1 /* 2 * Copyright (c) 1998-2021 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 #include <IOKit/IOBSD.h> 29 #include <IOKit/IOLib.h> 30 #include <IOKit/IOService.h> 31 #include <IOKit/IOCatalogue.h> 32 #include <IOKit/IODeviceTreeSupport.h> 33 #include <IOKit/IOKitKeys.h> 34 #include <IOKit/IONVRAM.h> 35 #include <IOKit/IOPlatformExpert.h> 36 #include <IOKit/IOUserClient.h> 37 #include <libkern/c++/OSAllocation.h> 38 39 extern "C" { 40 #include <libkern/amfi/amfi.h> 41 #include <sys/codesign.h> 42 #include <sys/code_signing.h> 43 #include <vm/pmap.h> 44 #include <vm/vm_map.h> 45 #include <pexpert/pexpert.h> 46 #include <kern/clock.h> 47 #if CONFIG_KDP_INTERACTIVE_DEBUGGING 48 #include <kern/debug.h> 49 #endif 50 #include <mach/machine.h> 51 #include <uuid/uuid.h> 52 #include <sys/vnode_internal.h> 53 #include <sys/mount.h> 54 #include <corecrypto/ccsha2.h> 55 #include <kdp/sk_core.h> 56 #include <pexpert/device_tree.h> 57 #include <kern/startup.h> 58 59 // how long to wait for matching root device, secs 60 #if DEBUG 61 #define ROOTDEVICETIMEOUT 120 62 #else 63 #define ROOTDEVICETIMEOUT 60 64 #endif 65 66 extern dev_t mdevadd(int devid, uint64_t base, unsigned int size, int phys); 67 extern dev_t mdevlookup(int devid); 68 extern void mdevremoveall(void); 69 extern int mdevgetrange(int devid, uint64_t *base, uint64_t *size); 70 extern void di_root_ramfile(IORegistryEntry * entry); 71 extern int IODTGetDefault(const char *key, void *infoAddr, unsigned int infoSize); 72 extern boolean_t cpuid_vmm_present(void); 73 74 #define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1))) 75 76 #define IOPOLLED_COREFILE (CONFIG_KDP_INTERACTIVE_DEBUGGING) 77 78 #if defined(XNU_TARGET_OS_BRIDGE) 79 #define kIOCoreDumpPath "/private/var/internal/kernelcore" 80 #elif defined(XNU_TARGET_OS_OSX) 81 #define kIOCoreDumpPath "/System/Volumes/VM/kernelcore" 82 #else 83 #define kIOCoreDumpPath "/private/var/vm/kernelcore" 84 #endif 85 86 #define kIOCoreDumpPrebootPath "/private/preboot/kernelcore" 87 88 #define SYSTEM_NVRAM_PREFIX "40A0DDD2-77F8-4392-B4A3-1E7304206516:" 89 90 #if CONFIG_KDP_INTERACTIVE_DEBUGGING 91 /* 92 * Touched by IOFindBSDRoot() if a RAMDisk is used for the root device. 93 */ 94 extern uint64_t kdp_core_ramdisk_addr; 95 extern uint64_t kdp_core_ramdisk_size; 96 97 /* 98 * A callback to indicate that the polled-mode corefile is now available. 99 */ 100 extern kern_return_t kdp_core_polled_io_polled_file_available(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context); 101 102 /* 103 * A callback to indicate that the polled-mode corefile is no longer available. 104 */ 105 extern kern_return_t kdp_core_polled_io_polled_file_unavailable(void); 106 #endif 107 108 #if IOPOLLED_COREFILE 109 static void IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename); 110 static void IOResolveCoreFilePath(); 111 112 thread_call_t corefile_open_call = NULL; 113 SECURITY_READ_ONLY_LATE(const char*) kdp_corefile_path = kIOCoreDumpPath; 114 #endif 115 116 kern_return_t 117 IOKitBSDInit( void ) 118 { 119 IOService::publishResource("IOBSD"); 120 121 #if IOPOLLED_COREFILE 122 corefile_open_call = thread_call_allocate_with_options(IOOpenPolledCoreFile, NULL, THREAD_CALL_PRIORITY_KERNEL, THREAD_CALL_OPTIONS_ONCE); 123 #endif 124 125 return kIOReturnSuccess; 126 } 127 128 void 129 IOServicePublishResource( const char * property, boolean_t value ) 130 { 131 if (value) { 132 IOService::publishResource( property, kOSBooleanTrue ); 133 } else { 134 IOService::getResourceService()->removeProperty( property ); 135 } 136 } 137 138 boolean_t 139 IOServiceWaitForMatchingResource( const char * property, uint64_t timeout ) 140 { 141 OSDictionary * dict = NULL; 142 IOService * match = NULL; 143 boolean_t found = false; 144 145 do { 146 dict = IOService::resourceMatching( property ); 147 if (!dict) { 148 continue; 149 } 150 match = IOService::waitForMatchingService( dict, timeout ); 151 if (match) { 152 found = true; 153 } 154 } while (false); 155 156 if (dict) { 157 dict->release(); 158 } 159 if (match) { 160 match->release(); 161 } 162 163 return found; 164 } 165 166 boolean_t 167 IOCatalogueMatchingDriversPresent( const char * property ) 168 { 169 OSDictionary * dict = NULL; 170 OSOrderedSet * set = NULL; 171 SInt32 generationCount = 0; 172 boolean_t found = false; 173 174 do { 175 dict = OSDictionary::withCapacity(1); 176 if (!dict) { 177 continue; 178 } 179 dict->setObject( property, kOSBooleanTrue ); 180 set = gIOCatalogue->findDrivers( dict, &generationCount ); 181 if (set && (set->getCount() > 0)) { 182 found = true; 183 } 184 } while (false); 185 186 if (dict) { 187 dict->release(); 188 } 189 if (set) { 190 set->release(); 191 } 192 193 return found; 194 } 195 196 OSDictionary * 197 IOBSDNameMatching( const char * name ) 198 { 199 OSDictionary * dict; 200 const OSSymbol * str = NULL; 201 202 do { 203 dict = IOService::serviceMatching( gIOServiceKey ); 204 if (!dict) { 205 continue; 206 } 207 str = OSSymbol::withCString( name ); 208 if (!str) { 209 continue; 210 } 211 dict->setObject( kIOBSDNameKey, (OSObject *) str ); 212 str->release(); 213 214 return dict; 215 } while (false); 216 217 if (dict) { 218 dict->release(); 219 } 220 if (str) { 221 str->release(); 222 } 223 224 return NULL; 225 } 226 227 OSDictionary * 228 IOUUIDMatching( void ) 229 { 230 OSObject * obj; 231 OSDictionary * result; 232 233 obj = OSUnserialize( 234 "{" 235 "'IOProviderClass' = 'IOResources';" 236 "'IOResourceMatch' = ('IOBSD', 'boot-uuid-media');" 237 "}", 238 NULL); 239 result = OSDynamicCast(OSDictionary, obj); 240 assert(result); 241 242 return result; 243 } 244 245 OSDictionary * 246 IONetworkNamePrefixMatching( const char * prefix ) 247 { 248 OSDictionary * matching; 249 OSDictionary * propDict = NULL; 250 const OSSymbol * str = NULL; 251 char networkType[128]; 252 253 do { 254 matching = IOService::serviceMatching( "IONetworkInterface" ); 255 if (matching == NULL) { 256 continue; 257 } 258 259 propDict = OSDictionary::withCapacity(1); 260 if (propDict == NULL) { 261 continue; 262 } 263 264 str = OSSymbol::withCString( prefix ); 