1/*
2 * Copyright (c) 1998-2021 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28#include <IOKit/IOBSD.h>
29#include <IOKit/IOLib.h>
30#include <IOKit/IOService.h>
31#include <IOKit/IOCatalogue.h>
32#include <IOKit/IODeviceTreeSupport.h>
33#include <IOKit/IOKitKeys.h>
34#include <IOKit/IONVRAM.h>
35#include <IOKit/IOPlatformExpert.h>
36#include <IOKit/IOUserClient.h>
37#include <libkern/c++/OSAllocation.h>
38
39extern "C" {
40#include <libkern/amfi/amfi.h>
41#include <sys/codesign.h>
42#include <sys/code_signing.h>
43#include <vm/pmap.h>
44#include <vm/vm_map.h>
45#include <pexpert/pexpert.h>
46#include <kern/clock.h>
47#if CONFIG_KDP_INTERACTIVE_DEBUGGING
48#include <kern/debug.h>
49#endif
50#include <mach/machine.h>
51#include <uuid/uuid.h>
52#include <sys/vnode_internal.h>
53#include <sys/mount.h>
54#include <corecrypto/ccsha2.h>
55#include <kdp/sk_core.h>
56
57// how long to wait for matching root device, secs
58#if DEBUG
59#define ROOTDEVICETIMEOUT 120
60#else
61#define ROOTDEVICETIMEOUT 60
62#endif
63
64extern dev_t mdevadd(int devid, uint64_t base, unsigned int size, int phys);
65extern dev_t mdevlookup(int devid);
66extern void mdevremoveall(void);
67extern int mdevgetrange(int devid, uint64_t *base, uint64_t *size);
68extern void di_root_ramfile(IORegistryEntry * entry);
69extern int IODTGetDefault(const char *key, void *infoAddr, unsigned int infoSize);
70extern boolean_t cpuid_vmm_present(void);
71
72#define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1)))
73
74#define IOPOLLED_COREFILE (CONFIG_KDP_INTERACTIVE_DEBUGGING)
75
76#if defined(XNU_TARGET_OS_BRIDGE)
77#define kIOCoreDumpPath "/private/var/internal/kernelcore"
78#elif defined(XNU_TARGET_OS_OSX)
79#define kIOCoreDumpPath "/System/Volumes/VM/kernelcore"
80#else
81#define kIOCoreDumpPath "/private/var/vm/kernelcore"
82#endif
83
84#define SYSTEM_NVRAM_PREFIX "40A0DDD2-77F8-4392-B4A3-1E7304206516:"
85
86#if CONFIG_KDP_INTERACTIVE_DEBUGGING
87/*
88 * Touched by IOFindBSDRoot() if a RAMDisk is used for the root device.
89 */
90extern uint64_t kdp_core_ramdisk_addr;
91extern uint64_t kdp_core_ramdisk_size;
92
93/*
94 * A callback to indicate that the polled-mode corefile is now available.
95 */
96extern kern_return_t kdp_core_polled_io_polled_file_available(IOCoreFileAccessCallback access_data, void *access_context, void *recipient_context);
97
98/*
99 * A callback to indicate that the polled-mode corefile is no longer available.
100 */
101extern kern_return_t kdp_core_polled_io_polled_file_unavailable(void);
102#endif
103
104#if IOPOLLED_COREFILE
105static void IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename);
106
107thread_call_t corefile_open_call = NULL;
108#endif
109
110kern_return_t
111IOKitBSDInit( void )
112{
113 IOService::publishResource(key: "IOBSD");
114
115#if IOPOLLED_COREFILE
116 corefile_open_call = thread_call_allocate_with_options(func: IOOpenPolledCoreFile, NULL, pri: THREAD_CALL_PRIORITY_KERNEL, options: THREAD_CALL_OPTIONS_ONCE);
117#endif
118
119 return kIOReturnSuccess;
120}
121
122void
123IOServicePublishResource( const char * property, boolean_t value )
124{
125 if (value) {
126 IOService::publishResource( key: property, value: kOSBooleanTrue );
127 } else {
128 IOService::getResourceService()->removeProperty( aKey: property );
129 }
130}
131
132boolean_t
133IOServiceWaitForMatchingResource( const char * property, uint64_t timeout )
134{
135 OSDictionary * dict = NULL;
136 IOService * match = NULL;
137 boolean_t found = false;
138
139 do {
140 dict = IOService::resourceMatching( name: property );
141 if (!dict) {
142 continue;
143 }
144 match = IOService::waitForMatchingService( matching: dict, timeout );
145 if (match) {
146 found = true;
147 }
148 } while (false);
149
150 if (dict) {
151 dict->release();
152 }
153 if (match) {
154 match->release();
155 }
156
157 return found;
158}
159
160boolean_t
161IOCatalogueMatchingDriversPresent( const char * property )
162{
163 OSDictionary * dict = NULL;
164 OSOrderedSet * set = NULL;
165 SInt32 generationCount = 0;
166 boolean_t found = false;
167
168 do {
169 dict = OSDictionary::withCapacity(capacity: 1);
170 if (!dict) {
171 continue;
172 }
173 dict->setObject( aKey: property, anObject: kOSBooleanTrue );
174 set = gIOCatalogue->findDrivers( matching: dict, generationCount: &generationCount );
175 if (set && (set->getCount() > 0)) {
176 found = true;
177 }
178 } while (false);
179
180 if (dict) {
181 dict->release();
182 }
183 if (set) {
184 set->release();
185 }
186
187 return found;
188}
189
190OSDictionary *
191IOBSDNameMatching( const char * name )
192{
193 OSDictionary * dict;
194 const OSSymbol * str = NULL;
195
196 do {
197 dict = IOService::serviceMatching( className: gIOServiceKey );
198 if (!dict) {
199 continue;
200 }
201 str = OSSymbol::withCString( cString: name );
202 if (!str) {
203 continue;
204 }
205 dict->setObject( kIOBSDNameKey, anObject: (OSObject *) str );
206 str->release();
207
208 return dict;
209 } while (false);
210
211 if (dict) {
212 dict->release();
213 }
214 if (str) {
215 str->release();
216 }
217
218 return NULL;
219}
220
221OSDictionary *
222IOUUIDMatching( void )
223{
224 OSObject * obj;
225 OSDictionary * result;
226
227 obj = OSUnserialize(
228 buffer: "{"
229 "'IOProviderClass' = 'IOResources';"
230 "'IOResourceMatch' = ('IOBSD', 'boot-uuid-media');"
231 "}",
232 NULL);
233 result = OSDynamicCast(OSDictionary, obj);
234 assert(result);
235
236 return result;
237}
238
239OSDictionary *
240IONetworkNamePrefixMatching( const char * prefix )
241{
242 OSDictionary * matching;
243 OSDictionary * propDict = NULL;
244 const OSSymbol * str = NULL;
245 char networkType[128];
246
247 do {
248 matching = IOService::serviceMatching( className: "IONetworkInterface" );
249 if (matching == NULL) {
250 continue;
251 }
252
253 propDict = OSDictionary::withCapacity(capacity: 1);
254 if (propDict == NULL) {
255 continue;
256 }
257
258 str = OSSymbol::withCString( cString: prefix );
259 if (str == NULL) {
260 continue;
261 }
262
263 propDict->setObject( aKey: "IOInterfaceNamePrefix", anObject: (OSObject *) str );
264 str->release();
265 str = NULL;
266
267 // see if we're contrained to netroot off of specific network type
268 if (PE_parse_boot_argn( arg_string: "network-type", arg_ptr: networkType, max_arg: 128 )) {
269 str = OSSymbol::withCString( cString: networkType );
270 if (str) {
271 propDict->setObject( aKey: "IONetworkRootType", anObject: str);
272 str->release();
273 str = NULL;
274 }
275 }
276
277 if (matching->setObject( aKey: gIOPropertyMatchKey,
278 anObject: (OSObject *) propDict ) != true) {
279 continue;
280 }
281
282 propDict->release();
283 propDict = NULL;
284
285 return matching;
286 } while (false);
287
288 if (matching) {
289 matching->release();
290 }
291 if (propDict) {
292 propDict->release();
293 }
294 if (str) {
295 str->release();
296 }
297
298 return NULL;
299}
300
301static bool
302IORegisterNetworkInterface( IOService * netif )
303{
304 // A network interface is typically named and registered
305 // with BSD after receiving a request from a user space
306 // "namer". However, for cases when the system needs to
307 // root from the network, this registration task must be
308 // done inside the kernel and completed before the root
309 // device is handed to BSD.
