1 /*
2 * Copyright (c) 1998-2021 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <IOKit/IOBSD.h>
29 #include <IOKit/IOLib.h>
30 #include <IOKit/IOService.h>
31 #include <IOKit/IOCatalogue.h>
32 #include <IOKit/IODeviceTreeSupport.h>
33 #include <IOKit/IOKitKeys.h>
34 #include <IOKit/IONVRAM.h>
35 #include <IOKit/IOPlatformExpert.h>
36 #include <IOKit/IOUserClient.h>
37 #include <libkern/c++/OSAllocation.h>
38
39 extern "C" {
40 #include <libkern/amfi/amfi.h>
41 #include <sys/codesign.h>
42 #include <sys/code_signing.h>
43 #include <vm/pmap.h>
44 #include <vm/vm_map.h>
45 #include <pexpert/pexpert.h>
46 #include <kern/clock.h>
47 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
48 #include <kern/debug.h>
49 #endif
50 #include <mach/machine.h>
51 #include <uuid/uuid.h>
52 #include <sys/vnode_internal.h>
53 #include <sys/mount.h>
54 #include <corecrypto/ccsha2.h>
55 #include <kdp/sk_core.h>
56 #include <pexpert/device_tree.h>
57 #include <kern/startup.h>
58
59 // how long to wait for matching root device, secs
60 #if DEBUG
61 #define ROOTDEVICETIMEOUT 120
62 #else
63 #define ROOTDEVICETIMEOUT 60
64 #endif
65
66 extern dev_t mdevadd(int devid, uint64_t base, unsigned int size, int phys);
67 extern dev_t mdevlookup(int devid);
68 extern void mdevremoveall(void);
69 extern int mdevgetrange(int devid, uint64_t *base, uint64_t *size);
70 extern void di_root_ramfile(IORegistryEntry * entry);
71 extern int IODTGetDefault(const char *key, void *infoAddr, unsigned int infoSize);
72 extern boolean_t cpuid_vmm_present(void);
73
74 #define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1)))
75
76 #define IOPOLLED_COREFILE (CONFIG_KDP_INTERACTIVE_DEBUGGING)
77
78 #if defined(XNU_TARGET_OS_BRIDGE)
79 #define kIOCoreDumpPath "/private/var/internal/kernelcore"
80 #elif defined(XNU_TARGET_OS_OSX)
81 #define kIOCoreDumpPath "/System/Volumes/VM/kernelcore"
82 #else
83 #define kIOCoreDumpPath "/private/var/vm/kernelcore"
84 #endif
85
86 #define kIOCoreDumpPrebootPath "/private/preboot/kernelcore"
87
88 #define SYSTEM_NVRAM_PREFIX "40A0DDD2-77F8-4392-B4A3-1E7304206516:"
89
90 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
91 /*
92 * Touched by IOFindBSDRoot() if a RAMDisk is used for the root device.
93 */
94 extern uint64_t kdp_core_ramdisk_addr;
95 extern uint64_t kdp_core_ramdisk_size;
96
97 /*
98 * A callback to indicate that the polled-mode corefile is now available.
99 */
100 extern kern_return_t kdp_core_polled_io_polled_file_available(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context);
101
102 /*
103 * A callback to indicate that the polled-mode corefile is no longer available.
104 */
105 extern kern_return_t kdp_core_polled_io_polled_file_unavailable(void);
106 #endif
107
108 #if IOPOLLED_COREFILE
109 static void IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename);
110 static void IOResolveCoreFilePath();
111
112 thread_call_t corefile_open_call = NULL;
113 SECURITY_READ_ONLY_LATE(const char*) kdp_corefile_path = kIOCoreDumpPath;
114 #endif
115
116 kern_return_t
IOKitBSDInit(void)117 IOKitBSDInit( void )
118 {
119 IOService::publishResource("IOBSD");
120
121 #if IOPOLLED_COREFILE
122 corefile_open_call = thread_call_allocate_with_options(IOOpenPolledCoreFile, NULL, THREAD_CALL_PRIORITY_KERNEL, THREAD_CALL_OPTIONS_ONCE);
123 #endif
124
125 return kIOReturnSuccess;
126 }
127
128 void
IOServicePublishResource(const char * property,boolean_t value)129 IOServicePublishResource( const char * property, boolean_t value )
130 {
131 if (value) {
132 IOService::publishResource( property, kOSBooleanTrue );
133 } else {
134 IOService::getResourceService()->removeProperty( property );
135 }
136 }
137
138 boolean_t
IOServiceWaitForMatchingResource(const char * property,uint64_t timeout)139 IOServiceWaitForMatchingResource( const char * property, uint64_t timeout )
140 {
141 OSDictionary * dict = NULL;
142 IOService * match = NULL;
143 boolean_t found = false;
144
145 do {
146 dict = IOService::resourceMatching( property );
147 if (!dict) {
148 continue;
149 }
150 match = IOService::waitForMatchingService( dict, timeout );
151 if (match) {
152 found = true;
153 }
154 } while (false);
155
156 if (dict) {
157 dict->release();
158 }
159 if (match) {
160 match->release();
161 }
162
163 return found;
164 }
165
166 boolean_t
IOCatalogueMatchingDriversPresent(const char * property)167 IOCatalogueMatchingDriversPresent( const char * property )
168 {
169 OSDictionary * dict = NULL;
170 OSOrderedSet * set = NULL;
171 SInt32 generationCount = 0;
172 boolean_t found = false;
173
174 do {
175 dict = OSDictionary::withCapacity(1);
176 if (!dict) {
177 continue;
178 }
179 dict->setObject( property, kOSBooleanTrue );
180 set = gIOCatalogue->findDrivers( dict, &generationCount );
181 if (set && (set->getCount() > 0)) {
182 found = true;
183 }
184 } while (false);
185
186 if (dict) {
187 dict->release();
188 }
189 if (set) {
190 set->release();
191 }
192
193 return found;
194 }
195
196 OSDictionary *
IOBSDNameMatching(const char * name)197 IOBSDNameMatching( const char * name )
198 {
199 OSDictionary * dict;
200 const OSSymbol * str = NULL;
201
202 do {
203 dict = IOService::serviceMatching( gIOServiceKey );
204 if (!dict) {
205 continue;
206 }
207 str = OSSymbol::withCString( name );
208 if (!str) {
209 continue;
210 }
211 dict->setObject( kIOBSDNameKey, (OSObject *) str );
212 str->release();
213
214 return dict;
215 } while (false);
216
217 if (dict) {
218 dict->release();
219 }
220 if (str) {
221 str->release();
222 }
223
224 return NULL;
225 }
226
227 OSDictionary *
IOUUIDMatching(void)228 IOUUIDMatching( void )
229 {
230 OSObject * obj;
231 OSDictionary * result;
232
233 obj = OSUnserialize(
234 "{"
235 "'IOProviderClass' = 'IOResources';"
236 "'IOResourceMatch' = ('IOBSD', 'boot-uuid-media');"
237 "}",
238 NULL);
239 result = OSDynamicCast(OSDictionary, obj);
240 assert(result);
241
242 return result;
243 }
244
245 OSDictionary *
IONetworkNamePrefixMatching(const char * prefix)246 IONetworkNamePrefixMatching( const char * prefix )
247 {
248 OSDictionary * matching;
249 OSDictionary * propDict = NULL;
250 const OSSymbol * str = NULL;
251 char networkType[128];
252
253 do {
254 matching = IOService::serviceMatching( "IONetworkInterface" );
255 if (matching == NULL) {
256 continue;
257 }
258
259 propDict = OSDictionary::withCapacity(1);
260 if (propDict == NULL) {
261 continue;
262 }
263
264 str = OSSymbol::withCString( prefix );
265 if (str == NULL) {
266 continue;
267 }
268
269 propDict->setObject( "IOInterfaceNamePrefix", (OSObject *) str );
270 str->release();
271 str = NULL;
272
273 // see if we're contrained to netroot off of specific network type
274 if (PE_parse_boot_argn( "network-type", networkType, 128 )) {
275 str = OSSymbol::withCString( networkType );
276 if (str) {
277 propDict->setObject( "IONetworkRootType", str);
278 str->release();
279 str = NULL;
280 }
281 }
282
283 if (matching->setObject( gIOPropertyMatchKey,
284 (OSObject *) propDict ) != true) {
285 continue;
286 }
287
288 propDict->release();
289 propDict = NULL;
290
291 return matching;
292 } while (false);
293
294 if (matching) {
295 matching->release();
296 }
297 if (propDict) {
298 propDict->release();
299 }
300 if (str) {
301 str->release();
302 }
303
304 return NULL;
305 }
306
307 static bool
IORegisterNetworkInterface(IOService * netif)308 IORegisterNetworkInterface( IOService * netif )
309 {
310 // A network interface is typically named and registered
311 // with BSD after receiving a request from a user space
312 // "namer". However, for cases when the system needs to
313 // root from the network, this registration task must be
314 // done inside the kernel and completed before the root
315 // device is handed to BSD.
