1 /* 2 * Copyright (c) 2010 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #include <TargetConditionals.h> 30 #include <stdbool.h> 31 #include <strings.h> 32 #include <unistd.h> 33 #include <mach/vm_page_size.h> 34 #include <spawn_filtering_private.h> 35 #include "_libkernel_init.h" 36 #include "system-version-compat-support.h" 37 38 extern int mach_init(void); 39 40 #if SYSTEM_VERSION_COMPAT_ENABLED 41 42 #include <sys/sysctl.h> 43 44 extern bool _system_version_compat_check_path_suffix(const char *orig_path); 45 extern int _system_version_compat_open_shim(int opened_fd, int openat_fd, const char *orig_path, int oflag, mode_t mode, 46 int (*close_syscall)(int), int (*open_syscall)(const char *, int, mode_t), 47 int (*openat_syscall)(int, const char *, int, mode_t), 48 int (*fcntl_syscall)(int, int, long)); 49 50 extern bool (*system_version_compat_check_path_suffix)(const char *orig_path); 51 extern int (*system_version_compat_open_shim)(int opened_fd, int openat_fd, const char *orig_path, int oflag, mode_t mode, 52 int (*close_syscall)(int), int (*open_syscall)(const char *, int, mode_t), 53 int (*openat_syscall)(int, const char *, int, mode_t), 54 int (*fcntl_syscall)(int, int, long)); 55 56 extern system_version_compat_mode_t system_version_compat_mode; 57 58 int __sysctlbyname(const char *name, size_t namelen, void *oldp, size_t *oldlenp, void *newp, size_t newlen); 59 #endif /* SYSTEM_VERSION_COMPAT_ENABLED */ 60 61 #if POSIX_SPAWN_FILTERING_ENABLED 62 struct _posix_spawn_args_desc; 63 extern bool (*posix_spawn_with_filter)(pid_t *pid, const char *fname, char * const *argp, 64 char * const *envp, struct _posix_spawn_args_desc *adp, int *ret); 65 extern bool _posix_spawn_with_filter(pid_t *pid, const char *fname, char * const *argp, 66 char * const *envp, struct _posix_spawn_args_desc *adp, int *ret); 67 extern int (*execve_with_filter)(char *fname, char **argp, char **envp); 68 extern int _execve_with_filter(char *fname, char **argp, char **envp); 69 #endif /* POSIX_SPAWN_FILTERING_ENABLED */ 70 71 #if TARGET_OS_OSX 72 __attribute__((visibility("default"))) 73 extern bool _os_xbs_chrooted; 74 bool _os_xbs_chrooted; 75 #endif /* TARGET_OS_OSX */ 76 77 /* dlsym() funcptr is for legacy support in exc_catcher */ 78 void* (*LIBKERNEL_FUNCTION_PTRAUTH(_dlsym))(void*, const char*) __attribute__((visibility("hidden"))); 79 80 __attribute__((visibility("hidden"))) 81 _libkernel_functions_t _libkernel_functions; 82 83 84 void 85 __libkernel_init(_libkernel_functions_t fns, 86 const char *envp[] __attribute__((unused)), 87 const char *apple[] __attribute__((unused)), 88 const struct ProgramVars *vars __attribute__((unused))) 89 { 90 _libkernel_functions = fns; 91 if (fns->dlsym) { 92 _dlsym = fns->dlsym; 93 } 94 mach_init(); 95 #if TARGET_OS_OSX 96 for (size_t i = 0; envp[i]; i++) { 97 98 #if defined(__i386__) || defined(__x86_64__) 99 const char *VM_KERNEL_PAGE_SHIFT_ENV = "VM_KERNEL_PAGE_SIZE_4K=1"; 100 if (vm_kernel_page_shift != 12 && strcmp(VM_KERNEL_PAGE_SHIFT_ENV, envp[i]) == 0) { 101 vm_kernel_page_shift = 12; 102 vm_kernel_page_size = 1 << vm_kernel_page_shift; 103 vm_kernel_page_mask = vm_kernel_page_size - 1; 104 } 105 #endif /* defined(__i386__) || defined(__x86_64__) */ 106 } 107 #endif /* TARGET_OS_OSX */ 108 } 109 110 void 111 __libkernel_init_late(_libkernel_late_init_config_t config) 112 { 113 if (config->version >= 1) { 114 #if SYSTEM_VERSION_COMPAT_ENABLED 115 #if TARGET_OS_OSX && !defined(__i386__) 116 if (config->enable_system_version_compat) { 117 /* enable the version compatibility shim for this process (macOS only) */ 118 119 /* first hook up the shims we reference from open{at}() */ 120 system_version_compat_check_path_suffix = _system_version_compat_check_path_suffix; 121 system_version_compat_open_shim = _system_version_compat_open_shim; 122 123 system_version_compat_mode = SYSTEM_VERSION_COMPAT_MODE_MACOSX; 124 125 /* 126 * tell the kernel the shim is enabled for this process so it can shim any 127 * necessary sysctls 128 */ 129 int enable = 1; 130 __sysctlbyname("kern.system_version_compat", strlen("kern.system_version_compat"), 131 NULL, NULL, &enable, sizeof(enable)); 132 } else if ((config->version >= 2) && config->enable_ios_version_compat) { 133 /* enable the iOS ProductVersion compatibility shim for this process */ 134 135 /* first hook up the shims we reference from open{at}() */ 136 system_version_compat_check_path_suffix = _system_version_compat_check_path_suffix; 137 system_version_compat_open_shim = _system_version_compat_open_shim; 138 139 system_version_compat_mode = SYSTEM_VERSION_COMPAT_MODE_IOS; 140 141 /* 142 * We don't currently shim any sysctls for iOS apps running on macOS so we 143 * don't need to inform the kernel that this app has the SystemVersion shim enabled. 144 */ 145 } 146 #endif /* TARGET_OS_OSX && !defined(__i386__) */ 147 148 #endif /* SYSTEM_VERSION_COMPAT_ENABLED */ 149 150 #if POSIX_SPAWN_FILTERING_ENABLED 151 if ((config->version >= 3) && config->enable_posix_spawn_filtering) { 152 posix_spawn_with_filter = _posix_spawn_with_filter; 153 execve_with_filter = _execve_with_filter; 154 } 155 #endif /* POSIX_SPAWN_FILTERING_ENABLED */ 156 } 157 } 158 159 void 160 __libkernel_init_after_boot_tasks( 161 _libkernel_init_after_boot_tasks_config_t config) 162 { 163 if (config->version >= 1) { 164 #if POSIX_SPAWN_FILTERING_ENABLED 165 if (config->enable_posix_spawn_filtering) { 166 posix_spawn_with_filter = _posix_spawn_with_filter; 167 execve_with_filter = _execve_with_filter; 168 } 169 #endif /* POSIX_SPAWN_FILTERING_ENABLED */ 170 } 171 } 172