310
311 IOService * stack;
312 OSNumber * zero = NULL;
313 OSString * path = NULL;
314 OSDictionary * dict = NULL;
315 OSDataAllocation<char> pathBuf;
316 int len;
317 enum { kMaxPathLen = 512 };
318
319 do {
320 stack = IOService::waitForService(
321 matching: IOService::serviceMatching(className: "IONetworkStack"));
322 if (stack == NULL) {
323 break;
324 }
325
326 dict = OSDictionary::withCapacity(capacity: 3);
327 if (dict == NULL) {
328 break;
329 }
330
331 zero = OSNumber::withNumber(value: (UInt64) 0, numberOfBits: 32);
332 if (zero == NULL) {
333 break;
334 }
335
336 pathBuf = OSDataAllocation<char>( kMaxPathLen, OSAllocateMemory );
337 if (!pathBuf) {
338 break;
339 }
340
341 len = kMaxPathLen;
342 if (netif->getPath( path: pathBuf.data(), length: &len, plane: gIOServicePlane )
343 == false) {
344 break;
345 }
346
347 path = OSString::withCStringNoCopy(cString: pathBuf.data());
348 if (path == NULL) {
349 break;
350 }
351
352 dict->setObject( aKey: "IOInterfaceUnit", anObject: zero );
353 dict->setObject( kIOPathMatchKey, anObject: path );
354
355 stack->setProperties( dict );
356 }while (false);
357
358 if (zero) {
359 zero->release();
360 }
361 if (path) {
362 path->release();
363 }
364 if (dict) {
365 dict->release();
366 }
367
368 return netif->getProperty( kIOBSDNameKey ) != NULL;
369}
370
371OSDictionary *
372IOOFPathMatching( const char * path, char * buf, int maxLen )
373{
374 OSDictionary * matching = NULL;
375 OSString * str;
376 char * comp;
377 int len;
378
379 do {
380 len = ((int) strlen( kIODeviceTreePlane ":" ));
381 maxLen -= len;
382 if (maxLen <= 0) {
383 continue;
384 }
385
386 strlcpy( dst: buf, kIODeviceTreePlane ":", n: len + 1 );
387 comp = buf + len;
388
389 len = ((int) strnlen( s: path, INT_MAX ));
390 maxLen -= len;
391 if (maxLen <= 0) {
392 continue;
393 }
394 strlcpy( dst: comp, src: path, n: len + 1 );
395
396 matching = OSDictionary::withCapacity( capacity: 1 );
397 if (!matching) {
398 continue;
399 }
400
401 str = OSString::withCString( cString: buf );
402 if (!str) {
403 continue;
404 }
405 matching->setObject( kIOPathMatchKey, anObject: str );
406 str->release();
407
408 return matching;
409 } while (false);
410
411 if (matching) {
412 matching->release();
413 }
414
415 return NULL;
416}
417
418static int didRam = 0;
419enum { kMaxPathBuf = 512, kMaxBootVar = 128 };
420
421bool
422IOGetBootUUID(char *uuid)
423{
424 IORegistryEntry *entry;
425 OSData *uuid_data = NULL;
426 bool result = false;
427
428 if ((entry = IORegistryEntry::fromPath(path: "/chosen", plane: gIODTPlane))) {
429 uuid_data = (OSData *)entry->getProperty(aKey: "boot-uuid");
430 if (uuid_data) {
431 unsigned int length = uuid_data->getLength();
432 if (length <= sizeof(uuid_string_t)) {
433 /* ensure caller's buffer is fully initialized: */
434 bzero(s: uuid, n: sizeof(uuid_string_t));
435 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
436 memcpy(dst: uuid, src: uuid_data->getBytesNoCopy(), n: length);
437 /* guarantee nul-termination: */
438 uuid[sizeof(uuid_string_t) - 1] = '\0';
439 result = true;
440 } else {
441 uuid = NULL;
442 }
443 }
444 OSSafeReleaseNULL(entry);
445 }
446 return result;
447}
448
449bool
450IOGetApfsPrebootUUID(char *uuid)
451{
452 IORegistryEntry *entry;
453 OSData *uuid_data = NULL;
454 bool result = false;
455
456 if ((entry = IORegistryEntry::fromPath(path: "/chosen", plane: gIODTPlane))) {
457 uuid_data = (OSData *)entry->getProperty(aKey: "apfs-preboot-uuid");
458
459 if (uuid_data) {
460 unsigned int length = uuid_data->getLength();
461 if (length <= sizeof(uuid_string_t)) {
462 /* ensure caller's buffer is fully initialized: */
463 bzero(s: uuid, n: sizeof(uuid_string_t));
464 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
465 memcpy(dst: uuid, src: uuid_data->getBytesNoCopy(), n: length);
466 /* guarantee nul-termination: */
467 uuid[sizeof(uuid_string_t) - 1] = '\0';
468 result = true;
469 } else {
470 uuid = NULL;
471 }
472 }
473 OSSafeReleaseNULL(entry);
474 }
475 return result;
476}
477
478bool
479IOGetAssociatedApfsVolgroupUUID(char *uuid)
480{
481 IORegistryEntry *entry;
482 OSData *uuid_data = NULL;
483 bool result = false;
484
485 if ((entry = IORegistryEntry::fromPath(path: "/chosen", plane: gIODTPlane))) {
486 uuid_data = (OSData *)entry->getProperty(aKey: "associated-volume-group");
487
488 if (uuid_data) {
489 unsigned int length = uuid_data->getLength();
490
491 if (length <= sizeof(uuid_string_t)) {
492 /* ensure caller's buffer is fully initialized: */
493 bzero(s: uuid, n: sizeof(uuid_string_t));
494 /* copy the content of uuid_data->getBytesNoCopy() into uuid */
495 memcpy(dst: uuid, src: uuid_data->getBytesNoCopy(), n: length);
496 /* guarantee nul-termination: */
497 uuid[sizeof(uuid_string_t) - 1] = '\0';
498 result = true;
499 } else {
500 uuid = NULL;
501 }
502 }
503 OSSafeReleaseNULL(entry);
504 }
505 return result;
506}
507
508bool
509IOGetBootObjectsPath(char *path_prefix)
510{
511 IORegistryEntry *entry;
512 OSData *path_prefix_data = NULL;
513 bool result = false;
514
515 if ((entry = IORegistryEntry::fromPath(path: "/chosen", plane: gIODTPlane))) {
516 path_prefix_data = (OSData *)entry->getProperty(aKey: "boot-objects-path");
517
518 if (path_prefix_data) {
519 unsigned int length = path_prefix_data->getLength();
520
521 if (length <= MAXPATHLEN) {
522 /* ensure caller's buffer is fully initialized: */
523 bzero(s: path_prefix, MAXPATHLEN);
524 /* copy the content of path_prefix_data->getBytesNoCopy() into path_prefix */
525 memcpy(dst: path_prefix, src: path_prefix_data->getBytesNoCopy(), n: length);
526 /* guarantee nul-termination: */
527 path_prefix[MAXPATHLEN - 1] = '\0';
528 result = true;
529 } else {
530 path_prefix = NULL;
531 }
532 }
533 OSSafeReleaseNULL(entry);
534 }
535 return result;
536}
537
538
539bool
540IOGetBootManifestHash(char *hash_data, size_t *hash_data_size)
541{
542 IORegistryEntry *entry = NULL;
543 OSData *manifest_hash_data = NULL;
544 bool result = false;
545
546 if ((entry = IORegistryEntry::fromPath(path: "/chosen", plane: gIODTPlane))) {
547 manifest_hash_data = (OSData *)entry->getProperty(aKey: "boot-manifest-hash");
548 if (manifest_hash_data) {
549 unsigned int length = manifest_hash_data->getLength();
550 /* hashed with SHA2-384 or SHA1, the boot manifest hash should be 48 Bytes or less */
551 if ((length <= CCSHA384_OUTPUT_SIZE) && (*hash_data_size >= CCSHA384_OUTPUT_SIZE)) {
552 /* ensure caller's buffer is fully initialized: */
553 bzero(s: hash_data, CCSHA384_OUTPUT_SIZE);
554 /* copy the content of manifest_hash_data->getBytesNoCopy() into hash_data */
555 memcpy(dst: hash_data, src: manifest_hash_data->getBytesNoCopy(), n: length);
556 *hash_data_size = length;
557 result = true;
558 } else {
559 hash_data = NULL;
560 *hash_data_size = 0;
561 }
562 }
563 OSSafeReleaseNULL(entry);
564 }
565
566 return result;
567}
568
569/*
570 * Set NVRAM to boot into the right flavor of Recovery,
571 * optionally passing a UUID of a volume that failed to boot.
