OSKext.cpp source code [xnu/libkern/c++/OSKext.cpp]

1	/*
2	* Copyright (c) 2008-2021 Apple Inc. All rights reserved.
3	*
4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5	*
6	* This file contains Original Code and/or Modifications of Original Code
7	* as defined in and that are subject to the Apple Public Source License
8	* Version 2.0 (the 'License'). You may not use this file except in
9	* compliance with the License. The rights granted to you under the License
10	* may not be used to create, or enable the creation or redistribution of,
11	* unlawful or unlicensed copies of an Apple operating system, or to
12	* circumvent, violate, or enable the circumvention or violation of, any
13	* terms of an Apple operating system software license agreement.
14	*
15	* Please obtain a copy of the License at
16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
17	*
18	* The Original Code and all software distributed under the License are
19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23	* Please see the License for the specific language governing rights and
24	* limitations under the License.
25	*
26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27	*/
28
29	#define IOKIT_ENABLE_SHARED_PTR
30
31	extern "C" {
32	#include <string.h>
33	#include <kern/clock.h>
34	#include <kern/host.h>
35	#include <kern/kext_alloc.h>
36	#include <firehose/tracepoint_private.h>
37	#include <firehose/chunk_private.h>
38	#include <os/firehose_buffer_private.h>
39	#include <vm/vm_map.h>
40	#include <kextd/kextd_mach.h>
41	#include <libkern/kernel_mach_header.h>
42	#include <libkern/kext_panic_report.h>
43	#include <libkern/kext_request_keys.h>
44	#include <libkern/mkext.h>
45	#include <libkern/prelink.h>
46	#include <libkern/version.h>
47	#include <libkern/zlib.h>
48	#include <mach/host_special_ports.h>
49	#include <mach/mach_vm.h>
50	#include <mach/mach_time.h>
51	#include <uuid/uuid.h>
52	#include <sys/random.h>
53	#include <pexpert/pexpert.h>
54
55	#include <sys/pgo.h>
56
57	#if CONFIG_CSR
58	#include <sys/csr.h>
59	#include <sys/stat.h>
60	#include <sys/vnode.h>
61	#endif /* CONFIG_CSR */
62	};
63
64	#if CONFIG_MACF
65	#include <sys/kauth.h>
66	#include <security/mac_framework.h>
67	#endif
68
69	#include <vm/vm_kern.h>
70	#include <sys/sysctl.h>
71	#include <kern/task.h>
72	#include <os/cpp_util.h>
73
74	#include <libkern/OSKextLibPrivate.h>
75	#include <libkern/c++/OSKext.h>
76	#include <libkern/c++/OSLib.h>
77
78	#include <IOKit/IOLib.h>
79	#include <IOKit/IOCatalogue.h>
80	#include <IOKit/IORegistryEntry.h>
81	#include <IOKit/IOService.h>
82	#include <IOKit/IOUserServer.h>
83
84	#include <IOKit/IOStatisticsPrivate.h>
85	#include <IOKit/IOBSD.h>
86	#include <IOKit/IOPlatformExpert.h>
87
88	#include <san/kasan.h>
89
90	#if CONFIG_SPTM
91	#include <arm64/sptm/sptm.h>
92	#endif
93
94	#if PRAGMA_MARK
95	#pragma mark External & Internal Function Protos
96	#endif
97	/*********************************************************************
98	*********************************************************************/
99	extern "C" {
100	extern int IODTGetLoaderInfo(const char * key, void ** infoAddr, int * infoSize);
101	extern void IODTFreeLoaderInfo(const char * key, void * infoAddr, int infoSize);
102
103	extern ppnum_t pmap_find_phys(pmap_t pmap, addr64_t va); / osfmk/machine/pmap.h /
104	extern int dtrace_keep_kernel_symbols(void);
105
106	#if defined(__x86_64__) \|\| defined(__i386__)
107	extern kern_return_t i386_slide_individual_kext(kernel_mach_header_t *mh, uintptr_t slide);
108	extern kern_return_t i386_slide_kext_collection_mh_addrs(kernel_mach_header_t mh, uintptr_t slide, bool* adjust_mach_headers);
109	extern void ubc_getobject_from_filename(const* char filename, struct* vnode *, off_t file_size);
110	static void allocate_kcfileset_map_entry_list(void*);
111	static void add_kcfileset_map_entry(void *map_entry_list, vm_map_offset_t start, vm_map_offset_t size);
112	static void deallocate_kcfileset_map_entry_list_and_unmap_entries(void map_entry_list, boolean_t unmap_entries, bool* pageable);
113	int vnode_put(struct vnode *vp);
114	kern_return_t vm_map_kcfileset_segment(vm_map_offset_t *start, vm_map_offset_t size,
115	void *control, vm_object_offset_t fileoffset, vm_prot_t max_prot);
116	kern_return_t vm_unmap_kcfileset_segment(vm_map_offset_t *start, vm_map_offset_t size);
117	void * ubc_getobject(struct vnode vp, __unused int* flags);
118	#endif //(__x86_64__) \|\| defined(__i386__)
119	}
120
121	extern unsigned long gVirtBase;
122	extern unsigned long gPhysBase;
123	extern vm_map_t g_kext_map;
124
125	bool pageableKCloaded = false;
126	bool auxKCloaded = false;
127	bool resetAuxKCSegmentOnUnload = false;
128
129	extern boolean_t pageablekc_uuid_valid;
130	extern uuid_t pageablekc_uuid;
131	extern uuid_string_t pageablekc_uuid_string;
132
133	extern boolean_t auxkc_uuid_valid;
134	extern uuid_t auxkc_uuid;
135	extern uuid_string_t auxkc_uuid_string;
136
137	static OSReturn _OSKextCreateRequest(
138	const char * predicate,
139	OSSharedPtr<OSDictionary> & requestP);
140	static OSString * _OSKextGetRequestPredicate(OSDictionary * requestDict);
141	static OSObject * _OSKextGetRequestArgument(
142	OSDictionary * requestDict,
143	const char * argName);
144	static bool _OSKextSetRequestArgument(
145	OSDictionary * requestDict,
146	const char * argName,
147	OSMetaClassBase * value);
148	template <typename T>
149	static T * _OSKextExtractPointer(OSValueObject<T > wrapper);
150	static OSKextRequestResourceCallback _OSKextExtractCallbackPointer(OSValueObject<OSKextRequestResourceCallback> * wrapper);
151	static OSReturn _OSDictionarySetCStringValue(
152	OSDictionary * dict,
153	const char * key,
154	const char * value);
155	static bool _OSKextInUnloadedPrelinkedKexts(const OSSymbol * theBundleID);
156	#if CONFIG_KXLD
157	static bool _OSKextInPrelinkRebuildWindow(void);
158	#endif
159
160	// We really should add containsObject() & containsCString to OSCollection & subclasses.
161	// So few pad slots, though....
162	static bool _OSArrayContainsCString(OSArray * array, const char * cString);
163	static void OSKextLogKextInfo(OSKext *aKext, uint64_t address, uint64_t size, firehose_tracepoint_code_t code);
164
165	static const char getDextUniqueIDCString(OSData dextUniqueID, unsigned int *size);
166
167	/ Prelinked arm kexts do not have VM entries because the method we use to*
168	* fake an entry (see libsa/bootstrap.cpp:readPrelinkedExtensions()) does
169	* not work on ARM. To get around that, we must free prelinked kext
170	* executables with ml_static_mfree() instead of kext_free().
171	*/
172	#if __i386__ \|\| __x86_64__
173	#define VM_MAPPED_KEXTS 1
174	#define KASLR_KEXT_DEBUG 0
175	#define KASLR_IOREG_DEBUG 0
176	#elif __arm__ \|\| __arm64__
177	#define VM_MAPPED_KEXTS 0
178	#define KASLR_KEXT_DEBUG 0
179	#else
180	#error Unsupported architecture
181	#endif
182
183	#if PRAGMA_MARK
184	#pragma mark Constants & Macros
185	#endif
186	/*********************************************************************
187	* Constants & Macros
188	*********************************************************************/
189
190	/ Use this number to create containers.*
191	*/
192	#define kOSKextTypicalLoadCount (150)
193	#define kOSKextTypicalUpgradeCount (5)
194
195	/ Any kext will have at least 1 retain for the internal lookup-by-ID dict.*
196	* A loaded kext will no dependents or external retains will have 2 retains.
197	*/
198	#define kOSKextMinRetainCount (1)
199	#define kOSKextMinLoadedRetainCount (2)
200
201	#define kOSKextMaxDextLaunchedCount (~((uint32_t)0))
202	#define KOSBundleDextUniqueIdentifierMaxStringLength (KOSBundleDextUniqueIdentifierMaxLength * 2 +1)
203
204	/**********
205	* Strings and substrings used in dependency resolution.
206	*/
207	#define APPLE_KEXT_PREFIX "com.apple."
208	#define KERNEL_LIB "com.apple.kernel"
209
210	#define PRIVATE_KPI "com.apple.kpi.private"
211
212	/ Version for compatbility pseudokexts (com.apple.kernel.),
213	* compatible back to v6.0.
214	*/
215	#define KERNEL6_LIB "com.apple.kernel.6.0"
216	#define KERNEL6_VERSION "7.9.9"
217
218	#define KERNEL_LIB_PREFIX "com.apple.kernel."
219	#define KPI_LIB_PREFIX "com.apple.kpi."
220
221	#define STRING_HAS_PREFIX(s, p) (strncmp((s), (p), strlen(p)) == 0)
222
223	#define REBUILD_MAX_TIME (60 * 5) // 5 minutes
224	#define MINIMUM_WAKEUP_SECONDS (30)
225
226	/*********************************************************************
227	* infoDict keys for internally-stored data. Saves on ivar slots for
228	* objects we don't keep around past boot time or during active load.
229	*********************************************************************/
230
231	/ A usable, uncompressed file is stored under this key.*
232	*/
233	#define _kOSKextExecutableKey "_OSKextExecutable"
234
235	/ An indirect reference to the executable file from an mkext*
236	* is stored under this key.
237	*/
238	#define _kOSKextMkextExecutableReferenceKey "_OSKextMkextExecutableReference"
239
240	/ If the file is contained in a larger buffer laid down by the booter or*
241	* sent from user space, the OSKext stores that OSData under this key so that
242	* references are properly tracked. This is always an mkext, right now.
243	*/
244	#define _kOSKextExecutableExternalDataKey "_OSKextExecutableExternalData"
245
246	#define OS_LOG_HDR_VERSION 1
247	#define NUM_OS_LOG_SECTIONS 3
248
249	#define OS_LOG_SECT_IDX 0
250	#define CSTRING_SECT_IDX 1
251	#define ASAN_CSTRING_SECT_IDX 2
252
253	#if PRAGMA_MARK
254	#pragma mark Typedefs
255	#endif
256	/*********************************************************************
257	* Typedefs
258	*********************************************************************/
259
260	/*********************************************************************
261	* osLogDataHeaderRef describes the header information of an OSData
262	* object that is returned when querying for kOSBundleLogStringsKey.
263	* We currently return information regarding 2 sections - os_log and
264	* cstring. In the case that the os_log section doesn't exist, we just
265	* return an offset and length of 0 for that section.
266	*********************************************************************/
267	typedef struct osLogDataHeader {
268	uint32_t version;
269	uint32_t sect_count;
270	struct {
271	uint32_t sect_offset;
272	uint32_t sect_size;
273	} sections[`0`];
274	} osLogDataHeaderRef;
275
276	/*********************************************************************
277	* MkextEntryRef describes the contents of an OSData object
278	* referencing a file entry from an mkext so that we can uncompress
279	* (if necessary) and extract it on demand.
280	*
281	* It contains the mkextVersion in case we ever wind up supporting
282	* multiple mkext formats. Mkext format 1 is officially retired as of
283	* Snow Leopard.
284	*********************************************************************/
285	typedef struct MkextEntryRef {
286	mkext_basic_header * mkext; // beginning of whole mkext file
287	void * fileinfo;// mkext2_file_entry or equiv; see mkext.h
288	} MkextEntryRef;
289
290	#if PRAGMA_MARK
291	#pragma mark Global and static Module Variables
292	#endif
293	/*********************************************************************
294	* Global & static variables, used to keep track of kexts.
295	*********************************************************************/
296
297	static bool sPrelinkBoot = false;
298	static bool sSafeBoot = false;
299	static bool sKeepSymbols = false;
300	static bool sPanicOnKCMismatch = false;
301	static bool sOSKextWasResetAfterUserspaceReboot = false;
302
303	/*********************************************************************
304	* sKextLock is the principal lock for OSKext, and guards all static
305	* and global variables not owned by other locks (declared further
306	* below). It must be taken by any entry-point method or function,
307	* including internal functions called on scheduled threads.
308	*
309	* sKextLock and sKextInnerLock are recursive due to multiple functions
310	* that are called both externally and internally. The other locks are
311	* nonrecursive.
312	*
313	* Which locks are taken depends on what they protect, but if more than
314	* one must be taken, they must always be locked in this order
315	* (and unlocked in reverse order) to prevent deadlocks:
316	*
317	* 1. sKextLock
318	* 2. sKextInnerLock
319	* 3. sKextSummariesLock
320	* 4. sKextLoggingLock
321	*/
322	static IORecursiveLock * sKextLock = NULL;
323
324	static OSSharedPtr<OSDictionary> sKextsByID;
325	static OSSharedPtr<OSDictionary> sExcludeListByID;
326	static OSKextVersion sExcludeListVersion = `0`;
327	static OSSharedPtr<OSArray> sLoadedKexts;
328	static OSSharedPtr<OSDictionary> sNonLoadableKextsByID;
329	static OSSharedPtr<OSArray> sUnloadedPrelinkedKexts;
330	static OSSharedPtr<OSArray> sLoadedDriverKitKexts;
331	static OSSharedPtr<OSDictionary> sDriverKitToUpgradeByID;
332
333	// Requests to the IOKit daemon waiting to be picked up.
334	static OSSharedPtr<OSArray> sKernelRequests;
335	// Identifier of kext load requests in sKernelRequests
336	static OSSharedPtr<OSSet> sPostedKextLoadIdentifiers;
337	static OSSharedPtr<OSArray> sRequestCallbackRecords;
338
339	// Identifiers of all kexts ever requested in kernel; used for prelinked kernel
340	static OSSharedPtr<OSSet> sAllKextLoadIdentifiers;
341	#if CONFIG_KXLD
342	static KXLDContext * sKxldContext = NULL;
343	#endif
344	static uint32_t sNextLoadTag = `0`;
345	static uint32_t sNextRequestTag = `0`;
346
347	static bool sUserLoadsActive = false;
348	static bool sIOKitDaemonActive = false;
349	static bool sDeferredLoadSucceeded = false;
350	static bool sConsiderUnloadsExecuted = false;
351
352	#if NO_KEXTD
353	static bool sKernelRequestsEnabled = false;
354	#else
355	static bool sKernelRequestsEnabled = true;
356	#endif
357	static bool sLoadEnabled = true;
358	static bool sUnloadEnabled = true;
359
360	/*********************************************************************
361	* Stuff for the OSKext representing the kernel itself.
362	**********/
363	static OSKext * sKernelKext = NULL;
364
365	/ Load Tag IDs used by statically loaded binaries (e.g, the kernel itself). /
366	enum : uint32_t {
367	kOSKextKernelLoadTag = `0`,
368	#if CONFIG_SPTM
369	kOSKextSPTMLoadTag = `1`,
370	kOSKextTXMLoadTag = `2`,
371	#endif /* CONFIG_SPTM */
372	kOSKextLoadTagCount
373	};
374
375	/ Set up a fake kmod_info struct for the kernel.*
376	* It's used in OSRuntime.cpp to call OSRuntimeInitializeCPP()
377	* before OSKext is initialized; that call only needs the name
378	* and address to be set correctly.
379	*
380	* We don't do much else with the kerne's kmod_info; we never
381	* put it into the kmod list, never adjust the reference count,
382	* and never have kernel components reference it.
383	* For that matter, we don't do much with kmod_info structs
384	* at all anymore! We just keep them filled in for gdb and
385	* binary compability.
386	*/
387	kmod_info_t g_kernel_kmod_info = {
388	.next = NULL,
389	.info_version = KMOD_INFO_VERSION,
390	.id = kOSKextKernelLoadTag, // loadTag: kernel is always 0
391	.name = kOSKextKernelIdentifier,// bundle identifier
392	.version = "0", // filled in in OSKext::initialize()
393	.reference_count = -`1`, // never adjusted; kernel never unloads
394	.reference_list = NULL,
395	.address = `0`,
396	.size = `0`, // filled in in OSKext::initialize()
397	.hdr_size = `0`,
398	.start = NULL,
399	.stop = NULL
400	};
401
402	#if CONFIG_SPTM
403	/ The SPTM and TXM need fake kmod structures just like the kernel. /
404	kmod_info_t g_sptm_kmod_info = {
405	.next = NULL,
406	.info_version = KMOD_INFO_VERSION,
407	.id = kOSKextSPTMLoadTag, // Always one after the kernel
408	.name = kOSKextSPTMIdentifier,// bundle identifier
409	.version = "0", // filled in by OSKext::initialize()
410	.reference_count = -`1`, // never adjusted; SPTM never unloads
411	.reference_list = NULL,
412	.address = `0`,
413	.size = `0`, // filled in by OSKext::initialize()
414	.hdr_size = `0`,
415	.start = NULL,
416	.stop = NULL
417	};
418
419	kmod_info_t g_txm_kmod_info = {
420	.next = NULL,
421	.info_version = KMOD_INFO_VERSION,
422	.id = kOSKextTXMLoadTag, // Always one after the SPTM
423	.name = kOSKextTXMIdentifier,// bundle identifier
424	.version = "0", // filled in by OSKext::initialize()
425	.reference_count = -`1`, // never adjusted; TXM never unloads
426	.reference_list = NULL,
427	.address = `0`,
428	.size = `0`, // filled in by OSKext::initialize()
429	.hdr_size = `0`,
430	.start = NULL,
431	.stop = NULL
432	};
433	#endif /* CONFIG_SPTM */
434
435	/ Set up a fake kmod_info struct for statically linked kexts that don't have one. /
436
437	kmod_info_t invalid_kmod_info = {
438	.next = NULL,
439	.info_version = KMOD_INFO_VERSION,
440	.id = UINT32_MAX,
441	.name = "invalid",
442	.version = "0",
443	.reference_count = -`1`,
444	.reference_list = NULL,
445	.address = `0`,
446	.size = `0`,
447	.hdr_size = `0`,
448	.start = NULL,
449	.stop = NULL
450	};
451
452	extern "C" {
453	// symbol 'kmod' referenced in: model_dep.c, db_trace.c, symbols.c, db_low_trace.c,
454	// dtrace.c, dtrace_glue.h, OSKext.cpp, locore.s, lowmem_vectors.s,
455	// misc_protos.h, db_low_trace.c, kgmacros
456	// 'kmod' is a holdover from the old kmod system, we can't rename it.
457	kmod_info_t * kmod = NULL;
458
459	#define KEXT_PANICLIST_SIZE (2 * PAGE_SIZE)
460
461
462	static char * loaded_kext_paniclist = NULL;
463	static uint32_t loaded_kext_paniclist_size = `0`;
464
465	AbsoluteTime last_loaded_timestamp;
466	static char last_loaded_str_buf[`2` * KMOD_MAX_NAME];
467	static u_long last_loaded_strlen = `0`;
468	static void * last_loaded_address = NULL;
469	static u_long last_loaded_size = `0`;
470
471	AbsoluteTime last_unloaded_timestamp;
472	static char last_unloaded_str_buf[`2` * KMOD_MAX_NAME];
473	static u_long last_unloaded_strlen = `0`;
474	static void * last_unloaded_address = NULL;
475	static u_long last_unloaded_size = `0`;
476
477	// Statically linked kmods described by several mach-o sections:
478	//
479	// kPrelinkInfoSegment:kBuiltinInfoSection
480	// Array of pointers to kmod_info_t structs.
481	//
482	// kPrelinkInfoSegment:kBuiltinInfoSection
483	// Array of pointers to an embedded mach-o header.
484	//
485	// __DATA:kBuiltinInitSection, kBuiltinTermSection
486	// Structors for all kmods. Has to be filtered by proc address.
487	//
488
489	static uint32_t gBuiltinKmodsCount;
490	static kernel_section_t * gBuiltinKmodsSectionInfo;
491	static kernel_section_t * gBuiltinKmodsSectionStart;
492
493	const OSSymbol * gIOSurfaceIdentifier;
494	vm_tag_t gIOSurfaceTag;
495
496	/*********************************************************************
497	* sKextInnerLock protects against cross-calls with IOService and
498	* IOCatalogue, and owns the variables declared immediately below.
499	*
500	* Note that sConsiderUnloadsExecuted above belongs to sKextLock!
501	*
502	* When both sKextLock and sKextInnerLock need to be taken,
503	* always lock sKextLock first and unlock it second. Never take both
504	* locks in an entry point to OSKext; if you need to do so, you must
505	* spawn an independent thread to avoid potential deadlocks for threads
506	* calling into OSKext.
507	**********/
508	static IORecursiveLock * sKextInnerLock = NULL;
509
510	#if XNU_TARGET_OS_OSX
511	static bool sAutounloadEnabled = true;
512	#endif
513	static bool sConsiderUnloadsCalled = false;
514	static bool sConsiderUnloadsPending = false;
515
516	static unsigned int sConsiderUnloadDelay = `60`; // seconds
517	static thread_call_t sUnloadCallout = NULL;
518	#if CONFIG_KXLD
519	static thread_call_t sDestroyLinkContextThread = NULL; // one-shot, one-at-a-time thread
520	#endif // CONFIG_KXLD
521	static bool sSystemSleep = false; // true when system going to sleep
522	static AbsoluteTime sLastWakeTime; // last time we woke up
523
524	/*********************************************************************
525	* Backtraces can be printed at various times so we need a tight lock
526	* on data used for that. sKextSummariesLock protects the variables
527	* declared immediately below.
528	*
529	* gLoadedKextSummaries is accessed by other modules, but only during
530	* a panic so the lock isn't needed then.
531	*
532	* gLoadedKextSummaries has the "used" attribute in order to ensure
533	* that it remains visible even when we are performing extremely
534	* aggressive optimizations, as it is needed to allow the debugger
535	* to automatically parse the list of loaded kexts.
536	**********/
537	static IOLock * sKextSummariesLock = NULL;
538	extern "C" lck_ticket_t vm_allocation_sites_lock;
539	extern "C" lck_grp_t vm_page_lck_grp_bucket;
540	static lck_ticket_t * sKextAccountsLock = &vm_allocation_sites_lock;
541	static lck_grp_t * sKextAccountsLockGrp = &vm_page_lck_grp_bucket;
542
543	void(*const sLoadedKextSummariesUpdated)(void) = OSKextLoadedKextSummariesUpdated;
544	OSKextLoadedKextSummaryHeader * gLoadedKextSummaries __attribute__((used)) = NULL;
545	uint64_t gLoadedKextSummariesTimestamp __attribute__((used)) = `0`;
546	static size_t sLoadedKextSummariesAllocSize = `0`;
547
548	static OSKextActiveAccount * sKextAccounts;
549	static uint32_t sKextAccountsCount;
550	};
551
552	/*********************************************************************
553	* sKextLoggingLock protects the logging variables declared immediately below.
554	**********/
555	static IOLock * sKextLoggingLock = NULL;
556
557	static const OSKextLogSpec kDefaultKernelLogFilter = kOSKextLogBasicLevel \|
558	kOSKextLogVerboseFlagsMask;
559	static OSKextLogSpec sKernelLogFilter = kDefaultKernelLogFilter;
560	static bool sBootArgLogFilterFound = false;
561	SYSCTL_UINT(_debug, OID_AUTO, kextlog, CTLFLAG_RW \| CTLFLAG_LOCKED, &sKernelLogFilter,
562	`0`, "kernel kext logging");
563
564	static OSKextLogSpec sUserSpaceKextLogFilter = kOSKextLogSilentFilter;
565	static OSSharedPtr<OSArray> sUserSpaceLogSpecArray;
566	static OSSharedPtr<OSArray> sUserSpaceLogMessageArray;
567
568	/*********
569	* End scope for sKextInnerLock-protected variables.
570	*********************************************************************/
571
572	/*********************************************************************
573	* OSValueObject concrete type instantiations
574	**********/
575	OSDefineValueObjectForDependentType(void*)
576	OSDefineValueObjectForDependentType(OSKextRequestResourceCallback)
577
578
579	/********************************************************************/
580
581	TUNABLE(uint32_t, kMaxDextCrashesInOneDay, "daily_max_dext_crashes", kMaxDextCrashesInOneDayDefault);
582
583	/*********************************************************************
584	* helper function used for collecting PGO data upon unload of a kext
585	*/
586
587	static int OSKextGrabPgoDataLocked(OSKext *kext,
588	bool metadata,
589	uuid_t instance_uuid,
590	uint64_t *pSize,
591	char *pBuffer,
592	uint64_t bufferSize);
593
594	/********************************************************************/
595
596
597
598	#if PRAGMA_MARK
599	#pragma mark OSData callbacks (need to move to OSData)
600	#endif
601	/*********************************************************************
602	* C functions used for callbacks.
603	*********************************************************************/
604	extern "C" {
605	void
606	osdata_kmem_free(void * ptr, unsigned int length)
607	{
608	kmem_free(map: kernel_map, addr: (vm_address_t)ptr, size: length);
609	return;
610	}
611
612	void
613	osdata_phys_free(void * ptr, unsigned int length)
614	{
615	ml_static_mfree((vm_offset_t)ptr, length);
616	return;
617	}
618
619	void
620	osdata_vm_deallocate(void * ptr, unsigned int length)
621	{
622	(void)vm_deallocate(target_task: kernel_map, address: (vm_offset_t)ptr, size: length);
623	return;
624	}
625
626	void
627	osdata_kext_free(void * ptr, unsigned int length)
628	{
629	(void)kext_free(addr: (vm_offset_t)ptr, size: length);
630	}
631	};
632
633	#if PRAGMA_MARK
634	#pragma mark KXLD Allocation Callback
635	#endif
636	#if CONFIG_KXLD
637	/*********************************************************************
638	* KXLD Allocation Callback
639	*********************************************************************/
640	kxld_addr_t
641	kern_allocate(
642	u_long size,
643	KXLDAllocateFlags * flags,
644	void * user_data)
645	{
646	vm_address_t result = `0`; // returned
647	kern_return_t mach_result = KERN_FAILURE;
648	bool success = false;
649	OSKext * theKext = (OSKext *)user_data;
650	unsigned int roundSize = `0`;
651	OSSharedPtr<OSData> linkBuffer;
652
653	if (round_page(size) > UINT_MAX) {
654	OSKextLog(theKext,
655	kOSKextLogErrorLevel \|
656	kOSKextLogGeneralFlag,
657	"%s: Requested memory size is greater than UINT_MAX.",
658	theKext->getIdentifierCString());
659	goto finish;
660	}
661
662	roundSize = (unsigned int)round_page(size);
663
664	mach_result = kext_alloc(&result, roundSize, / fixed / FALSE);
665	if (mach_result != KERN_SUCCESS) {
666	OSKextLog(theKext,
667	kOSKextLogErrorLevel \|
668	kOSKextLogGeneralFlag,
669	"Can't allocate kernel memory to link %s.",
670	theKext->getIdentifierCString());
671	goto finish;
672	}
673
674	/ Create an OSData wrapper for the allocated buffer.*
675	*/
676	linkBuffer = OSData::withBytesNoCopy((void *)result, roundSize);
677	if (!linkBuffer) {
678	OSKextLog(theKext,
679	kOSKextLogErrorLevel \|
680	kOSKextLogGeneralFlag,
681	"Can't allocate linked executable wrapper for %s.",
682	theKext->getIdentifierCString());
683	goto finish;
684	}
685	linkBuffer->setDeallocFunction(osdata_kext_free);
686	OSKextLog(theKext,
687	kOSKextLogProgressLevel \|
688	kOSKextLogLoadFlag \| kOSKextLogLinkFlag,
689	"Allocated link buffer for kext %s at %p (%lu bytes).",
690	theKext->getIdentifierCString(),
691	(void )result, (unsigned* long)roundSize);
692
693	theKext->setLinkedExecutable(linkBuffer.get());
694
695	*flags = kKxldAllocateWritable;
696	success = true;
697
698	finish:
699	if (!success && result) {
700	kext_free(result, roundSize);
701	result = `0`;
702	}
703
704	return (kxld_addr_t)result;
705	}
706
707	/*********************************************************************
708	*********************************************************************/
709	void
710	kxld_log_callback(
711	KXLDLogSubsystem subsystem,
712	KXLDLogLevel level,
713	const char * format,
714	va_list argList,
715	void * user_data)
716	{
717	OSKext theKext = (OSKext ) user_data;
718	OSKextLogSpec logSpec = `0`;
719
720	switch (subsystem) {
721	case kKxldLogLinking:
722	logSpec \|= kOSKextLogLinkFlag;
723	break;
724	case kKxldLogPatching:
725	logSpec \|= kOSKextLogPatchFlag;
726	break;
727	}
728
729	switch (level) {
730	case kKxldLogExplicit:
731	logSpec \|= kOSKextLogExplicitLevel;
732	break;
733	case kKxldLogErr:
734	logSpec \|= kOSKextLogErrorLevel;
735	break;
736	case kKxldLogWarn:
737	logSpec \|= kOSKextLogWarningLevel;
738	break;
739	case kKxldLogBasic:
740	logSpec \|= kOSKextLogProgressLevel;
741	break;
742	case kKxldLogDetail:
743	logSpec \|= kOSKextLogDetailLevel;
744	break;
745	case kKxldLogDebug:
746	logSpec \|= kOSKextLogDebugLevel;
747	break;
748	}
749
750	OSKextVLog(theKext, logSpec, format, argList);
751	}
752	#endif // CONFIG_KXLD
753
754	#if PRAGMA_MARK
755	#pragma mark IOStatistics defines
756	#endif
757
758	#if IOKITSTATS
759
760	#define notifyKextLoadObservers(kext, kmod_info) \
761	do { \
762	IOStatistics::onKextLoad(kext, kmod_info); \
763	} while (0)
764
765	#define notifyKextUnloadObservers(kext) \
766	do { \
767	IOStatistics::onKextUnload(kext); \
768	} while (0)
769
770	#define notifyAddClassObservers(kext, addedClass, flags) \
771	do { \
772	IOStatistics::onClassAdded(kext, addedClass); \
773	} while (0)
774
775	#define notifyRemoveClassObservers(kext, removedClass, flags) \
776	do { \
777	IOStatistics::onClassRemoved(kext, removedClass); \
778	} while (0)
779
780	#else
781
782	#define notifyKextLoadObservers(kext, kmod_info)
783	#define notifyKextUnloadObservers(kext)
784	#define notifyAddClassObservers(kext, addedClass, flags)
785	#define notifyRemoveClassObservers(kext, removedClass, flags)
786
787	#endif /* IOKITSTATS */
788
789	#if PRAGMA_MARK
790	#pragma mark Module Config (Startup & Shutdown)
791	#endif
792	/*********************************************************************
793	* Module Config (Class Definition & Class Methods)
794	*********************************************************************/
795	#define super OSObject
796	OSDefineMetaClassAndStructors(OSKext, OSObject)
797
798	OSDefineMetaClassAndStructors(OSKextSavedMutableSegment, OSObject);
799
800	OSDefineMetaClassAndStructors(OSDextStatistics, OSObject);
801
802	/*********************************************************************
803	*********************************************************************/
804	/**
805	* Allocate and intialize a fake/representative OSKext object for a statically
806	* loaded (by iBoot) binary (e.g., the XNU kernel itself).
807	*
808	* @param kmod_info Pointer to the kmod_info structure for the binary being
809	* setup. At least the "name" and "id" fields needs to already
810	* be set correctly.
811	*
812	* @return The allocated and initialized OSKext object.
813	*/
814	/ static /
815	OSKext *
816	OSKext::allocAndInitFakeKext(kmod_info_t *kmod_info)
817	{
818	vm_offset_t load_address = `0`;
819	const char *bundle_name = NULL;
820	bool macho_is_unslid = false;
821	bool set_custom_path = false;
822	const char *executable_fallback_name = NULL;
823
824	if (kmod_info->id == kOSKextKernelLoadTag) {
825	load_address = (vm_offset_t)&_mh_execute_header;
826	bundle_name = "mach_kernel";
827
828	/ The kernel Mach-O header is fixed up to slide all of its addresses. /
829	macho_is_unslid = false;
830
831	/**
832	* No path to the binary is set for the kernel in its OSKext object. The
833	* kernel binary is located in fixed directories depending on the OS.
834	*/
835	set_custom_path = false;
836	executable_fallback_name = NULL;
837	#if CONFIG_SPTM
838	} else if (kmod_info->id == kOSKextSPTMLoadTag) {
839	load_address = (vm_offset_t)SPTMArgs->debug_header->image[DEBUG_HEADER_ENTRY_SPTM];
840	bundle_name = "sptm";
841
842	/ The addresses in the SPTM Mach-O header are all unslid. /
843	macho_is_unslid = true;
844
845	set_custom_path = true;
846	executable_fallback_name = "sptm.no.binname.in.macho";
847	} else if (kmod_info->id == kOSKextTXMLoadTag) {
848	load_address = (vm_offset_t)SPTMArgs->debug_header->image[DEBUG_HEADER_ENTRY_TXM];
849	bundle_name = "txm";
850
851	/ The addresses in the TXM Mach-O header are all unslid. /
852	macho_is_unslid = true;
853
854	set_custom_path = true;
855	executable_fallback_name = "txm.no.binname.in.macho";
856	#endif /* CONFIG_SPTM */
857	} else {
858	panic("%s: Unsupported kmod_info->id (%d)", __func__, kmod_info->id);
859	}
860
861	/ Set up an OSKext instance to represent the statically loaded binary. /
862	OSKext fakeKext = new* OSKext;
863	assert(fakeKext);
864	assert(load_address != `0`);
865
866	/*
867	* The start address is always a slid address whereas the last VA returned
868	* by getlastaddr() might be unslid depending on the Mach-O. If the address
869	* coming from the Mach-O is unslid, then unslide the start address before
870	* computing the length of the executable.
871	*/
872	size_t binaryLength = getlastaddr(header: (kernel_mach_header_t*)load_address);
873	binaryLength -= (macho_is_unslid) ? ml_static_unslide(vaddr: load_address) : load_address;
874	assert(binaryLength <= UINT_MAX);
875
876	/**
877	* The load address is always slid. That value will be unslid before being
878	* exposed to userspace.
879	*/
880	OSSharedPtr<OSData> executable = OSData::withBytesNoCopy(
881	bytes: (void)load_address, numBytes: (unsigned* int)binaryLength);
882	assert(executable);
883
884	fakeKext->loadTag = sNextLoadTag++;
885	fakeKext->bundleID = OSSymbol::withCString(cString: kmod_info->name);
886
887	fakeKext->version = OSKextParseVersionString(versionString: osrelease);
888	fakeKext->compatibleVersion = fakeKext->version;
889	fakeKext->linkedExecutable = os::move(t&: executable);
890	fakeKext->interfaceUUID = fakeKext->copyUUID();
891
892	fakeKext->flags.hasAllDependencies = `1`;
893	fakeKext->flags.kernelComponent = `1`;
894	fakeKext->flags.prelinked = `0`;
895	fakeKext->flags.loaded = `1`;
896	fakeKext->flags.started = `1`;
897	fakeKext->flags.CPPInitialized = `0`;
898	fakeKext->flags.jettisonLinkeditSeg = `0`;
899	fakeKext->flags.unslidMachO = macho_is_unslid;
900
901	#if CONFIG_SPTM
902	if (set_custom_path) {
903	/ Only SPTM/TXM should have custom paths to their executables set. /
904	assert((kmod_info->id == kOSKextSPTMLoadTag) \|\|
905	(kmod_info->id == kOSKextTXMLoadTag));
906
907	/ All SPTM/TXM binaries are placed into the same path on internal systems. /
908	fakeKext->path = OSString::withCStringNoCopy("/usr/appleinternal/standalone/platform");
909
910	/**
911	* Each SPTM/TXM Mach-O should contain a __TEXT,__binname section which contains
912	* a character array representing the name of the Mach-O executable.
913	*/
914	kernel_section_t *binname_sect =
915	getsectbynamefromheader((kernel_mach_header_t*)load_address, "__TEXT", "__binname");
916
917	if (binname_sect != NULL) {
918	const char binname = (const* char *)ml_static_slide(binname_sect->addr);
919	fakeKext->executableRelPath = OSString::withCStringNoCopy(binname);
920	} else {
921	fakeKext->executableRelPath = OSString::withCStringNoCopy(executable_fallback_name);
922	}
923	}
924	#endif /* CONFIG_SPTM */
925
926	fakeKext->kmod_info = kmod_info;
927	strlcpy(dst: kmod_info->version, src: osrelease,
928	n: sizeof(kmod_info->version));
929	kmod_info->size = binaryLength;
930	assert(kmod_info->id == fakeKext->loadTag);
931
932	/*
933	* Con up an info dict, so we don't have to have special-case checking all
934	* over.
935	*/
936	fakeKext->infoDict = OSDictionary::withCapacity(capacity: `5`);
937	assert(fakeKext->infoDict);
938	bool setResult = fakeKext->infoDict ->setObject(kCFBundleIdentifierKey,
939	anObject: fakeKext->bundleID.get());
940	assert(setResult);
941	setResult = fakeKext->infoDict ->setObject(kOSKernelResourceKey,
942	anObject: kOSBooleanTrue);
943	assert(setResult);
944
945	{
946	OSSharedPtr<OSString> scratchString(OSString::withCStringNoCopy(cString: osrelease));
947	assert(scratchString);
948	setResult = fakeKext->infoDict ->setObject(kCFBundleVersionKey,
949	anObject: scratchString.get());
950	assert(setResult);
951	}
952
953	{
954	OSSharedPtr<OSString> scratchString(OSString::withCStringNoCopy(cString: bundle_name));
955	assert(scratchString);
956	setResult = fakeKext->infoDict ->setObject(kCFBundleNameKey,
957	anObject: scratchString.get());
958	assert(setResult);
959	}
960
961	return fakeKext;
962	}
963
964	/ static /
965	void
966	OSKext::initialize(void)
967	{
968	OSSharedPtr<OSData> kernelExecutable = NULL;// do not release
969	IORegistryEntry * registryRoot = NULL;// do not release
970	OSSharedPtr<OSNumber> kernelCPUType;
971	OSSharedPtr<OSNumber> kernelCPUSubtype;
972	OSKextLogSpec bootLogFilter = kOSKextLogSilentFilter;
973	bool setResult = false;
974	uint64_t * timestamp = NULL;
975	__unused char bootArgBuffer[`16`];// for PE_parse_boot_argn w/strings
976
977	/ This must be the first thing allocated. Everything else grabs this lock.*
978	*/
979	sKextLock = IORecursiveLockAlloc();
980	sKextInnerLock = IORecursiveLockAlloc();
981	sKextSummariesLock = IOLockAlloc();
982	sKextLoggingLock = IOLockAlloc();
983	assert(sKextLock);
984	assert(sKextInnerLock);
985	assert(sKextSummariesLock);
986	assert(sKextLoggingLock);
987
988	sKextsByID = OSDictionary::withCapacity(kOSKextTypicalLoadCount);
989	sLoadedKexts = OSArray::withCapacity(kOSKextTypicalLoadCount);
990	sLoadedDriverKitKexts = OSArray::withCapacity(kOSKextTypicalLoadCount);
991	sUnloadedPrelinkedKexts = OSArray::withCapacity(kOSKextTypicalLoadCount / `10`);
992	sKernelRequests = OSArray::withCapacity(capacity: `0`);
993	sPostedKextLoadIdentifiers = OSSet::withCapacity(capacity: `0`);
994	sAllKextLoadIdentifiers = OSSet::withCapacity(kOSKextTypicalLoadCount);
995	sRequestCallbackRecords = OSArray::withCapacity(capacity: `0`);
996	sDriverKitToUpgradeByID = OSDictionary::withCapacity(kOSKextTypicalUpgradeCount);
997
998	assert(sKextsByID && sLoadedKexts && sLoadedDriverKitKexts && sKernelRequests &&
999	sPostedKextLoadIdentifiers && sAllKextLoadIdentifiers &&
1000	sRequestCallbackRecords && sUnloadedPrelinkedKexts && sDriverKitToUpgradeByID);
1001
1002	/ Read the log flag boot-args and set the log flags.*
1003	*/
1004	if (PE_parse_boot_argn(arg_string: "kextlog", arg_ptr: &bootLogFilter, max_arg: sizeof(bootLogFilter))) {
1005	sBootArgLogFilterFound = true;
1006	sKernelLogFilter = bootLogFilter;
1007	// log this if any flags are set
1008	OSKextLog(/ kext / NULL,
1009	kOSKextLogBasicLevel \|
1010	kOSKextLogFlagsMask,
1011	format: "Kernel kext log filter 0x%x per kextlog boot arg.",
1012	(unsigned)sKernelLogFilter);
1013	}
1014
1015	#if !defined(__arm__) && !defined(__arm64__)
1016	/*
1017	* On our ARM targets, the kernelcache/boot kernel collection contains
1018	* the set of kexts required to boot, as specified by KCB. Safeboot is
1019	* either unsupported, or is supported by the bootloader only loading
1020	* the boot kernel collection; as a result OSKext has no role to play
1021	* in safeboot policy on ARM.
1022	*/
1023	sSafeBoot = PE_parse_boot_argn("-x", bootArgBuffer,
1024	sizeof(bootArgBuffer)) ? true : false;
1025	#endif /* defined(__arm__) && defined(__arm64__) */
1026
1027	if (sSafeBoot) {
1028	OSKextLog(/ kext / NULL,
1029	kOSKextLogWarningLevel \|
1030	kOSKextLogGeneralFlag,
1031	format: "SAFE BOOT DETECTED - "
1032	"only valid OSBundleRequired kexts will be loaded.");
1033	}
1034
1035	PE_parse_boot_argn(arg_string: "keepsyms", arg_ptr: &sKeepSymbols, max_arg: sizeof(sKeepSymbols));
1036	#if CONFIG_DTRACE
1037	if (dtrace_keep_kernel_symbols()) {
1038	sKeepSymbols = true;
1039	}
1040	#endif /* CONFIG_DTRACE */
1041	#if KASAN_DYNAMIC_BLACKLIST
1042	/ needed for function lookup /
1043	sKeepSymbols = true;
1044	#endif
1045
1046	/*
1047	* Should we panic when the SystemKC is not linked against the
1048	* BootKC that was loaded by the booter? By default: yes, if the
1049	* "-nokcmismatchpanic" boot-arg is passed, then we _don't_ panic
1050	* on mis-match and instead just print an error and continue.
1051	*/
1052	sPanicOnKCMismatch = PE_parse_boot_argn(arg_string: "-nokcmismatchpanic", arg_ptr: bootArgBuffer,
1053	max_arg: sizeof(bootArgBuffer)) ? false : true;
1054
1055	/ Set up an OSKext instance to represent the kernel itself. /
1056	sKernelKext = allocAndInitFakeKext(kmod_info: &g_kernel_kmod_info);
1057	assert(sKernelKext);
1058
1059	#if CONFIG_SPTM
1060	/ Set up OSKext instances to represent the SPTM/TXM. /
1061	OSKext *SPTMKext = allocAndInitFakeKext(&g_sptm_kmod_info);
1062	OSKext *TXMKext = allocAndInitFakeKext(&g_txm_kmod_info);
1063	#endif
1064
1065	/ Add the kernel kext to the bookkeeping dictionaries. Note that*
1066	* the kernel kext doesn't have a kmod_info struct. copyInfo()
1067	* gathers info from other places anyhow.
1068	*/
1069	setResult = sKextsByID ->setObject(aKey: sKernelKext->bundleID.get(), anObject: sKernelKext);
1070	assert(setResult);
1071	setResult = sLoadedKexts ->setObject(sKernelKext);
1072	assert(setResult);
1073
1074	#if CONFIG_SPTM
1075	setResult = sKextsByID->setObject(SPTMKext->bundleID.get(), SPTMKext);
1076	assert(setResult);
1077	setResult = sLoadedKexts->setObject(SPTMKext);
1078	assert(setResult);
1079
1080	setResult = sKextsByID->setObject(TXMKext->bundleID.get(), TXMKext);
1081	assert(setResult);
1082	setResult = sLoadedKexts->setObject(TXMKext);
1083	assert(setResult);
1084	#endif /* CONFIG_SPTM */
1085
1086	// XXX: better way with OSSharedPtr?
1087	// sKernelKext remains a valid pointer even after the decref
1088	sKernelKext->release();
1089	#if CONFIG_SPTM
1090	SPTMKext->release();
1091	TXMKext->release();
1092	#endif /* CONFIG_SPTM */
1093
1094	registryRoot = IORegistryEntry::getRegistryRoot();
1095	kernelCPUType = OSNumber::withNumber(
1096	value: (long long unsigned int)_mh_execute_header.cputype,
1097	numberOfBits: `8` * sizeof(_mh_execute_header.cputype));
1098	kernelCPUSubtype = OSNumber::withNumber(
1099	value: (long long unsigned int)_mh_execute_header.cpusubtype,
1100	numberOfBits: `8` * sizeof(_mh_execute_header.cpusubtype));
1101	assert(registryRoot && kernelCPUSubtype && kernelCPUType);
1102
1103	registryRoot->setProperty(kOSKernelCPUTypeKey, anObject: kernelCPUType.get());
1104	registryRoot->setProperty(kOSKernelCPUSubtypeKey, anObject: kernelCPUSubtype.get());
1105
1106	gBuiltinKmodsSectionInfo = getsectbyname(kPrelinkInfoSegment, kBuiltinInfoSection);
1107	if (gBuiltinKmodsSectionInfo) {
1108	uint32_t count;
1109
1110	assert(gBuiltinKmodsSectionInfo->addr);
1111	assert(gBuiltinKmodsSectionInfo->size);
1112	assert(gBuiltinKmodsSectionInfo->size / sizeof(kmod_info_t *) <= UINT_MAX);
1113	gBuiltinKmodsCount = (unsigned int)(gBuiltinKmodsSectionInfo->size / sizeof(kmod_info_t *));
1114
1115	gBuiltinKmodsSectionStart = getsectbyname(kPrelinkInfoSegment, kBuiltinStartSection);
1116	assert(gBuiltinKmodsSectionStart);
1117	assert(gBuiltinKmodsSectionStart->addr);
1118	assert(gBuiltinKmodsSectionStart->size);
1119	assert(gBuiltinKmodsSectionStart->size / sizeof(uintptr_t) <= UINT_MAX);
1120	count = (unsigned int)(gBuiltinKmodsSectionStart->size / sizeof(uintptr_t));
1121	// one extra pointer for the end of last kmod
1122	assert(count == (gBuiltinKmodsCount + `1`));
1123
1124	vm_kernel_builtinkmod_text = ((uintptr_t *)gBuiltinKmodsSectionStart->addr)[`0`];
1125	vm_kernel_builtinkmod_text_end = ((uintptr_t *)gBuiltinKmodsSectionStart->addr)[count - `1`];
1126	}
1127
1128	// Don't track this object -- it's never released
1129	gIOSurfaceIdentifier = OSSymbol::withCStringNoCopy(cString: "com.apple.iokit.IOSurface").detach();
1130
1131	timestamp = __OSAbsoluteTimePtr(abstime: &last_loaded_timestamp);
1132	*timestamp = `0`;
1133	timestamp = __OSAbsoluteTimePtr(abstime: &last_unloaded_timestamp);
1134	*timestamp = `0`;
1135	timestamp = __OSAbsoluteTimePtr(abstime: &sLastWakeTime);
1136	*timestamp = `0`;
1137
1138	OSKextLog(/ kext / NULL,
1139	kOSKextLogProgressLevel \|
1140	kOSKextLogGeneralFlag,
1141	format: "Kext system initialized.");
1142
1143	notifyKextLoadObservers(sKernelKext, sKernelKext->kmod_info);
1144	#if CONFIG_SPTM
1145	notifyKextLoadObservers(SPTMKext, SPTMKext->kmod_info);
1146	notifyKextLoadObservers(TXMKext, TXMKext->kmod_info);
1147	#endif
1148
1149	return;
1150	}
1151
1152	/*********************************************************************
1153	* This is expected to be called exactly once, from exactly one thread
1154	* context, during kernel bootstrap.
1155	*********************************************************************/
1156	/ static /
1157	OSReturn
1158	OSKext::removeKextBootstrap(void)
1159	{
1160	OSReturn result = kOSReturnError;
1161
1162	const char * dt_kernel_header_name = "Kernel-__HEADER";
1163	const char * dt_kernel_symtab_name = "Kernel-__SYMTAB";
1164	kernel_mach_header_t * dt_mach_header = NULL;
1165	int dt_mach_header_size = `0`;
1166	struct symtab_command * dt_symtab = NULL;
1167	int dt_symtab_size = `0`;
1168	int dt_result = `0`;
1169
1170	kernel_segment_command_t * seg_kld = NULL;
1171	kernel_segment_command_t * seg_klddata = NULL;
1172	kernel_segment_command_t * seg_linkedit = NULL;
1173
1174	const char __unused * dt_segment_name = NULL;
1175	void __unused * segment_paddress = NULL;
1176	int __unused segment_size = `0`;
1177
1178	OSKextLog(/ kext / NULL,
1179	kOSKextLogProgressLevel \|
1180	kOSKextLogGeneralFlag,
1181	format: "Jettisoning kext bootstrap segments.");
1182
1183	/*
1184	* keep the linkedit segment around when booted from a new MH_FILESET
1185	* KC because all the kexts shared a linkedit segment.
1186	*/
1187	kc_format_t kc_format;
1188	if (!PE_get_primary_kc_format(type: &kc_format)) {
1189	OSKextLog(/ kext / NULL,
1190	kOSKextLogErrorLevel \|
1191	kOSKextLogGeneralFlag,
1192	format: "Unable to determine primary KC format");
1193	}
1194
1195	/*****
1196	* Dispose of unnecessary stuff that the booter didn't need to load.
1197	*/
1198	dt_result = IODTGetLoaderInfo(key: dt_kernel_header_name,
1199	infoAddr: (void **)&dt_mach_header, infoSize: &dt_mach_header_size);
1200	if (dt_result == `0` && dt_mach_header) {
1201	IODTFreeLoaderInfo(key: dt_kernel_header_name, infoAddr: (void *)dt_mach_header,
1202	infoSize: round_page_32(x: dt_mach_header_size));
1203	}
1204	dt_result = IODTGetLoaderInfo(key: dt_kernel_symtab_name,
1205	infoAddr: (void **)&dt_symtab, infoSize: &dt_symtab_size);
1206	if (dt_result == `0` && dt_symtab) {
1207	IODTFreeLoaderInfo(key: dt_kernel_symtab_name, infoAddr: (void *)dt_symtab,
1208	infoSize: round_page_32(x: dt_symtab_size));
1209	}
1210
1211	/*****
1212	* KLD & KLDDATA bootstrap segments.
1213	*/
1214	// xxx - should rename KLD segment
1215	seg_kld = getsegbyname(seg_name: "__KLD");
1216	seg_klddata = getsegbyname(seg_name: "__KLDDATA");
1217	if (seg_klddata) {
1218	// __mod_term_func is part of __KLDDATA
1219	OSRuntimeUnloadCPPForSegment(segment: seg_klddata);
1220	}
1221
1222	#if __arm__ \|\| __arm64__
1223	/ Free the memory that was set up by iBoot.*
1224	*/
1225	#if !defined(KERNEL_INTEGRITY_KTRR) && !defined(KERNEL_INTEGRITY_CTRR)
1226	/ We cannot free the KLD segment with CTRR enabled as it contains text and*
1227	* is covered by the contiguous rorgn.
1228	*/
1229	dt_segment_name = "Kernel-__KLD";
1230	if (`0` == IODTGetLoaderInfo(key: dt_segment_name, infoAddr: &segment_paddress, infoSize: &segment_size)) {
1231	IODTFreeLoaderInfo(key: dt_segment_name, infoAddr: (void *)segment_paddress,
1232	infoSize: (int)segment_size); // calls ml_static_mfree
1233	} else if (seg_kld && seg_kld->vmaddr && seg_kld->vmsize) {
1234	/ With fileset KCs, the Kernel KLD segment is not recorded in the DT. /
1235	#if !CONFIG_SPTM
1236	ml_static_mfree(ml_static_ptovirt(seg_kld->vmaddr - gVirtBase + gPhysBase),
1237	seg_kld->vmsize);
1238	#else
1239	ml_static_mfree(seg_kld->vmaddr), seg_kld->vmsize);
1240	#endif
1241	}
1242	#endif
1243	dt_segment_name = "Kernel-__KLDDATA";
1244	if (`0` == IODTGetLoaderInfo(key: dt_segment_name, infoAddr: &segment_paddress, infoSize: &segment_size)) {
1245	IODTFreeLoaderInfo(key: dt_segment_name, infoAddr: (void *)segment_paddress,
1246	infoSize: (int)segment_size); // calls ml_static_mfree
1247	} else if (seg_klddata && seg_klddata->vmaddr && seg_klddata->vmsize) {
1248	/ With fileset KCs, the Kernel KLDDATA segment is not recorded in the DT. /
1249	#if !CONFIG_SPTM
1250	ml_static_mfree(ml_static_ptovirt(seg_klddata->vmaddr - gVirtBase + gPhysBase),
1251	seg_klddata->vmsize);
1252	#else
1253	ml_static_mfree(seg_klddata->vmaddr, seg_klddata->vmsize);
1254	#endif
1255	}
1256	#elif __i386__ \|\| __x86_64__
1257	/ On x86, use the mapping data from the segment load command to*
1258	* unload KLD & KLDDATA directly.
1259	* This may invalidate any assumptions about "avail_start"
1260	* defining the lower bound for valid physical addresses.
1261	*/
1262	if (seg_kld && seg_kld->vmaddr && seg_kld->vmsize) {
1263	bzero((void *)seg_kld->vmaddr, seg_kld->vmsize);
1264	ml_static_mfree(seg_kld->vmaddr, seg_kld->vmsize);
1265	}
1266	if (seg_klddata && seg_klddata->vmaddr && seg_klddata->vmsize) {
1267	bzero((void *)seg_klddata->vmaddr, seg_klddata->vmsize);
1268	ml_static_mfree(seg_klddata->vmaddr, seg_klddata->vmsize);
1269	}
1270	#else
1271	#error arch
1272	#endif
1273
1274	/*****
1275	* Prelinked kernel's symtab (if there is one).
1276	*/
1277	if (kc_format != KCFormatFileset) {
1278	kernel_section_t * sect;
1279	sect = getsectbyname(seg_name: "__PRELINK", sect_name: "__symtab");
1280	if (sect && sect->addr && sect->size) {
1281	ml_static_mfree(sect->addr, sect->size);
1282	}
1283	}
1284
1285	seg_linkedit = (kernel_segment_command_t *)getsegbyname(seg_name: "__LINKEDIT");
1286
1287	/ kxld always needs the kernel's __LINKEDIT segment, but we can make it*
1288	* pageable, unless keepsyms is set. To do that, we have to copy it from
1289	* its booter-allocated memory, free the booter memory, reallocate proper
1290	* managed memory, then copy the segment back in.
1291	*
1292	* NOTE: This optimization is not valid for fileset KCs because each
1293	* fileset entry (kext or xnu) in an MH_FILESET has a LINKEDIT segment
1294	* that points to one fileset-global LINKEDIT segment. This
1295	* optimization is also only valid for platforms that support vm
1296	* mapped kexts or mapped kext collections (pageable KCs)
1297	*/
1298	#if VM_MAPPED_KEXTS
1299	if (!sKeepSymbols && kc_format != KCFormatFileset) {
1300	kern_return_t mem_result;
1301	void *seg_copy = NULL;
1302	void *seg_data = NULL;
1303	vm_map_offset_t seg_offset = `0`;
1304	vm_map_offset_t seg_copy_offset = `0`;
1305	vm_map_size_t seg_length = `0`;
1306
1307	seg_data = (void *) seg_linkedit->vmaddr;
1308	seg_offset = (vm_map_offset_t) seg_linkedit->vmaddr;
1309	seg_length = (vm_map_size_t) seg_linkedit->vmsize;
1310
1311	/ Allocate space for the LINKEDIT copy.*
1312	*/
1313	mem_result = kmem_alloc(kernel_map, (vm_offset_t *) &seg_copy,
1314	seg_length, KMA_ZERO, VM_KERN_MEMORY_KEXT);
1315	if (mem_result != KERN_SUCCESS) {
1316	OSKextLog(/ kext / NULL,
1317	kOSKextLogErrorLevel \|
1318	kOSKextLogGeneralFlag \| kOSKextLogArchiveFlag,
1319	"Can't copy __LINKEDIT segment for VM reassign.");
1320	return result;
1321	}
1322	seg_copy_offset = (vm_map_offset_t) seg_copy;
1323
1324	/ Copy it out.*
1325	*/
1326	memcpy(seg_copy, seg_data, seg_length);
1327
1328	/ Dump the booter memory.*
1329	*/
1330	ml_static_mfree(seg_offset, seg_length);
1331
1332	/ Set up the VM region.*
1333	*/
1334	mem_result = vm_map_enter_mem_object(
1335	kernel_map,
1336	&seg_offset,
1337	seg_length, / mask / `0`,
1338	VM_MAP_KERNEL_FLAGS_FIXED(.vmf_overwrite = true),
1339	(ipc_port_t)NULL,
1340	(vm_object_offset_t) `0`,
1341	/ copy / FALSE,
1342	/ cur_protection / VM_PROT_READ \| VM_PROT_WRITE,
1343	/ max_protection / VM_PROT_ALL,
1344	/ inheritance / VM_INHERIT_DEFAULT);
1345	if ((mem_result != KERN_SUCCESS) \|\|
1346	(seg_offset != (vm_map_offset_t) seg_data)) {
1347	OSKextLog(/ kext / NULL,
1348	kOSKextLogErrorLevel \|
1349	kOSKextLogGeneralFlag \| kOSKextLogArchiveFlag,
1350	"Can't create __LINKEDIT VM entry at %p, length 0x%llx (error 0x%x).",
1351	seg_data, seg_length, mem_result);
1352	return result;
1353	}
1354
1355	/ And copy it back.*
1356	*/
1357	memcpy(seg_data, seg_copy, seg_length);
1358
1359	/ Free the copy.*
1360	*/
1361	kmem_free(kernel_map, seg_copy_offset, seg_length);
1362	} else if (!sKeepSymbols && kc_format == KCFormatFileset) {
1363	/ Remove the linkedit segment of the Boot KC /
1364	kernel_mach_header_t mh = (kernel_mach_header_t )PE_get_kc_header(KCKindPrimary);
1365	OSKext::jettisonFileSetLinkeditSegment(mh);
1366	}
1367	#else // !VM_MAPPED_KEXTS
1368	/*****
1369	* Dump the LINKEDIT segment, unless keepsyms is set.
1370	*/
1371	if (!sKeepSymbols && kc_format != KCFormatFileset) {
1372	dt_segment_name = "Kernel-__LINKEDIT";
1373	if (`0` == IODTGetLoaderInfo(key: dt_segment_name,
1374	infoAddr: &segment_paddress, infoSize: &segment_size)) {
1375	#ifdef SECURE_KERNEL
1376	vm_offset_t vmaddr = ml_static_ptovirt((vm_offset_t)segment_paddress);
1377	bzero((void*)vmaddr, segment_size);
1378	#endif
1379	IODTFreeLoaderInfo(key: dt_segment_name, infoAddr: (void *)segment_paddress,
1380	infoSize: (int)segment_size);
1381	}
1382	} else if (!sKeepSymbols && kc_format == KCFormatFileset) {
1383	/ Remove the linkedit segment of the Boot KC /
1384	kernel_mach_header_t mh = (kernel_mach_header_t )PE_get_kc_header(type: KCKindPrimary);
1385	OSKext::jettisonFileSetLinkeditSegment(mh);
1386	} else {
1387	OSKextLog(/ kext / NULL,
1388	kOSKextLogBasicLevel \|
1389	kOSKextLogGeneralFlag,
1390	format: "keepsyms boot arg specified; keeping linkedit segment for symbols.");
1391	}
1392	#endif // VM_MAPPED_KEXTS
1393
1394	result = kOSReturnSuccess;
1395
1396	return result;
1397	}
1398
1399	#if CONFIG_KXLD
1400	/*********************************************************************
1401	*********************************************************************/
1402	void
1403	OSKext::flushNonloadedKexts(
1404	Boolean flushPrelinkedKexts)
1405	{
1406	OSSharedPtr<OSSet> keepKexts;
1407
1408	/ TODO: make this more efficient with MH_FILESET kexts /
1409
1410	// Do not unload prelinked kexts on arm because the kernelcache is not
1411	// structured in a way that allows them to be unmapped
1412	#if !defined(__x86_64__)
1413	flushPrelinkedKexts = false;
1414	#endif /* defined(__x86_64__) */
1415
1416	IORecursiveLockLock(sKextLock);
1417
1418	OSKextLog(/ kext / NULL,
1419	kOSKextLogProgressLevel \|
1420	kOSKextLogKextBookkeepingFlag,
1421	"Flushing nonloaded kexts and other unused data.");
1422
1423	OSKext::considerDestroyingLinkContext();
1424
1425	/ If we aren't flushing unused prelinked kexts, we have to put them*
1426	* aside while we flush everything else so make a container for them.
1427	*/
1428	keepKexts = OSSet::withCapacity(`16`);
1429	if (!keepKexts) {
1430	goto finish;
1431	}
1432
1433	/ Set aside prelinked kexts (in-use or not) and break*
1434	* any lingering inter-kext references for nonloaded kexts
1435	* so they have min. retain counts.
1436	*/
1437	{
1438	sKextsByID->iterateObjects(^bool (const OSSymbol * thisID __unused, OSObject * obj) {
1439	OSKext * thisKext = OSDynamicCast(OSKext, obj);
1440	if (!thisKext) {
1441	return false;
1442	}
1443	if (!flushPrelinkedKexts && thisKext->isPrelinked()) {
1444	keepKexts->setObject(thisKext);
1445	} else if (!thisKext->declaresExecutable()) {
1446	/*
1447	* Don't unload codeless kexts, because they never appear in the loadedKexts array.
1448	* Requesting one from the IOKit daemon will load it and then immediately remove it by calling
1449	* flushNonloadedKexts().
