1 /*
2 * Copyright (c) 1998-2021 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <IOKit/IOBSD.h>
29 #include <IOKit/IOLib.h>
30 #include <IOKit/IOService.h>
31 #include <IOKit/IOCatalogue.h>
32 #include <IOKit/IODeviceTreeSupport.h>
33 #include <IOKit/IOKitKeys.h>
34 #include <IOKit/IONVRAM.h>
35 #include <IOKit/IOPlatformExpert.h>
36 #include <IOKit/IOUserClient.h>
37 #include <libkern/c++/OSAllocation.h>
38
39 extern "C" {
40 #include <libkern/amfi/amfi.h>
41 #include <sys/codesign.h>
42 #include <sys/code_signing.h>
43 #include <vm/pmap.h>
44 #include <vm/vm_map.h>
45 #include <pexpert/pexpert.h>
46 #include <kern/clock.h>
47 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
48 #include <kern/debug.h>
49 #endif
50 #include <mach/machine.h>
51 #include <uuid/uuid.h>
52 #include <sys/vnode_internal.h>
53 #include <sys/mount.h>
54 #include <corecrypto/ccsha2.h>
55 #include <kdp/sk_core.h>
56
57 // how long to wait for matching root device, secs
58 #if DEBUG
59 #define ROOTDEVICETIMEOUT 120
60 #else
61 #define ROOTDEVICETIMEOUT 60
62 #endif
63
64 extern dev_t mdevadd(int devid, uint64_t base, unsigned int size, int phys);
65 extern dev_t mdevlookup(int devid);
66 extern void mdevremoveall(void);
67 extern int mdevgetrange(int devid, uint64_t *base, uint64_t *size);
68 extern void di_root_ramfile(IORegistryEntry * entry);
69 extern int IODTGetDefault(const char *key, void *infoAddr, unsigned int infoSize);
70 extern boolean_t cpuid_vmm_present(void);
71
72 #define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1)))
73
74 #define IOPOLLED_COREFILE (CONFIG_KDP_INTERACTIVE_DEBUGGING)
75
76 #if defined(XNU_TARGET_OS_BRIDGE)
77 #define kIOCoreDumpPath "/private/var/internal/kernelcore"
78 #elif defined(XNU_TARGET_OS_OSX)
79 #define kIOCoreDumpPath "/System/Volumes/VM/kernelcore"
80 #else
81 #define kIOCoreDumpPath "/private/var/vm/kernelcore"
82 #endif
83
84 #define SYSTEM_NVRAM_PREFIX "40A0DDD2-77F8-4392-B4A3-1E7304206516:"
85
86 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
87 /*
88 * Touched by IOFindBSDRoot() if a RAMDisk is used for the root device.
89 */
90 extern uint64_t kdp_core_ramdisk_addr;
91 extern uint64_t kdp_core_ramdisk_size;
92
93 /*
94 * A callback to indicate that the polled-mode corefile is now available.
95 */
96 extern kern_return_t kdp_core_polled_io_polled_file_available(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context);
97
98 /*
99 * A callback to indicate that the polled-mode corefile is no longer available.
100 */
101 extern kern_return_t kdp_core_polled_io_polled_file_unavailable(void);
102 #endif
103
104 #if IOPOLLED_COREFILE
105 static void IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename);
106
107 thread_call_t corefile_open_call = NULL;
108 #endif
109
110 kern_return_t
IOKitBSDInit(void)111 IOKitBSDInit( void )
112 {
113 IOService::publishResource("IOBSD");
114
115 #if IOPOLLED_COREFILE
116 corefile_open_call = thread_call_allocate_with_options(IOOpenPolledCoreFile, NULL, THREAD_CALL_PRIORITY_KERNEL, THREAD_CALL_OPTIONS_ONCE);
117 #endif
118
119 return kIOReturnSuccess;
120 }
121
122 void
IOServicePublishResource(const char * property,boolean_t value)123 IOServicePublishResource( const char * property, boolean_t value )
124 {
125 if (value) {
126 IOService::publishResource( property, kOSBooleanTrue );
127 } else {
128 IOService::getResourceService()->removeProperty( property );
129 }
130 }
131
132 boolean_t
IOServiceWaitForMatchingResource(const char * property,uint64_t timeout)133 IOServiceWaitForMatchingResource( const char * property, uint64_t timeout )
134 {
135 OSDictionary * dict = NULL;
136 IOService * match = NULL;
137 boolean_t found = false;
138
139 do {
140 dict = IOService::resourceMatching( property );
141 if (!dict) {
142 continue;
143 }
144 match = IOService::waitForMatchingService( dict, timeout );
145 if (match) {
146 found = true;
147 }
148 } while (false);
149
150 if (dict) {
151 dict->release();
152 }
153 if (match) {
154 match->release();
155 }
156
157 return found;
158 }
159
160 boolean_t
IOCatalogueMatchingDriversPresent(const char * property)161 IOCatalogueMatchingDriversPresent( const char * property )
162 {
163 OSDictionary * dict = NULL;
164 OSOrderedSet * set = NULL;
165 SInt32 generationCount = 0;
166 boolean_t found = false;
167
168 do {
169 dict = OSDictionary::withCapacity(1);
170 if (!dict) {
171 continue;
172 }
173 dict->setObject( property, kOSBooleanTrue );
174 set = gIOCatalogue->findDrivers( dict, &generationCount );
175 if (set && (set->getCount() > 0)) {
176 found = true;
177 }
178 } while (false);
179
180 if (dict) {
181 dict->release();
182 }
183 if (set) {
184 set->release();
185 }
186
187 return found;
188 }
189
190 OSDictionary *
IOBSDNameMatching(const char * name)191 IOBSDNameMatching( const char * name )
192 {
193 OSDictionary * dict;
194 const OSSymbol * str = NULL;
195
196 do {
197 dict = IOService::serviceMatching( gIOServiceKey );
198 if (!dict) {
199 continue;
200 }
201 str = OSSymbol::withCString( name );
202 if (!str) {
203 continue;
204 }
205 dict->setObject( kIOBSDNameKey, (OSObject *) str );
206 str->release();
207
208 return dict;
209 } while (false);
210
211 if (dict) {
212 dict->release();
213 }
214 if (str) {
215 str->release();
216 }
217
218 return NULL;
219 }
220
221 OSDictionary *
IOUUIDMatching(void)222 IOUUIDMatching( void )
223 {
224 OSObject * obj;
225 OSDictionary * result;
226
227 obj = OSUnserialize(
228 "{"
229 "'IOProviderClass' = 'IOResources';"
230 "'IOResourceMatch' = ('IOBSD', 'boot-uuid-media');"
231 "}",
232 NULL);
233 result = OSDynamicCast(OSDictionary, obj);
234 assert(result);
235
236 return result;
237 }
238
239 OSDictionary *
IONetworkNamePrefixMatching(const char * prefix)240 IONetworkNamePrefixMatching( const char * prefix )
241 {
242 OSDictionary * matching;
243 OSDictionary * propDict = NULL;
244 const OSSymbol * str = NULL;
245 char networkType[128];
246
247 do {
248 matching = IOService::serviceMatching( "IONetworkInterface" );
249 if (matching == NULL) {
250 continue;
251 }
252
253 propDict = OSDictionary::withCapacity(1);
254 if (propDict == NULL) {
255 continue;
256 }
257
258 str = OSSymbol::withCString( prefix );
259 if (str == NULL) {
260 continue;
261 }
262
263 propDict->setObject( "IOInterfaceNamePrefix", (OSObject *) str );
264 str->release();
265 str = NULL;
266
267 // see if we're contrained to netroot off of specific network type
268 if (PE_parse_boot_argn( "network-type", networkType, 128 )) {
269 str = OSSymbol::withCString( networkType );
270 if (str) {
271 propDict->setObject( "IONetworkRootType", str);
272 str->release();
273 str = NULL;
274 }
275 }
276
277 if (matching->setObject( gIOPropertyMatchKey,
278 (OSObject *) propDict ) != true) {
279 continue;
280 }
281
282 propDict->release();
283 propDict = NULL;
284
285 return matching;
286 } while (false);
287
288 if (matching) {
289 matching->release();
290 }
291 if (propDict) {
292 propDict->release();
293 }
294 if (str) {
295 str->release();
296 }
297
298 return NULL;
299 }
300
301 static bool
IORegisterNetworkInterface(IOService * netif)302 IORegisterNetworkInterface( IOService * netif )
303 {
304 // A network interface is typically named and registered
305 // with BSD after receiving a request from a user space
306 // "namer". However, for cases when the system needs to
307 // root from the network, this registration task must be
308 // done inside the kernel and completed before the root
309 // device is handed to BSD.
