1 /*
2 * Copyright (c) 1998-2021 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <IOKit/IOBSD.h>
29 #include <IOKit/IOLib.h>
30 #include <IOKit/IOService.h>
31 #include <IOKit/IOCatalogue.h>
32 #include <IOKit/IODeviceTreeSupport.h>
33 #include <IOKit/IOKitKeys.h>
34 #include <IOKit/IONVRAM.h>
35 #include <IOKit/IOPlatformExpert.h>
36 #include <IOKit/IOUserClient.h>
37 #include <libkern/c++/OSAllocation.h>
38
39 extern "C" {
40 #include <libkern/amfi/amfi.h>
41 #include <sys/codesign.h>
42 #include <sys/code_signing.h>
43 #include <vm/pmap.h>
44 #include <vm/vm_map.h>
45 #include <pexpert/pexpert.h>
46 #include <kern/clock.h>
47 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
48 #include <kern/debug.h>
49 #endif
50 #include <mach/machine.h>
51 #include <uuid/uuid.h>
52 #include <sys/vnode_internal.h>
53 #include <sys/mount.h>
54 #include <corecrypto/ccsha2.h>
55
56 // how long to wait for matching root device, secs
57 #if DEBUG
58 #define ROOTDEVICETIMEOUT 120
59 #else
60 #define ROOTDEVICETIMEOUT 60
61 #endif
62
63 extern dev_t mdevadd(int devid, uint64_t base, unsigned int size, int phys);
64 extern dev_t mdevlookup(int devid);
65 extern void mdevremoveall(void);
66 extern int mdevgetrange(int devid, uint64_t *base, uint64_t *size);
67 extern void di_root_ramfile(IORegistryEntry * entry);
68 extern int IODTGetDefault(const char *key, void *infoAddr, unsigned int infoSize);
69 extern boolean_t cpuid_vmm_present(void);
70
71 #define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1)))
72
73 #define IOPOLLED_COREFILE (CONFIG_KDP_INTERACTIVE_DEBUGGING)
74
75 #if defined(XNU_TARGET_OS_BRIDGE)
76 #define kIOCoreDumpPath "/private/var/internal/kernelcore"
77 #elif defined(XNU_TARGET_OS_OSX)
78 #define kIOCoreDumpPath "/System/Volumes/VM/kernelcore"
79 #else
80 #define kIOCoreDumpPath "/private/var/vm/kernelcore"
81 #endif
82
83 #define SYSTEM_NVRAM_PREFIX "40A0DDD2-77F8-4392-B4A3-1E7304206516:"
84
85 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
86 /*
87 * Touched by IOFindBSDRoot() if a RAMDisk is used for the root device.
88 */
89 extern uint64_t kdp_core_ramdisk_addr;
90 extern uint64_t kdp_core_ramdisk_size;
91
92 /*
93 * A callback to indicate that the polled-mode corefile is now available.
94 */
95 extern kern_return_t kdp_core_polled_io_polled_file_available(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context);
96
97 /*
98 * A callback to indicate that the polled-mode corefile is no longer available.
99 */
100 extern kern_return_t kdp_core_polled_io_polled_file_unavailable(void);
101 #endif
102
103 #if IOPOLLED_COREFILE
104 static void IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename);
105
106 thread_call_t corefile_open_call = NULL;
107 #endif
108
109 kern_return_t
IOKitBSDInit(void)110 IOKitBSDInit( void )
111 {
112 IOService::publishResource("IOBSD");
113
114 #if IOPOLLED_COREFILE
115 corefile_open_call = thread_call_allocate_with_options(IOOpenPolledCoreFile, NULL, THREAD_CALL_PRIORITY_KERNEL, THREAD_CALL_OPTIONS_ONCE);
116 #endif
117
118 return kIOReturnSuccess;
119 }
120
121 void
IOServicePublishResource(const char * property,boolean_t value)122 IOServicePublishResource( const char * property, boolean_t value )
123 {
124 if (value) {
125 IOService::publishResource( property, kOSBooleanTrue );
126 } else {
127 IOService::getResourceService()->removeProperty( property );
128 }
129 }
130
131 boolean_t
IOServiceWaitForMatchingResource(const char * property,uint64_t timeout)132 IOServiceWaitForMatchingResource( const char * property, uint64_t timeout )
133 {
134 OSDictionary * dict = NULL;
135 IOService * match = NULL;
136 boolean_t found = false;
137
138 do {
139 dict = IOService::resourceMatching( property );
140 if (!dict) {
141 continue;
142 }
143 match = IOService::waitForMatchingService( dict, timeout );
144 if (match) {
145 found = true;
146 }
147 } while (false);
148
149 if (dict) {
150 dict->release();
151 }
152 if (match) {
153 match->release();
154 }
155
156 return found;
157 }
158
159 boolean_t
IOCatalogueMatchingDriversPresent(const char * property)160 IOCatalogueMatchingDriversPresent( const char * property )
161 {
162 OSDictionary * dict = NULL;
163 OSOrderedSet * set = NULL;
164 SInt32 generationCount = 0;
165 boolean_t found = false;
166
167 do {
168 dict = OSDictionary::withCapacity(1);
169 if (!dict) {
170 continue;
171 }
172 dict->setObject( property, kOSBooleanTrue );
173 set = gIOCatalogue->findDrivers( dict, &generationCount );
174 if (set && (set->getCount() > 0)) {
175 found = true;
176 }
177 } while (false);
178
179 if (dict) {
180 dict->release();
181 }
182 if (set) {
183 set->release();
184 }
185
186 return found;
187 }
188
189 OSDictionary *
IOBSDNameMatching(const char * name)190 IOBSDNameMatching( const char * name )
191 {
192 OSDictionary * dict;
193 const OSSymbol * str = NULL;
194
195 do {
196 dict = IOService::serviceMatching( gIOServiceKey );
197 if (!dict) {
198 continue;
199 }
200 str = OSSymbol::withCString( name );
201 if (!str) {
202 continue;
203 }
204 dict->setObject( kIOBSDNameKey, (OSObject *) str );
205 str->release();
206
207 return dict;
208 } while (false);
209
210 if (dict) {
211 dict->release();
212 }
213 if (str) {
214 str->release();
215 }
216
217 return NULL;
218 }
219
220 OSDictionary *
IOUUIDMatching(void)221 IOUUIDMatching( void )
222 {
223 OSObject * obj;
224 OSDictionary * result;
225
226 obj = OSUnserialize(
227 "{"
228 "'IOProviderClass' = 'IOResources';"
229 "'IOResourceMatch' = ('IOBSD', 'boot-uuid-media');"
230 "}",
231 NULL);
232 result = OSDynamicCast(OSDictionary, obj);
233 assert(result);
234
235 return result;
236 }
237
238 OSDictionary *
IONetworkNamePrefixMatching(const char * prefix)239 IONetworkNamePrefixMatching( const char * prefix )
240 {
241 OSDictionary * matching;
242 OSDictionary * propDict = NULL;
243 const OSSymbol * str = NULL;
244 char networkType[128];
245
246 do {
247 matching = IOService::serviceMatching( "IONetworkInterface" );
248 if (matching == NULL) {
249 continue;
250 }
251
252 propDict = OSDictionary::withCapacity(1);
253 if (propDict == NULL) {
254 continue;
255 }
256
257 str = OSSymbol::withCString( prefix );
258 if (str == NULL) {
259 continue;
260 }
261
262 propDict->setObject( "IOInterfaceNamePrefix", (OSObject *) str );
263 str->release();
264 str = NULL;
265
266 // see if we're contrained to netroot off of specific network type
267 if (PE_parse_boot_argn( "network-type", networkType, 128 )) {
268 str = OSSymbol::withCString( networkType );
269 if (str) {
270 propDict->setObject( "IONetworkRootType", str);
271 str->release();
272 str = NULL;
273 }
274 }
275
276 if (matching->setObject( gIOPropertyMatchKey,
277 (OSObject *) propDict ) != true) {
278 continue;
279 }
280
281 propDict->release();
282 propDict = NULL;
283
284 return matching;
285 } while (false);
286
287 if (matching) {
288 matching->release();
289 }
290 if (propDict) {
291 propDict->release();
292 }
293 if (str) {
294 str->release();
295 }
296
297 return NULL;
298 }
299
300 static bool
IORegisterNetworkInterface(IOService * netif)301 IORegisterNetworkInterface( IOService * netif )
302 {
303 // A network interface is typically named and registered
304 // with BSD after receiving a request from a user space
305 // "namer". However, for cases when the system needs to
306 // root from the network, this registration task must be
307 // done inside the kernel and completed before the root
308 // device is handed to BSD.