1450	* And adding one to loadedKexts breaks code assuming they have kmod_info etc.
1451	*/
1452	keepKexts->setObject(thisKext);
1453	} else if (thisKext->isInFileset()) {
1454	/ keep all kexts in the new MH_FILESET KC /
1455	keepKexts->setObject(thisKext);
1456	}
1457
1458	thisKext->flushDependencies(/ forceIfLoaded / false);
1459	return false;
1460	});
1461	}
1462	/ Dump all the kexts in the ID dictionary; we'll repopulate it shortly.*
1463	*/
1464	sKextsByID->flushCollection();
1465
1466	/ Now put the loaded kexts back into the ID dictionary.*
1467	*/
1468	sLoadedKexts->iterateObjects(^bool (OSObject * obj) {
1469	OSKext * thisKext = OSDynamicCast(OSKext, obj);
1470	if (!thisKext) {
1471	return false;
1472	}
1473	sKextsByID->setObject(thisKext->getIdentifierCString(), thisKext);
1474	return false;
1475	});
1476
1477	/ Finally, put back the kept kexts if we saved any.*
1478	*/
1479	keepKexts->iterateObjects(^bool (OSObject * obj) {
1480	OSKext * thisKext = OSDynamicCast(OSKext, obj);
1481	if (!thisKext) {
1482	return false;
1483	}
1484	sKextsByID->setObject(thisKext->getIdentifierCString(), thisKext);
1485	return false;
1486	});
1487
1488	finish:
1489	IORecursiveLockUnlock(sKextLock);
1490	return;
1491	}
1492	#else /* !CONFIG_KXLD */
1493
1494	void
1495	OSKext::flushNonloadedKexts(
1496	Boolean flushPrelinkedKexts __unused)
1497	{
1498	IORecursiveLockLock(lock: sKextLock);
1499
1500	OSKextLog(/ kext / NULL,
1501	kOSKextLogProgressLevel \|
1502	kOSKextLogKextBookkeepingFlag,
1503	format: "Flushing dependency info for non-loaded kexts.");
1504
1505	/*
1506	* In a world where we don't dynamically link kexts, they all come
1507	* from a kext collection that's either in wired memory, or
1508	* wire-on-demand. We don't need to mess around with moving kexts in
1509	* and out of the sKextsByID array - they can all just stay there.
1510	* Here we just flush the dependency list for kexts that are not
1511	* loaded.
1512	*/
1513	sKextsByID ->iterateObjects(block: ^bool (const OSSymbol * thisID __unused, OSObject * obj) {
1514	OSKext * thisKext = OSDynamicCast(OSKext, obj);
1515	if (!thisKext) {
1516	return false;
1517	}
1518	thisKext->flushDependencies(/ forceIfLoaded / forceFlag: false);
1519	return false;
1520	});
1521
1522	IORecursiveLockUnlock(lock: sKextLock);
1523	return;
1524	}
1525
1526	#endif /* CONFIG_KXLD */
1527
1528	/*********************************************************************
1529	*********************************************************************/
1530	/ static /
1531	void
1532	OSKext::setIOKitDaemonActive(bool active)
1533	{
1534	IOServiceTrace(IOSERVICE_KEXTD_ALIVE, `0`, `0`, `0`, `0`);
1535	IORecursiveLockLock(lock: sKextLock);
1536	sIOKitDaemonActive = active;
1537	if (sKernelRequests ->getCount()) {
1538	OSKext::pingIOKitDaemon();
1539	}
1540	IORecursiveLockUnlock(lock: sKextLock);
1541
1542	return;
1543	}
1544
1545	/*********************************************************************
1546	* OSKextLib.cpp might need access to this someday but for now it's
1547	* private.
1548	*********************************************************************/
1549	extern "C" {
1550	extern void ipc_port_release_send(ipc_port_t);
1551	};
1552
1553	/ static /
1554	OSReturn
1555	OSKext::pingIOKitDaemon(void)
1556	{
1557	OSReturn result = kOSReturnError;
1558	#if !NO_KEXTD
1559	mach_port_t kextd_port = IPC_PORT_NULL;
1560
1561	if (!sIOKitDaemonActive) {
1562	result = kOSKextReturnDisabled; // basically unavailable
1563	goto finish;
1564	}
1565
1566	result = host_get_kextd_port(host_priv_self(), &kextd_port);
1567	if (result != KERN_SUCCESS \|\| !IPC_PORT_VALID(kextd_port)) {
1568	OSKextLog(/ kext / NULL,
1569	kOSKextLogErrorLevel \|
1570	kOSKextLogIPCFlag,
1571	format: "Can't get " kIOKitDaemonName " port.");
1572	goto finish;
1573	}
1574
1575	result = kextd_ping(server: kextd_port);
1576	if (result != KERN_SUCCESS) {
1577	OSKextLog(/ kext / NULL,
1578	kOSKextLogErrorLevel \|
1579	kOSKextLogIPCFlag,
1580	kIOKitDaemonName " ping failed (0x%x).", (int)result);
1581	goto finish;
1582	}
1583
1584	finish:
1585	if (IPC_PORT_VALID(kextd_port)) {
1586	ipc_port_release_send(kextd_port);
1587	}
1588	#endif
1589
1590	return result;
1591	}
1592
1593	/*********************************************************************
1594	*********************************************************************/
1595	/ static /
1596	bool
1597	OSKext::driverkitEnabled(void)
1598	{
1599	#if XNU_TARGET_OS_WATCH
1600	return false;
1601	#else //!XNU_TARGET_OS_WATCH
1602	return true;
1603	#endif //XNU_TARGET_OS_WATCH
1604	}
1605
1606	/*********************************************************************
1607	*********************************************************************/
1608	/ static /
1609	bool
1610	OSKext::iokitDaemonAvailable(void)
1611	{
1612	int notused;
1613	if (PE_parse_boot_argn(arg_string: "-restore", arg_ptr: &notused, max_arg: sizeof(notused))) {
1614	return false;
1615	}
1616	return driverkitEnabled();
1617	}
1618
1619	/*********************************************************************
1620	*********************************************************************/
1621	/ static /
1622	void
1623	OSKext::setDeferredLoadSucceeded(Boolean succeeded)
1624	{
1625	IORecursiveLockLock(lock: sKextLock);
1626	sDeferredLoadSucceeded = succeeded;
1627	IORecursiveLockUnlock(lock: sKextLock);
1628
1629	return;
1630	}
1631
1632	/*********************************************************************
1633	* Called from IOSystemShutdownNotification.
1634	*********************************************************************/
1635	/ static /
1636	void
1637	OSKext::willShutdown(void)
1638	{
1639	#if !NO_KEXTD
1640	OSReturn checkResult = kOSReturnError;
1641	#endif
1642	OSSharedPtr<OSDictionary> exitRequest;
1643
1644	IORecursiveLockLock(lock: sKextLock);
1645
1646	OSKext::setLoadEnabled(false);
1647	OSKext::setUnloadEnabled(false);
1648	OSKext::setAutounloadsEnabled(false);
1649	OSKext::setKernelRequestsEnabled(false);
1650
1651	#if defined(__x86_64__) \|\| defined(__i386__)
1652	if (IOPMRootDomainGetWillShutdown()) {
1653	OSKext::freeKCFileSetcontrol();
1654	}
1655	#endif // (__x86_64__) \|\| defined(__i386__)
1656
1657	#if !NO_KEXTD
1658	OSKextLog(/ kext / NULL,
1659	kOSKextLogProgressLevel \|
1660	kOSKextLogGeneralFlag,
1661	format: "System shutdown; requesting immediate " kIOKitDaemonName " exit.");
1662
1663	checkResult = _OSKextCreateRequest(kKextRequestPredicateRequestDaemonExit,
1664	requestP&: exitRequest);
1665	if (checkResult != kOSReturnSuccess) {
1666	goto finish;
1667	}
1668	if (!sKernelRequests ->setObject(exitRequest.get())) {
1669	goto finish;
1670	}
1671
1672	OSKext::pingIOKitDaemon();
1673
1674	finish:
1675	#endif
1676
1677	IORecursiveLockUnlock(lock: sKextLock);
1678	return;
1679	}
1680
1681	void
1682	OSKext::willUserspaceReboot(void)
1683	{
1684	OSKext::willShutdown();
1685	IOService::userSpaceWillReboot();
1686	gIOCatalogue ->terminateDriversForUserspaceReboot();
1687	}
1688
1689	void
1690	OSKext::resetAfterUserspaceReboot(void)
1691	{
1692	OSSharedPtr<OSArray> arr = OSArray::withCapacity(capacity: `1`);
1693	IOService::updateConsoleUsers(consoleUsers: arr.get(), systemMessage: `0`, afterUserspaceReboot: true / after_userspace_reboot /);
1694
1695	IORecursiveLockLock(lock: sKextLock);
1696	gIOCatalogue ->resetAfterUserspaceReboot();
1697	IOService::userSpaceDidReboot();
1698	OSKext::removeDaemonExitRequests();
1699	OSKext::setLoadEnabled(true);
1700	OSKext::setUnloadEnabled(true);
1701	OSKext::setAutounloadsEnabled(true);
1702	OSKext::setKernelRequestsEnabled(true);
1703	sOSKextWasResetAfterUserspaceReboot = true;
1704	IORecursiveLockUnlock(lock: sKextLock);
1705	}
1706
1707	extern "C" void
1708	OSKextResetAfterUserspaceReboot(void)
1709	{
1710	OSKext::resetAfterUserspaceReboot();
1711	}
1712
1713	/*
1714	* Remove daemon exit requests from sKernelRequests
1715	*
1716	* If we sent a daemon exit request during a userspace reboot and launchd
1717	* killed the IOKit daemon before it was able to dequeue the exit request, the
1718	* next time the daemon starts up it will immediately exit as it gets the old exit request.
1719	*
1720	* This removes exit requests so that this does not happen.
1721	*/
1722	void
1723	OSKext::removeDaemonExitRequests(void)
1724	{
1725	OSDictionary * current = NULL;
1726	OSString * predicate = NULL;
1727	size_t index = `0`;
1728	OSSharedPtr<const OSSymbol> predicateKey = OSSymbol::withCString(kKextRequestPredicateKey);
1729
1730	while (index < sKernelRequests ->getCount()) {
1731	current = OSDynamicCast(OSDictionary, sKernelRequests ->getObject(index));
1732	if (current) {
1733	predicate = OSDynamicCast(OSString, current->getObject(predicateKey.get()));
1734	if (predicate && predicate->isEqualTo(kKextRequestPredicateRequestDaemonExit)) {
1735	sKernelRequests ->removeObject(index);
1736	continue;
1737	}
1738	}
1739	index++;
1740	}
1741	}
1742
1743	/*********************************************************************
1744	*********************************************************************/
1745	/ static /
1746	bool
1747	OSKext::getLoadEnabled(void)
1748	{
1749	bool result;
1750
1751	IORecursiveLockLock(lock: sKextLock);
1752	result = sLoadEnabled;
1753	IORecursiveLockUnlock(lock: sKextLock);
1754	return result;
1755	}
1756
1757	/*********************************************************************
1758	*********************************************************************/
1759	/ static /
1760	bool
1761	OSKext::setLoadEnabled(bool flag)
1762	{
1763	bool result;
1764
1765	IORecursiveLockLock(lock: sKextLock);
1766	result = sLoadEnabled;
1767	sLoadEnabled = (flag ? true : false);
1768
1769	if (sLoadEnabled != result) {
1770	OSKextLog(/ kext / NULL,
1771	kOSKextLogBasicLevel \|
1772	kOSKextLogLoadFlag,
1773	format: "Kext loading now %sabled.", sLoadEnabled ? "en" : "dis");
1774	}
1775
1776	IORecursiveLockUnlock(lock: sKextLock);
1777
1778	return result;
1779	}
1780
1781	/*********************************************************************
1782	*********************************************************************/
1783	/ static /
1784	bool
1785	OSKext::getUnloadEnabled(void)
1786	{
1787	bool result;
1788
1789	IORecursiveLockLock(lock: sKextLock);
1790	result = sUnloadEnabled;
1791	IORecursiveLockUnlock(lock: sKextLock);
1792	return result;
1793	}
1794
1795	/*********************************************************************
1796	*********************************************************************/
1797	/ static /
1798	bool
1799	OSKext::setUnloadEnabled(bool flag)
1800	{
1801	bool result;
1802
1803	IORecursiveLockLock(lock: sKextLock);
1804	result = sUnloadEnabled;
1805	sUnloadEnabled = (flag ? true : false);
1806	IORecursiveLockUnlock(lock: sKextLock);
1807
1808	if (sUnloadEnabled != result) {
1809	OSKextLog(/ kext / NULL,
1810	kOSKextLogBasicLevel \|
1811	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
1812	format: "Kext unloading now %sabled.", sUnloadEnabled ? "en" : "dis");
1813	}
1814
1815	return result;
1816	}
1817
1818	/*********************************************************************
1819	* Do not call any function that takes sKextLock here!
1820	*********************************************************************/
1821	/ static /
1822	bool
1823	OSKext::getAutounloadEnabled(void)
1824	{
1825	#if XNU_TARGET_OS_OSX
1826	bool result;
1827
1828	IORecursiveLockLock(lock: sKextInnerLock);
1829	result = sAutounloadEnabled ? true : false;
1830	IORecursiveLockUnlock(lock: sKextInnerLock);
1831	return result;
1832	#else
1833	return false;
1834	#endif /* XNU_TARGET_OS_OSX */
1835	}
1836
1837	/*********************************************************************
1838	* Do not call any function that takes sKextLock here!
1839	*********************************************************************/
1840	/ static /
1841	bool
1842	OSKext::setAutounloadsEnabled(bool flag)
1843	{
1844	#if XNU_TARGET_OS_OSX
1845	bool result;
1846
1847	IORecursiveLockLock(lock: sKextInnerLock);
1848
1849	result = sAutounloadEnabled;
1850	sAutounloadEnabled = (flag ? true : false);
1851	if (!sAutounloadEnabled && sUnloadCallout) {
1852	thread_call_cancel(call: sUnloadCallout);
1853	}
1854
1855	if (sAutounloadEnabled != result) {
1856	OSKextLog(/ kext / NULL,
1857	kOSKextLogBasicLevel \|
1858	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
1859	format: "Kext autounloading now %sabled.",
1860	sAutounloadEnabled ? "en" : "dis");
1861	}
1862
1863	IORecursiveLockUnlock(lock: sKextInnerLock);
1864
1865	return result;
1866	#else
1867	(void)flag;
1868	return false;
1869	#endif /* XNU_TARGET_OS_OSX */
1870	}
1871
1872	/*********************************************************************
1873	*********************************************************************/
1874	/ instance method operating on OSKext field /
1875	bool
1876	OSKext::setAutounloadEnabled(bool flag)
1877	{
1878	bool result = flags.autounloadEnabled ? true : false;
1879	flags.autounloadEnabled = flag ? (`0` == flags.unloadUnsupported) : `0`;
1880
1881	if (result != (flag ? true : false)) {
1882	OSKextLog(aKext: this,
1883	kOSKextLogProgressLevel \|
1884	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
1885	format: "Autounloading for kext %s now %sabled.",
1886	getIdentifierCString(),
1887	flags.autounloadEnabled ? "en" : "dis");
1888	}
1889	return result;
1890	}
1891
1892	/*********************************************************************
1893	*********************************************************************/
1894	/ static /
1895	bool
1896	OSKext::setKernelRequestsEnabled(bool flag)
1897	{
1898	bool result;
1899
1900	IORecursiveLockLock(lock: sKextLock);
1901	result = sKernelRequestsEnabled;
1902	sKernelRequestsEnabled = flag ? true : false;
1903
1904	if (sKernelRequestsEnabled != result) {
1905	OSKextLog(/ kext / NULL,
1906	kOSKextLogBasicLevel \|
1907	kOSKextLogGeneralFlag,
1908	format: "Kernel requests now %sabled.",
1909	sKernelRequestsEnabled ? "en" : "dis");
1910	}
1911	IORecursiveLockUnlock(lock: sKextLock);
1912	return result;
1913	}
1914
1915	/*********************************************************************
1916	*********************************************************************/
1917	/ static /
1918	bool
1919	OSKext::getKernelRequestsEnabled(void)
1920	{
1921	bool result;
1922
1923	IORecursiveLockLock(lock: sKextLock);
1924	result = sKernelRequestsEnabled;
1925	IORecursiveLockUnlock(lock: sKextLock);
1926	return result;
1927	}
1928
1929	static bool
1930	segmentIsMutable(kernel_segment_command_t *seg)
1931	{
1932	/ Mutable segments have to have VM_PROT_WRITE /
1933	if ((seg->maxprot & VM_PROT_WRITE) == `0`) {
1934	return false;
1935	}
1936	/ Exclude the __DATA_CONST segment /
1937	if (strncmp(s1: seg->segname, s2: "__DATA_CONST", n: sizeof(seg->segname)) == `0`) {
1938	return false;
1939	}
1940	/ Exclude __LINKEDIT /
1941	if (strncmp(s1: seg->segname, s2: "__LINKEDIT", n: sizeof(seg->segname)) == `0`) {
1942	return false;
1943	}
1944	return true;
1945	}
1946
1947	#if PRAGMA_MARK
1948	#pragma mark Kext Life Cycle
1949	#endif
1950	/*********************************************************************
1951	*********************************************************************/
1952	OSSharedPtr<OSKext>
1953	OSKext::withPrelinkedInfoDict(
1954	OSDictionary * anInfoDict,
1955	bool doCoalescedSlides,
1956	kc_kind_t type)
1957	{
1958	OSSharedPtr<OSKext> newKext(OSMakeShared<OSKext>());
1959
1960	if (newKext && !newKext ->initWithPrelinkedInfoDict(infoDict: anInfoDict, doCoalesedSlides: doCoalescedSlides, type)) {
1961	return NULL;
1962	}
1963
1964	return newKext;
1965	}
1966
1967	OSData *
1968	OSKext::parseDextUniqueID(
1969	OSDictionary * anInfoDict,
1970	const char *dextIDCS)
1971	{
1972	OSData *ret = NULL;
1973	OSData *data_duid = OSDynamicCast(OSData, anInfoDict->getObject(kOSBundleDextUniqueIdentifierKey));
1974	if (data_duid != NULL) {
1975	if (data_duid->getLength() > KOSBundleDextUniqueIdentifierMaxLength) {
1976	OSKextLog(NULL,
1977	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
1978	format: "Dext %s DextUniqueIdentifier too long.",
1979	dextIDCS);
1980	} else {
1981	/*
1982	* If the DextUniqueID exists it should be
1983	* present also into the personalities.
1984	*/
1985	setDextUniqueIDInPersonalities(anInfoDict, dextUniqueID: data_duid);
1986	ret = data_duid;
1987	}
1988	} else {
1989	OSKextLog(NULL,
1990	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
1991	format: "Dext %s does not have a DextUniqueIdentifier",
1992	dextIDCS);
1993	}
1994	return ret;
1995	}
1996
1997	void
1998	OSKext::setDextUniqueIDInPersonalities(
1999	OSDictionary * anInfoDict,
2000	OSData * dextUniqueID)
2001	{
2002	OSDictionary * dextPersonalities = NULL;
2003	OSSharedPtr<OSCollectionIterator> personalitiesIterator;
2004	OSString * personalityName = NULL;
2005
2006	dextPersonalities = OSDynamicCast(OSDictionary,
2007	anInfoDict->getObject(kIOKitPersonalitiesKey));
2008	if (!dextPersonalities \|\| !dextPersonalities->getCount()) {
2009	return;
2010	}
2011
2012	personalitiesIterator =
2013	OSCollectionIterator::withCollection(inColl: dextPersonalities);
2014	if (!personalitiesIterator) {
2015	return;
2016	}
2017	while ((personalityName = OSDynamicCast(OSString,
2018	personalitiesIterator ->getNextObject()))) {
2019	OSDictionary * personality = OSDynamicCast(OSDictionary,
2020	dextPersonalities->getObject(personalityName));
2021	if (personality) {
2022	OSObject *duid = personality->getObject(kOSBundleDextUniqueIdentifierKey);
2023	if (duid == NULL) {
2024	personality->setObject(kOSBundleDextUniqueIdentifierKey, anObject: dextUniqueID);
2025	}
2026	}
2027	}
2028	}
2029	/*********************************************************************
2030	*********************************************************************/
2031	bool
2032	OSKext::initWithPrelinkedInfoDict(
2033	OSDictionary * anInfoDict,
2034	bool doCoalescedSlides,
2035	kc_kind_t type)
2036	{
2037	bool result = false;
2038	OSString * kextPath = NULL; // do not release
2039	OSNumber * addressNum = NULL; // reused; do not release
2040	OSNumber * lengthNum = NULL; // reused; do not release
2041	OSBoolean * scratchBool = NULL; // do not release
2042	void * data = NULL; // do not free
2043	void * srcData = NULL; // do not free
2044	OSSharedPtr<OSData> prelinkedExecutable;
2045	uint32_t length = `0`; // reused
2046	uintptr_t kext_slide = PE_get_kc_slide(type);
2047	bool shouldSaveSegments = false;
2048	kc_format format = KCFormatUnknown;
2049
2050	if (!super::init()) {
2051	goto finish;
2052	}
2053
2054	/ Get the path. Don't look for an arch-specific path property.*
2055	*/
2056	kextPath = OSDynamicCast(OSString,
2057	anInfoDict->getObject(kPrelinkBundlePathKey));
2058
2059	if (!setInfoDictionaryAndPath(aDictionary: anInfoDict, aPath: kextPath)) {
2060	goto finish;
2061	}
2062
2063	#if KASLR_KEXT_DEBUG
2064	IOLog("kaslr: doCoalescedSlides %d kext %s \n", doCoalescedSlides, getIdentifierCString());
2065	#endif
2066
2067	/ Also get the executable's bundle-relative path if present.*
2068	* Don't look for an arch-specific path property.
2069	*/
2070	executableRelPath.reset(OSDynamicCast(OSString,
2071	anInfoDict->getObject(kPrelinkExecutableRelativePathKey)), OSRetain);
2072	userExecutableRelPath.reset(OSDynamicCast(OSString,
2073	anInfoDict->getObject(kCFBundleDriverKitExecutableKey)), OSRetain);
2074
2075	/ Don't need the paths to be in the info dictionary any more.*
2076	*/
2077	anInfoDict->removeObject(kPrelinkBundlePathKey);
2078	anInfoDict->removeObject(kPrelinkExecutableRelativePathKey);
2079
2080	scratchBool = OSDynamicCast(OSBoolean,
2081	getPropertyForHostArch(kOSBundleRequireExplicitLoadKey));
2082	if (scratchBool == kOSBooleanTrue) {
2083	flags.requireExplicitLoad = `1`;
2084	}
2085
2086	/ Create an OSData wrapper around the linked executable.*
2087	*/
2088	addressNum = OSDynamicCast(OSNumber,
2089	anInfoDict->getObject(kPrelinkExecutableLoadKey));
2090	if (addressNum && addressNum->unsigned64BitValue() != kOSKextCodelessKextLoadAddr) {
2091	lengthNum = OSDynamicCast(OSNumber,
2092	anInfoDict->getObject(kPrelinkExecutableSizeKey));
2093	if (!lengthNum) {
2094	OSKextLog(aKext: this,
2095	kOSKextLogErrorLevel \|
2096	kOSKextLogArchiveFlag,
2097	format: "Kext %s can't find prelinked kext executable size.",
2098	getIdentifierCString());
2099	return result;
2100	}
2101
2102	data = (void *) (((uintptr_t) (addressNum->unsigned64BitValue())) + kext_slide);
2103	length = (uint32_t) (lengthNum->unsigned32BitValue());
2104
2105	#if KASLR_KEXT_DEBUG
2106	IOLog("kaslr: unslid 0x%lx slid 0x%lx length %u - prelink executable \n",
2107	(unsigned long)ml_static_unslide((vm_offset_t)data),
2108	(unsigned long)data,
2109	length);
2110	#endif
2111
2112	anInfoDict->removeObject(kPrelinkExecutableLoadKey);
2113	anInfoDict->removeObject(kPrelinkExecutableSizeKey);
2114
2115	/ If the kext's load address differs from its source address, allocate*
2116	* space in the kext map at the load address and copy the kext over.
2117	*/
2118	addressNum = OSDynamicCast(OSNumber, anInfoDict->getObject(kPrelinkExecutableSourceKey));
2119	if (addressNum) {
2120	srcData = (void *) (((uintptr_t) (addressNum->unsigned64BitValue())) + kext_slide);
2121
2122	#if KASLR_KEXT_DEBUG
2123	IOLog("kaslr: unslid 0x%lx slid 0x%lx - prelink executable source \n",
2124	(unsigned long)ml_static_unslide((vm_offset_t)srcData),
2125	(unsigned long)srcData);
2126	#endif
2127
2128	if (data != srcData) {
2129	#if __LP64__
2130	kern_return_t alloc_result;
2131
2132	alloc_result = kext_alloc(addr: (vm_offset_t )&data, size: length, /* fixed / TRUE);
2133	if (alloc_result != KERN_SUCCESS) {
2134	OSKextLog(aKext: this,
2135	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
2136	format: "Failed to allocate space for prelinked kext %s.",
2137	getIdentifierCString());
2138	goto finish;
2139	}
2140	memcpy(dst: data, src: srcData, n: length);
2141	#else
2142	OSKextLog(this,
2143	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
2144	"Error: prelinked kext %s - source and load addresses "
2145	"differ on ILP32 architecture.",
2146	getIdentifierCString());
2147	goto finish;
2148	#endif /* __LP64__ */
2149	}
2150
2151	anInfoDict->removeObject(kPrelinkExecutableSourceKey);
2152	}
2153
2154	prelinkedExecutable = OSData::withBytesNoCopy(bytes: data, numBytes: length);
2155	if (!prelinkedExecutable) {
2156	OSKextLog(aKext: this,
2157	kOSKextLogErrorLevel \|
2158	kOSKextLogGeneralFlag \| kOSKextLogArchiveFlag,
2159	format: "Kext %s failed to create executable wrapper.",
2160	getIdentifierCString());
2161	goto finish;
2162	}
2163
2164	/*
2165	* Fileset KCs are mapped as a whole by iBoot.
2166	* Individual kext executables should not be unmapped
2167	* by xnu.
2168	* Doing so may result in panics like rdar://85419651
2169	*/
2170	if (PE_get_kc_format(type: kc_type, format: &format) && (format == KCFormatFileset)) {
2171	prelinkedExecutable ->setDeallocFunction(NULL);
2172	} else { // Not from a Fileset KC
2173	#if VM_MAPPED_KEXTS
2174	prelinkedExecutable->setDeallocFunction(osdata_kext_free);
2175	#else
2176	prelinkedExecutable ->setDeallocFunction(osdata_phys_free);
2177	#endif
2178	}
2179	setLinkedExecutable(prelinkedExecutable.get());
2180	addressNum = OSDynamicCast(OSNumber,
2181	anInfoDict->getObject(kPrelinkKmodInfoKey));
2182	if (!addressNum) {
2183	OSKextLog(aKext: this,
2184	kOSKextLogErrorLevel \|
2185	kOSKextLogArchiveFlag,
2186	format: "Kext %s can't find prelinked kext kmod_info address.",
2187	getIdentifierCString());
2188	goto finish;
2189	}
2190
2191	if (addressNum->unsigned64BitValue() != `0`) {
2192	kmod_info = (kmod_info_t *) (((uintptr_t) (addressNum->unsigned64BitValue())) + kext_slide);
2193	if (kmod_info->address) {
2194	kmod_info->address = (((uintptr_t)(kmod_info->address)) + kext_slide);
2195	} else {
2196	kmod_info->address = (uintptr_t)data;
2197	kmod_info->size = length;
2198	}
2199	#if KASLR_KEXT_DEBUG
2200	IOLog("kaslr: unslid 0x%lx slid 0x%lx - kmod_info \n",
2201	(unsigned long)((vm_offset_t)kmod_info) - kext_slide,
2202	(unsigned long)kmod_info);
2203	IOLog("kaslr: unslid 0x%lx slid 0x%lx - kmod_info->address \n",
2204	(unsigned long)((vm_offset_t)kmod_info->address) - kext_slide,
2205	(unsigned long)kmod_info->address);
2206	#endif
2207	}
2208
2209	anInfoDict->removeObject(kPrelinkKmodInfoKey);
2210	}
2211
2212	if ((addressNum = OSDynamicCast(OSNumber, anInfoDict->getObject("ModuleIndex")))) {
2213	uintptr_t builtinTextStart;
2214	uintptr_t builtinTextEnd;
2215
2216	flags.builtin = true;
2217	builtinKmodIdx = addressNum->unsigned32BitValue();
2218	assert(builtinKmodIdx < gBuiltinKmodsCount);
2219
2220	builtinTextStart = ((uintptr_t *)gBuiltinKmodsSectionStart->addr)[builtinKmodIdx];
2221	builtinTextEnd = ((uintptr_t *)gBuiltinKmodsSectionStart->addr)[builtinKmodIdx + `1`];
2222
2223	kmod_info = ((kmod_info_t **)gBuiltinKmodsSectionInfo->addr)[builtinKmodIdx];
2224	kmod_info->address = builtinTextStart;
2225	kmod_info->size = builtinTextEnd - builtinTextStart;
2226	}
2227
2228	/ If the plist has a UUID for an interface, save that off.*
2229	*/
2230	if (isInterface()) {
2231	interfaceUUID.reset(OSDynamicCast(OSData,
2232	anInfoDict->getObject(kPrelinkInterfaceUUIDKey)), OSRetain);
2233	if (interfaceUUID) {
2234	anInfoDict->removeObject(kPrelinkInterfaceUUIDKey);
2235	}
2236	}
2237
2238	result = (kOSReturnSuccess == slidePrelinkedExecutable(doCoalesedSlides: doCoalescedSlides));
2239	if (!result) {
2240	goto finish;
2241	}
2242
2243	kc_type = type;
2244	/ Exclude builtin and codeless kexts /
2245	if (prelinkedExecutable && kmod_info) {
2246	switch (kc_type) {
2247	case KCKindPrimary:
2248	shouldSaveSegments = (
2249	getPropertyForHostArch(kOSMutableSegmentCopy) == kOSBooleanTrue \|\|
2250	getPropertyForHostArch(kOSBundleAllowUserLoadKey) == kOSBooleanTrue);
2251	if (shouldSaveSegments) {
2252	flags.resetSegmentsFromImmutableCopy = `1`;
2253	} else {
2254	flags.unloadUnsupported = `1`;
2255	}
2256	break;
2257	case KCKindPageable:
2258	flags.resetSegmentsFromVnode = `1`;
2259	break;
2260	case KCKindAuxiliary:
2261	if (!pageableKCloaded) {
2262	flags.resetSegmentsFromImmutableCopy = `1`;
2263	} else if (resetAuxKCSegmentOnUnload) {
2264	flags.resetSegmentsFromVnode = `1`;
2265	} else {
2266	flags.unloadUnsupported = `1`;
2267	}
2268	break;
2269	default:
2270	break;
2271	}
2272	}
2273
2274	if (flags.resetSegmentsFromImmutableCopy) {
2275	/ Save a pristine copy of the mutable segments /
2276	kernel_segment_command_t *seg = NULL;
2277	kernel_mach_header_t k_mh = (kernel_mach_header_t )kmod_info->address;
2278
2279	savedMutableSegments = OSArray::withCapacity(capacity: `0`);
2280
2281	for (seg = firstsegfromheader(header: k_mh); seg; seg = nextsegfromheader(header: k_mh, seg)) {
2282	if (!segmentIsMutable(seg)) {
2283	continue;
2284	}
2285	uint64_t unslid_vmaddr = seg->vmaddr - kext_slide;
2286	uint64_t vmsize = seg->vmsize;
2287	OSKextLog(aKext: this, kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2288	format: "Saving kext %s mutable segment %.s %llx->%llx.", getIdentifierCString(), (int)strnlen(s: seg->segname, n: sizeof*(seg->segname)), seg->segname, unslid_vmaddr, unslid_vmaddr + vmsize - `1`);
2289	OSSharedPtr<OSKextSavedMutableSegment> savedSegment = OSKextSavedMutableSegment::withSegment(seg);
2290	if (!savedSegment) {
2291	OSKextLog(aKext: this,
2292	kOSKextLogErrorLevel \|
2293	kOSKextLogGeneralFlag,
2294	format: "Kext %s failed to save mutable segment %llx->%llx.", getIdentifierCString(), unslid_vmaddr, unslid_vmaddr + vmsize - `1`);
2295	result = false;
2296	goto finish;
2297	}
2298	savedMutableSegments ->setObject(savedSegment);
2299	}
2300	}
2301
2302	if (doCoalescedSlides == false && !flags.resetSegmentsFromVnode) {
2303	/*
2304	* set VM protections now, wire pages for the old style Aux KC now,
2305	* wire pages for the rest of the KC types at load time.
2306	*/
2307	result = (kOSReturnSuccess == setVMAttributes(protect: true, wire: (type == KCKindAuxiliary) ? true : false));
2308	if (!result) {
2309	goto finish;
2310	}
2311	}
2312
2313	flags.prelinked = true;
2314
2315	if (isDriverKit()) {
2316	dextStatistics = OSDextStatistics::create();
2317	dextUniqueID.reset(p: parseDextUniqueID(anInfoDict, dextIDCS: getIdentifierCString()), OSRetain);
2318	dextLaunchedCount = `0`;
2319	}
2320
2321	/ If we created a kext from prelink info,*
2322	* we must be booting from a prelinked kernel.
2323	*/
2324	sPrelinkBoot = true;
2325
2326	result = (registerIdentifier() == kOSKextInitialized);
2327	finish:
2328	return result;
2329	}
2330
2331	/*********************************************************************
2332	*********************************************************************/
2333	/ static /
2334	OSSharedPtr<OSKext>
2335	OSKext::withCodelessInfo(OSDictionary * anInfoDict, OSKextInitResult *result)
2336	{
2337	OSSharedPtr<OSKext> newKext = OSMakeShared<OSKext>();
2338	if (!newKext) {
2339	return NULL;
2340	}
2341
2342	OSKextInitResult ret = newKext ->initWithCodelessInfo(infoDict: anInfoDict);
2343	if (result != NULL) {
2344	*result = ret;
2345	}
2346	if (ret != kOSKextInitialized) {
2347	return NULL;
2348	}
2349
2350	return newKext;
2351	}
2352
2353	/*********************************************************************
2354	*********************************************************************/
2355	OSKextInitResult
2356	OSKext::initWithCodelessInfo(OSDictionary * anInfoDict)
2357	{
2358	OSKextInitResult result = kOSKextInitFailure;
2359	OSString * kextPath = NULL; // do not release
2360	OSBoolean * scratchBool = NULL; // do not release
2361
2362	if (anInfoDict == NULL \|\| !super::init()) {
2363	goto finish;
2364	}
2365
2366	/*
2367	* Get the path. Don't look for an arch-specific path property.
2368	*/
2369	kextPath = OSDynamicCast(OSString,
2370	anInfoDict->getObject(kKextRequestArgumentCodelessInfoBundlePathKey));
2371	if (!kextPath) {
2372	OSKextLog(NULL,
2373	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
2374	format: "Requested codeless kext dictionary does not contain the '%s' key",
2375	kKextRequestArgumentCodelessInfoBundlePathKey);
2376	goto finish;
2377	}
2378
2379	uniquePersonalityProperties(personalityDict: anInfoDict);
2380
2381	if (!setInfoDictionaryAndPath(aDictionary: anInfoDict, aPath: kextPath)) {
2382	goto finish;
2383	}
2384
2385	/*
2386	* This path is meant to initialize codeless kexts only. Refuse
2387	* anything that looks like it has an executable and/or declares
2388	* itself as a kernel component.
2389	*/
2390	if (declaresExecutable() \|\| isKernelComponent()) {
2391	OSKextLog(NULL,
2392	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
2393	format: "Refusing to register codeless kext that declares an executable/kernel component: %s",
2394	getIdentifierCString());
2395	goto finish;
2396	}
2397
2398	if (strcmp(s1: getIdentifierCString(), kIOExcludeListBundleID) == `0`) {
2399	boolean_t updated = updateExcludeList(infoDict: infoDict.get());
2400	if (updated) {
2401	OSKextLog(aKext: this,
2402	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2403	format: "KextExcludeList was updated to version: %lld", sExcludeListVersion);
2404	}
2405	}
2406
2407	kc_type = KCKindNone;
2408
2409	scratchBool = OSDynamicCast(OSBoolean,
2410	getPropertyForHostArch(kOSBundleRequireExplicitLoadKey));
2411	if (scratchBool == kOSBooleanTrue) {
2412	flags.requireExplicitLoad = `1`;
2413	}
2414
2415	/ Also get the executable's bundle-relative path if present.*
2416	* Don't look for an arch-specific path property.
2417	*/
2418	userExecutableRelPath.reset(OSDynamicCast(OSString,
2419	anInfoDict->getObject(kCFBundleDriverKitExecutableKey)), OSRetain);
2420
2421	/ remove unnecessary paths from the info dict /
2422	anInfoDict->removeObject(kKextRequestArgumentCodelessInfoBundlePathKey);
2423
2424	if (isDriverKit()) {
2425	dextStatistics = OSDextStatistics::create();
2426	dextUniqueID.reset(p: parseDextUniqueID(anInfoDict, dextIDCS: getIdentifierCString()), OSRetain);
2427	dextLaunchedCount = `0`;
2428	}
2429
2430	result = registerIdentifier();
2431
2432	finish:
2433	return result;
2434	}
2435
2436	/*********************************************************************
2437	*********************************************************************/
2438	/ static /
2439	void
2440	OSKext::setAllVMAttributes(void)
2441	{
2442	OSSharedPtr<OSCollectionIterator> kextIterator;
2443	const OSSymbol * thisID = NULL; // do not release
2444
2445	IORecursiveLockLock(lock: sKextLock);
2446
2447	kextIterator = OSCollectionIterator::withCollection(inColl: sKextsByID.get());
2448	if (!kextIterator) {
2449	goto finish;
2450	}
2451
2452	while ((thisID = OSDynamicCast(OSSymbol, kextIterator ->getNextObject()))) {
2453	OSKext * thisKext; // do not release
2454
2455	thisKext = OSDynamicCast(OSKext, sKextsByID ->getObject(thisID));
2456	if (!thisKext \|\| thisKext->isInterface() \|\| !thisKext->declaresExecutable()) {
2457	continue;
2458	}
2459
2460	if (!thisKext->flags.resetSegmentsFromVnode) {
2461	/*
2462	* set VM protections now, wire pages for the old style Aux KC now,
2463	* wire pages for the rest of the KC types at load time.
2464	*/
2465	thisKext->setVMAttributes(protect: true, wire: (thisKext->kc_type == KCKindAuxiliary) ? true : false);
2466	}
2467	}
2468
2469	finish:
2470	IORecursiveLockUnlock(lock: sKextLock);
2471
2472	return;
2473	}
2474
2475	/*********************************************************************
2476	*********************************************************************/
2477	OSSharedPtr<OSKext>
2478	OSKext::withBooterData(
2479	OSString * deviceTreeName,
2480	OSData * booterData)
2481	{
2482	OSSharedPtr<OSKext> newKext(OSMakeShared<OSKext>());
2483
2484	if (newKext && !newKext ->initWithBooterData(deviceTreeName, booterData)) {
2485	return NULL;
2486	}
2487
2488	return newKext;
2489	}
2490
2491	/*********************************************************************
2492	*********************************************************************/
2493	typedef struct _BooterKextFileInfo {
2494	uint32_t infoDictPhysAddr;
2495	uint32_t infoDictLength;
2496	uint32_t executablePhysAddr;
2497	uint32_t executableLength;
2498	uint32_t bundlePathPhysAddr;
2499	uint32_t bundlePathLength;
2500	} _BooterKextFileInfo;
2501
2502	bool
2503	OSKext::initWithBooterData(
2504	OSString * deviceTreeName,
2505	OSData * booterData)
2506	{
2507	bool result = false;
2508	_BooterKextFileInfo * kextFileInfo = NULL; // do not free
2509	char * infoDictAddr = NULL; // do not free
2510	void * executableAddr = NULL; // do not free
2511	char * bundlePathAddr = NULL; // do not free
2512
2513	OSDictionary * theInfoDict = NULL; // do not release
2514	OSSharedPtr<OSObject> parsedXML;
2515	OSSharedPtr<OSString> kextPath;
2516
2517	OSSharedPtr<OSString> errorString;
2518	OSSharedPtr<OSData> executable;
2519
2520	if (!super::init()) {
2521	goto finish;
2522	}
2523
2524	kextFileInfo = (_BooterKextFileInfo *)booterData->getBytesNoCopy();
2525	if (!kextFileInfo) {
2526	OSKextLog(aKext: this,
2527	kOSKextLogErrorLevel \|
2528	kOSKextLogGeneralFlag,
2529	format: "No booter-provided data for kext device tree entry %s.",
2530	deviceTreeName->getCStringNoCopy());
2531	goto finish;
2532	}
2533
2534	/ The info plist must exist or we can't read the kext.*
2535	*/
2536	if (!kextFileInfo->infoDictPhysAddr \|\| !kextFileInfo->infoDictLength) {
2537	OSKextLog(aKext: this,
2538	kOSKextLogErrorLevel \|
2539	kOSKextLogGeneralFlag,
2540	format: "No kext info dictionary for booter device tree entry %s.",
2541	deviceTreeName->getCStringNoCopy());
2542	goto finish;
2543	}
2544
2545	infoDictAddr = (char *)ml_static_ptovirt(kextFileInfo->infoDictPhysAddr);
2546	if (!infoDictAddr) {
2547	OSKextLog(aKext: this,
2548	kOSKextLogErrorLevel \|
2549	kOSKextLogGeneralFlag,
2550	format: "Can't translate physical address 0x%x of kext info dictionary "
2551	"for device tree entry %s.",
2552	(int)kextFileInfo->infoDictPhysAddr,
2553	deviceTreeName->getCStringNoCopy());
2554	goto finish;
2555	}
2556
2557	parsedXML = OSUnserializeXML(buffer: infoDictAddr, errorString);
2558	if (parsedXML) {
2559	theInfoDict = OSDynamicCast(OSDictionary, parsedXML.get());
2560	}
2561	if (!theInfoDict) {
2562	const char * errorCString = "(unknown error)";
2563
2564	if (errorString && errorString ->getCStringNoCopy()) {
2565	errorCString = errorString ->getCStringNoCopy();
2566	} else if (parsedXML) {
2567	errorCString = "not a dictionary";
2568	}
2569	OSKextLog(aKext: this,
2570	kOSKextLogErrorLevel \|
2571	kOSKextLogGeneralFlag,
2572	format: "Error unserializing info dictionary for device tree entry %s: %s.",
2573	deviceTreeName->getCStringNoCopy(), errorCString);
2574	goto finish;
2575	}
2576
2577	/ A bundle path is not mandatory.*
2578	*/
2579	if (kextFileInfo->bundlePathPhysAddr && kextFileInfo->bundlePathLength) {
2580	bundlePathAddr = (char *)ml_static_ptovirt(kextFileInfo->bundlePathPhysAddr);
2581	if (!bundlePathAddr) {
2582	OSKextLog(aKext: this,
2583	kOSKextLogErrorLevel \|
2584	kOSKextLogGeneralFlag,
2585	format: "Can't translate physical address 0x%x of kext bundle path "
2586	"for device tree entry %s.",
2587	(int)kextFileInfo->bundlePathPhysAddr,
2588	deviceTreeName->getCStringNoCopy());
2589	goto finish;
2590	}
2591	bundlePathAddr[kextFileInfo->bundlePathLength - `1`] = `'\0'`; // just in case!
2592
2593	kextPath = OSString::withCString(cString: bundlePathAddr);
2594	if (!kextPath) {
2595	OSKextLog(aKext: this,
2596	kOSKextLogErrorLevel \|
2597	kOSKextLogGeneralFlag,
2598	format: "Failed to create wrapper for device tree entry %s kext path %s.",
2599	deviceTreeName->getCStringNoCopy(), bundlePathAddr);
2600	goto finish;
2601	}
2602	}
2603
2604	if (!setInfoDictionaryAndPath(aDictionary: theInfoDict, aPath: kextPath.get())) {
2605	goto finish;
2606	}
2607
2608	/ An executable is not mandatory.*
2609	*/
2610	if (kextFileInfo->executablePhysAddr && kextFileInfo->executableLength) {
2611	executableAddr = (void *)ml_static_ptovirt(kextFileInfo->executablePhysAddr);
2612	if (!executableAddr) {
2613	OSKextLog(aKext: this,
2614	kOSKextLogErrorLevel \|
2615	kOSKextLogGeneralFlag,
2616	format: "Can't translate physical address 0x%x of kext executable "
2617	"for device tree entry %s.",
2618	(int)kextFileInfo->executablePhysAddr,
2619	deviceTreeName->getCStringNoCopy());
2620	goto finish;
2621	}
2622
2623	executable = OSData::withBytesNoCopy(bytes: executableAddr,
2624	numBytes: kextFileInfo->executableLength);
2625	if (!executable) {
2626	OSKextLog(aKext: this,
2627	kOSKextLogErrorLevel \|
2628	kOSKextLogGeneralFlag,
2629	format: "Failed to create executable wrapper for device tree entry %s.",
2630	deviceTreeName->getCStringNoCopy());
2631	goto finish;
2632	}
2633
2634	/ A kext with an executable needs to retain the whole booterData*
2635	* object to keep the executable in memory.
2636	*/
2637	if (!setExecutable(anExecutable: executable.get(), externalData: booterData)) {
2638	OSKextLog(aKext: this,
2639	kOSKextLogErrorLevel \|
2640	kOSKextLogGeneralFlag,
2641	format: "Failed to set kext executable for device tree entry %s.",
2642	deviceTreeName->getCStringNoCopy());
2643	goto finish;
2644	}
2645	}
2646
2647	if (isDriverKit()) {
2648	dextStatistics = OSDextStatistics::create();
2649	dextUniqueID.reset(p: parseDextUniqueID(anInfoDict: theInfoDict, dextIDCS: getIdentifierCString()), OSRetain);
2650	dextLaunchedCount = `0`;
2651	}
2652
2653	result = (registerIdentifier() == kOSKextInitialized);
2654
2655	finish:
2656	return result;
2657	}
2658
2659	/*********************************************************************
2660	*********************************************************************/
2661	OSKextInitResult
2662	OSKext::registerIdentifier(void)
2663	{
2664	OSKextInitResult result = kOSKextInitFailure;
2665	OSKext * existingKext = NULL; // do not release
2666	bool existingIsLoaded = false;
2667	bool existingIsPrelinked = false;
2668	bool existingIsCodeless = false;
2669	bool existingIsDext = false;
2670	OSKextVersion newVersion = -`1`;
2671	OSKextVersion existingVersion = -`1`;
2672	char newVersionCString[kOSKextVersionMaxLength];
2673	char existingVersionCString[kOSKextVersionMaxLength];
2674	OSSharedPtr<OSData> newUUID;
2675	OSSharedPtr<OSData> existingUUID;
2676	const char *newDextUniqueIDCString = NULL;
2677	const char *existingDextUniqueIDCString = NULL;
2678	unsigned int newDextUniqueIDCStringSize = `0`;
2679	unsigned int existingDextUniqueIDCStringSize = `0`;
2680
2681	IORecursiveLockLock(lock: sKextLock);
2682
2683	/ Get the new kext's version for checks & log messages.*
2684	*/
2685	newVersion = getVersion();
2686	OSKextVersionGetString(aVersion: newVersion, buffer: newVersionCString,
2687	kOSKextVersionMaxLength);
2688
2689	/ If we don't have an existing kext with this identifier,*
2690	* just record the new kext and we're done!
2691	*/
2692	existingKext = OSDynamicCast(OSKext, sKextsByID ->getObject(bundleID.get()));
2693	if (!existingKext) {
2694	sKextsByID ->setObject(aKey: bundleID.get(), anObject: this);
2695	result = kOSKextInitialized;
2696	goto finish;
2697	}
2698
2699	/ Get the existing kext's version for checks & log messages.*
2700	*/
2701	existingVersion = existingKext->getVersion();
2702	OSKextVersionGetString(aVersion: existingVersion,
2703	buffer: existingVersionCString, kOSKextVersionMaxLength);
2704
2705	existingIsLoaded = existingKext->isLoaded();
2706	existingIsPrelinked = existingKext->isPrelinked();
2707	existingIsDext = existingKext->isDriverKit();
2708	existingIsCodeless = !existingKext->declaresExecutable() && !existingIsDext;
2709
2710	/*
2711	* Check if we are trying to upgrade a dext
2712	* with another dext.
2713	*/
2714	if (isDriverKit() && existingIsDext) {
2715	OSData *newDextUID = getDextUniqueID();
2716	if (!newDextUID) {
2717	OSKextLog(aKext: this,
2718	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2719	format: "New dext %s, v%s requested does not have a unique dext identifier\n",
2720	getIdentifierCString(), newVersionCString);
2721	goto finish;
2722	}
2723	newDextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: newDextUID, size: &newDextUniqueIDCStringSize);
2724	assert(newDextUniqueIDCString != NULL);
2725
2726	OSData *existingDextUID = existingKext->getDextUniqueID();
2727	if (!existingDextUID) {
2728	OSKextLog(aKext: this,
2729	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2730	format: "Found a dext %s, v%s: with no unique dext identifier\n",
2731	existingKext->getIdentifierCString(), existingVersionCString);
2732	goto finish;
2733	}
2734	existingDextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: existingDextUID, size: &existingDextUniqueIDCStringSize);
2735	assert(existingDextUniqueIDCString != NULL);
2736
2737	/*
2738	* We might get multiple requests to save the same dext.
2739	* Check if we already have saved it or if this is an upgrade
2740	* for a dext with the same BundleID.
2741	* Dexts are uniquely identified by DextUniqueID, if a new DextUniqueID
2742	* is requested for a BundleID we are going to upgrade to the newest
2743	* received irrespective from the dext version.
2744	*/
2745	if (newDextUID->isEqualTo(aDataObj: existingDextUID) && existingKext->flags.dextToReplace == `0`) {
2746	OSKextLog(aKext: this,
2747	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2748	format: "Refusing new dext %s, v%s:"
2749	"a dext v %s with the same unique dext identifier (%s) already exists\n",
2750	getIdentifierCString(), newVersionCString,
2751	existingVersionCString, newDextUniqueIDCString);
2752	result = kOSKextAlreadyExist;
2753	goto finish;
2754	}
2755
2756	bool upgraded = upgradeDext(olddext: existingKext, newdext: this);
2757	if (upgraded) {
2758	/ If the dext was upgraded existingKext might have been deallocated /
2759	existingKext = NULL;
2760	OSKextLog(aKext: this,
2761	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2762	format: "Dext %s, v%s , unique dext identifier %s "
2763	"Upgraded to v%s, unique dext identifier %s \n",
2764	getIdentifierCString(), existingVersionCString, existingDextUniqueIDCString,
2765	newVersionCString, newDextUniqueIDCString);
2766	result = kOSKextInitialized;
2767	} else {
2768	OSKextLog(aKext: this,
2769	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
2770	format: "Upgrade delayed for %s v%s, unique dext identifier %s "
2771	"with v%s, unique dext identifier %s.\n",
2772	getIdentifierCString(), existingVersionCString, existingDextUniqueIDCString,
2773	newVersionCString, newDextUniqueIDCString);
2774	result = kOSKextAlreadyExist;
2775	}
2776
2777	goto finish;
2778	}
2779
2780	/ If we have a non-codeless kext with this identifier that's already*
2781	* loaded/prelinked, we can't use the new one, but let's be really
2782	* thorough and check how the two are related for a precise diagnostic
2783	* log message.
2784	*
2785	* This check is valid for kexts that declare an executable and for
2786	* dexts, but not for codeless kexts - we can just replace those.
2787	*/
2788	if ((!existingIsCodeless \|\| existingIsDext) &&
2789	(existingIsLoaded \|\| existingIsPrelinked)) {
2790	bool sameVersion = (newVersion == existingVersion);
2791	bool sameExecutable = true; // assume true unless we have UUIDs
2792
2793	/ Only get the UUID if the existing kext is loaded. Doing so*
2794	* might have to uncompress an mkext executable and we shouldn't
2795	* take that hit when neither kext is loaded.
2796	*
2797	* Note: there is no decompression that happens when all kexts
2798	* are loaded from kext collecitons.
2799	*/
2800	newUUID = copyUUID();
2801	existingUUID = existingKext->copyUUID();
2802
2803	if (existingIsDext && !isDriverKit()) {
2804	OSKextLog(aKext: this,
2805	kOSKextLogWarningLevel \|
2806	kOSKextLogKextBookkeepingFlag,
2807	format: "Notice - new kext %s, v%s matches a %s dext"
2808	"with the same bundle ID, v%s.",
2809	getIdentifierCString(), newVersionCString,
2810	(existingIsLoaded ? "loaded" : "prelinked"),
2811	existingVersionCString);
2812	goto finish;
2813	}
2814
2815	/ I'm entirely too paranoid about checking equivalence of executables,*
2816	* but I remember nasty problems with it in the past.
2817	*
2818	* - If we have UUIDs for both kexts, compare them.
2819	* - If only one kext has a UUID, they're definitely different.
2820	*/
2821	if (newUUID && existingUUID) {
2822	sameExecutable = newUUID ->isEqualTo(aDataObj: existingUUID.get());
2823	} else if (newUUID \|\| existingUUID) {
2824	sameExecutable = false;
2825	}
2826
2827	if (!newUUID && !existingUUID) {
2828	/ If there are no UUIDs, we can't really tell that the executables*
2829	* are different without a lot of work; the loaded kext's
2830	* unrelocated executable is no longer around (and we never had it
2831	* in-kernel for a prelinked kext). We certainly don't want to do
2832	* a whole fake link for the new kext just to compare, either.
2833	*/
2834	OSKextLog(aKext: this,
2835	kOSKextLogWarningLevel \|
2836	kOSKextLogKextBookkeepingFlag,
2837	format: "Notice - new kext %s, v%s matches %s kext "
2838	"but can't determine if executables are the same (no UUIDs).",
2839	getIdentifierCString(),
2840	newVersionCString,
2841	(existingIsLoaded ? "loaded" : "prelinked"));
2842	}
2843
2844	if (sameVersion && sameExecutable) {
2845	OSKextLog(aKext: this,
2846	msgLogSpec: (existingIsLoaded ? kOSKextLogWarningLevel : kOSKextLogStepLevel) \|
2847	kOSKextLogKextBookkeepingFlag,
2848	format: "Refusing new kext %s, v%s: a %s copy is already present "
2849	"(same version and executable).",
2850	getIdentifierCString(), newVersionCString,
2851	(existingIsLoaded ? "loaded" : "prelinked"));
2852	} else {
2853	if (!sameVersion) {
2854	/ This condition is significant so log it under warnings.*
2855	*/
2856	OSKextLog(aKext: this,
2857	kOSKextLogWarningLevel \|
2858	kOSKextLogKextBookkeepingFlag,
2859	format: "Refusing new kext %s, v%s: already have %s v%s.",
2860	getIdentifierCString(),
2861	newVersionCString,
2862	(existingIsLoaded ? "loaded" : "prelinked"),
2863	existingVersionCString);
2864	} else {
2865	/ This condition is significant so log it under warnings.*
2866	*/
2867	OSKextLog(aKext: this,
2868	kOSKextLogWarningLevel \| kOSKextLogKextBookkeepingFlag,
2869	format: "Refusing new kext %s, v%s: a %s copy with a different "
2870	"executable UUID is already present.",
2871	getIdentifierCString(), newVersionCString,
2872	(existingIsLoaded ? "loaded" : "prelinked"));
2873	}
2874	}
2875	goto finish;
2876	} / if ((!existingIsCodeless \|\| existingIsDext) && (existingIsLoaded \|\| existingIsPrelinked)) /
2877
2878	/ Refuse to allow an existing loaded codeless kext be replaced by a*
2879	* normal kext with the same bundle ID.
2880	*/
2881	if (existingIsCodeless && declaresExecutable()) {
2882	OSKextLog(aKext: this,
2883	kOSKextLogWarningLevel \| kOSKextLogKextBookkeepingFlag,
2884	format: "Refusing new kext %s, v%s: a codeless copy is already %s",
2885	getIdentifierCString(), newVersionCString,
2886	(existingIsLoaded ? "loaded" : "prelinked"));
2887	goto finish;
2888	}
2889
2890	/ Dexts packaged in the BootKC will be protected against replacement*
2891	* by non-dexts by the logic above which checks if they are prelinked.
2892	* Dexts which are prelinked into the System KC will be registered
2893	* before any other kexts in the AuxKC are registered, and we never
2894	* put dexts in the AuxKC. Therefore, there is no need to check if an
2895	* existing object is a dext and is being replaced by a non-dext.
2896	* The scenario cannot happen by construction.
2897	*
2898	* See: OSKext::loadFileSetKexts()
2899	*/
2900
2901
2902	/ We have two nonloaded/nonprelinked kexts, so our decision depends on whether*
2903	* user loads are happening or if we're still in early boot. User agents are
2904	* supposed to resolve dependencies topside and include only the exact
2905	* kexts needed; so we always accept the new kext (in fact we should never
2906	* see an older unloaded copy hanging around).
2907	*/
2908	if (sUserLoadsActive) {
2909	sKextsByID ->setObject(aKey: bundleID.get(), anObject: this);
2910	result = kOSKextInitialized;
2911
2912	OSKextLog(aKext: this,
2913	kOSKextLogStepLevel \|
2914	kOSKextLogKextBookkeepingFlag,
2915	format: "Dropping old copy of kext %s (v%s) for newly-added (v%s).",
2916	getIdentifierCString(),
2917	existingVersionCString,
2918	newVersionCString);
2919
2920	goto finish;
2921	}
2922
2923	/ During early boot, the kext with the highest version always wins out.*
2924	* Prelinked kernels will never hit this, but mkexts and booter-read
2925	* kexts might have duplicates.
2926	*/
2927	if (newVersion > existingVersion) {
2928	sKextsByID ->setObject(aKey: bundleID.get(), anObject: this);
2929	result = kOSKextInitialized;
2930
2931	OSKextLog(aKext: this,
2932	kOSKextLogStepLevel \|
2933	kOSKextLogKextBookkeepingFlag,
2934	format: "Dropping lower version (v%s) of registered kext %s for higher (v%s).",
2935	existingVersionCString,
2936	getIdentifierCString(),
2937	newVersionCString);
2938	} else {
2939	OSKextLog(aKext: this,
2940	kOSKextLogStepLevel \|
2941	kOSKextLogKextBookkeepingFlag,
2942	format: "Kext %s is already registered with a higher/same version (v%s); "
2943	"dropping newly-added (v%s).",
2944	getIdentifierCString(),
2945	existingVersionCString,
2946	newVersionCString);
2947	}
2948
2949	/ result has been set appropriately by now. /
2950
2951	finish:
2952
2953	IORecursiveLockUnlock(lock: sKextLock);
2954
2955	if (newDextUniqueIDCString != NULL) {
2956	kfree_data(newDextUniqueIDCString, newDextUniqueIDCStringSize);
2957	}
2958	if (existingDextUniqueIDCString != NULL) {
2959	kfree_data(existingDextUniqueIDCString, existingDextUniqueIDCStringSize);
2960	}
2961
2962	if (result == kOSKextInitialized) {
2963	OSKextLog(aKext: this,
2964	kOSKextLogStepLevel \|
2965	kOSKextLogKextBookkeepingFlag,
2966	format: "Kext %s, v%s registered and available for loading.",
2967	getIdentifierCString(), newVersionCString);
2968	}
2969
2970	return result;
2971	}
2972
2973	/*********************************************************************
2974	* Does the bare minimum validation to look up a kext.
2975	* All other validation is done on the spot as needed.
2976	**********************************************************************/
2977	bool
2978	OSKext::setInfoDictionaryAndPath(
2979	OSDictionary * aDictionary,
2980	OSString * aPath)
2981	{
2982	bool result = false;
2983	OSString * bundleIDString = NULL; // do not release
2984	OSString * versionString = NULL; // do not release
2985	OSString * compatibleVersionString = NULL; // do not release
2986	const char * versionCString = NULL; // do not free
2987	const char * compatibleVersionCString = NULL; // do not free
2988	OSBoolean * scratchBool = NULL; // do not release
2989	OSDictionary * scratchDict = NULL; // do not release
2990
2991	if (infoDict) {
2992	panic("Attempt to set info dictionary on a kext "
2993	"that already has one (%s).",
2994	getIdentifierCString());
2995	}
2996
2997	if (!aDictionary \|\| !OSDynamicCast(OSDictionary, aDictionary)) {
2998	goto finish;
2999	}
3000
3001	infoDict.reset(p: aDictionary, OSRetain);
3002
3003	/ Check right away if the info dictionary has any log flags.*
3004	*/
3005	scratchBool = OSDynamicCast(OSBoolean,
3006	getPropertyForHostArch(kOSBundleEnableKextLoggingKey));
3007	if (scratchBool == kOSBooleanTrue) {
3008	flags.loggingEnabled = `1`;
3009	}
3010
3011	/ The very next thing to get is the bundle identifier. Unlike*
3012	* in user space, a kext with no bundle identifier gets axed
3013	* immediately.
3014	*/
3015	bundleIDString = OSDynamicCast(OSString,
3016	getPropertyForHostArch(kCFBundleIdentifierKey));
3017	if (!bundleIDString) {
3018	OSKextLog(aKext: this,
3019	kOSKextLogErrorLevel \|
3020	kOSKextLogValidationFlag,
3021	format: "CFBundleIdentifier missing/invalid type in kext %s.",
3022	aPath ? aPath->getCStringNoCopy() : "(unknown)");
3023	goto finish;
3024	}
3025	bundleID = OSSymbol::withString(aString: bundleIDString);
3026	if (!bundleID) {
3027	OSKextLog(aKext: this,
3028	kOSKextLogErrorLevel \|
3029	kOSKextLogValidationFlag,
3030	format: "Can't copy bundle identifier as symbol for kext %s.",
3031	bundleIDString->getCStringNoCopy());
3032	goto finish;
3033	}
3034
3035	/ Save the path if we got one (it should always be available but it's*
3036	* just something nice to have for bookkeeping).
3037	*/
3038	if (aPath) {
3039	path.reset(p: aPath, OSRetain);
3040	}
3041
3042	/*****
3043	* Minimal validation to initialize. We'll do other validation on the spot.