310
311 IOService * stack;
312 OSNumber * zero = NULL;
313 OSString * path = NULL;
314 OSDictionary * dict = NULL;
315 OSDataAllocation<char> pathBuf;
316 int len;
317 enum { kMaxPathLen = 512 };
318
319 do {
320 stack = IOService::waitForService(
321 IOService::serviceMatching("IONetworkStack"));
322 if (stack == NULL) {
323 break;
324 }
325
326 dict = OSDictionary::withCapacity(3);
327 if (dict == NULL) {
328 break;
329 }
330
331 zero = OSNumber::withNumber((UInt64) 0, 32);
332 if (zero == NULL) {
333 break;
334 }
335
336 pathBuf = OSDataAllocation<char>( kMaxPathLen, OSAllocateMemory );
337 if (!pathBuf) {
338 break;
339 }
340
341 len = kMaxPathLen;
342 if (netif->getPath( pathBuf.data(), &len, gIOServicePlane )
343 == false) {
344 break;
345 }
346
347 path = OSString::withCStringNoCopy(pathBuf.data());
348 if (path == NULL) {
349 break;
350 }
351
352 dict->setObject( "IOInterfaceUnit", zero );
353 dict->setObject( kIOPathMatchKey, path );
354
355 stack->setProperties( dict );
356 }while (false);
357
358 if (zero) {
359 zero->release();
360 }
361 if (path) {
362 path->release();
363 }
364 if (dict) {
365 dict->release();
366 }
367
368 return netif->getProperty( kIOBSDNameKey ) != NULL;
369 }
370
371 OSDictionary *
IOOFPathMatching(const char * path,char * buf,int maxLen)372 IOOFPathMatching( const char * path, char * buf, int maxLen )
373 {
374 OSDictionary * matching = NULL;
375 OSString * str;
376 char * comp;
377 int len;
378
379 do {
380 len = ((int) strlen( kIODeviceTreePlane ":" ));
381 maxLen -= len;
382 if (maxLen <= 0) {
383 continue;
384 }
385
386 strlcpy( buf, kIODeviceTreePlane ":", len + 1 );
387 comp = buf + len;
388
389 len = ((int) strnlen( path, INT_MAX ));
390 maxLen -= len;
391 if (maxLen <= 0) {
392 continue;
393 }
394 strlcpy( comp, path, len + 1 );
395
396 matching = OSDictionary::withCapacity( 1 );
397 if (!matching) {
398 continue;
399 }
400
401 str = OSString::withCString( buf );
402 if (!str) {
403 continue;
404 }
405 matching->setObject( kIOPathMatchKey, str );
406 str->release();
407
408 return matching;
409 } while (false);
410
411 if (matching) {
412 matching->release();
413 }
414
415 return NULL;
416 }
417
418 static int didRam = 0;
419 enum { kMaxPathBuf = 512, kMaxBootVar = 128 };
420
421 bool
IOGetBootUUID(char * uuid)422 IOGetBootUUID(char *uuid)
423 {
424 IORegistryEntry *entry;
425 OSData *uuid_data = NULL;
426 bool result = false;
427
428 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
429 uuid_data = (OSData *)entry->getProperty("boot-uuid");
430 if (uuid_data) {
431 unsigned int length = uuid_data->getLength();
432 if (length <= sizeof(uuid_string_t)) {
433 /* ensure caller's buffer is fully initialized: */
434 bzero(uuid, sizeof(uuid_string_t));
435 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
436 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
437 /* guarantee nul-termination: */
438 uuid[sizeof(uuid_string_t) - 1] = '\0';
439 result = true;
440 } else {
441 uuid = NULL;
442 }
443 }
444 OSSafeReleaseNULL(entry);
445 }
446 return result;
447 }
448
449 bool
IOGetApfsPrebootUUID(char * uuid)450 IOGetApfsPrebootUUID(char *uuid)
451 {
452 IORegistryEntry *entry;
453 OSData *uuid_data = NULL;
454 bool result = false;
455
456 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
457 uuid_data = (OSData *)entry->getProperty("apfs-preboot-uuid");
458
459 if (uuid_data) {
460 unsigned int length = uuid_data->getLength();
461 if (length <= sizeof(uuid_string_t)) {
462 /* ensure caller's buffer is fully initialized: */
463 bzero(uuid, sizeof(uuid_string_t));
464 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
465 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
466 /* guarantee nul-termination: */
467 uuid[sizeof(uuid_string_t) - 1] = '\0';
468 result = true;
469 } else {
470 uuid = NULL;
471 }
472 }
473 OSSafeReleaseNULL(entry);
474 }
475 return result;
476 }
477
478 bool
IOGetAssociatedApfsVolgroupUUID(char * uuid)479 IOGetAssociatedApfsVolgroupUUID(char *uuid)
480 {
481 IORegistryEntry *entry;
482 OSData *uuid_data = NULL;
483 bool result = false;
484
485 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
486 uuid_data = (OSData *)entry->getProperty("associated-volume-group");
487
488 if (uuid_data) {
489 unsigned int length = uuid_data->getLength();
490
491 if (length <= sizeof(uuid_string_t)) {
492 /* ensure caller's buffer is fully initialized: */
493 bzero(uuid, sizeof(uuid_string_t));
494 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
495 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
496 /* guarantee nul-termination: */
497 uuid[sizeof(uuid_string_t) - 1] = '\0';
498 result = true;
499 } else {
500 uuid = NULL;
501 }
502 }
503 OSSafeReleaseNULL(entry);
504 }
505 return result;
506 }
507
508 bool
IOGetBootObjectsPath(char * path_prefix)509 IOGetBootObjectsPath(char *path_prefix)
510 {
511 IORegistryEntry *entry;
512 OSData *path_prefix_data = NULL;
513 bool result = false;