309
310 IOService * stack;
311 OSNumber * zero = NULL;
312 OSString * path = NULL;
313 OSDictionary * dict = NULL;
314 OSDataAllocation<char> pathBuf;
315 int len;
316 enum { kMaxPathLen = 512 };
317
318 do {
319 stack = IOService::waitForService(
320 IOService::serviceMatching("IONetworkStack"));
321 if (stack == NULL) {
322 break;
323 }
324
325 dict = OSDictionary::withCapacity(3);
326 if (dict == NULL) {
327 break;
328 }
329
330 zero = OSNumber::withNumber((UInt64) 0, 32);
331 if (zero == NULL) {
332 break;
333 }
334
335 pathBuf = OSDataAllocation<char>( kMaxPathLen, OSAllocateMemory );
336 if (!pathBuf) {
337 break;
338 }
339
340 len = kMaxPathLen;
341 if (netif->getPath( pathBuf.data(), &len, gIOServicePlane )
342 == false) {
343 break;
344 }
345
346 path = OSString::withCStringNoCopy(pathBuf.data());
347 if (path == NULL) {
348 break;
349 }
350
351 dict->setObject( "IOInterfaceUnit", zero );
352 dict->setObject( kIOPathMatchKey, path );
353
354 stack->setProperties( dict );
355 }while (false);
356
357 if (zero) {
358 zero->release();
359 }
360 if (path) {
361 path->release();
362 }
363 if (dict) {
364 dict->release();
365 }
366
367 return netif->getProperty( kIOBSDNameKey ) != NULL;
368 }
369
370 OSDictionary *
IOOFPathMatching(const char * path,char * buf,int maxLen)371 IOOFPathMatching( const char * path, char * buf, int maxLen )
372 {
373 OSDictionary * matching = NULL;
374 OSString * str;
375 char * comp;
376 int len;
377
378 do {
379 len = ((int) strlen( kIODeviceTreePlane ":" ));
380 maxLen -= len;
381 if (maxLen <= 0) {
382 continue;
383 }
384
385 strlcpy( buf, kIODeviceTreePlane ":", len + 1 );
386 comp = buf + len;
387
388 len = ((int) strnlen( path, INT_MAX ));
389 maxLen -= len;
390 if (maxLen <= 0) {
391 continue;
392 }
393 strlcpy( comp, path, len + 1 );
394
395 matching = OSDictionary::withCapacity( 1 );
396 if (!matching) {
397 continue;
398 }
399
400 str = OSString::withCString( buf );
401 if (!str) {
402 continue;
403 }
404 matching->setObject( kIOPathMatchKey, str );
405 str->release();
406
407 return matching;
408 } while (false);
409
410 if (matching) {
411 matching->release();
412 }
413
414 return NULL;
415 }
416
417 static int didRam = 0;
418 enum { kMaxPathBuf = 512, kMaxBootVar = 128 };
419
420 bool
IOGetBootUUID(char * uuid)421 IOGetBootUUID(char *uuid)
422 {
423 IORegistryEntry *entry;
424 OSData *uuid_data = NULL;
425 bool result = false;
426
427 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
428 uuid_data = (OSData *)entry->getProperty("boot-uuid");
429 if (uuid_data) {
430 unsigned int length = uuid_data->getLength();
431 if (length <= sizeof(uuid_string_t)) {
432 /* ensure caller's buffer is fully initialized: */
433 bzero(uuid, sizeof(uuid_string_t));
434 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
435 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
436 /* guarantee nul-termination: */
437 uuid[sizeof(uuid_string_t) - 1] = '\0';
438 result = true;
439 } else {
440 uuid = NULL;
441 }
442 }
443 OSSafeReleaseNULL(entry);
444 }
445 return result;
446 }
447
448 bool
IOGetApfsPrebootUUID(char * uuid)449 IOGetApfsPrebootUUID(char *uuid)
450 {
451 IORegistryEntry *entry;
452 OSData *uuid_data = NULL;
453 bool result = false;
454
455 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
456 uuid_data = (OSData *)entry->getProperty("apfs-preboot-uuid");
457
458 if (uuid_data) {
459 unsigned int length = uuid_data->getLength();
460 if (length <= sizeof(uuid_string_t)) {
461 /* ensure caller's buffer is fully initialized: */
462 bzero(uuid, sizeof(uuid_string_t));
463 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
464 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
465 /* guarantee nul-termination: */
466 uuid[sizeof(uuid_string_t) - 1] = '\0';
467 result = true;
468 } else {
469 uuid = NULL;
470 }
471 }
472 OSSafeReleaseNULL(entry);
473 }
474 return result;
475 }
476
477 bool
IOGetAssociatedApfsVolgroupUUID(char * uuid)478 IOGetAssociatedApfsVolgroupUUID(char *uuid)
479 {
480 IORegistryEntry *entry;
481 OSData *uuid_data = NULL;
482 bool result = false;
483
484 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
485 uuid_data = (OSData *)entry->getProperty("associated-volume-group");
486
487 if (uuid_data) {
488 unsigned int length = uuid_data->getLength();
489
490 if (length <= sizeof(uuid_string_t)) {
491 /* ensure caller's buffer is fully initialized: */
492 bzero(uuid, sizeof(uuid_string_t));
493 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
494 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
495 /* guarantee nul-termination: */
496 uuid[sizeof(uuid_string_t) - 1] = '\0';
497 result = true;
498 } else {
499 uuid = NULL;
500 }
501 }
502 OSSafeReleaseNULL(entry);
503 }
504 return result;
505 }
506
507 bool
IOGetBootObjectsPath(char * path_prefix)508 IOGetBootObjectsPath(char *path_prefix)
509 {
510 IORegistryEntry *entry;
511 OSData *path_prefix_data = NULL;
512 bool result = false;