3044	*/
3045	if (bundleID ->getLength() >= KMOD_MAX_NAME) {
3046	OSKextLog(aKext: this,
3047	kOSKextLogErrorLevel \|
3048	kOSKextLogValidationFlag,
3049	format: "Kext %s error - CFBundleIdentifier over max length %d.",
3050	getIdentifierCString(), KMOD_MAX_NAME - `1`);
3051	goto finish;
3052	}
3053
3054	version = compatibleVersion = -`1`;
3055
3056	versionString = OSDynamicCast(OSString,
3057	getPropertyForHostArch(kCFBundleVersionKey));
3058	if (!versionString) {
3059	OSKextLog(aKext: this,
3060	kOSKextLogErrorLevel \|
3061	kOSKextLogValidationFlag,
3062	format: "Kext %s error - CFBundleVersion missing/invalid type.",
3063	getIdentifierCString());
3064	goto finish;
3065	}
3066	versionCString = versionString->getCStringNoCopy();
3067	version = OSKextParseVersionString(versionString: versionCString);
3068	if (version < `0`) {
3069	OSKextLog(aKext: this,
3070	kOSKextLogErrorLevel \|
3071	kOSKextLogValidationFlag,
3072	format: "Kext %s error - CFBundleVersion bad value '%s'.",
3073	getIdentifierCString(), versionCString);
3074	goto finish;
3075	}
3076
3077	compatibleVersion = -`1`; // set to illegal value for kexts that don't have
3078
3079	compatibleVersionString = OSDynamicCast(OSString,
3080	getPropertyForHostArch(kOSBundleCompatibleVersionKey));
3081	if (compatibleVersionString) {
3082	compatibleVersionCString = compatibleVersionString->getCStringNoCopy();
3083	compatibleVersion = OSKextParseVersionString(versionString: compatibleVersionCString);
3084	if (compatibleVersion < `0`) {
3085	OSKextLog(aKext: this,
3086	kOSKextLogErrorLevel \|
3087	kOSKextLogValidationFlag,
3088	format: "Kext %s error - OSBundleCompatibleVersion bad value '%s'.",
3089	getIdentifierCString(), compatibleVersionCString);
3090	goto finish;
3091	}
3092
3093	if (compatibleVersion > version) {
3094	OSKextLog(aKext: this,
3095	kOSKextLogErrorLevel \|
3096	kOSKextLogValidationFlag,
3097	format: "Kext %s error - %s %s > %s %s (must be <=).",
3098	getIdentifierCString(),
3099	kOSBundleCompatibleVersionKey, compatibleVersionCString,
3100	kCFBundleVersionKey, versionCString);
3101	goto finish;
3102	}
3103	}
3104
3105	/ Check to see if this kext is in exclude list /
3106	if (isInExcludeList()) {
3107	OSKextLog(aKext: this,
3108	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
3109	format: "Kext %s is in exclude list, not loadable",
3110	getIdentifierCString());
3111	goto finish;
3112	}
3113
3114	/ Set flags for later use if the infoDict gets flushed. We only*
3115	* check for true values, not false ones(!)
3116	*/
3117	scratchBool = OSDynamicCast(OSBoolean,
3118	getPropertyForHostArch(kOSBundleIsInterfaceKey));
3119	if (scratchBool == kOSBooleanTrue) {
3120	flags.interface = `1`;
3121	}
3122
3123	scratchBool = OSDynamicCast(OSBoolean,
3124	getPropertyForHostArch(kOSKernelResourceKey));
3125	if (scratchBool == kOSBooleanTrue) {
3126	flags.kernelComponent = `1`;
3127	flags.interface = `1`; // xxx - hm. the kernel itself isn't an interface...
3128	flags.started = `1`;
3129
3130	/ A kernel component has one implicit dependency on the kernel.*
3131	*/
3132	flags.hasAllDependencies = `1`;
3133	}
3134
3135	/ Make sure common string values in personalities are uniqued to OSSymbols.*
3136	*/
3137	scratchDict = OSDynamicCast(OSDictionary,
3138	getPropertyForHostArch(kIOKitPersonalitiesKey));
3139	if (scratchDict) {
3140	uniquePersonalityProperties(personalityDict: scratchDict);
3141	}
3142
3143	result = true;
3144
3145	finish:
3146
3147	return result;
3148	}
3149
3150	/*********************************************************************
3151	* Not used for prelinked kernel boot as there is no unrelocated
3152	* executable.
3153	*********************************************************************/
3154	bool
3155	OSKext::setExecutable(
3156	OSData * anExecutable,
3157	OSData * externalData,
3158	bool externalDataIsMkext)
3159	{
3160	bool result = false;
3161	const char * executableKey = NULL; // do not free
3162
3163	if (!anExecutable) {
3164	infoDict ->removeObject(_kOSKextExecutableKey);
3165	infoDict ->removeObject(_kOSKextMkextExecutableReferenceKey);
3166	infoDict ->removeObject(_kOSKextExecutableExternalDataKey);
3167	result = true;
3168	goto finish;
3169	}
3170
3171	if (infoDict ->getObject(_kOSKextExecutableKey) \|\|
3172	infoDict ->getObject(_kOSKextMkextExecutableReferenceKey)) {
3173	panic("Attempt to set an executable on a kext "
3174	"that already has one (%s).",
3175	getIdentifierCString());
3176	goto finish;
3177	}
3178
3179	if (externalDataIsMkext) {
3180	executableKey = _kOSKextMkextExecutableReferenceKey;
3181	} else {
3182	executableKey = _kOSKextExecutableKey;
3183	}
3184
3185	if (anExecutable) {
3186	infoDict ->setObject(aKey: executableKey, anObject: anExecutable);
3187	if (externalData) {
3188	infoDict ->setObject(_kOSKextExecutableExternalDataKey, anObject: externalData);
3189	}
3190	}
3191
3192	result = true;
3193
3194	finish:
3195	return result;
3196	}
3197
3198	/*********************************************************************
3199	*********************************************************************/
3200	static void
3201	uniqueStringPlistProperty(OSDictionary * dict, const char * key)
3202	{
3203	OSObject * value = NULL; // do not release
3204	OSString * stringValue = NULL; // do not release
3205	OSSharedPtr<const OSSymbol> symbolValue;
3206
3207	value = dict->getObject(aKey: key);
3208	if (!value) {
3209	goto finish;
3210	}
3211	if (OSDynamicCast(OSSymbol, value)) {
3212	/ this is already an OSSymbol: we're good /
3213	goto finish;
3214	}
3215
3216	stringValue = OSDynamicCast(OSString, value);
3217	if (!stringValue) {
3218	goto finish;
3219	}
3220
3221	symbolValue = OSSymbol::withString(aString: stringValue);
3222	if (!symbolValue) {
3223	goto finish;
3224	}
3225
3226	dict->setObject(aKey: key, anObject: symbolValue.get());
3227
3228	finish:
3229	return;
3230	}
3231
3232	/*********************************************************************
3233	*********************************************************************/
3234	static void
3235	uniqueStringPlistProperty(OSDictionary * dict, const OSString * key)
3236	{
3237	OSObject * value = NULL; // do not release
3238	OSString * stringValue = NULL; // do not release
3239	OSSharedPtr<const OSSymbol> symbolValue;
3240
3241	value = dict->getObject(aKey: key);
3242	if (!value) {
3243	goto finish;
3244	}
3245	if (OSDynamicCast(OSSymbol, value)) {
3246	/ this is already an OSSymbol: we're good /
3247	goto finish;
3248	}
3249
3250	stringValue = OSDynamicCast(OSString, value);
3251	if (!stringValue) {
3252	goto finish;
3253	}
3254
3255	symbolValue = OSSymbol::withString(aString: stringValue);
3256	if (!symbolValue) {
3257	goto finish;
3258	}
3259
3260	dict->setObject(aKey: key, anObject: symbolValue.get());
3261
3262	finish:
3263	return;
3264	}
3265
3266	void
3267	OSKext::uniquePersonalityProperties(OSDictionary * personalityDict)
3268	{
3269	OSKext::uniquePersonalityProperties(personalityDict, defaultAddKernelBundleIdentifier: true);
3270	}
3271
3272	/*********************************************************************
3273	* Replace common personality property values with uniqued instances
3274	* to save on wired memory.
3275	*********************************************************************/
3276	/ static /
3277	void
3278	OSKext::uniquePersonalityProperties(OSDictionary * personalityDict, bool defaultAddKernelBundleIdentifier)
3279	{
3280	/ Properties every personality has.*
3281	*/
3282	uniqueStringPlistProperty(dict: personalityDict, kCFBundleIdentifierKey);
3283	uniqueStringPlistProperty(dict: personalityDict, kIOProviderClassKey);
3284	uniqueStringPlistProperty(dict: personalityDict, key: gIOClassKey.get());
3285	if (personalityDict->getObject(kCFBundleIdentifierKernelKey)) {
3286	uniqueStringPlistProperty(dict: personalityDict, kCFBundleIdentifierKernelKey);
3287	} else if (defaultAddKernelBundleIdentifier) {
3288	personalityDict->setObject(kCFBundleIdentifierKernelKey, anObject: personalityDict->getObject(kCFBundleIdentifierKey));
3289	}
3290
3291	/ Other commonly used properties.*
3292	*/
3293	uniqueStringPlistProperty(dict: personalityDict, key: gIOMatchCategoryKey);
3294	uniqueStringPlistProperty(dict: personalityDict, key: gIOResourceMatchKey);
3295	uniqueStringPlistProperty(dict: personalityDict, key: gIOUserClientClassKey);
3296
3297	uniqueStringPlistProperty(dict: personalityDict, key: "HIDDefaultBehavior");
3298	uniqueStringPlistProperty(dict: personalityDict, key: "HIDPointerAccelerationType");
3299	uniqueStringPlistProperty(dict: personalityDict, key: "HIDRemoteControlType");
3300	uniqueStringPlistProperty(dict: personalityDict, key: "HIDScrollAccelerationType");
3301	uniqueStringPlistProperty(dict: personalityDict, key: "IOPersonalityPublisher");
3302	uniqueStringPlistProperty(dict: personalityDict, key: "Physical Interconnect");
3303	uniqueStringPlistProperty(dict: personalityDict, key: "Physical Interconnect Location");
3304	uniqueStringPlistProperty(dict: personalityDict, key: "Vendor");
3305	uniqueStringPlistProperty(dict: personalityDict, key: "Vendor Identification");
3306	uniqueStringPlistProperty(dict: personalityDict, key: "Vendor Name");
3307	uniqueStringPlistProperty(dict: personalityDict, key: "bConfigurationValue");
3308	uniqueStringPlistProperty(dict: personalityDict, key: "bInterfaceNumber");
3309	uniqueStringPlistProperty(dict: personalityDict, key: "idProduct");
3310
3311	return;
3312	}
3313
3314	/*********************************************************************
3315	*********************************************************************/
3316	void
3317	OSKext::free(void)
3318	{
3319	if (isLoaded()) {
3320	panic("Attempt to free loaded kext %s.", getIdentifierCString());
3321	}
3322
3323	if (isDriverKit()) {
3324	if (dextLaunchedCount > `0`) {
3325	panic("Freeing dext %s but dextLaunchedCount is %d\n", getIdentifierCString(), dextLaunchedCount);
3326	}
3327	}
3328
3329	infoDict.reset();
3330	bundleID.reset();
3331	path.reset();
3332	executableRelPath.reset();
3333	userExecutableRelPath.reset();
3334	dependencies.reset();
3335	linkedExecutable.reset();
3336	metaClasses.reset();
3337	interfaceUUID.reset();
3338	driverKitUUID.reset();
3339	dextStatistics.reset();
3340	dextUniqueID.reset();
3341
3342	if (isInterface() && kmod_info) {
3343	kfree_type(kmod_info_t, kmod_info);
3344	}
3345
3346	super::free();
3347	return;
3348	}
3349
3350	#if PRAGMA_MARK
3351	#pragma mark Mkext files
3352	#endif
3353
3354	#if CONFIG_KXLD
3355	/*
3356	* mkext archives are really only relevant on kxld-enabled kernels.
3357	* Without a dynamic kernel linker, we don't need to support any mkexts.
3358	*/
3359
3360	/*********************************************************************
3361	*********************************************************************/
3362	OSReturn
3363	OSKext::readMkextArchive(OSData * mkextData,
3364	uint32_t * checksumPtr)
3365	{
3366	OSReturn result = kOSKextReturnBadData;
3367	uint32_t mkextLength = `0`;
3368	mkext_header * mkextHeader = NULL; // do not free
3369	uint32_t mkextVersion = `0`;
3370
3371	/ Note default return of kOSKextReturnBadData above.*
3372	*/
3373	mkextLength = mkextData->getLength();
3374	if (mkextLength < sizeof(mkext_basic_header)) {
3375	OSKextLog(/ kext / NULL,
3376	kOSKextLogErrorLevel \|
3377	kOSKextLogArchiveFlag,
3378	"Mkext archive too small to be valid.");
3379	goto finish;
3380	}
3381
3382	mkextHeader = (mkext_header *)mkextData->getBytesNoCopy();
3383
3384	if (MKEXT_GET_MAGIC(mkextHeader) != MKEXT_MAGIC \|\|
3385	MKEXT_GET_SIGNATURE(mkextHeader) != MKEXT_SIGN) {
3386	OSKextLog(/ kext / NULL,
3387	kOSKextLogErrorLevel \|
3388	kOSKextLogArchiveFlag,
3389	"Mkext archive has invalid magic or signature.");
3390	goto finish;
3391	}
3392
3393	if (MKEXT_GET_LENGTH(mkextHeader) != mkextLength) {
3394	OSKextLog(/ kext / NULL,
3395	kOSKextLogErrorLevel \|
3396	kOSKextLogArchiveFlag,
3397	"Mkext archive recorded length doesn't match actual file length.");
3398	goto finish;
3399	}
3400
3401	mkextVersion = MKEXT_GET_VERSION(mkextHeader);
3402
3403	if (mkextVersion == MKEXT_VERS_2) {
3404	result = OSKext::readMkext2Archive(mkextData, NULL, checksumPtr);
3405	} else {
3406	OSKextLog(/ kext / NULL,
3407	kOSKextLogErrorLevel \|
3408	kOSKextLogArchiveFlag,
3409	"Mkext archive of unsupported mkext version 0x%x.", mkextVersion);
3410	result = kOSKextReturnUnsupported;
3411	}
3412
3413	finish:
3414	return result;
3415	}
3416
3417	/*********************************************************************
3418	* Assumes magic, signature, version, length have been checked.
3419	* xxx - need to add further bounds checking for each file entry
3420	*
3421	* Should keep track of all kexts created so far, and if we hit a
3422	* fatal error halfway through, remove those kexts. If we've dropped
3423	* an older version that had already been read, whoops! Might want to
3424	* add a level of buffering?
3425	*********************************************************************/
3426	/ static /
3427	OSReturn
3428	OSKext::readMkext2Archive(
3429	OSData * mkextData,
3430	OSDictionary ** mkextPlistOut,
3431	uint32_t * checksumPtr)
3432	{
3433	OSReturn result = kOSReturnError;
3434	uint32_t mkextLength;
3435	mkext2_header * mkextHeader = NULL; // do not free
3436	void * mkextEnd = NULL; // do not free
3437	uint32_t mkextVersion;
3438	uint8_t * crc_address = NULL;
3439	size_t crc_buffer_size = `0`;
3440	uint32_t checksum;
3441	uint32_t mkextPlistOffset;
3442	uint32_t mkextPlistCompressedSize;
3443	char * mkextPlistEnd = NULL; // do not free
3444	uint32_t mkextPlistFullSize;
3445	OSSharedPtr<OSString> errorString;
3446	OSSharedPtr<OSData> mkextPlistUncompressedData;
3447	const char * mkextPlistDataBuffer = NULL; // do not free
3448	OSSharedPtr<OSObject> parsedXML;
3449	OSDictionary * mkextPlist = NULL; // do not release
3450	OSArray * mkextInfoDictArray = NULL; // do not release
3451	uint32_t count, i;
3452	kc_format_t kc_format;
3453
3454	if (!PE_get_primary_kc_format(&kc_format)) {
3455	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
3456	"Unable to determine primary KC format");
3457	goto finish;
3458	}
3459
3460	mkextLength = mkextData->getLength();
3461	mkextHeader = (mkext2_header *)mkextData->getBytesNoCopy();
3462	mkextEnd = (char *)mkextHeader + mkextLength;
3463	mkextVersion = MKEXT_GET_VERSION(mkextHeader);
3464
3465	crc_address = (u_int8_t *)&mkextHeader->version;
3466	crc_buffer_size = (uintptr_t)mkextHeader +
3467	MKEXT_GET_LENGTH(mkextHeader) - (uintptr_t)crc_address;
3468	if (crc_buffer_size > INT32_MAX) {
3469	OSKextLog(/ kext / NULL,
3470	kOSKextLogErrorLevel \|
3471	kOSKextLogArchiveFlag,
3472	"Mkext archive size is too large (%lu > INT32_MAX).",
3473	crc_buffer_size);
3474	result = kOSKextReturnBadData;
3475	goto finish;
3476	}
3477	checksum = mkext_adler32(crc_address, (int32_t)crc_buffer_size);
3478
3479	if (MKEXT_GET_CHECKSUM(mkextHeader) != checksum) {
3480	OSKextLog(/ kext / NULL,
3481	kOSKextLogErrorLevel \|
3482	kOSKextLogArchiveFlag,
3483	"Mkext archive has bad checksum.");
3484	result = kOSKextReturnBadData;
3485	goto finish;
3486	}
3487
3488	if (checksumPtr) {
3489	*checksumPtr = checksum;
3490	}
3491
3492	/ Check that the CPU type & subtype match that of the running kernel. /
3493	if (MKEXT_GET_CPUTYPE(mkextHeader) == (UInt32)CPU_TYPE_ANY) {
3494	OSKextLog(/ kext / NULL,
3495	kOSKextLogErrorLevel \|
3496	kOSKextLogArchiveFlag,
3497	"Mkext archive must have a specific CPU type.");
3498	result = kOSKextReturnBadData;
3499	goto finish;
3500	} else {
3501	if ((UInt32)_mh_execute_header.cputype !=
3502	MKEXT_GET_CPUTYPE(mkextHeader)) {
3503	OSKextLog(/ kext / NULL,
3504	kOSKextLogErrorLevel \|
3505	kOSKextLogArchiveFlag,
3506	"Mkext archive does not match the running kernel's CPU type.");
3507	result = kOSKextReturnArchNotFound;
3508	goto finish;
3509	}
3510	}
3511
3512	mkextPlistOffset = MKEXT2_GET_PLIST(mkextHeader);
3513	mkextPlistCompressedSize = MKEXT2_GET_PLIST_COMPSIZE(mkextHeader);
3514	mkextPlistEnd = (char *)mkextHeader + mkextPlistOffset +
3515	mkextPlistCompressedSize;
3516	if (mkextPlistEnd > mkextEnd) {
3517	OSKextLog(/ kext / NULL,
3518	kOSKextLogErrorLevel \|
3519	kOSKextLogArchiveFlag,
3520	"Mkext archive file overrun.");
3521	result = kOSKextReturnBadData;
3522	}
3523
3524	mkextPlistFullSize = MKEXT2_GET_PLIST_FULLSIZE(mkextHeader);
3525	if (mkextPlistCompressedSize) {
3526	mkextPlistUncompressedData = sKernelKext->extractMkext2FileData(
3527	(UInt8 *)mkextHeader + mkextPlistOffset,
3528	"plist",
3529	mkextPlistCompressedSize, mkextPlistFullSize);
3530	if (!mkextPlistUncompressedData) {
3531	goto finish;
3532	}
3533	mkextPlistDataBuffer = (const char *)
3534	mkextPlistUncompressedData->getBytesNoCopy();
3535	} else {
3536	mkextPlistDataBuffer = (const char *)mkextHeader + mkextPlistOffset;
3537	}
3538
3539	/ IOCFSerialize added a nul byte to the end of the string. Very nice of it.*
3540	*/
3541	parsedXML = OSUnserializeXML(mkextPlistDataBuffer, errorString);
3542	if (parsedXML) {
3543	mkextPlist = OSDynamicCast(OSDictionary, parsedXML.get());
3544	}
3545	if (!mkextPlist) {
3546	const char * errorCString = "(unknown error)";
3547
3548	if (errorString && errorString->getCStringNoCopy()) {
3549	errorCString = errorString->getCStringNoCopy();
3550	} else if (parsedXML) {
3551	errorCString = "not a dictionary";
3552	}
3553	OSKextLog(/ kext / NULL,
3554	kOSKextLogErrorLevel \|
3555	kOSKextLogArchiveFlag,
3556	"Error unserializing mkext plist: %s.", errorCString);
3557	goto finish;
3558	}
3559
3560	mkextInfoDictArray = OSDynamicCast(OSArray,
3561	mkextPlist->getObject(kMKEXTInfoDictionariesKey));
3562	if (!mkextInfoDictArray) {
3563	OSKextLog(/ kext / NULL,
3564	kOSKextLogErrorLevel \|
3565	kOSKextLogArchiveFlag,
3566	"Mkext archive contains no kext info dictionaries.");
3567	goto finish;
3568	}
3569
3570	count = mkextInfoDictArray->getCount();
3571	for (i = `0`; i < count; i++) {
3572	OSDictionary * infoDict;
3573
3574
3575	infoDict = OSDynamicCast(OSDictionary,
3576	mkextInfoDictArray->getObject(i));
3577
3578	/ Create the kext for the entry, then release it, because the*
3579	* kext system keeps them around until explicitly removed.
3580	* Any creation/registration failures are already logged for us.
3581	*/
3582	if (infoDict) {
3583	OSSharedPtr<OSKext> newKext = OSKext::withMkext2Info(infoDict, mkextData);
3584
3585	/ Fail dynamic loading of a kext when booted from MH_FILESET /
3586	if (kc_format == KCFormatFileset &&
3587	newKext &&
3588	!(newKext->isPrelinked()) &&
3589	newKext->declaresExecutable()) {
3590	result = kOSReturnError;
3591	printf("Kext LOG: Dynamic loading of kext denied for kext %s\n",
3592	newKext->getIdentifier() ? newKext->getIdentifierCString() : "unknown kext");
3593
3594	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
3595	"Dynamic loading of kext denied for kext %s\n",
3596	newKext->getIdentifier() ? newKext->getIdentifierCString() : "unknown kext");
3597	goto finish;
3598	}
3599	}
3600	}
3601
3602	/ If the caller needs the plist, hand them back our copy*
3603	*/
3604	if (mkextPlistOut) {
3605	*mkextPlistOut = mkextPlist;
3606	parsedXML.detach();
3607	}
3608
3609	/ Even if we didn't keep any kexts from the mkext, we may have a load*
3610	* request to process, so we are successful (no errors occurred).
3611	*/
3612	result = kOSReturnSuccess;
3613
3614	finish:
3615	return result;
3616	}
3617
3618	/ static /
3619	OSReturn
3620	OSKext::readMkext2Archive(
3621	OSData * mkextData,
3622	OSSharedPtr<OSDictionary> &mkextPlistOut,
3623	uint32_t * checksumPtr)
3624	{
3625	OSDictionary * mkextPlist = NULL;
3626	OSReturn ret;
3627
3628	if (kOSReturnSuccess == (ret = readMkext2Archive(mkextData,
3629	&mkextPlist,
3630	checksumPtr))) {
3631	mkextPlistOut.reset(mkextPlist, OSNoRetain);
3632	}
3633	return ret;
3634	}
3635
3636	/*********************************************************************
3637	*********************************************************************/
3638	/ static /
3639	OSSharedPtr<OSKext>
3640	OSKext::withMkext2Info(
3641	OSDictionary * anInfoDict,
3642	OSData * mkextData)
3643	{
3644	OSSharedPtr<OSKext> newKext = OSMakeShared<OSKext>();
3645
3646	if (newKext && !newKext->initWithMkext2Info(anInfoDict, mkextData)) {
3647	return NULL;
3648	}
3649
3650	return newKext;
3651	}
3652
3653	/*********************************************************************
3654	*********************************************************************/
3655	bool
3656	OSKext::initWithMkext2Info(
3657	OSDictionary * anInfoDict,
3658	OSData * mkextData)
3659	{
3660	bool result = false;
3661	OSString * kextPath = NULL; // do not release
3662	OSNumber * executableOffsetNum = NULL; // do not release
3663	OSSharedPtr<OSData> executable;
3664
3665	if (anInfoDict == NULL \|\| !super::init()) {
3666	goto finish;
3667	}
3668
3669	/ Get the path. Don't look for an arch-specific path property.*
3670	*/
3671	kextPath = OSDynamicCast(OSString,
3672	anInfoDict->getObject(kMKEXTBundlePathKey));
3673
3674	if (!setInfoDictionaryAndPath(anInfoDict, kextPath)) {
3675	goto finish;
3676	}
3677
3678	/ If we have a path to the executable, save it.*
3679	*/
3680	executableRelPath.reset(OSDynamicCast(OSString,
3681	anInfoDict->getObject(kMKEXTExecutableRelativePathKey)), OSRetain);
3682
3683	/ Don't need the paths to be in the info dictionary any more.*
3684	*/
3685	anInfoDict->removeObject(kMKEXTBundlePathKey);
3686	anInfoDict->removeObject(kMKEXTExecutableRelativePathKey);
3687
3688	executableOffsetNum = OSDynamicCast(OSNumber,
3689	infoDict->getObject(kMKEXTExecutableKey));
3690	if (executableOffsetNum) {
3691	executable = createMkext2FileEntry(mkextData,
3692	executableOffsetNum, "executable");
3693	infoDict->removeObject(kMKEXTExecutableKey);
3694	if (!executable) {
3695	goto finish;
3696	}
3697	if (!setExecutable(executable.get(), mkextData, true)) {
3698	goto finish;
3699	}
3700	}
3701
3702	result = (registerIdentifier() == kOSKextInitialized);
3703	finish:
3704	return result;
3705	}
3706
3707	/*********************************************************************
3708	*********************************************************************/
3709	OSSharedPtr<OSData>
3710	OSKext::createMkext2FileEntry(
3711	OSData * mkextData,
3712	OSNumber * offsetNum,
3713	const char * name)
3714	{
3715	OSSharedPtr<OSData> result;
3716	MkextEntryRef entryRef;
3717	uint8_t * mkextBuffer = (uint8_t *)mkextData->getBytesNoCopy();
3718	uint32_t entryOffset = offsetNum->unsigned32BitValue();
3719
3720	result = OSData::withCapacity(sizeof(entryRef));
3721	if (!result) {
3722	goto finish;
3723	}
3724
3725	entryRef.mkext = (mkext_basic_header *)mkextBuffer;
3726	entryRef.fileinfo = mkextBuffer + entryOffset;
3727	if (!result->appendValue(entryRef)) {
3728	result.reset();
3729	goto finish;
3730	}
3731
3732	finish:
3733	if (!result) {
3734	OSKextLog(this,
3735	kOSKextLogErrorLevel \|
3736	kOSKextLogArchiveFlag,
3737	"Can't create wrapper for mkext file entry '%s' of kext %s.",
3738	name, getIdentifierCString());
3739	}
3740	return result;
3741	}
3742
3743	/*********************************************************************
3744	*********************************************************************/
3745	extern "C" {
3746	static void * z_alloc(void *, u_int items, u_int size);
3747	static void z_free(void , void* *ptr);
3748
3749	typedef struct z_mem {
3750	uint32_t alloc_size;
3751	uint8_t data[`0`];
3752	} z_mem;
3753
3754	/*
3755	* Space allocation and freeing routines for use by zlib routines.
3756	*/
3757	void *
3758	z_alloc(void * notused __unused, u_int num_items, u_int size)
3759	{
3760	void * result = NULL;
3761	z_mem * zmem = NULL;
3762
3763	uint64_t total = ((uint64_t)num_items) * ((uint64_t)size);
3764	//Check for overflow due to multiplication
3765	if (total > UINT32_MAX) {
3766	panic("z_alloc(%p, %x, %x): overflow caused by %x * %x",
3767	notused, num_items, size, num_items, size);
3768	}
3769
3770	uint64_t allocSize64 = total + ((uint64_t)sizeof(zmem));
3771	//Check for overflow due to addition
3772	if (allocSize64 > UINT32_MAX) {
3773	panic("z_alloc(%p, %x, %x): overflow caused by %x + %lx",
3774	notused, num_items, size, (uint32_t)total, sizeof(zmem));
3775	}
3776	uint32_t allocSize = (uint32_t)allocSize64;
3777
3778	zmem = (z_mem *)kalloc_data_tag(allocSize, Z_WAITOK,
3779	VM_KERN_MEMORY_OSKEXT);
3780	if (!zmem) {
3781	goto finish;
3782	}
3783	zmem->alloc_size = allocSize;
3784	result = (void *)&(zmem->data);
3785	finish:
3786	return result;
3787	}
3788
3789	void
3790	z_free(void * notused __unused, void * ptr)
3791	{
3792	uint32_t * skipper = (uint32_t *)ptr - `1`;
3793	z_mem * zmem = (z_mem *)skipper;
3794	kfree_data(zmem, zmem->alloc_size);
3795	}
3796	};
3797
3798	OSSharedPtr<OSData>
3799	OSKext::extractMkext2FileData(
3800	UInt8 * data,
3801	const char * name,
3802	uint32_t compressedSize,
3803	uint32_t fullSize)
3804	{
3805	OSSharedPtr<OSData> result;
3806	OSSharedPtr<OSData> uncompressedData; // release on error
3807
3808	uint8_t * uncompressedDataBuffer = NULL; // do not free
3809	unsigned long uncompressedSize;
3810	z_stream zstream;
3811	bool zstream_inited = false;
3812	int zlib_result;
3813
3814	/ If the file isn't compressed, we want to make a copy*
3815	* so that we don't have the tie to the larger mkext file buffer any more.
3816	*/
3817	if (!compressedSize) {
3818	uncompressedData = OSData::withBytes(data, fullSize);
3819	// xxx - no check for failure?
3820	result = uncompressedData;
3821	goto finish;
3822	}
3823
3824	if (KERN_SUCCESS != kmem_alloc(kernel_map,
3825	(vm_offset_t*)&uncompressedDataBuffer, fullSize,
3826	KMA_DATA, VM_KERN_MEMORY_OSKEXT)) {
3827	/ How's this for cheesy? The kernel is only asked to extract*
3828	* kext plists so we tailor the log messages.
3829	*/
3830	if (isKernel()) {
3831	OSKextLog(this,
3832	kOSKextLogErrorLevel \|
3833	kOSKextLogArchiveFlag,
3834	"Allocation failure extracting %s from mkext.", name);
3835	} else {
3836	OSKextLog(this,
3837	kOSKextLogErrorLevel \|
3838	kOSKextLogArchiveFlag,
3839	"Allocation failure extracting %s from mkext for kext %s.",
3840	name, getIdentifierCString());
3841	}
3842
3843	goto finish;
3844	}
3845	uncompressedData = OSData::withBytesNoCopy(uncompressedDataBuffer, fullSize);
3846	if (!uncompressedData) {
3847	if (isKernel()) {
3848	OSKextLog(this,
3849	kOSKextLogErrorLevel \|
3850	kOSKextLogArchiveFlag,
3851	"Allocation failure extracting %s from mkext.", name);
3852	} else {
3853	OSKextLog(this,
3854	kOSKextLogErrorLevel \|
3855	kOSKextLogArchiveFlag,
3856	"Allocation failure extracting %s from mkext for kext %s.",
3857	name, getIdentifierCString());
3858	}
3859	goto finish;
3860	}
3861	uncompressedData->setDeallocFunction(&osdata_kmem_free);
3862
3863	if (isKernel()) {
3864	OSKextLog(this,
3865	kOSKextLogDetailLevel \|
3866	kOSKextLogArchiveFlag,
3867	"Kernel extracted %s from mkext - compressed size %d, uncompressed size %d.",
3868	name, compressedSize, fullSize);
3869	} else {
3870	OSKextLog(this,
3871	kOSKextLogDetailLevel \|
3872	kOSKextLogArchiveFlag,
3873	"Kext %s extracted %s from mkext - compressed size %d, uncompressed size %d.",
3874	getIdentifierCString(), name, compressedSize, fullSize);
3875	}
3876
3877	bzero(&zstream, sizeof(zstream));
3878	zstream.next_in = (UInt8 *)data;
3879	zstream.avail_in = compressedSize;
3880
3881	zstream.next_out = uncompressedDataBuffer;
3882	zstream.avail_out = fullSize;
3883
3884	zstream.zalloc = z_alloc;
3885	zstream.zfree = z_free;
3886
3887	zlib_result = inflateInit(&zstream);
3888	if (Z_OK != zlib_result) {
3889	if (isKernel()) {
3890	OSKextLog(this,
3891	kOSKextLogErrorLevel \|
3892	kOSKextLogArchiveFlag,
3893	"Mkext error; zlib inflateInit failed (%d) for %s.",
3894	zlib_result, name);
3895	} else {
3896	OSKextLog(this,
3897	kOSKextLogErrorLevel \|
3898	kOSKextLogArchiveFlag,
3899	"Kext %s - mkext error; zlib inflateInit failed (%d) for %s .",
3900	getIdentifierCString(), zlib_result, name);
3901	}
3902	goto finish;
3903	} else {
3904	zstream_inited = true;
3905	}
3906
3907	zlib_result = inflate(&zstream, Z_FINISH);
3908
3909	if (zlib_result == Z_STREAM_END \|\| zlib_result == Z_OK) {
3910	uncompressedSize = zstream.total_out;
3911	} else {
3912	if (isKernel()) {
3913	OSKextLog(this,
3914	kOSKextLogErrorLevel \|
3915	kOSKextLogArchiveFlag,
3916	"Mkext error; zlib inflate failed (%d) for %s.",
3917	zlib_result, name);
3918	} else {
3919	OSKextLog(this,
3920	kOSKextLogErrorLevel \|
3921	kOSKextLogArchiveFlag,
3922	"Kext %s - mkext error; zlib inflate failed (%d) for %s .",
3923	getIdentifierCString(), zlib_result, name);
3924	}
3925	if (zstream.msg) {
3926	OSKextLog(this,
3927	kOSKextLogErrorLevel \|
3928	kOSKextLogArchiveFlag,
3929	"zlib error: %s.", zstream.msg);
3930	}
3931	goto finish;
3932	}
3933
3934	if (uncompressedSize != fullSize) {
3935	if (isKernel()) {
3936	OSKextLog(this,
3937	kOSKextLogErrorLevel \|
3938	kOSKextLogArchiveFlag,
3939	"Mkext error; zlib inflate discrepancy for %s, "
3940	"uncompressed size != original size.", name);
3941	} else {
3942	OSKextLog(this,
3943	kOSKextLogErrorLevel \|
3944	kOSKextLogArchiveFlag,
3945	"Kext %s - mkext error; zlib inflate discrepancy for %s, "
3946	"uncompressed size != original size.",
3947	getIdentifierCString(), name);
3948	}
3949	goto finish;
3950	}
3951
3952	result = os::move(uncompressedData);
3953
3954	finish:
3955	/ Don't bother checking return, nothing we can do on fail.*
3956	*/
3957	if (zstream_inited) {
3958	inflateEnd(&zstream);
3959	}
3960
3961	return result;
3962	}
3963
3964	/*********************************************************************
3965	*********************************************************************/
3966	/ static /
3967	OSReturn
3968	OSKext::loadFromMkext(
3969	OSKextLogSpec clientLogFilter,
3970	char * mkextBuffer,
3971	uint32_t mkextBufferLength,
3972	char ** logInfoOut,
3973	uint32_t * logInfoLengthOut)
3974	{
3975	OSReturn result = kOSReturnError;
3976	OSReturn tempResult = kOSReturnError;
3977
3978	OSSharedPtr<OSData> mkextData;
3979	OSSharedPtr<OSDictionary> mkextPlist;
3980
3981	OSSharedPtr<OSArray> logInfoArray;
3982	OSSharedPtr<OSSerialize> serializer;
3983
3984	OSString * predicate = NULL; // do not release
3985	OSDictionary * requestArgs = NULL; // do not release
3986
3987	OSString * kextIdentifier = NULL; // do not release
3988	OSNumber * startKextExcludeNum = NULL; // do not release
3989	OSNumber * startMatchingExcludeNum = NULL; // do not release
3990	OSBoolean * delayAutounloadBool = NULL; // do not release
3991	OSArray * personalityNames = NULL; // do not release
3992
3993	/ Default values for these two options: regular autounload behavior,*
3994	* load all kexts, send no personalities.
3995	*/
3996	Boolean delayAutounload = false;
3997	OSKextExcludeLevel startKextExcludeLevel = kOSKextExcludeNone;
3998	OSKextExcludeLevel startMatchingExcludeLevel = kOSKextExcludeAll;
3999
4000	IORecursiveLockLock(sKextLock);
4001
4002	if (logInfoOut) {
4003	*logInfoOut = NULL;
4004	*logInfoLengthOut = `0`;
4005	}
4006
4007	OSKext::setUserSpaceLogFilter(clientLogFilter, logInfoOut ? true : false);
4008
4009	OSKextLog(/ kext / NULL,
4010	kOSKextLogDebugLevel \|
4011	kOSKextLogIPCFlag,
4012	"Received kext load request from user space.");
4013
4014	/ Regardless of processing, the fact that we have gotten here means some*
4015	* user-space program is up and talking to us, so we'll switch our kext
4016	* registration to reflect that.
4017	*/
4018	if (!sUserLoadsActive) {
4019	OSKextLog(/ kext / NULL,
4020	kOSKextLogProgressLevel \|
4021	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
4022	"Switching to late startup (user-space) kext loading policy.");
4023
4024	sUserLoadsActive = true;
4025	}
4026
4027	if (!sLoadEnabled) {
4028	OSKextLog(/ kext / NULL,
4029	kOSKextLogErrorLevel \|
4030	kOSKextLogLoadFlag,
4031	"Kext loading is disabled.");
4032	result = kOSKextReturnDisabled;
4033	goto finish;
4034	}
4035
4036	/ Note that we do not set a dealloc function on this OSData*
4037	* object! No references to it can remain after the loadFromMkext()
4038	* call since we are in a MIG function, and will vm_deallocate()
4039	* the buffer.
4040	*/
4041	mkextData = OSData::withBytesNoCopy(mkextBuffer,
4042	mkextBufferLength);
4043	if (!mkextData) {
4044	OSKextLog(/ kext / NULL,
4045	kOSKextLogErrorLevel \|
4046	kOSKextLogLoadFlag \| kOSKextLogIPCFlag,
4047	"Failed to create wrapper for kext load request.");
4048	result = kOSKextReturnNoMemory;
4049	goto finish;
4050	}
4051
4052	result = readMkext2Archive(mkextData.get(), mkextPlist, NULL);
4053	if (result != kOSReturnSuccess) {
4054	OSKextLog(/ kext / NULL,
4055	kOSKextLogErrorLevel \|
4056	kOSKextLogLoadFlag,
4057	"Failed to read kext load request.");
4058	goto finish;
4059	}
4060
4061	predicate = _OSKextGetRequestPredicate(mkextPlist.get());
4062	if (!predicate \|\| !predicate->isEqualTo(kKextRequestPredicateLoad)) {
4063	OSKextLog(/ kext / NULL,
4064	kOSKextLogErrorLevel \|
4065	kOSKextLogLoadFlag,
4066	"Received kext load request with no predicate; skipping.");
4067	result = kOSKextReturnInvalidArgument;
4068	goto finish;
4069	}
4070
4071	requestArgs = OSDynamicCast(OSDictionary,
4072	mkextPlist->getObject(kKextRequestArgumentsKey));
4073	if (!requestArgs \|\| !requestArgs->getCount()) {
4074	OSKextLog(/ kext / NULL,
4075	kOSKextLogErrorLevel \|
4076	kOSKextLogLoadFlag,
4077	"Received kext load request with no arguments.");
4078	result = kOSKextReturnInvalidArgument;
4079	goto finish;
4080	}
4081
4082	kextIdentifier = OSDynamicCast(OSString,
4083	requestArgs->getObject(kKextRequestArgumentBundleIdentifierKey));
4084
4085	if (!kextIdentifier) {
4086	OSKextLog(/ kext / NULL,
4087	kOSKextLogErrorLevel \|
4088	kOSKextLogLoadFlag,
4089	"Received kext load request with no kext identifier.");
4090	result = kOSKextReturnInvalidArgument;
4091	goto finish;
4092	}
4093
4094	startKextExcludeNum = OSDynamicCast(OSNumber,
4095	requestArgs->getObject(kKextRequestArgumentStartExcludeKey));
4096	startMatchingExcludeNum = OSDynamicCast(OSNumber,
4097	requestArgs->getObject(kKextRequestArgumentStartMatchingExcludeKey));
4098	delayAutounloadBool = OSDynamicCast(OSBoolean,
4099	requestArgs->getObject(kKextRequestArgumentDelayAutounloadKey));
4100	personalityNames = OSDynamicCast(OSArray,
4101	requestArgs->getObject(kKextRequestArgumentPersonalityNamesKey));
4102
4103	if (delayAutounloadBool) {
4104	delayAutounload = delayAutounloadBool->getValue();
4105	}
4106	if (startKextExcludeNum) {
4107	startKextExcludeLevel = startKextExcludeNum->unsigned8BitValue();
4108	}
4109	if (startMatchingExcludeNum) {
4110	startMatchingExcludeLevel = startMatchingExcludeNum->unsigned8BitValue();
4111	}
4112
4113	OSKextLog(/ kext / NULL,
4114	kOSKextLogProgressLevel \|
4115	kOSKextLogIPCFlag,
4116	"Received request from user space to load kext %s.",
4117	kextIdentifier->getCStringNoCopy());
4118
4119	/ Load the kext, with no deferral, since this is a load from outside*
4120	* the kernel.
4121	* xxx - Would like a better way to handle the default values for the
4122	* xxx - start/match opt args.
4123	*/
4124	result = OSKext::loadKextWithIdentifier(
4125	kextIdentifier,
4126	/ kextRef / NULL,
4127	/ allowDefer / false,
4128	delayAutounload,
4129	startKextExcludeLevel,
4130	startMatchingExcludeLevel,
4131	personalityNames);
4132	if (result != kOSReturnSuccess) {
4133	goto finish;
4134	}
4135	/ If the load came down from the IOKit daemon, it will shortly inform IOCatalogue*
4136	* for matching via a separate IOKit calldown.
4137	*/
4138
4139	finish:
4140
4141	/ Gather up the collected log messages for user space. Any*
4142	* error messages past this call will not make it up as log messages
4143	* but will be in the system log.
4144	*/
4145	logInfoArray = OSKext::clearUserSpaceLogFilter();
4146
4147	if (logInfoArray && logInfoOut && logInfoLengthOut) {
4148	tempResult = OSKext::serializeLogInfo(logInfoArray.get(),
4149	logInfoOut, logInfoLengthOut);
4150	if (tempResult != kOSReturnSuccess) {
4151	result = tempResult;
4152	}
4153	}
4154
4155	OSKext::flushNonloadedKexts(/ flushPrelinkedKexts / false);
4156
4157	IORecursiveLockUnlock(sKextLock);
4158
4159	/ Note: mkextDataObject will have been retained by every kext w/an*
4160	* executable in it. That should all have been flushed out at the
4161	* and of the load operation, but you never know....
4162	*/
4163	if (mkextData && mkextData->getRetainCount() > `1`) {
4164	OSKextLog(/ kext / NULL,
4165	kOSKextLogErrorLevel \|
4166	kOSKextLogLoadFlag \| kOSKextLogIPCFlag,
4167	"Kext load request buffer from user space still retained by a kext; "
4168	"probable memory leak.");
4169	}
4170
4171	return result;
4172	}
4173
4174	#endif // CONFIG_KXLD
4175
4176	/*********************************************************************
4177	*********************************************************************/
4178	/ static /
4179	OSReturn
4180	OSKext::serializeLogInfo(
4181	OSArray * logInfoArray,
4182	char ** logInfoOut,
4183	uint32_t * logInfoLengthOut)
4184	{
4185	OSReturn result = kOSReturnError;
4186	char * buffer = NULL;
4187	kern_return_t kmem_result = KERN_FAILURE;
4188	OSSharedPtr<OSSerialize> serializer;
4189	char * logInfo = NULL; // returned by reference
4190	uint32_t logInfoLength = `0`;
4191
4192	if (!logInfoArray \|\| !logInfoOut \|\| !logInfoLengthOut) {
4193	OSKextLog(/ kext / NULL,
4194	kOSKextLogErrorLevel \|
4195	kOSKextLogIPCFlag,
4196	format: "Internal error; invalid arguments to OSKext::serializeLogInfo().");
4197	/ Bad programmer. /
4198	result = kOSKextReturnInvalidArgument;
4199	goto finish;
4200	}
4201
4202	serializer = OSSerialize::withCapacity(capacity: `0`);
4203	if (!serializer) {
4204	OSKextLog(/ kext / NULL,
4205	kOSKextLogErrorLevel \|
4206	kOSKextLogIPCFlag,
4207	format: "Failed to create serializer on log info for request from user space.");
4208	/ Incidental error; we're going to (try to) allow the request*
4209	* itself to succeed. */
4210	} else {
4211	if (!logInfoArray->serialize(serializer: serializer.get())) {
4212	OSKextLog(/ kext / NULL,
4213	kOSKextLogErrorLevel \|
4214	kOSKextLogIPCFlag,
4215	format: "Failed to serialize log info for request from user space.");
4216	/ Incidental error; we're going to (try to) allow the request*
4217	* itself to succeed. */
4218	} else {
4219	logInfo = serializer ->text();
4220	logInfoLength = serializer ->getLength();
4221
4222	kmem_result = kmem_alloc(map: kernel_map, addrp: (vm_offset_t *)&buffer, size: round_page(x: logInfoLength),
4223	flags: KMA_DATA, VM_KERN_MEMORY_OSKEXT);
4224	if (kmem_result != KERN_SUCCESS) {
4225	OSKextLog(/ kext / NULL,
4226	kOSKextLogErrorLevel \|
4227	kOSKextLogIPCFlag,
4228	format: "Failed to copy log info for request from user space.");
4229	/ Incidental error; we're going to (try to) allow the request*
4230	* to succeed. */
4231	} else {
4232	/ 11981737 - clear uninitialized data in last page /
4233	bzero(s: (void *)(buffer + logInfoLength),
4234	n: (round_page(x: logInfoLength) - logInfoLength));
4235	memcpy(dst: buffer, src: logInfo, n: logInfoLength);
4236	*logInfoOut = buffer;
4237	*logInfoLengthOut = logInfoLength;
4238	}
4239	}
4240	}
4241
4242	result = kOSReturnSuccess;
4243	finish:
4244	return result;
4245	}
4246
4247	#if PRAGMA_MARK
4248	#pragma mark Instance Management Methods
4249	#endif
4250	/*********************************************************************
4251	*********************************************************************/
4252	OSSharedPtr<OSKext>
4253	OSKext::lookupKextWithIdentifier(const char * kextIdentifier)
4254	{
4255	OSSharedPtr<OSKext> foundKext;
4256
4257	IORecursiveLockLock(lock: sKextLock);
4258	foundKext.reset(OSDynamicCast(OSKext, sKextsByID ->getObject(kextIdentifier)), OSRetain);
4259	IORecursiveLockUnlock(lock: sKextLock);
4260
4261	return foundKext;
4262	}
4263
4264	/*********************************************************************
4265	*********************************************************************/
4266	OSSharedPtr<OSKext>
4267	OSKext::lookupKextWithIdentifier(OSString * kextIdentifier)
4268	{
4269	return OSKext::lookupKextWithIdentifier(kextIdentifier: kextIdentifier->getCStringNoCopy());
4270	}
4271
4272	/*********************************************************************
4273	*********************************************************************/
4274	OSSharedPtr<OSKext>
4275	OSKext::lookupDextWithIdentifier(OSString * dextIdentifier, OSData *dextUniqueIdentifier)
4276	{
4277	OSSharedPtr<OSKext> foundDext;
4278	foundDext.reset();
4279
4280	IORecursiveLockLock(lock: sKextLock);
4281	OSKext *dext = OSDynamicCast(OSKext, sKextsByID ->getObject(dextIdentifier->getCStringNoCopy()));
4282	if (dext != NULL && dext->isDriverKit()) {
4283	if (dext->dextUniqueID == NULL \|\| dext->dextUniqueID ->isEqualTo(aDataObj: dextUniqueIdentifier)) {
4284	foundDext.reset(p: dext, OSRetain);
4285	}
4286	}
4287	IORecursiveLockUnlock(lock: sKextLock);
4288
4289	return foundDext;
4290	}
4291
4292	/*********************************************************************
4293	*********************************************************************/
4294	OSSharedPtr<OSKext>
4295	OSKext::lookupKextWithLoadTag(uint32_t aTag)
4296	{
4297	OSSharedPtr<OSKext> foundKext; // returned
4298	uint32_t i, j;
4299	OSArray *list[`2`] = {sLoadedKexts.get(), sLoadedDriverKitKexts.get()};
4300	uint32_t count[`2`] = {sLoadedKexts ->getCount(), sLoadedDriverKitKexts ->getCount()};
4301
4302	IORecursiveLockLock(lock: sKextLock);
4303
4304	for (j = `0`; j < (sizeof(list) / sizeof(list[`0`])); j++) {
4305	for (i = `0`; i < count[j]; i++) {
4306	OSKext * thisKext = OSDynamicCast(OSKext, list[j]->getObject(i));
4307	if (thisKext->getLoadTag() == aTag) {
4308	foundKext.reset(p: thisKext, OSRetain);
4309	goto finish;
4310	}
4311	}
4312	}
4313
4314	finish:
4315	IORecursiveLockUnlock(lock: sKextLock);
4316
4317	return foundKext;
4318	}
4319
4320	/*********************************************************************
4321	*********************************************************************/
4322	OSSharedPtr<OSKext>
4323	OSKext::lookupKextWithAddress(vm_address_t address)
4324	{
4325	OSSharedPtr<OSKext> foundKext; // returned
4326	uint32_t count, i;
4327	kmod_info_t *kmod_info;
4328	vm_address_t originalAddress;
4329	#if defined(__arm64__)
4330	uint64_t textExecBase;
4331	size_t textExecSize;
4332	#endif /* defined(__arm64__) */
4333
4334	originalAddress = address;
4335	#if __has_feature(ptrauth_calls)
4336	address = (vm_address_t)VM_KERNEL_STRIP_PTR(address);
4337	#endif /* __has_feature(ptrauth_calls) */
4338
4339	IORecursiveLockLock(lock: sKextLock);
4340
4341	count = sLoadedKexts ->getCount();
4342	for (i = `0`; i < count; i++) {
4343	OSKext * thisKext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
4344	if (thisKext == sKernelKext) {
4345	continue;
4346	}
4347	if (thisKext->kmod_info && thisKext->kmod_info->address) {
4348	kmod_info = thisKext->kmod_info;
4349	vm_address_t kext_start = kmod_info->address;
4350	vm_address_t kext_end = kext_start + kmod_info->size;
4351	if ((kext_start <= address) && (address < kext_end)) {
4352	foundKext.reset(p: thisKext, OSRetain);
4353	goto finish;
4354	}
4355	#if defined(__arm64__)
4356	textExecBase = (uintptr_t) getsegdatafromheader((kernel_mach_header_t *)kmod_info->address, "__TEXT_EXEC", &textExecSize);
4357
4358	/**
4359	* If the addresses within the Mach-O are unslid, then manually
4360	* slide any addresses coming from the Mach-O before usage.
4361	*/
4362	if (thisKext->flags.unslidMachO) {
4363	textExecBase = (uintptr_t) ml_static_slide(vaddr: (vm_offset_t) textExecBase);
4364	}
4365
4366	if ((textExecBase <= address) && (address < textExecBase + textExecSize)) {
4367	foundKext.reset(p: thisKext, OSRetain);
4368	goto finish;
4369	}
4370	#endif /* defined (__arm64__) */
4371	}
4372	}
4373	if ((address >= vm_kernel_stext) && (address < vm_kernel_etext)) {
4374	foundKext.reset(p: sKernelKext, OSRetain);
4375	goto finish;
4376	}
4377	/*
4378	* DriverKit userspace executables do not have a kernel linkedExecutable,
4379	* so we "fake" their address range with the LoadTag. We cannot use the ptrauth-stripped address
4380	* here, so use the original address passed to this method.
4381	*
4382	* This is supposed to be used for logging reasons only. When logd
4383	* calls this function it ors the address with FIREHOSE_TRACEPOINT_PC_KERNEL_MASK, so we
4384	* remove it here before checking it against the LoadTag.
4385	* Also we need to remove FIREHOSE_TRACEPOINT_PC_DYNAMIC_BIT set when emitting the log line.
4386	*/
4387
4388	address = originalAddress & ~(FIREHOSE_TRACEPOINT_PC_KERNEL_MASK \| FIREHOSE_TRACEPOINT_PC_DYNAMIC_BIT);
4389	count = sLoadedDriverKitKexts ->getCount();
4390	for (i = `0`; i < count; i++) {
4391	OSKext * thisKext = OSDynamicCast(OSKext, sLoadedDriverKitKexts ->getObject(i));
4392	if (thisKext->getLoadTag() == address) {
4393	foundKext.reset(p: thisKext, OSRetain);
4394	}
4395	}
4396
4397	finish:
4398	IORecursiveLockUnlock(lock: sKextLock);
4399
4400	return foundKext;
4401	}
4402
4403	OSSharedPtr<OSData>
4404	OSKext::copyKextUUIDForAddress(OSNumber *address)
4405	{
4406	OSSharedPtr<OSData> uuid;
4407	OSSharedPtr<OSKext> kext;
4408
4409	if (!address) {
4410	return NULL;
4411	}
4412
4413	#if CONFIG_MACF
4414	/ Is the calling process allowed to query kext info? /
4415	if (current_task() != kernel_task) {
4416	int macCheckResult = `0`;
4417	kauth_cred_t cred = NULL;
4418
4419	cred = kauth_cred_get_with_ref();
4420	macCheckResult = mac_kext_check_query(cred);
4421	kauth_cred_unref(&cred);
4422
4423	if (macCheckResult != `0`) {
4424	OSKextLog(/ kext / NULL,
4425	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
4426	format: "Failed to query kext UUID (MAC policy error 0x%x).",
4427	macCheckResult);
4428	return NULL;
4429	}
4430	}
4431	#endif
4432
4433	uintptr_t slidAddress = ml_static_slide(vaddr: (uintptr_t)address->unsigned64BitValue());
4434	if (slidAddress != `0`) {
4435	kext = lookupKextWithAddress(address: slidAddress);
4436	if (kext) {
4437	uuid = kext ->copyTextUUID();
4438	}
4439	}
4440
4441	if (!uuid) {
4442	/*
4443	* If we still don't have a UUID, then we failed to match the slid + stripped address with
4444	* a kext. This might have happened because the log message came from a dext.
4445	*
4446	* Try again with the original address.
4447	*/
4448	kext = lookupKextWithAddress(address: (vm_address_t)address->unsigned64BitValue());
4449	if (kext && kext ->isDriverKit()) {
4450	uuid = kext ->copyTextUUID();
4451	}
4452	}
4453
4454	return uuid;
4455	}
4456
4457	/*********************************************************************
4458	*********************************************************************/
4459	OSSharedPtr<OSKext>
4460	OSKext::lookupKextWithUUID(uuid_t wanted)
4461	{
4462	OSSharedPtr<OSKext> foundKext; // returned
4463	uint32_t j, i;
4464	OSArray *list[`2`] = {sLoadedKexts.get(), sLoadedDriverKitKexts.get()};
4465	uint32_t count[`2`] = {sLoadedKexts ->getCount(), sLoadedDriverKitKexts ->getCount()};
4466
4467
4468	IORecursiveLockLock(lock: sKextLock);
4469
4470	for (j = `0`; j < (sizeof(list) / sizeof(list[`0`])); j++) {
4471	for (i = `0`; i < count[j]; i++) {
4472	OSKext * thisKext = NULL;
4473
4474	thisKext = OSDynamicCast(OSKext, list[j]->getObject(i));
4475	if (!thisKext) {
4476	continue;
4477	}
4478
4479	OSSharedPtr<OSData> uuid_data = thisKext->copyUUID();
4480	if (!uuid_data) {
4481	continue;
4482	}
4483
4484	uuid_t uuid;
4485	memcpy(dst: &uuid, src: uuid_data ->getBytesNoCopy(), n: sizeof(uuid));
4486
4487	if (`0` == uuid_compare(uu1: wanted, uu2: uuid)) {
4488	foundKext.reset(p: thisKext, OSRetain);
4489	goto finish;
4490	}
4491	}
4492	}
4493	finish:
4494	IORecursiveLockUnlock(lock: sKextLock);
4495
4496	return foundKext;
4497	}
4498
4499
4500
4501
4502	/*********************************************************************
4503	*********************************************************************/
4504	/ static /
4505	bool
4506	OSKext::isKextWithIdentifierLoaded(const char * kextIdentifier)
4507	{
4508	bool result = false;
4509	OSKext * foundKext = NULL; // returned
4510
4511	IORecursiveLockLock(lock: sKextLock);
4512
4513	foundKext = OSDynamicCast(OSKext, sKextsByID ->getObject(kextIdentifier));
4514	if (foundKext && foundKext->isLoaded()) {
4515	result = true;
4516	}
4517
4518	IORecursiveLockUnlock(lock: sKextLock);
4519
4520	return result;
4521	}
4522
4523	/*********************************************************************
4524	* xxx - should spawn a separate thread so a kext can safely have
4525	* xxx - itself unloaded.
4526	*********************************************************************/
4527	/ static /
4528	OSReturn
4529	OSKext::removeKext(
4530	OSKext * aKext,
4531	#if CONFIG_EMBEDDED
4532	__unused
4533	#endif
4534	bool terminateServicesAndRemovePersonalitiesFlag)
4535	{
4536	#if CONFIG_EMBEDDED
4537	if (!aKext->isDriverKit()) {
4538	OSKextLog(aKext,
4539	kOSKextLogErrorLevel \|
4540	kOSKextLogKextBookkeepingFlag,
4541	"removeKext() called for %s, only supported on embedded for DriverKit dexts",
4542	aKext->getIdentifier() ? aKext->getIdentifierCString() : "unknown kext");
4543
4544	return kOSReturnSuccess;
4545	}
4546	#endif /* CONFIG_EMBEDDED */
4547	OSReturn result = kOSKextReturnInUse;
4548	OSKext * checkKext = NULL; // do not release
4549	#if CONFIG_MACF
4550	int macCheckResult = `0`;
4551	kauth_cred_t cred = NULL;
4552	#endif
4553
4554	IORecursiveLockLock(lock: sKextLock);
4555
4556	/ If the kext has no identifier, it failed to init*
4557	* so isn't in sKextsByID and it isn't loaded.
4558	*/
4559	if (!aKext->getIdentifier()) {
4560	result = kOSReturnSuccess;
4561	goto finish;
4562	}
4563
4564	checkKext = OSDynamicCast(OSKext,
4565	sKextsByID ->getObject(aKext->getIdentifier()));
4566	if (checkKext != aKext) {
4567	result = kOSKextReturnNotFound;
4568	goto finish;
4569	}
4570
4571	if (aKext->isLoaded() \|\| aKext->isDriverKit()) {
4572	#if CONFIG_MACF
4573	if (current_task() != kernel_task) {
4574	cred = kauth_cred_get_with_ref();
4575	macCheckResult = mac_kext_check_unload(cred, identifier: aKext->getIdentifierCString());
4576	kauth_cred_unref(&cred);
4577	}
4578
4579	if (macCheckResult != `0`) {
4580	result = kOSReturnError;
4581	OSKextLog(aKext,
4582	kOSKextLogErrorLevel \|
4583	kOSKextLogKextBookkeepingFlag,
4584	format: "Failed to remove kext %s (MAC policy error 0x%x).",
4585	aKext->getIdentifierCString(), macCheckResult);
4586	goto finish;
4587	}
4588	#endif
4589
4590	/ make sure there are no resource requests in flight - 17187548 /
4591	if (aKext->declaresExecutable() && aKext->countRequestCallbacks()) {
4592	goto finish;
4593	}
4594	if (aKext->flags.unloadUnsupported) {
4595	result = kOSKextReturnInUse;
4596	OSKextLog(aKext,
4597	kOSKextLogErrorLevel \|
4598	kOSKextLogKextBookkeepingFlag,
4599	format: "Can't remove kext %s; unsupported by cache.",
4600	aKext->getIdentifierCString());
4601	goto finish;
4602	}
4603
4604	/ If we are terminating, send the request to the IOCatalogue*
4605	* (which will actually call us right back but that's ok we have
4606	* a recursive lock don't you know) but do not ask the IOCatalogue
4607	* to call back with an unload, we'll do that right here.
4608	*/
4609	if (terminateServicesAndRemovePersonalitiesFlag) {
4610	result = gIOCatalogue ->terminateDriversForModule(
4611	moduleName: aKext->getIdentifierCString(), / unload / false);
4612	if (result != kOSReturnSuccess) {
4613	OSKextLog(aKext,
4614	kOSKextLogErrorLevel \|
4615	kOSKextLogKextBookkeepingFlag,
4616	format: "Can't remove kext %s; services failed to terminate - 0x%x.",
4617	aKext->getIdentifierCString(), result);
4618	goto finish;
4619	}
4620	}
4621
4622	result = aKext->unload();
4623	if (result != kOSReturnSuccess) {
4624	OSKextLog(aKext,
4625	kOSKextLogErrorLevel \|
4626	kOSKextLogKextBookkeepingFlag,
4627	format: "Can't remove kext %s; kext failed to unload - 0x%x.",
4628	aKext->getIdentifierCString(), result);
4629	goto finish;
4630	}
4631	}
4632
4633	/ Remove personalities as requested. This is a bit redundant for a loaded*
4634	* kext as IOCatalogue::terminateDriversForModule() removes driver
4635	* personalities, but it doesn't restart matching, which we always want
4636	* coming from here, and OSKext::removePersonalitiesFromCatalog() ensures
4637	* that happens.