514
515 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
516 path_prefix_data = (OSData *)entry->getProperty("boot-objects-path");
517
518 if (path_prefix_data) {
519 unsigned int length = path_prefix_data->getLength();
520
521 if (length <= MAXPATHLEN) {
522 /* ensure caller's buffer is fully initialized: */
523 bzero(path_prefix, MAXPATHLEN);
524 /* copy the content of path_prefix_data->getBytesNoCopy() into path_prefix */
525 memcpy(path_prefix, path_prefix_data->getBytesNoCopy(), length);
526 /* guarantee nul-termination: */
527 path_prefix[MAXPATHLEN - 1] = '\0';
528 result = true;
529 } else {
530 path_prefix = NULL;
531 }
532 }
533 OSSafeReleaseNULL(entry);
534 }
535 return result;
536 }
537
538
539 bool
IOGetBootManifestHash(char * hash_data,size_t * hash_data_size)540 IOGetBootManifestHash(char *hash_data, size_t *hash_data_size)
541 {
542 IORegistryEntry *entry = NULL;
543 OSData *manifest_hash_data = NULL;
544 bool result = false;
545
546 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
547 manifest_hash_data = (OSData *)entry->getProperty("boot-manifest-hash");
548 if (manifest_hash_data) {
549 unsigned int length = manifest_hash_data->getLength();
550 /* hashed with SHA2-384 or SHA1, the boot manifest hash should be 48 Bytes or less */
551 if ((length <= CCSHA384_OUTPUT_SIZE) && (*hash_data_size >= CCSHA384_OUTPUT_SIZE)) {
552 /* ensure caller's buffer is fully initialized: */
553 bzero(hash_data, CCSHA384_OUTPUT_SIZE);
554 /* copy the content of manifest_hash_data->getBytesNoCopy() into hash_data */
555 memcpy(hash_data, manifest_hash_data->getBytesNoCopy(), length);
556 *hash_data_size = length;
557 result = true;
558 } else {
559 hash_data = NULL;
560 *hash_data_size = 0;
561 }
562 }
563 OSSafeReleaseNULL(entry);
564 }
565
566 return result;
567 }
568
569 /*
570 * Set NVRAM to boot into the right flavor of Recovery,
571 * optionally passing a UUID of a volume that failed to boot.
572 * If `reboot` is true, reboot immediately.
573 *
574 * Returns true if `mode` was understood, false otherwise.
575 * (Does not return if `reboot` is true.)
576 */
577 boolean_t
IOSetRecoveryBoot(bsd_bootfail_mode_t mode,uuid_t volume_uuid,boolean_t reboot)578 IOSetRecoveryBoot(bsd_bootfail_mode_t mode, uuid_t volume_uuid, boolean_t reboot)
579 {
580 IODTNVRAM *nvram = NULL;
581 const OSSymbol *boot_command_sym = NULL;
582 OSString *boot_command_recover = NULL;
583
584 if (mode == BSD_BOOTFAIL_SEAL_BROKEN) {
585 const char *boot_mode = "ssv-seal-broken";
586 uuid_string_t volume_uuid_str;
587
588 // Set `recovery-broken-seal-uuid = <volume_uuid>`.
589 if (volume_uuid) {
590 uuid_unparse_upper(volume_uuid, volume_uuid_str);
591
592 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-broken-seal-uuid",
593 volume_uuid_str, sizeof(uuid_string_t))) {
594 IOLog("Failed to write recovery-broken-seal-uuid to NVRAM.\n");
595 }
596 }
597
598 // Set `recovery-boot-mode = ssv-seal-broken`.
599 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-boot-mode", boot_mode,
600 (const unsigned int) strlen(boot_mode))) {
601 IOLog("Failed to write recovery-boot-mode to NVRAM.\n");
602 }
603 } else if (mode == BSD_BOOTFAIL_MEDIA_MISSING) {
604 const char *boot_picker_reason = "missing-boot-media";
605
606 // Set `boot-picker-bringup-reason = missing-boot-media`.
607 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "boot-picker-bringup-reason",
608 boot_picker_reason, (const unsigned int) strlen(boot_picker_reason))) {
609 IOLog("Failed to write boot-picker-bringup-reason to NVRAM.\n");
610 }
611
612 // Set `boot-command = recover-system`.
613
614 // Construct an OSSymbol and an OSString to be the (key, value) pair
615 // we write to NVRAM. Unfortunately, since our value must be an OSString
616 // instead of an OSData, we cannot use PEWriteNVRAMProperty() here.
617 boot_command_sym = OSSymbol::withCStringNoCopy(SYSTEM_NVRAM_PREFIX "boot-command");
618 boot_command_recover = OSString::withCStringNoCopy("recover-system");
619 if (boot_command_sym == NULL || boot_command_recover == NULL) {
620 IOLog("Failed to create boot-command strings.\n");
621 goto do_reboot;
622 }
623
624 // Wait for NVRAM to be readable...
625 nvram = OSDynamicCast(IODTNVRAM, IOService::waitForService(
626 IOService::serviceMatching("IODTNVRAM")));
627 if (nvram == NULL) {
628 IOLog("Failed to acquire IODTNVRAM object.\n");
629 goto do_reboot;
630 }
631
632 // Wait for NVRAM to be writable...
633 if (!IOServiceWaitForMatchingResource("IONVRAM", UINT64_MAX)) {
634 IOLog("Failed to wait for IONVRAM service.\n");
635 // attempt the work anyway...
636 }
637
638 // Write the new boot-command to NVRAM, and sync if successful.
639 if (!nvram->setProperty(boot_command_sym, boot_command_recover)) {
640 IOLog("Failed to save new boot-command to NVRAM.\n");
641 } else {
642 nvram->sync();
643 }
644 } else {
645 IOLog("Unknown mode: %d\n", mode);
646 return false;
647 }
648
649 // Clean up and reboot!