513
514 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
515 path_prefix_data = (OSData *)entry->getProperty("boot-objects-path");
516
517 if (path_prefix_data) {
518 unsigned int length = path_prefix_data->getLength();
519
520 if (length <= MAXPATHLEN) {
521 /* ensure caller's buffer is fully initialized: */
522 bzero(path_prefix, MAXPATHLEN);
523 /* copy the content of path_prefix_data->getBytesNoCopy() into path_prefix */
524 memcpy(path_prefix, path_prefix_data->getBytesNoCopy(), length);
525 /* guarantee nul-termination: */
526 path_prefix[MAXPATHLEN - 1] = '\0';
527 result = true;
528 } else {
529 path_prefix = NULL;
530 }
531 }
532 OSSafeReleaseNULL(entry);
533 }
534 return result;
535 }
536
537
538 bool
IOGetBootManifestHash(char * hash_data,size_t * hash_data_size)539 IOGetBootManifestHash(char *hash_data, size_t *hash_data_size)
540 {
541 IORegistryEntry *entry = NULL;
542 OSData *manifest_hash_data = NULL;
543 bool result = false;
544
545 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
546 manifest_hash_data = (OSData *)entry->getProperty("boot-manifest-hash");
547 if (manifest_hash_data) {
548 unsigned int length = manifest_hash_data->getLength();
549 /* hashed with SHA2-384 or SHA1, the boot manifest hash should be 48 Bytes or less */
550 if ((length <= CCSHA384_OUTPUT_SIZE) && (*hash_data_size >= CCSHA384_OUTPUT_SIZE)) {
551 /* ensure caller's buffer is fully initialized: */
552 bzero(hash_data, CCSHA384_OUTPUT_SIZE);
553 /* copy the content of manifest_hash_data->getBytesNoCopy() into hash_data */
554 memcpy(hash_data, manifest_hash_data->getBytesNoCopy(), length);
555 *hash_data_size = length;
556 result = true;
557 } else {
558 hash_data = NULL;
559 *hash_data_size = 0;
560 }
561 }
562 OSSafeReleaseNULL(entry);
563 }
564
565 return result;
566 }
567
568 /*
569 * Set NVRAM to boot into the right flavor of Recovery,
570 * optionally passing a UUID of a volume that failed to boot.
571 * If `reboot` is true, reboot immediately.
572 *
573 * Returns true if `mode` was understood, false otherwise.
574 * (Does not return if `reboot` is true.)
575 */
576 boolean_t
IOSetRecoveryBoot(bsd_bootfail_mode_t mode,uuid_t volume_uuid,boolean_t reboot)577 IOSetRecoveryBoot(bsd_bootfail_mode_t mode, uuid_t volume_uuid, boolean_t reboot)
578 {
579 IODTNVRAM *nvram = NULL;
580 const OSSymbol *boot_command_sym = NULL;
581 OSString *boot_command_recover = NULL;
582
583 if (mode == BSD_BOOTFAIL_SEAL_BROKEN) {
584 const char *boot_mode = "ssv-seal-broken";
585 uuid_string_t volume_uuid_str;
586
587 // Set `recovery-broken-seal-uuid = <volume_uuid>`.
588 if (volume_uuid) {
589 uuid_unparse_upper(volume_uuid, volume_uuid_str);
590
591 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-broken-seal-uuid",
592 volume_uuid_str, sizeof(uuid_string_t))) {
593 IOLog("Failed to write recovery-broken-seal-uuid to NVRAM.\n");
594 }
595 }
596
597 // Set `recovery-boot-mode = ssv-seal-broken`.
598 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-boot-mode", boot_mode,
599 (const unsigned int) strlen(boot_mode))) {
600 IOLog("Failed to write recovery-boot-mode to NVRAM.\n");
601 }
602 } else if (mode == BSD_BOOTFAIL_MEDIA_MISSING) {
603 const char *boot_picker_reason = "missing-boot-media";
604
605 // Set `boot-picker-bringup-reason = missing-boot-media`.
606 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "boot-picker-bringup-reason",
607 boot_picker_reason, (const unsigned int) strlen(boot_picker_reason))) {
608 IOLog("Failed to write boot-picker-bringup-reason to NVRAM.\n");
609 }
610
611 // Set `boot-command = recover-system`.
612
613 // Construct an OSSymbol and an OSString to be the (key, value) pair
614 // we write to NVRAM. Unfortunately, since our value must be an OSString
615 // instead of an OSData, we cannot use PEWriteNVRAMProperty() here.
616 boot_command_sym = OSSymbol::withCStringNoCopy(SYSTEM_NVRAM_PREFIX "boot-command");
617 boot_command_recover = OSString::withCStringNoCopy("recover-system");
618 if (boot_command_sym == NULL || boot_command_recover == NULL) {
619 IOLog("Failed to create boot-command strings.\n");
620 goto do_reboot;
621 }
622
623 // Wait for NVRAM to be readable...
624 nvram = OSDynamicCast(IODTNVRAM, IOService::waitForService(
625 IOService::serviceMatching("IODTNVRAM")));
626 if (nvram == NULL) {
627 IOLog("Failed to acquire IODTNVRAM object.\n");
628 goto do_reboot;
629 }
630
631 // Wait for NVRAM to be writable...
632 if (!IOServiceWaitForMatchingResource("IONVRAM", UINT64_MAX)) {
633 IOLog("Failed to wait for IONVRAM service.\n");
634 // attempt the work anyway...
635 }
636
637 // Write the new boot-command to NVRAM, and sync if successful.
638 if (!nvram->setProperty(boot_command_sym, boot_command_recover)) {
639 IOLog("Failed to save new boot-command to NVRAM.\n");
640 } else {
641 nvram->sync();
642 }
643 } else {
644 IOLog("Unknown mode: %d\n", mode);
645 return false;
646 }
647
648 // Clean up and reboot!