4638	*/
4639	if (terminateServicesAndRemovePersonalitiesFlag) {
4640	aKext->removePersonalitiesFromCatalog();
4641	}
4642
4643	if (aKext->isInFileset()) {
4644	OSKextLog(aKext,
4645	kOSKextLogProgressLevel \|
4646	kOSKextLogKextBookkeepingFlag,
4647	format: "Fileset kext %s unloaded.",
4648	aKext->getIdentifierCString());
4649	} else {
4650	OSKextLog(aKext,
4651	kOSKextLogProgressLevel \|
4652	kOSKextLogKextBookkeepingFlag,
4653	format: "Removing kext %s.",
4654	aKext->getIdentifierCString());
4655
4656	sKextsByID ->removeObject(aKey: aKext->getIdentifier());
4657	}
4658	result = kOSReturnSuccess;
4659
4660	finish:
4661	IORecursiveLockUnlock(lock: sKextLock);
4662	return result;
4663	}
4664
4665	/*********************************************************************
4666	*********************************************************************/
4667	/ static /
4668	OSReturn
4669	OSKext::removeKextWithIdentifier(
4670	const char * kextIdentifier,
4671	bool terminateServicesAndRemovePersonalitiesFlag)
4672	{
4673	OSReturn result = kOSReturnError;
4674
4675	IORecursiveLockLock(lock: sKextLock);
4676
4677	OSKext * aKext = OSDynamicCast(OSKext,
4678	sKextsByID ->getObject(kextIdentifier));
4679	if (!aKext) {
4680	result = kOSKextReturnNotFound;
4681	OSKextLog(/ kext / NULL,
4682	kOSKextLogErrorLevel \|
4683	kOSKextLogKextBookkeepingFlag,
4684	format: "Can't remove kext %s - not found.",
4685	kextIdentifier);
4686	goto finish;
4687	}
4688
4689	result = OSKext::removeKext(aKext,
4690	terminateServicesAndRemovePersonalitiesFlag);
4691
4692	finish:
4693	IORecursiveLockUnlock(lock: sKextLock);
4694
4695	return result;
4696	}
4697
4698	/*********************************************************************
4699	*********************************************************************/
4700	/ static /
4701	OSReturn
4702	OSKext::removeKextWithLoadTag(
4703	OSKextLoadTag loadTag,
4704	bool terminateServicesAndRemovePersonalitiesFlag)
4705	{
4706	OSReturn result = kOSReturnError;
4707	OSKext * foundKext = NULL;
4708	uint32_t i, j;
4709	OSArray *list[`2`] = {sLoadedKexts.get(), sLoadedDriverKitKexts.get()};
4710	uint32_t count[`2`] = {sLoadedKexts ->getCount(), sLoadedDriverKitKexts ->getCount()};
4711
4712
4713	IORecursiveLockLock(lock: sKextLock);
4714
4715	for (j = `0`; j < (sizeof(list) / sizeof(list[`0`])); j++) {
4716	for (i = `0`; i < count[j]; i++) {
4717	OSKext * thisKext = OSDynamicCast(OSKext, list[j]->getObject(i));
4718	if (thisKext->loadTag == loadTag) {
4719	foundKext = thisKext;
4720	break;
4721	}
4722	}
4723	}
4724
4725	if (!foundKext) {
4726	result = kOSKextReturnNotFound;
4727	OSKextLog(/ kext / NULL,
4728	kOSKextLogErrorLevel \|
4729	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
4730	format: "Can't remove kext with load tag %d - not found.",
4731	loadTag);
4732	goto finish;
4733	}
4734
4735	result = OSKext::removeKext(aKext: foundKext,
4736	terminateServicesAndRemovePersonalitiesFlag);
4737
4738	finish:
4739	IORecursiveLockUnlock(lock: sKextLock);
4740
4741	return result;
4742	}
4743
4744	/*********************************************************************
4745	*********************************************************************/
4746	OSSharedPtr<OSDictionary>
4747	OSKext::copyKexts(void)
4748	{
4749	OSSharedPtr<OSDictionary> result;
4750
4751	IORecursiveLockLock(lock: sKextLock);
4752	result = OSDynamicPtrCast<OSDictionary>(source: sKextsByID ->copyCollection());
4753	IORecursiveLockUnlock(lock: sKextLock);
4754
4755	return result;
4756	}
4757
4758	/*********************************************************************
4759	*********************************************************************/
4760	#define BOOTER_KEXT_PREFIX "Driver-"
4761
4762	typedef struct _DeviceTreeBuffer {
4763	uint32_t paddr;
4764	uint32_t length;
4765	} _DeviceTreeBuffer;
4766
4767	/*********************************************************************
4768	* Create a dictionary of excluded kexts from the given booter data.
4769	*********************************************************************/
4770	/ static /
4771	void
4772	OSKext::createExcludeListFromBooterData(
4773	OSDictionary * theDictionary,
4774	OSCollectionIterator * theIterator )
4775	{
4776	OSString * deviceTreeName = NULL; // do not release
4777	const _DeviceTreeBuffer * deviceTreeBuffer = NULL; // do not release
4778	char * booterDataPtr = NULL; // do not release
4779	_BooterKextFileInfo * kextFileInfo = NULL; // do not release
4780	char * infoDictAddr = NULL; // do not release
4781	OSSharedPtr<OSObject> parsedXML;
4782	OSDictionary * theInfoDict = NULL; // do not release
4783
4784	theIterator->reset();
4785
4786	/ look for AppleKextExcludeList.kext /
4787	while ((deviceTreeName =
4788	OSDynamicCast(OSString, theIterator->getNextObject()))) {
4789	const char * devTreeNameCString;
4790	OSData * deviceTreeEntry; // do not release
4791	OSString * myBundleID; // do not release
4792
4793	deviceTreeEntry =
4794	OSDynamicCast(OSData, theDictionary->getObject(deviceTreeName));
4795	if (!deviceTreeEntry) {
4796	continue;
4797	}
4798
4799	/ Make sure it is a kext /
4800	devTreeNameCString = deviceTreeName->getCStringNoCopy();
4801	if (strncmp(s1: devTreeNameCString, BOOTER_KEXT_PREFIX,
4802	n: (sizeof(BOOTER_KEXT_PREFIX) - `1`)) != `0`) {
4803	OSKextLog(NULL,
4804	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
4805	format: "\"%s\" not a kext",
4806	devTreeNameCString);
4807	continue;
4808	}
4809
4810	deviceTreeBuffer = (const _DeviceTreeBuffer *)
4811	deviceTreeEntry->getBytesNoCopy(start: `0`, numBytes: sizeof(deviceTreeBuffer));
4812	if (!deviceTreeBuffer) {
4813	continue;
4814	}
4815
4816	booterDataPtr = (char *)ml_static_ptovirt(deviceTreeBuffer->paddr);
4817	if (!booterDataPtr) {
4818	continue;
4819	}
4820
4821	kextFileInfo = (_BooterKextFileInfo *) booterDataPtr;
4822	if (!kextFileInfo->infoDictPhysAddr \|\|
4823	!kextFileInfo->infoDictLength) {
4824	continue;
4825	}
4826
4827	infoDictAddr = (char *)
4828	ml_static_ptovirt(kextFileInfo->infoDictPhysAddr);
4829	if (!infoDictAddr) {
4830	continue;
4831	}
4832
4833	parsedXML = OSUnserializeXML(buffer: infoDictAddr);
4834	if (!parsedXML) {
4835	continue;
4836	}
4837
4838	theInfoDict = OSDynamicCast(OSDictionary, parsedXML.get());
4839	if (!theInfoDict) {
4840	continue;
4841	}
4842
4843	myBundleID =
4844	OSDynamicCast(OSString,
4845	theInfoDict->getObject(kCFBundleIdentifierKey));
4846	if (myBundleID &&
4847	strcmp( s1: myBundleID->getCStringNoCopy(), kIOExcludeListBundleID ) == `0`) {
4848	boolean_t updated = updateExcludeList(infoDict: theInfoDict);
4849	if (!updated) {
4850	/ 25322874 /
4851	panic("Missing OSKextExcludeList dictionary");
4852	}
4853	break;
4854	}
4855	} // while ( (deviceTreeName = ...) )
4856
4857	return;
4858	}
4859
4860	/*********************************************************************
4861	* Create a dictionary of excluded kexts from the given prelink
4862	* info (kernelcache).
4863	*********************************************************************/
4864	/ static /
4865	void
4866	OSKext::createExcludeListFromPrelinkInfo( OSArray * theInfoArray )
4867	{
4868	OSDictionary * myInfoDict = NULL; // do not release
4869	OSString * myBundleID; // do not release
4870	u_int i;
4871
4872	/ Find the Apple Kext Exclude List. /
4873	for (i = `0`; i < theInfoArray->getCount(); i++) {
4874	myInfoDict = OSDynamicCast(OSDictionary, theInfoArray->getObject(i));
4875	if (!myInfoDict) {
4876	continue;
4877	}
4878	myBundleID =
4879	OSDynamicCast(OSString,
4880	myInfoDict->getObject(kCFBundleIdentifierKey));
4881	if (myBundleID &&
4882	strcmp( s1: myBundleID->getCStringNoCopy(), kIOExcludeListBundleID ) == `0`) {
4883	boolean_t updated = updateExcludeList(infoDict: myInfoDict);
4884	if (!updated) {
4885	/ 25322874 /
4886	panic("Missing OSKextExcludeList dictionary");
4887	}
4888	break;
4889	}
4890	} // for (i = 0; i < theInfoArray->getCount()...
4891
4892	return;
4893	}
4894
4895	/ static /
4896	boolean_t
4897	OSKext::updateExcludeList(OSDictionary *infoDict)
4898	{
4899	OSDictionary myTempDict = NULL; // do not free*
4900	OSString myTempString = NULL; // do not free*
4901	OSKextVersion newVersion = `0`;
4902	boolean_t updated = false;
4903
4904	if (!infoDict) {
4905	return false;
4906	}
4907
4908	myTempDict = OSDynamicCast(OSDictionary, infoDict->getObject("OSKextExcludeList"));
4909	if (!myTempDict) {
4910	return false;
4911	}
4912
4913	myTempString = OSDynamicCast(OSString, infoDict->getObject(kCFBundleVersionKey));
4914	if (!myTempString) {
4915	return false;
4916	}
4917
4918	newVersion = OSKextParseVersionString(versionString: myTempString->getCStringNoCopy());
4919	if (newVersion == `0`) {
4920	return false;
4921	}
4922
4923	IORecursiveLockLock(lock: sKextLock);
4924
4925	if (newVersion > sExcludeListVersion) {
4926	sExcludeListByID = OSDictionary::withDictionary(dict: myTempDict, capacity: `0`);
4927	sExcludeListVersion = newVersion;
4928	updated = true;
4929	}
4930
4931	IORecursiveLockUnlock(lock: sKextLock);
4932	return updated;
4933	}
4934
4935	#if PRAGMA_MARK
4936	#pragma mark Accessors
4937	#endif
4938
4939	/*********************************************************************
4940	*********************************************************************/
4941	const OSObject *
4942	OSKext::getBundleExecutable(void)
4943	{
4944	return infoDict ->getObject(kCFBundleExecutableKey);
4945	}
4946
4947	/*********************************************************************
4948	*********************************************************************/
4949	const OSSymbol *
4950	OSKext::getIdentifier(void)
4951	{
4952	return bundleID.get();
4953	}
4954
4955	/*********************************************************************
4956	* A kext must have a bundle identifier to even survive initialization;
4957	* this is guaranteed to exist past then.
4958	*********************************************************************/
4959	const char *
4960	OSKext::getIdentifierCString(void)
4961	{
4962	return bundleID ->getCStringNoCopy();
4963	}
4964
4965	/*********************************************************************
4966	*********************************************************************/
4967	OSKextVersion
4968	OSKext::getVersion(void)
4969	{
4970	return version;
4971	}
4972
4973	/*********************************************************************
4974	*********************************************************************/
4975	OSKextVersion
4976	OSKext::getCompatibleVersion(void)
4977	{
4978	return compatibleVersion;
4979	}
4980
4981	/*********************************************************************
4982	*********************************************************************/
4983	bool
4984	OSKext::isLibrary(void)
4985	{
4986	return getCompatibleVersion() > `0`;
4987	}
4988
4989	/*********************************************************************
4990	*********************************************************************/
4991	bool
4992	OSKext::isCompatibleWithVersion(OSKextVersion aVersion)
4993	{
4994	if ((compatibleVersion > -`1` && version > -`1`) &&
4995	(compatibleVersion <= version && aVersion <= version)) {
4996	return true;
4997	}
4998	return false;
4999	}
5000
5001	/*********************************************************************
5002	*********************************************************************/
5003	bool
5004	OSKext::declaresExecutable(void)
5005	{
5006	if (isDriverKit()) {
5007	return false;
5008	}
5009	return getPropertyForHostArch(kCFBundleExecutableKey) != NULL;
5010	}
5011
5012	/*********************************************************************
5013	*********************************************************************/
5014	OSData *
5015	OSKext::getExecutable(void)
5016	{
5017	OSData * result = NULL;
5018	OSSharedPtr<OSData> extractedExecutable;
5019
5020	if (flags.builtin) {
5021	return sKernelKext->linkedExecutable.get();
5022	}
5023
5024	result = OSDynamicCast(OSData, infoDict ->getObject(_kOSKextExecutableKey));
5025	if (result) {
5026	return result;
5027	}
5028
5029	#if CONFIG_KXLD
5030	OSData * mkextExecutableRef = NULL; // do not release
5031	mkextExecutableRef = OSDynamicCast(OSData,
5032	getPropertyForHostArch(_kOSKextMkextExecutableReferenceKey));
5033
5034	if (mkextExecutableRef) {
5035	MkextEntryRef * mkextEntryRef = (MkextEntryRef *)
5036	mkextExecutableRef->getBytesNoCopy();
5037	uint32_t mkextVersion = MKEXT_GET_VERSION(mkextEntryRef->mkext);
5038	if (mkextVersion == MKEXT_VERS_2) {
5039	mkext2_file_entry * fileinfo =
5040	(mkext2_file_entry *)mkextEntryRef->fileinfo;
5041	uint32_t compressedSize = MKEXT2_GET_ENTRY_COMPSIZE(fileinfo);
5042	uint32_t fullSize = MKEXT2_GET_ENTRY_FULLSIZE(fileinfo);
5043	extractedExecutable = extractMkext2FileData(
5044	MKEXT2_GET_ENTRY_DATA(fileinfo), "executable",
5045	compressedSize, fullSize);
5046	} else {
5047	OSKextLog(this, kOSKextLogErrorLevel \|
5048	kOSKextLogArchiveFlag,
5049	"Kext %s - unknown mkext version 0x%x for executable.",
5050	getIdentifierCString(), mkextVersion);
5051	}
5052
5053	/ Regardless of success, remove the mkext executable,*
5054	* and drop one reference on the mkext. (setExecutable() does not
5055	* replace, it removes, or panics if asked to replace.)
5056	*/
5057	infoDict->removeObject(_kOSKextMkextExecutableReferenceKey);
5058	infoDict->removeObject(_kOSKextExecutableExternalDataKey);
5059
5060	if (extractedExecutable && extractedExecutable->getLength()) {
5061	if (!setExecutable(extractedExecutable.get())) {
5062	goto finish;
5063	}
5064	result = extractedExecutable.get();
5065	} else {
5066	goto finish;
5067	}
5068	}
5069
5070	finish:
5071	#endif // CONFIG_KXLD
5072	return result;
5073	}
5074
5075	/*********************************************************************
5076	*********************************************************************/
5077	bool
5078	OSKext::isInterface(void)
5079	{
5080	return flags.interface;
5081	}
5082
5083	/*********************************************************************
5084	*********************************************************************/
5085	bool
5086	OSKext::isKernel(void)
5087	{
5088	return this == sKernelKext;
5089	}
5090
5091	/*********************************************************************
5092	*********************************************************************/
5093	bool
5094	OSKext::isKernelComponent(void)
5095	{
5096	return flags.kernelComponent ? true : false;
5097	}
5098
5099	/*********************************************************************
5100	*********************************************************************/
5101	bool
5102	OSKext::isExecutable(void)
5103	{
5104	return !isKernel() && !isInterface() && declaresExecutable();
5105	}
5106
5107	/*********************************************************************
5108	*********************************************************************/
5109	bool
5110	OSKext::isSpecialKernelBinary(void)
5111	{
5112	#if CONFIG_SPTM
5113	return (this->kmod_info) &&
5114	((this->kmod_info->id == kOSKextSPTMLoadTag) \|\|
5115	(this->kmod_info->id == kOSKextTXMLoadTag));
5116	#else
5117	return false;
5118	#endif
5119	}
5120
5121	/*********************************************************************
5122	* We might want to check this recursively for all dependencies,
5123	* since a subtree of dependencies could get loaded before we hit
5124	* a dependency that isn't safe-boot-loadable.
5125	*
5126	* xxx - Might want to return false if OSBundleEnableKextLogging or
5127	* OSBundleDebugLevel
5128	* or IOKitDebug is nonzero too (we used to do that, but I don't see
5129	* the point except it's usually development drivers, which might
5130	* cause panics on startup, that have those properties). Heh; could
5131	* use a "kx" boot-arg!
5132	*********************************************************************/
5133	bool
5134	OSKext::isLoadableInSafeBoot(void)
5135	{
5136	bool result = false;
5137	OSString * required = NULL; // do not release
5138
5139	if (isKernel()) {
5140	result = true;
5141	goto finish;
5142	}
5143
5144	if (isDriverKit()) {
5145	result = true;
5146	goto finish;
5147	}
5148
5149	required = OSDynamicCast(OSString,
5150	getPropertyForHostArch(kOSBundleRequiredKey));
5151	if (!required) {
5152	goto finish;
5153	}
5154	if (required->isEqualTo(kOSBundleRequiredRoot) \|\|
5155	required->isEqualTo(kOSBundleRequiredLocalRoot) \|\|
5156	required->isEqualTo(kOSBundleRequiredNetworkRoot) \|\|
5157	required->isEqualTo(kOSBundleRequiredSafeBoot) \|\|
5158	required->isEqualTo(kOSBundleRequiredConsole)) {
5159	result = true;
5160	}
5161
5162	finish:
5163	return result;
5164	}
5165
5166	/*********************************************************************
5167	*********************************************************************/
5168	bool
5169	OSKext::isPrelinked(void)
5170	{
5171	return flags.prelinked ? true : false;
5172	}
5173
5174	/*********************************************************************
5175	*********************************************************************/
5176	bool
5177	OSKext::isLoaded(void)
5178	{
5179	return flags.loaded ? true : false;
5180	}
5181
5182	/*********************************************************************
5183	*********************************************************************/
5184	bool
5185	OSKext::isStarted(void)
5186	{
5187	return flags.started ? true : false;
5188	}
5189
5190	/*********************************************************************
5191	*********************************************************************/
5192	bool
5193	OSKext::isCPPInitialized(void)
5194	{
5195	return flags.CPPInitialized;
5196	}
5197
5198	/*********************************************************************
5199	*********************************************************************/
5200	void
5201	OSKext::setCPPInitialized(bool initialized)
5202	{
5203	flags.CPPInitialized = initialized;
5204	}
5205
5206	/*********************************************************************
5207	*********************************************************************/
5208	uint32_t
5209	OSKext::getLoadTag(void)
5210	{
5211	return loadTag;
5212	}
5213
5214	/*********************************************************************
5215	*********************************************************************/
5216	void
5217	OSKext::getSizeInfo(uint32_t loadSize, uint32_t wiredSize)
5218	{
5219	if (linkedExecutable) {
5220	*loadSize = linkedExecutable ->getLength();
5221
5222	/ If we have a kmod_info struct, calculated the wired size*
5223	* from that. Otherwise it's the full load size.
5224	*/
5225	if (kmod_info) {
5226	wiredSize = loadSize - (uint32_t)kmod_info->hdr_size;
5227	} else {
5228	wiredSize = loadSize;
5229	}
5230	} else {
5231	*wiredSize = `0`;
5232	*loadSize = `0`;
5233	}
5234	}
5235
5236	/*********************************************************************
5237	*********************************************************************/
5238	OSSharedPtr<OSData>
5239	OSKext::copyUUID(void)
5240	{
5241	OSSharedPtr<OSData> result;
5242	OSData * theExecutable = NULL; // do not release
5243	const kernel_mach_header_t * header;
5244
5245	/ An interface kext doesn't have a linked executable with an LC_UUID,*
5246	* we create one when it's linked.
5247	*/
5248	if (interfaceUUID) {
5249	result = interfaceUUID;
5250	goto finish;
5251	}
5252
5253	if (flags.builtin \|\| isInterface()) {
5254	return sKernelKext->copyUUID();
5255	}
5256
5257	if (isDriverKit() && infoDict) {
5258	return driverKitUUID;
5259	}
5260
5261	/ For real kexts, try to get the UUID from the linked executable,*
5262	* or if is hasn't been linked yet, the unrelocated executable.
5263	*/
5264	theExecutable = linkedExecutable.get();
5265	if (!theExecutable) {
5266	theExecutable = getExecutable();
5267	}
5268
5269	if (!theExecutable) {
5270	goto finish;
5271	}
5272
5273	header = (const kernel_mach_header_t *)theExecutable->getBytesNoCopy();
5274	result = copyMachoUUID(header);
5275
5276	finish:
5277	return result;
5278	}
5279
5280	/*********************************************************************
5281	*********************************************************************/
5282	OSSharedPtr<OSData>
5283	OSKext::copyTextUUID(void)
5284	{
5285	if (flags.builtin) {
5286	return copyMachoUUID(header: (const kernel_mach_header_t *)kmod_info->address);
5287	}
5288	return copyUUID();
5289	}
5290
5291	/*********************************************************************
5292	*********************************************************************/
5293	OSSharedPtr<OSData>
5294	OSKext::copyMachoUUID(const kernel_mach_header_t * header)
5295	{
5296	OSSharedPtr<OSData> result;
5297	const struct load_command * load_cmd = NULL;
5298	const struct uuid_command * uuid_cmd = NULL;
5299	uint32_t i;
5300
5301	load_cmd = (const struct load_command *)&header[`1`];
5302
5303	if (header->magic != MH_MAGIC_KERNEL) {
5304	OSKextLog(NULL,
5305	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
5306	format: "%s: bad header %p",
5307	__func__,
5308	header);
5309	goto finish;
5310	}
5311
5312	for (i = `0`; i < header->ncmds; i++) {
5313	if (load_cmd->cmd == LC_UUID) {
5314	uuid_cmd = (struct uuid_command *)load_cmd;
5315	result = OSData::withValue(value: uuid_cmd->uuid);
5316	goto finish;
5317	}
5318	load_cmd = (struct load_command *)((caddr_t)load_cmd + load_cmd->cmdsize);
5319	}
5320
5321	finish:
5322	return result;
5323	}
5324
5325	void
5326	OSKext::setDriverKitUUID(OSData *uuid)
5327	{
5328	if (!OSCompareAndSwapPtr(nullptr, uuid, &driverKitUUID)) {
5329	OSSafeReleaseNULL(uuid);
5330	}
5331	}
5332
5333	OSData *
5334	OSKext::getDextUniqueID(void)
5335	{
5336	if (isDriverKit() && dextUniqueID != NULL) {
5337	return dextUniqueID.get();
5338	}
5339
5340	return NULL;
5341	}
5342
5343	/*
5344	* In case a DextUniqueID exists this function returns
5345	* an allocated char* with the hexadecimal represantition of
5346	* DextUniqueID.
5347	* The returned pinter needs to be freed with kfree_data, the
5348	* size of the allocated buffer is returned in size.
5349	*/
5350	static const char *
5351	getDextUniqueIDCString(OSData dextUniqueID, unsigned* int *size)
5352	{
5353	if (dextUniqueID != NULL) {
5354	char *s_buffer = NULL;
5355	unsigned int d_length = dextUniqueID->getLength();
5356	/*
5357	* We are converting in hex, so for every byte we will have
5358	* 2 hex chars and one last \0.
5359	*/
5360	unsigned int s_length = d_length * `2` + `1`;
5361	s_buffer = (char *) kalloc_data(s_length, Z_WAITOK_ZERO);
5362
5363	char uid = (char**) dextUniqueID->getBytesNoCopy();
5364	int cpos = `0`;
5365	for (unsigned int i = `0`; i < d_length && cpos < (s_length - `1`); i++) {
5366	int ret = snprintf(s_buffer + cpos, count: s_length - cpos - `1`, "%02X", uid[i]);
5367	if (ret <= `0`) {
5368	break;
5369	}
5370	cpos += ret;
5371	}
5372	*size = s_length;
5373
5374	return s_buffer;
5375	}
5376
5377	return NULL;
5378	}
5379
5380	/*
5381	* Atomically swaps the olddext with newdext.
5382	* olddext will be unloaded, so it might be freed
5383	* after this call unless it was previously retained.
5384	*
5385	* If newdext is NULL, this unloads olddext and does not perform an upgrade
5386	*/
5387	void
5388	OSKext::replaceDextInternal(OSKext olddext, OSKext newdext)
5389	{
5390	OSReturn result;
5391	const OSSymbol * dextID = olddext->getIdentifier();
5392	OSData * oldDextUniqueIdentifier = olddext->getDextUniqueID();
5393	OSSharedPtr<OSArray> new_personalities;
5394	OSSharedPtr<OSString> kextIdentifier;
5395	__assert_only bool lock_held = IORecursiveLockHaveLock(lock: sKextLock);
5396	assert(lock_held);
5397
5398	// The old dext will be unloaded and release dextID, so we need to retain dextID here
5399	dextID->retain();
5400
5401	if (newdext != NULL) {
5402	__assert_only bool eq = dextID->isEqualTo(aSymbol: newdext->getIdentifier());
5403	assert(eq);
5404	}
5405
5406	if (newdext != NULL) {
5407	/*
5408	* Swap the catalog personalities.
5409	*/
5410	new_personalities = newdext->copyPersonalitiesArray();
5411	olddext->updatePersonalitiesInCatalog(upgradedPersonalities: new_personalities.get());
5412	}
5413
5414	if (NULL != oldDextUniqueIdentifier) {
5415	oldDextUniqueIdentifier->retain();
5416	}
5417
5418	/*
5419	* Unload the dext.
5420	*/
5421	result = olddext->unload();
5422	if (result != kOSReturnSuccess) {
5423	OSKextLog(NULL,
5424	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5425	format: "Cannot unload dext for upgrade %s: %d\n",
5426	dextID->getCStringNoCopy(), result);
5427	}
5428
5429	if (newdext != NULL) {
5430	/*
5431	* Swap the dexts on the OSKext dictionary.
5432	* This might free the dext.
5433	*/
5434	sKextsByID ->setObject(aKey: dextID, anObject: newdext);
5435	} else {
5436	/*
5437	* Remove the old dext
5438	*/
5439	removeKext(aKext: olddext, terminateServicesAndRemovePersonalitiesFlag: true);
5440	}
5441
5442	/*
5443	* Inform userspace.
5444	*/
5445	if (newdext != NULL) {
5446	result = notifyDextUpgrade(OSDynamicCast(OSString, dextID), dextUniqueIdentifier: newdext->getDextUniqueID());
5447	if (result != kOSReturnSuccess) {
5448	OSKextLog(NULL,
5449	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5450	format: "Cannot send upgrade notification for %s\n",
5451	dextID->getCStringNoCopy());
5452	}
5453	} else {
5454	// notify dext removal
5455	queueKextNotification(kKextRequestPredicateUnloadNotification,
5456	OSDynamicCast(OSString, dextID), dextUniqueIdentifier: oldDextUniqueIdentifier);
5457	}
5458
5459	OSSafeReleaseNULL(dextID);
5460	OSSafeReleaseNULL(oldDextUniqueIdentifier);
5461	}
5462
5463	/*
5464	* To be called with sKextLock held.
5465	* NOTE: this could unload the olddext.
5466	*/
5467	bool
5468	OSKext::upgradeDext(OSKext olddext, OSKext newdext)
5469	{
5470	const char * dextIDCS = newdext->getIdentifierCString();
5471	__assert_only bool old_isDext = olddext->isDriverKit();
5472	__assert_only bool new_isDext = newdext->isDriverKit();
5473	__assert_only bool lock_held = IORecursiveLockHaveLock(lock: sKextLock);
5474
5475	assert(old_isDext && new_isDext);
5476	assert(lock_held);
5477
5478	/*
5479	* New dext and old dext have the same ID.
5480	* We use this ID as key on the OSKext
5481	* dictionarys/arrays.
5482	*/
5483	const OSSymbol * dextID = newdext->getIdentifier();
5484	__assert_only bool eq = dextID->isEqualTo(aSymbol: olddext->getIdentifier());
5485	assert(eq);
5486
5487	/*
5488	* Set this OSKect as to update.
5489	* Note that this flags will never be removed once set.
5490	* When a OSKext is marked, it will be substitued by a new
5491	* OSKext, and every subsystem having a reference on this
5492	* OSKext need to know they have check if they can use
5493	* this OSKext or look for a new one.
5494	*/
5495	olddext->flags.dextToReplace = `1`;
5496
5497	/*
5498	* Check if the current OSKext has any
5499	* userspace processes launched.
5500	* In this case we cannot upgrade and we have to
5501	* delay the upgrade until all processes
5502	* are done.
5503	*/
5504	if (olddext->dextLaunchedCount == `0`) {
5505	/*
5506	* Be sure that if there are no launched dexts, no
5507	* pending upgrades exist.
5508	* This is an error if it happens, as the decrement
5509	* should have removed the dext from sDriverKitToUpgradeByID
5510	* in case it reached 0.
5511	*/
5512	OSObject *pending_upgdare = sDriverKitToUpgradeByID ->getObject(aKey: dextID);
5513	if (pending_upgdare != NULL) {
5514	OSKextLog(NULL,
5515	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5516	format: "Pending upgrade found for %s but dextLaunchedCount is 0!\n",
5517	dextIDCS);
5518	goto out;
5519	}
5520
5521	replaceDextInternal(olddext, newdext);
5522	return true;
5523	}
5524
5525	out:
5526
5527	/*
5528	* Delay the upgrade.
5529	* Make the new dext available in sDriverKitToUpgradeByID.
5530	* In case there was already a pending upgrade, this will
5531	* overwrite it.
5532	*/
5533	sDriverKitToUpgradeByID ->setObject(aKey: dextID, anObject: newdext);
5534	return false;
5535	}
5536
5537	/*
5538	* To be called with sKextLock held.
5539	* NOTE: this could unload the dext.
5540	*/
5541	bool
5542	OSKext::removeDext(OSKext *dext)
5543	{
5544	__assert_only bool dext_isDext = dext->isDriverKit();
5545	__assert_only bool lock_held = IORecursiveLockHaveLock(lock: sKextLock);
5546	IOReturn result;
5547
5548	assert(dext_isDext);
5549	assert(lock_held);
5550
5551	/*
5552	* Set this OSKext to be unloaded when all running instances exit.
5553	*/
5554	dext->flags.dextToReplace = `1`;
5555
5556	result = gIOCatalogue ->terminateDriversForModule(
5557	moduleName: dext->getIdentifierCString(), / unload / false, / asynchronous / true);
5558	if (result != kOSReturnSuccess) {
5559	OSKextLog(aKext: dext,
5560	kOSKextLogErrorLevel \|
5561	kOSKextLogKextBookkeepingFlag,
5562	format: "%s services failed to terminate - 0x%x.",
5563	dext->getIdentifierCString(), result);
5564	}
5565
5566	dext->removePersonalitiesFromCatalog();
5567	sDriverKitToUpgradeByID ->removeObject(aKey: dext->getIdentifier());
5568
5569	/*
5570	* Check if the current OSKext has any
5571	* userspace processes launched.
5572	* In this case we cannot unload and we have to
5573	* delay the unload until all processes
5574	* are done.
5575	*/
5576	if (dext->dextLaunchedCount == `0`) {
5577	replaceDextInternal(olddext: dext, NULL);
5578	return true;
5579	}
5580
5581	return false;
5582	}
5583
5584	bool
5585	OSKext::incrementDextLaunchCount(OSKext dext, OSData dextUniqueIDToMatch)
5586	{
5587	bool ret = false;
5588	__assert_only bool isDext = dext->isDriverKit();
5589	assert(isDext);
5590
5591	const char * dextIDCS = dext->getIdentifierCString();
5592	OSData *myDextUniqueID = dext->getDextUniqueID();
5593
5594	if (!myDextUniqueID \|\| !dextUniqueIDToMatch) {
5595	OSKextLog(aKext: dext,
5596	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5597	format: "Cannot find dext UniqueID for %s, cannot increment dext launches\n",
5598	dextIDCS);
5599	return ret;
5600	}
5601
5602	unsigned int dextUniqueIDCStringSize = `0`, dextUniqueIDToMatchCStringSize = `0`;
5603	const char *dextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: myDextUniqueID, size: &dextUniqueIDCStringSize);
5604	const char *dextUniqueIDToMatchCString = getDextUniqueIDCString(dextUniqueID: dextUniqueIDToMatch, size: &dextUniqueIDToMatchCStringSize);
5605	assert(dextUniqueIDCString != NULL);
5606	assert(dextUniqueIDToMatchCString != NULL);
5607
5608	IORecursiveLockLock(lock: sKextLock);
5609
5610	/*
5611	* Check that the dext we are referencing is the same
5612	* looked for the match.
5613	*/
5614	if (myDextUniqueID->isEqualTo(aDataObj: dextUniqueIDToMatch)) {
5615	if (dext->flags.dextToReplace == `0` \|\| dext->dextLaunchedCount > `0`) {
5616	if (dext->dextLaunchedCount == kOSKextMaxDextLaunchedCount) {
5617	OSKextLog(aKext: dext,
5618	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5619	format: "Too many dexts launched for %s UniqueID %s\n",
5620	dextIDCS, dextUniqueIDCString);
5621	} else {
5622	dext->dextLaunchedCount++;
5623	ret = true;
5624
5625	OSKextLog(aKext: dext,
5626	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5627	format: "New dext launched for %s UniqueID %s",
5628	dextIDCS, dextUniqueIDCString);
5629	}
5630	} else {
5631	OSKextLog(aKext: dext,
5632	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5633	format: "Dext %s UniqueID %s requires update, cannot launch a new dext\n",
5634	dextIDCS, dextUniqueIDCString);
5635	}
5636	} else {
5637	OSKextLog(aKext: dext,
5638	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5639	format: "Dext %s: UniqueID %s does not match UniqueID looked for %s, cannot launch a new dext\n",
5640	dextIDCS, dextUniqueIDCString, dextUniqueIDToMatchCString);
5641	}
5642
5643	IORecursiveLockUnlock(lock: sKextLock);
5644
5645	if (dextUniqueIDCString != NULL) {
5646	kfree_data(dextUniqueIDCString, dextUniqueIDCStringSize);
5647	}
5648	if (dextUniqueIDToMatchCString != NULL) {
5649	kfree_data(dextUniqueIDToMatchCString, dextUniqueIDToMatchCStringSize);
5650	}
5651	return ret;
5652	}
5653
5654	bool
5655	OSKext::decrementDextLaunchCount(OSString *bundleID)
5656	{
5657	bool ret = false;
5658	const char * dextIDCS;
5659	OSData *myDextUniqueID;
5660	unsigned int dextUniqueIDCStringSize = `0`;
5661	const char * dextUniqueIDCString = NULL;
5662	OSKext* dext = NULL;
5663
5664	if (!bundleID) {
5665	return ret;
5666	}
5667	dextIDCS = bundleID->getCStringNoCopy();
5668
5669	IORecursiveLockLock(lock: sKextLock);
5670
5671	/*
5672	* Look for the dext with the bundle it. This
5673	* call is triggered only if a previous increment was
5674	* performed. It means that the dext could have not
5675	* been upgraded as its dextLaunchedCount was at least 1.
5676	* Because of this it still needs to be available
5677	* in sKextsByID.
5678	*/
5679	dext = OSDynamicCast(OSKext, sKextsByID ->getObject(dextIDCS));
5680	if (!dext \|\| !dext->isDriverKit()) {
5681	OSKextLog(NULL,
5682	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5683	format: "Cannot find dext for %s, cannot decrement dext launches\n",
5684	dextIDCS);
5685
5686	goto out_locked;
5687	}
5688
5689	myDextUniqueID = dext->getDextUniqueID();
5690	if (!myDextUniqueID) {
5691	OSKextLog(aKext: dext,
5692	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5693	format: "Cannot find dext UniqueID for %s, cannot decrement dext launches\n",
5694	dextIDCS);
5695
5696	goto out_locked;
5697	}
5698	dextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: myDextUniqueID, size: &dextUniqueIDCStringSize);
5699	assert(dextUniqueIDCString != NULL);
5700
5701	if (dext->dextLaunchedCount == `0`) {
5702	OSKextLog(aKext: dext,
5703	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
5704	format: "Over decrementing dext launch for %s UniqueID %s\n",
5705	dextIDCS, dextUniqueIDCString);
5706
5707	goto out_locked;
5708	}
5709
5710	dext->dextLaunchedCount--;
5711
5712	OSKextLog(aKext: dext,
5713	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5714	format: "Dext terminated for %s UniqueID %s",
5715	dextIDCS, dextUniqueIDCString);
5716
5717	if (dext->dextLaunchedCount == `0` && dext->flags.dextToReplace == `1`) {
5718	/*
5719	* Find the upgraded dext.
5720	*/
5721	OSKext *newdext = OSDynamicCast(OSKext, sDriverKitToUpgradeByID ->getObject(dextIDCS));
5722	if (newdext) {
5723	OSKextLog(aKext: dext,
5724	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5725	format: "Dext upgrade for %s UniqueID %s",
5726	dextIDCS, dextUniqueIDCString);
5727	replaceDextInternal(olddext: dext, newdext);
5728	/ NOTE dext could have been freed past this point /
5729
5730	sDriverKitToUpgradeByID ->removeObject(aKey: dextIDCS);
5731	} else {
5732	OSKextLog(aKext: dext,
5733	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
5734	format: "Dext unload for %s UniqueID %s",
5735	dextIDCS, dextUniqueIDCString);
5736	replaceDextInternal(olddext: dext, NULL);
5737	}
5738
5739	ret = true;
5740	}
5741	out_locked:
5742	IORecursiveLockUnlock(lock: sKextLock);
5743
5744	if (dextUniqueIDCString != NULL) {
5745	kfree_data(dextUniqueIDCString, dextUniqueIDCStringSize);
5746	}
5747
5748	return ret;
5749	}
5750
5751	/*********************************************************************
5752	*********************************************************************/
5753	#if defined (__arm__)
5754	#include <arm/arch.h>
5755	#endif
5756
5757	#if defined (__x86_64__)
5758	#define ARCHNAME "x86_64"
5759	#elif defined (__arm64__)
5760	#define ARCHNAME "arm64"
5761	#elif defined (__arm__)
5762
5763	#if defined (__ARM_ARCH_7S__)
5764	#define ARCHNAME "armv7s"
5765	#elif defined (__ARM_ARCH_7F__)
5766	#define ARCHNAME "armv7f"
5767	#elif defined (__ARM_ARCH_7K__)
5768	#define ARCHNAME "armv7k"
5769	#elif defined (_ARM_ARCH_7) /* umbrella for all remaining */
5770	#define ARCHNAME "armv7"
5771	#elif defined (_ARM_ARCH_6) /* umbrella for all armv6 */
5772	#define ARCHNAME "armv6"
5773	#endif
5774
5775	#elif defined (__arm64__)
5776	#define ARCHNAME "arm64"
5777	#else
5778	#error architecture not supported
5779	#endif
5780
5781	#define ARCH_SEPARATOR_CHAR '_'
5782
5783	static char *
5784	makeHostArchKey(const char * key, size_t * keySizeOut)
5785	{
5786	char * result = NULL;
5787	size_t keyLength = strlen(s: key);
5788	size_t keySize;
5789
5790	/ Add 1 for the ARCH_SEPARATOR_CHAR, and 1 for the '\0'.*
5791	*/
5792	keySize = `1` + `1` + keyLength + strlen(ARCHNAME);
5793	result = (char *)kalloc_data_tag(keySize, Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
5794
5795	if (!result) {
5796	goto finish;
5797	}
5798	strlcpy(dst: result, src: key, n: keySize);
5799	result[keyLength++] = ARCH_SEPARATOR_CHAR;
5800	result[keyLength] = `'\0'`;
5801	strlcat(dst: result, ARCHNAME, n: keySize);
5802	*keySizeOut = keySize;
5803
5804	finish:
5805	return result;
5806	}
5807
5808	/*********************************************************************
5809	*********************************************************************/
5810	OSObject *
5811	OSKext::getPropertyForHostArch(const char * key)
5812	{
5813	OSObject * result = NULL;// do not release
5814	size_t hostArchKeySize = `0`;
5815	char * hostArchKey = NULL;// must kfree
5816
5817	if (!key \|\| !infoDict) {
5818	goto finish;
5819	}
5820
5821	/ Some properties are not allowed to be arch-variant:*
5822	* - Any CFBundle... property.
5823	* - OSBundleIsInterface.
5824	* - OSKernelResource.
5825	*/
5826	if (STRING_HAS_PREFIX(key, "OS") \|\|
5827	STRING_HAS_PREFIX(key, "IO")) {
5828	hostArchKey = makeHostArchKey(key, keySizeOut: &hostArchKeySize);
5829	if (!hostArchKey) {
5830	OSKextLog(/ kext (this isn't about a kext) / NULL,
5831	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
5832	format: "Allocation failure.");
5833	goto finish;
5834	}
5835	result = infoDict ->getObject(aKey: hostArchKey);
5836	}
5837
5838	if (!result) {
5839	result = infoDict ->getObject(aKey: key);
5840	}
5841
5842	finish:
5843	if (hostArchKey) {
5844	kfree_data(hostArchKey, hostArchKeySize);
5845	}
5846	return result;
5847	}
5848
5849	#if PRAGMA_MARK
5850	#pragma mark Load/Start/Stop/Unload
5851	#endif
5852
5853	#define isWhiteSpace(c) ((c) == ' ' \|\| (c) == '\t' \|\| (c) == '\r' \|\| (c) == ',' \|\| (c) == '\n')
5854
5855	/*********************************************************************
5856	* sExcludeListByID is a dictionary with keys / values of:
5857	* key = bundleID string of kext we will not allow to load
5858	* value = version string(s) of the kext that is to be denied loading.
5859	* The version strings can be comma delimited. For example if kext
5860	* com.foocompany.fookext has two versions that we want to deny
5861	* loading then the version strings might look like:
5862	* 1.0.0, 1.0.1
5863	* If the current fookext has a version of 1.0.0 OR 1.0.1 we will
5864	* not load the kext.
5865	*
5866	* Value may also be in the form of "LE 2.0.0" (version numbers
5867	* less than or equal to 2.0.0 will not load) or "LT 2.0.0" (version
5868	* number less than 2.0.0 will not load)
5869	*
5870	* NOTE - we cannot use the characters "<=" or "<" because we have code
5871	* that serializes plists and treats '<' as a special character.
5872	*********************************************************************/
5873	bool
5874	OSKext::isInExcludeList(void)
5875	{
5876	OSString * versionString = NULL; // do not release
5877	char * versionCString = NULL; // do not free
5878	size_t i;
5879	boolean_t wantLessThan = false;
5880	boolean_t wantLessThanEqualTo = false;
5881	boolean_t isInExcludeList = true;
5882	char myBuffer[`32`];
5883
5884	IORecursiveLockLock(lock: sKextLock);
5885
5886	if (!sExcludeListByID) {
5887	isInExcludeList = false;
5888	} else {
5889	/ look up by bundleID in our exclude list and if found get version*
5890	* string (or strings) that we will not allow to load
5891	*/
5892	versionString = OSDynamicCast(OSString, sExcludeListByID ->getObject(bundleID.get()));
5893	if (versionString == NULL \|\| versionString->getLength() > (sizeof(myBuffer) - `1`)) {
5894	isInExcludeList = false;
5895	}
5896	}
5897
5898	IORecursiveLockUnlock(lock: sKextLock);
5899
5900	if (!isInExcludeList) {
5901	return false;
5902	}
5903
5904	/ parse version strings /
5905	versionCString = (char *) versionString->getCStringNoCopy();
5906
5907	/ look for "LT" or "LE" form of version string, must be in first two*
5908	* positions.
5909	*/
5910	if (versionCString == `'L'` && (versionCString + `1`) == `'T'`) {
5911	wantLessThan = true;
5912	versionCString += `2`;
5913	} else if (versionCString == `'L'` && (versionCString + `1`) == `'E'`) {
5914	wantLessThanEqualTo = true;
5915	versionCString += `2`;
5916	}
5917
5918	for (i = `0`; *versionCString != `0x00`; versionCString++) {
5919	/ skip whitespace /
5920	if (isWhiteSpace(*versionCString)) {
5921	continue;
5922	}
5923
5924	/ peek ahead for version string separator or null terminator /
5925	if ((versionCString + `1`) == `','` \|\| (versionCString + `1`) == `0x00`) {
5926	/ OK, we have a version string /
5927	myBuffer[i++] = *versionCString;
5928	myBuffer[i] = `0x00`;
5929
5930	OSKextVersion excludeVers;
5931	excludeVers = OSKextParseVersionString(versionString: myBuffer);
5932
5933	if (wantLessThanEqualTo) {
5934	if (version <= excludeVers) {
5935	return true;
5936	}
5937	} else if (wantLessThan) {
5938	if (version < excludeVers) {
5939	return true;
5940	}
5941	} else if (version == excludeVers) {
5942	return true;
5943	}
5944
5945	/ reset for the next (if any) version string /
5946	i = `0`;
5947	wantLessThan = false;
5948	wantLessThanEqualTo = false;
5949	} else {
5950	/ save valid version character /
5951	myBuffer[i++] = *versionCString;
5952
5953	/ make sure bogus version string doesn't overrun local buffer /
5954	if (i >= sizeof(myBuffer)) {
5955	break;
5956	}
5957	}
5958	}
5959
5960	return false;
5961	}
5962
5963	/*********************************************************************
5964	* sNonLoadableKextsByID is a dictionary with keys / values of:
5965	* key = bundleID string of kext we will not allow to load
5966	* value = boolean (true == loadable, false == not loadable)
5967	*
5968	* Only kexts which are in the AuxKC will be marked as "not loadble,"
5969	* i.e., the value for the kext's bundleID will be false. All kexts in
5970	* the primary and system KCs will always be marked as "loadable."
5971	*
5972	* This list ultimately comes from kexts which have been uninstalled
5973	* in user space by deleting the kext from disk, but which have not
5974	* yet been removed from the AuxKC. Because the user could choose to
5975	* re-install the exact same version of the kext, we need to keep
5976	* a dictionary of boolean values so that user space only needs to
5977	* keep a simple list of "uninstalled" or "missing" bundles. When
5978	* a bundle is re-installed, the iokit daemon can use the
5979	* AucKCBundleAvailable predicate to set the individual kext's
5980	* availability to true.
5981	*********************************************************************/
5982	bool
5983	OSKext::isLoadable(void)
5984	{
5985	bool isLoadable = true;
5986
5987	if (kc_type != KCKindAuxiliary) {
5988	/ this filtering only applies to kexts in the auxkc /
5989	return true;
5990	}
5991
5992	IORecursiveLockLock(lock: sKextLock);
5993
5994	if (sNonLoadableKextsByID) {
5995	/ look up by bundleID in our exclude list and if found get version*
5996	* string (or strings) that we will not allow to load
5997	*/
5998	OSBoolean *loadableVal;
5999	loadableVal = OSDynamicCast(OSBoolean, sNonLoadableKextsByID ->getObject(bundleID.get()));
6000	if (loadableVal && !loadableVal->getValue()) {
6001	isLoadable = false;
6002	}
6003	}
6004	IORecursiveLockUnlock(lock: sKextLock);
6005
6006	return isLoadable;
6007	}
6008
6009	/*********************************************************************
6010	*********************************************************************/
6011	/ static /
6012	OSReturn
6013	OSKext::loadKextWithIdentifier(
6014	const char * kextIdentifierCString,
6015	Boolean allowDeferFlag,
6016	Boolean delayAutounloadFlag,
6017	OSKextExcludeLevel startOpt,
6018	OSKextExcludeLevel startMatchingOpt,
6019	OSArray * personalityNames)
6020	{
6021	OSReturn result = kOSReturnError;
6022	OSSharedPtr<OSString> kextIdentifier;
6023
6024	kextIdentifier = OSString::withCString(cString: kextIdentifierCString);
6025	if (!kextIdentifier) {
6026	result = kOSKextReturnNoMemory;
6027	goto finish;
6028	}
6029	result = OSKext::loadKextWithIdentifier(kextIdentifier: kextIdentifier.get(),
6030	NULL / kextRef /,
6031	allowDeferFlag, delayAutounloadFlag,
6032	startOpt, startMatchingOpt, personalityNames);
6033
6034	finish:
6035	return result;
6036	}
6037
6038	OSReturn
6039	OSKext::loadKextWithIdentifier(
6040	OSString * kextIdentifier,
6041	OSSharedPtr<OSObject> &kextRef,
6042	Boolean allowDeferFlag,
6043	Boolean delayAutounloadFlag,
6044	OSKextExcludeLevel startOpt,
6045	OSKextExcludeLevel startMatchingOpt,
6046	OSArray * personalityNames)
6047	{
6048	OSObject * kextRefRaw = NULL;
6049	OSReturn result;
6050
6051	result = loadKextWithIdentifier(kextIdentifier,
6052	kextRef: &kextRefRaw,
6053	allowDeferFlag,
6054	delayAutounloadFlag,
6055	startOpt,
6056	startMatchingOpt,
6057	personalityNames);
6058	if ((kOSReturnSuccess == result) && kextRefRaw) {
6059	kextRef.reset(p: kextRefRaw, OSNoRetain);
6060	}
6061	return result;
6062	}
6063
6064	/*********************************************************************
6065	*********************************************************************/
6066	OSReturn
6067	OSKext::loadKextWithIdentifier(
6068	OSString * kextIdentifier,
6069	OSObject ** kextRef,
6070	Boolean allowDeferFlag,
6071	Boolean delayAutounloadFlag,
6072	OSKextExcludeLevel startOpt,
6073	OSKextExcludeLevel startMatchingOpt,
6074	OSArray * personalityNames)
6075	{
6076	OSReturn result = kOSReturnError;
6077	OSReturn pingResult = kOSReturnError;
6078	OSKext * theKext = NULL; // do not release
6079	OSSharedPtr<OSDictionary> loadRequest;
6080	OSSharedPtr<const OSSymbol> kextIdentifierSymbol;
6081
6082	if (kextRef) {
6083	*kextRef = NULL;
6084	}
6085
6086	IORecursiveLockLock(lock: sKextLock);
6087
6088	if (!kextIdentifier) {
6089	result = kOSKextReturnInvalidArgument;
6090	goto finish;
6091	}
6092
6093	OSKext::recordIdentifierRequest(kextIdentifier);
6094
6095	theKext = OSDynamicCast(OSKext, sKextsByID ->getObject(kextIdentifier));
6096	if (!theKext) {
6097	if (!allowDeferFlag) {
6098	OSKextLog(/ kext / NULL,
6099	kOSKextLogErrorLevel \|
6100	kOSKextLogLoadFlag,
6101	format: "Can't load kext %s - not found.",
6102	kextIdentifier->getCStringNoCopy());
6103	goto finish;
6104	}
6105
6106	if (!sKernelRequestsEnabled) {
6107	OSKextLog(aKext: theKext,
6108	kOSKextLogErrorLevel \|
6109	kOSKextLogLoadFlag,
6110	format: "Can't load kext %s - requests to user space are disabled.",
6111	kextIdentifier->getCStringNoCopy());
6112	result = kOSKextReturnDisabled;
6113	goto finish;
6114	}
6115
6116	/ Create a new request unless one is already sitting*
6117	* in sKernelRequests for this bundle identifier
6118	*/
6119	kextIdentifierSymbol = OSSymbol::withString(aString: kextIdentifier);
6120	if (!sPostedKextLoadIdentifiers ->containsObject(anObject: kextIdentifierSymbol.get())) {
6121	result = _OSKextCreateRequest(kKextRequestPredicateRequestLoad,
6122	requestP&: loadRequest);
6123	if (result != kOSReturnSuccess) {
6124	goto finish;
6125	}
6126	if (!_OSKextSetRequestArgument(requestDict: loadRequest.get(),
6127	kKextRequestArgumentBundleIdentifierKey, value: kextIdentifier)) {
6128	result = kOSKextReturnNoMemory;
6129	goto finish;
6130	}
6131	if (!sKernelRequests ->setObject(loadRequest.get())) {
6132	result = kOSKextReturnNoMemory;
6133	goto finish;
6134	}
6135
6136	if (!sPostedKextLoadIdentifiers ->setObject(kextIdentifierSymbol.get())) {
6137	result = kOSKextReturnNoMemory;
6138	goto finish;
6139	}
6140
6141	OSKextLog(aKext: theKext,
6142	kOSKextLogDebugLevel \|
6143	kOSKextLogLoadFlag,
6144	format: "Kext %s not found; queued load request to user space.",
6145	kextIdentifier->getCStringNoCopy());
6146	}
6147
6148	pingResult = OSKext::pingIOKitDaemon();
6149	if (pingResult == kOSKextReturnDisabled) {
6150	OSKextLog(/ kext / NULL,
6151	msgLogSpec: ((sPrelinkBoot) ? kOSKextLogDebugLevel : kOSKextLogErrorLevel) \|
6152	kOSKextLogLoadFlag,
6153	format: "Kext %s might not load - " kIOKitDaemonName " is currently unavailable.",
6154	kextIdentifier->getCStringNoCopy());
6155	}
6156
6157	result = kOSKextReturnDeferred;
6158	goto finish;
6159	}
6160
6161	result = theKext->load(startOpt, startMatchingOpt, personalityNames);
6162
6163	if (result != kOSReturnSuccess) {
6164	OSKextLog(aKext: theKext,
6165	kOSKextLogErrorLevel \|
6166	kOSKextLogLoadFlag,
6167	format: "Failed to load kext %s (error 0x%x).",
6168	kextIdentifier->getCStringNoCopy(), (int)result);
6169
6170	if (theKext->kc_type == KCKindUnknown) {
6171	OSKext::removeKext(aKext: theKext,
6172	/ terminateService/removePersonalities / terminateServicesAndRemovePersonalitiesFlag: true);
6173	}
6174	goto finish;
6175	}
6176
6177	if (delayAutounloadFlag) {
6178	OSKextLog(aKext: theKext,
6179	kOSKextLogProgressLevel \|
6180	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
6181	format: "Setting delayed autounload for %s.",
6182	kextIdentifier->getCStringNoCopy());
6183	theKext->flags.delayAutounload = `1`;
6184	}
6185
6186	finish:
6187	if ((kOSReturnSuccess == result) && kextRef) {
6188	*kextRef = theKext;
6189	theKext->matchingRefCount++;
6190	theKext->retain();
6191	}
6192
6193	IORecursiveLockUnlock(lock: sKextLock);
6194
6195	return result;
6196	}
6197
6198	/*********************************************************************
6199	*********************************************************************/
6200	/ static /
6201	OSReturn
6202	OSKext::loadKextFromKC(OSKext theKext, OSDictionary requestDict)
6203	{
6204	OSReturn result = kOSReturnError;
6205
6206	OSBoolean delayAutounloadBool = NULL; // do not release*
6207	OSNumber startKextExcludeNum = NULL; // do not release*
6208	OSNumber startMatchingExcludeNum = NULL; // do not release*
6209	OSArray personalityNames = NULL; // do not release*
6210
6211	/*
6212	* Default values for these options:
6213	* regular autounload behavior
6214	* start the kext
6215	* send all personalities to the catalog
6216	*/
6217	Boolean delayAutounload = false;
6218	OSKextExcludeLevel startKextExcludeLevel = kOSKextExcludeNone;
6219	OSKextExcludeLevel startMatchingExcludeLevel = kOSKextExcludeNone;
6220
6221	IORecursiveLockLock(lock: sKextLock);
6222
6223	OSKextLog(/ kext / NULL,
6224	kOSKextLogDebugLevel \|
6225	kOSKextLogIPCFlag,
6226	format: "Received kext KC load request from user space.");
6227
6228	/ Regardless of processing, the fact that we have gotten here means some*
6229	* user-space program is up and talking to us, so we'll switch our kext
6230	* registration to reflect that.
6231	*/
6232	if (!sUserLoadsActive) {
6233	OSKextLog(/ kext / NULL,
6234	kOSKextLogProgressLevel \|
6235	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
6236	format: "Switching to late startup (user-space) kext loading policy.");
6237	sUserLoadsActive = true;
6238	}
6239
6240	delayAutounloadBool = OSDynamicCast(OSBoolean,
6241	_OSKextGetRequestArgument(requestDict,
6242	kKextRequestArgumentDelayAutounloadKey));
6243	startKextExcludeNum = OSDynamicCast(OSNumber,
6244	_OSKextGetRequestArgument(requestDict,
6245	kKextRequestArgumentStartExcludeKey));
6246	startMatchingExcludeNum = OSDynamicCast(OSNumber,
6247	_OSKextGetRequestArgument(requestDict,
6248	kKextRequestArgumentStartMatchingExcludeKey));
6249	personalityNames = OSDynamicCast(OSArray,
6250	_OSKextGetRequestArgument(requestDict,
6251	kKextRequestArgumentPersonalityNamesKey));
6252
6253	if (delayAutounloadBool) {
6254	delayAutounload = delayAutounloadBool->getValue();
6255	}
6256	if (startKextExcludeNum) {
6257	startKextExcludeLevel = startKextExcludeNum->unsigned8BitValue();
6258	}
6259	if (startMatchingExcludeNum) {
6260	startMatchingExcludeLevel = startMatchingExcludeNum->unsigned8BitValue();
6261	}
6262
6263	OSKextLog(/ kext / NULL,
6264	kOSKextLogProgressLevel \|
6265	kOSKextLogIPCFlag,
6266	format: "Received request from user space to load KC kext %s.",
6267	theKext->getIdentifierCString());
6268
6269	/ this could be in the Auxiliary KC, so record the load request /
6270	OSKext::recordIdentifierRequest(OSDynamicCast(OSString, theKext->getIdentifier()));
6271
6272	/*
6273	* Load the kext
6274	*/
6275	result = theKext->load(startOpt: startKextExcludeLevel,
6276	startMatchingOpt: startMatchingExcludeLevel, personalityNames);
6277
6278	if (result != kOSReturnSuccess) {
6279	OSKextLog(aKext: theKext,
6280	kOSKextLogErrorLevel \|
6281	kOSKextLogLoadFlag,
6282	format: "Failed to load kext %s (error 0x%x).",
6283	theKext->getIdentifierCString(), (int)result);
6284
6285	OSKext::removeKext(aKext: theKext,
6286	/ terminateService/removePersonalities / terminateServicesAndRemovePersonalitiesFlag: true);
6287	goto finish;
6288	} else {
6289	OSKextLog(aKext: theKext,
6290	kOSKextLogProgressLevel \|
6291	kOSKextLogLoadFlag,
6292	format: "Kext %s Loaded successfully from %s KC",
6293	theKext->getIdentifierCString(), theKext->getKCTypeString());
6294	}
6295
6296	if (delayAutounload) {
6297	OSKextLog(aKext: theKext,
6298	kOSKextLogProgressLevel \|
6299	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
6300	format: "Setting delayed autounload for %s.",
6301	theKext->getIdentifierCString());
6302	theKext->flags.delayAutounload = `1`;
6303	}
6304
6305	finish:
6306	IORecursiveLockUnlock(lock: sKextLock);
6307
6308	return result;
6309	}
6310
6311	/*********************************************************************
6312	*********************************************************************/
6313	/ static /
6314	OSReturn
6315	OSKext::loadCodelessKext(OSString kextIdentifier, OSDictionary requestDict)
6316	{
6317	OSReturn result = kOSReturnError;
6318	OSDictionary anInfoDict = NULL; // do not release*
6319
6320	anInfoDict = OSDynamicCast(OSDictionary,
6321	_OSKextGetRequestArgument(requestDict,
6322	kKextRequestArgumentCodelessInfoKey));
6323	if (anInfoDict == NULL) {
6324	OSKextLog(/ kext / NULL,
6325	kOSKextLogErrorLevel \|
6326	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
6327	format: "Missing 'Codeless Kext Info' dictionary in codeless kext load request of %s.",
6328	kextIdentifier->getCStringNoCopy());
6329	return kOSKextReturnInvalidArgument;
6330	}
6331
6332	IORecursiveLockLock(lock: sKextLock);
6333
6334	OSKextLog(/ kext / NULL,
6335	kOSKextLogProgressLevel \|
6336	kOSKextLogIPCFlag,
6337	format: "Received request from user space to load codeless kext %s.",
6338	kextIdentifier->getCStringNoCopy());
6339
6340	{
6341	// instantiate a new kext, and don't hold a reference
6342	// (the kext subsystem will hold one implicitly)
6343	OSKextInitResult ret;
6344	OSSharedPtr<OSKext> newKext = OSKext::withCodelessInfo(anInfoDict, result: &ret);
6345	if (!newKext) {
6346	/*
6347	* We might have failed to create a new OSKext
6348	* because the old one should still be used.
6349	* Check if that is the case.