650 do_reboot:
651 if (boot_command_recover != NULL) {
652 boot_command_recover->release();
653 }
654
655 if (boot_command_sym != NULL) {
656 boot_command_sym->release();
657 }
658
659 if (reboot) {
660 IOLog("\nAbout to reboot into Recovery!\n");
661 (void)PEHaltRestart(kPEPanicRestartCPUNoCallouts);
662 }
663
664 return true;
665 }
666
667 kern_return_t
IOFindBSDRoot(char * rootName,unsigned int rootNameSize,dev_t * root,u_int32_t * oflags)668 IOFindBSDRoot( char * rootName, unsigned int rootNameSize,
669 dev_t * root, u_int32_t * oflags )
670 {
671 mach_timespec_t t;
672 IOService * service;
673 IORegistryEntry * regEntry;
674 OSDictionary * matching = NULL;
675 OSString * iostr;
676 OSNumber * off;
677 OSData * data = NULL;
678
679 UInt32 flags = 0;
680 int mnr, mjr;
681 const char * mediaProperty = NULL;
682 char * rdBootVar;
683 OSDataAllocation<char> str;
684 const char * look = NULL;
685 int len;
686 bool debugInfoPrintedOnce = false;
687 bool needNetworkKexts = false;
688 const char * uuidStr = NULL;
689
690 static int mountAttempts = 0;
691
692 int xchar, dchar;
693
694 // stall here for anyone matching on the IOBSD resource to finish (filesystems)
695 matching = IOService::serviceMatching(gIOResourcesKey);
696 assert(matching);
697 matching->setObject(gIOResourceMatchedKey, gIOBSDKey);
698
699 if ((service = IOService::waitForMatchingService(matching, 30ULL * kSecondScale))) {
700 OSSafeReleaseNULL(service);
701 } else {
702 IOLog("!BSD\n");
703 }
704 matching->release();
705 matching = NULL;
706
707 if (mountAttempts++) {
708 IOLog("mount(%d) failed\n", mountAttempts);
709 IOSleep( 5 * 1000 );
710 }
711
712 str = OSDataAllocation<char>( kMaxPathBuf + kMaxBootVar, OSAllocateMemory );
713 if (!str) {
714 return kIOReturnNoMemory;
715 }
716 rdBootVar = str.data() + kMaxPathBuf;
717
718 if (!PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
719 && !PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
720 rdBootVar[0] = 0;
721 }
722
723 if ((regEntry = IORegistryEntry::fromPath( "/chosen", gIODTPlane ))) {
724 do {
725 di_root_ramfile(regEntry);
726 OSObject* unserializedContainer = NULL;
727 data = OSDynamicCast(OSData, regEntry->getProperty( "root-matching" ));
728 if (data) {
729 unserializedContainer = OSUnserializeXML((char *)data->getBytesNoCopy());
730 matching = OSDynamicCast(OSDictionary, unserializedContainer);
731 if (matching) {
732 continue;
733 }
734 }
735 OSSafeReleaseNULL(unserializedContainer);
736
737 data = (OSData *) regEntry->getProperty( "boot-uuid" );
738 if (data) {
739 uuidStr = (const char*)data->getBytesNoCopy();
740 OSString *uuidString = OSString::withCString( uuidStr );
741
742 // match the boot-args boot-uuid processing below
743 if (uuidString) {
744 IOLog("rooting via boot-uuid from /chosen: %s\n", uuidStr);
745 IOService::publishResource( "boot-uuid", uuidString );
746 uuidString->release();
747 matching = IOUUIDMatching();
748 mediaProperty = "boot-uuid-media";
749 continue;
750 } else {
751 uuidStr = NULL;
752 }
753 }
754 } while (false);
755 OSSafeReleaseNULL(regEntry);
756 }
757
758 //
759 // See if we have a RAMDisk property in /chosen/memory-map. If so, make it into a device.
760 // It will become /dev/mdx, where x is 0-f.
761 //
762
763 if (!didRam) { /* Have we already build this ram disk? */
764 didRam = 1; /* Remember we did this */
765 if ((regEntry = IORegistryEntry::fromPath( "/chosen/memory-map", gIODTPlane ))) { /* Find the map node */
766 data = (OSData *)regEntry->getProperty("RAMDisk"); /* Find the ram disk, if there */
767 if (data) { /* We found one */
768 uintptr_t *ramdParms;
769 ramdParms = (uintptr_t *)data->getBytesNoCopy(); /* Point to the ram disk base and size */
770 #if __LP64__
771 #define MAX_PHYS_RAM (((uint64_t)UINT_MAX) << 12)
772 if (ramdParms[1] > MAX_PHYS_RAM) {
773 panic("ramdisk params");
774 }
775 #endif /* __LP64__ */
776 (void)mdevadd(-1, ml_static_ptovirt(ramdParms[0]) >> 12, (unsigned int) (ramdParms[1] >> 12), 0); /* Initialize it and pass back the device number */
777 }
778 regEntry->release(); /* Toss the entry */
779 }
780 }
781
782 //
783 // Now check if we are trying to root on a memory device
784 //
785
786 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
787 dchar = xchar = rdBootVar[2]; /* Get the actual device */
788 if ((xchar >= '0') && (xchar <= '9')) {
789 xchar = xchar - '0'; /* If digit, convert */
790 } else {
791 xchar = xchar & ~' '; /* Fold to upper case */
792 if ((xchar >= 'A') && (xchar <= 'F')) { /* Is this a valid digit? */
793 xchar = (xchar & 0xF) + 9; /* Convert the hex digit */
794 dchar = dchar | ' '; /* Fold to lower case */
795 } else {
796 xchar = -1; /* Show bogus */
797 }
798 }
799 if (xchar >= 0) { /* Do we have a valid memory device name? */
800 OSSafeReleaseNULL(matching);
801 *root = mdevlookup(xchar); /* Find the device number */
802 if (*root >= 0) { /* Did we find one? */
803 rootName[0] = 'm'; /* Build root name */
804 rootName[1] = 'd'; /* Build root name */
805 rootName[2] = (char) dchar; /* Build root name */
806 rootName[3] = 0; /* Build root name */
807 IOLog("BSD root: %s, major %d, minor %d\n", rootName, major(*root), minor(*root));
808 *oflags = 0; /* Show that this is not network */
809
810 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
811 /* retrieve final ramdisk range and initialize KDP variables */
812 if (mdevgetrange(xchar, &kdp_core_ramdisk_addr, &kdp_core_ramdisk_size) != 0) {
813 IOLog("Unable to retrieve range for root memory device %d\n", xchar);
814 kdp_core_ramdisk_addr = 0;
815 kdp_core_ramdisk_size = 0;
816 }
817 #endif
818
819 goto iofrootx; /* Join common exit... */
820 }
821 panic("IOFindBSDRoot: specified root memory device, %s, has not been configured", rdBootVar); /* Not there */
822 }
823 }
824
825 if ((!matching) && rdBootVar[0]) {
826 // by BSD name
827 look = rdBootVar;
828 if (look[0] == '*') {
829 look++;
830 }
831
832 if (strncmp( look, "en", strlen( "en" )) == 0) {
833 matching = IONetworkNamePrefixMatching( "en" );
834 needNetworkKexts = true;
835 } else if (strncmp( look, "uuid", strlen( "uuid" )) == 0) {
836 OSDataAllocation<char> uuid( kMaxBootVar, OSAllocateMemory );
837
838 if (uuid) {
839 OSString *uuidString;
840
841 if (!PE_parse_boot_argn( "boot-uuid", uuid.data(), kMaxBootVar )) {
842 panic( "rd=uuid but no boot-uuid=<value> specified" );
843 }
844 uuidString = OSString::withCString(uuid.data());
845 if (uuidString) {
846 IOService::publishResource( "boot-uuid", uuidString );
847 uuidString->release();
848 IOLog("\nWaiting for boot volume with UUID %s\n", uuid.data());
849 matching = IOUUIDMatching();
850 mediaProperty = "boot-uuid-media";
851 }
852 }
853 } else {
854 matching = IOBSDNameMatching( look );
855 }
856 }
857
858 if (!matching) {
859 OSString * astring;
860 // Match any HFS media
861
862 matching = IOService::serviceMatching( "IOMedia" );
863 assert(matching);
864 astring = OSString::withCStringNoCopy("Apple_HFS");
865 if (astring) {
866 matching->setObject("Content", astring);
867 astring->release();
868 }
869 }
870
871 if (gIOKitDebug & kIOWaitQuietBeforeRoot) {
872 IOLog( "Waiting for matching to complete\n" );
873 IOService::getPlatform()->waitQuiet();
874 }
875
876 if (matching) {
877 OSSerialize * s = OSSerialize::withCapacity( 5 );
878
879 if (matching->serialize( s )) {
880 IOLog( "Waiting on %s\n", s->text());
881 }
882 s->release();
883 }
884
885 char namep[8];
886 if (needNetworkKexts
887 || PE_parse_boot_argn("-s", namep, sizeof(namep))) {
888 IOService::startDeferredMatches();
889 }
890
891 do {
892 t.tv_sec = ROOTDEVICETIMEOUT;
893 t.tv_nsec = 0;
894 matching->retain();
895 service = IOService::waitForService( matching, &t );
896 if ((!service) || (mountAttempts == 10)) {
897 #if !XNU_TARGET_OS_OSX || !defined(__arm64__)
898 PE_display_icon( 0, "noroot");
899 IOLog( "Still waiting for root device\n" );
900 #endif
901
902 if (!debugInfoPrintedOnce) {
903 debugInfoPrintedOnce = true;
904 if (gIOKitDebug & kIOLogDTree) {
905 IOLog("\nDT plane:\n");
906 IOPrintPlane( gIODTPlane );
907 }
908 if (gIOKitDebug & kIOLogServiceTree) {
909 IOLog("\nService plane:\n");
910 IOPrintPlane( gIOServicePlane );
911 }
912 if (gIOKitDebug & kIOLogMemory) {
913 IOPrintMemory();
914 }
915 }
916
917 #if XNU_TARGET_OS_OSX && defined(__arm64__)
918 // The disk isn't found - have the user pick from System Recovery.