649 do_reboot:
650 if (boot_command_recover != NULL) {
651 boot_command_recover->release();
652 }
653
654 if (boot_command_sym != NULL) {
655 boot_command_sym->release();
656 }
657
658 if (reboot) {
659 IOLog("\nAbout to reboot into Recovery!\n");
660 (void)PEHaltRestart(kPEPanicRestartCPUNoCallouts);
661 }
662
663 return true;
664 }
665
666 kern_return_t
IOFindBSDRoot(char * rootName,unsigned int rootNameSize,dev_t * root,u_int32_t * oflags)667 IOFindBSDRoot( char * rootName, unsigned int rootNameSize,
668 dev_t * root, u_int32_t * oflags )
669 {
670 mach_timespec_t t;
671 IOService * service;
672 IORegistryEntry * regEntry;
673 OSDictionary * matching = NULL;
674 OSString * iostr;
675 OSNumber * off;
676 OSData * data = NULL;
677
678 UInt32 flags = 0;
679 int mnr, mjr;
680 const char * mediaProperty = NULL;
681 char * rdBootVar;
682 OSDataAllocation<char> str;
683 const char * look = NULL;
684 int len;
685 bool debugInfoPrintedOnce = false;
686 bool needNetworkKexts = false;
687 const char * uuidStr = NULL;
688
689 static int mountAttempts = 0;
690
691 int xchar, dchar;
692
693 // stall here for anyone matching on the IOBSD resource to finish (filesystems)
694 matching = IOService::serviceMatching(gIOResourcesKey);
695 assert(matching);
696 matching->setObject(gIOResourceMatchedKey, gIOBSDKey);
697
698 if ((service = IOService::waitForMatchingService(matching, 30ULL * kSecondScale))) {
699 OSSafeReleaseNULL(service);
700 } else {
701 IOLog("!BSD\n");
702 }
703 matching->release();
704 matching = NULL;
705
706 if (mountAttempts++) {
707 IOLog("mount(%d) failed\n", mountAttempts);
708 IOSleep( 5 * 1000 );
709 }
710
711 str = OSDataAllocation<char>( kMaxPathBuf + kMaxBootVar, OSAllocateMemory );
712 if (!str) {
713 return kIOReturnNoMemory;
714 }
715 rdBootVar = str.data() + kMaxPathBuf;
716
717 if (!PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
718 && !PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
719 rdBootVar[0] = 0;
720 }
721
722 if ((regEntry = IORegistryEntry::fromPath( "/chosen", gIODTPlane ))) {
723 do {
724 di_root_ramfile(regEntry);
725 OSObject* unserializedContainer = NULL;
726 data = OSDynamicCast(OSData, regEntry->getProperty( "root-matching" ));
727 if (data) {
728 unserializedContainer = OSUnserializeXML((char *)data->getBytesNoCopy());
729 matching = OSDynamicCast(OSDictionary, unserializedContainer);
730 if (matching) {
731 continue;
732 }
733 }
734 OSSafeReleaseNULL(unserializedContainer);
735
736 data = (OSData *) regEntry->getProperty( "boot-uuid" );
737 if (data) {
738 uuidStr = (const char*)data->getBytesNoCopy();
739 OSString *uuidString = OSString::withCString( uuidStr );
740
741 // match the boot-args boot-uuid processing below
742 if (uuidString) {
743 IOLog("rooting via boot-uuid from /chosen: %s\n", uuidStr);
744 IOService::publishResource( "boot-uuid", uuidString );
745 uuidString->release();
746 matching = IOUUIDMatching();
747 mediaProperty = "boot-uuid-media";
748 continue;
749 } else {
750 uuidStr = NULL;
751 }
752 }
753 } while (false);
754 OSSafeReleaseNULL(regEntry);
755 }
756
757 //
758 // See if we have a RAMDisk property in /chosen/memory-map. If so, make it into a device.
759 // It will become /dev/mdx, where x is 0-f.
760 //
761
762 if (!didRam) { /* Have we already build this ram disk? */
763 didRam = 1; /* Remember we did this */
764 if ((regEntry = IORegistryEntry::fromPath( "/chosen/memory-map", gIODTPlane ))) { /* Find the map node */
765 data = (OSData *)regEntry->getProperty("RAMDisk"); /* Find the ram disk, if there */
766 if (data) { /* We found one */
767 uintptr_t *ramdParms;
768 ramdParms = (uintptr_t *)data->getBytesNoCopy(); /* Point to the ram disk base and size */
769 #if __LP64__
770 #define MAX_PHYS_RAM (((uint64_t)UINT_MAX) << 12)
771 if (ramdParms[1] > MAX_PHYS_RAM) {
772 panic("ramdisk params");
773 }
774 #endif /* __LP64__ */
775 (void)mdevadd(-1, ml_static_ptovirt(ramdParms[0]) >> 12, (unsigned int) (ramdParms[1] >> 12), 0); /* Initialize it and pass back the device number */
776 }
777 regEntry->release(); /* Toss the entry */
778 }
779 }
780
781 //
782 // Now check if we are trying to root on a memory device
783 //
784
785 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
786 dchar = xchar = rdBootVar[2]; /* Get the actual device */
787 if ((xchar >= '0') && (xchar <= '9')) {
788 xchar = xchar - '0'; /* If digit, convert */
789 } else {
790 xchar = xchar & ~' '; /* Fold to upper case */
791 if ((xchar >= 'A') && (xchar <= 'F')) { /* Is this a valid digit? */
792 xchar = (xchar & 0xF) + 9; /* Convert the hex digit */
793 dchar = dchar | ' '; /* Fold to lower case */
794 } else {
795 xchar = -1; /* Show bogus */
796 }
797 }
798 if (xchar >= 0) { /* Do we have a valid memory device name? */
799 OSSafeReleaseNULL(matching);
800 *root = mdevlookup(xchar); /* Find the device number */
801 if (*root >= 0) { /* Did we find one? */
802 rootName[0] = 'm'; /* Build root name */
803 rootName[1] = 'd'; /* Build root name */
804 rootName[2] = (char) dchar; /* Build root name */
805 rootName[3] = 0; /* Build root name */
806 IOLog("BSD root: %s, major %d, minor %d\n", rootName, major(*root), minor(*root));
807 *oflags = 0; /* Show that this is not network */
808
809 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
810 /* retrieve final ramdisk range and initialize KDP variables */
811 if (mdevgetrange(xchar, &kdp_core_ramdisk_addr, &kdp_core_ramdisk_size) != 0) {
812 IOLog("Unable to retrieve range for root memory device %d\n", xchar);
813 kdp_core_ramdisk_addr = 0;
814 kdp_core_ramdisk_size = 0;
815 }
816 #endif
817
818 goto iofrootx; /* Join common exit... */
819 }
820 panic("IOFindBSDRoot: specified root memory device, %s, has not been configured", rdBootVar); /* Not there */
821 }
822 }
823
824 if ((!matching) && rdBootVar[0]) {
825 // by BSD name
826 look = rdBootVar;
827 if (look[0] == '*') {
828 look++;
829 }
830
831 if (strncmp( look, "en", strlen( "en" )) == 0) {
832 matching = IONetworkNamePrefixMatching( "en" );
833 needNetworkKexts = true;
834 } else if (strncmp( look, "uuid", strlen( "uuid" )) == 0) {
835 OSDataAllocation<char> uuid( kMaxBootVar, OSAllocateMemory );
836
837 if (uuid) {
838 OSString *uuidString;
839
840 if (!PE_parse_boot_argn( "boot-uuid", uuid.data(), kMaxBootVar )) {
841 panic( "rd=uuid but no boot-uuid=<value> specified" );
842 }
843 uuidString = OSString::withCString(uuid.data());
844 if (uuidString) {
845 IOService::publishResource( "boot-uuid", uuidString );
846 uuidString->release();
847 IOLog("\nWaiting for boot volume with UUID %s\n", uuid.data());
848 matching = IOUUIDMatching();
849 mediaProperty = "boot-uuid-media";
850 }
851 }
852 } else {
853 matching = IOBSDNameMatching( look );
854 }
855 }
856
857 if (!matching) {
858 OSString * astring;
859 // Match any HFS media
860
861 matching = IOService::serviceMatching( "IOMedia" );
862 assert(matching);
863 astring = OSString::withCStringNoCopy("Apple_HFS");
864 if (astring) {
865 matching->setObject("Content", astring);
866 astring->release();
867 }
868 }
869
870 if (gIOKitDebug & kIOWaitQuietBeforeRoot) {
871 IOLog( "Waiting for matching to complete\n" );
872 IOService::getPlatform()->waitQuiet();
873 }
874
875 if (matching) {
876 OSSerialize * s = OSSerialize::withCapacity( 5 );
877
878 if (matching->serialize( s )) {
879 IOLog( "Waiting on %s\n", s->text());
880 }
881 s->release();
882 }
883
884 char namep[8];
885 if (needNetworkKexts
886 || PE_parse_boot_argn("-s", namep, sizeof(namep))) {
887 IOService::startDeferredMatches();
888 }
889
890 do {
891 t.tv_sec = ROOTDEVICETIMEOUT;
892 t.tv_nsec = 0;
893 matching->retain();
894 service = IOService::waitForService( matching, &t );
895 if ((!service) || (mountAttempts == 10)) {
896 #if !XNU_TARGET_OS_OSX || !defined(__arm64__)
897 PE_display_icon( 0, "noroot");
898 IOLog( "Still waiting for root device\n" );
899 #endif
900
901 if (!debugInfoPrintedOnce) {
902 debugInfoPrintedOnce = true;
903 if (gIOKitDebug & kIOLogDTree) {
904 IOLog("\nDT plane:\n");
905 IOPrintPlane( gIODTPlane );
906 }
907 if (gIOKitDebug & kIOLogServiceTree) {
908 IOLog("\nService plane:\n");
909 IOPrintPlane( gIOServicePlane );
910 }
911 if (gIOKitDebug & kIOLogMemory) {
912 IOPrintMemory();
913 }
914 }
915
916 #if XNU_TARGET_OS_OSX && defined(__arm64__)
917 // The disk isn't found - have the user pick from System Recovery.