265 if (str == NULL) { 266 continue; 267 } 268 269 propDict->setObject( "IOInterfaceNamePrefix", (OSObject *) str ); 270 str->release(); 271 str = NULL; 272 273 // see if we're contrained to netroot off of specific network type 274 if (PE_parse_boot_argn( "network-type", networkType, 128 )) { 275 str = OSSymbol::withCString( networkType ); 276 if (str) { 277 propDict->setObject( "IONetworkRootType", str); 278 str->release(); 279 str = NULL; 280 } 281 } 282 283 if (matching->setObject( gIOPropertyMatchKey, 284 (OSObject *) propDict ) != true) { 285 continue; 286 } 287 288 propDict->release(); 289 propDict = NULL; 290 291 return matching; 292 } while (false); 293 294 if (matching) { 295 matching->release(); 296 } 297 if (propDict) { 298 propDict->release(); 299 } 300 if (str) { 301 str->release(); 302 } 303 304 return NULL; 305 } 306 307 static bool 308 IORegisterNetworkInterface( IOService * netif ) 309 { 310 // A network interface is typically named and registered 311 // with BSD after receiving a request from a user space 312 // "namer". However, for cases when the system needs to 313 // root from the network, this registration task must be 314 // done inside the kernel and completed before the root 315 // device is handed to BSD. 316 317 IOService * stack; 318 OSNumber * zero = NULL; 319 OSString * path = NULL; 320 OSDictionary * dict = NULL; 321 OSDataAllocation<char> pathBuf; 322 int len; 323 enum { kMaxPathLen = 512 }; 324 325 do { 326 stack = IOService::waitForService( 327 IOService::serviceMatching("IONetworkStack")); 328 if (stack == NULL) { 329 break; 330 } 331 332 dict = OSDictionary::withCapacity(3); 333 if (dict == NULL) { 334 break; 335 } 336 337 zero = OSNumber::withNumber((UInt64) 0, 32); 338 if (zero == NULL) { 339 break; 340 } 341 342 pathBuf = OSDataAllocation<char>( kMaxPathLen, OSAllocateMemory ); 343 if (!pathBuf) { 344 break; 345 } 346 347 len = kMaxPathLen; 348 if (netif->getPath( pathBuf.data(), &len, gIOServicePlane ) 349 == false) { 350 break; 351 } 352 353 path = OSString::withCStringNoCopy(pathBuf.data()); 354 if (path == NULL) { 355 break; 356 } 357 358 dict->setObject( "IOInterfaceUnit", zero ); 359 dict->setObject( kIOPathMatchKey, path ); 360 361 stack->setProperties( dict ); 362 }while (false); 363 364 if (zero) { 365 zero->release(); 366 } 367 if (path) { 368 path->release(); 369 } 370 if (dict) { 371 dict->release(); 372 } 373 374 return netif->getProperty( kIOBSDNameKey ) != NULL; 375 } 376 377 OSDictionary * 378 IOOFPathMatching( const char * path, char * buf, int maxLen ) 379 { 380 OSDictionary * matching = NULL; 381 OSString * str; 382 char * comp; 383 int len; 384 385 do { 386 len = ((int) strlen( kIODeviceTreePlane ":" )); 387 maxLen -= len; 388 if (maxLen <= 0) { 389 continue; 390 } 391 392 strlcpy( buf, kIODeviceTreePlane ":", len + 1 ); 393 comp = buf + len; 394 395 len = ((int) strnlen( path, INT_MAX )); 396 maxLen -= len; 397 if (maxLen <= 0) { 398 continue; 399 } 400 strlcpy( comp, path, len + 1 ); 401 402 matching = OSDictionary::withCapacity( 1 ); 403 if (!matching) { 404 continue; 405 } 406 407 str = OSString::withCString( buf ); 408 if (!str) { 409 continue; 410 } 411 matching->setObject( kIOPathMatchKey, str ); 412 str->release(); 413 414 return matching; 415 } while (false); 416 417 if (matching) { 418 matching->release(); 419 } 420 421 return NULL; 422 } 423 424 static int didRam = 0; 425 enum { kMaxPathBuf = 512, kMaxBootVar = 128 }; 426 427 bool 428 IOGetBootUUID(char *uuid) 429 { 430 IORegistryEntry *entry; 431 OSData *uuid_data = NULL; 432 bool result = false; 433 434 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) { 435 uuid_data = (OSData *)entry->getProperty("boot-uuid"); 436 if (uuid_data) { 437 unsigned int length = uuid_data->getLength(); 438 if (length <= sizeof(uuid_string_t)) { 439 /* ensure caller's buffer is fully initialized: */ 440 bzero(uuid, sizeof(uuid_string_t)); 441 /* copy the content of uuid_data->getBytesNoCopy() into uuid */ 442 memcpy(uuid, uuid_data->getBytesNoCopy(), length); 443 /* guarantee nul-termination: */ 444 uuid[sizeof(uuid_string_t) - 1] = '\0'; 445 result = true; 446 } else { 447 uuid = NULL; 448 } 449 } 450 OSSafeReleaseNULL(entry); 451 } 452 return result; 453 } 454 455 bool 456 IOGetApfsPrebootUUID(char *uuid) 457 { 458 IORegistryEntry *entry; 459 OSData *uuid_data = NULL; 460 bool result = false; 461 462 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) { 463 uuid_data = (OSData *)entry->getProperty("apfs-preboot-uuid"); 464 465 if (uuid_data) { 466 unsigned int length = uuid_data->getLength(); 467 if (length <= sizeof(uuid_string_t)) { 468 /* ensure caller's buffer is fully initialized: */ 469 bzero(uuid, sizeof(uuid_string_t)); 470 /* copy the content of uuid_data->getBytesNoCopy() into uuid */ 471 memcpy(uuid, uuid_data->getBytesNoCopy(), length); 472 /* guarantee nul-termination: */ 473 uuid[sizeof(uuid_string_t) - 1] = '\0'; 474 result = true; 475 } else { 476 uuid = NULL; 477 } 478 } 479 OSSafeReleaseNULL(entry); 480 } 481 return result; 482 } 483 484 bool 485 IOGetAssociatedApfsVolgroupUUID(char *uuid) 486 { 487 IORegistryEntry *entry; 488 OSData *uuid_data = NULL; 489 bool result = false; 490 491 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) { 492 uuid_data = (OSData *)entry->getProperty("associated-volume-group"); 493 494 if (uuid_data) { 495 unsigned int length = uuid_data->getLength(); 496 497 if (length <= sizeof(uuid_string_t)) { 498 /* ensure caller's buffer is fully initialized: */ 499 bzero(uuid, sizeof(uuid_string_t)); 500 /* copy the content of uuid_data->getBytesNoCopy() into uuid */ 501 memcpy(uuid, uuid_data->getBytesNoCopy(), length); 502 /* guarantee nul-termination: */ 503 uuid[sizeof(uuid_string_t) - 1] = '\0'; 504 result = true; 505 } else { 506 uuid = NULL; 507 } 508 } 509 OSSafeReleaseNULL(entry); 510 } 511 return result; 512 } 513 514 bool 515 IOGetBootObjectsPath(char *path_prefix) 516 { 517 IORegistryEntry *entry; 518 OSData *path_prefix_data = NULL; 519 bool result = false; 520 521 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) { 522 