6350	*/
6351	if (ret != kOSKextInitFailure) {
6352	result = kOSReturnSuccess;
6353	goto finish;
6354	}
6355	OSKextLog(/ kext / NULL,
6356	kOSKextLogErrorLevel \|
6357	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
6358	format: "Could not instantiate codeless kext.");
6359	result = kOSKextReturnNotLoadable;
6360	goto finish;
6361	}
6362	if (!kextIdentifier->isEqualTo(cString: newKext ->getIdentifierCString())) {
6363	OSKextLog(/ kext / NULL,
6364	kOSKextLogErrorLevel \|
6365	kOSKextLogGeneralFlag \| kOSKextLogLoadFlag,
6366	format: "Codeless kext identifiers don't match '%s' != '%s'",
6367	kextIdentifier->getCStringNoCopy(), newKext ->getIdentifierCString());
6368
6369	OSKext::removeKext(aKext: newKext.get(), terminateServicesAndRemovePersonalitiesFlag: false);
6370	result = kOSKextReturnInvalidArgument;
6371	goto finish;
6372	}
6373
6374	/ Record the request for the codeless kext /
6375	OSKext::recordIdentifierRequest(OSDynamicCast(OSString, newKext ->getIdentifier()));
6376
6377	result = kOSReturnSuccess;
6378	/ Send the kext's personalities to the IOCatalog. This is an explicit load. /
6379	result = newKext ->sendPersonalitiesToCatalog(startMatching: true, NULL);
6380	}
6381
6382	finish:
6383	IORecursiveLockUnlock(lock: sKextLock);
6384
6385	return result;
6386	}
6387
6388	/*********************************************************************
6389	*********************************************************************/
6390	/ static /
6391	void
6392	OSKext::dropMatchingReferences(
6393	OSSet * kexts)
6394	{
6395	IORecursiveLockLock(lock: sKextLock);
6396	kexts->iterateObjects(block: ^bool (OSObject * obj) {
6397	OSKext * thisKext = OSDynamicCast(OSKext, obj);
6398	if (!thisKext) {
6399	return false;
6400	}
6401	thisKext->matchingRefCount--;
6402	return false;
6403	});
6404	IORecursiveLockUnlock(lock: sKextLock);
6405	}
6406
6407	/*********************************************************************
6408	*********************************************************************/
6409	/ static /
6410	void
6411	OSKext::recordIdentifierRequest(
6412	OSString * kextIdentifier)
6413	{
6414	OSSharedPtr<const OSSymbol> kextIdentifierSymbol;
6415	bool fail = false;
6416
6417	if (!sAllKextLoadIdentifiers \|\| !kextIdentifier) {
6418	goto finish;
6419	}
6420
6421	kextIdentifierSymbol = OSSymbol::withString(aString: kextIdentifier);
6422	if (!kextIdentifierSymbol) {
6423	// xxx - this is really a basic alloc failure
6424	fail = true;
6425	goto finish;
6426	}
6427
6428	IORecursiveLockLock(lock: sKextLock);
6429	if (!sAllKextLoadIdentifiers ->containsObject(anObject: kextIdentifierSymbol.get())) {
6430	if (!sAllKextLoadIdentifiers ->setObject(kextIdentifierSymbol.get())) {
6431	fail = true;
6432	} else {
6433	// xxx - need to find a way to associate this whole func w/the kext
6434	OSKextLog(/ kext / NULL,
6435	// xxx - check level
6436	kOSKextLogStepLevel \|
6437	kOSKextLogArchiveFlag,
6438	format: "Recorded kext %s as a candidate for inclusion in prelinked kernel.",
6439	kextIdentifier->getCStringNoCopy());
6440	}
6441	}
6442	IORecursiveLockUnlock(lock: sKextLock);
6443
6444	finish:
6445
6446	if (fail) {
6447	OSKextLog(/ kext / NULL,
6448	kOSKextLogErrorLevel \|
6449	kOSKextLogArchiveFlag,
6450	format: "Failed to record kext %s as a candidate for inclusion in prelinked kernel.",
6451	kextIdentifier->getCStringNoCopy());
6452	}
6453	return;
6454	}
6455
6456	/*********************************************************************
6457	*********************************************************************/
6458	OSReturn
6459	OSKext::load(
6460	OSKextExcludeLevel startOpt,
6461	OSKextExcludeLevel startMatchingOpt,
6462	OSArray * personalityNames)
6463	{
6464	OSReturn result = kOSReturnError;
6465	OSKextExcludeLevel dependenciesStartOpt = startOpt;
6466	OSKextExcludeLevel dependenciesStartMatchingOpt = startMatchingOpt;
6467	unsigned int i, count;
6468	Boolean alreadyLoaded = false;
6469	OSKext * lastLoadedKext = NULL; // do not release
6470
6471	if (isInExcludeList()) {
6472	OSKextLog(aKext: this,
6473	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag \|
6474	kOSKextLogLoadFlag,
6475	format: "Kext %s is in exclude list, not loadable",
6476	getIdentifierCString());
6477
6478	result = kOSKextReturnNotLoadable;
6479	goto finish;
6480	}
6481	if (!isLoadable()) {
6482	OSKextLog(aKext: this,
6483	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag \|
6484	kOSKextLogLoadFlag,
6485	format: "Kext %s is not loadable",
6486	getIdentifierCString());
6487
6488	result = kOSKextReturnNotLoadable;
6489	goto finish;
6490	}
6491
6492	if (isLoaded()) {
6493	alreadyLoaded = true;
6494	result = kOSReturnSuccess;
6495
6496	OSKextLog(aKext: this,
6497	kOSKextLogDebugLevel \|
6498	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
6499	format: "Kext %s is already loaded.",
6500	getIdentifierCString());
6501	goto loaded;
6502	}
6503
6504	#if CONFIG_MACF
6505	/*
6506	* On kxld and on embedded, only call into the MAC hook when on a
6507	* user thread, for access control over userspace kextloads.
6508	*
6509	* On non-kxld systems, additionally check the MAC hook for kexts in
6510	* the Pageable and Aux KCs, regardless of whether we are on a user
6511	* thread or not. This means on Apple silicon devices that the MAC
6512	* hook will only be useful to block 3rd party kexts loaded via
6513	* matching, and any kexts loaded from userspace kextloads.
6514	*
6515	* Note that this should _not_ be called on kexts loaded from the
6516	* kernel bootstrap thread as the kernel proc's cred struct is not
6517	* yet initialized! This won't happen on macOS because all the kexts
6518	* in the BootKC are self-contained and their kc_type = KCKindPrimary.
6519	*/
6520	if (current_task() != kernel_task
6521	#if XNU_TARGET_OS_OSX && !CONFIG_KXLD
6522	\|\| (kc_type != KCKindPrimary && kc_type != KCKindUnknown)
6523	#endif
6524	) {
6525	int macCheckResult = `0`;
6526	kauth_cred_t cred = NULL;
6527
6528	cred = kauth_cred_get_with_ref();
6529	macCheckResult = mac_kext_check_load(cred, identifier: getIdentifierCString());
6530	kauth_cred_unref(&cred);
6531
6532	if (macCheckResult != `0`) {
6533	result = kOSReturnError;
6534	OSKextLog(aKext: this,
6535	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
6536	format: "Failed to load kext %s (MAC policy error 0x%x).",
6537	getIdentifierCString(), macCheckResult);
6538	goto finish;
6539	}
6540	}
6541	#endif /* CONFIG_MACF */
6542
6543	if (!sLoadEnabled) {
6544	OSKextLog(aKext: this,
6545	kOSKextLogErrorLevel \|
6546	kOSKextLogLoadFlag,
6547	format: "Kext loading is disabled (attempt to load kext %s).",
6548	getIdentifierCString());
6549	result = kOSKextReturnDisabled;
6550	goto finish;
6551	}
6552
6553	/ If we've pushed the next available load tag to the invalid value,*
6554	* we can't load any more kexts.
6555	*/
6556	if (sNextLoadTag == kOSKextInvalidLoadTag) {
6557	OSKextLog(aKext: this,
6558	kOSKextLogErrorLevel \|
6559	kOSKextLogLoadFlag,
6560	format: "Can't load kext %s - no more load tags to assign.",
6561	getIdentifierCString());
6562	result = kOSKextReturnNoResources;
6563	goto finish;
6564	}
6565
6566	/ This is a bit of a hack, because we shouldn't be handling*
6567	* personalities within the load function.
6568	*/
6569	if (!declaresExecutable()) {
6570	/ There is a special case where a non-executable kext can be loaded: the*
6571	* AppleKextExcludeList. Detect that special kext by bundle identifier and
6572	* load its metadata into the global data structures, if appropriate
6573	*/
6574	if (strcmp(s1: getIdentifierCString(), kIOExcludeListBundleID) == `0`) {
6575	boolean_t updated = updateExcludeList(infoDict: infoDict.get());
6576	if (updated) {
6577	OSKextLog(aKext: this,
6578	kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
6579	format: "KextExcludeList was updated to version: %lld", sExcludeListVersion);
6580	}
6581	}
6582
6583	if (isDriverKit()) {
6584	if (loadTag == `0`) {
6585	sLoadedDriverKitKexts ->setObject(this);
6586	loadTag = sNextLoadTag++;
6587	}
6588	}
6589	result = kOSReturnSuccess;
6590	goto loaded;
6591	}
6592
6593	/ Are we in safe boot?*
6594	*/
6595	if (sSafeBoot && !isLoadableInSafeBoot()) {
6596	OSKextLog(aKext: this,
6597	kOSKextLogErrorLevel \|
6598	kOSKextLogLoadFlag,
6599	format: "Can't load kext %s - not loadable during safe boot.",
6600	getIdentifierCString());
6601	result = kOSKextReturnBootLevel;
6602	goto finish;
6603	}
6604
6605	OSKextLog(aKext: this,
6606	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
6607	format: "Loading kext %s.",
6608	getIdentifierCString());
6609
6610	#if !VM_MAPPED_KEXTS
6611	if (isPrelinked() == false) {
6612	OSKextLog(aKext: this,
6613	kOSKextLogErrorLevel \|
6614	kOSKextLogLoadFlag,
6615	format: "Can't load kext %s - not in a kext collection.",
6616	getIdentifierCString());
6617	result = kOSKextReturnDisabled;
6618	goto finish;
6619	}
6620	#endif /* defined(__x86_64__) */
6621
6622	#if CONFIG_KXLD
6623	if (!sKxldContext) {
6624	kern_return_t kxldResult;
6625	kxldResult = kxld_create_context(&sKxldContext, &kern_allocate,
6626	&kxld_log_callback, / Flags / (KXLDFlags) `0`,
6627	/ cputype / `0`, / cpusubtype / `0`, / page size / `0`);
6628	if (kxldResult) {
6629	OSKextLog(this,
6630	kOSKextLogErrorLevel \|
6631	kOSKextLogLoadFlag \| kOSKextLogLinkFlag,
6632	"Can't load kext %s - failed to create link context.",
6633	getIdentifierCString());
6634	result = kOSKextReturnNoMemory;
6635	goto finish;
6636	}
6637	}
6638	#endif // CONFIG_KXLD
6639
6640	/ We only need to resolve dependencies once for the whole graph, but*
6641	* resolveDependencies will just return if there's no work to do, so it's
6642	* safe to call it more than once.
6643	*/
6644	if (!resolveDependencies()) {
6645	// xxx - check resolveDependencies() for log msg
6646	OSKextLog(aKext: this,
6647	kOSKextLogErrorLevel \|
6648	kOSKextLogLoadFlag \| kOSKextLogDependenciesFlag,
6649	format: "Can't load kext %s - failed to resolve library dependencies.",
6650	getIdentifierCString());
6651	result = kOSKextReturnDependencies;
6652	goto finish;
6653	}
6654
6655	/ If we are excluding just the kext being loaded now (and not its*
6656	* dependencies), drop the exclusion level to none so dependencies
6657	* start and/or add their personalities.
6658	*/
6659	if (dependenciesStartOpt == kOSKextExcludeKext) {
6660	dependenciesStartOpt = kOSKextExcludeNone;
6661	}
6662
6663	if (dependenciesStartMatchingOpt == kOSKextExcludeKext) {
6664	dependenciesStartMatchingOpt = kOSKextExcludeNone;
6665	}
6666
6667	/ Load the dependencies, recursively.*
6668	*/
6669	count = getNumDependencies();
6670	for (i = `0`; i < count; i++) {
6671	OSKext * dependency = OSDynamicCast(OSKext,
6672	dependencies ->getObject(i));
6673	if (dependency == NULL) {
6674	OSKextLog(aKext: this,
6675	kOSKextLogErrorLevel \|
6676	kOSKextLogLoadFlag \| kOSKextLogDependenciesFlag,
6677	format: "Internal error loading kext %s; dependency disappeared.",
6678	getIdentifierCString());
6679	result = kOSKextReturnInternalError;
6680	goto finish;
6681	}
6682
6683	/ Dependencies must be started accorting to the opt,*
6684	* but not given the personality names of the main kext.
6685	*/
6686	result = dependency->load(startOpt: dependenciesStartOpt,
6687	startMatchingOpt: dependenciesStartMatchingOpt,
6688	/ personalityNames / NULL);
6689	if (result != KERN_SUCCESS) {
6690	OSKextLog(aKext: this,
6691	kOSKextLogErrorLevel \|
6692	kOSKextLogLoadFlag \| kOSKextLogDependenciesFlag,
6693	format: "Dependency %s of kext %s failed to load.",
6694	dependency->getIdentifierCString(),
6695	getIdentifierCString());
6696
6697	OSKext::removeKext(aKext: dependency,
6698	/ terminateService/removePersonalities / terminateServicesAndRemovePersonalitiesFlag: true);
6699	result = kOSKextReturnDependencyLoadError;
6700
6701	goto finish;
6702	}
6703	}
6704
6705	result = loadExecutable();
6706	if (result != KERN_SUCCESS) {
6707	goto finish;
6708	}
6709
6710	pendingPgoHead.next = &pendingPgoHead;
6711	pendingPgoHead.prev = &pendingPgoHead;
6712
6713	// The kernel PRNG is not initialized when the first kext is
6714	// loaded, so use early random
6715	uuid_generate_early_random(out: instance_uuid);
6716	account = IOMallocType(OSKextAccount);
6717
6718	account->loadTag = kmod_info->id;
6719	account->site.refcount = `0`;
6720	account->site.flags = VM_TAG_KMOD;
6721
6722	#if DEVELOPMENT \|\| DEBUG
6723	/ Setup the task reference group. /
6724	(void)snprintf(account->task_refgrp_name, sizeof(account->task_refgrp_name),
6725	"task_%s", getIdentifierCString());
6726	account->task_refgrp.grp_name = account->task_refgrp_name;
6727	account->task_refgrp.grp_parent = &task_external_refgrp;
6728	account->task_refgrp.grp_flags = OS_REFGRP_F_ALWAYS_ENABLED;
6729	os_ref_log_init(&account->task_refgrp);
6730	#endif /* DEVELOPMENT \|\| DEBUG */
6731
6732	account->kext = this;
6733	if (gIOSurfaceIdentifier == bundleID) {
6734	vm_tag_alloc(site: &account->site);
6735	gIOSurfaceTag = account->site.tag;
6736	}
6737
6738	flags.loaded = true;
6739
6740	/ Add the kext to the list of loaded kexts and update the kmod_info*
6741	* struct to point to that of the last loaded kext (which is the way
6742	* it's always been done, though I'd rather do them in order now).
6743	*/
6744	lastLoadedKext = OSDynamicCast(OSKext, sLoadedKexts ->getLastObject());
6745	sLoadedKexts ->setObject(this);
6746
6747	/ Keep the kernel itself out of the kmod list.*
6748	*/
6749	if (lastLoadedKext->isKernel()) {
6750	lastLoadedKext = NULL;
6751	}
6752
6753	if (lastLoadedKext) {
6754	kmod_info->next = lastLoadedKext->kmod_info;
6755	}
6756
6757	notifyKextLoadObservers(this, kmod_info);
6758
6759	/ Make the global kmod list point at the just-loaded kext. Note that the*
6760	* __kernel__ kext isn't in this list, as it wasn't before SnowLeopard,
6761	* although we do report it in kextstat these days by using the newer
6762	* OSArray of loaded kexts, which does contain it.
6763	*
6764	* (The OSKext object representing the kernel doesn't even have a kmod_info
6765	* struct, though I suppose we could stick a pointer to it from the
6766	* static struct in OSRuntime.cpp.)
6767	*/
6768	kmod = kmod_info;
6769
6770	/ Save the list of loaded kexts in case we panic.*
6771	*/
6772	OSKext::saveLoadedKextPanicList();
6773
6774	if (isExecutable()) {
6775	OSKext::updateLoadedKextSummaries();
6776	savePanicString(/ isLoading / true);
6777
6778	#if CONFIG_DTRACE
6779	registerWithDTrace();
6780	#else
6781	jettisonLinkeditSegment();
6782	#endif /* CONFIG_DTRACE */
6783
6784	#if !VM_MAPPED_KEXTS
6785	/ If there is a page (or more) worth of padding after the end*
6786	* of the last data section but before the end of the data segment
6787	* then free it in the same manner the LinkeditSegment is freed
6788	*/
6789	jettisonDATASegmentPadding();
6790	#endif
6791	}
6792
6793	loaded:
6794	if (isExecutable() && !flags.started) {
6795	if (startOpt == kOSKextExcludeNone) {
6796	result = start();
6797	if (result != kOSReturnSuccess) {
6798	OSKextLog(aKext: this,
6799	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
6800	format: "Kext %s start failed (result 0x%x).",
6801	getIdentifierCString(), result);
6802	result = kOSKextReturnStartStopError;
6803	}
6804	}
6805	}
6806
6807	/ If not excluding matching, send the personalities to the kernel.*
6808	* This never affects the result of the load operation.
6809	* This is a bit of a hack, because we shouldn't be handling
6810	* personalities within the load function.
6811	*/
6812	if (result == kOSReturnSuccess && startMatchingOpt == kOSKextExcludeNone) {
6813	result = sendPersonalitiesToCatalog(startMatching: true, personalityNames);
6814	}
6815
6816	finish:
6817
6818	if (result != kOSReturnSuccess) {
6819	OSKextLog(aKext: this,
6820	kOSKextLogErrorLevel \|
6821	kOSKextLogLoadFlag,
6822	format: "Kext %s failed to load (0x%x).",
6823	getIdentifierCString(), (int)result);
6824	} else if (!alreadyLoaded) {
6825	OSKextLog(aKext: this,
6826	kOSKextLogProgressLevel \|
6827	kOSKextLogLoadFlag,
6828	format: "Kext %s loaded.",
6829	getIdentifierCString());
6830
6831	queueKextNotification(kKextRequestPredicateLoadNotification,
6832	OSDynamicCast(OSString, bundleID.get()), dextUniqueIdentifier: getDextUniqueID());
6833	}
6834	return result;
6835	}
6836
6837	#if CONFIG_KXLD
6838	/*********************************************************************
6839	*
6840	*********************************************************************/
6841	static char *
6842	strdup(const char * string)
6843	{
6844	char * result = NULL;
6845	size_t size;
6846
6847	if (!string) {
6848	goto finish;
6849	}
6850
6851	size = `1` + strlen(string);
6852	result = (char *)kalloc_data_tag(size, Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
6853	if (!result) {
6854	goto finish;
6855	}
6856
6857	memcpy(result, string, size);
6858
6859	finish:
6860	return result;
6861	}
6862	#endif // CONFIG_KXLD
6863
6864	/*********************************************************************
6865	*
6866	*********************************************************************/
6867
6868	kernel_section_t *
6869	OSKext::lookupSection(const char segname, const* char *secname)
6870	{
6871	kernel_section_t * found_section = NULL;
6872	kernel_mach_header_t * mh = NULL;
6873	kernel_segment_command_t * seg = NULL;
6874	kernel_section_t * sec = NULL;
6875
6876	if (!linkedExecutable) {
6877	return NULL;
6878	}
6879
6880	mh = (kernel_mach_header_t *)linkedExecutable ->getBytesNoCopy();
6881
6882	for (seg = firstsegfromheader(header: mh); seg != NULL; seg = nextsegfromheader(header: mh, seg)) {
6883	if (`0` != strncmp(s1: seg->segname, s2: segname, n: sizeof(seg->segname))) {
6884	continue;
6885	}
6886
6887	for (sec = firstsect(sgp: seg); sec != NULL; sec = nextsect(sgp: seg, sp: sec)) {
6888	if (`0` == strncmp(s1: sec->sectname, s2: secname, n: sizeof(sec->sectname))) {
6889	found_section = sec;
6890	goto out;
6891	}
6892	}
6893	}
6894
6895	out:
6896	return found_section;
6897	}
6898
6899	/*********************************************************************
6900	*
6901	*********************************************************************/
6902
6903	OSReturn
6904	OSKext::slidePrelinkedExecutable(bool doCoalescedSlides)
6905	{
6906	OSReturn result = kOSKextReturnBadData;
6907	kernel_mach_header_t * mh = NULL;
6908	kernel_segment_command_t * seg = NULL;
6909	kernel_segment_command_t * linkeditSeg = NULL;
6910	kernel_section_t * sec = NULL;
6911	char * linkeditBase = NULL;
6912	bool haveLinkeditBase = false;
6913	char * relocBase = NULL;
6914	bool haveRelocBase = false;
6915	struct dysymtab_command * dysymtab = NULL;
6916	struct linkedit_data_command * segmentSplitInfo = NULL;
6917	struct symtab_command * symtab = NULL;
6918	kernel_nlist_t * sym = NULL;
6919	struct relocation_info * reloc = NULL;
6920	uint32_t i = `0`;
6921	int reloc_size;
6922	vm_offset_t new_kextsize;
6923	kc_format format = KCFormatUnknown;
6924
6925	if (linkedExecutable == NULL \|\| flags.builtin) {
6926	result = kOSReturnSuccess;
6927	goto finish;
6928	}
6929
6930	mh = (kernel_mach_header_t *)linkedExecutable ->getBytesNoCopy();
6931	if (kernel_mach_header_is_in_fileset(mh)) {
6932	// kexts in filesets are slid as part of collection sliding
6933	result = kOSReturnSuccess;
6934	goto finish;
6935	}
6936
6937	segmentSplitInfo = (struct linkedit_data_command *) getcommandfromheader(mh, LC_SEGMENT_SPLIT_INFO);
6938
6939	for (seg = firstsegfromheader(header: mh); seg != NULL; seg = nextsegfromheader(header: mh, seg)) {
6940	if (!seg->vmaddr) {
6941	continue;
6942	}
6943
6944	seg->vmaddr = ml_static_slide(vaddr: seg->vmaddr);
6945
6946	#if KASLR_KEXT_DEBUG
6947	IOLog("kaslr: segname %s unslid 0x%lx slid 0x%lx \n",
6948	seg->segname,
6949	(unsigned long)ml_static_unslide(seg->vmaddr),
6950	(unsigned long)seg->vmaddr);
6951	#endif
6952
6953	if (!haveRelocBase) {
6954	relocBase = (char *) seg->vmaddr;
6955	haveRelocBase = true;
6956	}
6957	if (!strcmp(s1: seg->segname, s2: "__LINKEDIT")) {
6958	linkeditBase = (char *) seg->vmaddr - seg->fileoff;
6959	haveLinkeditBase = true;
6960	linkeditSeg = seg;
6961	}
6962	for (sec = firstsect(sgp: seg); sec != NULL; sec = nextsect(sgp: seg, sp: sec)) {
6963	sec->addr = ml_static_slide(vaddr: sec->addr);
6964
6965	#if KASLR_KEXT_DEBUG
6966	IOLog("kaslr: sectname %s unslid 0x%lx slid 0x%lx \n",
6967	sec->sectname,
6968	(unsigned long)ml_static_unslide(sec->addr),
6969	(unsigned long)sec->addr);
6970	#endif
6971	}
6972	}
6973
6974	dysymtab = (struct dysymtab_command *) getcommandfromheader(mh, LC_DYSYMTAB);
6975
6976	symtab = (struct symtab_command *) getcommandfromheader(mh, LC_SYMTAB);
6977
6978	if (symtab != NULL && doCoalescedSlides == false) {
6979	/ Some pseudo-kexts have symbol tables without segments.*
6980	* Ignore them. */
6981	if (symtab->nsyms > `0` && haveLinkeditBase) {
6982	sym = (kernel_nlist_t *) (linkeditBase + symtab->symoff);
6983	for (i = `0`; i < symtab->nsyms; i++) {
6984	if (sym[i].n_type & N_STAB) {
6985	continue;
6986	}
6987	sym[i].n_value = ml_static_slide(vaddr: sym[i].n_value);
6988
6989	#if KASLR_KEXT_DEBUG
6990	#define MAX_SYMS_TO_LOG 5
6991	if (i < MAX_SYMS_TO_LOG) {
6992	IOLog("kaslr: LC_SYMTAB unslid 0x%lx slid 0x%lx \n",
6993	(unsigned long)ml_static_unslide(sym[i].n_value),
6994	(unsigned long)sym[i].n_value);
6995	}
6996	#endif
6997	}
6998	}
6999	}
7000
7001	if (dysymtab != NULL && doCoalescedSlides == false) {
7002	if (dysymtab->nextrel > `0`) {
7003	OSKextLog(aKext: this,
7004	kOSKextLogErrorLevel \| kOSKextLogLoadFlag \|
7005	kOSKextLogLinkFlag,
7006	format: "Sliding kext %s: External relocations found.",
7007	getIdentifierCString());
7008	goto finish;
7009	}
7010
7011	if (dysymtab->nlocrel > `0`) {
7012	if (!haveLinkeditBase) {
7013	OSKextLog(aKext: this,
7014	kOSKextLogErrorLevel \| kOSKextLogLoadFlag \|
7015	kOSKextLogLinkFlag,
7016	format: "Sliding kext %s: No linkedit segment.",
7017	getIdentifierCString());
7018	goto finish;
7019	}
7020
7021	if (!haveRelocBase) {
7022	OSKextLog(aKext: this,
7023	kOSKextLogErrorLevel \| kOSKextLogLoadFlag \|
7024	kOSKextLogLinkFlag,
7025	#if __x86_64__
7026	"Sliding kext %s: No writable segments.",
7027	#else
7028	format: "Sliding kext %s: No segments.",
7029	#endif
7030	getIdentifierCString());
7031	goto finish;
7032	}
7033
7034	reloc = (struct relocation_info *) (linkeditBase + dysymtab->locreloff);
7035	reloc_size = dysymtab->nlocrel * sizeof(struct relocation_info);
7036
7037	for (i = `0`; i < dysymtab->nlocrel; i++) {
7038	if (reloc[i].r_extern != `0`
7039	\|\| reloc[i].r_type != `0`
7040	\|\| reloc[i].r_length != (sizeof(void *) == `8` ? `3` : `2`)
7041	) {
7042	OSKextLog(aKext: this,
7043	kOSKextLogErrorLevel \| kOSKextLogLoadFlag \|
7044	kOSKextLogLinkFlag,
7045	format: "Sliding kext %s: Unexpected relocation found.",
7046	getIdentifierCString());
7047	goto finish;
7048	}
7049	if (reloc[i].r_pcrel != `0`) {
7050	continue;
7051	}
7052	uintptr_t relocAddr = (uintptr_t)(relocBase + reloc[i].r_address);
7053	relocAddr = ml_static_slide(vaddr: relocAddr);
7054
7055	#if KASLR_KEXT_DEBUG
7056	#define MAX_DYSYMS_TO_LOG 5
7057	if (i < MAX_DYSYMS_TO_LOG) {
7058	IOLog("kaslr: LC_DYSYMTAB unslid 0x%lx slid 0x%lx \n",
7059	(unsigned long)ml_static_unslide(((uintptr_t )(relocAddr))),
7060	(unsigned long)((uintptr_t )(relocBase + reloc[i].r_address)));
7061	}
7062	#endif
7063	}
7064
7065	/ We should free these relocations, not just delete the reference to them.*
7066	* <rdar://problem/10535549> Free relocations from PIE kexts.
7067	*
7068	* For now, we do not free LINKEDIT for kexts with split segments.
7069	*/
7070	new_kextsize = round_page(x: kmod_info->size - reloc_size);
7071	if (new_kextsize > UINT_MAX) {
7072	OSKextLog(aKext: this,
7073	kOSKextLogErrorLevel \| kOSKextLogLoadFlag \|
7074	kOSKextLogLinkFlag,
7075	format: "Kext %s: new kext size is too large.",
7076	getIdentifierCString());
7077	goto finish;
7078	}
7079	if (((kmod_info->size - new_kextsize) > PAGE_SIZE) && (!segmentSplitInfo)) {
7080	vm_offset_t endofkext = kmod_info->address + kmod_info->size;
7081	vm_offset_t new_endofkext = kmod_info->address + new_kextsize;
7082	vm_offset_t endofrelocInfo = (vm_offset_t) (((uint8_t *)reloc) + reloc_size);
7083	size_t bytes_remaining = endofkext - endofrelocInfo;
7084	OSSharedPtr<OSData> new_osdata;
7085
7086	/ fix up symbol offsets if they are after the dsymtab local relocs /
7087	if (symtab) {
7088	if (dysymtab->locreloff < symtab->symoff) {
7089	symtab->symoff -= reloc_size;
7090	}
7091	if (dysymtab->locreloff < symtab->stroff) {
7092	symtab->stroff -= reloc_size;
7093	}
7094	}
7095	if (dysymtab->locreloff < dysymtab->extreloff) {
7096	dysymtab->extreloff -= reloc_size;
7097	}
7098
7099	/ move data behind reloc info down to new offset /
7100	if (endofrelocInfo < endofkext) {
7101	memcpy(dst: reloc, src: (void *)endofrelocInfo, n: bytes_remaining);
7102	}
7103
7104	/ Create a new OSData for the smaller kext object and reflect*
7105	* new linkedit segment size.
7106	*/
7107	linkeditSeg->vmsize = round_page(x: linkeditSeg->vmsize - reloc_size);
7108	linkeditSeg->filesize = linkeditSeg->vmsize;
7109
7110	new_osdata = OSData::withBytesNoCopy(bytes: (void )kmod_info->address, numBytes: (unsigned* int)new_kextsize);
7111	if (new_osdata) {
7112	/ Fix up kmod info and linkedExecutable.*
7113	*/
7114	kmod_info->size = new_kextsize;
7115	/*
7116	* Fileset KCs are mapped as a whole by iBoot.
7117	* Individual kext executables should not be unmapped
7118	* by xnu.
7119	* Doing so may result in panics like rdar://85419651
7120	*/
7121	if (PE_get_kc_format(type: kc_type, format: &format) && (format == KCFormatFileset)) {
7122	new_osdata ->setDeallocFunction(NULL);
7123	} else { // Not from a Fileset KC
7124	#if VM_MAPPED_KEXTS
7125	new_osdata->setDeallocFunction(osdata_kext_free);
7126	#else
7127	new_osdata ->setDeallocFunction(osdata_phys_free);
7128	#endif
7129	}
7130	linkedExecutable ->setDeallocFunction(NULL);
7131	linkedExecutable = os::move(t&: new_osdata);
7132
7133	#if VM_MAPPED_KEXTS
7134	kext_free(new_endofkext, (endofkext - new_endofkext));
7135	#else
7136	ml_static_mfree(new_endofkext, (endofkext - new_endofkext));
7137	#endif
7138	}
7139	}
7140	dysymtab->nlocrel = `0`;
7141	dysymtab->locreloff = `0`;
7142	}
7143	}
7144
7145	result = kOSReturnSuccess;
7146	finish:
7147	return result;
7148	}
7149
7150	/*********************************************************************
7151	* called only by load()
7152	*********************************************************************/
7153	OSReturn
7154	OSKext::loadExecutable()
7155	{
7156	OSReturn result = kOSReturnError;
7157	OSSharedPtr<OSArray> linkDependencies;
7158	uint32_t num_kmod_refs = `0`;
7159	OSData * theExecutable = NULL; // do not release
7160	OSString * versString = NULL; // do not release
7161	const char * versCString = NULL; // do not free
7162	const char * string = NULL; // do not free
7163
7164	#if CONFIG_KXLD
7165	unsigned int i;
7166	uint32_t numDirectDependencies = `0`;
7167	kern_return_t kxldResult;
7168	KXLDDependency * kxlddeps = NULL; // must kfree
7169	uint32_t num_kxlddeps = `0`;
7170	struct mach_header ** kxldHeaderPtr = NULL; // do not free
7171	struct mach_header * kxld_header = NULL; // xxx - need to free here?
7172	#endif // CONFIG_KXLD
7173
7174	/ We need the version string for a variety of bits below.*
7175	*/
7176	versString = OSDynamicCast(OSString,
7177	getPropertyForHostArch(kCFBundleVersionKey));
7178	if (!versString) {
7179	goto finish;
7180	}
7181	versCString = versString->getCStringNoCopy();
7182
7183	if (isKernelComponent()) {
7184	if (STRING_HAS_PREFIX(versCString, KERNEL_LIB_PREFIX)) {
7185	if (strncmp(s1: versCString, KERNEL6_VERSION, n: strlen(KERNEL6_VERSION))) {
7186	OSKextLog(aKext: this,
7187	kOSKextLogErrorLevel \|
7188	kOSKextLogLoadFlag,
7189	format: "Kernel component %s has incorrect version %s; "
7190	"expected %s.",
7191	getIdentifierCString(),
7192	versCString, KERNEL6_VERSION);
7193	result = kOSKextReturnInternalError;
7194	goto finish;
7195	} else if (strcmp(s1: versCString, s2: osrelease)) {
7196	OSKextLog(aKext: this,
7197	kOSKextLogErrorLevel \|
7198	kOSKextLogLoadFlag,
7199	format: "Kernel component %s has incorrect version %s; "
7200	"expected %s.",
7201	getIdentifierCString(),
7202	versCString, osrelease);
7203	result = kOSKextReturnInternalError;
7204	goto finish;
7205	}
7206	}
7207	}
7208
7209	#if defined(__x86_64__) \|\| defined(__i386__)
7210	if (flags.resetSegmentsFromVnode) {
7211	/ Fixup the chains and slide the mach headers /
7212	kernel_mach_header_t mh = (kernel_mach_header_t )kmod_info->address;
7213
7214	if (i386_slide_individual_kext(mh, PE_get_kc_slide(kc_type)) != KERN_SUCCESS) {
7215	result = kOSKextReturnValidation;
7216	goto finish;
7217	}
7218	}
7219	#endif //(__x86_64__) \|\| defined(__i386__)
7220
7221	if (isPrelinked()) {
7222	goto register_kmod;
7223	}
7224
7225	/ <rdar://problem/21444003> all callers must be entitled /
7226	if (FALSE == IOCurrentTaskHasEntitlement(kOSKextCollectionManagementEntitlement)) {
7227	OSKextLog(aKext: this,
7228	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
7229	format: "Not entitled to link kext '%s'",
7230	getIdentifierCString());
7231	result = kOSKextReturnNotPrivileged;
7232	goto finish;
7233	}
7234
7235	theExecutable = getExecutable();
7236	if (!theExecutable) {
7237	if (declaresExecutable()) {
7238	OSKextLog(aKext: this,
7239	kOSKextLogErrorLevel \|
7240	kOSKextLogLoadFlag,
7241	format: "Can't load kext %s - executable is missing.",
7242	getIdentifierCString());
7243	result = kOSKextReturnValidation;
7244	goto finish;
7245	}
7246	goto register_kmod;
7247	}
7248
7249	if (isInterface()) {
7250	OSSharedPtr<OSData> executableCopy = OSData::withData(inData: theExecutable);
7251	if (executableCopy) {
7252	setLinkedExecutable(executableCopy.get());
7253	}
7254	goto register_kmod;
7255	}
7256
7257	#if CONFIG_KXLD
7258	numDirectDependencies = getNumDependencies();
7259
7260	if (flags.hasBleedthrough) {
7261	linkDependencies = dependencies;
7262	} else {
7263	linkDependencies = OSArray::withArray(dependencies.get());
7264	if (!linkDependencies) {
7265	OSKextLog(this,
7266	kOSKextLogErrorLevel \|
7267	kOSKextLogLoadFlag \| kOSKextLogLinkFlag,
7268	"Can't allocate link dependencies to load kext %s.",
7269	getIdentifierCString());
7270	goto finish;
7271	}
7272
7273	for (i = `0`; i < numDirectDependencies; ++i) {
7274	OSKext * dependencyKext = OSDynamicCast(OSKext,
7275	dependencies->getObject(i));
7276	dependencyKext->addBleedthroughDependencies(linkDependencies.get());
7277	}
7278	}
7279
7280	num_kxlddeps = linkDependencies->getCount();
7281	if (!num_kxlddeps) {
7282	OSKextLog(this,
7283	kOSKextLogErrorLevel \|
7284	kOSKextLogLoadFlag \| kOSKextLogDependenciesFlag,
7285	"Can't load kext %s - it has no library dependencies.",
7286	getIdentifierCString());
7287	goto finish;
7288	}
7289
7290	kxlddeps = kalloc_type_tag(KXLDDependency, num_kxlddeps, Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
7291	if (!kxlddeps) {
7292	OSKextLog(this,
7293	kOSKextLogErrorLevel \|
7294	kOSKextLogLoadFlag \| kOSKextLogLinkFlag,
7295	"Can't allocate link context to load kext %s.",
7296	getIdentifierCString());
7297	goto finish;
7298	}
7299	bzero(kxlddeps, num_kxlddeps * sizeof(*kxlddeps));
7300
7301	for (i = `0`; i < num_kxlddeps; ++i) {
7302	OSKext * dependency = OSDynamicCast(OSKext, linkDependencies->getObject(i));
7303
7304	if (dependency->isInterface()) {
7305	OSKext interfaceTargetKext = NULL; //do not release*
7306	OSData * interfaceTarget = NULL; //do not release
7307
7308	if (dependency->isKernelComponent()) {
7309	interfaceTargetKext = sKernelKext;
7310	interfaceTarget = sKernelKext->linkedExecutable.get();
7311	} else {
7312	interfaceTargetKext = OSDynamicCast(OSKext,
7313	dependency->dependencies->getObject(`0`));
7314
7315	interfaceTarget = interfaceTargetKext->linkedExecutable.get();
7316	}
7317
7318	if (!interfaceTarget) {
7319	// panic?
7320	goto finish;
7321	}
7322
7323	/ The names set here aren't actually logged yet <rdar://problem/7941514>,*
7324	* it will be useful to have them in the debugger.
7325	* strdup() failing isn't critical right here so we don't check that.
7326	*/
7327	kxlddeps[i].kext = (u_char *) interfaceTarget->getBytesNoCopy();
7328	kxlddeps[i].kext_size = interfaceTarget->getLength();
7329	kxlddeps[i].kext_name = strdup(interfaceTargetKext->getIdentifierCString());
7330
7331	if (dependency->linkedExecutable != NULL) {
7332	kxlddeps[i].interface = (u_char *) dependency->linkedExecutable->getBytesNoCopy();
7333	kxlddeps[i].interface_size = dependency->linkedExecutable->getLength();
7334	} else {
7335	kxlddeps[i].interface = (u_char *) NULL;
7336	kxlddeps[i].interface_size = `0`;
7337	}
7338	kxlddeps[i].interface_name = strdup(dependency->getIdentifierCString());
7339	} else {
7340	kxlddeps[i].kext = (u_char *) dependency->linkedExecutable->getBytesNoCopy();
7341	kxlddeps[i].kext_size = dependency->linkedExecutable->getLength();
7342	kxlddeps[i].kext_name = strdup(dependency->getIdentifierCString());
7343	}
7344
7345	kxlddeps[i].is_direct_dependency = (i < numDirectDependencies);
7346	}
7347
7348	kxldHeaderPtr = &kxld_header;
7349
7350	#if DEBUG
7351	OSKextLog(this,
7352	kOSKextLogExplicitLevel \|
7353	kOSKextLogLoadFlag \| kOSKextLogLinkFlag,
7354	"Kext %s - calling kxld_link_file:\n"
7355	" kxld_context: %p\n"
7356	" executable: %p executable_length: %d\n"
7357	" user_data: %p\n"
7358	" kxld_dependencies: %p num_dependencies: %d\n"
7359	" kxld_header_ptr: %p kmod_info_ptr: %p\n",
7360	getIdentifierCString(), sKxldContext,
7361	theExecutable->getBytesNoCopy(), theExecutable->getLength(),
7362	this, kxlddeps, num_kxlddeps,
7363	kxldHeaderPtr, &kmod_info);
7364	#endif
7365
7366	/ After this call, the linkedExecutable instance variable*
7367	* should exist.
7368	*/
7369	kxldResult = kxld_link_file(sKxldContext,
7370	(u_char *)theExecutable->getBytesNoCopy(),
7371	theExecutable->getLength(),
7372	getIdentifierCString(), this, kxlddeps, num_kxlddeps,
7373	(u_char *)kxldHeaderPtr, (kxld_addr_t )&kmod_info);
7374
7375	if (kxldResult != KERN_SUCCESS) {
7376	// xxx - add kxldResult here?
7377	OSKextLog(this,
7378	kOSKextLogErrorLevel \|
7379	kOSKextLogLoadFlag,
7380	"Can't load kext %s - link failed.",
7381	getIdentifierCString());
7382	result = kOSKextReturnLinkError;
7383	goto finish;
7384	}
7385
7386	/ We've written data & instructions into kernel memory, so flush the data*
7387	* cache and invalidate the instruction cache.
7388	* I/D caches are coherent on x86
7389	*/
7390	#if !defined(__i386__) && !defined(__x86_64__)
7391	flush_dcache(kmod_info->address, kmod_info->size, false);
7392	invalidate_icache(kmod_info->address, kmod_info->size, false);
7393	#endif
7394
7395	#else // !CONFIG_KXLD
7396	OSKextLog(aKext: this, kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
7397	format: "Refusing to link non-prelinked kext: %s (no kxld support)", getIdentifierCString());
7398	result = kOSKextReturnLinkError;
7399	goto finish;
7400	#endif // CONFIG_KXLD
7401
7402	register_kmod:
7403
7404	if (isInterface()) {
7405	/ Whip up a fake kmod_info entry for the interface kext.*
7406	*/
7407	kmod_info = kalloc_type(kmod_info_t, (zalloc_flags_t)(Z_WAITOK \| Z_ZERO));
7408	if (!kmod_info) {
7409	result = KERN_MEMORY_ERROR;
7410	goto finish;
7411	}
7412
7413	/ A pseudokext has almost nothing in its kmod_info struct.*
7414	*/
7415	kmod_info->info_version = KMOD_INFO_VERSION;
7416
7417	/ An interface kext doesn't have a linkedExecutable, so save a*
7418	* copy of the UUID out of the original executable via copyUUID()
7419	* while we still have the original executable.
7420	*/
7421	interfaceUUID = copyUUID();
7422	}
7423
7424	kmod_info->id = loadTag = sNextLoadTag++;
7425	kmod_info->reference_count = `0`; // KMOD_DECL... sets it to -1 (invalid).
7426
7427	/ Stamp the bundle ID and version from the OSKext over anything*
7428	* resident inside the kmod_info.
7429	*/
7430	string = getIdentifierCString();
7431	strlcpy(dst: kmod_info->name, src: string, n: sizeof(kmod_info->name));
7432
7433	string = versCString;
7434	strlcpy(dst: kmod_info->version, src: string, n: sizeof(kmod_info->version));
7435
7436	/ Add the dependencies' kmod_info structs as kmod_references.*
7437	*/
7438	num_kmod_refs = getNumDependencies();
7439	if (num_kmod_refs) {
7440	kmod_info->reference_list = kalloc_type_tag(kmod_reference_t,
7441	num_kmod_refs, Z_WAITOK_ZERO, VM_KERN_MEMORY_OSKEXT);
7442	if (!kmod_info->reference_list) {
7443	result = KERN_MEMORY_ERROR;
7444	goto finish;
7445	}
7446	for (uint32_t refIndex = `0`; refIndex < num_kmod_refs; refIndex++) {
7447	kmod_reference_t * ref = &(kmod_info->reference_list[refIndex]);
7448	OSKext * refKext = OSDynamicCast(OSKext, dependencies ->getObject(refIndex));
7449	ref->info = refKext->kmod_info;
7450	ref->info->reference_count++;
7451
7452	if (refIndex + `1` < num_kmod_refs) {
7453	ref->next = kmod_info->reference_list + refIndex + `1`;
7454	}
7455	}
7456	}
7457
7458	if (kmod_info->hdr_size > UINT32_MAX) {
7459	OSKextLog(aKext: this,
7460	kOSKextLogErrorLevel \|
7461	kOSKextLogLoadFlag,
7462	#if __LP64__
7463	format: "Kext %s header size is too large (%lu > UINT32_MAX).",
7464	#else
7465	"Kext %s header size is too large (%u > UINT32_MAX).",
7466	#endif
7467	kmod_info->name,
7468	kmod_info->hdr_size);
7469	result = KERN_FAILURE;
7470	goto finish;
7471	}
7472
7473	if (kmod_info->size > UINT32_MAX) {
7474	OSKextLog(aKext: this,
7475	kOSKextLogErrorLevel \|
7476	kOSKextLogLoadFlag,
7477	#if __LP64__
7478	format: "Kext %s size is too large (%lu > UINT32_MAX).",
7479	#else
7480	"Kext %s size is too large (%u > UINT32_MAX).",
7481	#endif
7482	kmod_info->name,
7483	kmod_info->size);
7484	result = KERN_FAILURE;
7485	goto finish;
7486	}
7487
7488	if (!isInterface() && linkedExecutable) {
7489	OSKextLog(aKext: this,
7490	kOSKextLogProgressLevel \|
7491	kOSKextLogLoadFlag,
7492	format: "Kext %s executable loaded; %u pages at 0x%lx (load tag %u).",
7493	kmod_info->name,
7494	(unsigned)kmod_info->size / PAGE_SIZE,
7495	(unsigned long)ml_static_unslide(vaddr: kmod_info->address),
7496	(unsigned)kmod_info->id);
7497	}
7498
7499	/ VM protections and wiring for the Aux KC are done at collection loading time /
7500	if (kc_type != KCKindAuxiliary \|\| flags.resetSegmentsFromVnode) {
7501	/ if prelinked and primary KC, VM protections are already set /
7502	result = setVMAttributes(protect: !isPrelinked() \|\| flags.resetSegmentsFromVnode, wire: true);
7503	if (result != KERN_SUCCESS) {
7504	goto finish;
7505	}
7506	}
7507
7508	#if KASAN
7509	if (linkedExecutable) {
7510	kasan_load_kext((vm_offset_t)linkedExecutable->getBytesNoCopy(),
7511	linkedExecutable->getLength(), getIdentifierCString());
7512	}
7513	#else
7514	if (lookupSection(KASAN_GLOBAL_SEGNAME, KASAN_GLOBAL_SECTNAME)) {
7515	OSKextLog(aKext: this,
7516	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
7517	format: "KASAN: cannot load KASAN-ified kext %s on a non-KASAN kernel\n",
7518	getIdentifierCString()
7519	);
7520	result = KERN_FAILURE;
7521	goto finish;
7522	}
7523	#endif
7524
7525	result = kOSReturnSuccess;
7526
7527	finish:
7528
7529	#if CONFIG_KXLD
7530	/ Clear up locally allocated dependency info.*
7531	*/
7532	for (i = `0`; i < num_kxlddeps; ++i) {
7533	size_t size;
7534
7535	if (kxlddeps[i].kext_name) {
7536	size = `1` + strlen(kxlddeps[i].kext_name);
7537	kfree_data(kxlddeps[i].kext_name, size);
7538	}
7539	if (kxlddeps[i].interface_name) {
7540	size = `1` + strlen(kxlddeps[i].interface_name);
7541	kfree_data(kxlddeps[i].interface_name, size);
7542	}
7543	}
7544	if (kxlddeps) {
7545	kfree_type(KXLDDependency, num_kxlddeps, kxlddeps);
7546	}
7547	#endif // CONFIG_KXLD
7548
7549	/ We no longer need the unrelocated executable (which the linker*
7550	* has altered anyhow).
7551	*/
7552	setExecutable(NULL);
7553
7554	if (result != kOSReturnSuccess) {
7555	OSKextLog(aKext: this,
7556	kOSKextLogErrorLevel \|
7557	kOSKextLogLoadFlag,
7558	format: "Failed to load executable for kext %s.",
7559	getIdentifierCString());
7560
7561	if (kmod_info && kmod_info->reference_list) {
7562	kfree_type(kmod_reference_t, num_kmod_refs,
7563	kmod_info->reference_list);
7564	}
7565	if (isInterface()) {
7566	kfree_type(kmod_info_t, kmod_info);
7567	kmod_info = NULL;
7568	}
7569	if (kc_type == KCKindUnknown) {
7570	kmod_info = NULL;
7571	if (linkedExecutable) {
7572	linkedExecutable.reset();
7573	}
7574	}
7575	}
7576
7577	return result;
7578	}
7579
7580	/ static /
7581	void
7582	OSKext::jettisonFileSetLinkeditSegment(kernel_mach_header_t *mh)
7583	{
7584	kernel_segment_command_t *linkeditseg = NULL;
7585
7586	linkeditseg = getsegbynamefromheader(header: mh, SEG_LINKEDIT);
7587	if (linkeditseg == NULL) {
7588	panic("FileSet booted with no Linkedit segment");
7589	}
7590
7591	#if VM_MAPPED_KEXTS
7592	/ BootKC on x86_64 is not vm mapped /
7593	ml_static_mfree(linkeditseg->vmaddr, linkeditseg->vmsize);
7594
7595	OSKextLog(/ kext / NULL,
7596	kOSKextLogProgressLevel \|
7597	kOSKextLogGeneralFlag,
7598	"Jettisoning fileset Linkedit segments from vmaddr %llx with size %llu",
7599	linkeditseg->vmaddr, linkeditseg->vmsize);
7600	#else
7601	/ BootKC on arm64 is not vm mapped, but is slid /
7602	#if !CONFIG_SPTM
7603	vm_offset_t linkedit_vmaddr = ml_static_ptovirt((vm_offset_t)(linkeditseg->vmaddr - gVirtBase + gPhysBase));
7604	#else
7605	vm_offset_t linkedit_vmaddr = linkeditseg->vmaddr;
7606	#endif
7607
7608	ml_static_mfree(linkedit_vmaddr, (vm_size_t)linkeditseg->vmsize);
7609
7610	OSKextLog(/ kext / NULL,
7611	kOSKextLogProgressLevel \|
7612	kOSKextLogGeneralFlag,
7613	format: "Jettisoning fileset Linkedit segments from vmaddr %llx with size %llu",
7614	(unsigned long long)linkedit_vmaddr, (unsigned long long)linkeditseg->vmsize);
7615	#endif /* VM_MAPPED_KEXTS */
7616	}
7617
7618	/*********************************************************************
7619	* The linkedit segment is used by the kext linker for dependency
7620	* resolution, and by dtrace for probe initialization. We can free it
7621	* for non-library kexts, since no kexts depend on non-library kexts
7622	* by definition, once dtrace has been initialized.
7623	*********************************************************************/
7624	void
7625	OSKext::jettisonLinkeditSegment(void)
7626	{
7627	kernel_mach_header_t * machhdr = (kernel_mach_header_t *)kmod_info->address;
7628	kernel_segment_command_t * linkedit = NULL;
7629	vm_offset_t start;
7630	vm_size_t linkeditsize, kextsize;
7631	OSSharedPtr<OSData> data;
7632	kc_format format = KCFormatUnknown;
7633
7634	if (isInFileset()) {
7635	return;
7636	}
7637
7638	#if NO_KEXTD
7639	/ We can free symbol tables for all embedded kexts because we don't*
7640	* support runtime kext linking.
7641	*/
7642	if (sKeepSymbols \|\| !isExecutable() \|\| !linkedExecutable \|\| flags.jettisonLinkeditSeg) {
7643	#else
7644	if (sKeepSymbols \|\| isLibrary() \|\| !isExecutable() \|\| !linkedExecutable \|\| flags.jettisonLinkeditSeg) {
7645	#endif
7646	goto finish;
7647	}
7648
7649	/ Find the linkedit segment. If it's not the last segment, then freeing*
7650	* it will fragment the kext into multiple VM regions, which OSKext is not
7651	* designed to handle, so we'll have to skip it.
7652	*/
7653	linkedit = getsegbynamefromheader(header: machhdr, SEG_LINKEDIT);
7654	if (!linkedit) {
7655	goto finish;
7656	}
7657
7658	if (round_page(x: kmod_info->address + kmod_info->size) !=
7659	round_page(x: linkedit->vmaddr + linkedit->vmsize)) {
7660	goto finish;
7661	}
7662
7663	/ Create a new OSData for the smaller kext object.*
7664	*/
7665	linkeditsize = round_page(x: linkedit->vmsize);
7666	kextsize = kmod_info->size - linkeditsize;
7667	start = linkedit->vmaddr;
7668
7669	if (kextsize > UINT_MAX) {
7670	goto finish;
7671	}
7672	data = OSData::withBytesNoCopy(bytes: (void )kmod_info->address, numBytes: (unsigned* int)kextsize);
7673	if (!data) {
7674	goto finish;
7675	}
7676
7677	/ Fix the kmod info and linkedExecutable.*
7678	*/
7679	kmod_info->size = kextsize;
7680
7681	/*
7682	* Fileset KCs are mapped as a whole by iBoot.
7683	* Individual kext executables should not be unmapped by xnu
7684	* Doing so may result in panics like rdar://85419651
7685	*/
7686	if (PE_get_kc_format(type: kc_type, format: &format) && (format == KCFormatFileset)) {
7687	data ->setDeallocFunction(NULL);
7688	} else { // Not from a Fileset KC
7689	#if VM_MAPPED_KEXTS
7690	data->setDeallocFunction(osdata_kext_free);
7691	#else
7692	data ->setDeallocFunction(osdata_phys_free);
7693	#endif
7694	}
7695	linkedExecutable ->setDeallocFunction(NULL);
7696	linkedExecutable = os::move(t&: data);
7697	flags.jettisonLinkeditSeg = `1`;
7698
7699	/ Free the linkedit segment.*
7700	*/
7701	#if VM_MAPPED_KEXTS
7702	kext_free(start, linkeditsize);
7703	#else
7704	ml_static_mfree(start, linkeditsize);
7705	#endif
7706
7707	finish:
7708	return;
7709	}
7710
7711	/*********************************************************************
7712	* If there are whole pages that are unused betweem the last section
7713	* of the DATA segment and the end of the DATA segment then we can free
7714	* them
7715	*********************************************************************/
7716	void
7717	OSKext::jettisonDATASegmentPadding(void)
7718	{
7719	kernel_mach_header_t * mh;
7720	kernel_segment_command_t * dataSeg;
7721	kernel_section_t * sec, * lastSec;
7722	vm_offset_t dataSegEnd, lastSecEnd;
7723	vm_size_t padSize;
7724
7725	if (flags.builtin) {
7726	return;
7727	}
7728	mh = (kernel_mach_header_t *)kmod_info->address;
7729
7730	if (isInFileset()) {
7731	return;
7732	}
7733
7734	dataSeg = getsegbynamefromheader(header: mh, SEG_DATA);
7735	if (dataSeg == NULL) {
7736	return;
7737	}
7738
7739	lastSec = NULL;
7740	sec = firstsect(sgp: dataSeg);
7741	while (sec != NULL) {
7742	lastSec = sec;
7743	sec = nextsect(sgp: dataSeg, sp: sec);
7744	}
7745
7746	if (lastSec == NULL) {
7747	return;
7748	}
7749
7750	if ((dataSeg->vmaddr != round_page(x: dataSeg->vmaddr)) \|\|
7751	(dataSeg->vmsize != round_page(x: dataSeg->vmsize))) {
7752	return;
7753	}
7754
7755	dataSegEnd = dataSeg->vmaddr + dataSeg->vmsize;
7756	lastSecEnd = round_page(x: lastSec->addr + lastSec->size);
7757
7758	if (dataSegEnd <= lastSecEnd) {
7759	return;
7760	}
7761
7762	padSize = dataSegEnd - lastSecEnd;
7763
7764	if (padSize >= PAGE_SIZE) {
7765	#if VM_MAPPED_KEXTS
7766	kext_free(lastSecEnd, padSize);
7767	#else
7768	ml_static_mfree(lastSecEnd, padSize);
7769	#endif
7770	}
7771	}
7772
7773	/*********************************************************************
7774	*********************************************************************/
7775	void
7776	OSKext::setLinkedExecutable(OSData * anExecutable)
7777	{
7778	if (linkedExecutable) {
7779	panic("Attempt to set linked executable on kext "
7780	"that already has one (%s).\n",
7781	getIdentifierCString());
7782	}
7783	linkedExecutable.reset(p: anExecutable, OSRetain);
7784	return;
7785	}
7786
7787	#if CONFIG_DTRACE
7788	/*********************************************************************
7789	* Go through all loaded kexts and tell them to register with dtrace.
7790	* The instance method only registers if necessary.
7791	*********************************************************************/
7792	/ static /
7793	void
7794	OSKext::registerKextsWithDTrace(void)
7795	{
7796	uint32_t count = sLoadedKexts ->getCount();
7797	uint32_t i;
7798
7799	IORecursiveLockLock(lock: sKextLock);
7800
7801	for (i = `0`; i < count; i++) {
7802	OSKext * thisKext = NULL; // do not release
7803
7804	thisKext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
7805	if (!thisKext \|\| !thisKext->isExecutable()) {
7806	continue;
7807	}
7808
7809	thisKext->registerWithDTrace();
7810	}
7811
7812	IORecursiveLockUnlock(lock: sKextLock);
7813
7814	return;
7815	}
7816
7817	extern "C" {
7818	extern int (dtrace_modload)(struct* kmod_info *, uint32_t);
7819	extern int (dtrace_modunload)(struct* kmod_info *);
7820	};
7821
7822	/*********************************************************************
7823	*********************************************************************/
7824	void
7825	OSKext::registerWithDTrace(void)
7826	{
7827	/ Register kext with dtrace. A dtrace_modload failure should not*
7828	* prevent a kext from loading, so we ignore the return code.
7829	*/
7830	if (!flags.dtraceInitialized && (dtrace_modload != NULL)) {
7831	uint32_t modflag = `0`;
7832	OSObject * forceInit = getPropertyForHostArch(key: "OSBundleForceDTraceInit");
7833
7834	if (!sKeepSymbols && kc_type == KCKindPrimary) {
7835	if (forceInit == kOSBooleanTrue) {
7836	OSKextLog(aKext: this,
7837	kOSKextLogBasicLevel \|
7838	kOSKextLogGeneralFlag,
7839	format: "Ignoring OSBundleForceDTraceInit for Boot KC Kext %s",
7840	getIdentifierCString());
7841	forceInit = kOSBooleanFalse;
7842	}
7843	/ Linkedit segment of the Boot KC is gone, make sure fbt_provide_module don't use kernel symbols /
7844	modflag \|= KMOD_DTRACE_NO_KERNEL_SYMS;
7845	}
7846
7847	if (forceInit == kOSBooleanTrue) {
7848	modflag \|= KMOD_DTRACE_FORCE_INIT;
7849	}
7850	if (flags.builtin) {
7851	modflag \|= KMOD_DTRACE_STATIC_KEXT;
7852	}
7853
7854	(void)(*dtrace_modload)(kmod_info, modflag);
7855	flags.dtraceInitialized = true;
7856	jettisonLinkeditSegment();
7857	}
7858	return;
7859	}
7860	/*********************************************************************
7861	*********************************************************************/
7862	void
7863	OSKext::unregisterWithDTrace(void)
7864	{
7865	/ Unregister kext with dtrace. A dtrace_modunload failure should not*
7866	* prevent a kext from loading, so we ignore the return code.
7867	*/
7868	if (flags.dtraceInitialized && (dtrace_modunload != NULL)) {
7869	(void)(*dtrace_modunload)(kmod_info);
7870	flags.dtraceInitialized = false;
7871	}
7872	return;
7873	}
7874	#endif /* CONFIG_DTRACE */
7875
7876
7877	/*********************************************************************
7878	* called only by loadExecutable()
7879	*********************************************************************/
7880	#if !VM_MAPPED_KEXTS
7881	#if defined(__arm__) \|\| defined(__arm64__)
7882	static inline kern_return_t
7883	OSKext_protect(
7884	kernel_mach_header_t *kext_mh,
7885	vm_map_t map,
7886	vm_map_offset_t start,
7887	vm_map_offset_t end,
7888	vm_prot_t new_prot,
7889	boolean_t set_max,
7890	kc_kind_t kc_type)
7891	{
7892	#pragma unused(kext_mh,map,kc_type)
7893	assert(map == kernel_map); // we can handle KEXTs arising from the PRELINK segment and no others
7894	assert(start <= end);
7895	if (start >= end) {
7896	return KERN_SUCCESS; // Punt segments of length zero (e.g., headers) or less (i.e., blunders)
7897	} else if (set_max) {
7898	return KERN_SUCCESS; // Punt set_max, as there's no mechanism to record that state
7899	} else {
7900	return ml_static_protect(start, size: end - start, new_prot);
7901	}
7902	}
7903
7904	static inline kern_return_t
7905	OSKext_wire(
7906	kernel_mach_header_t *kext_mh,
7907	vm_map_t map,
7908	vm_map_offset_t start,
7909	vm_map_offset_t end,
7910	vm_prot_t access_type,
7911	boolean_t user_wire,
7912	kc_kind_t kc_type)
7913	{
7914	#pragma unused(kext_mh,map,start,end,access_type,user_wire,kc_type)
7915	return KERN_SUCCESS; // No-op as PRELINK kexts are cemented into physical memory at boot
7916	}
7917	#else
7918	#error Unrecognized architecture
7919	#endif
7920	#else
7921	static inline kern_return_t
7922	OSKext_protect(
7923	kernel_mach_header_t *kext_mh,
7924	vm_map_t map,
7925	vm_map_offset_t start,
7926	vm_map_offset_t end,
7927	vm_prot_t new_prot,
7928	boolean_t set_max,
7929	kc_kind_t kc_type)
7930	{
7931	if (start == end) { // 10538581
7932	return KERN_SUCCESS;
7933	}
7934	if (kernel_mach_header_is_in_fileset(kext_mh) && kc_type == KCKindPrimary) {
7935	/*
7936	* XXX: This will probably need to be different for AuxKC and
7937	* pageableKC!
7938	*/
7939	return ml_static_protect(start, end - start, new_prot);
7940	}
7941	return vm_map_protect(map, start, end, new_prot, set_max);
7942	}
7943
7944	static inline kern_return_t
7945	OSKext_wire(
7946	kernel_mach_header_t *kext_mh,
7947	vm_map_t map,
7948	vm_map_offset_t start,
7949	vm_map_offset_t end,
7950	vm_prot_t access_type,
7951	boolean_t user_wire,
7952	kc_kind_t kc_type)
7953	{
7954	if (kernel_mach_header_is_in_fileset(kext_mh) && kc_type == KCKindPrimary) {
7955	/ TODO: we may need to hook this for the pageableKC /
7956	return KERN_SUCCESS;
7957	}
7958	return vm_map_wire_kernel(map, start, end, access_type, VM_KERN_MEMORY_KEXT, user_wire);
7959	}
7960	#endif
7961
7962	OSReturn
7963	OSKext::setVMAttributes(bool protect, bool wire)
7964	{
7965	vm_map_t kext_map = NULL;
7966	kernel_segment_command_t * seg = NULL;
7967	vm_map_offset_t start_protect = `0`;
7968	vm_map_offset_t start_wire = `0`;
7969	vm_map_offset_t end_protect = `0`;
7970	vm_map_offset_t end_wire = `0`;
7971	OSReturn result = kOSReturnError;
7972
7973	if (isInterface() \|\| !declaresExecutable() \|\| flags.builtin) {
7974	result = kOSReturnSuccess;
7975	goto finish;
7976	}
7977
7978	/ Get the kext's vm map /
7979	kext_map = kext_get_vm_map(info: kmod_info);
7980	if (!kext_map) {
7981	result = KERN_MEMORY_ERROR;
7982	goto finish;
7983	}
7984
7985	#if !VM_MAPPED_KEXTS
7986	if (getcommandfromheader((kernel_mach_header_t *)kmod_info->address, LC_SEGMENT_SPLIT_INFO)) {
7987	/ This is a split kext in a prelinked kernelcache; we'll let the*
7988	* platform code take care of protecting it. It is already wired.