918 (void)IOSetRecoveryBoot(BSD_BOOTFAIL_MEDIA_MISSING, NULL, true);
919 #elif XNU_TARGET_OS_IOS
920 panic("Failed to mount root device");
921 #endif
922 }
923 } while (!service);
924
925 OSSafeReleaseNULL(matching);
926
927 if (service && mediaProperty) {
928 service = (IOService *)service->getProperty(mediaProperty);
929 }
930
931 mjr = 0;
932 mnr = 0;
933
934 // If the IOService we matched to is a subclass of IONetworkInterface,
935 // then make sure it has been registered with BSD and has a BSD name
936 // assigned.
937
938 if (service
939 && service->metaCast( "IONetworkInterface" )
940 && !IORegisterNetworkInterface( service )) {
941 service = NULL;
942 }
943
944 if (service) {
945 len = kMaxPathBuf;
946 service->getPath( str.data(), &len, gIOServicePlane );
947 IOLog("Got boot device = %s\n", str.data());
948
949 iostr = (OSString *) service->getProperty( kIOBSDNameKey );
950 if (iostr) {
951 strlcpy( rootName, iostr->getCStringNoCopy(), rootNameSize );
952 }
953 off = (OSNumber *) service->getProperty( kIOBSDMajorKey );
954 if (off) {
955 mjr = off->unsigned32BitValue();
956 }
957 off = (OSNumber *) service->getProperty( kIOBSDMinorKey );
958 if (off) {
959 mnr = off->unsigned32BitValue();
960 }
961
962 if (service->metaCast( "IONetworkInterface" )) {
963 flags |= 1;
964 }
965 } else {
966 IOLog( "Wait for root failed\n" );
967 strlcpy( rootName, "en0", rootNameSize );
968 flags |= 1;
969 }
970
971 IOLog( "BSD root: %s", rootName );
972 if (mjr) {
973 IOLog(", major %d, minor %d\n", mjr, mnr );
974 } else {
975 IOLog("\n");
976 }
977
978 *root = makedev( mjr, mnr );
979 *oflags = flags;
980
981 iofrootx:
982
983 IOService::setRootMedia(service);
984
985 if ((gIOKitDebug & (kIOLogDTree | kIOLogServiceTree | kIOLogMemory)) && !debugInfoPrintedOnce) {
986 IOService::getPlatform()->waitQuiet();
987 if (gIOKitDebug & kIOLogDTree) {
988 IOLog("\nDT plane:\n");
989 IOPrintPlane( gIODTPlane );
990 }
991 if (gIOKitDebug & kIOLogServiceTree) {
992 IOLog("\nService plane:\n");
993 IOPrintPlane( gIOServicePlane );
994 }
995 if (gIOKitDebug & kIOLogMemory) {
996 IOPrintMemory();
997 }
998 }
999
1000 return kIOReturnSuccess;
1001 }
1002
1003 void
IOSetImageBoot(void)1004 IOSetImageBoot(void)
1005 {
1006 // this will unhide all IOMedia, without waiting for kernelmanagement to start
1007 IOService::setRootMedia(NULL);
1008 }
1009
1010 bool
IORamDiskBSDRoot(void)1011 IORamDiskBSDRoot(void)
1012 {
1013 char rdBootVar[kMaxBootVar];
1014 if (PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
1015 || PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
1016 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
1017 return true;
1018 }
1019 }
1020 return false;
1021 }
1022
1023 void
IOSecureBSDRoot(const char * rootName)1024 IOSecureBSDRoot(const char * rootName)
1025 {
1026 #if CONFIG_SECURE_BSD_ROOT
1027 IOReturn result;
1028 IOPlatformExpert *pe;
1029 OSDictionary *matching;
1030 const OSSymbol *functionName = OSSymbol::withCStringNoCopy("SecureRootName");
1031
1032 matching = IOService::serviceMatching("IOPlatformExpert");
1033 assert(matching);
1034 pe = (IOPlatformExpert *) IOService::waitForMatchingService(matching, 30ULL * kSecondScale);
1035 matching->release();
1036 assert(pe);
1037 // Returns kIOReturnNotPrivileged is the root device is not secure.
1038 // Returns kIOReturnUnsupported if "SecureRootName" is not implemented.