919 (void)IOSetRecoveryBoot(BSD_BOOTFAIL_MEDIA_MISSING, NULL, true);
920 #elif XNU_TARGET_OS_IOS
921 panic("Failed to mount root device");
922 #endif
923 }
924 } while (!service);
925
926 OSSafeReleaseNULL(matching);
927
928 if (service && mediaProperty) {
929 service = (IOService *)service->getProperty(mediaProperty);
930 }
931
932 mjr = 0;
933 mnr = 0;
934
935 // If the IOService we matched to is a subclass of IONetworkInterface,
936 // then make sure it has been registered with BSD and has a BSD name
937 // assigned.
938
939 if (service
940 && service->metaCast( "IONetworkInterface" )
941 && !IORegisterNetworkInterface( service )) {
942 service = NULL;
943 }
944
945 if (service) {
946 len = kMaxPathBuf;
947 service->getPath( str.data(), &len, gIOServicePlane );
948 IOLog("Got boot device = %s\n", str.data());
949
950 iostr = (OSString *) service->getProperty( kIOBSDNameKey );
951 if (iostr) {
952 strlcpy( rootName, iostr->getCStringNoCopy(), rootNameSize );
953 }
954 off = (OSNumber *) service->getProperty( kIOBSDMajorKey );
955 if (off) {
956 mjr = off->unsigned32BitValue();
957 }
958 off = (OSNumber *) service->getProperty( kIOBSDMinorKey );
959 if (off) {
960 mnr = off->unsigned32BitValue();
961 }
962
963 if (service->metaCast( "IONetworkInterface" )) {
964 flags |= 1;
965 }
966 } else {
967 IOLog( "Wait for root failed\n" );
968 strlcpy( rootName, "en0", rootNameSize );
969 flags |= 1;
970 }
971
972 IOLog( "BSD root: %s", rootName );
973 if (mjr) {
974 IOLog(", major %d, minor %d\n", mjr, mnr );
975 } else {
976 IOLog("\n");
977 }
978
979 *root = makedev( mjr, mnr );
980 *oflags = flags;
981
982 iofrootx:
983
984 IOService::setRootMedia(service);
985
986 if ((gIOKitDebug & (kIOLogDTree | kIOLogServiceTree | kIOLogMemory)) && !debugInfoPrintedOnce) {
987 IOService::getPlatform()->waitQuiet();
988 if (gIOKitDebug & kIOLogDTree) {
989 IOLog("\nDT plane:\n");
990 IOPrintPlane( gIODTPlane );
991 }
992 if (gIOKitDebug & kIOLogServiceTree) {
993 IOLog("\nService plane:\n");
994 IOPrintPlane( gIOServicePlane );
995 }
996 if (gIOKitDebug & kIOLogMemory) {
997 IOPrintMemory();
998 }
999 }
1000
1001 return kIOReturnSuccess;
1002 }
1003
1004 void
IOSetImageBoot(void)1005 IOSetImageBoot(void)
1006 {
1007 // this will unhide all IOMedia, without waiting for kernelmanagement to start
1008 IOService::setRootMedia(NULL);
1009 }
1010
1011 bool
IORamDiskBSDRoot(void)1012 IORamDiskBSDRoot(void)
1013 {
1014 char rdBootVar[kMaxBootVar];
1015 if (PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
1016 || PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
1017 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
1018 return true;
1019 }
1020 }
1021 return false;
1022 }
1023
1024 void
IOSecureBSDRoot(const char * rootName)1025 IOSecureBSDRoot(const char * rootName)
1026 {
1027 #if CONFIG_SECURE_BSD_ROOT
1028 IOReturn result;
1029 IOPlatformExpert *pe;
1030 OSDictionary *matching;
1031 const OSSymbol *functionName = OSSymbol::withCStringNoCopy("SecureRootName");
1032
1033 matching = IOService::serviceMatching("IOPlatformExpert");
1034 assert(matching);
1035 pe = (IOPlatformExpert *) IOService::waitForMatchingService(matching, 30ULL * kSecondScale);
1036 matching->release();
1037 assert(pe);
1038 // Returns kIOReturnNotPrivileged is the root device is not secure.
1039 // Returns kIOReturnUnsupported if "SecureRootName" is not implemented.