316
317 IOService * stack;
318 OSNumber * zero = NULL;
319 OSString * path = NULL;
320 OSDictionary * dict = NULL;
321 OSDataAllocation<char> pathBuf;
322 int len;
323 enum { kMaxPathLen = 512 };
324
325 do {
326 stack = IOService::waitForService(
327 IOService::serviceMatching("IONetworkStack"));
328 if (stack == NULL) {
329 break;
330 }
331
332 dict = OSDictionary::withCapacity(3);
333 if (dict == NULL) {
334 break;
335 }
336
337 zero = OSNumber::withNumber((UInt64) 0, 32);
338 if (zero == NULL) {
339 break;
340 }
341
342 pathBuf = OSDataAllocation<char>( kMaxPathLen, OSAllocateMemory );
343 if (!pathBuf) {
344 break;
345 }
346
347 len = kMaxPathLen;
348 if (netif->getPath( pathBuf.data(), &len, gIOServicePlane )
349 == false) {
350 break;
351 }
352
353 path = OSString::withCStringNoCopy(pathBuf.data());
354 if (path == NULL) {
355 break;
356 }
357
358 dict->setObject( "IOInterfaceUnit", zero );
359 dict->setObject( kIOPathMatchKey, path );
360
361 stack->setProperties( dict );
362 }while (false);
363
364 if (zero) {
365 zero->release();
366 }
367 if (path) {
368 path->release();
369 }
370 if (dict) {
371 dict->release();
372 }
373
374 return netif->getProperty( kIOBSDNameKey ) != NULL;
375 }
376
377 OSDictionary *
IOOFPathMatching(const char * path,char * buf,int maxLen)378 IOOFPathMatching( const char * path, char * buf, int maxLen )
379 {
380 OSDictionary * matching = NULL;
381 OSString * str;
382 char * comp;
383 int len;
384
385 do {
386 len = ((int) strlen( kIODeviceTreePlane ":" ));
387 maxLen -= len;
388 if (maxLen <= 0) {
389 continue;
390 }
391
392 strlcpy( buf, kIODeviceTreePlane ":", len + 1 );
393 comp = buf + len;
394
395 len = ((int) strnlen( path, INT_MAX ));
396 maxLen -= len;
397 if (maxLen <= 0) {
398 continue;
399 }
400 strlcpy( comp, path, len + 1 );
401
402 matching = OSDictionary::withCapacity( 1 );
403 if (!matching) {
404 continue;
405 }
406
407 str = OSString::withCString( buf );
408 if (!str) {
409 continue;
410 }
411 matching->setObject( kIOPathMatchKey, str );
412 str->release();
413
414 return matching;
415 } while (false);
416
417 if (matching) {
418 matching->release();
419 }
420
421 return NULL;
422 }
423
424 static int didRam = 0;
425 enum { kMaxPathBuf = 512, kMaxBootVar = 128 };
426
427 bool
IOGetBootUUID(char * uuid)428 IOGetBootUUID(char *uuid)
429 {
430 IORegistryEntry *entry;
431 OSData *uuid_data = NULL;
432 bool result = false;
433
434 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
435 uuid_data = (OSData *)entry->getProperty("boot-uuid");
436 if (uuid_data) {
437 unsigned int length = uuid_data->getLength();
438 if (length <= sizeof(uuid_string_t)) {
439 /* ensure caller's buffer is fully initialized: */
440 bzero(uuid, sizeof(uuid_string_t));
441 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
442 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
443 /* guarantee nul-termination: */
444 uuid[sizeof(uuid_string_t) - 1] = '\0';
445 result = true;
446 } else {
447 uuid = NULL;
448 }
449 }
450 OSSafeReleaseNULL(entry);
451 }
452 return result;
453 }
454
455 bool
IOGetApfsPrebootUUID(char * uuid)456 IOGetApfsPrebootUUID(char *uuid)
457 {
458 IORegistryEntry *entry;
459 OSData *uuid_data = NULL;
460 bool result = false;
461
462 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
463 uuid_data = (OSData *)entry->getProperty("apfs-preboot-uuid");
464
465 if (uuid_data) {
466 unsigned int length = uuid_data->getLength();
467 if (length <= sizeof(uuid_string_t)) {
468 /* ensure caller's buffer is fully initialized: */
469 bzero(uuid, sizeof(uuid_string_t));
470 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
471 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
472 /* guarantee nul-termination: */
473 uuid[sizeof(uuid_string_t) - 1] = '\0';
474 result = true;
475 } else {
476 uuid = NULL;
477 }
478 }
479 OSSafeReleaseNULL(entry);
480 }
481 return result;
482 }
483
484 bool
IOGetAssociatedApfsVolgroupUUID(char * uuid)485 IOGetAssociatedApfsVolgroupUUID(char *uuid)
486 {
487 IORegistryEntry *entry;
488 OSData *uuid_data = NULL;
489 bool result = false;
490
491 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
492 uuid_data = (OSData *)entry->getProperty("associated-volume-group");
493
494 if (uuid_data) {
495 unsigned int length = uuid_data->getLength();
496
497 if (length <= sizeof(uuid_string_t)) {
498 /* ensure caller's buffer is fully initialized: */
499 bzero(uuid, sizeof(uuid_string_t));
500 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
501 memcpy(uuid, uuid_data->getBytesNoCopy(), length);
502 /* guarantee nul-termination: */
503 uuid[sizeof(uuid_string_t) - 1] = '\0';
504 result = true;
505 } else {
506 uuid = NULL;
507 }
508 }
509 OSSafeReleaseNULL(entry);
510 }
511 return result;
512 }
513
514 bool
IOGetBootObjectsPath(char * path_prefix)515 IOGetBootObjectsPath(char *path_prefix)
516 {
517 IORegistryEntry *entry;
518 OSData *path_prefix_data = NULL;
519 bool result = false;
520
521 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
522 path_prefix_data = (OSData *)entry->getProperty("boot-objects-path");
523
524 if (path_prefix_data) {
525 unsigned int length = path_prefix_data->getLength();
526
527 if (length <= MAXPATHLEN) {
528 /* ensure caller's buffer is fully initialized: */
529 bzero(path_prefix, MAXPATHLEN);
530 /* copy the content of path_prefix_data->getBytesNoCopy() into path_prefix */
531 memcpy(path_prefix, path_prefix_data->getBytesNoCopy(), length);
532 /* guarantee nul-termination: */
533 path_prefix[MAXPATHLEN - 1] = '\0';
534 result = true;
535 } else {
536 path_prefix = NULL;
537 }
538 }
539 OSSafeReleaseNULL(entry);
540 }
541 return result;
542 }
543
544
545 bool
IOGetBootManifestHash(char * hash_data,size_t * hash_data_size)546 IOGetBootManifestHash(char *hash_data, size_t *hash_data_size)
547 {
548 IORegistryEntry *entry = NULL;
549 OSData *manifest_hash_data = NULL;
550 bool result = false;
551
552 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) {
553 manifest_hash_data = (OSData *)entry->getProperty("boot-manifest-hash");
554 if (manifest_hash_data) {
555 unsigned int length = manifest_hash_data->getLength();
556 /* hashed with SHA2-384 or SHA1, the boot manifest hash should be 48 Bytes or less */
557 if ((length <= CCSHA384_OUTPUT_SIZE) && (*hash_data_size >= CCSHA384_OUTPUT_SIZE)) {
558 /* ensure caller's buffer is fully initialized: */
559 bzero(hash_data, CCSHA384_OUTPUT_SIZE);
560 /* copy the content of manifest_hash_data->getBytesNoCopy() into hash_data */
561 memcpy(hash_data, manifest_hash_data->getBytesNoCopy(), length);
562 *hash_data_size = length;
563 result = true;
564 } else {
565 hash_data = NULL;
566 *hash_data_size = 0;
567 }
568 }
569 OSSafeReleaseNULL(entry);
570 }
571
572 return result;
573 }
574
575 /*
576 * Set NVRAM to boot into the right flavor of Recovery,
577 * optionally passing a UUID of a volume that failed to boot.