1039 result = pe->callPlatformFunction(functionName, false, (void *)rootName, (void *)NULL, (void *)NULL, (void *)NULL);
1040 functionName->release();
1041 OSSafeReleaseNULL(pe);
1042
1043 if (result == kIOReturnNotPrivileged) {
1044 mdevremoveall();
1045 }
1046
1047 #endif // CONFIG_SECURE_BSD_ROOT
1048 }
1049
1050 void *
IOBSDRegistryEntryForDeviceTree(char * path)1051 IOBSDRegistryEntryForDeviceTree(char * path)
1052 {
1053 return IORegistryEntry::fromPath(path, gIODTPlane);
1054 }
1055
1056 void
IOBSDRegistryEntryRelease(void * entry)1057 IOBSDRegistryEntryRelease(void * entry)
1058 {
1059 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1060
1061 if (regEntry) {
1062 regEntry->release();
1063 }
1064 return;
1065 }
1066
1067 const void *
IOBSDRegistryEntryGetData(void * entry,char * property_name,int * packet_length)1068 IOBSDRegistryEntryGetData(void * entry, char * property_name,
1069 int * packet_length)
1070 {
1071 OSData * data;
1072 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1073
1074 data = (OSData *) regEntry->getProperty(property_name);
1075 if (data) {
1076 *packet_length = data->getLength();
1077 return data->getBytesNoCopy();
1078 }
1079 return NULL;
1080 }
1081
1082 kern_return_t
IOBSDGetPlatformUUID(uuid_t uuid,mach_timespec_t timeout)1083 IOBSDGetPlatformUUID( uuid_t uuid, mach_timespec_t timeout )
1084 {
1085 IOService * resources;
1086 OSString * string;
1087
1088 resources = IOService::waitForService( IOService::resourceMatching( kIOPlatformUUIDKey ), (timeout.tv_sec || timeout.tv_nsec) ? &timeout : NULL );
1089 if (resources == NULL) {
1090 return KERN_OPERATION_TIMED_OUT;
1091 }
1092
1093 string = (OSString *) IOService::getPlatform()->getProvider()->getProperty( kIOPlatformUUIDKey );
1094 if (string == NULL) {
1095 return KERN_NOT_SUPPORTED;
1096 }
1097
1098 uuid_parse( string->getCStringNoCopy(), uuid );
1099
1100 return KERN_SUCCESS;
1101 }
1102 } /* extern "C" */
1103
1104 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1105
1106 #include <sys/conf.h>
1107 #include <sys/lock.h>
1108 #include <sys/vnode.h>
1109 #include <sys/vnode_if.h>
1110 #include <sys/vnode_internal.h>
1111 #include <sys/fcntl.h>
1112 #include <sys/fsctl.h>
1113 #include <sys/mount.h>
1114 #include <IOKit/IOPolledInterface.h>
1115 #include <IOKit/IOBufferMemoryDescriptor.h>
1116
1117 // see HFSIOC_VOLUME_STATUS in APFS/HFS
1118 #define HFS_IOCTL_VOLUME_STATUS _IOR('h', 24, u_int32_t)
1119
1120 LCK_GRP_DECLARE(gIOPolledCoreFileGrp, "polled_corefile");
1121 LCK_MTX_DECLARE(gIOPolledCoreFileMtx, &gIOPolledCoreFileGrp);
1122
1123 IOPolledFileIOVars * gIOPolledCoreFileVars;
1124 kern_return_t gIOPolledCoreFileOpenRet = kIOReturnNotReady;
1125 IOPolledCoreFileMode_t gIOPolledCoreFileMode = kIOPolledCoreFileModeNotInitialized;
1126
1127 #if IOPOLLED_COREFILE
1128
1129 #if defined(XNU_TARGET_OS_BRIDGE)
1130 // On bridgeOS allocate a 150MB corefile and leave 150MB free
1131 #define kIOCoreDumpSize 150ULL*1024ULL*1024ULL
1132 #define kIOCoreDumpFreeSize 150ULL*1024ULL*1024ULL
1133
1134 #elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */
1135 // On embedded devices with >3GB DRAM we allocate a 500MB corefile
1136 // otherwise allocate a 350MB corefile. Leave 350 MB free
1137
1138 #define kIOCoreDumpMinSize 350ULL*1024ULL*1024ULL
1139 #define kIOCoreDumpLargeSize 500ULL*1024ULL*1024ULL
1140
1141 #define kIOCoreDumpFreeSize 350ULL*1024ULL*1024ULL
1142
1143 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1144 // on macOS devices allocate a corefile sized at 1GB / 32GB of DRAM,
1145 // fallback to a 1GB corefile and leave at least 1GB free
1146 #define kIOCoreDumpMinSize 1024ULL*1024ULL*1024ULL
1147 #define kIOCoreDumpIncrementalSize 1024ULL*1024ULL*1024ULL
1148
1149 #define kIOCoreDumpFreeSize 1024ULL*1024ULL*1024ULL
1150
1151 // on older macOS devices we allocate a 1MB file at boot
1152 // to store a panic time stackshot
1153 #define kIOStackshotFileSize 1024ULL*1024ULL
1154
1155 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1156
1157 static IOPolledCoreFileMode_t
GetCoreFileMode()1158 GetCoreFileMode()
1159 {
1160 if (on_device_corefile_enabled()) {
1161 return kIOPolledCoreFileModeCoredump;
1162 } else if (panic_stackshot_to_disk_enabled()) {
1163 return kIOPolledCoreFileModeStackshot;
1164 } else {
1165 return kIOPolledCoreFileModeDisabled;
1166 }
1167 }
1168
1169 static void
IOCoreFileGetSize(uint64_t * ideal_size,uint64_t * fallback_size,uint64_t * free_space_to_leave,IOPolledCoreFileMode_t mode)1170 IOCoreFileGetSize(uint64_t *ideal_size, uint64_t *fallback_size, uint64_t *free_space_to_leave, IOPolledCoreFileMode_t mode)
1171 {
1172 unsigned int requested_corefile_size = 0;
1173
1174 *ideal_size = *fallback_size = *free_space_to_leave = 0;
1175
1176 // If a custom size was requested, override the ideal and requested sizes
1177 if (PE_parse_boot_argn("corefile_size_mb", &requested_corefile_size,
1178 sizeof(requested_corefile_size))) {
1179 IOLog("Boot-args specify %d MB kernel corefile\n", requested_corefile_size);
1180
1181 *ideal_size = *fallback_size = (requested_corefile_size * 1024ULL * 1024ULL);
1182 return;
1183 }
1184
1185 unsigned int status_flags = 0;
1186 int error = VNOP_IOCTL(rootvnode, HFS_IOCTL_VOLUME_STATUS, (caddr_t)&status_flags, 0,
1187 vfs_context_kernel());
1188 if (!error) {
1189 if (status_flags & (VQ_VERYLOWDISK | VQ_LOWDISK | VQ_NEARLOWDISK)) {
1190 IOLog("Volume is low on space. Not allocating kernel corefile.\n");
1191 return;
1192 }
1193 } else {
1194 IOLog("Couldn't retrieve volume status. Error %d\n", error);
1195 }
1196
1197 #if defined(XNU_TARGET_OS_BRIDGE)
1198 #pragma unused(mode)
1199 *ideal_size = *fallback_size = kIOCoreDumpSize;
1200 *free_space_to_leave = kIOCoreDumpFreeSize;
1201 #elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */
1202 #pragma unused(mode)
1203 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1204
1205 if (max_mem > (3 * 1024ULL * 1024ULL * 1024ULL)) {
1206 *ideal_size = kIOCoreDumpLargeSize;
1207 }
1208
1209 *free_space_to_leave = kIOCoreDumpFreeSize;
1210 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1211 if (mode == kIOPolledCoreFileModeCoredump) {
1212 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1213 if (kIOCoreDumpIncrementalSize != 0 && max_mem > (32 * 1024ULL * 1024ULL * 1024ULL)) {
1214 *ideal_size = ((ROUNDUP(max_mem, (32 * 1024ULL * 1024ULL * 1024ULL)) / (32 * 1024ULL * 1024ULL * 1024ULL)) * kIOCoreDumpIncrementalSize);
1215 }
1216 *free_space_to_leave = kIOCoreDumpFreeSize;