1040 result = pe->callPlatformFunction(functionName, false, (void *)rootName, (void *)NULL, (void *)NULL, (void *)NULL);
1041 functionName->release();
1042 OSSafeReleaseNULL(pe);
1043
1044 if (result == kIOReturnNotPrivileged) {
1045 mdevremoveall();
1046 }
1047
1048 #endif // CONFIG_SECURE_BSD_ROOT
1049 }
1050
1051 void *
IOBSDRegistryEntryForDeviceTree(char * path)1052 IOBSDRegistryEntryForDeviceTree(char * path)
1053 {
1054 return IORegistryEntry::fromPath(path, gIODTPlane);
1055 }
1056
1057 void
IOBSDRegistryEntryRelease(void * entry)1058 IOBSDRegistryEntryRelease(void * entry)
1059 {
1060 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1061
1062 if (regEntry) {
1063 regEntry->release();
1064 }
1065 return;
1066 }
1067
1068 const void *
IOBSDRegistryEntryGetData(void * entry,char * property_name,int * packet_length)1069 IOBSDRegistryEntryGetData(void * entry, char * property_name,
1070 int * packet_length)
1071 {
1072 OSData * data;
1073 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1074
1075 data = (OSData *) regEntry->getProperty(property_name);
1076 if (data) {
1077 *packet_length = data->getLength();
1078 return data->getBytesNoCopy();
1079 }
1080 return NULL;
1081 }
1082
1083 kern_return_t
IOBSDGetPlatformUUID(uuid_t uuid,mach_timespec_t timeout)1084 IOBSDGetPlatformUUID( uuid_t uuid, mach_timespec_t timeout )
1085 {
1086 IOService * resources;
1087 OSString * string;
1088
1089 resources = IOService::waitForService( IOService::resourceMatching( kIOPlatformUUIDKey ), (timeout.tv_sec || timeout.tv_nsec) ? &timeout : NULL );
1090 if (resources == NULL) {
1091 return KERN_OPERATION_TIMED_OUT;
1092 }
1093
1094 string = (OSString *) IOService::getPlatform()->getProvider()->getProperty( kIOPlatformUUIDKey );
1095 if (string == NULL) {
1096 return KERN_NOT_SUPPORTED;
1097 }
1098
1099 uuid_parse( string->getCStringNoCopy(), uuid );
1100
1101 return KERN_SUCCESS;
1102 }
1103 } /* extern "C" */
1104
1105 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1106
1107 #include <sys/conf.h>
1108 #include <sys/lock.h>
1109 #include <sys/vnode.h>
1110 #include <sys/vnode_if.h>
1111 #include <sys/vnode_internal.h>
1112 #include <sys/fcntl.h>
1113 #include <sys/fsctl.h>
1114 #include <sys/mount.h>
1115 #include <IOKit/IOPolledInterface.h>
1116 #include <IOKit/IOBufferMemoryDescriptor.h>
1117
1118 // see HFSIOC_VOLUME_STATUS in APFS/HFS
1119 #define HFS_IOCTL_VOLUME_STATUS _IOR('h', 24, u_int32_t)
1120
1121 LCK_GRP_DECLARE(gIOPolledCoreFileGrp, "polled_corefile");
1122 LCK_MTX_DECLARE(gIOPolledCoreFileMtx, &gIOPolledCoreFileGrp);
1123
1124 IOPolledFileIOVars * gIOPolledCoreFileVars;
1125 kern_return_t gIOPolledCoreFileOpenRet = kIOReturnNotReady;
1126 IOPolledCoreFileMode_t gIOPolledCoreFileMode = kIOPolledCoreFileModeNotInitialized;
1127
1128 #if IOPOLLED_COREFILE
1129
1130 #define ONE_MB 1024ULL * 1024ULL
1131
1132 #if defined(XNU_TARGET_OS_BRIDGE)
1133 // On bridgeOS allocate a 150MB corefile and leave 150MB free
1134 #define kIOCoreDumpSize 150ULL * ONE_MB
1135 #define kIOCoreDumpFreeSize 150ULL * ONE_MB
1136
1137 #elif defined(XNU_TARGET_OS_OSX)
1138
1139 // on macOS devices allocate a corefile sized at 1GB / 32GB of DRAM,
1140 // fallback to a 1GB corefile and leave at least 1GB free
1141 #define kIOCoreDumpMinSize 1024ULL * ONE_MB
1142 #define kIOCoreDumpIncrementalSize 1024ULL * ONE_MB
1143
1144 #define kIOCoreDumpFreeSize 1024ULL * ONE_MB
1145
1146 // on older macOS devices we allocate a 1MB file at boot
1147 // to store a panic time stackshot
1148 #define kIOStackshotFileSize ONE_MB
1149
1150 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1151
1152 // On embedded devices with >3GB DRAM we allocate a 500MB corefile
1153 // otherwise allocate a 350MB corefile. Leave 350 MB free
1154 #define kIOCoreDumpMinSize 350ULL * ONE_MB
1155 #define kIOCoreDumpLargeSize 500ULL * ONE_MB
1156
1157 #define kIOCoreDumpFreeSize 350ULL * ONE_MB
1158
1159 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1160
1161 static IOPolledCoreFileMode_t
GetCoreFileMode()1162 GetCoreFileMode()
1163 {
1164 if (on_device_corefile_enabled()) {
1165 return kIOPolledCoreFileModeCoredump;
1166 } else if (panic_stackshot_to_disk_enabled()) {
1167 return kIOPolledCoreFileModeStackshot;
1168 } else {
1169 return kIOPolledCoreFileModeDisabled;
1170 }
1171 }
1172
1173 static void
IOCoreFileGetSize(uint64_t * ideal_size,uint64_t * fallback_size,uint64_t * free_space_to_leave,IOPolledCoreFileMode_t mode)1174 IOCoreFileGetSize(uint64_t *ideal_size, uint64_t *fallback_size, uint64_t *free_space_to_leave, IOPolledCoreFileMode_t mode)
1175 {
1176 unsigned int requested_corefile_size = 0;
1177
1178 *ideal_size = *fallback_size = *free_space_to_leave = 0;
1179
1180 // If a custom size was requested, override the ideal and requested sizes
1181 if (PE_parse_boot_argn("corefile_size_mb", &requested_corefile_size,
1182 sizeof(requested_corefile_size))) {
1183 IOLog("Boot-args specify %d MB kernel corefile\n", requested_corefile_size);
1184
1185 *ideal_size = *fallback_size = (requested_corefile_size * ONE_MB);
1186 return;
1187 }
1188
1189 unsigned int status_flags = 0;
1190 int error = VNOP_IOCTL(rootvnode, HFS_IOCTL_VOLUME_STATUS, (caddr_t)&status_flags, 0,
1191 vfs_context_kernel());
1192 if (!error) {
1193 if (status_flags & (VQ_VERYLOWDISK | VQ_LOWDISK | VQ_NEARLOWDISK)) {
1194 IOLog("Volume is low on space. Not allocating kernel corefile.\n");
1195 return;
1196 }
1197 } else {
1198 IOLog("Couldn't retrieve volume status. Error %d\n", error);
1199 }
1200
1201 #if defined(XNU_TARGET_OS_BRIDGE)
1202 #pragma unused(mode)
1203 *ideal_size = *fallback_size = kIOCoreDumpSize;
1204 *free_space_to_leave = kIOCoreDumpFreeSize;
1205 #elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */
1206 #pragma unused(mode)
1207 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1208
1209 if (max_mem > (3 * 1024ULL * ONE_MB)) {
1210 *ideal_size = kIOCoreDumpLargeSize;
1211 }
1212
1213 *free_space_to_leave = kIOCoreDumpFreeSize;
1214 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1215 if (mode == kIOPolledCoreFileModeCoredump) {
1216 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1217 if (kIOCoreDumpIncrementalSize != 0 && max_mem > (32 * 1024ULL * ONE_MB)) {
1218 *ideal_size = ((ROUNDUP(max_mem, (32 * 1024ULL * ONE_MB)) / (32 * 1024ULL * ONE_MB)) * kIOCoreDumpIncrementalSize);
1219 }
1220 *free_space_to_leave = kIOCoreDumpFreeSize;
1221 } else if (mode == kIOPolledCoreFileModeStackshot) {