572 * If `reboot` is true, reboot immediately.
573 *
574 * Returns true if `mode` was understood, false otherwise.
575 * (Does not return if `reboot` is true.)
576 */
577boolean_t
578IOSetRecoveryBoot(bsd_bootfail_mode_t mode, uuid_t volume_uuid, boolean_t reboot)
579{
580 IODTNVRAM *nvram = NULL;
581 const OSSymbol *boot_command_sym = NULL;
582 OSString *boot_command_recover = NULL;
583
584 if (mode == BSD_BOOTFAIL_SEAL_BROKEN) {
585 const char *boot_mode = "ssv-seal-broken";
586 uuid_string_t volume_uuid_str;
587
588 // Set `recovery-broken-seal-uuid = <volume_uuid>`.
589 if (volume_uuid) {
590 uuid_unparse_upper(uu: volume_uuid, out: volume_uuid_str);
591
592 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-broken-seal-uuid",
593 value: volume_uuid_str, len: sizeof(uuid_string_t))) {
594 IOLog(format: "Failed to write recovery-broken-seal-uuid to NVRAM.\n");
595 }
596 }
597
598 // Set `recovery-boot-mode = ssv-seal-broken`.
599 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "recovery-boot-mode", value: boot_mode,
600 len: (const unsigned int) strlen(s: boot_mode))) {
601 IOLog(format: "Failed to write recovery-boot-mode to NVRAM.\n");
602 }
603 } else if (mode == BSD_BOOTFAIL_MEDIA_MISSING) {
604 const char *boot_picker_reason = "missing-boot-media";
605
606 // Set `boot-picker-bringup-reason = missing-boot-media`.
607 if (!PEWriteNVRAMProperty(SYSTEM_NVRAM_PREFIX "boot-picker-bringup-reason",
608 value: boot_picker_reason, len: (const unsigned int) strlen(s: boot_picker_reason))) {
609 IOLog(format: "Failed to write boot-picker-bringup-reason to NVRAM.\n");
610 }
611
612 // Set `boot-command = recover-system`.
613
614 // Construct an OSSymbol and an OSString to be the (key, value) pair
615 // we write to NVRAM. Unfortunately, since our value must be an OSString
616 // instead of an OSData, we cannot use PEWriteNVRAMProperty() here.
617 boot_command_sym = OSSymbol::withCStringNoCopy(SYSTEM_NVRAM_PREFIX "boot-command");
618 boot_command_recover = OSString::withCStringNoCopy(cString: "recover-system");
619 if (boot_command_sym == NULL || boot_command_recover == NULL) {
620 IOLog(format: "Failed to create boot-command strings.\n");
621 goto do_reboot;
622 }
623
624 // Wait for NVRAM to be readable...
625 nvram = OSDynamicCast(IODTNVRAM, IOService::waitForService(
626 IOService::serviceMatching("IODTNVRAM")));
627 if (nvram == NULL) {
628 IOLog(format: "Failed to acquire IODTNVRAM object.\n");
629 goto do_reboot;
630 }
631
632 // Wait for NVRAM to be writable...
633 if (!IOServiceWaitForMatchingResource(property: "IONVRAM", UINT64_MAX)) {
634 IOLog(format: "Failed to wait for IONVRAM service.\n");
635 // attempt the work anyway...
636 }
637
638 // Write the new boot-command to NVRAM, and sync if successful.
639 if (!nvram->setProperty(aKey: boot_command_sym, anObject: boot_command_recover)) {
640 IOLog(format: "Failed to save new boot-command to NVRAM.\n");
641 } else {
642 nvram->sync();
643 }
644 } else {
645 IOLog(format: "Unknown mode: %d\n", mode);
646 return false;
647 }
648
649 // Clean up and reboot!
