Open Menu / tests / libmalloc_apple_array.c
Loading...
tests/libmalloc_apple_array.c xnu-12377.101.15 xnu-11215.61.5 
--- xnu/xnu-12377.101.15/tests/libmalloc_apple_array.c
+++ xnu/xnu-11215.61.5/tests/libmalloc_apple_array.c
@@ -179,8 +179,6 @@
 
 #define HARDENED_RUNTIME_KEY "HardenedRuntime="
 
-#define SECURITY_CONFIG_KEY "security_config="
-
 
 /*
  * Get the value of the key in the apple array.
@@ -208,15 +206,15 @@
 
 /* libmalloc relies on these values not changing. If they change,
  * you need to update the values in that project as well */
-__options_decl(hardened_browser_flags_t, uint32_t, {
+__options_decl(HR_flags_t, uint32_t, {
 	BrowserHostEntitlementMask       = 0x01,
 	BrowserGPUEntitlementMask        = 0x02,
 	BrowserNetworkEntitlementMask    = 0x04,
 	BrowserWebContentEntitlementMask = 0x08,
 });
 
-T_DECL(libmalloc_hardened_browser_present,
-    "platform restrictions binary flags show up in apple array",
+T_DECL(libmalloc_hardened_binary_present,
+    "hardened binary flags show up in apple array",
     T_META_ASROOT(false))
 {
 	uint64_t apple_array_val = 0;
@@ -230,7 +228,6 @@
 	found = get_apple_array_key(apple_array, num_array_entries, &apple_array_val, HARDENED_RUNTIME_KEY);
 	T_ASSERT_TRUE(found, "Found " HARDENED_RUNTIME_KEY " in apple array");
 	T_ASSERT_EQ(apple_array_val, mask_val, "Bitmask value matches");
-	free(apple_array);
 
 	/* These are the entitlements on the HR2 binary */
 	mask_val = BrowserGPUEntitlementMask | BrowserNetworkEntitlementMask;
@@ -241,45 +238,9 @@
 	free(apple_array);
 }
 
-#define SECURITY_CONFIG_HARDENED_HEAP_ENTRY        (0x01)
-#define SECURITY_CONFIG_TPRO_ENTRY                 (0x02)
-
-T_DECL(libmalloc_security_config_hardened_heap_entitlements,
-    "parse security_config values to verify security configs hardened_heap enablement/disablement",
-    T_META_ASROOT(false))
-{
-	uint64_t apple_array_val = 0;
-	size_t num_array_entries = 0;
-	char **apple_array;
-	bool found = false;
-
-	apple_array = get_apple_array(&num_array_entries, "tools/print_apple_array_hardened_proc");
-	found = get_apple_array_key(apple_array, num_array_entries, &apple_array_val, SECURITY_CONFIG_KEY);
-	T_ASSERT_TRUE(found, "Found " SECURITY_CONFIG_KEY " in apple array");
-
-	/* Let's start parsing the security config, to see what's enabled. */
-	T_EXPECT_FALSE(apple_array_val & SECURITY_CONFIG_HARDENED_HEAP_ENTRY, "Hardened-heap is disabled");
-	free(apple_array);
-
-	apple_array = get_apple_array(&num_array_entries, "tools/print_apple_array_hardened_heap");
-	found = get_apple_array_key(apple_array, num_array_entries, &apple_array_val, SECURITY_CONFIG_KEY);
-	T_ASSERT_TRUE(found, "Found " SECURITY_CONFIG_KEY " in apple array");
-
-	T_EXPECT_TRUE(apple_array_val & SECURITY_CONFIG_HARDENED_HEAP_ENTRY, "Hardened-heap is enabled");
-	free(apple_array);
-
-	/* Verify that the same config is mirrored with the com.apple.security namespace */
-	apple_array = get_apple_array(&num_array_entries, "tools/print_apple_array_hardened_heap_security");
-	found = get_apple_array_key(apple_array, num_array_entries, &apple_array_val, SECURITY_CONFIG_KEY);
-	T_ASSERT_TRUE(found, "Found " SECURITY_CONFIG_KEY " in apple array");
-
-	T_EXPECT_TRUE(apple_array_val & SECURITY_CONFIG_HARDENED_HEAP_ENTRY, "Hardened-heap is enabled");
-	free(apple_array);
-}
-
-
-T_DECL(libmalloc_hardened_browser_absent,
-    "platform restrictions binary flags do not show up in apple array for normal third party processes",
+
+T_DECL(libmalloc_hardened_binary_absent,
+    "hardened binary flags do not show up in apple array for normal third party processes",
     T_META_ASROOT(false))
 {
 	uint64_t new_val, apple_array_val = 0;