7989	*/
7990	/ TODO: Should this still allow protections for the first segment*
7991	* to go through, in the event that we have a mix of split and
7992	* unsplit kexts?
7993	*/
7994	result = KERN_SUCCESS;
7995	goto finish;
7996	}
7997
7998	if (isInFileset() && kc_type != KCKindPageable) {
7999	// kexts in filesets have protections setup as part of collection loading
8000	result = KERN_SUCCESS;
8001	goto finish;
8002	}
8003	#endif
8004
8005	/ Protect the headers as read-only; they do not need to be wired /
8006	result = (protect) ? OSKext_protect(kext_mh: (kernel_mach_header_t *)kmod_info->address,
8007	map: kext_map, start: kmod_info->address,
8008	end: kmod_info->address + kmod_info->hdr_size, VM_PROT_READ, TRUE, kc_type)
8009	: KERN_SUCCESS;
8010	if (result != KERN_SUCCESS) {
8011	goto finish;
8012	}
8013
8014	/ Set the VM protections and wire down each of the segments /
8015	seg = firstsegfromheader(header: (kernel_mach_header_t *)kmod_info->address);
8016	while (seg) {
8017	#if __arm__
8018	/ We build all ARM kexts, so we can ensure they are aligned /
8019	assert((seg->vmaddr & PAGE_MASK) == `0`);
8020	assert((seg->vmsize & PAGE_MASK) == `0`);
8021	#endif
8022
8023	/*
8024	* For the non page aligned segments, the range calculation for protection
8025	* and wiring differ as follows:
8026	*
8027	* Protection: The non page aligned data at the start or at the end of the
8028	* segment is excluded from the protection. This exclusion is needed to make
8029	* sure OSKext_protect is not called twice on same page, if the page is shared
8030	* between two segments.
8031	*
8032	* Wiring: The non page aligned data at the start or at the end of the
8033	* segment is included in the wiring range, this inclusion is needed to make sure
8034	* all the data of the segment is wired.
8035	*/
8036	start_protect = round_page(x: seg->vmaddr);
8037	end_protect = trunc_page(seg->vmaddr + seg->vmsize);
8038
8039	start_wire = trunc_page(seg->vmaddr);
8040	end_wire = round_page(x: seg->vmaddr + seg->vmsize);
8041
8042	/*
8043	* Linkedit and Linkinfo for the Pageable KC and the Aux KC are shared
8044	* across kexts and data from kexts is not page aligned
8045	*/
8046	if (protect && (end_protect > start_protect) &&
8047	((strncmp(s1: seg->segname, SEG_LINKEDIT, n: sizeof(seg->segname)) != `0` &&
8048	strncmp(s1: seg->segname, SEG_LINKINFO, n: sizeof(seg->segname)) != `0`) \|\|
8049	(kc_type != KCKindPageable && kc_type != KCKindAuxiliary))) {
8050	result = OSKext_protect(kext_mh: (kernel_mach_header_t *)kmod_info->address,
8051	map: kext_map, start: start_protect, end: end_protect, new_prot: seg->maxprot, TRUE, kc_type);
8052	if (result != KERN_SUCCESS) {
8053	OSKextLog(aKext: this,
8054	kOSKextLogErrorLevel \|
8055	kOSKextLogLoadFlag,
8056	format: "Kext %s failed to set maximum VM protections "
8057	"for segment %s - 0x%x.",
8058	getIdentifierCString(), seg->segname, (int)result);
8059	goto finish;
8060	}
8061
8062	result = OSKext_protect(kext_mh: (kernel_mach_header_t *)kmod_info->address,
8063	map: kext_map, start: start_protect, end: end_protect, new_prot: seg->initprot, FALSE, kc_type);
8064	if (result != KERN_SUCCESS) {
8065	OSKextLog(aKext: this,
8066	kOSKextLogErrorLevel \|
8067	kOSKextLogLoadFlag,
8068	format: "Kext %s failed to set initial VM protections "
8069	"for segment %s - 0x%x.",
8070	getIdentifierCString(), seg->segname, (int)result);
8071	goto finish;
8072	}
8073	}
8074
8075	if (segmentShouldBeWired(seg) && wire) {
8076	result = OSKext_wire(kext_mh: (kernel_mach_header_t *)kmod_info->address,
8077	map: kext_map, start: start_wire, end: end_wire, access_type: seg->initprot, FALSE, kc_type);
8078	if (result != KERN_SUCCESS) {
8079	goto finish;
8080	}
8081	}
8082
8083	seg = nextsegfromheader(header: (kernel_mach_header_t *) kmod_info->address, seg);
8084	}
8085
8086	finish:
8087	return result;
8088	}
8089
8090	/*********************************************************************
8091	*********************************************************************/
8092	boolean_t
8093	OSKext::segmentShouldBeWired(kernel_segment_command_t *seg)
8094	{
8095	return sKeepSymbols \|\| (strncmp(s1: seg->segname, SEG_LINKEDIT, n: sizeof(seg->segname)) &&
8096	strncmp(s1: seg->segname, SEG_LINKINFO, n: sizeof(seg->segname)));
8097	}
8098
8099	/*********************************************************************
8100	*********************************************************************/
8101	OSReturn
8102	OSKext::validateKextMapping(bool startFlag)
8103	{
8104	OSReturn result = kOSReturnError;
8105	const char * whichOp = startFlag ? "start" : "stop";
8106	kern_return_t kern_result = `0`;
8107	vm_map_t kext_map = NULL;
8108	kernel_segment_command_t * seg = NULL;
8109	mach_vm_address_t address = `0`;
8110	mach_vm_size_t size = `0`;
8111	uint32_t depth = `0`;
8112	uint64_t kext_segbase = `0`;
8113	uint64_t kext_segsize = `0`;
8114	mach_msg_type_number_t count;
8115	vm_region_submap_short_info_data_64_t info;
8116	uintptr_t kext_slide = PE_get_kc_slide(type: kc_type);
8117
8118	if (flags.builtin) {
8119	return kOSReturnSuccess;
8120	}
8121
8122	count = VM_REGION_SUBMAP_SHORT_INFO_COUNT_64;
8123	bzero(s: &info, n: sizeof(info));
8124
8125	// xxx - do we need a distinct OSReturn value for these or is "bad data"
8126	// xxx - sufficient?
8127
8128	/ Verify that the kmod_info and start/stop pointers are non-NULL.*
8129	*/
8130	if (!kmod_info) {
8131	OSKextLog(aKext: this,
8132	kOSKextLogErrorLevel \|
8133	kOSKextLogLoadFlag,
8134	format: "Kext %s - NULL kmod_info pointer.",
8135	getIdentifierCString());
8136	result = kOSKextReturnBadData;
8137	goto finish;
8138	}
8139
8140	if (startFlag) {
8141	address = (mach_vm_address_t)kmod_info->start;
8142	} else {
8143	address = (mach_vm_address_t)kmod_info->stop;
8144	}
8145
8146	if (!address) {
8147	OSKextLog(aKext: this,
8148	kOSKextLogErrorLevel \|
8149	kOSKextLogLoadFlag,
8150	format: "Kext %s - NULL module %s pointer.",
8151	getIdentifierCString(), whichOp);
8152	result = kOSKextReturnBadData;
8153	goto finish;
8154	}
8155
8156	kext_map = kext_get_vm_map(info: kmod_info);
8157	depth = (kernel_map == kext_map) ? `1` : `2`;
8158	if (isInFileset()) {
8159	#if defined(HAS_APPLE_PAC)
8160	address = (mach_vm_address_t)ptrauth_auth_data((void*)address, ptrauth_key_function_pointer, `0`);
8161	#endif /* defined(HAS_APPLE_PAC) */
8162	}
8163
8164	/ Verify that the start/stop function lies within the kext's address range.*
8165	*/
8166	if (getcommandfromheader((kernel_mach_header_t *)kmod_info->address, LC_SEGMENT_SPLIT_INFO) \|\|
8167	isInFileset()) {
8168	/ This will likely be how we deal with split kexts; walk the segments to*
8169	* check that the function lies inside one of the segments of this kext.
8170	*/
8171	for (seg = firstsegfromheader(header: (kernel_mach_header_t *)kmod_info->address);
8172	seg != NULL;
8173	seg = nextsegfromheader(header: (kernel_mach_header_t *)kmod_info->address, seg)) {
8174	if ((address >= seg->vmaddr) && address < (seg->vmaddr + seg->vmsize)) {
8175	kext_segbase = seg->vmaddr;
8176	kext_segsize = seg->vmsize;
8177	break;
8178	}
8179	}
8180
8181	if (!seg) {
8182	OSKextLog(aKext: this,
8183	kOSKextLogErrorLevel \|
8184	kOSKextLogLoadFlag,
8185	format: "Kext %s module %s pointer is outside of kext range "
8186	"(%s %p - kext starts at %p).",
8187	getIdentifierCString(),
8188	whichOp,
8189	whichOp,
8190	(void *)(((uintptr_t)address) - kext_slide),
8191	(void *)(((uintptr_t)kmod_info->address) - kext_slide));
8192	result = kOSKextReturnBadData;
8193	goto finish;
8194	}
8195
8196	seg = NULL;
8197	} else {
8198	if (address < kmod_info->address + kmod_info->hdr_size \|\|
8199	kmod_info->address + kmod_info->size <= address) {
8200	OSKextLog(aKext: this,
8201	kOSKextLogErrorLevel \|
8202	kOSKextLogLoadFlag,
8203	format: "Kext %s module %s pointer is outside of kext range "
8204	"(%s %p - kext at %p-%p).",
8205	getIdentifierCString(),
8206	whichOp,
8207	whichOp,
8208	(void *)(((uintptr_t)address) - kext_slide),
8209	(void *)(((uintptr_t)kmod_info->address) - kext_slide),
8210	(void *)((((uintptr_t)kmod_info->address) - kext_slide) + kmod_info->size));
8211	result = kOSKextReturnBadData;
8212	goto finish;
8213	}
8214	}
8215
8216	/ Only do these checks before calling the start function;*
8217	* If anything goes wrong with the mapping while the kext is running,
8218	* we'll likely have panicked well before any attempt to stop the kext.
8219	*/
8220	if (startFlag) {
8221	if (!isInFileset() \|\| kc_type != KCKindPrimary) {
8222	/*
8223	* Verify that the start/stop function is executable.
8224	*/
8225	kern_result = mach_vm_region_recurse(target_task: kernel_map, address: &address, size: &size, nesting_depth: &depth,
8226	info: (vm_region_recurse_info_t)&info, infoCnt: &count);
8227	if (kern_result != KERN_SUCCESS) {
8228	OSKextLog(aKext: this,
8229	kOSKextLogErrorLevel \|
8230	kOSKextLogLoadFlag,
8231	format: "Kext %s - bad %s pointer %p.",
8232	getIdentifierCString(),
8233	whichOp, (void *)ml_static_unslide(vaddr: address));
8234	result = kOSKextReturnBadData;
8235	goto finish;
8236	}
8237	} else {
8238	/*
8239	* Since kexts loaded from the primary KC are held in memory
8240	* allocated by efiboot, we cannot use mach_vm_region_recurse() to
8241	* discover that memory's protection flags. Instead, we need to
8242	* get that information from the kernel pmap itself. Above, we
8243	* (potentially) saved the size of the segment in which the address
8244	* in question was located. If we have a non-zero size, verify
8245	* that all pages in the (address, address + kext_segsize) range
8246	* are marked executable. If we somehow did not record the size
8247	* (or the base) just verify the single page that includes the address.
8248	*/
8249	if (kext_segbase == `0` \|\| kext_segsize == `0`) {
8250	kext_segbase = address & ~(uint64_t)PAGE_MASK;
8251	kext_segsize = PAGE_SIZE;
8252	}
8253	}
8254
8255	#if VM_MAPPED_KEXTS
8256	if (((!isInFileset() \|\| kc_type != KCKindPrimary) && !(info.protection & VM_PROT_EXECUTE)) \|\|
8257	((isInFileset() && kc_type == KCKindPrimary) &&
8258	ml_static_verify_page_protections(kext_segbase, kext_segsize, VM_PROT_EXECUTE) != KERN_SUCCESS)) {
8259	OSKextLog(this,
8260	kOSKextLogErrorLevel \|
8261	kOSKextLogLoadFlag,
8262	"Kext %s - memory region containing module %s function "
8263	"is not executable.",
8264	getIdentifierCString(), whichOp);
8265	result = kOSKextReturnBadData;
8266	goto finish;
8267	}
8268	#endif
8269
8270	/ Verify that the kext's segments are backed by physical memory.*
8271	*/
8272	seg = firstsegfromheader(header: (kernel_mach_header_t *)kmod_info->address);
8273	while (seg) {
8274	if (!verifySegmentMapping(seg)) {
8275	result = kOSKextReturnBadData;
8276	goto finish;
8277	}
8278
8279	seg = nextsegfromheader(header: (kernel_mach_header_t *) kmod_info->address, seg);
8280	}
8281	}
8282
8283	result = kOSReturnSuccess;
8284	finish:
8285	return result;
8286	}
8287
8288	/*********************************************************************
8289	*********************************************************************/
8290	boolean_t
8291	OSKext::verifySegmentMapping(kernel_segment_command_t *seg)
8292	{
8293	mach_vm_address_t address = `0`;
8294
8295	if (seg->vmsize > UINT32_MAX) {
8296	return false;
8297	}
8298
8299	if (!segmentShouldBeWired(seg)) {
8300	return true;
8301	}
8302
8303	for (address = seg->vmaddr;
8304	address < round_page(x: seg->vmaddr + seg->vmsize);
8305	address += PAGE_SIZE) {
8306	if (!pmap_find_phys(pmap: kernel_pmap, va: (vm_offset_t)address)) {
8307	OSKextLog(aKext: this,
8308	kOSKextLogErrorLevel \|
8309	kOSKextLogLoadFlag,
8310	format: "Kext %s - page %p is not backed by physical memory.",
8311	getIdentifierCString(),
8312	(void *)address);
8313	return false;
8314	}
8315	}
8316
8317	return true;
8318	}
8319
8320	/*********************************************************************
8321	*********************************************************************/
8322	static void
8323	OSKextLogKextInfo(OSKext *aKext, uint64_t address, uint64_t size, firehose_tracepoint_code_t code)
8324	{
8325	uint64_t stamp = `0`;
8326	firehose_tracepoint_id_u trace_id;
8327	struct firehose_trace_uuid_info_s uuid_info_s;
8328	firehose_trace_uuid_info_t uuid_info = &uuid_info_s;
8329	size_t uuid_info_len = sizeof(struct firehose_trace_uuid_info_s);
8330	OSSharedPtr<OSData> uuid_data;
8331
8332	stamp = firehose_tracepoint_time(flags: firehose_activity_flags_default);
8333	trace_id.ftid_value = FIREHOSE_TRACE_ID_MAKE(firehose_tracepoint_namespace_metadata, _firehose_tracepoint_type_metadata_kext, (firehose_tracepoint_flags_t)`0`, code);
8334
8335	uuid_data = aKext->copyTextUUID();
8336	if (uuid_data) {
8337	memcpy(dst: uuid_info->ftui_uuid, src: uuid_data ->getBytesNoCopy(), n: sizeof(uuid_info->ftui_uuid));
8338	}
8339
8340	uuid_info->ftui_size = size;
8341	if (aKext->isDriverKit()) {
8342	uuid_info->ftui_address = address;
8343	} else {
8344	uuid_info->ftui_address = ml_static_unslide(vaddr: address);
8345	}
8346	os_log_encoded_metadata(ftid: trace_id, stamp, pubdata: uuid_info, publen: uuid_info_len);
8347	return;
8348	}
8349
8350	void
8351	OSKext::OSKextLogDriverKitInfoLoad(OSKext *kext)
8352	{
8353	OSKextLogKextInfo(aKext: kext, address: kext->getLoadTag(), size: `1`, code: firehose_tracepoint_code_load);
8354	}
8355
8356	/*********************************************************************
8357	*********************************************************************/
8358	OSReturn
8359	OSKext::start(bool startDependenciesFlag)
8360	{
8361	OSReturn result = kOSReturnError;
8362	kern_return_t (* startfunc)(kmod_info_t , void* *);
8363	unsigned int i, count;
8364	void * kmodStartData = NULL;
8365
8366	if (isStarted() \|\| isInterface() \|\| isKernelComponent()) {
8367	result = kOSReturnSuccess;
8368	goto finish;
8369	}
8370
8371	if (!isLoaded()) {
8372	OSKextLog(aKext: this,
8373	kOSKextLogErrorLevel \|
8374	kOSKextLogLoadFlag,
8375	format: "Attempt to start nonloaded kext %s.",
8376	getIdentifierCString());
8377	result = kOSKextReturnInvalidArgument;
8378	goto finish;
8379	}
8380
8381	if (!sLoadEnabled) {
8382	OSKextLog(aKext: this,
8383	kOSKextLogErrorLevel \|
8384	kOSKextLogLoadFlag,
8385	format: "Kext loading is disabled (attempt to start kext %s).",
8386	getIdentifierCString());
8387	result = kOSKextReturnDisabled;
8388	goto finish;
8389	}
8390
8391	result = validateKextMapping(/ start? / startFlag: true);
8392	if (result != kOSReturnSuccess) {
8393	goto finish;
8394	}
8395
8396	startfunc = kmod_info->start;
8397
8398	count = getNumDependencies();
8399	for (i = `0`; i < count; i++) {
8400	OSKext * dependency = OSDynamicCast(OSKext, dependencies ->getObject(i));
8401	if (dependency == NULL) {
8402	OSKextLog(aKext: this,
8403	kOSKextLogErrorLevel \|
8404	kOSKextLogLoadFlag,
8405	format: "Kext %s start - internal error, dependency disappeared.",
8406	getIdentifierCString());
8407	goto finish;
8408	}
8409	if (!dependency->isStarted()) {
8410	if (startDependenciesFlag) {
8411	OSReturn dependencyResult =
8412	dependency->start(startDependenciesFlag);
8413	if (dependencyResult != KERN_SUCCESS) {
8414	OSKextLog(aKext: this,
8415	kOSKextLogErrorLevel \|
8416	kOSKextLogLoadFlag,
8417	format: "Kext %s start - dependency %s failed to start (error 0x%x).",
8418	getIdentifierCString(),
8419	dependency->getIdentifierCString(),
8420	dependencyResult);
8421	goto finish;
8422	}
8423	} else {
8424	OSKextLog(aKext: this,
8425	kOSKextLogErrorLevel \|
8426	kOSKextLogLoadFlag,
8427	format: "Not starting %s - dependency %s not started yet.",
8428	getIdentifierCString(),
8429	dependency->getIdentifierCString());
8430	result = kOSKextReturnStartStopError; // xxx - make new return?
8431	goto finish;
8432	}
8433	}
8434	}
8435
8436	OSKextLog(aKext: this,
8437	kOSKextLogDetailLevel \|
8438	kOSKextLogLoadFlag,
8439	format: "Kext %s calling module start function.",
8440	getIdentifierCString());
8441
8442	flags.starting = `1`;
8443
8444	// Drop a log message so logd can grab the needed information to decode this kext
8445	OSKextLogKextInfo(aKext: this, address: kmod_info->address, size: kmod_info->size, code: firehose_tracepoint_code_load);
8446	result = OSRuntimeInitializeCPP(kext: this);
8447	if (result == KERN_SUCCESS) {
8448	result = startfunc(kmod_info, kmodStartData);
8449	}
8450
8451	flags.starting = `0`;
8452
8453	/ On success overlap the setting of started/starting. On failure just*
8454	* clear starting.
8455	*/
8456	if (result == KERN_SUCCESS) {
8457	flags.started = `1`;
8458
8459	// xxx - log start error from kernel?
8460	OSKextLog(aKext: this,
8461	kOSKextLogProgressLevel \|
8462	kOSKextLogLoadFlag,
8463	format: "Kext %s is now started.",
8464	getIdentifierCString());
8465	} else {
8466	invokeOrCancelRequestCallbacks(
8467	/ result not actually used / kOSKextReturnStartStopError,
8468	/ invokeFlag / false);
8469	OSKextLog(aKext: this,
8470	kOSKextLogWarningLevel \|
8471	kOSKextLogLoadFlag,
8472	format: "Kext %s did not start (return code 0x%x).",
8473	getIdentifierCString(), result);
8474	}
8475
8476	finish:
8477	return result;
8478	}
8479
8480	/*********************************************************************
8481	*********************************************************************/
8482	/ static /
8483	bool
8484	OSKext::canUnloadKextWithIdentifier(
8485	OSString * kextIdentifier,
8486	bool checkClassesFlag)
8487	{
8488	bool result = false;
8489	OSKext * aKext = NULL; // do not release
8490
8491	IORecursiveLockLock(lock: sKextLock);
8492
8493	aKext = OSDynamicCast(OSKext, sKextsByID ->getObject(kextIdentifier));
8494
8495	if (!aKext) {
8496	goto finish; // can't unload what's not loaded
8497	}
8498
8499	if (aKext->isLoaded()) {
8500	if (aKext->getRetainCount() > kOSKextMinLoadedRetainCount) {
8501	goto finish;
8502	}
8503	if (checkClassesFlag && aKext->hasOSMetaClassInstances()) {
8504	goto finish;
8505	}
8506	}
8507
8508	result = true;
8509
8510	finish:
8511	IORecursiveLockUnlock(lock: sKextLock);
8512	return result;
8513	}
8514
8515	/*********************************************************************
8516	*********************************************************************/
8517	OSReturn
8518	OSKext::stop(void)
8519	{
8520	OSReturn result = kOSReturnError;
8521	kern_return_t (stopfunc)(kmod_info_t , void *);
8522
8523	if (!isStarted() \|\| isInterface()) {
8524	result = kOSReturnSuccess;
8525	goto finish;
8526	}
8527
8528	if (!isLoaded()) {
8529	OSKextLog(aKext: this,
8530	kOSKextLogErrorLevel \|
8531	kOSKextLogLoadFlag,
8532	format: "Attempt to stop nonloaded kext %s.",
8533	getIdentifierCString());
8534	result = kOSKextReturnInvalidArgument;
8535	goto finish;
8536	}
8537
8538	/ Refuse to stop if we have clients or instances. It is up to*
8539	* the caller to make sure those aren't true.
8540	*/
8541	if (getRetainCount() > kOSKextMinLoadedRetainCount) {
8542	OSKextLog(aKext: this,
8543	kOSKextLogErrorLevel \|
8544	kOSKextLogLoadFlag,
8545	format: "Kext %s - C++ instances; can't stop.",
8546	getIdentifierCString());
8547	result = kOSKextReturnInUse;
8548	goto finish;
8549	}
8550
8551	if (getRetainCount() > kOSKextMinLoadedRetainCount) {
8552	OSKextLog(aKext: this,
8553	kOSKextLogErrorLevel \|
8554	kOSKextLogLoadFlag,
8555	format: "Kext %s - has references (linkage or tracking object); "
8556	"can't stop.",
8557	getIdentifierCString());
8558	result = kOSKextReturnInUse;
8559	goto finish;
8560	}
8561
8562	/ Note: If validateKextMapping fails on the stop & unload path,*
8563	* we are in serious trouble and a kernel panic is likely whether
8564	* we stop & unload the kext or not.
8565	*/
8566	result = validateKextMapping(/ start? / startFlag: false);
8567	if (result != kOSReturnSuccess) {
8568	goto finish;
8569	}
8570
8571	stopfunc = kmod_info->stop;
8572	if (stopfunc) {
8573	OSKextLog(aKext: this,
8574	kOSKextLogDetailLevel \|
8575	kOSKextLogLoadFlag,
8576	format: "Kext %s calling module stop function.",
8577	getIdentifierCString());
8578
8579	flags.stopping = `1`;
8580
8581	result = stopfunc(kmod_info, / userData / NULL);
8582	if (result == KERN_SUCCESS) {
8583	result = OSRuntimeFinalizeCPP(kext: this);
8584	}
8585
8586	flags.stopping = `0`;
8587
8588	if (result == KERN_SUCCESS) {
8589	flags.started = `0`;
8590
8591	OSKextLog(aKext: this,
8592	kOSKextLogDetailLevel \|
8593	kOSKextLogLoadFlag,
8594	format: "Kext %s is now stopped and ready to unload.",
8595	getIdentifierCString());
8596	} else {
8597	OSKextLog(aKext: this,
8598	kOSKextLogErrorLevel \|
8599	kOSKextLogLoadFlag,
8600	format: "Kext %s did not stop (return code 0x%x).",
8601	getIdentifierCString(), result);
8602	result = kOSKextReturnStartStopError;
8603	}
8604	}
8605
8606	finish:
8607	// Drop a log message so logd can update this kext's metadata
8608	OSKextLogKextInfo(aKext: this, address: kmod_info->address, size: kmod_info->size, code: firehose_tracepoint_code_unload);
8609	return result;
8610	}
8611
8612	/*********************************************************************
8613	*********************************************************************/
8614	OSReturn
8615	OSKext::unload(void)
8616	{
8617	OSReturn result = kOSReturnError;
8618	unsigned int index;
8619	uint32_t num_kmod_refs = `0`;
8620	OSKextAccount * freeAccount;
8621	bool in_fileset = false;
8622
8623	if (!sUnloadEnabled) {
8624	OSKextLog(aKext: this,
8625	kOSKextLogErrorLevel \|
8626	kOSKextLogLoadFlag,
8627	format: "Kext unloading is disabled (%s).",
8628	this->getIdentifierCString());
8629
8630	result = kOSKextReturnDisabled;
8631	goto finish;
8632	}
8633
8634	// cache this result so we don't need to access the kmod_info after
8635	// it's been potentially free'd
8636	in_fileset = isInFileset();
8637
8638	/ Refuse to unload if we have clients or instances. It is up to*
8639	* the caller to make sure those aren't true.
8640	*/
8641	if (getRetainCount() > kOSKextMinLoadedRetainCount) {
8642	// xxx - Don't log under errors? this is more of an info thing
8643	OSKextLog(aKext: this,
8644	kOSKextLogErrorLevel \|
8645	kOSKextLogKextBookkeepingFlag,
8646	format: "Can't unload kext %s; outstanding references %d (linkage or tracking object).",
8647	getIdentifierCString(), getRetainCount());
8648	result = kOSKextReturnInUse;
8649	goto finish;
8650	}
8651
8652	if (isDriverKit()) {
8653	index = sLoadedDriverKitKexts ->getNextIndexOfObject(anObject: this, index: `0`);
8654	if (index != (unsigned int)-`1`) {
8655	sLoadedDriverKitKexts ->removeObject(index);
8656	OSKextLogKextInfo(aKext: this, address: loadTag, size: `1`, code: firehose_tracepoint_code_unload);
8657	loadTag = `0`;
8658	}
8659	}
8660
8661	if (!isLoaded()) {
8662	result = kOSReturnSuccess;
8663	goto finish;
8664	}
8665
8666	if (isKernelComponent()) {
8667	result = kOSKextReturnInvalidArgument;
8668	goto finish;
8669	}
8670
8671	if (metaClasses && !OSMetaClass::removeClasses(metaClasses: metaClasses.get())) {
8672	OSKextLog(aKext: this,
8673	kOSKextLogErrorLevel \|
8674	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
8675	format: "Can't unload kext %s; classes have instances:",
8676	getIdentifierCString());
8677	reportOSMetaClassInstances(kOSKextLogErrorLevel \|
8678	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag);
8679	result = kOSKextReturnInUse;
8680	goto finish;
8681	}
8682
8683	/ Note that the kext is unloading before running any code that*
8684	* might be in the kext (request callbacks, module stop function).
8685	* We will deny certain requests made against a kext in the process
8686	* of unloading.
8687	*/
8688	flags.unloading = `1`;
8689
8690	/ Update the string describing the last kext to unload in case we panic.*
8691	*/
8692	savePanicString(/ isLoading / false);
8693
8694	if (isStarted()) {
8695	result = stop();
8696	if (result != KERN_SUCCESS) {
8697	OSKextLog(aKext: this,
8698	kOSKextLogErrorLevel \|
8699	kOSKextLogLoadFlag,
8700	format: "Kext %s can't unload - module stop returned 0x%x.",
8701	getIdentifierCString(), (unsigned)result);
8702	result = kOSKextReturnStartStopError;
8703	goto finish;
8704	}
8705	}
8706
8707	OSKextLog(aKext: this,
8708	kOSKextLogProgressLevel \|
8709	kOSKextLogLoadFlag,
8710	format: "Kext %s unloading.",
8711	getIdentifierCString());
8712
8713	{
8714	struct list_head *p;
8715	struct list_head *prev;
8716	struct list_head *next;
8717	for (p = pendingPgoHead.next; p != &pendingPgoHead; p = next) {
8718	OSKextGrabPgoStruct *s = container_of(p, OSKextGrabPgoStruct, list_head);
8719	s->err = OSKextGrabPgoDataLocked(kext: this, metadata: s->metadata, instance_uuid, pSize: s->pSize, pBuffer: s->pBuffer, bufferSize: s->bufferSize);
8720	prev = p->prev;
8721	next = p->next;
8722	prev->next = next;
8723	next->prev = prev;
8724	p->prev = p;
8725	p->next = p;
8726	IORecursiveLockWakeup(lock: sKextLock, event: s, oneThread: false);
8727	}
8728	}
8729
8730
8731	/ Even if we don't call the stop function, we want to be sure we*
8732	* have no OSMetaClass references before unloading the kext executable
8733	* from memory. OSMetaClasses may have pointers into the kext executable
8734	* and that would cause a panic on OSKext::free() when metaClasses is freed.
8735	*/
8736	if (metaClasses) {
8737	metaClasses ->flushCollection();
8738	}
8739	(void) OSRuntimeFinalizeCPP(kext: this);
8740
8741	/ Remove the kext from the list of loaded kexts, patch the gap*
8742	* in the kmod_info_t linked list, and reset "kmod" to point to the
8743	* last loaded kext that isn't the fake kernel kext (sKernelKext).
8744	*/
8745	index = sLoadedKexts ->getNextIndexOfObject(anObject: this, index: `0`);
8746	if (index != (unsigned int)-`1`) {
8747	sLoadedKexts ->removeObject(index);
8748
8749	OSKext * nextKext = OSDynamicCast(OSKext,
8750	sLoadedKexts ->getObject(index));
8751
8752	if (nextKext) {
8753	if (index > `0`) {
8754	OSKext * gapKext = OSDynamicCast(OSKext,
8755	sLoadedKexts ->getObject(index - `1`));
8756
8757	nextKext->kmod_info->next = gapKext->kmod_info;
8758	} else { / index == 0 /
8759	nextKext->kmod_info->next = NULL;
8760	}
8761	}
8762
8763	OSKext * lastKext = OSDynamicCast(OSKext, sLoadedKexts ->getLastObject());
8764	if (lastKext && !lastKext->isKernel()) {
8765	kmod = lastKext->kmod_info;
8766	} else {
8767	kmod = NULL; // clear the global kmod variable
8768	}
8769	}
8770
8771	/ Clear out the kmod references that we're keeping for compatibility*
8772	* with current panic backtrace code & kgmacros.
8773	* xxx - will want to update those bits sometime and remove this.
8774	*/
8775	num_kmod_refs = getNumDependencies();
8776	if (num_kmod_refs && kmod_info && kmod_info->reference_list) {
8777	for (uint32_t refIndex = `0`; refIndex < num_kmod_refs; refIndex++) {
8778	kmod_reference_t * ref = &(kmod_info->reference_list[refIndex]);
8779	ref->info->reference_count--;
8780	}
8781	kfree_type(kmod_reference_t, num_kmod_refs,
8782	kmod_info->reference_list);
8783	}
8784
8785	#if CONFIG_DTRACE
8786	unregisterWithDTrace();
8787	#endif /* CONFIG_DTRACE */
8788
8789	notifyKextUnloadObservers(this);
8790
8791	freeAccount = NULL;
8792	lck_ticket_lock(tlock: sKextAccountsLock, grp: sKextAccountsLockGrp);
8793	account->kext = NULL;
8794	if (account->site.tag) {
8795	account->site.flags \|= VM_TAG_UNLOAD;
8796	} else {
8797	freeAccount = account;
8798	}
8799
8800	#if DEVELOPMENT \|\| DEBUG
8801	assertf(account->task_refgrp.grp_count == `0`,
8802	"unloading a kext with active task references");
8803	#endif /* DEVELOPMENT \|\| DEBUG */
8804
8805	lck_ticket_unlock(tlock: sKextAccountsLock);
8806	if (freeAccount) {
8807	IOFreeType(freeAccount, OSKextAccount);
8808	}
8809
8810	/ Unwire and free the linked executable.*
8811	*/
8812	if (linkedExecutable) {
8813	#if KASAN
8814	kasan_unload_kext((vm_offset_t)linkedExecutable->getBytesNoCopy(), linkedExecutable->getLength());
8815	#endif
8816
8817	#if VM_MAPPED_KEXTS
8818	if (!isInterface() && (!in_fileset \|\| flags.resetSegmentsFromVnode)) {
8819	kernel_segment_command_t *seg = NULL;
8820	vm_map_t kext_map = kext_get_vm_map(kmod_info);
8821
8822	if (!kext_map) {
8823	OSKextLog(this,
8824	kOSKextLogErrorLevel \|
8825	kOSKextLogLoadFlag,
8826	"Failed to free kext %s; couldn't find the kext map.",
8827	getIdentifierCString());
8828	result = kOSKextReturnInternalError;
8829	goto finish;
8830	}
8831
8832	OSKextLog(this,
8833	kOSKextLogProgressLevel \|
8834	kOSKextLogLoadFlag,
8835	"Kext %s unwiring and unmapping linked executable.",
8836	getIdentifierCString());
8837
8838	seg = firstsegfromheader((kernel_mach_header_t *)kmod_info->address);
8839	while (seg) {
8840	if (segmentShouldBeWired(seg)) {
8841	vm_map_offset_t start_wire = trunc_page(seg->vmaddr);
8842	vm_map_offset_t end_wire = round_page(seg->vmaddr + seg->vmsize);
8843
8844	result = vm_map_unwire(kext_map, start_wire,
8845	end_wire, FALSE);
8846	if (result != KERN_SUCCESS) {
8847	OSKextLog(this,
8848	kOSKextLogErrorLevel \|
8849	kOSKextLogLoadFlag,
8850	"Failed to unwire kext %s.",
8851	getIdentifierCString());
8852	result = kOSKextReturnInternalError;
8853	goto finish;
8854	}
8855	}
8856
8857	seg = nextsegfromheader((kernel_mach_header_t *) kmod_info->address, seg);
8858	}
8859	#if defined(__x86_64__) \|\| defined(__i386__)
8860	if (in_fileset && flags.resetSegmentsFromVnode) {
8861	IORecursiveLockLock(sKextLock);
8862	resetKCFileSetSegments();
8863	IORecursiveLockUnlock(sKextLock);
8864	}
8865	#endif // (__x86_64__) \|\| defined(__i386__)
8866	}
8867	#endif /* VM_MAPPED_KEXTS */
8868	if (flags.resetSegmentsFromImmutableCopy) {
8869	result = resetMutableSegments();
8870	if (result != kOSReturnSuccess) {
8871	OSKextLog(aKext: this,
8872	kOSKextLogErrorLevel \|
8873	kOSKextLogLoadFlag,
8874	format: "Failed to reset kext %s.",
8875	getIdentifierCString());
8876	result = kOSKextReturnInternalError;
8877	goto finish;
8878	}
8879	}
8880	if (kc_type == KCKindUnknown) {
8881	linkedExecutable.reset();
8882	}
8883	}
8884
8885	/ An interface kext has a fake kmod_info that was allocated,*
8886	* so we have to free it.
8887	*/
8888	if (isInterface()) {
8889	kfree_type(kmod_info_t, kmod_info);
8890	kmod_info = NULL;
8891	}
8892
8893	if (!in_fileset) {
8894	kmod_info = NULL;
8895	}
8896
8897	flags.loaded = false;
8898	flushDependencies();
8899
8900	/ save a copy of the bundle ID for us to check when deciding to*
8901	* rebuild the kernel cache file. If a kext was already in the kernel
8902	* cache and unloaded then later loaded we do not need to rebuild the
8903	* kernel cache. 9055303
8904	*/
8905	if (isPrelinked()) {
8906	if (!_OSKextInUnloadedPrelinkedKexts(theBundleID: bundleID.get())) {
8907	IORecursiveLockLock(lock: sKextLock);
8908	if (sUnloadedPrelinkedKexts) {
8909	sUnloadedPrelinkedKexts ->setObject(bundleID.get());
8910	}
8911	IORecursiveLockUnlock(lock: sKextLock);
8912	}
8913	}
8914
8915	OSKextLog(aKext: this,
8916	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
8917	format: "Kext %s unloaded.", getIdentifierCString());
8918
8919	queueKextNotification(kKextRequestPredicateUnloadNotification,
8920	OSDynamicCast(OSString, bundleID.get()), dextUniqueIdentifier: getDextUniqueID());
8921
8922	finish:
8923	OSKext::saveLoadedKextPanicList();
8924	OSKext::updateLoadedKextSummaries();
8925
8926	flags.unloading = `0`;
8927	return result;
8928	}
8929
8930	/*********************************************************************
8931	* Assumes sKextLock is held.
8932	*********************************************************************/
8933	/ static /
8934	OSReturn
8935	OSKext::queueKextNotification(
8936	const char * notificationName,
8937	OSString * kextIdentifier,
8938	OSData * dextUniqueIdentifier)
8939	{
8940	OSReturn result = kOSReturnError;
8941	OSSharedPtr<OSDictionary> loadRequest;
8942
8943	if (!kextIdentifier) {
8944	result = kOSKextReturnInvalidArgument;
8945	goto finish;
8946	}
8947
8948	/ Create a new request unless one is already sitting*
8949	* in sKernelRequests for this bundle identifier
8950	*/
8951	result = _OSKextCreateRequest(predicate: notificationName, requestP&: loadRequest);
8952	if (result != kOSReturnSuccess) {
8953	goto finish;
8954	}
8955	if (!_OSKextSetRequestArgument(requestDict: loadRequest.get(),
8956	kKextRequestArgumentBundleIdentifierKey, value: kextIdentifier)) {
8957	result = kOSKextReturnNoMemory;
8958	goto finish;
8959	}
8960	if (NULL != dextUniqueIdentifier) {
8961	if (!_OSKextSetRequestArgument(requestDict: loadRequest.get(),
8962	kKextRequestArgumentDriverUniqueIdentifier, value: dextUniqueIdentifier)) {
8963	result = kOSKextReturnNoMemory;
8964	goto finish;
8965	}
8966	}
8967	if (!sKernelRequests ->setObject(loadRequest.get())) {
8968	result = kOSKextReturnNoMemory;
8969	goto finish;
8970	}
8971
8972	/ We might want to only queue the notification if the IOKit daemon is active,*
8973	* but that wouldn't work for embedded. Note that we don't care if
8974	* the ping immediately succeeds here so don't do anything with the
8975	* result of this call.
8976	*/
8977	OSKext::pingIOKitDaemon();
8978
8979	result = kOSReturnSuccess;
8980
8981	finish:
8982	return result;
8983	}
8984
8985
8986	#if CONFIG_KXLD
8987	/*********************************************************************
8988	*********************************************************************/
8989	static void
8990	_OSKextConsiderDestroyingLinkContext(
8991	__unused thread_call_param_t p0,
8992	__unused thread_call_param_t p1)
8993	{
8994	/ Take multiple locks in the correct order.*
8995	*/
8996	IORecursiveLockLock(sKextLock);
8997	IORecursiveLockLock(sKextInnerLock);
8998
8999	/ The first time we destroy the kxldContext is in the first*
9000	* OSKext::considerUnloads() call, which sets sConsiderUnloadsCalled
9001	* before calling this function. Thereafter any call to this function
9002	* will actually destroy the context.
9003	*/
9004	if (sConsiderUnloadsCalled && sKxldContext) {
9005	kxld_destroy_context(sKxldContext);
9006	sKxldContext = NULL;
9007	}
9008
9009	/ Free the thread_call that was allocated to execute this function.*
9010	*/
9011	if (sDestroyLinkContextThread) {
9012	if (!thread_call_free(sDestroyLinkContextThread)) {
9013	OSKextLog(/ kext / NULL,
9014	kOSKextLogErrorLevel \|
9015	kOSKextLogGeneralFlag,
9016	"thread_call_free() failed for kext link context.");
9017	}
9018	sDestroyLinkContextThread = NULL;
9019	}
9020
9021	IORecursiveLockUnlock(sKextInnerLock);
9022	IORecursiveLockUnlock(sKextLock);
9023
9024	return;
9025	}
9026
9027	/*********************************************************************
9028	* Destroying the kxldContext requires checking variables under both
9029	* sKextInnerLock and sKextLock, so we do it on a separate thread
9030	* to avoid deadlocks with IOService, with which OSKext has a reciprocal
9031	* call relationship.
9032	*
9033	* This function must be invoked with sKextInnerLock held.
9034	* Do not call any function that takes sKextLock here!
9035	*********************************************************************/
9036	/ static /
9037	void
9038	OSKext::considerDestroyingLinkContext(void)
9039	{
9040	IORecursiveLockLock(sKextInnerLock);
9041
9042	/ If we have already queued a thread to destroy the link context,*
9043	* don't bother resetting; that thread will take care of it.
9044	*/
9045	if (sDestroyLinkContextThread) {
9046	goto finish;
9047	}
9048
9049	/ The function to be invoked in the thread will deallocate*
9050	* this thread_call, so don't share it around.
9051	*/
9052	sDestroyLinkContextThread = thread_call_allocate(
9053	&_OSKextConsiderDestroyingLinkContext, NULL);
9054	if (!sDestroyLinkContextThread) {
9055	OSKextLog(/ kext / NULL,
9056	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag \| kOSKextLogLinkFlag,
9057	"Can't create thread to destroy kext link context.");
9058	goto finish;
9059	}
9060
9061	thread_call_enter(sDestroyLinkContextThread);
9062
9063	finish:
9064	IORecursiveLockUnlock(sKextInnerLock);
9065	return;
9066	}
9067
9068	#else // !CONFIG_KXLD
9069
9070	/ static /
9071	void
9072	OSKext::considerDestroyingLinkContext(void)
9073	{
9074	return;
9075	}
9076
9077	#endif // CONFIG_KXLD
9078
9079	#if PRAGMA_MARK
9080	#pragma mark Autounload
9081	#endif
9082	/*********************************************************************
9083	* This is a static method because the kext will be deallocated if it
9084	* does unload!
9085	*********************************************************************/
9086	/ static /
9087	OSReturn
9088	OSKext::autounloadKext(OSKext * aKext)
9089	{
9090	OSReturn result = kOSKextReturnInUse;
9091
9092	#if NO_KEXTD
9093	/*
9094	* Do not unload prelinked kexts on platforms that do not have an
9095	* IOKit daemon as there is no way to reload the kext or restart
9096	* matching.
9097	*/
9098	if (aKext->isPrelinked()) {
9099	goto finish;
9100	}
9101	#endif /* defined(__x86_64__) */
9102
9103	/ Check for external references to this kext (usu. dependents),*
9104	* instances of defined classes (or classes derived from them),
9105	* outstanding requests.
9106	*/
9107	if ((aKext->getRetainCount() > kOSKextMinLoadedRetainCount) \|\|
9108	!aKext->flags.autounloadEnabled \|\|
9109	aKext->isKernelComponent()) {
9110	goto finish;
9111	}
9112
9113	/ Skip a delay-autounload kext, once.*
9114	*/
9115	if (aKext->flags.delayAutounload) {
9116	OSKextLog(aKext,
9117	kOSKextLogProgressLevel \|
9118	kOSKextLogLoadFlag \| kOSKextLogKextBookkeepingFlag,
9119	format: "Kext %s has delayed autounload set; skipping and clearing flag.",
9120	aKext->getIdentifierCString());
9121	aKext->flags.delayAutounload = `0`;
9122	goto finish;
9123	}
9124
9125	if (aKext->hasOSMetaClassInstances() \|\|
9126	aKext->countRequestCallbacks()) {
9127	goto finish;
9128	}
9129
9130	result = OSKext::removeKext(aKext);
9131
9132	finish:
9133	return result;
9134	}
9135
9136	/*********************************************************************
9137	*********************************************************************/
9138	void
9139	_OSKextConsiderUnloads(
9140	__unused thread_call_param_t p0,
9141	__unused thread_call_param_t p1)
9142	{
9143	bool didUnload = false;
9144	unsigned int count, i;
9145
9146	/ Take multiple locks in the correct order*
9147	* (note also sKextSummaries lock further down).
9148	*/
9149	IORecursiveLockLock(lock: sKextLock);
9150	IORecursiveLockLock(lock: sKextInnerLock);
9151
9152	OSKext::flushNonloadedKexts(/ flushPrelinkedKexts / true);
9153
9154	/ If the system is powering down, don't try to unload anything.*
9155	*/
9156	if (sSystemSleep) {
9157	goto finish;
9158	}
9159
9160	OSKextLog(/ kext / NULL,
9161	kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
9162	format: "Checking for unused kexts to autounload.");
9163
9164	/*****
9165	* Remove any request callbacks marked as stale,
9166	* and mark as stale any currently in flight.
9167	*/
9168	count = sRequestCallbackRecords ->getCount();
9169	if (count) {
9170	i = count - `1`;
9171	do {
9172	OSDictionary * callbackRecord = OSDynamicCast(OSDictionary,
9173	sRequestCallbackRecords ->getObject(i));
9174	if (callbackRecord) {
9175	OSBoolean * stale = OSDynamicCast(OSBoolean,
9176	callbackRecord->getObject(kKextRequestStaleKey));
9177
9178	if (stale == kOSBooleanTrue) {
9179	OSKext::invokeRequestCallback(callbackRecord,
9180	kOSKextReturnTimeout);
9181	} else {
9182	callbackRecord->setObject(kKextRequestStaleKey,
9183	anObject: kOSBooleanTrue);
9184	}
9185	}
9186	} while (i--);
9187	}
9188
9189	/*****
9190	* Make multiple passes through the array of loaded kexts until
9191	* we don't unload any. This handles unwinding of dependency
9192	* chains. We have to go backwards through the array because
9193	* kexts are removed from it when unloaded, and we cannot make
9194	* a copy or we'll mess up the retain counts we rely on to
9195	* check whether a kext will unload. If only we could have
9196	* nonretaining collections like CF has....
9197	*/
9198	do {
9199	didUnload = false;
9200
9201	count = sLoadedKexts ->getCount();
9202	if (count) {
9203	i = count - `1`;
9204	do {
9205	OSKext * thisKext = OSDynamicCast(OSKext,
9206	sLoadedKexts ->getObject(i));
9207	didUnload \|= (kOSReturnSuccess == OSKext::autounloadKext(aKext: thisKext));
9208	} while (i--);
9209	}
9210	} while (didUnload);
9211
9212	finish:
9213	sConsiderUnloadsPending = false;
9214	sConsiderUnloadsExecuted = true;
9215
9216	(void) OSKext::considerRebuildOfPrelinkedKernel();
9217
9218	IORecursiveLockUnlock(lock: sKextInnerLock);
9219	IORecursiveLockUnlock(lock: sKextLock);
9220
9221	return;
9222	}
9223
9224	/*********************************************************************
9225	* Do not call any function that takes sKextLock here!
9226	*********************************************************************/
9227	void
9228	OSKext::considerUnloads(Boolean rescheduleOnlyFlag)
9229	{
9230	AbsoluteTime when;
9231
9232	IORecursiveLockLock(lock: sKextInnerLock);
9233
9234	if (!sUnloadCallout) {
9235	sUnloadCallout = thread_call_allocate(func: &_OSKextConsiderUnloads, NULL);
9236	}
9237
9238	/ we only reset delay value for unloading if we already have something*
9239	* pending. rescheduleOnlyFlag should not start the count down.
9240	*/
9241	if (rescheduleOnlyFlag && !sConsiderUnloadsPending) {
9242	goto finish;
9243	}
9244
9245	thread_call_cancel(call: sUnloadCallout);
9246	if (OSKext::getAutounloadEnabled() && !sSystemSleep
9247	#if !NO_KEXTD
9248	&& sIOKitDaemonActive
9249	#endif
9250	) {
9251	clock_interval_to_deadline(interval: sConsiderUnloadDelay,
9252	scale_factor: `1000` * `1000` * `1000`, result: &when);
9253
9254	OSKextLog(/ kext / NULL,
9255	kOSKextLogProgressLevel \|
9256	kOSKextLogLoadFlag,
9257	format: "%scheduling %sscan for unused kexts in %lu seconds.",
9258	sConsiderUnloadsPending ? "Res" : "S",
9259	sConsiderUnloadsCalled ? "" : "initial ",
9260	(unsigned long)sConsiderUnloadDelay);
9261
9262	sConsiderUnloadsPending = true;
9263	thread_call_enter_delayed(call: sUnloadCallout, deadline: when);
9264	}
9265
9266	finish:
9267	/ The kxld context should be reused throughout boot. We mark the end of*
9268	* period as the first time considerUnloads() is called, and we destroy
9269	* the first kxld context in that function. Afterwards, it will be
9270	* destroyed in flushNonloadedKexts.
9271	*/
9272	if (!sConsiderUnloadsCalled) {
9273	sConsiderUnloadsCalled = true;
9274	OSKext::considerDestroyingLinkContext();
9275	}
9276
9277	IORecursiveLockUnlock(lock: sKextInnerLock);
9278	return;
9279	}
9280
9281	/*********************************************************************
9282	* Do not call any function that takes sKextLock here!
9283	*********************************************************************/
9284	extern "C" {
9285	IOReturn OSKextSystemSleepOrWake(UInt32 messageType);
9286	IOReturn
9287	OSKextSystemSleepOrWake(UInt32 messageType)
9288	{
9289	IORecursiveLockLock(lock: sKextInnerLock);
9290
9291	/ If the system is going to sleep, cancel the reaper thread timer,*
9292	* and note that we're in a sleep state in case it just fired but hasn't
9293	* taken the lock yet. If we are coming back from sleep, just
9294	* clear the sleep flag; IOService's normal operation will cause
9295	* unloads to be considered soon enough.
9296	*/
9297	if (messageType == kIOMessageSystemWillSleep) {
9298	if (sUnloadCallout) {
9299	thread_call_cancel(call: sUnloadCallout);
9300	}
9301	sSystemSleep = true;
9302	AbsoluteTime_to_scalar(&sLastWakeTime) = `0`;
9303	} else if (messageType == kIOMessageSystemHasPoweredOn) {
9304	sSystemSleep = false;
9305	clock_get_uptime(result: &sLastWakeTime);
9306	}
9307	IORecursiveLockUnlock(lock: sKextInnerLock);
9308
9309	return kIOReturnSuccess;
9310	}
9311	};
9312
9313
9314	#if PRAGMA_MARK
9315	#pragma mark Prelinked Kernel
9316	#endif
9317
9318	#ifdef CONFIG_KXLD
9319	/*********************************************************************
9320	* Do not access sConsiderUnloads... variables other than
9321	* sConsiderUnloadsExecuted in this function. They are guarded by a
9322	* different lock.
9323	*********************************************************************/
9324	/ static /
9325	void
9326	OSKext::considerRebuildOfPrelinkedKernel(void)
9327	{
9328	static bool requestedPrelink = false;
9329	OSReturn checkResult = kOSReturnError;
9330	OSSharedPtr<OSDictionary> prelinkRequest;
9331	OSSharedPtr<OSCollectionIterator> kextIterator;
9332	const OSSymbol * thisID = NULL; // do not release
9333	bool doRebuild = false;
9334	AbsoluteTime my_abstime;
9335	UInt64 my_ns;
9336	SInt32 delta_secs;
9337
9338	/ Only one auto rebuild per boot and only on boot from prelinked kernel /
9339	if (requestedPrelink \|\| !sPrelinkBoot) {
9340	return;
9341	}
9342
9343	/ no direct return from this point /
9344	IORecursiveLockLock(sKextLock);
9345
9346	/ We need to wait for the IOKit daemon to get up and running with unloads already done*
9347	* and any new startup kexts loaded.
9348	*/
9349	if (!sConsiderUnloadsExecuted \|\|
9350	!sDeferredLoadSucceeded) {
9351	goto finish;
9352	}
9353
9354	/ we really only care about boot / system start up related kexts so bail*
9355	* if we're here after REBUILD_MAX_TIME.
9356	*/
9357	if (!_OSKextInPrelinkRebuildWindow()) {
9358	OSKextLog(/ kext / NULL,
9359	kOSKextLogArchiveFlag,
9360	"%s prebuild rebuild has expired",
9361	__FUNCTION__);
9362	requestedPrelink = true;
9363	goto finish;
9364	}
9365
9366	/ we do not want to trigger a rebuild if we get here too close to waking*
9367	* up. (see radar 10233768)
9368	*/
9369	IORecursiveLockLock(sKextInnerLock);
9370
9371	clock_get_uptime(&my_abstime);
9372	delta_secs = MINIMUM_WAKEUP_SECONDS + `1`;
9373	if (AbsoluteTime_to_scalar(&sLastWakeTime) != `0`) {
9374	SUB_ABSOLUTETIME(&my_abstime, &sLastWakeTime);
9375	absolutetime_to_nanoseconds(my_abstime, &my_ns);
9376	delta_secs = (SInt32)(my_ns / NSEC_PER_SEC);
9377	}
9378	IORecursiveLockUnlock(sKextInnerLock);
9379
9380	if (delta_secs < MINIMUM_WAKEUP_SECONDS) {
9381	/ too close to time of last wake from sleep /
9382	goto finish;
9383	}
9384	requestedPrelink = true;
9385
9386	/ Now it's time to see if we have a reason to rebuild. We may have done*
9387	* some loads and unloads but the kernel cache didn't actually change.
9388	* We will rebuild if any kext is not marked prelinked AND is not in our
9389	* list of prelinked kexts that got unloaded. (see radar 9055303)
9390	*/
9391	kextIterator = OSCollectionIterator::withCollection(sKextsByID.get());
9392	if (!kextIterator) {
9393	goto finish;
9394	}
9395
9396	while ((thisID = OSDynamicCast(OSSymbol, kextIterator->getNextObject()))) {
9397	OSKext * thisKext; // do not release
9398
9399	thisKext = OSDynamicCast(OSKext, sKextsByID->getObject(thisID));
9400	if (!thisKext \|\| thisKext->isPrelinked() \|\| thisKext->isKernel()) {
9401	continue;
9402	}
9403
9404	if (_OSKextInUnloadedPrelinkedKexts(thisKext->bundleID.get())) {
9405	continue;
9406	}
9407	/ kext is loaded and was not in current kernel cache so let's rebuild*
9408	*/
9409	doRebuild = true;
9410	OSKextLog(/ kext / NULL,
9411	kOSKextLogArchiveFlag,
9412	"considerRebuildOfPrelinkedKernel %s triggered rebuild",
9413	thisKext->bundleID->getCStringNoCopy());
9414	break;
9415	}
9416	sUnloadedPrelinkedKexts->flushCollection();
9417
9418	if (!doRebuild) {
9419	goto finish;
9420	}
9421
9422	checkResult = _OSKextCreateRequest(kKextRequestPredicateRequestPrelink,
9423	prelinkRequest);
9424	if (checkResult != kOSReturnSuccess) {
9425	goto finish;
9426	}
9427
9428	if (!sKernelRequests->setObject(prelinkRequest.get())) {
9429	goto finish;
9430	}
9431
9432	OSKext::pingIOKitDaemon();
9433
9434	finish:
9435	IORecursiveLockUnlock(sKextLock);
9436
9437	return;
9438	}
9439
9440	#else /* !CONFIG_KXLD */
9441
9442	void
9443	OSKext::considerRebuildOfPrelinkedKernel(void)
9444	{
9445	/ in a non-dynamic kext loading world, there is never a reason to rebuild /
9446	return;
9447	}
9448
9449	#endif /* CONFIG_KXLD */
9450
9451	#if PRAGMA_MARK
9452	#pragma mark Dependencies
9453	#endif
9454	/*********************************************************************
9455	*********************************************************************/
9456	bool
9457	OSKext::resolveDependencies(
9458	OSArray * loopStack)
9459	{
9460	bool result = false;
9461	OSSharedPtr<OSArray> localLoopStack;
9462	bool addedToLoopStack = false;
9463	OSDictionary * libraries = NULL; // do not release
9464	OSSharedPtr<OSCollectionIterator> libraryIterator;
9465	OSString * libraryID = NULL; // do not release
9466	OSKext * libraryKext = NULL; // do not release
9467	bool hasRawKernelDependency = false;
9468	bool hasKernelDependency = false;
9469	bool hasKPIDependency = false;
9470	bool hasPrivateKPIDependency = false;
9471	unsigned int count;
9472
9473	#if CONFIG_KXLD
9474	OSString * infoString = NULL; // do not release
9475	OSString * readableString = NULL; // do not release
9476	#endif // CONFIG_KXLD
9477
9478	/ A kernel component will automatically have this flag set,*
9479	* and a loaded kext should also have it set (as should all its
9480	* loaded dependencies).
9481	*/
9482	if (flags.hasAllDependencies) {
9483	result = true;
9484	goto finish;
9485	}
9486
9487	/ Check for loops in the dependency graph.*
9488	*/
9489	if (loopStack) {
9490	if (loopStack->getNextIndexOfObject(anObject: this, index: `0`) != (unsigned int)-`1`) {
9491	OSKextLog(aKext: this,
9492	kOSKextLogErrorLevel \|
9493	kOSKextLogDependenciesFlag,
9494	format: "Kext %s has a dependency loop; can't resolve dependencies.",
9495	getIdentifierCString());
9496	goto finish;
9497	}
9498	} else {
9499	OSKextLog(aKext: this,
9500	kOSKextLogStepLevel \|
9501	kOSKextLogDependenciesFlag,
9502	format: "Kext %s resolving dependencies.",
9503	getIdentifierCString());
9504
9505	localLoopStack = OSArray::withCapacity(capacity: `6`); // any small capacity will do
9506	if (!localLoopStack) {
9507	OSKextLog(aKext: this,
9508	kOSKextLogErrorLevel \|
9509	kOSKextLogDependenciesFlag,
9510	format: "Kext %s can't create bookkeeping stack to resolve dependencies.",
9511	getIdentifierCString());
9512	goto finish;
9513	}
9514	loopStack = localLoopStack.get();
9515	}
9516	if (!loopStack->setObject(this)) {
9517	OSKextLog(aKext: this,
9518	kOSKextLogErrorLevel \|
9519	kOSKextLogDependenciesFlag,
9520	format: "Kext %s - internal error resolving dependencies.",
9521	getIdentifierCString());
9522	goto finish;
9523	}
9524	addedToLoopStack = true;
9525
9526	/ Purge any existing kexts in the dependency list and start over.*
9527	*/
9528	flushDependencies();
9529	if (dependencies) {
9530	OSKextLog(aKext: this,
9531	kOSKextLogErrorLevel \|
9532	kOSKextLogDependenciesFlag,
9533	format: "Kext %s - internal error resolving dependencies.",
9534	getIdentifierCString());
9535	}
9536
9537	libraries = OSDynamicCast(OSDictionary,
9538	getPropertyForHostArch(kOSBundleLibrariesKey));
9539	if (libraries == NULL \|\| libraries->getCount() == `0`) {
9540	OSKextLog(aKext: this,
9541	kOSKextLogErrorLevel \|
9542	kOSKextLogValidationFlag \| kOSKextLogDependenciesFlag,
9543	format: "Kext %s - can't resolve dependencies; %s missing/invalid type.",
9544	getIdentifierCString(), kOSBundleLibrariesKey);
9545	goto finish;
9546	}
9547
9548	/ Make a new array to hold the dependencies (flush freed the old one).*
9549	*/
9550	dependencies = OSArray::withCapacity(capacity: libraries->getCount());
9551	if (!dependencies) {
9552	OSKextLog(aKext: this,
9553	kOSKextLogErrorLevel \|
9554	kOSKextLogDependenciesFlag,
9555	format: "Kext %s - can't allocate dependencies array.",
9556	getIdentifierCString());
9557	goto finish;
9558	}
9559
9560	// xxx - compat: We used to add an implicit dependency on kernel 6.0
9561	// xxx - compat: if none were declared.
9562
9563	libraryIterator = OSCollectionIterator::withCollection(inColl: libraries);
9564	if (!libraryIterator) {
9565	OSKextLog(aKext: this,
9566	kOSKextLogErrorLevel \|
9567	kOSKextLogDependenciesFlag,
9568	format: "Kext %s - can't allocate dependencies iterator.",
9569	getIdentifierCString());
9570	goto finish;
9571	}
9572
9573	while ((libraryID = OSDynamicCast(OSString,
9574	libraryIterator ->getNextObject()))) {
9575	const char * library_id = libraryID->getCStringNoCopy();
9576
9577	OSString * libraryVersion = OSDynamicCast(OSString,
9578	libraries->getObject(libraryID));
9579	if (libraryVersion == NULL) {
9580	OSKextLog(aKext: this,
9581	kOSKextLogErrorLevel \|
9582	kOSKextLogValidationFlag \| kOSKextLogDependenciesFlag,
9583	format: "Kext %s - illegal type in OSBundleLibraries.",
9584	getIdentifierCString());
9585	goto finish;
9586	}
9587
9588	OSKextVersion libraryVers =
9589	OSKextParseVersionString(versionString: libraryVersion->getCStringNoCopy());
9590	if (libraryVers == -`1`) {
9591	OSKextLog(aKext: this,
9592	kOSKextLogErrorLevel \|
9593	kOSKextLogValidationFlag \| kOSKextLogDependenciesFlag,
9594	format: "Kext %s - invalid library version %s.",
9595	getIdentifierCString(),
9596	libraryVersion->getCStringNoCopy());
9597	goto finish;
9598	}
9599
9600	libraryKext = OSDynamicCast(OSKext, sKextsByID ->getObject(libraryID));
9601	if (libraryKext == NULL) {
9602	OSKextLog(aKext: this,
9603	kOSKextLogErrorLevel \|
9604	kOSKextLogDependenciesFlag,
9605	format: "Kext %s - library kext %s not found.",
9606	getIdentifierCString(), library_id);
9607	goto finish;
9608	}
9609
9610	if (!libraryKext->isCompatibleWithVersion(aVersion: libraryVers)) {
9611	OSKextLog(aKext: this,
9612	kOSKextLogErrorLevel \|
9613	kOSKextLogDependenciesFlag,
9614	format: "Kext %s - library kext %s not compatible "
9615	"with requested version %s.",
9616	getIdentifierCString(), library_id,
9617	libraryVersion->getCStringNoCopy());
9618	goto finish;
9619	}
9620
9621	/ If a nonprelinked library somehow got into the mix for a*
9622	* prelinked kext, at any point in the chain, we must fail
9623	* because the prelinked relocs for the library will be all wrong.