1217 } else if (mode == kIOPolledCoreFileModeStackshot) {
1218 *ideal_size = *fallback_size = *free_space_to_leave = kIOStackshotFileSize;
1219 }
1220 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1221
1222 return;
1223 }
1224
1225 static IOReturn
IOAccessCoreFileData(void * context,boolean_t write,uint64_t offset,int length,void * buffer)1226 IOAccessCoreFileData(void *context, boolean_t write, uint64_t offset, int length, void *buffer)
1227 {
1228 errno_t vnode_error = 0;
1229 vfs_context_t vfs_context;
1230 vnode_t vnode_ptr = (vnode_t) context;
1231
1232 vfs_context = vfs_context_kernel();
1233 vnode_error = vn_rdwr(write ? UIO_WRITE : UIO_READ, vnode_ptr, (caddr_t)buffer, length, offset,
1234 UIO_SYSSPACE, IO_SWAP_DISPATCH | IO_SYNC | IO_NOCACHE | IO_UNIT, vfs_context_ucred(vfs_context), NULL, vfs_context_proc(vfs_context));
1235
1236 if (vnode_error) {
1237 IOLog("Failed to %s the corefile. Error %d\n", write ? "write to" : "read from", vnode_error);
1238 return kIOReturnError;
1239 }
1240
1241 return kIOReturnSuccess;
1242 }
1243
1244 static void
IOOpenPolledCoreFile(thread_call_param_t __unused,thread_call_param_t corefilename)1245 IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename)
1246 {
1247 assert(corefilename != NULL);
1248
1249 IOReturn err;
1250 char *filename = (char *) corefilename;
1251 uint64_t corefile_size_bytes = 0, corefile_fallback_size_bytes = 0, free_space_to_leave_bytes = 0;
1252 IOPolledCoreFileMode_t mode_to_init = GetCoreFileMode();
1253
1254 if (gIOPolledCoreFileVars) {
1255 return;
1256 }
1257 if (!IOPolledInterface::gMetaClass.getInstanceCount()) {
1258 return;
1259 }
1260
1261 if (gIOPolledCoreFileMode == kIOPolledCoreFileModeUnlinked) {
1262 return;
1263 }
1264
1265 if (mode_to_init == kIOPolledCoreFileModeDisabled) {
1266 gIOPolledCoreFileMode = kIOPolledCoreFileModeDisabled;
1267 return;
1268 }
1269
1270 // We'll overwrite this once we open the file, we update this to mark that we have made
1271 // it past initialization
1272 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1273
1274 IOCoreFileGetSize(&corefile_size_bytes, &corefile_fallback_size_bytes, &free_space_to_leave_bytes, mode_to_init);
1275
1276 if (corefile_size_bytes == 0 && corefile_fallback_size_bytes == 0) {
1277 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1278 return;
1279 }
1280
1281 do {
1282 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_size_bytes, free_space_to_leave_bytes,
1283 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1284 if (kIOReturnSuccess == err) {
1285 break;
1286 } else if (kIOReturnNoSpace == err) {
1287 IOLog("Failed to open corefile of size %llu MB (low disk space)",
1288 (corefile_size_bytes / (1024ULL * 1024ULL)));
1289 if (corefile_size_bytes == corefile_fallback_size_bytes) {
1290 gIOPolledCoreFileOpenRet = err;
1291 return;
1292 }
1293 } else {
1294 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1295 (corefile_size_bytes / (1024ULL * 1024ULL)), err);
1296 gIOPolledCoreFileOpenRet = err;
1297 return;
1298 }
1299
1300 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_fallback_size_bytes, free_space_to_leave_bytes,
1301 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1302 if (kIOReturnSuccess != err) {
1303 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1304 (corefile_fallback_size_bytes / (1024ULL * 1024ULL)), err);
1305 gIOPolledCoreFileOpenRet = err;
1306 return;
1307 }
1308 } while (false);
1309
1310 gIOPolledCoreFileOpenRet = IOPolledFilePollersSetup(gIOPolledCoreFileVars, kIOPolledPreflightCoreDumpState);
1311 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1312 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1313 IOLog("IOPolledFilePollersSetup for corefile failed with error: 0x%x\n", err);
1314 } else {
1315 IOLog("Opened corefile of size %llu MB\n", (corefile_size_bytes / (1024ULL * 1024ULL)));
1316 gIOPolledCoreFileMode = mode_to_init;
1317 }
1318
1319 // Provide the "polled file available" callback with a temporary way to read from the file
1320 (void) IOProvideCoreFileAccess(kdp_core_polled_io_polled_file_available, NULL);
1321
1322 return;
1323 }
1324
1325 kern_return_t
IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient,void * recipient_context)1326 IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context)
1327 {
1328 kern_return_t error = kIOReturnSuccess;
1329 errno_t vnode_error = 0;
1330 vfs_context_t vfs_context;
1331 vnode_t vnode_ptr;
1332
1333 if (!recipient) {
1334 return kIOReturnBadArgument;
1335 }
1336
1337 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1338 return kIOReturnNotReady;
1339 }
1340
1341 // Open the kernel corefile
1342 vfs_context = vfs_context_kernel();
1343 vnode_error = vnode_open(kIOCoreDumpPath, (FREAD | FWRITE | O_NOFOLLOW), 0600, 0, &vnode_ptr, vfs_context);
1344 if (vnode_error) {
1345 IOLog("Failed to open the corefile. Error %d\n", vnode_error);
1346 return kIOReturnError;
1347 }
1348
1349 // Call the recipient function
1350 error = recipient(IOAccessCoreFileData, (void *)vnode_ptr, recipient_context);
1351
1352 // Close the kernel corefile
1353 vnode_close(vnode_ptr, FREAD | FWRITE, vfs_context);
1354
1355 return error;
1356 }
1357
1358 static void
IOClosePolledCoreFile(void)1359 IOClosePolledCoreFile(void)
1360 {
1361 // Notify kdp core that the corefile is no longer available
1362 (void) kdp_core_polled_io_polled_file_unavailable();
1363
1364 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1365 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1366 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1367 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1368 }
1369
1370 static void
IOUnlinkPolledCoreFile(void)1371 IOUnlinkPolledCoreFile(void)
1372 {
1373 // Notify kdp core that the corefile is no longer available
1374 (void) kdp_core_polled_io_polled_file_unavailable();
1375
1376 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1377 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1378 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1379 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, true);
1380 }
1381
1382 #endif /* IOPOLLED_COREFILE */
1383
1384 extern "C" void
IOBSDMountChange(struct mount * mp,uint32_t op)1385 IOBSDMountChange(struct mount * mp, uint32_t op)
1386 {
1387 #if IOPOLLED_COREFILE
1388 uint64_t flags;
1389 char path[128];
1390 int pathLen;
1391 vnode_t vn;
1392 int result;
1393
1394 lck_mtx_lock(&gIOPolledCoreFileMtx);
1395
1396 switch (op) {