578 * If `reboot` is true, reboot immediately.
579 *
580 * Returns true if `mode` was understood, false otherwise.
581 * (Does not return if `reboot` is true.)
582 */
583 boolean_t
IOSetRecoveryBoot(bsd_bootfail_mode_t mode,uuid_t volume_uuid,boolean_t reboot)584 IOSetRecoveryBoot(bsd_bootfail_mode_t mode, uuid_t volume_uuid, boolean_t reboot)
585 {
586 IODTNVRAM *nvram = NULL;
587 const OSSymbol *boot_command_sym = NULL;
588 OSString *boot_command_recover = NULL;
589
590 if (mode == BSD_BOOTFAIL_SEAL_BROKEN) {
591 const char *boot_mode = "ssv-seal-broken";
592 uuid_string_t volume_uuid_str;
593
594 // Set `recovery-broken-seal-uuid = <volume_uuid>`.
595 if (volume_uuid) {
596 uuid_unparse_upper(volume_uuid, volume_uuid_str);
597
598 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-broken-seal-uuid",
599 volume_uuid_str, sizeof(uuid_string_t))) {
600 IOLog("Failed to write recovery-broken-seal-uuid to NVRAM.\n");
601 }
602 }
603
604 // Set `recovery-boot-mode = ssv-seal-broken`.
605 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-boot-mode", boot_mode,
606 (const unsigned int) strlen(boot_mode))) {
607 IOLog("Failed to write recovery-boot-mode to NVRAM.\n");
608 }
609 } else if (mode == BSD_BOOTFAIL_MEDIA_MISSING) {
610 const char *boot_picker_reason = "missing-boot-media";
611
612 // Set `boot-picker-bringup-reason = missing-boot-media`.
613 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "boot-picker-bringup-reason",
614 boot_picker_reason, (const unsigned int) strlen(boot_picker_reason))) {
615 IOLog("Failed to write boot-picker-bringup-reason to NVRAM.\n");
616 }
617
618 // Set `boot-command = recover-system`.
619
620 // Construct an OSSymbol and an OSString to be the (key, value) pair
621 // we write to NVRAM. Unfortunately, since our value must be an OSString
622 // instead of an OSData, we cannot use PEWriteNVRAMProperty() here.
623 boot_command_sym = OSSymbol::withCStringNoCopy(SYSTEM_NVRAM_PREFIX "boot-command");
624 boot_command_recover = OSString::withCStringNoCopy("recover-system");
625 if (boot_command_sym == NULL || boot_command_recover == NULL) {
626 IOLog("Failed to create boot-command strings.\n");
627 goto do_reboot;
628 }
629
630 // Wait for NVRAM to be readable...
631 nvram = OSDynamicCast(IODTNVRAM, IOService::waitForService(
632 IOService::serviceMatching("IODTNVRAM")));
633 if (nvram == NULL) {
634 IOLog("Failed to acquire IODTNVRAM object.\n");
635 goto do_reboot;
636 }
637
638 // Wait for NVRAM to be writable...
639 if (!IOServiceWaitForMatchingResource("IONVRAM", UINT64_MAX)) {
640 IOLog("Failed to wait for IONVRAM service.\n");
641 // attempt the work anyway...
642 }
643
644 // Write the new boot-command to NVRAM, and sync if successful.
645 if (!nvram->setProperty(boot_command_sym, boot_command_recover)) {
646 IOLog("Failed to save new boot-command to NVRAM.\n");
647 } else {
648 nvram->sync();
649 }
650 } else {
651 IOLog("Unknown mode: %d\n", mode);
652 return false;
653 }
654
655 // Clean up and reboot!
656 do_reboot:
657 if (boot_command_recover != NULL) {
658 boot_command_recover->release();
659 }
660
661 if (boot_command_sym != NULL) {
662 boot_command_sym->release();
663 }
664
665 if (reboot) {
666 IOLog("\nAbout to reboot into Recovery!\n");
667 (void)PEHaltRestart(kPEPanicRestartCPUNoCallouts);
668 }
669
670 return true;
671 }
672
673 kern_return_t
IOFindBSDRoot(char * rootName,unsigned int rootNameSize,dev_t * root,u_int32_t * oflags)674 IOFindBSDRoot( char * rootName, unsigned int rootNameSize,
675 dev_t * root, u_int32_t * oflags )
676 {
677 mach_timespec_t t;
678 IOService * service;
679 IORegistryEntry * regEntry;
680 OSDictionary * matching = NULL;
681 OSString * iostr;
682 OSNumber * off;
683 OSData * data = NULL;
684
685 UInt32 flags = 0;
686 int mnr, mjr;
687 const char * mediaProperty = NULL;
688 char * rdBootVar;
689 OSDataAllocation<char> str;
690 const char * look = NULL;
691 int len;
692 int wdt = 0;
693 bool debugInfoPrintedOnce = false;
694 bool needNetworkKexts = false;
695 const char * uuidStr = NULL;
696
697 static int mountAttempts = 0;
698
699 int xchar, dchar;
700
701 // stall here for anyone matching on the IOBSD resource to finish (filesystems)
702 matching = IOService::serviceMatching(gIOResourcesKey);
703 assert(matching);
704 matching->setObject(gIOResourceMatchedKey, gIOBSDKey);
705
706 if ((service = IOService::waitForMatchingService(matching, 30ULL * kSecondScale))) {
707 OSSafeReleaseNULL(service);
708 } else {
709 IOLog("!BSD\n");
710 }
711 matching->release();
712 matching = NULL;
713
714 if (mountAttempts++) {
715 IOLog("mount(%d) failed\n", mountAttempts);
716 IOSleep( 5 * 1000 );
717 }
718
719 str = OSDataAllocation<char>( kMaxPathBuf + kMaxBootVar, OSAllocateMemory );
720 if (!str) {
721 return kIOReturnNoMemory;
722 }
723 rdBootVar = str.data() + kMaxPathBuf;
724
725 if (!PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
726 && !PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
727 rdBootVar[0] = 0;
728 }
729
730 if ((regEntry = IORegistryEntry::fromPath( "/chosen", gIODTPlane ))) {
731 do {
732 di_root_ramfile(regEntry);
733 OSObject* unserializedContainer = NULL;
734 data = OSDynamicCast(OSData, regEntry->getProperty( "root-matching" ));
735 if (data) {
736 unserializedContainer = OSUnserializeXML((char *)data->getBytesNoCopy());
737 matching = OSDynamicCast(OSDictionary, unserializedContainer);
738 if (matching) {
739 continue;
740 }
741 }
742 OSSafeReleaseNULL(unserializedContainer);
743
744 data = (OSData *) regEntry->getProperty( "boot-uuid" );
745 if (data) {
746 uuidStr = (const char*)data->getBytesNoCopy();
747 OSString *uuidString = OSString::withCString( uuidStr );
748
749 // match the boot-args boot-uuid processing below
750 if (uuidString) {
751 IOLog("rooting via boot-uuid from /chosen: %s\n", uuidStr);
752 IOService::publishResource( "boot-uuid", uuidString );
753 uuidString->release();
754 matching = IOUUIDMatching();
755 mediaProperty = "boot-uuid-media";
756 continue;
757 } else {
758 uuidStr = NULL;
759 }
760 }
761 } while (false);
762 OSSafeReleaseNULL(regEntry);
763 }
764
765 //
766 // See if we have a RAMDisk property in /chosen/memory-map. If so, make it into a device.