650do_reboot:
651 if (boot_command_recover != NULL) {
652 boot_command_recover->release();
653 }
654
655 if (boot_command_sym != NULL) {
656 boot_command_sym->release();
657 }
658
659 if (reboot) {
660 IOLog(format: "\nAbout to reboot into Recovery!\n");
661 (void)PEHaltRestart(type: kPEPanicRestartCPUNoCallouts);
662 }
663
664 return true;
665}
666
667kern_return_t
668IOFindBSDRoot( char * rootName, unsigned int rootNameSize,
669 dev_t * root, u_int32_t * oflags )
670{
671 mach_timespec_t t;
672 IOService * service;
673 IORegistryEntry * regEntry;
674 OSDictionary * matching = NULL;
675 OSString * iostr;
676 OSNumber * off;
677 OSData * data = NULL;
678
679 UInt32 flags = 0;
680 int mnr, mjr;
681 const char * mediaProperty = NULL;
682 char * rdBootVar;
683 OSDataAllocation<char> str;
684 const char * look = NULL;
685 int len;
686 bool debugInfoPrintedOnce = false;
687 bool needNetworkKexts = false;
688 const char * uuidStr = NULL;
689
690 static int mountAttempts = 0;
691
692 int xchar, dchar;
693
694 // stall here for anyone matching on the IOBSD resource to finish (filesystems)
695 matching = IOService::serviceMatching(className: gIOResourcesKey);
696 assert(matching);
697 matching->setObject(aKey: gIOResourceMatchedKey, anObject: gIOBSDKey);
698
699 if ((service = IOService::waitForMatchingService(matching, timeout: 30ULL * kSecondScale))) {
700 OSSafeReleaseNULL(service);
701 } else {
702 IOLog(format: "!BSD\n");
703 }
704 matching->release();
705 matching = NULL;
706
707 if (mountAttempts++) {
708 IOLog(format: "mount(%d) failed\n", mountAttempts);
709 IOSleep( milliseconds: 5 * 1000 );
710 }
711
712 str = OSDataAllocation<char>( kMaxPathBuf + kMaxBootVar, OSAllocateMemory );
713 if (!str) {
714 return kIOReturnNoMemory;
715 }
716 rdBootVar = str.data() + kMaxPathBuf;
717
718 if (!PE_parse_boot_argn(arg_string: "rd", arg_ptr: rdBootVar, max_arg: kMaxBootVar )
719 && !PE_parse_boot_argn(arg_string: "rootdev", arg_ptr: rdBootVar, max_arg: kMaxBootVar )) {
720 rdBootVar[0] = 0;
721 }
722
723 if ((regEntry = IORegistryEntry::fromPath( path: "/chosen", plane: gIODTPlane ))) {
724 do {
725 di_root_ramfile(entry: regEntry);
726 OSObject* unserializedContainer = NULL;
727 data = OSDynamicCast(OSData, regEntry->getProperty( "root-matching" ));
728 if (data) {
729 unserializedContainer = OSUnserializeXML(buffer: (char *)data->getBytesNoCopy());
730 matching = OSDynamicCast(OSDictionary, unserializedContainer);
731 if (matching) {
732 continue;
733 }
734 }
735 OSSafeReleaseNULL(unserializedContainer);
736
737 data = (OSData *) regEntry->getProperty( aKey: "boot-uuid" );
738 if (data) {
739 uuidStr = (const char*)data->getBytesNoCopy();
740 OSString *uuidString = OSString::withCString( cString: uuidStr );
741
742 // match the boot-args boot-uuid processing below
743 if (uuidString) {
744 IOLog(format: "rooting via boot-uuid from /chosen: %s\n", uuidStr);
745 IOService::publishResource( key: "boot-uuid", value: uuidString );
746 uuidString->release();
747 matching = IOUUIDMatching();
748 mediaProperty = "boot-uuid-media";
749 continue;
750 } else {
751 uuidStr = NULL;
752 }
753 }
754 } while (false);
755 OSSafeReleaseNULL(regEntry);
756 }
757
758//
759// See if we have a RAMDisk property in /chosen/memory-map. If so, make it into a device.
760// It will become /dev/mdx, where x is 0-f.
761//
762
763 if (!didRam) { /* Have we already build this ram disk? */
764 didRam = 1; /* Remember we did this */
765 if ((regEntry = IORegistryEntry::fromPath( path: "/chosen/memory-map", plane: gIODTPlane ))) { /* Find the map node */
766 data = (OSData *)regEntry->getProperty(aKey: "RAMDisk"); /* Find the ram disk, if there */
767 if (data) { /* We found one */
768 uintptr_t *ramdParms;
769 ramdParms = (uintptr_t *)data->getBytesNoCopy(); /* Point to the ram disk base and size */
770#if __LP64__
771#define MAX_PHYS_RAM (((uint64_t)UINT_MAX) << 12)
772 if (ramdParms[1] > MAX_PHYS_RAM) {
773 panic("ramdisk params");
774 }
775#endif /* __LP64__ */
776 (void)mdevadd(devid: -1, base: ml_static_ptovirt(ramdParms[0]) >> 12, size: (unsigned int) (ramdParms[1] >> 12), phys: 0); /* Initialize it and pass back the device number */
777 }
778 regEntry->release(); /* Toss the entry */
779 }
780 }
781
782//
783// Now check if we are trying to root on a memory device
784//
785
786 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
787 dchar = xchar = rdBootVar[2]; /* Get the actual device */
788 if ((xchar >= '0') && (xchar <= '9')) {
789 xchar = xchar - '0'; /* If digit, convert */
790 } else {
791 xchar = xchar & ~' '; /* Fold to upper case */
792 if ((xchar >= 'A') && (xchar <= 'F')) { /* Is this a valid digit? */
793 xchar = (xchar & 0xF) + 9; /* Convert the hex digit */
794 dchar = dchar | ' '; /* Fold to lower case */
795 } else {
796 xchar = -1; /* Show bogus */
797 }
798 }
799 if (xchar >= 0) { /* Do we have a valid memory device name? */
800 OSSafeReleaseNULL(matching);
801 *root = mdevlookup(devid: xchar); /* Find the device number */
802 if (*root >= 0) { /* Did we find one? */
803 rootName[0] = 'm'; /* Build root name */
804 rootName[1] = 'd'; /* Build root name */
805 rootName[2] = (char) dchar; /* Build root name */
806 rootName[3] = 0; /* Build root name */
807 IOLog(format: "BSD root: %s, major %d, minor %d\n", rootName, major(x: *root), minor(x: *root));
808 *oflags = 0; /* Show that this is not network */
809
810#if CONFIG_KDP_INTERACTIVE_DEBUGGING
811 /* retrieve final ramdisk range and initialize KDP variables */
812 if (mdevgetrange(devid: xchar, base: &kdp_core_ramdisk_addr, size: &kdp_core_ramdisk_size) != 0) {
813 IOLog(format: "Unable to retrieve range for root memory device %d\n", xchar);
814 kdp_core_ramdisk_addr = 0;
815 kdp_core_ramdisk_size = 0;
816 }
817#endif
818
819 goto iofrootx; /* Join common exit... */
820 }
821 panic("IOFindBSDRoot: specified root memory device, %s, has not been configured", rdBootVar); /* Not there */
822 }
823 }
824
825 if ((!matching) && rdBootVar[0]) {
826 // by BSD name
827 look = rdBootVar;
828 if (look[0] == '*') {
829 look++;
830 }
831
832 if (strncmp( s1: look, s2: "en", n: strlen( s: "en" )) == 0) {
833 matching = IONetworkNamePrefixMatching( prefix: "en" );
834 needNetworkKexts = true;
835 } else if (strncmp( s1: look, s2: "uuid", n: strlen( s: "uuid" )) == 0) {
836 OSDataAllocation<char> uuid( kMaxBootVar, OSAllocateMemory );
837
838 if (uuid) {
839 OSString *uuidString;
840
841 if (!PE_parse_boot_argn( arg_string: "boot-uuid", arg_ptr: uuid.data(), max_arg: kMaxBootVar )) {
842 panic( "rd=uuid but no boot-uuid=<value> specified" );
843 }
844 uuidString = OSString::withCString(cString: uuid.data());
845 if (uuidString) {
846 IOService::publishResource( key: "boot-uuid", value: uuidString );
847 uuidString->release();
848 IOLog(format: "\nWaiting for boot volume with UUID %s\n", uuid.data());
849 matching = IOUUIDMatching();
850 mediaProperty = "boot-uuid-media";
851 }
852 }
853 } else {
854 matching = IOBSDNameMatching( name: look );
855 }
856 }
857
858 if (!matching) {
859 OSString * astring;
860 // Match any HFS media
861
862 matching = IOService::serviceMatching( className: "IOMedia" );
863 assert(matching);
864 astring = OSString::withCStringNoCopy(cString: "Apple_HFS");
865 if (astring) {
866 matching->setObject(aKey: "Content", anObject: astring);
867 astring->release();
868 }
869 }
870
871 if (gIOKitDebug & kIOWaitQuietBeforeRoot) {
872 IOLog( format: "Waiting for matching to complete\n" );
873 IOService::getPlatform()->waitQuiet();
874 }
875
876 if (matching) {
877 OSSerialize * s = OSSerialize::withCapacity( capacity: 5 );
878
879 if (matching->serialize( serializer: s )) {
880 IOLog( format: "Waiting on %s\n", s->text());
881 }
882 s->release();
883 }
884
885 char namep[8];
886 if (needNetworkKexts
887 || PE_parse_boot_argn(arg_string: "-s", arg_ptr: namep, max_arg: sizeof(namep))) {
888 IOService::startDeferredMatches();
889 }
890
891 do {
892 t.tv_sec = ROOTDEVICETIMEOUT;
893 t.tv_nsec = 0;
894 matching->retain();
895 service = IOService::waitForService( matching, timeout: &t );
896 if ((!service) || (mountAttempts == 10)) {
897#if !XNU_TARGET_OS_OSX || !defined(__arm64__)
898 PE_display_icon( 0, "noroot");
899 IOLog( "Still waiting for root device\n" );
900#endif
901
902 if (!debugInfoPrintedOnce) {
903 debugInfoPrintedOnce = true;
904 if (gIOKitDebug & kIOLogDTree) {
905 IOLog(format: "\nDT plane:\n");
906 IOPrintPlane( plane: gIODTPlane );
907 }
908 if (gIOKitDebug & kIOLogServiceTree) {
909 IOLog(format: "\nService plane:\n");
910 IOPrintPlane( plane: gIOServicePlane );
911 }
912 if (gIOKitDebug & kIOLogMemory) {
913 IOPrintMemory();
914 }
915 }
916
917#if XNU_TARGET_OS_OSX && defined(__arm64__)
918 // The disk isn't found - have the user pick from System Recovery.