9624	*/
9625	if (this->isPrelinked() &&
9626	libraryKext->declaresExecutable() &&
9627	!libraryKext->isPrelinked()) {
9628	OSKextLog(aKext: this,
9629	kOSKextLogErrorLevel \|
9630	kOSKextLogDependenciesFlag,
9631	format: "Kext %s (prelinked) - library kext %s (v%s) not prelinked.",
9632	getIdentifierCString(), library_id,
9633	libraryVersion->getCStringNoCopy());
9634	goto finish;
9635	}
9636
9637	if (!libraryKext->resolveDependencies(loopStack)) {
9638	goto finish;
9639	}
9640
9641	/ Add the library directly only if it has an executable to link.*
9642	* Otherwise it's just used to collect other dependencies, so put
9643	* its dependencies on the list for this kext.
9644	*/
9645	// xxx - We are losing info here; would like to make fake entries or
9646	// xxx - keep these in the dependency graph for loaded kexts.
9647	// xxx - I really want to make kernel components not a special case!
9648	if (libraryKext->declaresExecutable() \|\|
9649	libraryKext->isInterface()) {
9650	if (dependencies ->getNextIndexOfObject(anObject: libraryKext, index: `0`) == (unsigned)-`1`) {
9651	dependencies ->setObject(libraryKext);
9652
9653	OSKextLog(aKext: this,
9654	kOSKextLogDetailLevel \|
9655	kOSKextLogDependenciesFlag,
9656	format: "Kext %s added dependency %s.",
9657	getIdentifierCString(),
9658	libraryKext->getIdentifierCString());
9659	}
9660	} else {
9661	int numLibDependencies = libraryKext->getNumDependencies();
9662	OSArray * libraryDependencies = libraryKext->getDependencies();
9663	int index;
9664
9665	if (numLibDependencies) {
9666	// xxx - this msg level should be 1 lower than the per-kext one
9667	OSKextLog(aKext: this,
9668	kOSKextLogDetailLevel \|
9669	kOSKextLogDependenciesFlag,
9670	format: "Kext %s pulling %d dependencies from codeless library %s.",
9671	getIdentifierCString(),
9672	numLibDependencies,
9673	libraryKext->getIdentifierCString());
9674	}
9675	for (index = `0`; index < numLibDependencies; index++) {
9676	OSKext * thisLibDependency = OSDynamicCast(OSKext,
9677	libraryDependencies->getObject(index));
9678	if (dependencies ->getNextIndexOfObject(anObject: thisLibDependency, index: `0`) == (unsigned)-`1`) {
9679	dependencies ->setObject(thisLibDependency);
9680	OSKextLog(aKext: this,
9681	kOSKextLogDetailLevel \|
9682	kOSKextLogDependenciesFlag,
9683	format: "Kext %s added dependency %s from codeless library %s.",
9684	getIdentifierCString(),
9685	thisLibDependency->getIdentifierCString(),
9686	libraryKext->getIdentifierCString());
9687	}
9688	}
9689	}
9690
9691	if ((strlen(s: library_id) == strlen(KERNEL_LIB)) &&
9692	`0` == strncmp(s1: library_id, KERNEL_LIB, n: sizeof(KERNEL_LIB) - `1`)) {
9693	hasRawKernelDependency = true;
9694	} else if (STRING_HAS_PREFIX(library_id, KERNEL_LIB_PREFIX)) {
9695	hasKernelDependency = true;
9696	} else if (STRING_HAS_PREFIX(library_id, KPI_LIB_PREFIX)) {
9697	hasKPIDependency = true;
9698	if (!strncmp(s1: library_id, PRIVATE_KPI, n: sizeof(PRIVATE_KPI) - `1`)) {
9699	hasPrivateKPIDependency = true;
9700	}
9701	}
9702	}
9703
9704	if (hasRawKernelDependency) {
9705	OSKextLog(aKext: this,
9706	kOSKextLogErrorLevel \|
9707	kOSKextLogValidationFlag \| kOSKextLogDependenciesFlag,
9708	format: "Error - kext %s declares a dependency on %s, which is not permitted.",
9709	getIdentifierCString(), KERNEL_LIB);
9710	goto finish;
9711	}
9712	#if __LP64__
9713	if (hasKernelDependency) {
9714	OSKextLog(aKext: this,
9715	kOSKextLogErrorLevel \|
9716	kOSKextLogValidationFlag \| kOSKextLogDependenciesFlag,
9717	format: "Error - kext %s declares %s dependencies. "
9718	"Only %s* dependencies are supported for 64-bit kexts.",
9719	getIdentifierCString(), KERNEL_LIB, KPI_LIB_PREFIX);
9720	goto finish;
9721	}
9722	if (!hasKPIDependency) {
9723	OSKextLog(aKext: this,
9724	kOSKextLogWarningLevel \|
9725	kOSKextLogDependenciesFlag,
9726	format: "Warning - kext %s declares no %s* dependencies. "
9727	"If it uses any KPIs, the link may fail with undefined symbols.",
9728	getIdentifierCString(), KPI_LIB_PREFIX);
9729	}
9730	#else /* __LP64__ */
9731	// xxx - will change to flatly disallow "kernel" dependencies at some point
9732	// xxx - is it invalid to do both "com.apple.kernel" and any
9733	// xxx - "com.apple.kernel."?*
9734
9735	if (hasKernelDependency && hasKPIDependency) {
9736	OSKextLog(this,
9737	kOSKextLogWarningLevel \|
9738	kOSKextLogDependenciesFlag,
9739	"Warning - kext %s has immediate dependencies on both "
9740	"%s* and %s* components; use only one style.",
9741	getIdentifierCString(), KERNEL_LIB, KPI_LIB_PREFIX);
9742	}
9743
9744	if (!hasKernelDependency && !hasKPIDependency) {
9745	// xxx - do we want to use validation flag for these too?
9746	OSKextLog(this,
9747	kOSKextLogWarningLevel \|
9748	kOSKextLogDependenciesFlag,
9749	"Warning - %s declares no kernel dependencies; using %s.",
9750	getIdentifierCString(), KERNEL6_LIB);
9751	OSKext * kernelKext = OSDynamicCast(OSKext,
9752	sKextsByID->getObject(KERNEL6_LIB));
9753	if (kernelKext) {
9754	dependencies->setObject(kernelKext);
9755	} else {
9756	OSKextLog(this,
9757	kOSKextLogErrorLevel \|
9758	kOSKextLogDependenciesFlag,
9759	"Error - Library %s not found for %s.",
9760	KERNEL6_LIB, getIdentifierCString());
9761	}
9762	}
9763
9764	/ If the kext doesn't have a raw kernel or KPI dependency, then add all of*
9765	* its indirect dependencies to simulate old-style linking. XXX - Should
9766	* check for duplicates.
9767	*/
9768	if (!hasKPIDependency) {
9769	unsigned int i;
9770
9771	flags.hasBleedthrough = true;
9772
9773	count = getNumDependencies();
9774
9775	/ We add to the dependencies array in this loop, but do not iterate*
9776	* past its original count.
9777	*/
9778	for (i = `0`; i < count; i++) {
9779	OSKext * dependencyKext = OSDynamicCast(OSKext,
9780	dependencies->getObject(i));
9781	dependencyKext->addBleedthroughDependencies(dependencies.get());
9782	}
9783	}
9784	#endif /* __LP64__ */
9785
9786	#if CONFIG_KXLD
9787	/*
9788	* If we're not dynamically linking kexts, then we don't need to check
9789	* copyright strings. The linker in user space has already done this.
9790	*/
9791	if (hasPrivateKPIDependency) {
9792	bool hasApplePrefix = false;
9793	bool infoCopyrightIsValid = false;
9794	bool readableCopyrightIsValid = false;
9795
9796	hasApplePrefix = STRING_HAS_PREFIX(getIdentifierCString(),
9797	APPLE_KEXT_PREFIX);
9798
9799	infoString = OSDynamicCast(OSString,
9800	getPropertyForHostArch("CFBundleGetInfoString"));
9801	if (infoString) {
9802	infoCopyrightIsValid =
9803	kxld_validate_copyright_string(infoString->getCStringNoCopy());
9804	}
9805
9806	readableString = OSDynamicCast(OSString,
9807	getPropertyForHostArch("NSHumanReadableCopyright"));
9808	if (readableString) {
9809	readableCopyrightIsValid =
9810	kxld_validate_copyright_string(readableString->getCStringNoCopy());
9811	}
9812
9813	if (!hasApplePrefix \|\| (!infoCopyrightIsValid && !readableCopyrightIsValid)) {
9814	OSKextLog(this,
9815	kOSKextLogErrorLevel \|
9816	kOSKextLogDependenciesFlag,
9817	"Error - kext %s declares a dependency on %s. "
9818	"Only Apple kexts may declare a dependency on %s.",
9819	getIdentifierCString(), PRIVATE_KPI, PRIVATE_KPI);
9820	goto finish;
9821	}
9822	}
9823	#endif // CONFIG_KXLD
9824
9825	result = true;
9826	flags.hasAllDependencies = `1`;
9827
9828	finish:
9829
9830	if (addedToLoopStack) {
9831	count = loopStack->getCount();
9832	if (count > `0` && (this == loopStack->getObject(index: count - `1`))) {
9833	loopStack->removeObject(index: count - `1`);
9834	} else {
9835	OSKextLog(aKext: this,
9836	kOSKextLogErrorLevel \|
9837	kOSKextLogDependenciesFlag,
9838	format: "Kext %s - internal error resolving dependencies.",
9839	getIdentifierCString());
9840	}
9841	}
9842
9843	if (result && localLoopStack) {
9844	OSKextLog(aKext: this,
9845	kOSKextLogStepLevel \|
9846	kOSKextLogDependenciesFlag,
9847	format: "Kext %s successfully resolved dependencies.",
9848	getIdentifierCString());
9849	}
9850
9851	return result;
9852	}
9853
9854	/*********************************************************************
9855	*********************************************************************/
9856	bool
9857	OSKext::addBleedthroughDependencies(OSArray * anArray)
9858	{
9859	bool result = false;
9860	unsigned int dependencyIndex, dependencyCount;
9861
9862	dependencyCount = getNumDependencies();
9863
9864	for (dependencyIndex = `0`;
9865	dependencyIndex < dependencyCount;
9866	dependencyIndex++) {
9867	OSKext * dependency = OSDynamicCast(OSKext,
9868	dependencies ->getObject(dependencyIndex));
9869	if (!dependency) {
9870	OSKextLog(aKext: this,
9871	kOSKextLogErrorLevel \|
9872	kOSKextLogDependenciesFlag,
9873	format: "Kext %s - internal error propagating compatibility dependencies.",
9874	getIdentifierCString());
9875	goto finish;
9876	}
9877	if (anArray->getNextIndexOfObject(anObject: dependency, index: `0`) == (unsigned int)-`1`) {
9878	anArray->setObject(dependency);
9879	}
9880	dependency->addBleedthroughDependencies(anArray);
9881	}
9882
9883	result = true;
9884
9885	finish:
9886	return result;
9887	}
9888
9889	/*********************************************************************
9890	*********************************************************************/
9891	bool
9892	OSKext::flushDependencies(bool forceFlag)
9893	{
9894	bool result = false;
9895
9896	/ Only clear the dependencies if the kext isn't loaded;*
9897	* we need the info for loaded kexts to track references.
9898	*/
9899	if (!isLoaded() \|\| forceFlag) {
9900	if (dependencies) {
9901	// xxx - check level
9902	OSKextLog(aKext: this,
9903	kOSKextLogProgressLevel \|
9904	kOSKextLogDependenciesFlag,
9905	format: "Kext %s flushing dependencies.",
9906	getIdentifierCString());
9907	dependencies.reset();
9908	}
9909	if (!isKernelComponent()) {
9910	flags.hasAllDependencies = `0`;
9911	}
9912	result = true;
9913	}
9914
9915	return result;
9916	}
9917
9918	/*********************************************************************
9919	*********************************************************************/
9920	uint32_t
9921	OSKext::getNumDependencies(void)
9922	{
9923	if (!dependencies) {
9924	return `0`;
9925	}
9926	return dependencies ->getCount();
9927	}
9928
9929	/*********************************************************************
9930	*********************************************************************/
9931	OSArray *
9932	OSKext::getDependencies(void)
9933	{
9934	return dependencies.get();
9935	}
9936
9937	bool
9938	OSKext::hasDependency(const OSSymbol * depID)
9939	{
9940	bool result __block;
9941
9942	if (depID == getIdentifier()) {
9943	return true;
9944	}
9945	if (!dependencies) {
9946	return false;
9947	}
9948	result = false;
9949	dependencies ->iterateObjects(block: ^bool (OSObject * obj) {
9950	OSKext * kext;
9951	kext = OSDynamicCast(OSKext, obj);
9952	if (!kext) {
9953	return false;
9954	}
9955	result = (depID == kext->getIdentifier());
9956	return result;
9957	});
9958	return result;
9959	}
9960
9961	#if PRAGMA_MARK
9962	#pragma mark OSMetaClass Support
9963	#endif
9964	/*********************************************************************
9965	*********************************************************************/
9966	OSReturn
9967	OSKext::addClass(
9968	OSMetaClass * aClass,
9969	uint32_t numClasses)
9970	{
9971	OSReturn result = kOSMetaClassNoInsKModSet;
9972
9973	if (!metaClasses) {
9974	metaClasses = OSSet::withCapacity(capacity: numClasses);
9975	if (!metaClasses) {
9976	goto finish;
9977	}
9978	}
9979
9980	if (metaClasses ->containsObject(anObject: aClass)) {
9981	OSKextLog(aKext: this,
9982	kOSKextLogWarningLevel \|
9983	kOSKextLogLoadFlag,
9984	format: "Notice - kext %s has already registered class %s.",
9985	getIdentifierCString(),
9986	aClass->getClassName());
9987	result = kOSReturnSuccess;
9988	goto finish;
9989	}
9990
9991	if (!metaClasses ->setObject(aClass)) {
9992	goto finish;
9993	} else {
9994	OSKextLog(aKext: this,
9995	kOSKextLogDetailLevel \|
9996	kOSKextLogLoadFlag,
9997	format: "Kext %s registered class %s.",
9998	getIdentifierCString(),
9999	aClass->getClassName());
10000	}
10001
10002	if (!flags.autounloadEnabled) {
10003	const OSMetaClass * metaScan = NULL; // do not release
10004
10005	for (metaScan = aClass; metaScan; metaScan = metaScan->getSuperClass()) {
10006	if (metaScan == OSTypeID(IOService)) {
10007	OSKextLog(aKext: this,
10008	kOSKextLogProgressLevel \|
10009	kOSKextLogLoadFlag,
10010	format: "Kext %s has IOService subclass %s; enabling autounload.",
10011	getIdentifierCString(),
10012	aClass->getClassName());
10013
10014	flags.autounloadEnabled = (`0` == flags.unloadUnsupported);
10015	break;
10016	}
10017	}
10018	}
10019
10020	notifyAddClassObservers(this, aClass, flags);
10021
10022	result = kOSReturnSuccess;
10023
10024	finish:
10025	if (result != kOSReturnSuccess) {
10026	OSKextLog(aKext: this,
10027	kOSKextLogErrorLevel \|
10028	kOSKextLogLoadFlag,
10029	format: "Kext %s failed to register class %s.",
10030	getIdentifierCString(),
10031	aClass->getClassName());
10032	}
10033
10034	return result;
10035	}
10036
10037	/*********************************************************************
10038	*********************************************************************/
10039	OSReturn
10040	OSKext::removeClass(
10041	OSMetaClass * aClass)
10042	{
10043	OSReturn result = kOSMetaClassNoKModSet;
10044
10045	if (!metaClasses) {
10046	goto finish;
10047	}
10048
10049	if (!metaClasses ->containsObject(anObject: aClass)) {
10050	OSKextLog(aKext: this,
10051	kOSKextLogWarningLevel \|
10052	kOSKextLogLoadFlag,
10053	format: "Notice - kext %s asked to unregister unknown class %s.",
10054	getIdentifierCString(),
10055	aClass->getClassName());
10056	result = kOSReturnSuccess;
10057	goto finish;
10058	}
10059
10060	OSKextLog(aKext: this,
10061	kOSKextLogDetailLevel \|
10062	kOSKextLogLoadFlag,
10063	format: "Kext %s unregistering class %s.",
10064	getIdentifierCString(),
10065	aClass->getClassName());
10066
10067	metaClasses ->removeObject(anObject: aClass);
10068
10069	notifyRemoveClassObservers(this, aClass, flags);
10070
10071	result = kOSReturnSuccess;
10072
10073	finish:
10074	if (result != kOSReturnSuccess) {
10075	OSKextLog(aKext: this,
10076	kOSKextLogErrorLevel \|
10077	kOSKextLogLoadFlag,
10078	format: "Failed to unregister kext %s class %s.",
10079	getIdentifierCString(),
10080	aClass->getClassName());
10081	}
10082	return result;
10083	}
10084
10085	/*********************************************************************
10086	*********************************************************************/
10087	OSSet *
10088	OSKext::getMetaClasses(void)
10089	{
10090	return metaClasses.get();
10091	}
10092
10093	/*********************************************************************
10094	*********************************************************************/
10095	bool
10096	OSKext::hasOSMetaClassInstances(void)
10097	{
10098	bool result = false;
10099	OSSharedPtr<OSCollectionIterator> classIterator;
10100	OSMetaClass * checkClass = NULL; // do not release
10101
10102	if (!metaClasses) {
10103	goto finish;
10104	}
10105
10106	classIterator = OSCollectionIterator::withCollection(inColl: metaClasses.get());
10107	if (!classIterator) {
10108	// xxx - log alloc failure?
10109	goto finish;
10110	}
10111	while ((checkClass = (OSMetaClass *)classIterator ->getNextObject())) {
10112	if (checkClass->getInstanceCount()) {
10113	result = true;
10114	goto finish;
10115	}
10116	}
10117
10118	finish:
10119	return result;
10120	}
10121
10122	/*********************************************************************
10123	*********************************************************************/
10124	/ static /
10125	void
10126	OSKext::reportOSMetaClassInstances(
10127	const char * kextIdentifier,
10128	OSKextLogSpec msgLogSpec)
10129	{
10130	OSSharedPtr<OSKext> theKext;
10131
10132	theKext = OSKext::lookupKextWithIdentifier(kextIdentifier);
10133	if (!theKext) {
10134	goto finish;
10135	}
10136
10137	theKext ->reportOSMetaClassInstances(msgLogSpec);
10138	finish:
10139	return;
10140	}
10141
10142	/*********************************************************************
10143	*********************************************************************/
10144	void
10145	OSKext::reportOSMetaClassInstances(OSKextLogSpec msgLogSpec)
10146	{
10147	OSSharedPtr<OSCollectionIterator> classIterator;
10148	OSMetaClass * checkClass = NULL; // do not release
10149
10150	if (!metaClasses) {
10151	goto finish;
10152	}
10153
10154	classIterator = OSCollectionIterator::withCollection(inColl: metaClasses.get());
10155	if (!classIterator) {
10156	goto finish;
10157	}
10158	while ((checkClass = (OSMetaClass *)classIterator ->getNextObject())) {
10159	if (checkClass->getInstanceCount()) {
10160	OSKextLog(aKext: this,
10161	msgLogSpec,
10162	format: " Kext %s class %s has %d instance%s.",
10163	getIdentifierCString(),
10164	checkClass->getClassName(),
10165	checkClass->getInstanceCount(),
10166	checkClass->getInstanceCount() == `1` ? "" : "s");
10167	}
10168	}
10169
10170	finish:
10171	return;
10172	}
10173
10174	#if PRAGMA_MARK
10175	#pragma mark User-Space Requests
10176	#endif
10177
10178	static kern_return_t
10179	patchDextLaunchRequests(task_t calling_task, OSArray *requests)
10180	{
10181	OSReturn result = kOSReturnSuccess;
10182	for (uint32_t requestIndex = `0`; requestIndex < requests->getCount(); requestIndex++) {
10183	OSDictionary * request = NULL; //do not release
10184	IOUserServerCheckInToken * token = NULL; //do not release
10185	OSString * requestPredicate = NULL; //do not release
10186	OSSharedPtr<OSNumber> portNameNumber;
10187	mach_port_name_t portName = `0`;
10188	request = OSDynamicCast(OSDictionary, requests->getObject(requestIndex));
10189	if (!request) {
10190	OSKextLog(/ kext / NULL,
10191	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10192	format: "Elements of request should be of type OSDictionary");
10193	result = kOSKextReturnInternalError;
10194	goto finish;
10195	}
10196	requestPredicate = _OSKextGetRequestPredicate(requestDict: request);
10197	if (!requestPredicate) {
10198	OSKextLog(/ kext / NULL,
10199	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10200	format: "Failed to get request predicate");
10201	result = kOSKextReturnInternalError;
10202	goto finish;
10203	}
10204	// is this a dext launch?
10205	if (requestPredicate->isEqualTo(kKextRequestPredicateRequestDaemonLaunch)) {
10206	token = OSDynamicCast(IOUserServerCheckInToken, _OSKextGetRequestArgument(request, kKextRequestArgumentCheckInToken));
10207	if (!token) {
10208	OSKextLog(/ kext / NULL,
10209	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10210	format: "Could not find a IOUserServerCheckInToken in daemon launch request.");
10211	result = kOSKextReturnInternalError;
10212	goto finish;
10213	}
10214	portName = iokit_make_send_right(task: calling_task, obj: token, type: IKOT_IOKIT_IDENT);
10215	if (portName == `0` \|\| portName == MACH_PORT_DEAD) {
10216	OSKextLog(/ kext / NULL,
10217	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10218	format: "Could not create send right for object.");
10219	result = kOSKextReturnInternalError;
10220	goto finish;
10221	}
10222	// Store the mach port name as a OSNumber
10223	portNameNumber = OSNumber::withNumber(value: portName, CHAR_BIT * sizeof(portName));
10224	if (!portNameNumber) {
10225	OSKextLog(/ kext / NULL,
10226	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10227	format: "Could not create OSNumber object.");
10228	result = kOSKextReturnNoMemory;
10229	goto finish;
10230	}
10231	if (!_OSKextSetRequestArgument(requestDict: request, kKextRequestArgumentCheckInToken, value: portNameNumber.get())) {
10232	OSKextLog(/ kext / NULL,
10233	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10234	format: "Could not set OSNumber object as request " kKextRequestArgumentCheckInToken);
10235	result = kOSKextReturnNoMemory;
10236	goto finish;
10237	}
10238	}
10239	finish:
10240	if (result != kOSReturnSuccess) {
10241	break;
10242	}
10243	}
10244	return result;
10245	}
10246
10247	bool
10248	OSKext::iokitDaemonActive()
10249	{
10250	bool result;
10251	IORecursiveLockLock(lock: sKextLock);
10252	result = sIOKitDaemonActive && !sOSKextWasResetAfterUserspaceReboot;
10253	IORecursiveLockUnlock(lock: sKextLock);
10254	return result;
10255	}
10256
10257	/*********************************************************************
10258	* XXX - this function is a big ugly mess
10259	*********************************************************************/
10260	/ static /
10261	OSReturn
10262	OSKext::handleRequest(
10263	host_priv_t hostPriv,
10264	OSKextLogSpec clientLogFilter,
10265	char * requestBuffer,
10266	uint32_t requestLength,
10267	char ** responseOut,
10268	uint32_t * responseLengthOut,
10269	char ** logInfoOut,
10270	uint32_t * logInfoLengthOut)
10271	{
10272	OSReturn result = kOSReturnError;
10273	kern_return_t kmem_result = KERN_FAILURE;
10274
10275	char * response = NULL; // returned by reference
10276	uint32_t responseLength = `0`;
10277
10278	bool taskCanManageAllKCs = false;
10279	bool taskOnlyManagesBootKC = false;
10280
10281	OSSharedPtr<OSObject> parsedXML;
10282	OSDictionary * requestDict = NULL; // do not release
10283	OSSharedPtr<OSString> errorString;
10284
10285	OSSharedPtr<OSObject> responseObject;
10286
10287	OSSharedPtr<OSSerialize> serializer;
10288
10289	OSSharedPtr<OSArray> logInfoArray;
10290
10291	OSString * predicate = NULL; // do not release
10292	OSString * kextIdentifier = NULL; // do not release
10293	OSArray * kextIdentifiers = NULL; // do not release
10294	OSKext * theKext = NULL; // do not release
10295	OSBoolean * boolArg = NULL; // do not release
10296
10297
10298	IORecursiveLockLock(lock: sKextLock);
10299
10300	if (responseOut) {
10301	*responseOut = NULL;
10302	*responseLengthOut = `0`;
10303	}
10304	if (logInfoOut) {
10305	*logInfoOut = NULL;
10306	*logInfoLengthOut = `0`;
10307	}
10308
10309	OSKext::setUserSpaceLogFilter(userLogSpec: clientLogFilter, captureFlag: logInfoOut ? true : false);
10310
10311	/ XML must be nul-terminated.*
10312	*/
10313	if (requestBuffer[requestLength - `1`] != `'\0'`) {
10314	OSKextLog(/ kext / NULL,
10315	kOSKextLogErrorLevel \|
10316	kOSKextLogIPCFlag,
10317	format: "Invalid request from user space (not nul-terminated).");
10318	result = kOSKextReturnBadData;
10319	goto finish;
10320	}
10321	parsedXML = OSUnserializeXML(buffer: (const char *)requestBuffer, errorString);
10322	if (parsedXML) {
10323	requestDict = OSDynamicCast(OSDictionary, parsedXML.get());
10324	}
10325	if (!requestDict) {
10326	const char * errorCString = "(unknown error)";
10327
10328	if (errorString && errorString ->getCStringNoCopy()) {
10329	errorCString = errorString ->getCStringNoCopy();
10330	} else if (parsedXML) {
10331	errorCString = "not a dictionary";
10332	}
10333	OSKextLog(/ kext / NULL,
10334	kOSKextLogErrorLevel \|
10335	kOSKextLogIPCFlag,
10336	format: "Error unserializing request from user space: %s.",
10337	errorCString);
10338	result = kOSKextReturnSerialization;
10339	goto finish;
10340	}
10341
10342	predicate = _OSKextGetRequestPredicate(requestDict);
10343	if (!predicate) {
10344	OSKextLog(/ kext / NULL,
10345	kOSKextLogErrorLevel \|
10346	kOSKextLogIPCFlag,
10347	format: "Recieved kext request from user space with no predicate.");
10348	result = kOSKextReturnInvalidArgument;
10349	goto finish;
10350	}
10351	OSKextLog(/ kext / NULL,
10352	kOSKextLogDebugLevel \|
10353	kOSKextLogIPCFlag,
10354	format: "Received '%s' request from user space.",
10355	predicate->getCStringNoCopy());
10356
10357	/*
10358	* All management of file sets requires an entitlement
10359	*/
10360	result = kOSKextReturnNotPrivileged;
10361	if (predicate->isEqualTo(kKextRequestPredicateUnload) \|\|
10362	predicate->isEqualTo(kKextRequestPredicateStart) \|\|
10363	predicate->isEqualTo(kKextRequestPredicateStop) \|\|
10364	predicate->isEqualTo(kKextRequestPredicateGetKernelRequests) \|\|
10365	predicate->isEqualTo(kKextRequestPredicateSendResource) \|\|
10366	predicate->isEqualTo(kKextRequestPredicateLoadFileSetKC) \|\|
10367	predicate->isEqualTo(kKextRequestPredicateLoadCodeless) \|\|
10368	predicate->isEqualTo(kKextRequestPredicateLoadFromKC) \|\|
10369	predicate->isEqualTo(kKextRequestPredicateMissingAuxKCBundles) \|\|
10370	predicate->isEqualTo(kKextRequestPredicateAuxKCBundleAvailable) \|\|
10371	predicate->isEqualTo(kKextRequestPredicateDaemonReady)) {
10372	if (!iokitDaemonAvailable()) {
10373	panic("Received unexpected request in environment where " kIOKitDaemonName " is unavailable");
10374	}
10375	if (hostPriv == HOST_PRIV_NULL) {
10376	OSKextLog(/ kext / NULL,
10377	kOSKextLogErrorLevel \|
10378	kOSKextLogIPCFlag,
10379	format: "Access Failure - must be root user.");
10380	goto finish;
10381	}
10382	taskCanManageAllKCs = IOCurrentTaskHasEntitlement(kOSKextCollectionManagementEntitlement) == TRUE;
10383	taskOnlyManagesBootKC = IOCurrentTaskHasEntitlement(kOSKextOnlyBootKCManagementEntitlement) == TRUE;
10384
10385	if (!taskCanManageAllKCs && !taskOnlyManagesBootKC) {
10386	OSKextLog(/ kext / NULL,
10387	kOSKextLogErrorLevel \|
10388	kOSKextLogIPCFlag,
10389	format: "Access Failure - client not entitled to manage file sets.");
10390	goto finish;
10391	}
10392
10393	/*
10394	* The OnlyBootKC entitlement restricts the
10395	* collection-management entitlement to only managing kexts in
10396	* the BootKC. All other predicates that alter global state or
10397	* add new KCs are disallowed.
10398	*/
10399	if (taskOnlyManagesBootKC &&
10400	(predicate->isEqualTo(kKextRequestPredicateGetKernelRequests) \|\|
10401	predicate->isEqualTo(kKextRequestPredicateSendResource) \|\|
10402	predicate->isEqualTo(kKextRequestPredicateLoadFileSetKC) \|\|
10403	predicate->isEqualTo(kKextRequestPredicateLoadCodeless) \|\|
10404	predicate->isEqualTo(kKextRequestPredicateMissingAuxKCBundles) \|\|
10405	predicate->isEqualTo(kKextRequestPredicateAuxKCBundleAvailable) \|\|
10406	predicate->isEqualTo(kKextRequestPredicateDaemonReady))) {
10407	OSKextLog(/ kext / NULL,
10408	kOSKextLogErrorLevel \|
10409	kOSKextLogIPCFlag,
10410	format: "Access Failure - client not entitled to manage non-primary KCs");
10411	goto finish;
10412	}
10413
10414	/*
10415	* If we get here, then the process either has the full KC
10416	* management entitlement, or it has the BootKC-only
10417	* entitlement and the request is about the BootKC.
10418	*/
10419	}
10420
10421	/ Get common args in anticipation of use.*
10422	*/
10423	kextIdentifier = OSDynamicCast(OSString, _OSKextGetRequestArgument(
10424	requestDict, kKextRequestArgumentBundleIdentifierKey));
10425	kextIdentifiers = OSDynamicCast(OSArray, _OSKextGetRequestArgument(
10426	requestDict, kKextRequestArgumentBundleIdentifierKey));
10427	if (kextIdentifier) {
10428	theKext = OSDynamicCast(OSKext, sKextsByID ->getObject(kextIdentifier));
10429	}
10430	boolArg = OSDynamicCast(OSBoolean, _OSKextGetRequestArgument(
10431	requestDict, kKextRequestArgumentValueKey));
10432
10433	if (taskOnlyManagesBootKC &&
10434	theKext &&
10435	theKext->isInFileset() &&
10436	theKext->kc_type != KCKindPrimary) {
10437	OSKextLog(/ kext / NULL,
10438	kOSKextLogErrorLevel \|
10439	kOSKextLogIPCFlag,
10440	format: "Access Failure - client not entitled to manage kext in non-primary KC");
10441	result = kOSKextReturnNotPrivileged;
10442	goto finish;
10443	}
10444	result = kOSKextReturnInvalidArgument;
10445
10446	if (predicate->isEqualTo(kKextRequestPredicateStart)) {
10447	if (!kextIdentifier) {
10448	OSKextLog(/ kext / NULL,
10449	kOSKextLogErrorLevel \|
10450	kOSKextLogIPCFlag,
10451	format: "Invalid arguments to kext start request.");
10452	} else if (!theKext) {
10453	OSKextLog(/ kext / NULL,
10454	kOSKextLogErrorLevel \|
10455	kOSKextLogIPCFlag,
10456	format: "Kext %s not found for start request.",
10457	kextIdentifier->getCStringNoCopy());
10458	result = kOSKextReturnNotFound;
10459	} else {
10460	result = theKext->start();
10461	}
10462	} else if (predicate->isEqualTo(kKextRequestPredicateStop)) {
10463	if (!kextIdentifier) {
10464	OSKextLog(/ kext / NULL,
10465	kOSKextLogErrorLevel \|
10466	kOSKextLogIPCFlag,
10467	format: "Invalid arguments to kext stop request.");
10468	} else if (!theKext) {
10469	OSKextLog(/ kext / NULL,
10470	kOSKextLogErrorLevel \|
10471	kOSKextLogIPCFlag,
10472	format: "Kext %s not found for stop request.",
10473	kextIdentifier->getCStringNoCopy());
10474	result = kOSKextReturnNotFound;
10475	} else {
10476	result = theKext->stop();
10477	}
10478	} else if (predicate->isEqualTo(kKextRequestPredicateMissingAuxKCBundles)) {
10479	result = OSKext::setMissingAuxKCBundles(requestDict);
10480	} else if (predicate->isEqualTo(kKextRequestPredicateAuxKCBundleAvailable)) {
10481	if (!kextIdentifier) {
10482	OSKextLog(/ kext / NULL,
10483	kOSKextLogErrorLevel \|
10484	kOSKextLogIPCFlag,
10485	format: "Invalid arguments to AuxKC Bundle Available request.");
10486	} else {
10487	result = OSKext::setAuxKCBundleAvailable(kextIdentifier, requestDict);
10488	}
10489	} else if (predicate->isEqualTo(kKextRequestPredicateLoadFromKC)) {
10490	if (!kextIdentifier) {
10491	OSKextLog(/ kext / NULL,
10492	kOSKextLogErrorLevel \|
10493	kOSKextLogIPCFlag,
10494	format: "Invalid arguments to kext load from KC request.");
10495	} else if (!theKext) {
10496	OSKextLog(/ kext / NULL,
10497	kOSKextLogErrorLevel \|
10498	kOSKextLogIPCFlag,
10499	format: "Kext %s not found for load from KC request.",
10500	kextIdentifier->getCStringNoCopy());
10501	result = kOSKextReturnNotFound;
10502	} else if (!theKext->isInFileset()) {
10503	OSKextLog(/ kext / NULL,
10504	kOSKextLogErrorLevel \|
10505	kOSKextLogIPCFlag,
10506	format: "Kext %s does not exist in a KC: refusing to load.",
10507	kextIdentifier->getCStringNoCopy());
10508	result = kOSKextReturnNotLoadable;
10509	} else {
10510	result = OSKext::loadKextFromKC(theKext, requestDict);
10511	}
10512	} else if (predicate->isEqualTo(kKextRequestPredicateLoadCodeless)) {
10513	if (!kextIdentifier) {
10514	OSKextLog(/ kext / NULL,
10515	kOSKextLogErrorLevel \|
10516	kOSKextLogIPCFlag,
10517	format: "Invalid arguments to codeless kext load interface (missing identifier).");
10518	} else {
10519	result = OSKext::loadCodelessKext(kextIdentifier, requestDict);
10520	}
10521	} else if (predicate->isEqualTo(kKextRequestPredicateUnload)) {
10522	if (!kextIdentifier) {
10523	OSKextLog(/ kext / NULL,
10524	kOSKextLogErrorLevel \|
10525	kOSKextLogIPCFlag,
10526	format: "Invalid arguments to kext unload request.");
10527	} else if (!theKext) {
10528	OSKextLog(/ kext / NULL,
10529	kOSKextLogErrorLevel \|
10530	kOSKextLogIPCFlag,
10531	format: "Kext %s not found for unload request.",
10532	kextIdentifier->getCStringNoCopy());
10533	result = kOSKextReturnNotFound;
10534	} else {
10535	if (theKext->isDriverKit()) {
10536	result = OSKext::removeDext(dext: theKext);
10537	} else {
10538	OSBoolean * terminateFlag = OSDynamicCast(OSBoolean,
10539	_OSKextGetRequestArgument(requestDict,
10540	kKextRequestArgumentTerminateIOServicesKey));
10541	result = OSKext::removeKext(aKext: theKext, terminateServicesAndRemovePersonalitiesFlag: terminateFlag == kOSBooleanTrue);
10542	}
10543	}
10544	} else if (predicate->isEqualTo(kKextRequestPredicateSendResource)) {
10545	result = OSKext::dispatchResource(requestDict);
10546	} else if (predicate->isEqualTo(kKextRequestPredicateGetUUIDByAddress)) {
10547	OSNumber *lookupNum = NULL;
10548	lookupNum = OSDynamicCast(OSNumber,
10549	_OSKextGetRequestArgument(requestDict,
10550	kKextRequestArgumentLookupAddressKey));
10551
10552	responseObject = OSKext::copyKextUUIDForAddress(address: lookupNum);
10553	if (responseObject) {
10554	result = kOSReturnSuccess;
10555	} else {
10556	goto finish;
10557	}
10558	} else if (predicate->isEqualTo(kKextRequestPredicateGetLoaded) \|\|
10559	predicate->isEqualTo(kKextRequestPredicateGetLoadedByUUID) \|\|
10560	predicate->isEqualTo(kKextRequestPredicateGetKextsInCollection) \|\|
10561	predicate->isEqualTo(kKextRequestPredicateGetDexts)) {
10562	OSBoolean * delayAutounloadBool = NULL;
10563	OSObject * infoKeysRaw = NULL;
10564	OSArray * infoKeys = NULL;
10565	uint32_t infoKeysCount = `0`;
10566
10567	delayAutounloadBool = OSDynamicCast(OSBoolean,
10568	_OSKextGetRequestArgument(requestDict,
10569	kKextRequestArgumentDelayAutounloadKey));
10570
10571	/ If asked to delay autounload, reset the timer if it's currently set.*
10572	* (That is, don't schedule an unload if one isn't already pending.
10573	*/
10574	if (delayAutounloadBool == kOSBooleanTrue) {
10575	OSKext::considerUnloads(/ rescheduleOnly? / rescheduleOnlyFlag: true);
10576	}
10577
10578	infoKeysRaw = _OSKextGetRequestArgument(requestDict,
10579	kKextRequestArgumentInfoKeysKey);
10580	infoKeys = OSDynamicCast(OSArray, infoKeysRaw);
10581	if (infoKeysRaw && !infoKeys) {
10582	OSKextLog(/ kext / NULL,
10583	kOSKextLogErrorLevel \|
10584	kOSKextLogIPCFlag,
10585	format: "Invalid arguments to kext info request.");
10586	goto finish;
10587	}
10588
10589	if (infoKeys) {
10590	infoKeysCount = infoKeys->getCount();
10591	for (uint32_t i = `0`; i < infoKeysCount; i++) {
10592	if (!OSDynamicCast(OSString, infoKeys->getObject(i))) {
10593	OSKextLog(/ kext / NULL,
10594	kOSKextLogErrorLevel \|
10595	kOSKextLogIPCFlag,
10596	format: "Invalid arguments to kext info request.");
10597	goto finish;
10598	}
10599	}
10600	}
10601
10602	if (predicate->isEqualTo(kKextRequestPredicateGetLoaded)) {
10603	responseObject = OSKext::copyLoadedKextInfo(kextIdentifiers, keys: infoKeys);
10604	} else if (predicate->isEqualTo(kKextRequestPredicateGetLoadedByUUID)) {
10605	responseObject = OSKext::copyLoadedKextInfoByUUID(kextIdentifiers, keys: infoKeys);
10606	} else if (predicate->isEqualTo(kKextRequestPredicateGetKextsInCollection)) {
10607	responseObject = OSKext::copyKextCollectionInfo(requestDict, infoKeys);
10608	} else if (predicate->isEqualTo(kKextRequestPredicateGetDexts)) {
10609	responseObject = OSKext::copyDextsInfo(kextIdentifiers, keys: infoKeys);
10610	}
10611
10612	if (!responseObject) {
10613	result = kOSKextReturnInternalError;
10614	} else {
10615	OSKextLog(/ kext / NULL,
10616	kOSKextLogDebugLevel \|
10617	kOSKextLogIPCFlag,
10618	format: "Returning loaded kext info.");
10619	result = kOSReturnSuccess;
10620	}
10621	} else if (predicate->isEqualTo(kKextRequestPredicateGetKernelRequests)) {
10622	/ Hand the current sKernelRequests array to the caller*
10623	* (who must release it), and make a new one.
10624	*/
10625	responseObject = os::move(t&: sKernelRequests);
10626	sKernelRequests = OSArray::withCapacity(capacity: `0`);
10627	sPostedKextLoadIdentifiers ->flushCollection();
10628	OSKextLog(/ kext / NULL,
10629	kOSKextLogDebugLevel \|
10630	kOSKextLogIPCFlag,
10631	format: "Returning kernel requests.");
10632	result = kOSReturnSuccess;
10633	} else if (predicate->isEqualTo(kKextRequestPredicateGetAllLoadRequests)) {
10634	/ Return the set of all requested bundle identifiers /
10635	responseObject = sAllKextLoadIdentifiers;
10636	OSKextLog(/ kext / NULL,
10637	kOSKextLogDebugLevel \|
10638	kOSKextLogIPCFlag,
10639	format: "Returning load requests.");
10640	result = kOSReturnSuccess;
10641	} else if (predicate->isEqualTo(kKextRequestPredicateLoadFileSetKC)) {
10642	printf("KextLog: Loading FileSet KC(s)\n");
10643	result = OSKext::loadFileSetKexts(requestDict);
10644	} else if (predicate->isEqualTo(kKextRequestPredicateDaemonReady)) {
10645	bool active = iokitDaemonActive();
10646	printf("KextLog: " kIOKitDaemonName " is %s\n", active ? "active" : "not active");
10647	if (sOSKextWasResetAfterUserspaceReboot) {
10648	printf("KextLog: was reset after userspace reboot\n");
10649	}
10650	result = active ? kOSReturnSuccess : kIOReturnNotReady;
10651	} else {
10652	OSKextLog(/ kext / NULL,
10653	kOSKextLogDebugLevel \|
10654	kOSKextLogIPCFlag,
10655	format: "Received '%s' invalid request from user space.",
10656	predicate->getCStringNoCopy());
10657	goto finish;
10658	}
10659
10660	/**********
10661	* Now we have handle the request, or not. Gather up the response & logging
10662	* info to ship to user space.
10663	*********/
10664
10665	/ Note: Nothing in OSKext is supposed to retain requestDict,*
10666	* but you never know....
10667	*/
10668	if (requestDict->getRetainCount() > `1`) {
10669	OSKextLog(/ kext / NULL,
10670	kOSKextLogWarningLevel \|
10671	kOSKextLogIPCFlag,
10672	format: "Request from user space still retained by a kext; "
10673	"probable memory leak.");
10674	}
10675
10676	if (responseOut && responseObject) {
10677	serializer = OSSerialize::withCapacity(capacity: `0`);
10678	if (!serializer) {
10679	result = kOSKextReturnNoMemory;
10680	goto finish;
10681	}
10682	/*
10683	* Before serializing the kernel requests, patch the dext launch requests so
10684	* that the value for kKextRequestArgumentCheckInToken is a mach port name for the
10685	* IOUserServerCheckInToken kernel object.
10686	*/
10687	if (predicate->isEqualTo(kKextRequestPredicateGetKernelRequests)) {
10688	OSArray * requests = OSDynamicCast(OSArray, responseObject.get());
10689	task_t calling_task = current_task();
10690	if (!requests) {
10691	OSKextLog(/ kext / NULL,
10692	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10693	format: "responseObject should be an OSArray if predicate is " kKextRequestPredicateGetKernelRequests);
10694	result = kOSKextReturnInternalError;
10695	goto finish;
10696	}
10697	result = patchDextLaunchRequests(calling_task, requests);
10698	if (result != kOSReturnSuccess) {
10699	OSKextLog(/ kext / NULL,
10700	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10701	format: "Failed to patch dext launch requests.");
10702	goto finish;
10703	}
10704	}
10705
10706	if (!responseObject ->serialize(serializer: serializer.get())) {
10707	OSKextLog(/ kext / NULL,
10708	kOSKextLogGeneralFlag \| kOSKextLogErrorLevel,
10709	format: "Failed to serialize response to request from user space.");
10710	result = kOSKextReturnSerialization;
10711	goto finish;
10712	}
10713
10714	response = (char *)serializer ->text();
10715	responseLength = serializer ->getLength();
10716	}
10717
10718	if (responseOut && response) {
10719	char * buffer;
10720
10721	/ This kmem_alloc sets the return value of the function.*
10722	*/
10723	kmem_result = kmem_alloc(map: kernel_map, addrp: (vm_offset_t *)&buffer,
10724	size: round_page(x: responseLength), flags: KMA_DATA, VM_KERN_MEMORY_OSKEXT);
10725	if (kmem_result != KERN_SUCCESS) {
10726	OSKextLog(/ kext / NULL,
10727	kOSKextLogErrorLevel \|
10728	kOSKextLogIPCFlag,
10729	format: "Failed to copy response to request from user space.");
10730	result = kmem_result;
10731	goto finish;
10732	} else {
10733	/ 11981737 - clear uninitialized data in last page /
10734	bzero(s: (void *)(buffer + responseLength),
10735	n: (round_page(x: responseLength) - responseLength));
10736	memcpy(dst: buffer, src: response, n: responseLength);
10737	*responseOut = buffer;
10738	*responseLengthOut = responseLength;
10739	}
10740	}
10741
10742	finish:
10743
10744	/ Gather up the collected log messages for user space. Any messages*
10745	* messages past this call will not make it up as log messages but
10746	* will be in the system log. Note that we ignore the return of the
10747	* serialize; it has no bearing on the operation at hand even if we
10748	* fail to get the log messages.
10749	*/
10750	logInfoArray = OSKext::clearUserSpaceLogFilter();
10751
10752	if (logInfoArray && logInfoOut && logInfoLengthOut) {
10753	(void)OSKext::serializeLogInfo(logInfoArray: logInfoArray.get(),
10754	logInfoOut, logInfoLengthOut);
10755	}
10756
10757	IORecursiveLockUnlock(lock: sKextLock);
10758
10759	return result;
10760	}
10761
10762	#if PRAGMA_MARK
10763	#pragma mark Linked Kext Collection Support
10764	#endif
10765
10766	static int
10767	__whereIsAddr(vm_offset_t theAddr, unsigned long segSizes, vm_offset_t segAddrs, int segCount)
10768	{
10769	for (int i = `0`; i < segCount; i++) {
10770	vm_offset_t segStart = segAddrs[i];
10771	vm_offset_t segEnd = segStart + (vm_offset_t)segSizes[i];
10772
10773	if (theAddr >= segStart && theAddr < segEnd) {
10774	return i;
10775	}
10776	}
10777	return -`1`;
10778	}
10779
10780	static void
10781	__slideOldKaslrOffsets(kernel_mach_header_t *mh,
10782	kernel_segment_command_t *kextTextSeg,
10783	OSData *kaslrOffsets)
10784	{
10785	static const char *plk_segNames[] = {
10786	"__TEXT",
10787	"__TEXT_EXEC",
10788	"__DATA",
10789	"__DATA_CONST",
10790	"__LINKEDIT",
10791	"__PRELINK_TEXT",
10792	"__PLK_TEXT_EXEC",
10793	"__PRELINK_DATA",
10794	"__PLK_DATA_CONST",
10795	"__PLK_LLVM_COV",
10796	"__PLK_LINKEDIT",
10797	"__PRELINK_INFO"
10798	};
10799	static const size_t num_plk_seg = (size_t)(sizeof(plk_segNames) / sizeof(plk_segNames[`0`]));
10800
10801	unsigned long plk_segSizes[num_plk_seg];
10802	vm_offset_t plk_segAddrs[num_plk_seg];
10803
10804	for (size_t i = `0`; i < num_plk_seg; i++) {
10805	plk_segSizes[i] = `0`;
10806	plk_segAddrs[i] = (vm_offset_t)getsegdatafromheader(mh, plk_segNames[i], &plk_segSizes[i]);
10807	}
10808
10809	uint64_t kextTextStart = (uint64_t)kextTextSeg->vmaddr;
10810
10811	int slidKextAddrCount = `0`;
10812	int badSlideAddr = `0`;
10813	int badSlideTarget = `0`;
10814
10815	struct kaslrPackedOffsets {
10816	uint32_t count; / number of offsets /
10817	uint32_t offsetsArray[]; / offsets to slide /
10818	};
10819	const struct kaslrPackedOffsets *myOffsets = NULL;
10820	myOffsets = (const struct kaslrPackedOffsets *)kaslrOffsets->getBytesNoCopy();
10821
10822	for (uint32_t j = `0`; j < myOffsets->count; j++) {
10823	uint64_t slideOffset = (uint64_t)myOffsets->offsetsArray[j];
10824	vm_offset_t slideAddr = (vm_offset_t )((uint64_t)kextTextStart + slideOffset);
10825	int slideAddrSegIndex = -`1`;
10826	int addrToSlideSegIndex = -`1`;
10827
10828	slideAddrSegIndex = __whereIsAddr(theAddr: (vm_offset_t)slideAddr, segSizes: &plk_segSizes[`0`], segAddrs: &plk_segAddrs[`0`], segCount: num_plk_seg);
10829	if (slideAddrSegIndex >= `0`) {
10830	addrToSlideSegIndex = __whereIsAddr(theAddr: ml_static_slide(vaddr: *slideAddr), segSizes: &plk_segSizes[`0`], segAddrs: &plk_segAddrs[`0`], segCount: num_plk_seg);
10831	if (addrToSlideSegIndex < `0`) {
10832	badSlideTarget++;
10833	continue;
10834	}
10835	} else {
10836	badSlideAddr++;
10837	continue;
10838	}
10839
10840	slidKextAddrCount++;
10841	slideAddr = ml_static_slide(vaddr: slideAddr);
10842	} // for ...
10843	}
10844
10845
10846
10847	/********************************************************************
10848	* addKextsFromKextCollection
10849	*
10850	* Input: MachO header of kext collection. The MachO is assumed to
10851	* have a section named 'info_seg_name,info_sect_name' that
10852	* contains a serialized XML info dictionary. This dictionary
10853	* contains a UUID, possibly a set of relocations (for older
10854	* kxld-built binaries), and an array of kext personalities.
10855	*
10856	********************************************************************/
10857	bool
10858	OSKext::addKextsFromKextCollection(kernel_mach_header_t *mh,
10859	OSDictionary infoDict, const* char *text_seg_name,
10860	OSData **kcUUID, kc_kind_t type)
10861	{
10862	bool result = false;
10863
10864	OSArray kextArray = NULL; // do not release*
10865	OSData infoDictKCUUID = NULL; // do not release*
10866	OSData kaslrOffsets = NULL; // do not release*
10867
10868	IORegistryEntry registryRoot = NULL; // do not release*
10869	OSSharedPtr<OSNumber> kcKextCount;
10870
10871	/ extract the KC UUID from the dictionary /
10872	infoDictKCUUID = OSDynamicCast(OSData, infoDict->getObject(kPrelinkInfoKCIDKey));
10873	if (infoDictKCUUID) {
10874	if (infoDictKCUUID->getLength() != sizeof(uuid_t)) {
10875	panic("kcUUID length is %d, expected %lu",
10876	infoDictKCUUID->getLength(), sizeof(uuid_t));
10877	}
10878	}
10879
10880	/ locate the array of kext dictionaries /
10881	kextArray = OSDynamicCast(OSArray, infoDict->getObject(kPrelinkInfoDictionaryKey));
10882	if (!kextArray) {
10883	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
10884	format: "The given KC has no kext info dictionaries");
10885	goto finish;
10886	}
10887
10888	/*
10889	* old-style KASLR offsets may be present in the info dictionary. If
10890	* we find them, use them and eventually slide them.
10891	*/
10892	kaslrOffsets = OSDynamicCast(OSData, infoDict->getObject(kPrelinkLinkKASLROffsetsKey));
10893
10894	/*
10895	* Before processing any kexts, locate the special kext bundle which
10896	* contains a list of kexts that we are to prevent from loading.
10897	*/
10898	createExcludeListFromPrelinkInfo(theInfoArray: kextArray);
10899
10900	/*
10901	* Create OSKext objects for each kext we find in the array of kext
10902	* info plist dictionaries.
10903	*/
10904	for (int i = `0`; i < (int)kextArray->getCount(); ++i) {
10905	OSDictionary *kextDict = NULL;
10906	kextDict = OSDynamicCast(OSDictionary, kextArray->getObject(i));
10907	if (!kextDict) {
10908	OSKextLog(/ kext / NULL,
10909	kOSKextLogErrorLevel \|
10910	kOSKextLogDirectoryScanFlag \| kOSKextLogArchiveFlag,
10911	format: "Kext info dictionary for kext #%d isn't a dictionary?", i);
10912	continue;
10913	}
10914
10915	/*
10916	* Create the kext for the entry, then release it, because the
10917	* kext system keeps a reference around until the kext is
10918	* explicitly removed. Any creation/registration failures are
10919	* already logged for us.
10920	*/
10921	withPrelinkedInfoDict(anInfoDict: kextDict, doCoalescedSlides: (kaslrOffsets ? TRUE : FALSE), type);
10922	}
10923
10924	/*
10925	* slide old-style kxld relocations
10926	* NOTE: this is still used on embedded KCs built with kcgen
10927	* TODO: Remove this once we use the new kext linker everywhere!
10928	*/
10929	if (kaslrOffsets && vm_kernel_slide > `0`) {
10930	kernel_segment_command_t *text_segment = NULL;
10931	text_segment = getsegbynamefromheader(header: mh, seg_name: text_seg_name);
10932	if (!text_segment) {
10933	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
10934	format: "Can't find a TEXT segment named '%s' in macho header", text_seg_name);
10935	goto finish;
10936	}
10937
10938	__slideOldKaslrOffsets(mh, kextTextSeg: text_segment, kaslrOffsets);
10939	/ All kexts covered by the old-style kaslr relocation list are now slid, set VM protections for them /
10940	setAllVMAttributes();
10941	}
10942
10943	/ Store the number of prelinked kexts in the registry so we can tell*
10944	* when the system has been started from a prelinked kernel.
10945	*/
10946	registryRoot = IORegistryEntry::getRegistryRoot();
10947	assert(registryRoot);
10948
10949	kcKextCount = OSNumber::withNumber(value: (unsigned long long)infoDict->getCount(), numberOfBits: `8` * sizeof(uint32_t));
10950	assert(kcKextCount);
10951	if (kcKextCount) {
10952	OSSharedPtr<OSObject> prop = registryRoot->copyProperty(kOSPrelinkKextCountKey);
10953	OSNumber *num;
10954	num = OSDynamicCast(OSNumber, prop.get());
10955	if (num) {
10956	kcKextCount ->addValue(value: num->unsigned64BitValue());
10957	}
10958	registryRoot->setProperty(kOSPrelinkKextCountKey, anObject: kcKextCount.get());
10959	}
10960
10961	OSKextLog(/ kext / NULL,
10962	kOSKextLogProgressLevel \|
10963	kOSKextLogGeneralFlag \| kOSKextLogKextBookkeepingFlag \|
10964	kOSKextLogDirectoryScanFlag \| kOSKextLogArchiveFlag,
10965	format: "%u prelinked kexts", infoDict->getCount());
10966
10967
10968	if (kcUUID && infoDictKCUUID) {
10969	*kcUUID = OSData::withData(inData: infoDictKCUUID).detach();
10970	}
10971
10972	result = true;
10973
10974	finish:
10975	return result;
10976	}
10977
10978	bool
10979	OSKext::addKextsFromKextCollection(kernel_mach_header_t *mh,
10980	OSDictionary infoDict, const* char *text_seg_name,
10981	OSSharedPtr<OSData> &kcUUID, kc_kind_t type)
10982	{
10983	OSData *result = NULL;
10984	bool success = addKextsFromKextCollection(mh,
10985	infoDict,
10986	text_seg_name,
10987	kcUUID: &result,
10988	type);
10989	if (success) {
10990	kcUUID.reset(p: result, OSNoRetain);
10991	}
10992	return success;
10993	}
10994
10995	static OSSharedPtr<OSObject> deferredAuxKCXML;
10996	bool
10997	OSKext::registerDeferredKextCollection(kernel_mach_header_t *mh,
10998	OSSharedPtr<OSObject> &parsedXML, kc_kind_t type)
10999	{
11000	if (type != KCKindAuxiliary) {
11001	return false;
11002	}
11003
11004	kernel_mach_header_t *_mh;
11005	_mh = (kernel_mach_header_t*)PE_get_kc_header(type);
11006	if (!_mh \|\| _mh != mh) {
11007	return false;
11008	}
11009
11010	if (deferredAuxKCXML) {
11011	/ only allow this to be called once /
11012	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
11013	format: "An Aux KC has already been registered for deferred processing.");
11014	return false;
11015	}
11016
11017	OSDictionary *infoDict = OSDynamicCast(OSDictionary, parsedXML.get());
11018	if (!infoDict) {
11019	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
11020	format: "The Aux KC has info dictionary");
11021	return false;
11022	}
11023
11024	OSData *kcUUID = OSDynamicCast(OSData, infoDict->getObject(kPrelinkInfoKCIDKey));
11025	if (!kcUUID \|\| kcUUID->getLength() != sizeof(uuid_t)) {
11026	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
11027	format: "The Aux KC has no UUID in %s", kPrelinkInfoKCIDKey);
11028	return false;
11029	}
11030
11031	/*
11032	* Copy the AuxKC UUID to make sure that the kern.auxiliaryfilesetuuid
11033	* sysctl can return the UUID to user space which will check this
11034	* value for errors.