767 // It will become /dev/mdx, where x is 0-f.
768 //
769
770 if (!didRam) { /* Have we already build this ram disk? */
771 didRam = 1; /* Remember we did this */
772 if ((regEntry = IORegistryEntry::fromPath( "/chosen/memory-map", gIODTPlane ))) { /* Find the map node */
773 data = (OSData *)regEntry->getProperty("RAMDisk"); /* Find the ram disk, if there */
774 if (data) { /* We found one */
775 uintptr_t *ramdParms;
776 /* BEGIN IGNORE CODESTYLE */
777 __typed_allocators_ignore_push
778 ramdParms = (uintptr_t *)data->getBytesNoCopy(); /* Point to the ram disk base and size */
779 __typed_allocators_ignore_pop
780 /* END IGNORE CODESTYLE */
781 #if __LP64__
782 #define MAX_PHYS_RAM (((uint64_t)UINT_MAX) << 12)
783 if (ramdParms[1] > MAX_PHYS_RAM) {
784 panic("ramdisk params");
785 }
786 #endif /* __LP64__ */
787 (void)mdevadd(-1, ml_static_ptovirt(ramdParms[0]) >> 12, (unsigned int) (ramdParms[1] >> 12), 0); /* Initialize it and pass back the device number */
788 }
789 regEntry->release(); /* Toss the entry */
790 }
791 }
792
793 //
794 // Now check if we are trying to root on a memory device
795 //
796
797 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
798 dchar = xchar = rdBootVar[2]; /* Get the actual device */
799 if ((xchar >= '0') && (xchar <= '9')) {
800 xchar = xchar - '0'; /* If digit, convert */
801 } else {
802 xchar = xchar & ~' '; /* Fold to upper case */
803 if ((xchar >= 'A') && (xchar <= 'F')) { /* Is this a valid digit? */
804 xchar = (xchar & 0xF) + 9; /* Convert the hex digit */
805 dchar = dchar | ' '; /* Fold to lower case */
806 } else {
807 xchar = -1; /* Show bogus */
808 }
809 }
810 if (xchar >= 0) { /* Do we have a valid memory device name? */
811 OSSafeReleaseNULL(matching);
812 *root = mdevlookup(xchar); /* Find the device number */
813 if (*root >= 0) { /* Did we find one? */
814 rootName[0] = 'm'; /* Build root name */
815 rootName[1] = 'd'; /* Build root name */
816 rootName[2] = (char) dchar; /* Build root name */
817 rootName[3] = 0; /* Build root name */
818 IOLog("BSD root: %s, major %d, minor %d\n", rootName, major(*root), minor(*root));
819 *oflags = 0; /* Show that this is not network */
820
821 #if CONFIG_KDP_INTERACTIVE_DEBUGGING
822 /* retrieve final ramdisk range and initialize KDP variables */
823 if (mdevgetrange(xchar, &kdp_core_ramdisk_addr, &kdp_core_ramdisk_size) != 0) {
824 IOLog("Unable to retrieve range for root memory device %d\n", xchar);
825 kdp_core_ramdisk_addr = 0;
826 kdp_core_ramdisk_size = 0;
827 }
828 #endif
829
830 goto iofrootx; /* Join common exit... */
831 }
832 panic("IOFindBSDRoot: specified root memory device, %s, has not been configured", rdBootVar); /* Not there */
833 }
834 }
835
836 if ((!matching) && rdBootVar[0]) {
837 // by BSD name
838 look = rdBootVar;
839 if (look[0] == '*') {
840 look++;
841 }
842
843 if (strncmp( look, "en", strlen( "en" )) == 0) {
844 matching = IONetworkNamePrefixMatching( "en" );
845 needNetworkKexts = true;
846 } else if (strncmp( look, "uuid", strlen( "uuid" )) == 0) {
847 OSDataAllocation<char> uuid( kMaxBootVar, OSAllocateMemory );
848
849 if (uuid) {
850 OSString *uuidString;
851
852 if (!PE_parse_boot_argn( "boot-uuid", uuid.data(), kMaxBootVar )) {
853 panic( "rd=uuid but no boot-uuid=<value> specified" );
854 }
855 uuidString = OSString::withCString(uuid.data());
856 if (uuidString) {
857 IOService::publishResource( "boot-uuid", uuidString );
858 uuidString->release();
859 IOLog("\nWaiting for boot volume with UUID %s\n", uuid.data());
860 matching = IOUUIDMatching();
861 mediaProperty = "boot-uuid-media";
862 }
863 }
864 } else {
865 matching = IOBSDNameMatching( look );
866 }
867 }
868
869 if (!matching) {
870 OSString * astring;
871 // Match any HFS media
872
873 matching = IOService::serviceMatching( "IOMedia" );
874 assert(matching);
875 astring = OSString::withCStringNoCopy("Apple_HFS");
876 if (astring) {
877 matching->setObject("Content", astring);
878 astring->release();
879 }
880 }
881
882 if (gIOKitDebug & kIOWaitQuietBeforeRoot) {
883 IOLog( "Waiting for matching to complete\n" );
884 IOService::getPlatform()->waitQuiet();
885 }
886
887 if (matching) {
888 OSSerialize * s = OSSerialize::withCapacity( 5 );
889
890 if (matching->serialize( s )) {
891 IOLog( "Waiting on %s\n", s->text());
892 }
893 s->release();
894 }
895
896 char namep[8];
897 if (needNetworkKexts
898 || PE_parse_boot_argn("-s", namep, sizeof(namep))) {
899 IOService::startDeferredMatches();
900 }
901
902 PE_parse_boot_argn("wdt", &wdt, sizeof(wdt));
903 do {
904 t.tv_sec = ROOTDEVICETIMEOUT;
905 t.tv_nsec = 0;
906 matching->retain();
907 service = IOService::waitForService( matching, &t );
908 if ((-1 != wdt) && (!service || (mountAttempts == 10))) {
909 #if !XNU_TARGET_OS_OSX || !defined(__arm64__)
910 PE_display_icon( 0, "noroot");
911 IOLog( "Still waiting for root device\n" );
912 #endif
913
914 if (!debugInfoPrintedOnce) {
915 debugInfoPrintedOnce = true;
916 if (gIOKitDebug & kIOLogDTree) {
917 IOLog("\nDT plane:\n");
918 IOPrintPlane( gIODTPlane );
919 }
920 if (gIOKitDebug & kIOLogServiceTree) {
921 IOLog("\nService plane:\n");
922 IOPrintPlane( gIOServicePlane );
923 }
924 if (gIOKitDebug & kIOLogMemory) {
925 IOPrintMemory();
926 }
927 }
928
929 #if XNU_TARGET_OS_OSX && defined(__arm64__)
930 // The disk isn't found - have the user pick from System Recovery.