919 (void)IOSetRecoveryBoot(mode: BSD_BOOTFAIL_MEDIA_MISSING, NULL, reboot: true);
920#elif XNU_TARGET_OS_IOS
921 panic("Failed to mount root device");
922#endif
923 }
924 } while (!service);
925
926 OSSafeReleaseNULL(matching);
927
928 if (service && mediaProperty) {
929 service = (IOService *)service->getProperty(aKey: mediaProperty);
930 }
931
932 mjr = 0;
933 mnr = 0;
934
935 // If the IOService we matched to is a subclass of IONetworkInterface,
936 // then make sure it has been registered with BSD and has a BSD name
937 // assigned.
938
939 if (service
940 && service->metaCast( toMeta: "IONetworkInterface" )
941 && !IORegisterNetworkInterface( netif: service )) {
942 service = NULL;
943 }
944
945 if (service) {
946 len = kMaxPathBuf;
947 service->getPath( path: str.data(), length: &len, plane: gIOServicePlane );
948 IOLog(format: "Got boot device = %s\n", str.data());
949
950 iostr = (OSString *) service->getProperty( kIOBSDNameKey );
951 if (iostr) {
952 strlcpy( dst: rootName, src: iostr->getCStringNoCopy(), n: rootNameSize );
953 }
954 off = (OSNumber *) service->getProperty( kIOBSDMajorKey );
955 if (off) {
956 mjr = off->unsigned32BitValue();
957 }
958 off = (OSNumber *) service->getProperty( kIOBSDMinorKey );
959 if (off) {
960 mnr = off->unsigned32BitValue();
961 }
962
963 if (service->metaCast( toMeta: "IONetworkInterface" )) {
964 flags |= 1;
965 }
966 } else {
967 IOLog( format: "Wait for root failed\n" );
968 strlcpy( dst: rootName, src: "en0", n: rootNameSize );
969 flags |= 1;
970 }
971
972 IOLog( format: "BSD root: %s", rootName );
973 if (mjr) {
974 IOLog(format: ", major %d, minor %d\n", mjr, mnr );
975 } else {
976 IOLog(format: "\n");
977 }
978
979 *root = makedev( major: mjr, minor: mnr );
980 *oflags = flags;
981
982iofrootx:
983
984 IOService::setRootMedia(service);
985
986 if ((gIOKitDebug & (kIOLogDTree | kIOLogServiceTree | kIOLogMemory)) && !debugInfoPrintedOnce) {
987 IOService::getPlatform()->waitQuiet();
988 if (gIOKitDebug & kIOLogDTree) {
989 IOLog(format: "\nDT plane:\n");
990 IOPrintPlane( plane: gIODTPlane );
991 }
992 if (gIOKitDebug & kIOLogServiceTree) {
993 IOLog(format: "\nService plane:\n");
994 IOPrintPlane( plane: gIOServicePlane );
995 }
996 if (gIOKitDebug & kIOLogMemory) {
997 IOPrintMemory();
998 }
999 }
1000
1001 return kIOReturnSuccess;
1002}
1003
1004void
1005IOSetImageBoot(void)
1006{
1007 // this will unhide all IOMedia, without waiting for kernelmanagement to start
1008 IOService::setRootMedia(NULL);
1009}
1010
1011bool
1012IORamDiskBSDRoot(void)
1013{
1014 char rdBootVar[kMaxBootVar];
1015 if (PE_parse_boot_argn(arg_string: "rd", arg_ptr: rdBootVar, max_arg: kMaxBootVar )
1016 || PE_parse_boot_argn(arg_string: "rootdev", arg_ptr: rdBootVar, max_arg: kMaxBootVar )) {
1017 if ((rdBootVar[0] == 'm') && (rdBootVar[1] == 'd') && (rdBootVar[3] == 0)) {
1018 return true;
1019 }
1020 }
1021 return false;
1022}
1023
1024void
1025IOSecureBSDRoot(const char * rootName)
1026{
1027#if CONFIG_SECURE_BSD_ROOT
1028 IOReturn result;
1029 IOPlatformExpert *pe;
1030 OSDictionary *matching;
1031 const OSSymbol *functionName = OSSymbol::withCStringNoCopy(cString: "SecureRootName");
1032
1033 matching = IOService::serviceMatching(className: "IOPlatformExpert");
1034 assert(matching);
1035 pe = (IOPlatformExpert *) IOService::waitForMatchingService(matching, timeout: 30ULL * kSecondScale);
1036 matching->release();
1037 assert(pe);
1038 // Returns kIOReturnNotPrivileged is the root device is not secure.
1039 // Returns kIOReturnUnsupported if "SecureRootName" is not implemented.