path_prefix_data = (OSData *)entry->getProperty("boot-objects-path"); 523 524 if (path_prefix_data) { 525 unsigned int length = path_prefix_data->getLength(); 526 527 if (length <= MAXPATHLEN) { 528 /* ensure caller's buffer is fully initialized: */ 529 bzero(path_prefix, MAXPATHLEN); 530 /* copy the content of path_prefix_data->getBytesNoCopy() into path_prefix */ 531 memcpy(path_prefix, path_prefix_data->getBytesNoCopy(), length); 532 /* guarantee nul-termination: */ 533 path_prefix[MAXPATHLEN - 1] = '\0'; 534 result = true; 535 } else { 536 path_prefix = NULL; 537 } 538 } 539 OSSafeReleaseNULL(entry); 540 } 541 return result; 542 } 543 544 545 bool 546 IOGetBootManifestHash(char *hash_data, size_t *hash_data_size) 547 { 548 IORegistryEntry *entry = NULL; 549 OSData *manifest_hash_data = NULL; 550 bool result = false; 551 552 if ((entry = IORegistryEntry::fromPath("/chosen", gIODTPlane))) { 553 manifest_hash_data = (OSData *)entry->getProperty("boot-manifest-hash"); 554 if (manifest_hash_data) { 555 unsigned int length = manifest_hash_data->getLength(); 556 /* hashed with SHA2-384 or SHA1, the boot manifest hash should be 48 Bytes or less */ 557 if ((length <= CCSHA384_OUTPUT_SIZE) && (*hash_data_size >= CCSHA384_OUTPUT_SIZE)) { 558 /* ensure caller's buffer is fully initialized: */ 559 bzero(hash_data, CCSHA384_OUTPUT_SIZE); 560 /* copy the content of manifest_hash_data->getBytesNoCopy() into hash_data */ 561 memcpy(hash_data, manifest_hash_data->getBytesNoCopy(), length); 562 *hash_data_size = length; 563 result = true; 564 } else { 565 hash_data = NULL; 566 *hash_data_size = 0; 567 } 568 } 569 OSSafeReleaseNULL(entry); 570 } 571 572 return result; 573 } 574 575 /* 576 * Set NVRAM to boot into the right flavor of Recovery, 577 * optionally passing a UUID of a volume that failed to boot. 578 * If `reboot` is true, reboot immediately. 579 * 580 * Returns true if `mode` was understood, false otherwise. 581 * (Does not return if `reboot` is true.) 582 */ 583 boolean_t 584 IOSetRecoveryBoot(bsd_bootfail_mode_t mode, uuid_t volume_uuid, boolean_t reboot) 585 { 586 IODTNVRAM *nvram = NULL; 587 const OSSymbol *boot_command_sym = NULL; 588 OSString *boot_command_recover = NULL; 589 590 if (mode == BSD_BOOTFAIL_SEAL_BROKEN) { 591 const char *boot_mode = "ssv-seal-broken"; 592 uuid_string_t volume_uuid_str; 593 594 // Set `recovery-broken-seal-uuid = <volume_uuid>`. 595 if (volume_uuid) { 596 uuid_unparse_upper(volume_uuid, volume_uuid_str); 597 598 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-broken-seal-uuid", 599 volume_uuid_str, sizeof(uuid_string_t))) { 600 IOLog("Failed to write recovery-broken-seal-uuid to NVRAM.\n"); 601 } 602 } 603 604 // Set `recovery-boot-mode = ssv-seal-broken`. 605 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-boot-mode", boot_mode, 606 (const unsigned int) strlen(boot_mode))) { 607 IOLog("Failed to write recovery-boot-mode to NVRAM.\n"); 608 } 609 } else if (mode == BSD_BOOTFAIL_MEDIA_MISSING) { 610 const char *boot_picker_reason = "missing-boot-media"; 611 612 // Set `boot-picker-bringup-reason = missing-boot-media`. 613 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "boot-picker-bringup-reason", 614 boot_picker_reason, (const unsigned int) strlen(boot_picker_reason))) { 615 IOLog("Failed to write boot-picker-bringup-reason to NVRAM.\n"); 616 } 617 618 // Set `boot-command = recover-system`. 619 620 // Construct an OSSymbol and an OSString to be the (key, value) pair 621 // we write to NVRAM. Unfortunately, since our value must be an OSString 622 // instead of an OSData, we cannot use PEWriteNVRAMProperty() here. 623 boot_command_sym = OSSymbol::withCStringNoCopy(SYSTEM_NVRAM_PREFIX "boot-command"); 624 boot_command_recover = OSString::withCStringNoCopy("recover-system"); 625 if (boot_command_sym == NULL || boot_command_recover == NULL) { 626 IOLog("Failed to create boot-command strings.\n"); 627 goto do_reboot; 628 } 629 630 // Wait for NVRAM to be readable... 631 nvram = OSDynamicCast(IODTNVRAM, IOService::waitForService( 632 IOService::serviceMatching("IODTNVRAM"))); 633 if (nvram == NULL) { 634 IOLog("Failed to acquire IODTNVRAM object.\n"); 635 goto do_reboot; 636 } 637 638 // Wait for NVRAM to be writable... 639 if (!IOServiceWaitForMatchingResource("IONVRAM", UINT64_MAX)) { 640 IOLog("Failed to wait for IONVRAM service.\n"); 641 // attempt the work anyway... 642 } 643 644 // Write the new boot-command to NVRAM, and sync if successful. 645 if (!nvram->setProperty(boot_command_sym, boot_command_recover)) { 646 IOLog("Failed to save new boot-command to NVRAM.\n"); 647 } else { 648 nvram->sync(); 649 } 650 } else { 651 IOLog("Unknown mode: %d\n", mode); 652 return false; 653 } 654 655 // Clean up and reboot! 656 do_reboot: 657 if (boot_command_recover != NULL) { 658 boot_command_recover->release(); 659 } 660 661 if (boot_command_sym != NULL) { 662 boot_command_sym->release(); 663 } 664 665 if (reboot) { 666 IOLog("\nAbout to reboot into Recovery!\n"); 667 (void)PEHaltRestart(kPEPanicRestartCPUNoCallouts); 668 } 669 670 return true; 671 } 672 673 kern_return_t 674 IOFindBSDRoot( char * rootName, unsigned int rootNameSize, 675 dev_t * root, u_int32_t * oflags ) 676 { 677 mach_timespec_t t; 678 IOService * service; 679 IORegistryEntry * regEntry; 680 OSDictionary * matching = NULL; 681 OSString * iostr; 682 OSNumber * off; 683 OSData * data = NULL; 684 685 UInt32 flags = 0; 686 int mnr, mjr; 687 const char * mediaProperty = NULL; 688 char * rdBootVar; 689 OSDataAllocation<char> str; 690 const char * look = NULL; 691 int len; 692 int wdt = 0; 693 bool debugInfoPrintedOnce = false; 694 bool needNetworkKexts = false; 695 const char * uuidStr = NULL; 696 697 static int mountAttempts = 0; 698 699 int xchar, dchar; 700 701 // stall here for anyone matching on the IOBSD resource to finish (filesystems) 702 matching = IOService::serviceMatching(gIOResourcesKey); 703 assert(matching); 704 matching->setObject(gIOResourceMatchedKey, gIOBSDKey); 705 706 if ((service = IOService::waitForMatchingService(matching, 30ULL * kSecondScale))) { 707 OSSafeReleaseNULL(service); 