1222 *ideal_size = *fallback_size = *free_space_to_leave = kIOStackshotFileSize;
1223 }
1224 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1225
1226 #if EXCLAVES_COREDUMP
1227 *ideal_size += sk_core_size();
1228 #endif /* EXCLAVES_COREDUMP */
1229
1230 return;
1231 }
1232
1233 static IOReturn
IOAccessCoreFileData(void * context,boolean_t write,uint64_t offset,int length,void * buffer)1234 IOAccessCoreFileData(void *context, boolean_t write, uint64_t offset, int length, void *buffer)
1235 {
1236 errno_t vnode_error = 0;
1237 vfs_context_t vfs_context;
1238 vnode_t vnode_ptr = (vnode_t) context;
1239
1240 vfs_context = vfs_context_kernel();
1241 vnode_error = vn_rdwr(write ? UIO_WRITE : UIO_READ, vnode_ptr, (caddr_t)buffer, length, offset,
1242 UIO_SYSSPACE, IO_SWAP_DISPATCH | IO_SYNC | IO_NOCACHE | IO_UNIT, vfs_context_ucred(vfs_context), NULL, vfs_context_proc(vfs_context));
1243
1244 if (vnode_error) {
1245 IOLog("Failed to %s the corefile. Error %d\n", write ? "write to" : "read from", vnode_error);
1246 return kIOReturnError;
1247 }
1248
1249 return kIOReturnSuccess;
1250 }
1251
1252 static void
IOOpenPolledCoreFile(thread_call_param_t __unused,thread_call_param_t corefilename)1253 IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename)
1254 {
1255 assert(corefilename != NULL);
1256
1257 IOReturn err;
1258 char *filename = (char *) corefilename;
1259 uint64_t corefile_size_bytes = 0, corefile_fallback_size_bytes = 0, free_space_to_leave_bytes = 0;
1260 IOPolledCoreFileMode_t mode_to_init = GetCoreFileMode();
1261
1262 if (gIOPolledCoreFileVars) {
1263 return;
1264 }
1265 if (!IOPolledInterface::gMetaClass.getInstanceCount()) {
1266 return;
1267 }
1268
1269 if (gIOPolledCoreFileMode == kIOPolledCoreFileModeUnlinked) {
1270 return;
1271 }
1272
1273 if (mode_to_init == kIOPolledCoreFileModeDisabled) {
1274 gIOPolledCoreFileMode = kIOPolledCoreFileModeDisabled;
1275 return;
1276 }
1277
1278 // We'll overwrite this once we open the file, we update this to mark that we have made
1279 // it past initialization
1280 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1281
1282 IOCoreFileGetSize(&corefile_size_bytes, &corefile_fallback_size_bytes, &free_space_to_leave_bytes, mode_to_init);
1283
1284 if (corefile_size_bytes == 0 && corefile_fallback_size_bytes == 0) {
1285 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1286 return;
1287 }
1288
1289 do {
1290 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_size_bytes, free_space_to_leave_bytes,
1291 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1292 if (kIOReturnSuccess == err) {
1293 break;
1294 } else if (kIOReturnNoSpace == err) {
1295 IOLog("Failed to open corefile of size %llu MB (low disk space)",
1296 (corefile_size_bytes / (1024ULL * 1024ULL)));
1297 if (corefile_size_bytes == corefile_fallback_size_bytes) {
1298 gIOPolledCoreFileOpenRet = err;
1299 return;
1300 }
1301 } else {
1302 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1303 (corefile_size_bytes / (1024ULL * 1024ULL)), err);
1304 gIOPolledCoreFileOpenRet = err;
1305 return;
1306 }
1307
1308 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_fallback_size_bytes, free_space_to_leave_bytes,
1309 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1310 if (kIOReturnSuccess != err) {
1311 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1312 (corefile_fallback_size_bytes / (1024ULL * 1024ULL)), err);
1313 gIOPolledCoreFileOpenRet = err;
1314 return;
1315 }
1316 } while (false);
1317
1318 gIOPolledCoreFileOpenRet = IOPolledFilePollersSetup(gIOPolledCoreFileVars, kIOPolledPreflightCoreDumpState);
1319 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1320 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1321 IOLog("IOPolledFilePollersSetup for corefile failed with error: 0x%x\n", err);
1322 } else {
1323 IOLog("Opened corefile of size %llu MB\n", (corefile_size_bytes / (1024ULL * 1024ULL)));
1324 gIOPolledCoreFileMode = mode_to_init;
1325 }
1326
1327 // Provide the "polled file available" callback with a temporary way to read from the file
1328 (void) IOProvideCoreFileAccess(kdp_core_polled_io_polled_file_available, NULL);
1329
1330 return;
1331 }
1332
1333 kern_return_t
IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient,void * recipient_context)1334 IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context)
1335 {
1336 kern_return_t error = kIOReturnSuccess;
1337 errno_t vnode_error = 0;
1338 vfs_context_t vfs_context;
1339 vnode_t vnode_ptr;
1340
1341 if (!recipient) {
1342 return kIOReturnBadArgument;
1343 }
1344
1345 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1346 return kIOReturnNotReady;
1347 }
1348
1349 // Open the kernel corefile
1350 vfs_context = vfs_context_kernel();
1351 vnode_error = vnode_open(kIOCoreDumpPath, (FREAD | FWRITE | O_NOFOLLOW), 0600, 0, &vnode_ptr, vfs_context);
1352 if (vnode_error) {
1353 IOLog("Failed to open the corefile. Error %d\n", vnode_error);
1354 return kIOReturnError;
1355 }
1356
1357 // Call the recipient function
1358 error = recipient(IOAccessCoreFileData, (void *)vnode_ptr, recipient_context);
1359
1360 // Close the kernel corefile
1361 vnode_close(vnode_ptr, FREAD | FWRITE, vfs_context);
1362
1363 return error;
1364 }
1365
1366 static void
IOClosePolledCoreFile(void)1367 IOClosePolledCoreFile(void)
1368 {
1369 // Notify kdp core that the corefile is no longer available
1370 (void) kdp_core_polled_io_polled_file_unavailable();
1371
1372 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1373 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1374 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1375 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1376 }
1377
1378 static void
IOUnlinkPolledCoreFile(void)1379 IOUnlinkPolledCoreFile(void)
1380 {
1381 // Notify kdp core that the corefile is no longer available
1382 (void) kdp_core_polled_io_polled_file_unavailable();
1383
1384 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1385 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1386 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1387 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, true);
1388 }
1389
1390 #endif /* IOPOLLED_COREFILE */
1391
1392 extern "C" void
IOBSDMountChange(struct mount * mp,uint32_t op)1393 IOBSDMountChange(struct mount * mp, uint32_t op)
1394 {
1395 #if IOPOLLED_COREFILE
1396 uint64_t flags;
1397 char path[128];
1398 int pathLen;
1399 vnode_t vn;
1400 int result;
1401
1402 lck_mtx_lock(&gIOPolledCoreFileMtx);
1403
1404 switch (op) {