1040 result = pe->callPlatformFunction(functionName, waitForFunction: false, param1: (void *)rootName, param2: (void *)NULL, param3: (void *)NULL, param4: (void *)NULL);
1041 functionName->release();
1042 OSSafeReleaseNULL(pe);
1043
1044 if (result == kIOReturnNotPrivileged) {
1045 mdevremoveall();
1046 }
1047
1048#endif // CONFIG_SECURE_BSD_ROOT
1049}
1050
1051void *
1052IOBSDRegistryEntryForDeviceTree(char * path)
1053{
1054 return IORegistryEntry::fromPath(path, plane: gIODTPlane);
1055}
1056
1057void
1058IOBSDRegistryEntryRelease(void * entry)
1059{
1060 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1061
1062 if (regEntry) {
1063 regEntry->release();
1064 }
1065 return;
1066}
1067
1068const void *
1069IOBSDRegistryEntryGetData(void * entry, char * property_name,
1070 int * packet_length)
1071{
1072 OSData * data;
1073 IORegistryEntry * regEntry = (IORegistryEntry *)entry;
1074
1075 data = (OSData *) regEntry->getProperty(aKey: property_name);
1076 if (data) {
1077 *packet_length = data->getLength();
1078 return data->getBytesNoCopy();
1079 }
1080 return NULL;
1081}
1082
1083kern_return_t
1084IOBSDGetPlatformUUID( uuid_t uuid, mach_timespec_t timeout )
1085{
1086 IOService * resources;
1087 OSString * string;
1088
1089 resources = IOService::waitForService( matching: IOService::resourceMatching( kIOPlatformUUIDKey ), timeout: (timeout.tv_sec || timeout.tv_nsec) ? &timeout : NULL );
1090 if (resources == NULL) {
1091 return KERN_OPERATION_TIMED_OUT;
1092 }
1093
1094 string = (OSString *) IOService::getPlatform()->getProvider()->getProperty( kIOPlatformUUIDKey );
1095 if (string == NULL) {
1096 return KERN_NOT_SUPPORTED;
1097 }
1098
1099 uuid_parse( in: string->getCStringNoCopy(), uu: uuid );
1100
1101 return KERN_SUCCESS;
1102}
1103} /* extern "C" */
1104
1105/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1106
1107#include <sys/conf.h>
1108#include <sys/lock.h>
1109#include <sys/vnode.h>
1110#include <sys/vnode_if.h>
1111#include <sys/vnode_internal.h>
1112#include <sys/fcntl.h>
1113#include <sys/fsctl.h>
1114#include <sys/mount.h>
1115#include <IOKit/IOPolledInterface.h>
1116#include <IOKit/IOBufferMemoryDescriptor.h>
1117
1118// see HFSIOC_VOLUME_STATUS in APFS/HFS
1119#define HFS_IOCTL_VOLUME_STATUS _IOR('h', 24, u_int32_t)
1120
1121LCK_GRP_DECLARE(gIOPolledCoreFileGrp, "polled_corefile");
1122LCK_MTX_DECLARE(gIOPolledCoreFileMtx, &gIOPolledCoreFileGrp);
1123
1124IOPolledFileIOVars * gIOPolledCoreFileVars;
1125kern_return_t gIOPolledCoreFileOpenRet = kIOReturnNotReady;
1126IOPolledCoreFileMode_t gIOPolledCoreFileMode = kIOPolledCoreFileModeNotInitialized;
1127
1128#if IOPOLLED_COREFILE
1129
1130#define ONE_MB 1024ULL * 1024ULL
1131
1132#if defined(XNU_TARGET_OS_BRIDGE)
1133// On bridgeOS allocate a 150MB corefile and leave 150MB free
1134#define kIOCoreDumpSize 150ULL * ONE_MB
1135#define kIOCoreDumpFreeSize 150ULL * ONE_MB
1136
1137#elif defined(XNU_TARGET_OS_OSX)
1138
1139// on macOS devices allocate a corefile sized at 1GB / 32GB of DRAM,
1140// fallback to a 1GB corefile and leave at least 1GB free
1141#define kIOCoreDumpMinSize 1024ULL * ONE_MB
1142#define kIOCoreDumpIncrementalSize 1024ULL * ONE_MB
1143
1144#define kIOCoreDumpFreeSize 1024ULL * ONE_MB
1145
1146// on older macOS devices we allocate a 1MB file at boot
1147// to store a panic time stackshot
1148#define kIOStackshotFileSize ONE_MB
1149
1150#else /* defined(XNU_TARGET_OS_BRIDGE) */
1151
1152// On embedded devices with >3GB DRAM we allocate a 500MB corefile
1153// otherwise allocate a 350MB corefile. Leave 350 MB free
1154#define kIOCoreDumpMinSize 350ULL * ONE_MB
1155#define kIOCoreDumpLargeSize 500ULL * ONE_MB
1156
1157#define kIOCoreDumpFreeSize 350ULL * ONE_MB
1158
1159#endif /* defined(XNU_TARGET_OS_BRIDGE) */
1160
1161static IOPolledCoreFileMode_t
1162GetCoreFileMode()
1163{
1164 if (on_device_corefile_enabled()) {
1165 return kIOPolledCoreFileModeCoredump;
1166 } else if (panic_stackshot_to_disk_enabled()) {
1167 return kIOPolledCoreFileModeStackshot;
1168 } else {
1169 return kIOPolledCoreFileModeDisabled;
1170 }
1171}
1172
1173static void
1174IOCoreFileGetSize(uint64_t *ideal_size, uint64_t *fallback_size, uint64_t *free_space_to_leave, IOPolledCoreFileMode_t mode)
1175{
1176 unsigned int requested_corefile_size = 0;
1177
1178 *ideal_size = *fallback_size = *free_space_to_leave = 0;
1179
1180 // If a custom size was requested, override the ideal and requested sizes
1181 if (PE_parse_boot_argn(arg_string: "corefile_size_mb", arg_ptr: &requested_corefile_size,
1182 max_arg: sizeof(requested_corefile_size))) {
1183 IOLog(format: "Boot-args specify %d MB kernel corefile\n", requested_corefile_size);
1184
1185 *ideal_size = *fallback_size = (requested_corefile_size * ONE_MB);
1186 return;
1187 }
1188
1189 unsigned int status_flags = 0;
1190 int error = VNOP_IOCTL(vp: rootvnode, HFS_IOCTL_VOLUME_STATUS, data: (caddr_t)&status_flags, fflag: 0,
1191 ctx: vfs_context_kernel());
1192 if (!error) {
1193 if (status_flags & (VQ_VERYLOWDISK | VQ_LOWDISK | VQ_NEARLOWDISK)) {
1194 IOLog(format: "Volume is low on space. Not allocating kernel corefile.\n");
1195 return;
1196 }
1197 } else {
1198 IOLog(format: "Couldn't retrieve volume status. Error %d\n", error);
1199 }
1200
1201#if defined(XNU_TARGET_OS_BRIDGE)
1202#pragma unused(mode)
1203 *ideal_size = *fallback_size = kIOCoreDumpSize;
1204 *free_space_to_leave = kIOCoreDumpFreeSize;
1205#elif !defined(XNU_TARGET_OS_OSX) /* defined(XNU_TARGET_OS_BRIDGE) */
1206#pragma unused(mode)
1207 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1208
1209 if (max_mem > (3 * 1024ULL * ONE_MB)) {
1210 *ideal_size = kIOCoreDumpLargeSize;
1211 }
1212
1213 *free_space_to_leave = kIOCoreDumpFreeSize;
1214#else /* defined(XNU_TARGET_OS_BRIDGE) */
1215 if (mode == kIOPolledCoreFileModeCoredump) {
1216 *ideal_size = *fallback_size = kIOCoreDumpMinSize;
1217 if (kIOCoreDumpIncrementalSize != 0 && max_mem > (32 * 1024ULL * ONE_MB)) {
1218 *ideal_size = ((ROUNDUP(max_mem, (32 * 1024ULL * ONE_MB)) / (32 * 1024ULL * ONE_MB)) * kIOCoreDumpIncrementalSize);
1219 }
1220 *free_space_to_leave = kIOCoreDumpFreeSize;
1221 } else if (mode == kIOPolledCoreFileModeStackshot) {
1222 *ideal_size = *fallback_size = *free_space_to_leave = kIOStackshotFileSize;
1223 }
1224#endif /* defined(XNU_TARGET_OS_BRIDGE) */
1225