708 } else { 709 IOLog("!BSD\n"); 710 } 711 matching->release(); 712 matching = NULL; 713 714 if (mountAttempts++) { 715 IOLog("mount(%d) failed\n", mountAttempts); 716 IOSleep( 5 * 1000 ); 717 } 718 719 str = OSDataAllocation<char>( kMaxPathBuf + kMaxBootVar, OSAllocateMemory ); 720 if (!str) { 721 return kIOReturnNoMemory; 722 } 723 rdBootVar = str.data() + kMaxPathBuf; 724 725 if (!PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar ) 726 && !PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) { 727 rdBootVar[0] = 0; 728 } 729 730 if ((regEntry = IORegistryEntry::fromPath( "/chosen", gIODTPlane ))) { 731 do { 732 di_root_ramfile(regEntry); 733 OSObject* unserializedContainer = NULL; 734 data = OSDynamicCast(OSData, regEntry->getProperty( "root-matching" )); 735 if (data) { 736 unserializedContainer = OSUnserializeXML((char *)data->getBytesNoCopy()); 737 matching = OSDynamicCast(OSDictionary, unserializedContainer); 738 if (matching) { 739 continue; 740 } 741 } 742 OSSafeReleaseNULL(unserializedContainer); 743 744 data = (OSData *) regEntry->getProperty( "boot-uuid" ); 745 if (data) { 746 uuidStr = (const char*)data->getBytesNoCopy(); 747 OSString *uuidString = OSString::withCString( uuidStr ); 748 749 // match the boot-args boot-uuid processing below 750 if (uuidString) { 751 IOLog("rooting via boot-uuid from /chosen: %s\n", uuidStr); 752 IOService::publishResource( "boot-uuid", uuidString ); 753 uuidString->release(); 754 matching = IOUUIDMatching(); 755 mediaProperty = "boot-uuid-media"; 756 continue; 757 } else { 758 uuidStr = NULL; 759 } 760 } 761 } while (false); 762 OSSafeReleaseNULL(regEntry); 763 } 764 765 // 766 // See if we have a RAMDisk property in /chosen/memory-map. If so, make it into a device. 767 // It will become /dev/mdx, where x is 0-f. 768 // 769 770 if (!didRam) { /* Have we already build this ram disk? */ 771 didRam = 1; /* Remember we did this */ 772 if ((regEntry = IORegistryEntry::fromPath( "/chosen/memory-map", gIODTPlane ))) { /* Find the map node */ 773 data = (OSData *)regEntry->getProperty("RAMDisk"); /* Find the ram disk, if there */ 774 if (data) { /* We found one */ 775 uintptr_t *ramdParms; 776 /* BEGIN IGNORE CODESTYLE */ 777 __typed_allocators_ignore_push 778 ramdParms = (uintptr_t *)data->getBytesNoCopy(); /* Point to the ram disk base and size */ 779 __typed_allocators_ignore_pop 780 /* END IGNORE CODESTYLE */ 781 #if __LP64__ 782 #define MAX_PHYS_RAM (((uint64_t)UINT_MAX) << 12) 783 if (ramdParms[1] > MAX_PHYS_RAM) { 784 panic("ramdisk params"); 785 } 786 #endif /* __LP64__ */ 787 (void)mdevadd(-1, ml_static_ptovirt(ramdParms[0]) >> 12, (unsigned int) (ramdParms[1] >> 12), 0); /* Initialize it and pass back the device number */ 788 } 789 regEntry->release(); /* Toss the entry */ 790 } 791 } 792 793 // 794 // Now check if we are trying to root on a memory device 795 // 796 797 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) { 798 dchar = xchar = rdBootVar[2]; /* Get the actual device */ 799 if ((xchar >= '0') && (xchar <= '9')) { 800 xchar = xchar - '0'; /* If digit, convert */ 801 } else { 802 xchar = xchar & ~' '; /* Fold to upper case */ 803 if ((xchar >= 'A') && (xchar <= 'F')) { /* Is this a valid digit? */ 804 xchar = (xchar & 0xF) + 9; /* Convert the hex digit */ 805 dchar = dchar | ' '; /* Fold to lower case */ 806 } else { 807 xchar = -1; /* Show bogus */ 808 } 809 } 810 if (xchar >= 0) { /* Do we have a valid memory device name? */ 811 OSSafeReleaseNULL(matching); 812 *root = mdevlookup(xchar); /* Find the device number */ 813 if (*root >= 0) { /* Did we find one? */ 814 rootName[0] = 'm'; /* Build root name */ 815 rootName[1] = 'd'; /* Build root name */ 816 rootName[2] = (char) dchar; /* Build root name */ 817 rootName[3] = 0; /* Build root name */ 818 IOLog("BSD root: %s, major %d, minor %d\n", rootName, major(*root), minor(*root)); 819 *oflags = 0; /* Show that this is not network */ 820 821 #if CONFIG_KDP_INTERACTIVE_DEBUGGING 822 /* retrieve final ramdisk range and initialize KDP variables */ 823 if (mdevgetrange(xchar, &kdp_core_ramdisk_addr, &kdp_core_ramdisk_size) != 0) { 824 IOLog("Unable to retrieve range for root memory device %d\n", xchar); 825 kdp_core_ramdisk_addr = 0; 826 kdp_core_ramdisk_size = 0; 827 } 828 #endif 829 830 goto iofrootx; /* Join common exit... */ 831 } 832 panic("IOFindBSDRoot: specified root memory device, %s, has not been configured", rdBootVar); /* Not there */ 833 } 834 } 835 836 if ((!matching) && rdBootVar[0]) { 837 // by BSD name 838 look = rdBootVar; 839 if (look[0] == '*') { 840 look++; 841 } 842 843 if (strncmp( look, "en", strlen( "en" )) == 0) { 844 matching = IONetworkNamePrefixMatching( "en" ); 845 needNetworkKexts = true; 846 } else if (strncmp( look, "uuid", strlen( "uuid" )) == 0) { 847 OSDataAllocation<char> uuid( kMaxBootVar, OSAllocateMemory ); 848 849 if (uuid) { 850 OSString *uuidString; 851 852 if (!PE_parse_boot_argn( "boot-uuid", uuid.data(), kMaxBootVar )) { 853 panic( "rd=uuid but no boot-uuid=<value> specified" ); 854 } 855 uuidString = OSString::withCString(uuid.data()); 856 if (uuidString) { 857 IOService::publishResource( "boot-uuid", uuidString ); 858 uuidString->release(); 859 IOLog("\nWaiting for boot volume with UUID %s\n", uuid.data()); 860 matching = IOUUIDMatching(); 861 mediaProperty = "boot-uuid-media"; 862 } 863 } 864 } else { 865 matching = IOBSDNameMatching( look ); 866 } 867 } 868 869 if (!matching) { 870 OSString * astring; 871 // Match any HFS media 872 873 matching = IOService::serviceMatching( "IOMedia" ); 874 assert(matching); 875 astring = OSString::withCStringNoCopy("Apple_HFS"); 876 if (astring) { 877 matching->setObject("Content", astring); 878 astring->release(); 879 } 880 } 881 882 if (gIOKitDebug & kIOWaitQuietBeforeRoot) { 883 IOLog( "Waiting for matching to complete\n" ); 884 IOService::getPlatform()->waitQuiet(); 885 } 886 887 if (matching) { 888 OSSerialize * s = OSSerialize::withCapacity( 5 ); 889 890 if (matching->serialize( s )) { 891 IOLog( "Waiting on %s\n", s->text()); 892 } 893 s->release(); 894 } 895 896 char namep[8]; 897 if (needNetworkKexts 898 || PE_parse_boot_argn("-s", namep, sizeof(namep))) { 899 IOService::startDeferredMatches(); 900 } 901 902 PE_parse_boot_argn("wdt", &wdt, sizeof(wdt)); 903 do { 904 t.tv_sec = ROOTDEVICETIMEOUT; 905 t.tv_nsec = 0; 906 matching->retain(); 907 service = IOService::waitForService( matching, &t ); 908 if ((-1 != wdt) && (!service || (mountAttempts == 10))) { 909 #if !XNU_TARGET_OS_OSX || !defined(__arm64__) 910 PE_display_icon( 0, "noroot"); 911 IOLog( "Still waiting for root device\n" ); 912 #endif 913 914 if (!debugInfoPrintedOnce) { 915 debugInfoPrintedOnce = true; 916 if (gIOKitDebug & kIOLogDTree) { 917 IOLog("\nDT plane:\n"); 918 IOPrintPlane( gIODTPlane ); 919 } 920 if (gIOKitDebug & kIOLogServiceTree) { 921 IOLog("\nService plane:\n"); 922 IOPrintPlane( gIOServicePlane ); 923 } 924 if (gIOKitDebug & kIOLogMemory) { 925 IOPrintMemory(); 926 } 927 } 928 929 #if XNU_TARGET_OS_OSX && defined(__arm64__) 930 // The disk isn't found - have the user pick from System Recovery. 931 (void)IOSetRecoveryBoot(BSD_BOOTFAIL_MEDIA_MISSING, NULL, true); 932 #elif XNU_TARGET_OS_IOS || XNU_TARGET_OS_XR 933 panic("Failed to mount root device"); 934 #endif 935 } 936 } while (!service); 937 938 OSSafeReleaseNULL(matching); 939 940 if (service && mediaProperty) { 941 service = (IOService *)service->getProperty(mediaProperty); 942 } 943 944 mjr = 0; 945 mnr = 0; 946 947 // If the IOService we matched to is a subclass of IONetworkInterface, 948 // then make sure it has been registered with BSD and has a BSD name 949 // assigned. 950 951 if (service 952 && service->metaCast( "IONetworkInterface" ) 953 && !IORegisterNetworkInterface( service )) { 954 service = NULL; 955 } 956 957 if (service) { 958 len = kMaxPathBuf; 959 service->getPath( str.data(), &len, gIOServicePlane ); 960 IOLog("Got boot device = %s\n", str.data()); 961 962 iostr = (OSString *) service->getProperty( kIOBSDNameKey ); 963 if (iostr) { 964 strlcpy( rootName, iostr->getCStringNoCopy(), rootNameSize ); 965 } 966 off = (OSNumber *) service->getProperty( kIOBSDMajorKey ); 967 if (off) { 968 mjr = off->unsigned32BitValue(); 969 } 970 off = (OSNumber *) service->getProperty( kIOBSDMinorKey ); 971 if (off) { 972 mnr = off->unsigned32BitValue(); 973 } 974 975 if (service->metaCast( "IONetworkInterface" )) { 976 flags |= 1; 977 } 978 } else { 979 IOLog( "Wait for root failed\n" ); 980 strlcpy( rootName, "en0", rootNameSize ); 981 flags |= 1; 982 } 983 984 IOLog( "BSD root: %s", rootName ); 985 if (mjr) { 986 IOLog(", major %d, minor %d\n", mjr, mnr ); 987 } else { 988 IOLog("\n"); 989 } 990 991 *root = makedev( mjr, mnr ); 992 *oflags = flags; 993 994 iofrootx: 995 996 IOService::setRootMedia(service); 997 998 if ((gIOKitDebug & (kIOLogDTree | kIOLogServiceTree | kIOLogMemory)) && !debugInfoPrintedOnce) { 999 IOService::getPlatform()->waitQuiet(); 1000 if (gIOKitDebug & kIOLogDTree) { 1001 IOLog("\nDT plane:\n"); 1002 IOPrintPlane( gIODTPlane ); 1003 } 1004 if (gIOKitDebug & kIOLogServiceTree) { 1005 IOLog("\nService plane:\n"); 1006 IOPrintPlane( gIOServicePlane ); 1007 } 1008 if (gIOKitDebug & kIOLogMemory) { 1009 IOPrintMemory(); 1010 } 1011 } 1012 1013 return kIOReturnSuccess; 1014 } 1015 1016 void 1017 IOSetImageBoot(void) 1018 { 1019 // this will unhide all IOMedia, without waiting for kernelmanagement to start 1020 IOService::setRootMedia(NULL); 1021 } 1022 1023 bool 1024 IORamDiskBSDRoot(void) 1025 { 1026 char rdBootVar[kMaxBootVar]; 1027 if (PE_parse_boot_argn("rd", rdBootVar, kMaxBootVar ) 1028 || PE_parse_boot_argn("rootdev", rdBootVar, kMaxBootVar )) { 1029 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) { 1030 return true; 1031 } 1032 } 1033 return false; 1034 } 1035 1036 void 1037 IOSecureBSDRoot(const char * rootName) 1038 { 1039 #if CONFIG_SECURE_BSD_ROOT 1040 IOReturn result; 1041 IOPlatformExpert *pe; 1042 OSDictionary *matching; 1043 const OSSymbol *functionName = OSSymbol::withCStringNoCopy("SecureRootName"); 1044 1045 matching = IOService::serviceMatching("IOPlatformExpert"); 1046 assert(matching); 1047 pe = (IOPlatformExpert *) IOService::waitForMatchingService(matching, 30ULL * kSecondScale); 1048 matching->release(); 1049 assert(pe); 1050 // Returns kIOReturnNotPrivileged is the root device is not secure. 1051 // Returns kIOReturnUnsupported if "SecureRootName" is not implemented. 1052 result = pe->callPlatformFunction(functionName, false, (void *)rootName, (void *)NULL, (void *)NULL, (void *)NULL); 1053 functionName->release(); 1054 OSSafeReleaseNULL(pe); 1055 1056 if (result == kIOReturnNotPrivileged) { 1057 mdevremoveall(); 1058 } 1059 1060 #endif // CONFIG_SECURE_BSD_ROOT 1061 } 1062 1063 void * 1064 IOBSDRegistryEntryForDeviceTree(char * path) 1065 { 1066 return IORegistryEntry::fromPath(path, gIODTPlane); 1067 } 1068 1069 void 1070 IOBSDRegistryEntryRelease(void * entry) 1071 { 1072 IORegistryEntry * regEntry = (IORegistryEntry *)entry; 1073 1074 if (regEntry) { 1075 regEntry->release(); 1076 } 1077 return; 1078 } 1079 1080 const void * 1081 IOBSDRegistryEntryGetData(void * entry, char * property_name, 1082 int * packet_length) 1083 { 1084 OSData * data; 1085 IORegistryEntry * regEntry = (IORegistryEntry *)entry; 1086 1087 data = (OSData *) regEntry->getProperty(property_name); 1088 if (data) { 1089 *packet_length = data->getLength(); 1090 return data->getBytesNoCopy(); 1091 } 1092 return NULL; 1093 } 1094 1095 kern_return_t 1096 IOBSDGetPlatformUUID( uuid_t uuid, mach_timespec_t timeout ) 1097 { 1098 IOService * resources; 1099 OSString * string; 1100 1101 resources = IOService::waitForService( IOService::resourceMatching( kIOPlatformUUIDKey ), (timeout.tv_sec || timeout.tv_nsec) ? &timeout : NULL ); 1102 if (resources == NULL) { 1103 return KERN_OPERATION_TIMED_OUT; 1104 } 1105 1106 string = (OSString *) IOService::getPlatform()->getProvider()->getProperty( kIOPlatformUUIDKey ); 1107 if (string == NULL) { 1108 return KERN_NOT_SUPPORTED; 1109 } 1110 1111 uuid_parse( string->getCStringNoCopy(), uuid ); 1112 1113 return KERN_SUCCESS; 1114 } 1115 } /* extern "C" */ 1116 1117 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ 1118 1119 #include <sys/conf.h> 1120 #include <sys/lock.h> 1121 #include <sys/vnode.h> 1122 #include <sys/vnode_if.h> 1123 #include <sys/vnode_internal.h> 1124 #include <sys/fcntl.h> 1125 #include <sys/fsctl.h> 1126 #include <sys/mount.h> 1127 #include <IOKit/IOPolledInterface.h> 1128 #include <IOKit/IOBufferMemoryDescriptor.h> 1129 1130 // see HFSIOC_VOLUME_STATUS in APFS/HFS 1131 #define HFS_IOCTL_VOLUME_STATUS _IOR('h', 24, u_int32_t) 1132 1133 LCK_GRP_DECLARE(gIOPolledCoreFileGrp, "polled_corefile"); 1134 LCK_MTX_DECLARE(gIOPolledCoreFileMtx, &gIOPolledCoreFileGrp); 1135 1136 IOPolledFileIOVars * gIOPolledCoreFileVars; 1137 kern_return_t gIOPolledCoreFileOpenRet = kIOReturnNotReady; 1138 IOPolledCoreFileMode_t gIOPolledCoreFileMode = kIOPolledCoreFileModeNotInitialized; 1139 1140 #if IOPOLLED_COREFILE 1141 1142 #define ONE_MB 1024ULL * 1024ULL 1143 1144 #if defined(XNU_TARGET_OS_BRIDGE) 1145 // On bridgeOS allocate a 150MB corefile and leave 150MB free 1146 #define kIOCoreDumpSize 150ULL * ONE_MB 1147 #define kIOCoreDumpFreeSize 150ULL * ONE_MB 1148 1149 #elif defined(XNU_TARGET_OS_OSX) 1150 1151 // on macOS devices allocate a corefile sized at 1GB / 32GB of DRAM, 1152 // fallback to a 1GB corefile and leave at least 1GB free 1153 #define kIOCoreDumpMinSize 1024ULL * ONE_MB 1154 #define kIOCoreDumpIncrementalSize 1024ULL * ONE_MB 1155 1156 #define kIOCoreDumpFreeSize 1024ULL * ONE_MB 1157 1158 // on older macOS devices we allocate a 1MB file at boot 1159 // to store a panic time stackshot 1160 #define kIOStackshotFileSize ONE_MB 1161 1162 #elif defined(XNU_TARGET_OS_XR) 1163 1164 // XR OS requries larger corefile storage because XNU core can take 1165 // up to ~500MB. 1166 1167 #define kIOCoreDumpMinSize 350ULL * ONE_MB 1168 #define kIOCoreDumpLargeSize 750ULL * ONE_MB 1169 1170 #define kIOCoreDumpFreeSize 350ULL * ONE_MB 1171 1172 #else /* defined(XNU_TARGET_OS_BRIDGE) */ 1173 1174 // On embedded devices with >3GB DRAM we allocate a 500MB corefile 1175 // otherwise allocate a 350MB corefile. Leave 350 MB free 1176 #define kIOCoreDumpMinSize 350ULL * ONE_MB 1177 #define kIOCoreDumpLargeSize 500ULL * ONE_MB 1178 1179 #define kIOCoreDumpFreeSize 350ULL * ONE_MB 1180 1181 #endif /* defined(XNU_TARGET_OS_BRIDGE) */ 1182 1183 static IOPolledCoreFileMode_t 1184 GetCoreFileMode() 1185 { 1186 if (on_device_corefile_enabled()) { 1187 return kIOPolledCoreFileModeCoredump; 1188 } else if (panic_stackshot_to_disk_enabled()) { 1189 return kIOPolledCoreFileModeStackshot; 1190 } else { 1191 return kIOPolledCoreFileModeDisabled; 1192 } 1193 } 1194 1195 static void 1196 IOResolveCoreFilePath() 1197 { 1198 DTEntry node; 1199 const char *value = NULL; 1200 unsigned int size = 0; 1201 1202 if (kSuccess != SecureDTLookupEntry(NULL, "/product", &node)) { 1203 return; 1204 } 1205 if (kSuccess != SecureDTGetProperty(node, "kernel-core-dump-location", (void const **) &value, &size)) { 1206 return; 1207 } 1208 if (size == 0) { 1209 return; 1210 } 1211 1212 // The kdp_corefile_path is allowed to be one of 2 options to working locations. 1213 // This value is set on EARLY_BOOT since we need to know it before any volumes are mounted. The mount 1214 // event triggers IOOpenPolledCoreFile() which opens the file. Once we commit to using the path from EDT 1215 // we can't back out since a different path may reside in a different volume. 1216 // In case the path from EDT can't be opened, there will not be a kernel core-dump 1217 if (strlcmp(value, "preboot", size) == 0) { 1218 kdp_corefile_path = kIOCoreDumpPrebootPath; 1219 } else if (strlcmp(value, "default", size) != 0) { 1220 IOLog("corefile path selection in device-tree is not one of the allowed values: %s, Using default %s\n", value, kdp_corefile_path); 1221 return; 1222 } 1223 1224 IOLog("corefile path selection in device-tree was set to: %s (value: %s)\n", kdp_corefile_path, value); 1225 } 1226 STARTUP(EARLY_BOOT, STARTUP_RANK_MIDDLE, IOResolveCoreFilePath); 1227 1228 static void 1229 IOCoreFileGetSize(uint64_t *ideal_size, uint64_t *fallback_size, uint64_t *free_space_to_leave, IOPolledCoreFileMode_t mode) 1230 { 1231 unsigned int requested_corefile_size = 0; 1232 1233 *ideal_size = *fallback_size = *free_space_to_leave = 0; 1234 1235 // If a custom size was requested, override the ideal and requested sizes 1236 if (PE_parse_boot_argn("corefile_size_mb", &requested_corefile_size, 1237 sizeof(requested_corefile_size))) { 1238 IOLog("Boot-args specify %d MB kernel corefile\n", requested_corefile_size); 1239 1240 *ideal_size = *fallback_size = (requested_corefile_size * ONE_MB); 1241 return; 1242 } 1243 1244 unsigned int status_flags = 0; 1245 int error = VNOP_IOCTL(rootvnode, HFS_IOCTL_VOLUME_STATUS, (caddr_t)&status_flags, 0, 1246 vfs_context_kernel()); 1247 if (!error) { 1248 if (status_flags & (VQ_VERYLOWDISK | VQ_LOWDISK | VQ_NEARLOWDISK)) { 1249 IOLog("Volume is low on space. Not allocating kernel corefile.\n"); 1250 return; 1251 } 1252 } else { 1253 IOLog("Couldn't retrieve volume status. Error %d\n", error); 1254 } 1255 1256 #if defined(XNU_TARGET_OS_BRIDGE) 1257 #pragma unused(mode) 1258 *ideal_size = *fallback_size = kIOCoreDumpSize; 1259 *free_space_to_leave = kIOCoreDumpFreeSize; 1260 #elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */ 1261 #pragma unused(mode) 1262 *ideal_size = *fallback_size = kIOCoreDumpMinSize; 1263 1264 if (max_mem > (3 * 1024ULL * ONE_MB)) { 1265 *ideal_size = kIOCoreDumpLargeSize; 1266 } 1267 1268 *free_space_to_leave = kIOCoreDumpFreeSize; 1269 #else /* defined(XNU_TARGET_OS_BRIDGE) */ 1270 if (mode == kIOPolledCoreFileModeCoredump) { 1271 *ideal_size = *fallback_size = kIOCoreDumpMinSize; 1272 if (kIOCoreDumpIncrementalSize != 0 && max_mem > (32 * 1024ULL * ONE_MB)) { 1273 *ideal_size = ((ROUNDUP(max_mem, (32 * 1024ULL * ONE_MB)) / (32 * 1024ULL * ONE_MB)) * kIOCoreDumpIncrementalSize); 1274 } 1275 *free_space_to_leave = kIOCoreDumpFreeSize; 1276 } else if (mode == kIOPolledCoreFileModeStackshot) { 1277 *ideal_size = *fallback_size = *free_space_to_leave = kIOStackshotFileSize; 1278 } 1279 #endif /* defined(XNU_TARGET_OS_BRIDGE) */ 1280 1281 #if EXCLAVES_COREDUMP 1282 *ideal_size += sk_core_size(); 1283 #endif /* EXCLAVES_COREDUMP */ 1284 1285 return; 1286 } 1287 1288 static IOReturn 1289 IOAccessCoreFileData(void *context, boolean_t write, uint64_t offset, int length, void *buffer) 1290 { 1291 errno_t vnode_error = 0; 1292 vfs_context_t vfs_context; 1293 vnode_t vnode_ptr = (vnode_t) context; 1294 1295 vfs_context = vfs_context_kernel(); 1296 vnode_error = vn_rdwr(write ? UIO_WRITE : UIO_READ, vnode_ptr, (caddr_t)buffer, length, offset, 1297 UIO_SYSSPACE, IO_SWAP_DISPATCH | IO_SYNC | IO_NOCACHE | IO_UNIT, vfs_context_ucred(vfs_context), NULL, vfs_context_proc(vfs_context)); 1298 1299 if (vnode_error) { 1300 IOLog("Failed to %s the corefile. Error %d\n", write ? "write to" : "read from", vnode_error); 1301 return kIOReturnError; 1302 } 1303 1304 return kIOReturnSuccess; 1305 } 1306 1307 static void 1308 IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename) 1309 { 1310 assert(corefilename != NULL); 1311 1312 IOReturn err; 1313 char *filename = (char *) corefilename; 1314 uint64_t corefile_size_bytes = 0, corefile_fallback_size_bytes = 0, free_space_to_leave_bytes = 0; 1315 IOPolledCoreFileMode_t mode_to_init = GetCoreFileMode(); 1316 1317 if (gIOPolledCoreFileVars) { 1318 return; 1319 } 1320 if (!IOPolledInterface::gMetaClass.getInstanceCount()) { 1321 return; 1322 } 1323 1324 if (gIOPolledCoreFileMode == kIOPolledCoreFileModeUnlinked) { 1325 return; 1326 } 1327 1328 if (mode_to_init == kIOPolledCoreFileModeDisabled) { 1329 gIOPolledCoreFileMode = kIOPolledCoreFileModeDisabled; 1330 return; 1331 } 1332 1333 // We'll overwrite this once we open the file, we update this to mark that we have made 1334 // it past initialization 1335 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed; 1336 1337 IOCoreFileGetSize(&corefile_size_bytes, &corefile_fallback_size_bytes, &free_space_to_leave_bytes, mode_to_init); 1338 1339 if (corefile_size_bytes == 0 && corefile_fallback_size_bytes == 0) { 1340 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked; 1341 return; 1342 } 1343 1344 do { 1345 // This file reference remains open long-term in case we need to write a core-dump 1346 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_size_bytes, free_space_to_leave_bytes, 1347 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL); 1348 if (kIOReturnSuccess == err) { 1349 break; 1350 } else if (kIOReturnNoSpace == err) { 1351 IOLog("Failed to open corefile of size %llu MB (low disk space)\n", 1352 (corefile_size_bytes / (1024ULL * 1024ULL))); 1353 if (corefile_size_bytes == corefile_fallback_size_bytes) { 1354 gIOPolledCoreFileOpenRet = err; 1355 return; 1356 } 1357 } else { 1358 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n", 1359 (corefile_size_bytes / (1024ULL * 1024ULL)), err); 1360 gIOPolledCoreFileOpenRet = err; 1361 return; 1362 } 1363 1364 err = IOPolledFileOpen(filename, kIOPolledFileCreate, corefile_fallback_size_bytes, free_space_to_leave_bytes, 1365 NULL, 0, &gIOPolledCoreFileVars, NULL, NULL, NULL); 1366 if (kIOReturnSuccess != err) { 1367 IOLog("Failed to open corefile of size %llu MB (returned error 0x%x)\n", 1368 (corefile_fallback_size_bytes / (1024ULL * 1024ULL)), err); 1369 gIOPolledCoreFileOpenRet = err; 1370 return; 1371 } 1372 } while (false); 1373 1374 gIOPolledCoreFileOpenRet = IOPolledFilePollersSetup(gIOPolledCoreFileVars, kIOPolledPreflightCoreDumpState); 1375 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) { 1376 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false); 1377 IOLog("IOPolledFilePollersSetup for corefile failed with error: 0x%x\n", err); 1378 } else { 1379 IOLog("Opened corefile of size %llu MB\n", (corefile_size_bytes / (1024ULL * 1024ULL))); 1380 gIOPolledCoreFileMode = mode_to_init; 1381 } 1382 1383 // Provide the "polled file available" callback with a temporary way to read from the file 1384 (void) IOProvideCoreFileAccess(kdp_core_polled_io_polled_file_available, NULL); 1385 1386 return; 1387 } 1388 1389 kern_return_t 1390 IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context) 1391 { 1392 kern_return_t error = kIOReturnSuccess; 1393 errno_t vnode_error = 0; 1394 vfs_context_t vfs_context; 1395 vnode_t vnode_ptr; 1396 1397 if (!recipient) { 1398 return kIOReturnBadArgument; 1399 } 1400 1401 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) { 1402 return kIOReturnNotReady; 1403 } 1404 1405 // Open the kernel corefile 1406 vfs_context = vfs_context_kernel(); 1407 vnode_error = vnode_open(kdp_corefile_path, (FREAD | FWRITE | O_NOFOLLOW), 0600, 0, &vnode_ptr, vfs_context); 1408 if (vnode_error) { 1409 IOLog("Failed to open the corefile. Error %d\n", vnode_error); 1410 return kIOReturnError; 1411 } 1412 1413 // Call the recipient function 1414 error = recipient(IOAccessCoreFileData, (void *)vnode_ptr, recipient_context); 1415 1416 // Close the kernel corefile 1417 vnode_close(vnode_ptr, FREAD | FWRITE, vfs_context); 1418 1419 return error; 1420 } 1421 1422 static void 1423 IOClosePolledCoreFile(void) 1424 { 1425 // Notify kdp core that the corefile is no longer available 1426 (void) kdp_core_polled_io_polled_file_unavailable(); 1427 1428 gIOPolledCoreFileOpenRet = kIOReturnNotOpen; 1429 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed; 1430 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState); 1431 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, false); 1432 } 1433 1434 static void 1435 IOUnlinkPolledCoreFile(void) 1436 { 1437 // Notify kdp core that the corefile is no longer available 1438 (void) kdp_core_polled_io_polled_file_unavailable(); 1439 1440 gIOPolledCoreFileOpenRet = kIOReturnNotOpen; 1441 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked; 1442 IOPolledFilePollersClose(gIOPolledCoreFileVars, kIOPolledPostflightCoreDumpState); 1443 IOPolledFileClose(&gIOPolledCoreFileVars, 0, NULL, 0, 0, 0, true); 1444 } 1445 1446 #endif /* IOPOLLED_COREFILE */ 1447 1448 extern "C" void 1449 IOBSDMountChange(struct mount * mp, uint32_t op) 1450 { 1451 #if IOPOLLED_COREFILE 1452 uint64_t flags; 1453 char path[128]; 1454 int pathLen; 1455 vnode_t vn; 1456 int result; 1457 1458 lck_mtx_lock(&gIOPolledCoreFileMtx); 1459 1460 switch (op) { 1461 case kIOMountChangeMount: 1462 case kIOMountChangeDidResize: 1463 1464 if (gIOPolledCoreFileVars) { 1465 break; 1466 } 1467 flags = vfs_flags(mp); 1468 if (MNT_RDONLY & flags) { 1469 break; 1470 } 1471 if (!