1397 case kIOMountChangeMount:
1398 case kIOMountChangeDidResize:
1399
1400 if (gIOPolledCoreFileVars) {
1401 break;
1402 }
1403 flags = vfs_flags(mp);
1404 if (MNT_RDONLY & flags) {
1405 break;
1406 }
1407 if (!(MNT_LOCAL & flags)) {
1408 break;
1409 }
1410
1411 vn = vfs_vnodecovered(mp);
1412 if (!vn) {
1413 break;
1414 }
1415 pathLen = sizeof(path);
1416 result = vn_getpath(vn, &path[0], &pathLen);
1417 vnode_put(vn);
1418 if (0 != result) {
1419 break;
1420 }
1421 if (!pathLen) {
1422 break;
1423 }
1424 #if defined(XNU_TARGET_OS_BRIDGE)
1425 // on bridgeOS systems we put the core in /private/var/internal. We don't
1426 // want to match with /private/var because /private/var/internal is often mounted
1427 // over /private/var
1428 if ((pathLen - 1) < (int) strlen("/private/var/internal")) {
1429 break;
1430 }
1431 #endif
1432 if (0 != strncmp(path, kIOCoreDumpPath, pathLen - 1)) {
1433 break;
1434 }
1435
1436 thread_call_enter1(corefile_open_call, (void *) kIOCoreDumpPath);
1437 break;
1438
1439 case kIOMountChangeUnmount:
1440 case kIOMountChangeWillResize:
1441 if (gIOPolledCoreFileVars && (mp == kern_file_mount(gIOPolledCoreFileVars->fileRef))) {
1442 thread_call_cancel_wait(corefile_open_call);
1443 IOClosePolledCoreFile();
1444 }
1445 break;
1446 }
1447
1448 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1449 #endif /* IOPOLLED_COREFILE */
1450 }
1451
1452 extern "C" void
IOBSDLowSpaceUnlinkKernelCore(void)1453 IOBSDLowSpaceUnlinkKernelCore(void)
1454 {
1455 #if IOPOLLED_COREFILE
1456 lck_mtx_lock(&gIOPolledCoreFileMtx);
1457 if (gIOPolledCoreFileVars) {
1458 thread_call_cancel_wait(corefile_open_call);
1459 IOUnlinkPolledCoreFile();
1460 }
1461 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1462 #endif
1463 }
1464
1465 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1466
1467 static char*
copyOSStringAsCString(OSString * string)1468 copyOSStringAsCString(OSString *string)
1469 {
1470 size_t string_length = 0;
1471 char *c_string = NULL;
1472
1473 if (string == NULL) {
1474 return NULL;
1475 }
1476 string_length = string->getLength() + 1;
1477
1478 /* Allocate kernel data memory for the string */
1479 c_string = (char*)kalloc_data(string_length, (zalloc_flags_t)(Z_ZERO | Z_WAITOK | Z_NOFAIL));
1480 assert(c_string != NULL);
1481
1482 /* Copy in the string */
1483 strlcpy(c_string, string->getCStringNoCopy(), string_length);
1484
1485 return c_string;
1486 }
1487
1488 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasStringEntitlement(const char * entitlement,const char * value)1489 IOCurrentTaskHasStringEntitlement(const char *entitlement, const char *value)
1490 {
1491 return IOTaskHasStringEntitlement(NULL, entitlement, value);
1492 }
1493
1494 extern "C" boolean_t
IOTaskHasStringEntitlement(task_t task,const char * entitlement,const char * value)1495 IOTaskHasStringEntitlement(task_t task, const char *entitlement, const char *value)
1496 {
1497 if (task == NULL) {
1498 task = current_task();
1499 }
1500
1501 /* Validate input arguments */
1502 if (task == kernel_task || entitlement == NULL || value == NULL) {
1503 return false;
1504 }
1505 proc_t proc = (proc_t)get_bsdtask_info(task);
1506
1507 kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc(
1508 proc,
1509 entitlement,
1510 value);
1511
1512 if (ret == KERN_SUCCESS) {
1513 return true;
1514 }
1515
1516 return false;
1517 }
1518
1519 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasEntitlement(const char * entitlement)1520 IOCurrentTaskHasEntitlement(const char *entitlement)
1521 {
1522 return IOTaskHasEntitlement(NULL, entitlement);
1523 }
1524
1525 extern "C" boolean_t
IOTaskHasEntitlement(task_t task,const char * entitlement)1526 IOTaskHasEntitlement(task_t task, const char *entitlement)
1527 {
1528 if (task == NULL) {
1529 task = current_task();
1530 }
1531
1532 /* Validate input arguments */
1533 if (task == kernel_task || entitlement == NULL) {
1534 return false;
1535 }
1536 proc_t proc = (proc_t)get_bsdtask_info(task);
1537
1538 kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
1539 proc,
1540 entitlement);
1541
1542 if (ret == KERN_SUCCESS) {
1543 return true;
1544 }
1545
1546 return false;
1547 }
1548
1549 extern "C" OS_ALWAYS_INLINE char*
IOCurrentTaskGetEntitlement(const char * entitlement)1550 IOCurrentTaskGetEntitlement(const char *entitlement)
1551 {
1552 return IOTaskGetEntitlement(NULL, entitlement);
1553 }
1554
1555 extern "C" char*
IOTaskGetEntitlement(task_t task,const char * entitlement)1556 IOTaskGetEntitlement(task_t task, const char *entitlement)
1557 {
1558 void *entitlement_object = NULL;
1559 char *return_value = NULL;
1560
1561 if (task == NULL) {
1562 task = current_task();
1563 }
1564
1565 /* Validate input arguments */
1566 if (task == kernel_task || entitlement == NULL) {
1567 return NULL;
1568 }
1569 proc_t proc = (proc_t)get_bsdtask_info(task);
1570
1571 kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
1572 proc,
1573 entitlement,
1574 &entitlement_object);
1575
1576 if (ret != KERN_SUCCESS) {
1577 return NULL;
1578 }
1579 assert(entitlement_object != NULL);
1580
1581 OSObject *os_object = (OSObject*)entitlement_object;
1582 OSString *os_string = OSDynamicCast(OSString, os_object);
1583
1584 /* Get a C string version of the OSString */
1585 return_value = copyOSStringAsCString(os_string);
1586
1587 /* Free the OSObject which was given to us */
1588 OSSafeReleaseNULL(os_object);
1589
1590 return return_value;
1591 }
1592
1593 extern "C" boolean_t
IOVnodeHasEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1594 IOVnodeHasEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1595 {
1596 OSObject * obj;
1597 off_t offset = (off_t)off;
1598
1599 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1600 if (!obj) {
1601 return false;
1602 }
1603 obj->release();
1604 return obj != kOSBooleanFalse;
1605 }
1606
1607 extern "C" char *
IOVnodeGetEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1608 IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1609 {
1610 OSObject *obj = NULL;
1611 OSString *str = NULL;
1612 size_t len;
1613 char *value = NULL;
1614 off_t offset = (off_t)off;
1615
1616 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1617 if (obj != NULL) {
1618 str = OSDynamicCast(OSString, obj);
1619 if (str != NULL) {
1620 len = str->getLength() + 1;
1621 value = (char *)kalloc_data(len, Z_WAITOK);
1622 strlcpy(value, str->getCStringNoCopy(), len);
1623 }
1624 obj->release();
1625 }
1626 return value;
1627 }
1628