931 (void)IOSetRecoveryBoot(BSD_BOOTFAIL_MEDIA_MISSING, NULL, true);
932 #elif XNU_TARGET_OS_IOS || XNU_TARGET_OS_XR
933 panic("Failed to mount root device");
934 #endif
935 }
936 } while (!service);
937
938 OSSafeReleaseNULL(matching);
939
940 if (service && mediaProperty) {
941 service = (IOService *)service->getProperty(mediaProperty);
942 }
943
944 mjr = 0;
945 mnr = 0;
946
947 // If the IOService we matched to is a subclass of IONetworkInterface,
948 // then make sure it has been registered with BSD and has a BSD name
949 // assigned.
950
951 if (service
952 && service->metaCast( "IONetworkInterface" )
953 && !IORegisterNetworkInterface( service )) {
954 service = NULL;
955 }
956
957 if (service) {
958 len = kMaxPathBuf;
959 service->getPath( str.data(), &len, gIOServicePlane );
960 IOLog("Got boot device = %s\n", str.data());
961
962 iostr = (OSString *) service->getProperty( kIOBSDNameKey );
963 if (iostr) {
964 strlcpy( rootName, iostr->getCStringNoCopy(), rootNameSize );
965 }
966 off = (OSNumber *) service->getProperty( kIOBSDMajorKey );
967 if (off) {
968 mjr = off->unsigned32BitValue();
969 }
970 off = (OSNumber *) service->getProperty( kIOBSDMinorKey );
971 if (off) {
972 mnr = off->unsigned32BitValue();
973 }
974
975 if (service->metaCast( "IONetworkInterface" )) {
976 flags |= 1;
977 }
978 } else {
979 IOLog( "Wait for root failed\n" );
980 strlcpy( rootName, "en0", rootNameSize );
981 flags |= 1;
982 }
983
984 IOLog( "BSD root: %s", rootName );
985 if (mjr) {
986 IOLog(", major %d, minor %d\n", mjr, mnr );
987 } else {
988 IOLog("\n");
989 }
990
991 *root = makedev( mjr, mnr );
992 *oflags = flags;
993
994 iofrootx:
995
996 IOService::setRootMedia(service);
997
998 if ((gIOKitDebug & (kIOLogDTree | kIOLogServiceTree | kIOLogMemory)) && !debugInfoPrintedOnce) {
999 IOService::getPlatform()->waitQuiet();
1000 if (gIOKitDebug & kIOLogDTree) {
1001 IOLog("\nDT plane:\n");
1002 IOPrintPlane( gIODTPlane );
1003 }
1004 if (gIOKitDebug & kIOLogServiceTree) {
1005 IOLog("\nService plane:\n");
1006 IOPrintPlane( gIOServicePlane );
1007 }
1008 if (gIOKitDebug & kIOLogMemory) {
1009 IOPrintMemory();
1010 }
1011 }
1012
1013 return kIOReturnSuccess;
1014 }
1015
1016 void
IOSetImageBoot(void)1017 IOSetImageBoot(void)
1018 {
1019 // this will unhide all IOMedia, without waiting for kernelmanagement to start
1020 IOService::setRootMedia(NULL);
1021 }
1022
1023 bool
IORamDiskBSDRoot(void)1024 IORamDiskBSDRoot(void)
1025 {
1026 char rdBootVar[kMaxBootVar];
1027 if (PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar )
1028 || PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) {
1029 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
1030 return true;
1031 }
1032 }
1033 return false;
1034 }
1035
1036 void
IOSecureBSDRoot(const char * rootName)1037 IOSecureBSDRoot(const char * rootName)
1038 {
1039 #if CONFIG_SECURE_BSD_ROOT
1040 IOReturn result;
1041 IOPlatformExpert *pe;
1042 OSDictionary *matching;
1043 const OSSymbol *functionName = OSSymbol::withCStringNoCopy("SecureRootName");
1044
1045 matching = IOService::serviceMatching("IOPlatformExpert");
1046 assert(matching);
1047 pe = (IOPlatformExpert *) IOService::waitForMatchingService(matching, 30ULL * kSecondScale);
1048 matching->release();
1049 assert(pe);
1050 // Returns kIOReturnNotPrivileged is the root device is not secure.
1051 // Returns kIOReturnUnsupported if "SecureRootName" is not implemented.
1052 result = pe->callPlatformFunction(functionName, false, (void *)rootName, (void *)NULL, (void *)NULL, (void *)NULL);
1053 functionName->release();
1054 OSSafeReleaseNULL(pe);
1055
1056 if (result == kIOReturnNotPrivileged) {
1057 mdevremoveall();
1058 }
1059
1060 #endif // CONFIG_SECURE_BSD_ROOT
1061 }
1062
1063 void *
IOBSDRegistryEntryForDeviceTree(char * path)1064 IOBSDRegistryEntryForDeviceTree(char * path)
1065 {
1066 return IORegistryEntry::fromPath(path, gIODTPlane);
1067 }
1068
1069 void
IOBSDRegistryEntryRelease(void * entry)1070 IOBSDRegistryEntryRelease(void * entry)
1071 {
1072 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1073
1074 if (regEntry) {
1075 regEntry->release();
1076 }
1077 return;
1078 }
1079
1080 const void *
IOBSDRegistryEntryGetData(void * entry,char * property_name,int * packet_length)1081 IOBSDRegistryEntryGetData(void * entry, char * property_name,
1082 int * packet_length)
1083 {
1084 OSData * data;
1085 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1086
1087 data = (OSData *) regEntry->getProperty(property_name);
1088 if (data) {
1089 *packet_length = data->getLength();
1090 return data->getBytesNoCopy();
1091 }
1092 return NULL;
1093 }
1094
1095 kern_return_t
IOBSDGetPlatformUUID(uuid_t uuid,mach_timespec_t timeout)1096 IOBSDGetPlatformUUID( uuid_t uuid, mach_timespec_t timeout )
1097 {
1098 IOService * resources;
1099 OSString * string;
1100
1101 resources = IOService::waitForService( IOService::resourceMatching( kIOPlatformUUIDKey ), (timeout.tv_sec || timeout.tv_nsec) ? &timeout : NULL );
1102 if (resources == NULL) {
1103 return KERN_OPERATION_TIMED_OUT;
1104 }
1105
1106 string = (OSString *) IOService::getPlatform()->getProvider()->getProperty( kIOPlatformUUIDKey );
1107 if (string == NULL) {
1108 return KERN_NOT_SUPPORTED;
1109 }
1110
1111 uuid_parse( string->getCStringNoCopy(), uuid );
1112
1113 return KERN_SUCCESS;
1114 }
1115 } /* extern "C" */
1116
1117 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1118
1119 #include <sys/conf.h>
1120 #include <sys/lock.h>
1121 #include <sys/vnode.h>
1122 #include <sys/vnode_if.h>
1123 #include <sys/vnode_internal.h>
1124 #include <sys/fcntl.h>
1125 #include <sys/fsctl.h>
1126 #include <sys/mount.h>
1127 #include <IOKit/IOPolledInterface.h>
1128 #include <IOKit/IOBufferMemoryDescriptor.h>
1129
1130 // see HFSIOC_VOLUME_STATUS in APFS/HFS
1131 #define HFS_IOCTL_VOLUME_STATUS _IOR('h', 24, u_int32_t)
1132
1133 LCK_GRP_DECLARE(gIOPolledCoreFileGrp, "polled_corefile");
1134 LCK_MTX_DECLARE(gIOPolledCoreFileMtx, &gIOPolledCoreFileGrp);
1135
1136 IOPolledFileIOVars * gIOPolledCoreFileVars;
1137 kern_return_t gIOPolledCoreFileOpenRet = kIOReturnNotReady;
1138 IOPolledCoreFileMode_t gIOPolledCoreFileMode = kIOPolledCoreFileModeNotInitialized;
1139
1140 #if IOPOLLED_COREFILE
1141
1142 #define ONE_MB 1024ULL * 1024ULL
1143
1144 #if defined(XNU_TARGET_OS_BRIDGE)
1145 // On bridgeOS allocate a 150MB corefile and leave 150MB free