(MNT_LOCAL & flags)) { 1472 break; 1473 } 1474 1475 vn = vfs_vnodecovered(mp); 1476 if (!vn) { 1477 break; 1478 } 1479 pathLen = sizeof(path); 1480 result = vn_getpath(vn, &path[0], &pathLen); 1481 vnode_put(vn); 1482 if (0 != result) { 1483 break; 1484 } 1485 if (!pathLen) { 1486 break; 1487 } 1488 #if defined(XNU_TARGET_OS_BRIDGE) 1489 // on bridgeOS systems we put the core in /private/var/internal. We don't 1490 // want to match with /private/var because /private/var/internal is often mounted 1491 // over /private/var 1492 if ((pathLen - 1) < (int) strlen("/private/var/internal")) { 1493 break; 1494 } 1495 #endif 1496 // Does this mount point include the kernel core-file? 1497 if (0 != strncmp(path, kdp_corefile_path, pathLen - 1)) { 1498 break; 1499 } 1500 1501 thread_call_enter1(corefile_open_call, (void *) kdp_corefile_path); 1502 break; 1503 1504 case kIOMountChangeUnmount: 1505 case kIOMountChangeWillResize: 1506 if (gIOPolledCoreFileVars && (mp == kern_file_mount(gIOPolledCoreFileVars->fileRef))) { 1507 thread_call_cancel_wait(corefile_open_call); 1508 IOClosePolledCoreFile(); 1509 } 1510 break; 1511 } 1512 1513 lck_mtx_unlock(&gIOPolledCoreFileMtx); 1514 #endif /* IOPOLLED_COREFILE */ 1515 } 1516 1517 extern "C" void 1518 IOBSDLowSpaceUnlinkKernelCore(void) 1519 { 1520 #if IOPOLLED_COREFILE 1521 lck_mtx_lock(&gIOPolledCoreFileMtx); 1522 if (gIOPolledCoreFileVars) { 1523 thread_call_cancel_wait(corefile_open_call); 1524 IOUnlinkPolledCoreFile(); 1525 } 1526 lck_mtx_unlock(&gIOPolledCoreFileMtx); 1527 #endif 1528 } 1529 1530 /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ 1531 1532 static char* 1533 copyOSStringAsCString(OSString *string) 1534 { 1535 size_t string_length = 0; 1536 char *c_string = NULL; 1537 1538 if (string == NULL) { 1539 return NULL; 1540 } 1541 string_length = string->getLength() + 1; 1542 1543 /* Allocate kernel data memory for the string */ 1544 c_string = (char*)kalloc_data(string_length, (zalloc_flags_t)(Z_ZERO | Z_WAITOK | Z_NOFAIL)); 1545 assert(c_string != NULL); 1546 1547 /* Copy in the string */ 1548 strlcpy(c_string, string->getCStringNoCopy(), string_length); 1549 1550 return c_string; 1551 } 1552 1553 extern "C" OS_ALWAYS_INLINE boolean_t 1554 IOCurrentTaskHasStringEntitlement(const char *entitlement, const char *value) 1555 { 1556 return IOTaskHasStringEntitlement(NULL, entitlement, value); 1557 } 1558 1559 extern "C" boolean_t 1560 IOTaskHasStringEntitlement(task_t task, const char *entitlement, const char *value) 1561 { 1562 if (task == NULL) { 1563 task = current_task(); 1564 } 1565 1566 /* Validate input arguments */ 1567 if (task == kernel_task || entitlement == NULL || value == NULL) { 1568 return false; 1569 } 1570 proc_t proc = (proc_t)get_bsdtask_info(task); 1571 1572 kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc( 1573 proc, 1574 entitlement, 1575 value); 1576 1577 if (ret == KERN_SUCCESS) { 1578 return true; 1579 } 1580 1581 return false; 1582 } 1583 1584 extern "C" OS_ALWAYS_INLINE boolean_t 1585 IOCurrentTaskHasEntitlement(const char *entitlement) 1586 { 1587 return IOTaskHasEntitlement(NULL, entitlement); 1588 } 1589 1590 extern "C" boolean_t 1591 IOTaskHasEntitlement(task_t task, const char *entitlement) 1592 { 1593 if (task == NULL) { 1594 task = current_task(); 1595 } 1596 1597 /* Validate input arguments */ 1598 if (task == kernel_task || entitlement == NULL) { 1599 return false; 1600 } 1601 proc_t proc = (proc_t)get_bsdtask_info(task); 1602 1603 kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc( 1604 proc, 1605 entitlement); 1606 1607 if (ret == KERN_SUCCESS) { 1608 return true; 1609 } 1610 1611 return false; 1612 } 1613 1614 extern "C" OS_ALWAYS_INLINE char* 1615 IOCurrentTaskGetEntitlement(const char *entitlement) 1616 { 1617 return IOTaskGetEntitlement(NULL, entitlement); 1618 } 1619 1620 extern "C" char* 1621 IOTaskGetEntitlement(task_t task, const char *entitlement) 1622 { 1623 void *entitlement_object = NULL; 1624 char *return_value = NULL; 1625 1626 if (task == NULL) { 1627 task = current_task(); 1628 } 1629 1630 /* Validate input arguments */ 1631 if (task == kernel_task || entitlement == NULL) { 1632 return NULL; 1633 } 1634 proc_t proc = (proc_t)get_bsdtask_info(task); 1635 1636 kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc( 1637 proc, 1638 entitlement, 1639 &entitlement_object); 1640 1641 if (ret != KERN_SUCCESS) { 1642 return NULL; 1643 } 1644 assert(entitlement_object != NULL); 1645 1646 OSObject *os_object = (OSObject*)entitlement_object; 1647 OSString *os_string = OSDynamicCast(OSString, os_object); 1648 1649 /* Get a C string version of the OSString */ 1650 return_value = copyOSStringAsCString(os_string); 1651 1652 /* Free the OSObject which was given to us */ 1653 OSSafeReleaseNULL(os_object); 1654 1655 return return_value; 1656 } 1657 1658 extern "C" boolean_t 1659 IOVnodeHasEntitlement(vnode_t vnode, int64_t off, const char *entitlement) 1660 { 1661 OSObject * obj; 1662 off_t offset = (off_t)off; 1663 1664 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement); 1665 if (!obj) { 1666 return false; 1667 } 1668 obj->release(); 1669 return obj != kOSBooleanFalse; 1670 } 1671 1672 extern "C" char * 1673 IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement) 1674 { 1675 OSObject *obj = NULL; 1676 OSString *str = NULL; 1677 size_t len; 1678 char *value = NULL; 1679 off_t offset = (off_t)off; 1680 1681 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement); 1682 if (obj != NULL) { 1683 str = OSDynamicCast(OSString, obj); 1684 if (str != NULL) { 1685 len = str->getLength() + 1; 1686 value = (char *)kalloc_data(len, Z_WAITOK); 1687 strlcpy(value, str->getCStringNoCopy(), len); 1688 } 1689 obj->release(); 1690 } 1691 return value; 1692 } 1693