1226#if EXCLAVES_COREDUMP
1227 *ideal_size += sk_core_size();
1228#endif /* EXCLAVES_COREDUMP */
1229
1230 return;
1231}
1232
1233static IOReturn
1234IOAccessCoreFileData(void *context, boolean_t write, uint64_t offset, int length, void *buffer)
1235{
1236 errno_t vnode_error = 0;
1237 vfs_context_t vfs_context;
1238 vnode_t vnode_ptr = (vnode_t) context;
1239
1240 vfs_context = vfs_context_kernel();
1241 vnode_error = vn_rdwr(rw: write ? UIO_WRITE : UIO_READ, vp: vnode_ptr, base: (caddr_t)buffer, len: length, offset,
1242 segflg: UIO_SYSSPACE, IO_SWAP_DISPATCH | IO_SYNC | IO_NOCACHE | IO_UNIT, cred: vfs_context_ucred(ctx: vfs_context), NULL, p: vfs_context_proc(ctx: vfs_context));
1243
1244 if (vnode_error) {
1245 IOLog(format: "Failed to %s the corefile. Error %d\n", write ? "write to" : "read from", vnode_error);
1246 return kIOReturnError;
1247 }
1248
1249 return kIOReturnSuccess;
1250}
1251
1252static void
1253IOOpenPolledCoreFile(thread_call_param_t __unused, thread_call_param_t corefilename)
1254{
1255 assert(corefilename != NULL);
1256
1257 IOReturn err;
1258 char *filename = (char *) corefilename;
1259 uint64_t corefile_size_bytes = 0, corefile_fallback_size_bytes = 0, free_space_to_leave_bytes = 0;
1260 IOPolledCoreFileMode_t mode_to_init = GetCoreFileMode();
1261
1262 if (gIOPolledCoreFileVars) {
1263 return;
1264 }
1265 if (!IOPolledInterface::gMetaClass.getInstanceCount()) {
1266 return;
1267 }
1268
1269 if (gIOPolledCoreFileMode == kIOPolledCoreFileModeUnlinked) {
1270 return;
1271 }
1272
1273 if (mode_to_init == kIOPolledCoreFileModeDisabled) {
1274 gIOPolledCoreFileMode = kIOPolledCoreFileModeDisabled;
1275 return;
1276 }
1277
1278 // We'll overwrite this once we open the file, we update this to mark that we have made
1279 // it past initialization
1280 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1281
1282 IOCoreFileGetSize(ideal_size: &corefile_size_bytes, fallback_size: &corefile_fallback_size_bytes, free_space_to_leave: &free_space_to_leave_bytes, mode: mode_to_init);
1283
1284 if (corefile_size_bytes == 0 && corefile_fallback_size_bytes == 0) {
1285 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1286 return;
1287 }
1288
1289 do {
1290 err = IOPolledFileOpen(filename, flags: kIOPolledFileCreate, setFileSize: corefile_size_bytes, fsFreeSize: free_space_to_leave_bytes,
1291 NULL, write_file_len: 0, fileVars: &gIOPolledCoreFileVars, NULL, NULL, NULL);
1292 if (kIOReturnSuccess == err) {
1293 break;
1294 } else if (kIOReturnNoSpace == err) {
1295 IOLog(format: "Failed to open corefile of size %llu MB (low disk space)",
1296 (corefile_size_bytes / (1024ULL * 1024ULL)));
1297 if (corefile_size_bytes == corefile_fallback_size_bytes) {
1298 gIOPolledCoreFileOpenRet = err;
1299 return;
1300 }
1301 } else {
1302 IOLog(format: "Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1303 (corefile_size_bytes / (1024ULL * 1024ULL)), err);
1304 gIOPolledCoreFileOpenRet = err;
1305 return;
1306 }
1307
1308 err = IOPolledFileOpen(filename, flags: kIOPolledFileCreate, setFileSize: corefile_fallback_size_bytes, fsFreeSize: free_space_to_leave_bytes,
1309 NULL, write_file_len: 0, fileVars: &gIOPolledCoreFileVars, NULL, NULL, NULL);
1310 if (kIOReturnSuccess != err) {
1311 IOLog(format: "Failed to open corefile of size %llu MB (returned error 0x%x)\n",
1312 (corefile_fallback_size_bytes / (1024ULL * 1024ULL)), err);
1313 gIOPolledCoreFileOpenRet = err;
1314 return;
1315 }
1316 } while (false);
1317
1318 gIOPolledCoreFileOpenRet = IOPolledFilePollersSetup(vars: gIOPolledCoreFileVars, openState: kIOPolledPreflightCoreDumpState);
1319 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1320 IOPolledFileClose(pVars: &gIOPolledCoreFileVars, write_offset: 0, NULL, write_length: 0, discard_offset: 0, discard_end: 0, unlink: false);
1321 IOLog(format: "IOPolledFilePollersSetup for corefile failed with error: 0x%x\n", err);
1322 } else {
1323 IOLog(format: "Opened corefile of size %llu MB\n", (corefile_size_bytes / (1024ULL * 1024ULL)));
1324 gIOPolledCoreFileMode = mode_to_init;
1325 }
1326
1327 // Provide the "polled file available" callback with a temporary way to read from the file
1328 (void) IOProvideCoreFileAccess(recipient: kdp_core_polled_io_polled_file_available, NULL);
1329
1330 return;
1331}
1332
1333kern_return_t
1334IOProvideCoreFileAccess(IOCoreFileAccessRecipient recipient, void *recipient_context)
1335{
1336 kern_return_t error = kIOReturnSuccess;
1337 errno_t vnode_error = 0;
1338 vfs_context_t vfs_context;
1339 vnode_t vnode_ptr;
1340
1341 if (!recipient) {
1342 return kIOReturnBadArgument;
1343 }
1344
1345 if (kIOReturnSuccess != gIOPolledCoreFileOpenRet) {
1346 return kIOReturnNotReady;
1347 }
1348
1349 // Open the kernel corefile
1350 vfs_context = vfs_context_kernel();
1351 vnode_error = vnode_open(kIOCoreDumpPath, fmode: (FREAD | FWRITE | O_NOFOLLOW), cmode: 0600, flags: 0, vpp: &vnode_ptr, ctx: vfs_context);
1352 if (vnode_error) {
1353 IOLog(format: "Failed to open the corefile. Error %d\n", vnode_error);
1354 return kIOReturnError;
1355 }
1356
1357 // Call the recipient function
1358 error = recipient(IOAccessCoreFileData, (void *)vnode_ptr, recipient_context);
1359
1360 // Close the kernel corefile
1361 vnode_close(vp: vnode_ptr, FREAD | FWRITE, ctx: vfs_context);
1362
1363 return error;
1364}
1365
1366static void
1367IOClosePolledCoreFile(void)
1368{
1369 // Notify kdp core that the corefile is no longer available
1370 (void) kdp_core_polled_io_polled_file_unavailable();
1371
1372 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1373 gIOPolledCoreFileMode = kIOPolledCoreFileModeClosed;
1374 IOPolledFilePollersClose(vars: gIOPolledCoreFileVars, state: kIOPolledPostflightCoreDumpState);
1375 IOPolledFileClose(pVars: &gIOPolledCoreFileVars, write_offset: 0, NULL, write_length: 0, discard_offset: 0, discard_end: 0, unlink: false);
1376}
1377
1378static void
1379IOUnlinkPolledCoreFile(void)
1380{
1381 // Notify kdp core that the corefile is no longer available
1382 (void) kdp_core_polled_io_polled_file_unavailable();
1383
1384 gIOPolledCoreFileOpenRet = kIOReturnNotOpen;
1385 gIOPolledCoreFileMode = kIOPolledCoreFileModeUnlinked;
1386 IOPolledFilePollersClose(vars: gIOPolledCoreFileVars, state: kIOPolledPostflightCoreDumpState);