1146 #define kIOCoreDumpSize 150ULL * ONE_MB
1147 #define kIOCoreDumpFreeSize 150ULL * ONE_MB
1148
1149 #elif defined(XNU_TARGET_OS_OSX)
1150
1151 // on macOS devices allocate a corefile sized at 1GB / 32GB of DRAM,
1152 // fallback to a 1GB corefile and leave at least 1GB free
1153 #define kIOCoreDumpMinSize 1024ULL * ONE_MB
1154 #define kIOCoreDumpIncrementalSize 1024ULL * ONE_MB
1155
1156 #define kIOCoreDumpFreeSize 1024ULL * ONE_MB
1157
1158 // on older macOS devices we allocate a 1MB file at boot
1159 // to store a panic time stackshot
1160 #define kIOStackshotFileSize ONE_MB
1161
1162 #elif defined(XNU_TARGET_OS_XR)
1163
1164 // XR OS requries larger corefile storage because XNU core can take
1165 // up to ~500MB.
1166
1167 #define kIOCoreDumpMinSize 350ULL * ONE_MB
1168 #define kIOCoreDumpLargeSize 750ULL * ONE_MB
1169
1170 #define kIOCoreDumpFreeSize 350ULL * ONE_MB
1171
1172 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1173
1174 // On embedded devices with >3GB DRAM we allocate a 500MB corefile
1175 // otherwise allocate a 350MB corefile. Leave 350 MB free
1176 #define kIOCoreDumpMinSize 350ULL * ONE_MB
1177 #define kIOCoreDumpLargeSize 500ULL * ONE_MB
1178
1179 #define kIOCoreDumpFreeSize 350ULL * ONE_MB
1180
1181 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1182
1183 static IOPolledCoreFileMode_t
GetCoreFileMode()1184 GetCoreFileMode()
1185 {
1186 if (on_device_corefile_enabled()) {
1187 return kIOPolledCoreFileModeCoredump;
1188 } else if (panic_stackshot_to_disk_enabled()) {
1189 return kIOPolledCoreFileModeStackshot;
1190 } else {
1191 return kIOPolledCoreFileModeDisabled;
1192 }
1193 }
1194
1195 static void
IOResolveCoreFilePath()1196 IOResolveCoreFilePath()
1197 {
1198 DTEntry node;
1199 const char *value = NULL;
1200 unsigned int size = 0;
1201
1202 if (kSuccess != SecureDTLookupEntry(NULL, "/product", &node)) {
1203 return;
1204 }
1205 if (kSuccess != SecureDTGetProperty(node, "kernel-core-dump-location", (void const **) &value, &size)) {
1206 return;
1207 }
1208 if (size == 0) {
1209 return;
1210 }
1211
1212 // The kdp_corefile_path is allowed to be one of 2 options to working locations.
1213 // This value is set on EARLY_BOOT since we need to know it before any volumes are mounted. The mount
1214 // event triggers IOOpenPolledCoreFile() which opens the file. Once we commit to using the path from EDT
1215 // we can't back out since a different path may reside in a different volume.
1216 // In case the path from EDT can't be opened, there will not be a kernel core-dump
1217 if (strlcmp(value, "preboot", size) == 0) {
1218 kdp_corefile_path = kIOCoreDumpPrebootPath;
1219 } else if (strlcmp(value, "default", size) != 0) {
1220 IOLog("corefile path selection in device-tree is not one of the allowed values: %s, Using default %s\n", value, kdp_corefile_path);
1221 return;
1222 }
1223
1224 IOLog("corefile path selection in device-tree was set to: %s (value: %s)\n", kdp_corefile_path, value);
1225 }
1226 STARTUP(EARLY_BOOT, STARTUP_RANK_MIDDLE, IOResolveCoreFilePath);
1227
1228 static void
IOCoreFileGetSize(uint64_t * ideal_size,uint64_t * fallback_size,uint64_t * free_space_to_leave,IOPolledCoreFileMode_t mode)1229 IOCoreFileGetSize(uint64_t *ideal_size, uint64_t *fallback_size, uint64_t *free_space_to_leave, IOPolledCoreFileMode_t mode)
1230 {
1231 unsigned int requested_corefile_size = 0;
1232
1233 *ideal_size = *fallback_size = *free_space_to_leave = 0;
1234
1235 // If a custom size was requested, override the ideal and requested sizes
1236 if (PE_parse_boot_argn("corefile_size_mb", &requested_corefile_size,
1237 sizeof(requested_corefile_size))) {
1238 IOLog("Boot-args specify %d MB kernel corefile\n", requested_corefile_size);
1239
1240 *ideal_size = *fallback_size = (requested_corefile_size * ONE_MB);
1241 return;
1242 }
1243
1244 unsigned int status_flags = 0;
1245 int error = VNOP_IOCTL(rootvnode, HFS_IOCTL_VOLUME_STATUS, (caddr_t)&status_flags, 0,
1246 vfs_context_kernel());
1247 if (!error) {
1248 if (status_flags & (VQ_VERYLOWDISK | VQ_LOWDISK | VQ_NEARLOWDISK)) {
1249 IOLog("Volume is low on space. Not allocating kernel corefile.\n");
1250 return;
1251 }
1252 } else {
1253 IOLog("Couldn't retrieve volume status. Error %d\n", error);
1254 }
1255
1256 #if defined(XNU_TARGET_OS_BRIDGE)
1257 #pragma unused(mode)
1258 *ideal_size = *fallback_size = kIOCoreDumpSize;
1259 *free_space_to_leave = kIOCoreDumpFreeSize;
1260 #elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */
1261 #pragma unused(mode)
1262 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1263
1264 if (max_mem > (3 * 1024ULL * ONE_MB)) {
1265 *ideal_size = kIOCoreDumpLargeSize;
1266 }
1267
1268 *free_space_to_leave = kIOCoreDumpFreeSize;
1269 #else /* defined(XNU_TARGET_OS_BRIDGE) */
1270 if (mode == kIOPolledCoreFileModeCoredump) {
1271 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1272 if (kIOCoreDumpIncrementalSize != 0 && max_mem > (32 * 1024ULL * ONE_MB)) {
1273 *ideal_size = ((ROUNDUP(max_mem, (32 * 1024ULL * ONE_MB)) / (32 * 1024ULL * ONE_MB)) * kIOCoreDumpIncrementalSize);
1274 }
1275 *free_space_to_leave = kIOCoreDumpFreeSize;
1276 } else if (mode == kIOPolledCoreFileModeStackshot) {
1277 *ideal_size = *fallback_size = *free_space_to_leave = kIOStackshotFileSize;
1278 }
1279 #endif /* defined(XNU_TARGET_OS_BRIDGE) */
1280
1281 #if EXCLAVES_COREDUMP
1282 *ideal_size += sk_core_size();
1283 #endif /* EXCLAVES_COREDUMP */
1284
1285 return;
1286 }
1287
1288 static IOReturn
IOAccessCoreFileData(void * context,boolean_t write,uint64_t offset,int length,void * buffer)1289 IOAccessCoreFileData(void *context, boolean_t write, uint64_t offset, int length, void *buffer)
1290 {
1291 errno_t vnode_error = 0;
1292 vfs_context_t vfs_context;
1293 vnode_t vnode_ptr = (vnode_t) context;
1294
1295 vfs_context = vfs_context_kernel();
1296 vnode_error = vn_rdwr(write ? UIO_WRITE : UIO_READ, vnode_ptr, (caddr_t)buffer, length, offset,
1297 UIO_SYSSPACE, IO_SWAP_DISPATCH | IO_SYNC | IO_NOCACHE | IO_UNIT, vfs_context_ucred(vfs_context), NULL, vfs_context_proc(vfs_context));
1298
1299 if (vnode_error) {
1300 IOLog("Failed to %s the corefile. Error %d\n", write ? "write to" : "read from", vnode_error);
1301 return kIOReturnError;
1302 }
1303
1304 return kIOReturnSuccess;
1305 }
1306
1307 static void