1405 case kIOMountChangeMount:
1406 case kIOMountChangeDidResize:
1407
1408 if (gIOPolledCoreFileVars) {
1409 break;
1410 }
1411 flags = vfs_flags(mp);
1412 if (MNT_RDONLY & flags) {
1413 break;
1414 }
1415 if (!(MNT_LOCAL & flags)) {
1416 break;
1417 }
1418
1419 vn = vfs_vnodecovered(mp);
1420 if (!vn) {
1421 break;
1422 }
1423 pathLen = sizeof(path);
1424 result = vn_getpath(vn, &path[0], &pathLen);
1425 vnode_put(vn);
1426 if (0 != result) {
1427 break;
1428 }
1429 if (!pathLen) {
1430 break;
1431 }
1432 #if defined(XNU_TARGET_OS_BRIDGE)
1433 // on bridgeOS systems we put the core in /private/var/internal. We don't
1434 // want to match with /private/var because /private/var/internal is often mounted
1435 // over /private/var
1436 if ((pathLen - 1) < (int) strlen("/private/var/internal")) {
1437 break;
1438 }
1439 #endif
1440 if (0 != strncmp(path, kIOCoreDumpPath, pathLen - 1)) {
1441 break;
1442 }
1443
1444 thread_call_enter1(corefile_open_call, (void *) kIOCoreDumpPath);
1445 break;
1446
1447 case kIOMountChangeUnmount:
1448 case kIOMountChangeWillResize:
1449 if (gIOPolledCoreFileVars && (mp == kern_file_mount(gIOPolledCoreFileVars->fileRef))) {
1450 thread_call_cancel_wait(corefile_open_call);
1451 IOClosePolledCoreFile();
1452 }
1453 break;
1454 }
1455
1456 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1457 #endif /* IOPOLLED_COREFILE */
1458 }
1459
1460 extern "C" void
IOBSDLowSpaceUnlinkKernelCore(void)1461 IOBSDLowSpaceUnlinkKernelCore(void)
1462 {
1463 #if IOPOLLED_COREFILE
1464 lck_mtx_lock(&gIOPolledCoreFileMtx);
1465 if (gIOPolledCoreFileVars) {
1466 thread_call_cancel_wait(corefile_open_call);
1467 IOUnlinkPolledCoreFile();
1468 }
1469 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1470 #endif
1471 }
1472
1473 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1474
1475 static char*
copyOSStringAsCString(OSString * string)1476 copyOSStringAsCString(OSString *string)
1477 {
1478 size_t string_length = 0;
1479 char *c_string = NULL;
1480
1481 if (string == NULL) {
1482 return NULL;
1483 }
1484 string_length = string->getLength() + 1;
1485
1486 /* Allocate kernel data memory for the string */
1487 c_string = (char*)kalloc_data(string_length, (zalloc_flags_t)(Z_ZERO | Z_WAITOK | Z_NOFAIL));
1488 assert(c_string != NULL);
1489
1490 /* Copy in the string */
1491 strlcpy(c_string, string->getCStringNoCopy(), string_length);
1492
1493 return c_string;
1494 }
1495
1496 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasStringEntitlement(const char * entitlement,const char * value)1497 IOCurrentTaskHasStringEntitlement(const char *entitlement, const char *value)
1498 {
1499 return IOTaskHasStringEntitlement(NULL, entitlement, value);
1500 }
1501
1502 extern "C" boolean_t
IOTaskHasStringEntitlement(task_t task,const char * entitlement,const char * value)1503 IOTaskHasStringEntitlement(task_t task, const char *entitlement, const char *value)
1504 {
1505 if (task == NULL) {
1506 task = current_task();
1507 }
1508
1509 /* Validate input arguments */
1510 if (task == kernel_task || entitlement == NULL || value == NULL) {
1511 return false;
1512 }
1513 proc_t proc = (proc_t)get_bsdtask_info(task);
1514
1515 kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc(
1516 proc,
1517 entitlement,
1518 value);
1519
1520 if (ret == KERN_SUCCESS) {
1521 return true;
1522 }
1523
1524 return false;
1525 }
1526
1527 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasEntitlement(const char * entitlement)1528 IOCurrentTaskHasEntitlement(const char *entitlement)
1529 {
1530 return IOTaskHasEntitlement(NULL, entitlement);
1531 }
1532
1533 extern "C" boolean_t
IOTaskHasEntitlement(task_t task,const char * entitlement)1534 IOTaskHasEntitlement(task_t task, const char *entitlement)
1535 {
1536 if (task == NULL) {
1537 task = current_task();
1538 }
1539
1540 /* Validate input arguments */
1541 if (task == kernel_task || entitlement == NULL) {
1542 return false;
1543 }
1544 proc_t proc = (proc_t)get_bsdtask_info(task);
1545
1546 kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
1547 proc,
1548 entitlement);
1549
1550 if (ret == KERN_SUCCESS) {
1551 return true;
1552 }
1553
1554 return false;
1555 }
1556
1557 extern "C" OS_ALWAYS_INLINE char*
IOCurrentTaskGetEntitlement(const char * entitlement)1558 IOCurrentTaskGetEntitlement(const char *entitlement)
1559 {
1560 return IOTaskGetEntitlement(NULL, entitlement);
1561 }
1562
1563 extern "C" char*
IOTaskGetEntitlement(task_t task,const char * entitlement)1564 IOTaskGetEntitlement(task_t task, const char *entitlement)
1565 {
1566 void *entitlement_object = NULL;
1567 char *return_value = NULL;
1568
1569 if (task == NULL) {
1570 task = current_task();
1571 }
1572
1573 /* Validate input arguments */
1574 if (task == kernel_task || entitlement == NULL) {
1575 return NULL;
1576 }
1577 proc_t proc = (proc_t)get_bsdtask_info(task);
1578
1579 kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
1580 proc,
1581 entitlement,
1582 &entitlement_object);
1583
1584 if (ret != KERN_SUCCESS) {
1585 return NULL;
1586 }
1587 assert(entitlement_object != NULL);
1588
1589 OSObject *os_object = (OSObject*)entitlement_object;
1590 OSString *os_string = OSDynamicCast(OSString, os_object);
1591
1592 /* Get a C string version of the OSString */
1593 return_value = copyOSStringAsCString(os_string);
1594
1595 /* Free the OSObject which was given to us */
1596 OSSafeReleaseNULL(os_object);
1597
1598 return return_value;
1599 }
1600
1601 extern "C" boolean_t
IOVnodeHasEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1602 IOVnodeHasEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1603 {
1604 OSObject * obj;
1605 off_t offset = (off_t)off;
1606
1607 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1608 if (!obj) {
1609 return false;
1610 }
1611 obj->release();
1612 return obj != kOSBooleanFalse;
1613 }
1614
1615 extern "C" char *
IOVnodeGetEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1616 IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1617 {
1618 OSObject *obj = NULL;
1619 OSString *str = NULL;
1620 size_t len;
1621 char *value = NULL;
1622 off_t offset = (off_t)off;
1623
1624 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1625 if (obj != NULL) {
1626 str = OSDynamicCast(OSString, obj);
1627 if (str != NULL) {
1628 len = str->getLength() + 1;
1629 value = (char *)kalloc_data(len, Z_WAITOK);
1630 strlcpy(value, str->getCStringNoCopy(), len);
1631 }
1632 obj->release();
1633 }
1634 return value;
1635 }
1636