENTITLEMENTS 0xfade7171 + +/* Blob container. */ +#define BFD_MACH_O_CS_MAGIC_BLOB_WRAPPER 0xfade0b01 + +struct mach_o_codesign_codedirectory_external_v1 +{ + /* All the fields are in network byte order (big endian). */ + unsigned char version[4]; + unsigned char flags[4]; + unsigned char hash_offset[4]; + unsigned char ident_offset[4]; + unsigned char nbr_special_slots[4]; + unsigned char nbr_code_slots[4]; + unsigned char code_limit[4]; + unsigned char hash_size[1]; + unsigned char hash_type[1]; + unsigned char spare1[1]; + unsigned char page_size[1]; + unsigned char spare2[4]; +}; + +struct mach_o_codesign_codedirectory_v1 +{ + unsigned int version; + unsigned int flags; + unsigned int hash_offset; + unsigned int ident_offset; + unsigned int nbr_special_slots; + unsigned int nbr_code_slots; + unsigned int code_limit; + unsigned char hash_size; + unsigned char hash_type; + unsigned char spare1; + unsigned char page_size; + unsigned int spare2; +}; + +/* Value for hash_type. */ +#define BFD_MACH_O_CS_NO_HASH 0 +#define BFD_MACH_O_CS_HASH_SHA1 1 +#define BFD_MACH_O_CS_HASH_SHA256 2 +#define BFD_MACH_O_CS_HASH_PRESTANDARD_SKEIN_160x256 32 /* Skein, 160 bits */ +#define BFD_MACH_O_CS_HASH_PRESTANDARD_SKEIN_256x512 33 /* Skein, 256 bits */ + +#endif /* _MACH_O_CODESIGN_H */ -- 2.34.1