IOOpenPolledCoreFile(thread_call_param_t __unused,thread_call_param_t corefilename)1308 IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename)
1309 {
1310 assert(corefilename != NULL);
1311
1312 IOReturn err;
1313 char *filename = (char *) corefilename;
1314 uint64_t corefile_size_bytes = 0, corefile_fallback_size_bytes = 0, free_space_to_leave_bytes = 0;
1315 IOPolledCoreFileMode_t mode_to_init = GetCoreFileMode();
1316
1317 if (gIOPolledCoreFileVars) {
1318 return;
1319 }
1320 if (!IOPolledInterface::gMetaClass.getInstanceCount()) {
1321 return;
1322 }
1323
1324 if (gIOPolledCoreFileMode == kIOPolledCoreFileModeUnlinked) {
1325 return;
1326 }
1327
1328 if (mode_to_init == kIOPolledCoreFileModeDisabled) {
1329 gIOPolledCoreFileMode = kIOPolledCoreFileModeDisabled;
1330 return;
1331 }
1332
1333 // We'll overwrite this once we open the file, we update this to mark that we have made
1334 // it past initialization
1335 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1336
1337 IOCoreFileGetSize(&corefile_size_bytes, &corefile_fallback_size_bytes, &free_space_to_leave_bytes, mode_to_init);
1338
1339 if (corefile_size_bytes == 0 && corefile_fallback_size_bytes == 0) {
1340 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1341 return;
1342 }
1343
1344 do {
1345 // This file reference remains open long-term in case we need to write a core-dump
1346 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_size_bytes, free_space_to_leave_bytes,
1347 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1348 if (kIOReturnSuccess == err) {
1349 break;
1350 } else if (kIOReturnNoSpace == err) {
1351 IOLog("Failed to open corefile of size %llu MB (low disk space)\n",
1352 (corefile_size_bytes / (1024ULL * 1024ULL)));
1353 if (corefile_size_bytes == corefile_fallback_size_bytes) {
1354 gIOPolledCoreFileOpenRet = err;
1355 return;
1356 }
1357 } else {
1358 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1359 (corefile_size_bytes / (1024ULL * 1024ULL)), err);
1360 gIOPolledCoreFileOpenRet = err;
1361 return;
1362 }
1363
1364 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_fallback_size_bytes, free_space_to_leave_bytes,
1365 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL);
1366 if (kIOReturnSuccess != err) {
1367 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1368 (corefile_fallback_size_bytes / (1024ULL * 1024ULL)), err);
1369 gIOPolledCoreFileOpenRet = err;
1370 return;
1371 }
1372 } while (false);
1373
1374 gIOPolledCoreFileOpenRet = IOPolledFilePollersSetup(gIOPolledCoreFileVars, kIOPolledPreflightCoreDumpState);
1375 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1376 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1377 IOLog("IOPolledFilePollersSetup for corefile failed with error: 0x%x\n", err);
1378 } else {
1379 IOLog("Opened corefile of size %llu MB\n", (corefile_size_bytes / (1024ULL * 1024ULL)));
1380 gIOPolledCoreFileMode = mode_to_init;
1381 }
1382
1383 // Provide the "polled file available" callback with a temporary way to read from the file
1384 (void) IOProvideCoreFileAccess(kdp_core_polled_io_polled_file_available, NULL);
1385
1386 return;
1387 }
1388
1389 kern_return_t
IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient,void * recipient_context)1390 IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context)
1391 {
1392 kern_return_t error = kIOReturnSuccess;
1393 errno_t vnode_error = 0;
1394 vfs_context_t vfs_context;
1395 vnode_t vnode_ptr;
1396
1397 if (!recipient) {
1398 return kIOReturnBadArgument;
1399 }
1400
1401 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1402 return kIOReturnNotReady;
1403 }
1404
1405 // Open the kernel corefile
1406 vfs_context = vfs_context_kernel();
1407 vnode_error = vnode_open(kdp_corefile_path, (FREAD | FWRITE | O_NOFOLLOW), 0600, 0, &vnode_ptr, vfs_context);
1408 if (vnode_error) {
1409 IOLog("Failed to open the corefile. Error %d\n", vnode_error);
1410 return kIOReturnError;
1411 }
1412
1413 // Call the recipient function
1414 error = recipient(IOAccessCoreFileData, (void *)vnode_ptr, recipient_context);
1415
1416 // Close the kernel corefile
1417 vnode_close(vnode_ptr, FREAD | FWRITE, vfs_context);
1418
1419 return error;
1420 }
1421
1422 static void
IOClosePolledCoreFile(void)1423 IOClosePolledCoreFile(void)
1424 {
1425 // Notify kdp core that the corefile is no longer available
1426 (void) kdp_core_polled_io_polled_file_unavailable();
1427
1428 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1429 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1430 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1431 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false);
1432 }
1433
1434 static void
IOUnlinkPolledCoreFile(void)1435 IOUnlinkPolledCoreFile(void)
1436 {
1437 // Notify kdp core that the corefile is no longer available
1438 (void) kdp_core_polled_io_polled_file_unavailable();
1439
1440 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1441 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1442 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState);
1443 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, true);
1444 }
1445
1446 #endif /* IOPOLLED_COREFILE */
1447
1448 extern "C" void
IOBSDMountChange(struct mount * mp,uint32_t op)1449 IOBSDMountChange(struct mount * mp, uint32_t op)
1450 {
1451 #if IOPOLLED_COREFILE
1452 uint64_t flags;
1453 char path[128];
1454 int pathLen;
1455 vnode_t vn;
1456 int result;
1457
1458 lck_mtx_lock(&gIOPolledCoreFileMtx);
1459
1460 switch (op) {
1461 case kIOMountChangeMount:
1462 case kIOMountChangeDidResize:
1463
1464 if (gIOPolledCoreFileVars) {
1465 break;
1466 }
1467 flags = vfs_flags(mp);
1468 if (MNT_RDONLY & flags) {
1469 break;
1470 }
1471 if (!(MNT_LOCAL & flags)) {
1472 break;
1473 }
1474
1475 vn = vfs_vnodecovered(mp);
1476 if (!vn) {
1477 break;
1478 }
1479 pathLen = sizeof(path);
1480 result = vn_getpath(vn, &path[0], &pathLen);
1481 vnode_put(vn);
1482 if (0 != result) {
1483 break;
1484 }
1485 if (!pathLen) {
1486 break;
1487 }
1488 #if defined(XNU_TARGET_OS_BRIDGE)
1489 // on bridgeOS systems we put the core in /private/var/internal. We don't
1490 // want to match with /private/var because /private/var/internal is often mounted
1491 // over /private/var
1492 if ((pathLen - 1) < (int) strlen("/private/var/internal")) {
1493 break;
1494 }
1495 #endif
1496 // Does this mount point include the kernel core-file?