1387 IOPolledFileClose(pVars: &gIOPolledCoreFileVars, write_offset: 0, NULL, write_length: 0, discard_offset: 0, discard_end: 0, unlink: true);
1388}
1389
1390#endif /* IOPOLLED_COREFILE */
1391
1392extern "C" void
1393IOBSDMountChange(struct mount * mp, uint32_t op)
1394{
1395#if IOPOLLED_COREFILE
1396 uint64_t flags;
1397 char path[128];
1398 int pathLen;
1399 vnode_t vn;
1400 int result;
1401
1402 lck_mtx_lock(lck: &gIOPolledCoreFileMtx);
1403
1404 switch (op) {
1405 case kIOMountChangeMount:
1406 case kIOMountChangeDidResize:
1407
1408 if (gIOPolledCoreFileVars) {
1409 break;
1410 }
1411 flags = vfs_flags(mp);
1412 if (MNT_RDONLY & flags) {
1413 break;
1414 }
1415 if (!(MNT_LOCAL & flags)) {
1416 break;
1417 }
1418
1419 vn = vfs_vnodecovered(mp);
1420 if (!vn) {
1421 break;
1422 }
1423 pathLen = sizeof(path);
1424 result = vn_getpath(vp: vn, pathbuf: &path[0], len: &pathLen);
1425 vnode_put(vp: vn);
1426 if (0 != result) {
1427 break;
1428 }
1429 if (!pathLen) {
1430 break;
1431 }
1432#if defined(XNU_TARGET_OS_BRIDGE)
1433 // on bridgeOS systems we put the core in /private/var/internal. We don't
1434 // want to match with /private/var because /private/var/internal is often mounted
1435 // over /private/var
1436 if ((pathLen - 1) < (int) strlen("/private/var/internal")) {
1437 break;
1438 }
1439#endif
1440 if (0 != strncmp(s1: path, kIOCoreDumpPath, n: pathLen - 1)) {
1441 break;
1442 }
1443
1444 thread_call_enter1(call: corefile_open_call, param1: (void *) kIOCoreDumpPath);
1445 break;
1446
1447 case kIOMountChangeUnmount:
1448 case kIOMountChangeWillResize:
1449 if (gIOPolledCoreFileVars && (mp == kern_file_mount(ref: gIOPolledCoreFileVars->fileRef))) {
1450 thread_call_cancel_wait(call: corefile_open_call);
1451 IOClosePolledCoreFile();
1452 }
1453 break;
1454 }
1455
1456 lck_mtx_unlock(lck: &gIOPolledCoreFileMtx);
1457#endif /* IOPOLLED_COREFILE */
1458}
1459
1460extern "C" void
1461IOBSDLowSpaceUnlinkKernelCore(void)
1462{
1463#if IOPOLLED_COREFILE
1464 lck_mtx_lock(lck: &gIOPolledCoreFileMtx);
1465 if (gIOPolledCoreFileVars) {
1466 thread_call_cancel_wait(call: corefile_open_call);
1467 IOUnlinkPolledCoreFile();
1468 }
1469 lck_mtx_unlock(lck: &gIOPolledCoreFileMtx);
1470#endif
1471}
1472
1473/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
1474
1475static char*
1476copyOSStringAsCString(OSString *string)
1477{
1478 size_t string_length = 0;
1479 char *c_string = NULL;
1480
1481 if (string == NULL) {
1482 return NULL;
1483 }
1484 string_length = string->getLength() + 1;
1485
1486 /* Allocate kernel data memory for the string */
1487 c_string = (char*)kalloc_data(string_length, (zalloc_flags_t)(Z_ZERO | Z_WAITOK | Z_NOFAIL));
1488 assert(c_string != NULL);
1489
1490 /* Copy in the string */
1491 strlcpy(dst: c_string, src: string->getCStringNoCopy(), n: string_length);
1492
1493 return c_string;
1494}
1495
1496extern "C" OS_ALWAYS_INLINE boolean_t
1497IOCurrentTaskHasStringEntitlement(const char *entitlement, const char *value)
1498{
1499 return IOTaskHasStringEntitlement(NULL, entitlement, value);
1500}
1501
1502extern "C" boolean_t
1503IOTaskHasStringEntitlement(task_t task, const char *entitlement, const char *value)
1504{
1505 if (task == NULL) {
1506 task = current_task();
1507 }
1508
1509 /* Validate input arguments */
1510 if (task == kernel_task || entitlement == NULL || value == NULL) {
1511 return false;
1512 }
1513 proc_t proc = (proc_t)get_bsdtask_info(task);
1514
1515 kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc(
1516 proc,
1517 entitlement,
1518 value);
1519
1520 if (ret == KERN_SUCCESS) {
1521 return true;
1522 }
1523
1524 return false;
1525}
1526
1527extern "C" OS_ALWAYS_INLINE boolean_t
1528IOCurrentTaskHasEntitlement(const char *entitlement)
1529{
1530 return IOTaskHasEntitlement(NULL, entitlement);
1531}
1532
1533extern "C" boolean_t
1534IOTaskHasEntitlement(task_t task, const char *entitlement)
1535{
1536 if (task == NULL) {
1537 task = current_task();
1538 }
1539
1540 /* Validate input arguments */
1541 if (task == kernel_task || entitlement == NULL) {
1542 return false;
1543 }
1544 proc_t proc = (proc_t)get_bsdtask_info(task);
1545
1546 kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
1547 proc,
1548 entitlement);
1549
1550 if (ret == KERN_SUCCESS) {
1551 return true;
1552 }
1553
1554 return false;
1555}
1556
1557extern "C" OS_ALWAYS_INLINE char*
1558IOCurrentTaskGetEntitlement(const char *entitlement)
1559{
1560 return IOTaskGetEntitlement(NULL, entitlement);
1561}
1562
1563extern "C" char*
1564IOTaskGetEntitlement(task_t task, const char *entitlement)
1565{
1566 void *entitlement_object = NULL;
1567 char *return_value = NULL;
1568
1569 if (task == NULL) {
1570 task = current_task();
1571 }
1572
1573 /* Validate input arguments */
1574 if (task == kernel_task || entitlement == NULL) {
1575 return NULL;
1576 }
1577 proc_t proc = (proc_t)get_bsdtask_info(task);
1578
1579 kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
1580 proc,
1581 entitlement,
1582 &entitlement_object);
1583
1584 if (ret != KERN_SUCCESS) {
1585 return NULL;
1586 }
1587 assert(entitlement_object != NULL);
1588
1589 OSObject *os_object = (OSObject*)entitlement_object;
1590 OSString *os_string = OSDynamicCast(OSString, os_object);
1591
1592 /* Get a C string version of the OSString */
1593 return_value = copyOSStringAsCString(string: os_string);
1594
1595 /* Free the OSObject which was given to us */
1596 OSSafeReleaseNULL(os_object);
1597
1598 return return_value;
1599}
1600
1601extern "C" boolean_t
1602IOVnodeHasEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1603{
1604 OSObject * obj;
1605 off_t offset = (off_t)off;
1606
1607 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1608 if (!obj) {
1609 return false;
1610 }
1611 obj->release();
1612 return obj != kOSBooleanFalse;
1613}
1614
1615extern "C" char *
1616IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
1617{
1618 OSObject *obj = NULL;
1619 OSString *str = NULL;
1620 size_t len;
1621 char *value = NULL;
1622 off_t offset = (off_t)off;
1623
1624 obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
1625 if (obj != NULL) {
1626 str = OSDynamicCast(OSString, obj);
1627 if (str != NULL) {
1628 len = str->getLength() + 1;
1629 value = (char *)kalloc_data(len, Z_WAITOK);
1630 strlcpy(dst: value, src: str->getCStringNoCopy(), n: len);
1631 }
1632 obj->release();
1633 }
1634 return value;
1635}
1636