1497 if (0 != strncmp(path, kdp_corefile_path, pathLen - 1)) {
1498 break;
1499 }
1500
1501 thread_call_enter1(corefile_open_call, (void *) kdp_corefile_path);
1502 break;
1503
1504 case kIOMountChangeUnmount:
1505 case kIOMountChangeWillResize:
1506 if (gIOPolledCoreFileVars && (mp == kern_file_mount(gIOPolledCoreFileVars->fileRef))) {
1507 thread_call_cancel_wait(corefile_open_call);
1508 IOClosePolledCoreFile();
1509 }
1510 break;
1511 }
1512
1513 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1514 #endif /* IOPOLLED_COREFILE */
1515 }
1516
1517 extern "C" void
IOBSDLowSpaceUnlinkKernelCore(void)1518 IOBSDLowSpaceUnlinkKernelCore(void)
1519 {
1520 #if IOPOLLED_COREFILE
1521 lck_mtx_lock(&gIOPolledCoreFileMtx);
1522 if (gIOPolledCoreFileVars) {
1523 thread_call_cancel_wait(corefile_open_call);
1524 IOUnlinkPolledCoreFile();
1525 }
1526 lck_mtx_unlock(&gIOPolledCoreFileMtx);
1527 #endif
1528 }
1529
1530 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1531
1532 static char*
copyOSStringAsCString(OSString * string)1533 copyOSStringAsCString(OSString *string)
1534 {
1535 size_t string_length = 0;
1536 char *c_string = NULL;
1537
1538 if (string == NULL) {
1539 return NULL;
1540 }
1541 string_length = string->getLength() + 1;
1542
1543 /* Allocate kernel data memory for the string */
1544 c_string = (char*)kalloc_data(string_length, (zalloc_flags_t)(Z_ZERO | Z_WAITOK | Z_NOFAIL));
1545 assert(c_string != NULL);
1546
1547 /* Copy in the string */
1548 strlcpy(c_string, string->getCStringNoCopy(), string_length);
1549
1550 return c_string;
1551 }
1552
1553 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasStringEntitlement(const char * entitlement,const char * value)1554 IOCurrentTaskHasStringEntitlement(const char *entitlement, const char *value)
1555 {
1556 return IOTaskHasStringEntitlement(NULL, entitlement, value);
1557 }
1558
1559 extern "C" boolean_t
IOTaskHasStringEntitlement(task_t task,const char * entitlement,const char * value)1560 IOTaskHasStringEntitlement(task_t task, const char *entitlement, const char *value)
1561 {
1562 if (task == NULL) {
1563 task = current_task();
1564 }
1565
1566 /* Validate input arguments */
1567 if (task == kernel_task || entitlement == NULL || value == NULL) {
1568 return false;
1569 }
1570 proc_t proc = (proc_t)get_bsdtask_info(task);
1571
1572 kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc(
1573 proc,
1574 entitlement,
1575 value);
1576
1577 if (ret == KERN_SUCCESS) {
1578 return true;
1579 }
1580
1581 return false;
1582 }
1583
1584 extern "C" OS_ALWAYS_INLINE boolean_t
IOCurrentTaskHasEntitlement(const char * entitlement)1585 IOCurrentTaskHasEntitlement(const char *entitlement)
1586 {
1587 return IOTaskHasEntitlement(NULL, entitlement);
1588 }
1589
1590 extern "C" boolean_t
IOTaskHasEntitlement(task_t task,const char * entitlement)1591 IOTaskHasEntitlement(task_t task, const char *entitlement)
1592 {
1593 if (task == NULL) {
1594 task = current_task();
1595 }
1596
1597 /* Validate input arguments */
1598 if (task == kernel_task || entitlement == NULL) {
1599 return false;
1600 }
1601 proc_t proc = (proc_t)get_bsdtask_info(task);
1602
1603 kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
1604 proc,
1605 entitlement);
1606
1607 if (ret == KERN_SUCCESS) {
1608 return true;
1609 }
1610
1611 return false;
1612 }
1613
1614 extern "C" OS_ALWAYS_INLINE char*
IOCurrentTaskGetEntitlement(const char * entitlement)1615 IOCurrentTaskGetEntitlement(const char *entitlement)
1616 {
1617 return IOTaskGetEntitlement(NULL, entitlement);
1618 }
1619
1620 extern "C" char*
IOTaskGetEntitlement(task_t task,const char * entitlement)1621 IOTaskGetEntitlement(task_t task, const char *entitlement)
1622 {
1623 void *entitlement_object = NULL;
1624 char *return_value = NULL;
1625
1626 if (task == NULL) {
1627 task = current_task();
1628 }
1629
1630 /* Validate input arguments */
1631 if (task == kernel_task || entitlement == NULL) {
1632 return NULL;
1633 }
1634 proc_t proc = (proc_t)get_bsdtask_info(task);
1635
1636 kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
1637 proc,
1638 entitlement,
1639 &entitlement_object);
1640
1641 if (ret != KERN_SUCCESS) {
1642 return NULL;
1643 }
1644 assert(entitlement_object != NULL);
1645
1646 OSObject *os_object = (OSObject*)entitlement_object;
1647 OSString *os_string = OSDynamicCast(OSString, os_object);
1648
1649 /* Get a C string version of the OSString */
1650 return_value = copyOSStringAsCString(os_string);
1651
1652 /* Free the OSObject which was given to us */
1653 OSSafeReleaseNULL(os_object);
1654
1655 return return_value;
1656 }
1657
1658 extern "C" boolean_t
IOVnodeHasEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1659 IOVnodeHasEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1660 {
1661 OSObject * obj;
1662 off_t offset = (off_t)off;
1663
1664 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1665 if (!obj) {
1666 return false;
1667 }
1668 obj->release();
1669 return obj != kOSBooleanFalse;
1670 }
1671
1672 extern "C" char *
IOVnodeGetEntitlement(vnode_t vnode,int64_t off,const char * entitlement)1673 IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1674 {
1675 OSObject *obj = NULL;
1676 OSString *str = NULL;
1677 size_t len;
1678 char *value = NULL;
1679 off_t offset = (off_t)off;
1680
1681 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1682 if (obj != NULL) {
1683 str = OSDynamicCast(OSString, obj);
1684 if (str != NULL) {
1685 len = str->getLength() + 1;
1686 value = (char *)kalloc_data(len, Z_WAITOK);
1687 strlcpy(value, str->getCStringNoCopy(), len);
1688 }
1689 obj->release();
1690 }
1691 return value;
1692 }
1693