11035	*/
11036	memcpy(dst: (void )&auxkc_uuid, src: (const* void *)kcUUID->getBytesNoCopy(),
11037	n: kcUUID->getLength());
11038	uuid_unparse_upper(uu: auxkc_uuid, out: auxkc_uuid_string);
11039	auxkc_uuid_valid = TRUE;
11040
11041	deferredAuxKCXML = parsedXML;
11042
11043	return true;
11044	}
11045
11046	OSSharedPtr<OSObject>
11047	OSKext::consumeDeferredKextCollection(kc_kind_t type)
11048	{
11049	if (type != KCKindAuxiliary \|\| !deferredAuxKCXML) {
11050	return NULL;
11051	}
11052
11053	return os::move(t&: deferredAuxKCXML);
11054	}
11055
11056	#if PRAGMA_MARK
11057	#pragma mark Profile-Guided-Optimization Support
11058	#endif
11059
11060	// #include <InstrProfiling.h>
11061	extern "C" {
11062	uint64_t __llvm_profile_get_size_for_buffer_internal(const char *DataBegin,
11063	const char *DataEnd,
11064	const char *CountersBegin,
11065	const char *CountersEnd,
11066	const char *NamesBegin,
11067	const char *NamesEnd);
11068	int __llvm_profile_write_buffer_internal(char *Buffer,
11069	const char *DataBegin,
11070	const char *DataEnd,
11071	const char *CountersBegin,
11072	const char *CountersEnd,
11073	const char *NamesBegin,
11074	const char *NamesEnd);
11075	}
11076
11077
11078	static
11079	void
11080	OSKextPgoMetadataPut(char *pBuffer,
11081	size_t *position,
11082	size_t bufferSize,
11083	uint32_t *num_pairs,
11084	const char *key,
11085	const char *value)
11086	{
11087	size_t strlen_key = strlen(s: key);
11088	size_t strlen_value = strlen(s: value);
11089	size_t len = strlen(s: key) + `1` + strlen(s: value) + `1`;
11090	char pos = pBuffer + position;
11091	*position += len;
11092	if (pBuffer && bufferSize && *position <= bufferSize) {
11093	memcpy(dst: pos, src: key, n: strlen_key); pos += strlen_key;
11094	*(pos++) = `'='`;
11095	memcpy(dst: pos, src: value, n: strlen_value); pos += strlen_value;
11096	*(pos++) = `0`;
11097	if (num_pairs) {
11098	(*num_pairs)++;
11099	}
11100	}
11101	}
11102
11103
11104	static
11105	void
11106	OSKextPgoMetadataPutMax(size_t position, const* char *key, size_t value_max)
11107	{
11108	*position += strlen(s: key) + `1` + value_max + `1`;
11109	}
11110
11111
11112	static
11113	void
11114	OSKextPgoMetadataPutAll(OSKext *kext,
11115	uuid_t instance_uuid,
11116	char *pBuffer,
11117	size_t *position,
11118	size_t bufferSize,
11119	uint32_t *num_pairs)
11120	{
11121	_static_assert_1_arg(sizeof(clock_sec_t) % `2` == `0`);
11122	//log_10 2^16 ≈ 4.82
11123	const size_t max_secs_string_size = `5` * sizeof(clock_sec_t) / `2`;
11124	const size_t max_timestamp_string_size = max_secs_string_size + `1` + `6`;
11125
11126	if (!pBuffer) {
11127	OSKextPgoMetadataPutMax(position, key: "INSTANCE", value_max: `36`);
11128	OSKextPgoMetadataPutMax(position, key: "UUID", value_max: `36`);
11129	OSKextPgoMetadataPutMax(position, key: "TIMESTAMP", value_max: max_timestamp_string_size);
11130	} else {
11131	uuid_string_t instance_uuid_string;
11132	uuid_unparse(uu: instance_uuid, out: instance_uuid_string);
11133	OSKextPgoMetadataPut(pBuffer, position, bufferSize, num_pairs,
11134	key: "INSTANCE", value: instance_uuid_string);
11135
11136	OSSharedPtr<OSData> uuid_data;
11137	uuid_t uuid;
11138	uuid_string_t uuid_string;
11139	uuid_data = kext->copyUUID();
11140	if (uuid_data) {
11141	memcpy(dst: uuid, src: uuid_data ->getBytesNoCopy(), n: sizeof(uuid));
11142	uuid_unparse(uu: uuid, out: uuid_string);
11143	OSKextPgoMetadataPut(pBuffer, position, bufferSize, num_pairs,
11144	key: "UUID", value: uuid_string);
11145	}
11146
11147	clock_sec_t secs;
11148	clock_usec_t usecs;
11149	clock_get_calendar_microtime(secs: &secs, microsecs: &usecs);
11150	assert(usecs < `1000000`);
11151	char timestamp[max_timestamp_string_size + `1`];
11152	_static_assert_1_arg(sizeof(long) >= sizeof(clock_sec_t));
11153	snprintf(timestamp, count: sizeof(timestamp), "%lu.%06d", (unsigned long)secs, (int)usecs);
11154	OSKextPgoMetadataPut(pBuffer, position, bufferSize, num_pairs,
11155	key: "TIMESTAMP", value: timestamp);
11156	}
11157
11158	OSKextPgoMetadataPut(pBuffer, position, bufferSize, num_pairs,
11159	key: "NAME", value: kext->getIdentifierCString());
11160
11161	char versionCString[kOSKextVersionMaxLength];
11162	OSKextVersionGetString(aVersion: kext->getVersion(), buffer: versionCString, kOSKextVersionMaxLength);
11163	OSKextPgoMetadataPut(pBuffer, position, bufferSize, num_pairs,
11164	key: "VERSION", value: versionCString);
11165	}
11166
11167	static
11168	size_t
11169	OSKextPgoMetadataSize(OSKext *kext)
11170	{
11171	size_t position = `0`;
11172	uuid_t fakeuuid = {};
11173	OSKextPgoMetadataPutAll(kext, instance_uuid: fakeuuid, NULL, position: &position, bufferSize: `0`, NULL);
11174	return position;
11175	}
11176
11177	int
11178	OSKextGrabPgoDataLocked(OSKext *kext,
11179	bool metadata,
11180	uuid_t instance_uuid,
11181	uint64_t *pSize,
11182	char *pBuffer,
11183	uint64_t bufferSize)
11184	{
11185	int err = `0`;
11186
11187	kernel_section_t *sect_prf_data = NULL;
11188	kernel_section_t *sect_prf_name = NULL;
11189	kernel_section_t *sect_prf_cnts = NULL;
11190	uint64_t size;
11191	size_t metadata_size = `0`;
11192	size_t offset_to_pairs = `0`;
11193
11194	sect_prf_data = kext->lookupSection(segname: "__DATA", secname: "__llvm_prf_data");
11195	sect_prf_name = kext->lookupSection(segname: "__DATA", secname: "__llvm_prf_names");
11196	if (!sect_prf_name) {
11197	// kextcache sometimes truncates the section name to 15 chars
11198	// <rdar://problem/52080551> 16 character section name is truncated to 15 characters by kextcache
11199	sect_prf_name = kext->lookupSection(segname: "__DATA", secname: "__llvm_prf_name");
11200	}
11201	sect_prf_cnts = kext->lookupSection(segname: "__DATA", secname: "__llvm_prf_cnts");
11202
11203	if (!sect_prf_data \|\| !sect_prf_name \|\| !sect_prf_cnts) {
11204	err = ENOTSUP;
11205	goto out;
11206	}
11207
11208	size = __llvm_profile_get_size_for_buffer_internal(
11209	DataBegin: (const char) sect_prf_data->addr, DataEnd: (const* char*) sect_prf_data->addr + sect_prf_data->size,
11210	CountersBegin: (const char) sect_prf_cnts->addr, CountersEnd: (const* char*) sect_prf_cnts->addr + sect_prf_cnts->size,
11211	NamesBegin: (const char) sect_prf_name->addr, NamesEnd: (const* char*) sect_prf_name->addr + sect_prf_name->size);
11212
11213	if (metadata) {
11214	metadata_size = OSKextPgoMetadataSize(kext);
11215	size += metadata_size;
11216	size += sizeof(pgo_metadata_footer);
11217	}
11218
11219
11220	if (pSize) {
11221	*pSize = size;
11222	}
11223
11224	if (pBuffer && bufferSize) {
11225	if (bufferSize < size) {
11226	err = ERANGE;
11227	goto out;
11228	}
11229
11230	err = __llvm_profile_write_buffer_internal(
11231	Buffer: pBuffer,
11232	DataBegin: (const char) sect_prf_data->addr, DataEnd: (const* char*) sect_prf_data->addr + sect_prf_data->size,
11233	CountersBegin: (const char) sect_prf_cnts->addr, CountersEnd: (const* char*) sect_prf_cnts->addr + sect_prf_cnts->size,
11234	NamesBegin: (const char) sect_prf_name->addr, NamesEnd: (const* char*) sect_prf_name->addr + sect_prf_name->size);
11235
11236	if (err) {
11237	err = EIO;
11238	goto out;
11239	}
11240
11241	if (metadata) {
11242	offset_to_pairs = sizeof(struct pgo_metadata_footer) + metadata_size;
11243	if (offset_to_pairs > UINT32_MAX) {
11244	err = E2BIG;
11245	goto out;
11246	}
11247
11248	char *end_of_buffer = pBuffer + size;
11249	struct pgo_metadata_footer footerp = (struct* pgo_metadata_footer ) (end_of_buffer - sizeof(struct* pgo_metadata_footer));
11250	char metadata_buffer = end_of_buffer - (sizeof(struct* pgo_metadata_footer) + metadata_size);
11251
11252	size_t metadata_position = `0`;
11253	uint32_t num_pairs = `0`;
11254	OSKextPgoMetadataPutAll(kext, instance_uuid, pBuffer: metadata_buffer, position: &metadata_position, bufferSize: metadata_size, num_pairs: &num_pairs);
11255	while (metadata_position < metadata_size) {
11256	metadata_buffer[metadata_position++] = `0`;
11257	}
11258
11259	struct pgo_metadata_footer footer;
11260	footer.magic = htonl(`0x6d657461`);
11261	footer.number_of_pairs = htonl( num_pairs );
11262	footer.offset_to_pairs = htonl((uint32_t)offset_to_pairs );
11263	memcpy(dst: footerp, src: &footer, n: sizeof(footer));
11264	}
11265	}
11266
11267	out:
11268	return err;
11269	}
11270
11271
11272	int
11273	OSKextGrabPgoData(uuid_t uuid,
11274	uint64_t *pSize,
11275	char *pBuffer,
11276	uint64_t bufferSize,
11277	int wait_for_unload,
11278	int metadata)
11279	{
11280	int err = `0`;
11281	OSSharedPtr<OSKext> kext;
11282
11283
11284	IORecursiveLockLock(lock: sKextLock);
11285
11286	kext = OSKext::lookupKextWithUUID(wanted: uuid);
11287	if (!kext) {
11288	err = ENOENT;
11289	goto out;
11290	}
11291
11292	if (wait_for_unload) {
11293	OSKextGrabPgoStruct s;
11294
11295	s.metadata = metadata;
11296	s.pSize = pSize;
11297	s.pBuffer = pBuffer;
11298	s.bufferSize = bufferSize;
11299	s.err = EINTR;
11300
11301	struct list_head *prev = &kext ->pendingPgoHead;
11302	struct list_head *next = kext ->pendingPgoHead.next;
11303
11304	s.list_head.prev = prev;
11305	s.list_head.next = next;
11306
11307	prev->next = &s.list_head;
11308	next->prev = &s.list_head;
11309
11310	kext.reset();
11311
11312	IORecursiveLockSleep(lock: sKextLock, event: &s, THREAD_ABORTSAFE);
11313
11314	prev = s.list_head.prev;
11315	next = s.list_head.next;
11316
11317	prev->next = next;
11318	next->prev = prev;
11319
11320	err = s.err;
11321	} else {
11322	err = OSKextGrabPgoDataLocked(kext: kext.get(), metadata, instance_uuid: kext ->instance_uuid, pSize, pBuffer, bufferSize);
11323	}
11324
11325	out:
11326
11327	IORecursiveLockUnlock(lock: sKextLock);
11328
11329	return err;
11330	}
11331
11332	void
11333	OSKextResetPgoCountersLock()
11334	{
11335	IORecursiveLockLock(lock: sKextLock);
11336	}
11337
11338	void
11339	OSKextResetPgoCountersUnlock()
11340	{
11341	IORecursiveLockUnlock(lock: sKextLock);
11342	}
11343
11344
11345	extern unsigned int not_in_kdp;
11346
11347	void
11348	OSKextResetPgoCounters()
11349	{
11350	assert(!not_in_kdp);
11351	uint32_t count = sLoadedKexts ->getCount();
11352	for (uint32_t i = `0`; i < count; i++) {
11353	OSKext *kext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
11354	kernel_section_t *sect_prf_cnts = kext->lookupSection(segname: "__DATA", secname: "__llvm_prf_cnts");
11355	if (!sect_prf_cnts) {
11356	continue;
11357	}
11358	memset(s: (void*)sect_prf_cnts->addr, c: `0`, n: sect_prf_cnts->size);
11359	}
11360	}
11361
11362	OSSharedPtr<OSDictionary>
11363	OSKext::copyLoadedKextInfoByUUID(
11364	OSArray * kextIdentifiers,
11365	OSArray * infoKeys)
11366	{
11367	OSSharedPtr<OSDictionary> result;
11368	OSSharedPtr<OSDictionary> kextInfo;
11369	uint32_t max_count, i, j;
11370	uint32_t idCount = `0`;
11371	uint32_t idIndex = `0`;
11372	IORecursiveLockLock(lock: sKextLock);
11373	OSArray *list[`2`] = {sLoadedKexts.get(), sLoadedDriverKitKexts.get()};
11374	uint32_t count[`2`] = {sLoadedKexts ->getCount(), sLoadedDriverKitKexts ->getCount()};
11375
11376	#if CONFIG_MACF
11377	/ Is the calling process allowed to query kext info? /
11378	if (current_task() != kernel_task) {
11379	int macCheckResult = `0`;
11380	kauth_cred_t cred = NULL;
11381
11382	cred = kauth_cred_get_with_ref();
11383	macCheckResult = mac_kext_check_query(cred);
11384	kauth_cred_unref(&cred);
11385
11386	if (macCheckResult != `0`) {
11387	OSKextLog(/ kext / NULL,
11388	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
11389	format: "Failed to query kext info (MAC policy error 0x%x).",
11390	macCheckResult);
11391	goto finish;
11392	}
11393	}
11394	#endif
11395
11396	/ Empty list of UUIDs is equivalent to no list (get all).*
11397	*/
11398	if (kextIdentifiers && !kextIdentifiers->getCount()) {
11399	kextIdentifiers = NULL;
11400	} else if (kextIdentifiers) {
11401	idCount = kextIdentifiers->getCount();
11402	}
11403
11404	/ Same for keys.*
11405	*/
11406	if (infoKeys && !infoKeys->getCount()) {
11407	infoKeys = NULL;
11408	}
11409
11410	max_count = count[`0`] + count[`1`];
11411	result = OSDictionary::withCapacity(capacity: max_count);
11412	if (!result) {
11413	goto finish;
11414	}
11415
11416	for (j = `0`; j < (sizeof(list) / sizeof(list[`0`])); j++) {
11417	for (i = `0`; i < count[j]; i++) {
11418	OSKext thisKext = NULL; // do not release*
11419	Boolean includeThis = true;
11420	uuid_t thisKextUUID;
11421	uuid_t thisKextTextUUID;
11422	OSSharedPtr<OSData> uuid_data;
11423	uuid_string_t uuid_key;
11424
11425	thisKext = OSDynamicCast(OSKext, list[j]->getObject(i));
11426	if (!thisKext) {
11427	continue;
11428	}
11429
11430	uuid_data = thisKext->copyUUID();
11431	if (!uuid_data) {
11432	continue;
11433	}
11434
11435	memcpy(dst: &thisKextUUID, src: uuid_data ->getBytesNoCopy(), n: sizeof(thisKextUUID));
11436
11437	uuid_unparse(uu: thisKextUUID, out: uuid_key);
11438
11439	uuid_data = thisKext->copyTextUUID();
11440	if (!uuid_data) {
11441	continue;
11442	}
11443	memcpy(dst: &thisKextTextUUID, src: uuid_data ->getBytesNoCopy(), n: sizeof(thisKextTextUUID));
11444
11445	/ Skip current kext if we have a list of UUIDs and*
11446	* it isn't in the list.
11447	*/
11448	if (kextIdentifiers) {
11449	includeThis = false;
11450
11451	for (idIndex = `0`; idIndex < idCount; idIndex++) {
11452	const OSString* wantedUUID = OSDynamicCast(OSString,
11453	kextIdentifiers->getObject(idIndex));
11454
11455	uuid_t uuid;
11456	uuid_parse(in: wantedUUID->getCStringNoCopy(), uu: uuid);
11457
11458	if ((`0` == uuid_compare(uu1: uuid, uu2: thisKextUUID))
11459	\|\| (`0` == uuid_compare(uu1: uuid, uu2: thisKextTextUUID))) {
11460	includeThis = true;
11461	/ Only need to find the first kext if multiple match,*
11462	* ie. asking for the kernel uuid does not need to find
11463	* interface kexts or builtin static kexts.
11464	*/
11465	kextIdentifiers->removeObject(index: idIndex);
11466	uuid_unparse(uu: uuid, out: uuid_key);
11467	break;
11468	}
11469	}
11470	}
11471
11472	if (!includeThis) {
11473	continue;
11474	}
11475
11476	kextInfo = thisKext->copyInfo(keys: infoKeys);
11477	if (kextInfo) {
11478	result ->setObject(aKey: uuid_key, anObject: kextInfo.get());
11479	}
11480
11481	if (kextIdentifiers && !kextIdentifiers->getCount()) {
11482	goto finish;
11483	}
11484	}
11485	}
11486
11487	finish:
11488	IORecursiveLockUnlock(lock: sKextLock);
11489
11490	return result;
11491	}
11492
11493	/*********************************************************************
11494	*********************************************************************/
11495	/ static /
11496	OSSharedPtr<OSDictionary>
11497	OSKext::copyKextCollectionInfo(
11498	OSDictionary *requestDict,
11499	OSArray *infoKeys)
11500	{
11501	OSSharedPtr<OSDictionary> result;
11502	OSString *collectionType = NULL;
11503	OSObject *rawLoadedState = NULL;
11504	OSString *loadedState = NULL;
11505
11506	kc_kind_t kc_request_kind = KCKindUnknown;
11507	bool onlyLoaded = false;
11508	bool onlyUnloaded = false;
11509
11510	#if CONFIG_MACF
11511	/ Is the calling process allowed to query kext info? /
11512	if (current_task() != kernel_task) {
11513	int macCheckResult = `0`;
11514	kauth_cred_t cred = NULL;
11515
11516	cred = kauth_cred_get_with_ref();
11517	macCheckResult = mac_kext_check_query(cred);
11518	kauth_cred_unref(&cred);
11519
11520	if (macCheckResult != `0`) {
11521	OSKextLog(/ kext / NULL,
11522	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
11523	format: "Failed to query kext info (MAC policy error 0x%x).",
11524	macCheckResult);
11525	goto finish;
11526	}
11527	}
11528	#endif
11529
11530	if (infoKeys && !infoKeys->getCount()) {
11531	infoKeys = NULL;
11532	}
11533
11534	collectionType = OSDynamicCast(OSString,
11535	_OSKextGetRequestArgument(requestDict,
11536	kKextRequestArgumentCollectionTypeKey));
11537	if (!collectionType) {
11538	OSKextLog(/ kext / NULL,
11539	kOSKextLogErrorLevel \|
11540	kOSKextLogIPCFlag,
11541	format: "Invalid '%s' argument to kext collection info request.",
11542	kKextRequestArgumentCollectionTypeKey);
11543	goto finish;
11544	}
11545	if (collectionType->isEqualTo(kKCTypePrimary)) {
11546	kc_request_kind = KCKindPrimary;
11547	} else if (collectionType->isEqualTo(kKCTypeSystem)) {
11548	kc_request_kind = KCKindPageable;
11549	} else if (collectionType->isEqualTo(kKCTypeAuxiliary)) {
11550	kc_request_kind = KCKindAuxiliary;
11551	} else if (collectionType->isEqualTo(kKCTypeCodeless)) {
11552	kc_request_kind = KCKindNone;
11553	} else if (!collectionType->isEqualTo(kKCTypeAny)) {
11554	OSKextLog(/ kext / NULL,
11555	kOSKextLogErrorLevel \|
11556	kOSKextLogIPCFlag,
11557	format: "Invalid '%s' argument value '%s' to kext collection info request.",
11558	kKextRequestArgumentCollectionTypeKey,
11559	collectionType->getCStringNoCopy());
11560	goto finish;
11561	}
11562
11563	rawLoadedState = _OSKextGetRequestArgument(requestDict,
11564	kKextRequestArgumentLoadedStateKey);
11565	if (rawLoadedState) {
11566	loadedState = OSDynamicCast(OSString, rawLoadedState);
11567	if (!loadedState) {
11568	OSKextLog(/ kext / NULL,
11569	kOSKextLogErrorLevel \|
11570	kOSKextLogIPCFlag,
11571	format: "Invalid '%s' argument to kext collection info request.",
11572	kKextRequestArgumentLoadedStateKey);
11573	goto finish;
11574	}
11575	}
11576	if (loadedState) {
11577	if (loadedState->isEqualTo(cString: "Loaded")) {
11578	onlyLoaded = true;
11579	} else if (loadedState->isEqualTo(cString: "Unloaded")) {
11580	onlyUnloaded = true;
11581	} else if (!loadedState->isEqualTo(cString: "Any")) {
11582	OSKextLog(/ kext / NULL,
11583	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
11584	format: "Invalid '%s' argument value '%s' for '%s' collection info",
11585	kKextRequestArgumentLoadedStateKey,
11586	loadedState->getCStringNoCopy(),
11587	collectionType->getCStringNoCopy());
11588	goto finish;
11589	}
11590	}
11591
11592	result = OSDictionary::withCapacity(capacity: sKextsByID ->getCount());
11593	if (!result) {
11594	goto finish;
11595	}
11596
11597	IORecursiveLockLock(lock: sKextLock);
11598	{ // start block scope
11599	sKextsByID ->iterateObjects(block: ^bool (const OSSymbol thisKextID, OSObject obj)
11600	{
11601	OSKext thisKext = NULL; // do not release*
11602	OSSharedPtr<OSDictionary> kextInfo;
11603
11604	(void)thisKextID;
11605
11606	thisKext = OSDynamicCast(OSKext, obj);
11607	if (!thisKext) {
11608	return false;
11609	}
11610
11611	/*
11612	* skip the kext if it came from the wrong collection type
11613	* (and the caller requested a specific type)
11614	*/
11615	if ((kc_request_kind != KCKindUnknown) && (thisKext->kc_type != kc_request_kind)) {
11616	return false;
11617	}
11618
11619	/*
11620	* respect the caller's desire to find only loaded or
11621	* unloaded kexts
11622	*/
11623	if (onlyLoaded && (-`1U` == sLoadedKexts ->getNextIndexOfObject(anObject: thisKext, index: `0`))) {
11624	return false;
11625	}
11626	if (onlyUnloaded && (-`1U` != sLoadedKexts ->getNextIndexOfObject(anObject: thisKext, index: `0`))) {
11627	return false;
11628	}
11629
11630	kextInfo = thisKext->copyInfo(keys: infoKeys);
11631	if (kextInfo) {
11632	result ->setObject(aKey: thisKext->getIdentifier(), anObject: kextInfo.get());
11633	}
11634	return false;
11635	});
11636	} // end block scope
11637	IORecursiveLockUnlock(lock: sKextLock);
11638
11639	finish:
11640	return result;
11641	}
11642
11643	/ static /
11644	OSSharedPtr<OSArray>
11645	OSKext::copyDextsInfo(
11646	OSArray *kextIdentifiers,
11647	OSArray *infoKeys)
11648	{
11649	OSSharedPtr<OSArray> result = NULL;
11650	uint32_t idCount = `0`;
11651	bool getActive = false;
11652	bool getLoaded = false;
11653	bool getUnloaded = false;
11654	bool getPendingUpgrade = false;
11655	unsigned int avgDextCount = `0`;
11656
11657	#if CONFIG_MACF
11658	/ Is the calling process allowed to query dext info? /
11659	if (current_task() != kernel_task) {
11660	int macCheckResult = `0`;
11661	kauth_cred_t cred = NULL;
11662
11663	cred = kauth_cred_get_with_ref();
11664	macCheckResult = mac_kext_check_query(cred);
11665	kauth_cred_unref(&cred);
11666
11667	if (macCheckResult != `0`) {
11668	OSKextLog(/ kext / NULL,
11669	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
11670	format: "Failed to query kext info (MAC policy error 0x%x).",
11671	macCheckResult);
11672	goto finish;
11673	}
11674	}
11675	#endif
11676	/*
11677	* No infoKeys means return everything we
11678	* know about the dexts.
11679	*/
11680	if (infoKeys && !infoKeys->getCount()) {
11681	infoKeys = NULL;
11682	}
11683
11684	/*
11685	* Empty list of bundle ids is equivalent to
11686	* no list (get all).
11687	*/
11688	if (kextIdentifiers && !kextIdentifiers->getCount()) {
11689	kextIdentifiers = NULL;
11690	} else if (kextIdentifiers) {
11691	idCount = kextIdentifiers->getCount();
11692	}
11693
11694	/*
11695	* Caller can specify which state of dexts to query.
11696	*/
11697	if (infoKeys && _OSArrayContainsCString(array: infoKeys, kOSBundleDextStateActiveKey)) {
11698	getActive = true;
11699	}
11700	if (infoKeys && _OSArrayContainsCString(array: infoKeys, kOSBundleDextStateActiveLoadedKey)) {
11701	getLoaded = true;
11702	}
11703	if (infoKeys && _OSArrayContainsCString(array: infoKeys, kOSBundleDextStateActiveUnloadedKey)) {
11704	getUnloaded = true;
11705	}
11706	if (infoKeys && _OSArrayContainsCString(array: infoKeys, kOSBundleDextStatePendingUpgradeKey)) {
11707	getPendingUpgrade = true;
11708	}
11709
11710	/*
11711	* By default we are going to return all active and pendingUpgrade dexts
11712	* only.
11713	*/
11714	if (!(getActive \|\| getLoaded \|\| getUnloaded \|\| getPendingUpgrade)) {
11715	getActive = true;
11716	getPendingUpgrade = true;
11717	}
11718
11719	/*
11720	* We return a dictionary of dexts
11721	* for every group requested.
11722	*/
11723	avgDextCount = sLoadedDriverKitKexts ->getCount() + sDriverKitToUpgradeByID ->getCount();
11724	result = OSArray::withCapacity(capacity: avgDextCount);
11725	if (!result) {
11726	goto finish;
11727	}
11728
11729	IORecursiveLockLock(lock: sKextLock);
11730	{ // start block scope
11731	if (getActive \|\| getLoaded \|\| getUnloaded) {
11732	sKextsByID ->iterateObjects(block: ^bool (const OSSymbol thisKextID, OSObject obj)
11733	{
11734	OSKext thisKext = NULL; // do not release*
11735	OSSharedPtr<OSDictionary> kextInfo;
11736	Boolean includeThis = true;
11737	(void)thisKextID;
11738
11739	thisKext = OSDynamicCast(OSKext, obj);
11740	if (!thisKext \|\| !thisKext->isDriverKit()) {
11741	return false;
11742	}
11743
11744	/*
11745	* Skip current dext if we have a list of bundle IDs and
11746	* it isn't in the list.
11747	*/
11748	if (kextIdentifiers) {
11749	includeThis = false;
11750
11751	for (uint32_t idIndex = `0`; idIndex < idCount; idIndex++) {
11752	const OSString * thisRequestID = OSDynamicCast(OSString,
11753	kextIdentifiers->getObject(idIndex));
11754	if (thisKextID->isEqualTo(anObject: thisRequestID)) {
11755	includeThis = true;
11756	break;
11757	}
11758	}
11759	}
11760
11761	if (!includeThis) {
11762	return false;
11763	}
11764
11765	OSSharedPtr<OSString> state;
11766	if (sLoadedDriverKitKexts ->getNextIndexOfObject(anObject: thisKext, index: `0`) == -`1U`) {
11767	if (!(getActive \|\| getUnloaded)) {
11768	return false;
11769	}
11770	state = OSString::withCString(kOSBundleDextStateActiveUnloadedKey);
11771	} else {
11772	if (!(getActive \|\| getLoaded)) {
11773	return false;
11774	}
11775	state = OSString::withCString(kOSBundleDextStateActiveLoadedKey);
11776	}
11777
11778	kextInfo = thisKext->copyInfo(keys: infoKeys);
11779	if (kextInfo) {
11780	kextInfo ->setObject(kOSBundleDextStateKey, anObject: state.get());
11781	result ->setObject(kextInfo.get());
11782	}
11783
11784	return false;
11785	});
11786	}
11787
11788	if (getPendingUpgrade) {
11789	sDriverKitToUpgradeByID ->iterateObjects(block: ^bool (const OSSymbol thisKextID, OSObject obj)
11790	{
11791	OSKext thisKext = NULL; // do not release*
11792	OSSharedPtr<OSDictionary> kextInfo;
11793	Boolean includeThis = true;
11794	(void)thisKextID;
11795
11796	thisKext = OSDynamicCast(OSKext, obj);
11797	if (!thisKext) {
11798	return false;
11799	}
11800	__assert_only bool isDext = thisKext->isDriverKit();
11801	assert(isDext == true);
11802
11803	/*
11804	* Skip current dext if we have a list of bundle IDs and
11805	* it isn't in the list.
11806	*/
11807	if (kextIdentifiers) {
11808	includeThis = false;
11809
11810	for (uint32_t idIndex = `0`; idIndex < idCount; idIndex++) {
11811	const OSString * thisRequestID = OSDynamicCast(OSString,
11812	kextIdentifiers->getObject(idIndex));
11813	if (thisKextID->isEqualTo(anObject: thisRequestID)) {
11814	includeThis = true;
11815	break;
11816	}
11817	}
11818	}
11819
11820	if (!includeThis) {
11821	return false;
11822	}
11823
11824	kextInfo = thisKext->copyInfo(keys: infoKeys);
11825	if (kextInfo) {
11826	OSSharedPtr<OSString> state = OSString::withCString(kOSBundleDextStatePendingUpgradeKey);
11827	kextInfo ->setObject(kOSBundleDextStateKey, anObject: state.get());
11828	result ->setObject(kextInfo.get());
11829	}
11830	return false;
11831	});
11832	}
11833	} // end block scope
11834	IORecursiveLockUnlock(lock: sKextLock);
11835	finish:
11836	return result;
11837	}
11838
11839	/*********************************************************************
11840	*********************************************************************/
11841	/ static /
11842	OSSharedPtr<OSDictionary>
11843	OSKext::copyLoadedKextInfo(
11844	OSArray * kextIdentifiers,
11845	OSArray * infoKeys)
11846	{
11847	OSSharedPtr<OSDictionary> result;
11848	uint32_t idCount = `0`;
11849	bool onlyLoaded;
11850
11851	IORecursiveLockLock(lock: sKextLock);
11852
11853	#if CONFIG_MACF
11854	/ Is the calling process allowed to query kext info? /
11855	if (current_task() != kernel_task) {
11856	int macCheckResult = `0`;
11857	kauth_cred_t cred = NULL;
11858
11859	cred = kauth_cred_get_with_ref();
11860	macCheckResult = mac_kext_check_query(cred);
11861	kauth_cred_unref(&cred);
11862
11863	if (macCheckResult != `0`) {
11864	OSKextLog(/ kext / NULL,
11865	kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
11866	format: "Failed to query kext info (MAC policy error 0x%x).",
11867	macCheckResult);
11868	goto finish;
11869	}
11870	}
11871	#endif
11872
11873	/ Empty list of bundle ids is equivalent to no list (get all).*
11874	*/
11875	if (kextIdentifiers && !kextIdentifiers->getCount()) {
11876	kextIdentifiers = NULL;
11877	} else if (kextIdentifiers) {
11878	idCount = kextIdentifiers->getCount();
11879	}
11880
11881	/ Same for keys.*
11882	*/
11883	if (infoKeys && !infoKeys->getCount()) {
11884	infoKeys = NULL;
11885	}
11886
11887	onlyLoaded = (!infoKeys \|\| !_OSArrayContainsCString(array: infoKeys, kOSBundleAllPrelinkedKey));
11888
11889	result = OSDictionary::withCapacity(capacity: `128`);
11890	if (!result) {
11891	goto finish;
11892	}
11893
11894	#if 0
11895	OSKextLog(/ kext / NULL,
11896	kOSKextLogErrorLevel \|
11897	kOSKextLogGeneralFlag,
11898	"kaslr: vm_kernel_slide 0x%lx \n",
11899	vm_kernel_slide);
11900	OSKextLog(/ kext / NULL,
11901	kOSKextLogErrorLevel \|
11902	kOSKextLogGeneralFlag,
11903	"kaslr: vm_kernel_stext 0x%lx vm_kernel_etext 0x%lx \n",
11904	vm_kernel_stext, vm_kernel_etext);
11905	OSKextLog(/ kext / NULL,
11906	kOSKextLogErrorLevel \|
11907	kOSKextLogGeneralFlag,
11908	"kaslr: vm_kernel_base 0x%lx vm_kernel_top 0x%lx \n",
11909	vm_kernel_base, vm_kernel_top);
11910	OSKextLog(/ kext / NULL,
11911	kOSKextLogErrorLevel \|
11912	kOSKextLogGeneralFlag,
11913	"kaslr: vm_kext_base 0x%lx vm_kext_top 0x%lx \n",
11914	vm_kext_base, vm_kext_top);
11915	OSKextLog(/ kext / NULL,
11916	kOSKextLogErrorLevel \|
11917	kOSKextLogGeneralFlag,
11918	"kaslr: vm_prelink_stext 0x%lx vm_prelink_etext 0x%lx \n",
11919	vm_prelink_stext, vm_prelink_etext);
11920	OSKextLog(/ kext / NULL,
11921	kOSKextLogErrorLevel \|
11922	kOSKextLogGeneralFlag,
11923	"kaslr: vm_prelink_sinfo 0x%lx vm_prelink_einfo 0x%lx \n",
11924	vm_prelink_sinfo, vm_prelink_einfo);
11925	OSKextLog(/ kext / NULL,
11926	kOSKextLogErrorLevel \|
11927	kOSKextLogGeneralFlag,
11928	"kaslr: vm_slinkedit 0x%lx vm_elinkedit 0x%lx \n",
11929	vm_slinkedit, vm_elinkedit);
11930	#endif
11931	{ // start block scope
11932	sKextsByID ->iterateObjects(block: ^bool (const OSSymbol * thisKextID, OSObject * obj)
11933	{
11934	OSKext * thisKext = NULL; // do not release
11935	Boolean includeThis = true;
11936	OSSharedPtr<OSDictionary> kextInfo;
11937
11938	thisKext = OSDynamicCast(OSKext, obj);
11939	if (!thisKext) {
11940	return false;
11941	}
11942
11943	/ Skip current kext if not yet started and caller didn't request all.*
11944	*/
11945	if (onlyLoaded && (-`1U` == sLoadedKexts ->getNextIndexOfObject(anObject: thisKext, index: `0`))) {
11946	return false;
11947	}
11948
11949	/ Skip current kext if we have a list of bundle IDs and*
11950	* it isn't in the list.
11951	*/
11952	if (kextIdentifiers) {
11953	includeThis = false;
11954
11955	for (uint32_t idIndex = `0`; idIndex < idCount; idIndex++) {
11956	const OSString * thisRequestID = OSDynamicCast(OSString,
11957	kextIdentifiers->getObject(idIndex));
11958	if (thisKextID->isEqualTo(anObject: thisRequestID)) {
11959	includeThis = true;
11960	break;
11961	}
11962	}
11963	}
11964
11965	if (!includeThis) {
11966	return false;
11967	}
11968
11969	kextInfo = thisKext->copyInfo(keys: infoKeys);
11970	if (kextInfo) {
11971	result ->setObject(aKey: thisKext->getIdentifier(), anObject: kextInfo.get());
11972	}
11973	return false;
11974	});
11975	} // end block scope
11976
11977	finish:
11978	IORecursiveLockUnlock(lock: sKextLock);
11979
11980	return result;
11981	}
11982
11983	/*********************************************************************
11984	* Any info that needs to do allocations must goto finish on alloc
11985	* failure. Info that is just a lookup should just not set the object
11986	* if the info does not exist.
11987	*********************************************************************/
11988	#define _OSKextLoadInfoDictCapacity (12)
11989
11990	OSSharedPtr<OSDictionary>
11991	OSKext::copyInfo(OSArray * infoKeys)
11992	{
11993	OSSharedPtr<OSDictionary> result;
11994	bool success = false;
11995	OSSharedPtr<OSData> headerData;
11996	OSSharedPtr<OSData> logData;
11997	OSSharedPtr<OSNumber> cpuTypeNumber;
11998	OSSharedPtr<OSNumber> cpuSubtypeNumber;
11999	OSString * versionString = NULL; // do not release
12000	OSString * bundleType = NULL; // do not release
12001	uint32_t executablePathCStringSize = `0`;
12002	char * executablePathCString = NULL; // must kfree
12003	OSSharedPtr<OSString> executablePathString;
12004	OSSharedPtr<OSData> uuid;
12005	OSSharedPtr<OSArray> dependencyLoadTags;
12006	OSSharedPtr<OSCollectionIterator> metaClassIterator;
12007	OSSharedPtr<OSArray> metaClassInfo;
12008	OSSharedPtr<OSDictionary> metaClassDict;
12009	OSMetaClass * thisMetaClass = NULL; // do not release
12010	OSSharedPtr<OSString> metaClassName;
12011	OSSharedPtr<OSString> superclassName;
12012	kc_format_t kcformat;
12013	uint32_t count, i;
12014
12015	result = OSDictionary::withCapacity(_OSKextLoadInfoDictCapacity);
12016	if (!result) {
12017	goto finish;
12018	}
12019
12020
12021	/ Empty keys means no keys, but NULL is quicker to check.*
12022	*/
12023	if (infoKeys && !infoKeys->getCount()) {
12024	infoKeys = NULL;
12025	}
12026
12027	if (!PE_get_primary_kc_format(type: &kcformat)) {
12028	goto finish;
12029	}
12030
12031	/ Headers, CPU type, and CPU subtype.*
12032	*/
12033	if (!infoKeys \|\|
12034	_OSArrayContainsCString(array: infoKeys, kOSBundleMachOHeadersKey) \|\|
12035	_OSArrayContainsCString(array: infoKeys, kOSBundleLogStringsKey) \|\|
12036	_OSArrayContainsCString(array: infoKeys, kOSBundleCPUTypeKey) \|\|
12037	_OSArrayContainsCString(array: infoKeys, kOSBundleCPUSubtypeKey)) {
12038	if (linkedExecutable && !isInterface()) {
12039	kernel_mach_header_t kext_mach_hdr = (kernel_mach_header_t )
12040	linkedExecutable ->getBytesNoCopy();
12041
12042	#if !SECURE_KERNEL \|\| XNU_TARGET_OS_OSX
12043	// do not return macho header info on shipping embedded - 19095897
12044	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleMachOHeadersKey)) {
12045	kernel_mach_header_t * temp_kext_mach_hdr;
12046	struct load_command * lcp;
12047
12048	headerData = OSData::withBytes(bytes: kext_mach_hdr,
12049	numBytes: (u_int) (sizeof(*kext_mach_hdr) + kext_mach_hdr->sizeofcmds));
12050	if (!headerData) {
12051	goto finish;
12052	}
12053
12054	// unslide any vmaddrs we return to userspace - 10726716
12055	temp_kext_mach_hdr = (kernel_mach_header_t *)
12056	headerData ->getBytesNoCopy();
12057	if (temp_kext_mach_hdr == NULL) {
12058	goto finish;
12059	}
12060
12061	lcp = (struct load_command *) (temp_kext_mach_hdr + `1`);
12062	for (i = `0`; (i < temp_kext_mach_hdr->ncmds) && !flags.unslidMachO; i++) {
12063	if (lcp->cmd == LC_SEGMENT_KERNEL) {
12064	kernel_segment_command_t * segp;
12065	kernel_section_t * secp;
12066
12067	segp = (kernel_segment_command_t *) lcp;
12068	// 10543468 - if we jettisoned __LINKEDIT clear size info
12069	if (flags.jettisonLinkeditSeg) {
12070	if (strncmp(s1: segp->segname, SEG_LINKEDIT, n: sizeof(segp->segname)) == `0`) {
12071	segp->vmsize = `0`;
12072	segp->fileoff = `0`;
12073	segp->filesize = `0`;
12074	}
12075	}
12076
12077	#if __arm__ \|\| __arm64__
12078	// iBoot disregards zero-size segments, just set their addresses to gVirtBase
12079	// and unslide them to avoid vm assertion failures / kernel logging breakage.
12080	if (segp->vmsize == `0` && segp->vmaddr < gVirtBase) {
12081	segp->vmaddr = gVirtBase;
12082	for (secp = firstsect(sgp: segp); secp != NULL; secp = nextsect(sgp: segp, sp: secp)) {
12083	secp->size = `0`; // paranoia :)
12084	secp->addr = gVirtBase;
12085	}
12086	}
12087	#endif
12088
12089	#if 0
12090	OSKextLog(/ kext / NULL,
12091	kOSKextLogErrorLevel \|
12092	kOSKextLogGeneralFlag,
12093	"%s: LC_SEGMENT_KERNEL segname '%s' vmaddr 0x%llX 0x%lX vmsize %llu nsects %u",
12094	__FUNCTION__, segp->segname, segp->vmaddr,
12095	VM_KERNEL_UNSLIDE(segp->vmaddr),
12096	segp->vmsize, segp->nsects);
12097	if ((VM_KERNEL_IS_SLID(segp->vmaddr) == false) &&
12098	(VM_KERNEL_IS_KEXT(segp->vmaddr) == false) &&
12099	(VM_KERNEL_IS_PRELINKTEXT(segp->vmaddr) == false) &&
12100	(VM_KERNEL_IS_PRELINKINFO(segp->vmaddr) == false) &&
12101	(VM_KERNEL_IS_KEXT_LINKEDIT(segp->vmaddr) == false)) {
12102	OSKextLog(/ kext / NULL,
12103	kOSKextLogErrorLevel \|
12104	kOSKextLogGeneralFlag,
12105	"%s: not in kext range - vmaddr 0x%llX vm_kext_base 0x%lX vm_kext_top 0x%lX",
12106	__FUNCTION__, segp->vmaddr, vm_kext_base, vm_kext_top);
12107	}
12108	#endif
12109	segp->vmaddr = ml_static_unslide(vaddr: segp->vmaddr);
12110
12111	for (secp = firstsect(sgp: segp); secp != NULL; secp = nextsect(sgp: segp, sp: secp)) {
12112	secp->addr = ml_static_unslide(vaddr: secp->addr);
12113	}
12114	}
12115	lcp = (struct load_command *)((caddr_t)lcp + lcp->cmdsize);
12116	}
12117	result ->setObject(kOSBundleMachOHeadersKey, anObject: headerData.get());
12118	}
12119	#endif // !SECURE_KERNEL \|\| XNU_TARGET_OS_OSX
12120
12121	if (_OSArrayContainsCString(array: infoKeys, kOSBundleLogStringsKey)) {
12122	osLogDataHeaderRef *header;
12123	char headerBytes[offsetof(osLogDataHeaderRef, sections) + NUM_OS_LOG_SECTIONS * sizeof(header->sections[`0`])];
12124
12125	void *os_log_data = NULL;
12126	void *cstring_data = NULL;
12127	void *asan_cstring_data = NULL;
12128	unsigned long os_log_size = `0`;
12129	unsigned long cstring_size = `0`;
12130	unsigned long asan_cstring_size = `0`;
12131	uint32_t os_log_offset = `0`;
12132	uint32_t cstring_offset = `0`;
12133	uint32_t asan_cstring_offset = `0`;
12134	bool res;
12135
12136	os_log_data = getsectdatafromheader(kext_mach_hdr, "__TEXT", "__os_log", &os_log_size);
12137	cstring_data = getsectdatafromheader(kext_mach_hdr, "__TEXT", "__cstring", &cstring_size);
12138	asan_cstring_data = getsectdatafromheader(kext_mach_hdr, "__TEXT", "__asan_cstring", &asan_cstring_size);
12139
12140	/*
12141	* If the addresses in the Mach-O header are unslid, manually
12142	* slide them to allow for dereferencing.
12143	*/
12144	if (flags.unslidMachO) {
12145	os_log_data = (os_log_data != nullptr) ? (void)ml_static_slide(vaddr: (vm_offset_t)os_log_data) : nullptr*;
12146	cstring_data = (cstring_data != nullptr) ? (void)ml_static_slide(vaddr: (vm_offset_t)cstring_data) : nullptr*;
12147	asan_cstring_data = (asan_cstring_data != nullptr) ? (void)ml_static_slide(vaddr: (vm_offset_t)asan_cstring_data) : nullptr*;
12148	}
12149
12150	os_log_offset = (uintptr_t)os_log_data - (uintptr_t)kext_mach_hdr;
12151	cstring_offset = (uintptr_t)cstring_data - (uintptr_t)kext_mach_hdr;
12152	asan_cstring_offset = (uintptr_t)asan_cstring_data - (uintptr_t)kext_mach_hdr;
12153
12154	header = (osLogDataHeaderRef *) headerBytes;
12155	header->version = OS_LOG_HDR_VERSION;
12156	header->sect_count = NUM_OS_LOG_SECTIONS;
12157	header->sections[OS_LOG_SECT_IDX].sect_offset = os_log_offset;
12158	header->sections[OS_LOG_SECT_IDX].sect_size = (uint32_t) os_log_size;
12159	header->sections[CSTRING_SECT_IDX].sect_offset = cstring_offset;
12160	header->sections[CSTRING_SECT_IDX].sect_size = (uint32_t) cstring_size;
12161	header->sections[ASAN_CSTRING_SECT_IDX].sect_offset = asan_cstring_offset;
12162	header->sections[ASAN_CSTRING_SECT_IDX].sect_size = (uint32_t) asan_cstring_size;
12163
12164
12165	logData = OSData::withValue(value: *header);
12166	if (!logData) {
12167	goto finish;
12168	}
12169	res = logData ->appendBytes(bytes: &(header->sections[`0`]), numBytes: (u_int)(header->sect_count * sizeof(header->sections[`0`])));
12170	if (!res) {
12171	goto finish;
12172	}
12173	if (os_log_data) {
12174	res = logData ->appendBytes(bytes: os_log_data, numBytes: (u_int)header->sections[OS_LOG_SECT_IDX].sect_size);
12175	if (!res) {
12176	goto finish;
12177	}
12178	}
12179	if (cstring_data) {
12180	res = logData ->appendBytes(bytes: cstring_data, numBytes: (u_int)header->sections[CSTRING_SECT_IDX].sect_size);
12181	if (!res) {
12182	goto finish;
12183	}
12184	}
12185	if (asan_cstring_data) {
12186	res = logData ->appendBytes(bytes: asan_cstring_data, numBytes: (u_int)header->sections[ASAN_CSTRING_SECT_IDX].sect_size);
12187	if (!res) {
12188	goto finish;
12189	}
12190	}
12191	result ->setObject(kOSBundleLogStringsKey, anObject: logData.get());
12192	}
12193
12194	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleCPUTypeKey)) {
12195	cpuTypeNumber = OSNumber::withNumber(
12196	value: (uint64_t) kext_mach_hdr->cputype,
12197	numberOfBits: `8` * sizeof(kext_mach_hdr->cputype));
12198	if (!cpuTypeNumber) {
12199	goto finish;
12200	}
12201	result ->setObject(kOSBundleCPUTypeKey, anObject: cpuTypeNumber.get());
12202	}
12203
12204	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleCPUSubtypeKey)) {
12205	cpuSubtypeNumber = OSNumber::withNumber(
12206	value: (uint64_t) kext_mach_hdr->cpusubtype,
12207	numberOfBits: `8` * sizeof(kext_mach_hdr->cpusubtype));
12208	if (!cpuSubtypeNumber) {
12209	goto finish;
12210	}
12211	result ->setObject(kOSBundleCPUSubtypeKey, anObject: cpuSubtypeNumber.get());
12212	}
12213	} else {
12214	if (isDriverKit() && _OSArrayContainsCString(array: infoKeys, kOSBundleLogStringsKey)) {
12215	osLogDataHeaderRef *header;
12216	char headerBytes[offsetof(osLogDataHeaderRef, sections) + NUM_OS_LOG_SECTIONS * sizeof(header->sections[`0`])];
12217	bool res;
12218
12219	header = (osLogDataHeaderRef *) headerBytes;
12220	header->version = OS_LOG_HDR_VERSION;
12221	header->sect_count = NUM_OS_LOG_SECTIONS;
12222	header->sections[OS_LOG_SECT_IDX].sect_offset = `0`;
12223	header->sections[OS_LOG_SECT_IDX].sect_size = (uint32_t) `0`;
12224	header->sections[CSTRING_SECT_IDX].sect_offset = `0`;
12225	header->sections[CSTRING_SECT_IDX].sect_size = (uint32_t) `0`;
12226	header->sections[ASAN_CSTRING_SECT_IDX].sect_offset = `0`;
12227	header->sections[ASAN_CSTRING_SECT_IDX].sect_size = (uint32_t) `0`;
12228
12229	logData = OSData::withValue(value: *header);
12230	if (!logData) {
12231	goto finish;
12232	}
12233	res = logData ->appendBytes(bytes: &(header->sections[`0`]), numBytes: (u_int)(header->sect_count * sizeof(header->sections[`0`])));
12234	if (!res) {
12235	goto finish;
12236	}
12237	result ->setObject(kOSBundleLogStringsKey, anObject: logData.get());
12238	}
12239	}
12240	}
12241
12242	/ CFBundleIdentifier. We set this regardless because it's just stupid not to.*
12243	*/
12244	result ->setObject(kCFBundleIdentifierKey, anObject: bundleID.get());
12245
12246	/ kOSBundleDextUniqueIdentifierKey if present.*
12247	*/
12248	if (isDriverKit() && dextUniqueID != NULL) {
12249	result ->setObject(kOSBundleDextUniqueIdentifierKey, anObject: dextUniqueID.get());
12250	}
12251
12252	/ CFBundlePackageType*
12253	*/
12254	bundleType = infoDict ? OSDynamicCast(OSString, infoDict ->getObject(kCFBundlePackageTypeKey)): NULL;
12255	if (bundleType) {
12256	result ->setObject(kCFBundlePackageTypeKey, anObject: bundleType);
12257	}
12258
12259	/ CFBundleVersion.*
12260	*/
12261	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kCFBundleVersionKey)) {
12262	versionString = OSDynamicCast(OSString,
12263	getPropertyForHostArch(kCFBundleVersionKey));
12264	if (versionString) {
12265	result ->setObject(kCFBundleVersionKey, anObject: versionString);
12266	}
12267	}
12268
12269	/ OSBundleCompatibleVersion.*
12270	*/
12271	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleCompatibleVersionKey)) {
12272	versionString = OSDynamicCast(OSString,
12273	getPropertyForHostArch(kOSBundleCompatibleVersionKey));
12274	if (versionString) {
12275	result ->setObject(kOSBundleCompatibleVersionKey, anObject: versionString);
12276	}
12277	}
12278
12279	/ Path.*
12280	*/
12281	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundlePathKey)) {
12282	if (path) {
12283	result ->setObject(kOSBundlePathKey, anObject: path.get());
12284	}
12285	}
12286
12287
12288	/ OSBundleExecutablePath.*
12289	*/
12290	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleExecutablePathKey)) {
12291	if (path && executableRelPath) {
12292	uint32_t pathLength = path ->getLength(); // gets incremented below
12293
12294	// +1 for slash, +1 for \0
12295	executablePathCStringSize = pathLength + executableRelPath ->getLength() + `2`;
12296
12297	executablePathCString = (char *)kalloc_data_tag(executablePathCStringSize,
12298	Z_WAITOK, VM_KERN_MEMORY_OSKEXT); // +1 for \0
12299	if (!executablePathCString) {
12300	goto finish;
12301	}
12302	strlcpy(dst: executablePathCString, src: path ->getCStringNoCopy(),
12303	n: executablePathCStringSize);
12304	executablePathCString[pathLength++] = `'/'`;
12305	executablePathCString[pathLength++] = `'\0'`;
12306	strlcat(dst: executablePathCString, src: executableRelPath ->getCStringNoCopy(),
12307	n: executablePathCStringSize);
12308
12309	executablePathString = OSString::withCString(cString: executablePathCString);
12310
12311	if (!executablePathString) {
12312	goto finish;
12313	}
12314
12315	result ->setObject(kOSBundleExecutablePathKey, anObject: executablePathString.get());
12316	} else if (flags.builtin) {
12317	result ->setObject(kOSBundleExecutablePathKey, anObject: bundleID.get());
12318	} else if (isDriverKit()) {
12319	if (path) {
12320	// +1 for slash, +1 for \0
12321	uint32_t pathLength = path ->getLength();
12322	executablePathCStringSize = pathLength + `2`;
12323
12324	executablePathCString = (char *)kalloc_data_tag(executablePathCStringSize,
12325	Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
12326	if (!executablePathCString) {
12327	goto finish;
12328	}
12329	strlcpy(dst: executablePathCString, src: path ->getCStringNoCopy(), n: executablePathCStringSize);
12330	executablePathCString[pathLength++] = `'/'`;
12331	executablePathCString[pathLength++] = `'\0'`;
12332
12333	executablePathString = OSString::withCString(cString: executablePathCString);
12334
12335	if (!executablePathString) {
12336	goto finish;
12337	}
12338
12339	result ->setObject(kOSBundleExecutablePathKey, anObject: executablePathString.get());
12340	}
12341	}
12342	}
12343
12344	/ UUID, if the kext has one.*
12345	*/
12346	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleUUIDKey)) {
12347	uuid = copyUUID();
12348	if (uuid) {
12349	result ->setObject(kOSBundleUUIDKey, anObject: uuid.get());
12350	}
12351	}
12352	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleTextUUIDKey)) {
12353	uuid = copyTextUUID();
12354	if (uuid) {
12355	result ->setObject(kOSBundleTextUUIDKey, anObject: uuid.get());
12356	}
12357	}
12358
12359	/*
12360	* Info.plist digest
12361	*/
12362	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSKextInfoPlistDigestKey)) {
12363	OSData *digest;
12364	digest = infoDict ? OSDynamicCast(OSData, infoDict ->getObject(kOSKextInfoPlistDigestKey)) : NULL;
12365	if (digest) {
12366	result ->setObject(kOSKextInfoPlistDigestKey, anObject: digest);
12367	}
12368	}
12369
12370	/*
12371	* Collection type
12372	*/
12373	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSKextBundleCollectionTypeKey)) {
12374	result ->setObject(kOSKextBundleCollectionTypeKey, anObject: OSString::withCString(cString: getKCTypeString()));
12375	}
12376
12377	/*
12378	* Collection availability
12379	*/
12380	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSKextAuxKCAvailabilityKey)) {
12381	result ->setObject(kOSKextAuxKCAvailabilityKey,
12382	anObject: isLoadable() ? kOSBooleanTrue : kOSBooleanFalse);
12383	}
12384
12385	/*
12386	* Allows user load
12387	*/
12388	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleAllowUserLoadKey)) {
12389	OSBoolean *allowUserLoad = OSDynamicCast(OSBoolean, getPropertyForHostArch(kOSBundleAllowUserLoadKey));
12390	if (allowUserLoad) {
12391	result ->setObject(kOSBundleAllowUserLoadKey, anObject: allowUserLoad);
12392	}
12393	}
12394
12395	/*
12396	* Bundle Dependencies (OSBundleLibraries)
12397	*/
12398	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleLibrariesKey)) {
12399	OSDictionary *libraries = OSDynamicCast(OSDictionary, getPropertyForHostArch(kOSBundleLibrariesKey));
12400	if (libraries) {
12401	result ->setObject(kOSBundleLibrariesKey, anObject: libraries);
12402	}
12403	}
12404
12405	/*****
12406	* OSKernelResource, OSBundleIsInterface, OSBundlePrelinked, OSBundleStarted.
12407	*/
12408	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSKernelResourceKey)) {
12409	result ->setObject(kOSKernelResourceKey,
12410	anObject: isKernelComponent() ? kOSBooleanTrue : kOSBooleanFalse);
12411	}
12412
12413	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleIsInterfaceKey)) {
12414	result ->setObject(kOSBundleIsInterfaceKey,
12415	anObject: isInterface() ? kOSBooleanTrue : kOSBooleanFalse);
12416	}
12417
12418	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundlePrelinkedKey)) {
12419	result ->setObject(kOSBundlePrelinkedKey,
12420	anObject: isPrelinked() ? kOSBooleanTrue : kOSBooleanFalse);
12421	}
12422
12423	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleStartedKey)) {
12424	result ->setObject(kOSBundleStartedKey,
12425	anObject: isStarted() ? kOSBooleanTrue : kOSBooleanFalse);
12426	}
12427
12428	/ LoadTag (Index).*
12429	*/
12430	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleLoadTagKey)) {
12431	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(value: (unsigned long long)loadTag,
12432	/ numBits / numberOfBits: `8` * sizeof(loadTag));
12433	if (!scratchNumber) {
12434	goto finish;
12435	}
12436	result ->setObject(kOSBundleLoadTagKey, anObject: scratchNumber.get());
12437	}
12438
12439	/ LoadAddress, LoadSize.*
12440	*/
12441	if (!infoKeys \|\|
12442	_OSArrayContainsCString(array: infoKeys, kOSBundleLoadAddressKey) \|\|
12443	_OSArrayContainsCString(array: infoKeys, kOSBundleLoadSizeKey) \|\|
12444	_OSArrayContainsCString(array: infoKeys, kOSBundleExecLoadAddressKey) \|\|
12445	_OSArrayContainsCString(array: infoKeys, kOSBundleExecLoadSizeKey) \|\|
12446	_OSArrayContainsCString(array: infoKeys, kOSBundleWiredSizeKey)) {
12447	bool is_dext = isDriverKit();
12448	if (isInterface() \|\| flags.builtin \|\| linkedExecutable \|\| is_dext) {
12449	/ These go to userspace via serialization, so we don't want any doubts*
12450	* about their size.
12451	*/
12452	uint64_t loadAddress = `0`;
12453	uint32_t loadSize = `0`;
12454	uint32_t wiredSize = `0`;
12455	uint64_t execLoadAddress = `0`;
12456	uint32_t execLoadSize = `0`;
12457
12458	/ Interfaces always report 0 load address & size.*
12459	* Just the way they roll.
12460	*
12461	* xxx - leaving in # when we have a linkedExecutable...a kernelcomp
12462	* xxx - shouldn't have one!
12463	*/
12464
12465	if (flags.builtin \|\| linkedExecutable) {
12466	kernel_mach_header_t *mh = NULL;
12467	kernel_segment_command_t *seg = NULL;
12468
12469	if (flags.builtin) {
12470	loadAddress = kmod_info->address;
12471	loadSize = (uint32_t)kmod_info->size;
12472	} else {
12473	loadAddress = (uint64_t)linkedExecutable ->getBytesNoCopy();
12474	loadSize = linkedExecutable ->getLength();
12475	}
12476	mh = (kernel_mach_header_t *)loadAddress;
12477	loadAddress = ml_static_unslide(vaddr: loadAddress);
12478
12479	/ Walk through the kext, looking for the first executable*
12480	* segment in case we were asked for its size/address.
12481	*/
12482	for (seg = firstsegfromheader(header: mh); seg != NULL; seg = nextsegfromheader(header: mh, seg)) {
12483	if (seg->initprot & VM_PROT_EXECUTE) {
12484	execLoadAddress = (flags.unslidMachO) ? seg->vmaddr : ml_static_unslide(vaddr: seg->vmaddr);
12485	execLoadSize = (uint32_t)seg->vmsize;
12486	break;
12487	}
12488	}
12489
12490	/ If we have a kmod_info struct, calculated the wired size*
12491	* from that. Otherwise it's the full load size.
12492	*/
12493	if (kmod_info) {
12494	wiredSize = loadSize - (uint32_t)kmod_info->hdr_size;
12495	} else {
12496	wiredSize = loadSize;
12497	}
12498	} else if (is_dext) {
12499	/*
12500	* DriverKit userspace executables do not have a kernel linkedExecutable,
12501	* so we "fake" their address range with the LoadTag.
12502	*/
12503	if (loadTag) {
12504	loadAddress = execLoadAddress = loadTag;
12505	loadSize = execLoadSize = `1`;
12506	}
12507	}
12508
12509	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleLoadAddressKey)) {
12510	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12511	value: (unsigned long long)(loadAddress),
12512	/ numBits / numberOfBits: `8` * sizeof(loadAddress));
12513	if (!scratchNumber) {
12514	goto finish;
12515	}
12516	result ->setObject(kOSBundleLoadAddressKey, anObject: scratchNumber.get());
12517	}
12518	if (kcformat == KCFormatStatic \|\| kcformat == KCFormatKCGEN) {
12519	if ((!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleCacheLoadAddressKey))
12520	&& loadAddress && loadSize) {
12521	void *baseAddress = PE_get_kc_baseaddress(type: KCKindPrimary);
12522	if (!baseAddress) {
12523	goto finish;
12524	}
12525
12526	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12527	value: (unsigned long long)ml_static_unslide(vaddr: (vm_offset_t)baseAddress),
12528	/ numBits / numberOfBits: `8` * sizeof(loadAddress));
12529	if (!scratchNumber) {
12530	goto finish;
12531	}
12532	result ->setObject(kOSBundleCacheLoadAddressKey, anObject: scratchNumber.get());
12533	}
12534	if ((!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleKextsInKernelTextKey))
12535	&& (this == sKernelKext) && gBuiltinKmodsCount) {
12536	result ->setObject(kOSBundleKextsInKernelTextKey, anObject: kOSBooleanTrue);
12537	}
12538	}
12539
12540	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleExecLoadAddressKey)) {
12541	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12542	value: (unsigned long long)(execLoadAddress),
12543	/ numBits / numberOfBits: `8` * sizeof(execLoadAddress));
12544	if (!scratchNumber) {
12545	goto finish;
12546	}
12547	result ->setObject(kOSBundleExecLoadAddressKey, anObject: scratchNumber.get());
12548	}
12549	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleLoadSizeKey)) {
12550	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12551	value: (unsigned long long)(loadSize),
12552	/ numBits / numberOfBits: `8` * sizeof(loadSize));
12553	if (!scratchNumber) {
12554	goto finish;
12555	}
12556	result ->setObject(kOSBundleLoadSizeKey, anObject: scratchNumber.get());
12557	}
12558	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleExecLoadSizeKey)) {
12559	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12560	value: (unsigned long long)(execLoadSize),
12561	/ numBits / numberOfBits: `8` * sizeof(execLoadSize));
12562	if (!scratchNumber) {
12563	goto finish;
12564	}
12565	result ->setObject(kOSBundleExecLoadSizeKey, anObject: scratchNumber.get());
12566	}
12567	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleWiredSizeKey)) {
12568	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12569	value: (unsigned long long)(wiredSize),
12570	/ numBits / numberOfBits: `8` * sizeof(wiredSize));
12571	if (!scratchNumber) {
12572	goto finish;
12573	}
12574	result ->setObject(kOSBundleWiredSizeKey, anObject: scratchNumber.get());
12575	}
12576	}
12577	}
12578
12579	/ OSBundleDependencies. In descending order for*
12580	* easy compatibility with kextstat(8).
12581	*/
12582	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleDependenciesKey)) {
12583	if ((count = getNumDependencies())) {
12584	dependencyLoadTags = OSArray::withCapacity(capacity: count);
12585	result ->setObject(kOSBundleDependenciesKey, anObject: dependencyLoadTags.get());
12586
12587	i = count - `1`;
12588	do {
12589	OSKext * dependency = OSDynamicCast(OSKext,
12590	dependencies ->getObject(i));
12591
12592	if (!dependency) {
12593	continue;
12594	}
12595	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12596	value: (unsigned long long)dependency->getLoadTag(),
12597	/ numBits/ numberOfBits: `8` * sizeof(loadTag));
12598	if (!scratchNumber) {
12599	goto finish;
12600	}
12601	dependencyLoadTags ->setObject(scratchNumber.get());
12602	} while (i--);
12603	}
12604	}
12605
12606	/ OSBundleMetaClasses.*
12607	*/
12608	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleClassesKey)) {
12609	if (metaClasses && metaClasses ->getCount()) {
12610	metaClassIterator = OSCollectionIterator::withCollection(inColl: metaClasses.get());
12611	metaClassInfo = OSArray::withCapacity(capacity: metaClasses ->getCount());
12612	if (!metaClassIterator \|\| !metaClassInfo) {
12613	goto finish;
12614	}
12615	result ->setObject(kOSBundleClassesKey, anObject: metaClassInfo.get());
12616
12617	while ((thisMetaClass = OSDynamicCast(OSMetaClass,
12618	metaClassIterator ->getNextObject()))) {
12619	metaClassDict = OSDictionary::withCapacity(capacity: `3`);
12620	if (!metaClassDict) {
12621	goto finish;
12622	}
12623
12624	metaClassName = OSString::withCString(cString: thisMetaClass->getClassName());
12625	if (thisMetaClass->getSuperClass()) {
12626	superclassName = OSString::withCString(
12627	cString: thisMetaClass->getSuperClass()->getClassName());
12628	}
12629	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(value: thisMetaClass->getInstanceCount(),
12630	numberOfBits: `8` * sizeof(unsigned int));
12631
12632	/ Bail if any of the essentials is missing. The root class lacks a superclass,*
12633	* of course.
12634	*/
12635	if (!metaClassDict \|\| !metaClassName \|\| !scratchNumber) {
12636	goto finish;
12637	}
12638
12639	metaClassInfo ->setObject(metaClassDict.get());
12640	metaClassDict ->setObject(kOSMetaClassNameKey, anObject: metaClassName.get());
12641	if (superclassName) {
12642	metaClassDict ->setObject(kOSMetaClassSuperclassNameKey, anObject: superclassName.get());
12643	}
12644	metaClassDict ->setObject(kOSMetaClassTrackingCountKey, anObject: scratchNumber.get());
12645	}
12646	}
12647	}
12648
12649	/ OSBundleRetainCount.*
12650	*/
12651	if (!infoKeys \|\| _OSArrayContainsCString(array: infoKeys, kOSBundleRetainCountKey)) {
12652	{
12653	int kextRetainCount = getRetainCount() - `1`;
12654	if (isLoaded()) {
12655	kextRetainCount--;
12656	}
12657	OSSharedPtr<OSNumber> scratchNumber = OSNumber::withNumber(
12658	value: (int)kextRetainCount,
12659	/ numBits/ numberOfBits: `8` * sizeof(int));
12660	if (scratchNumber) {
12661	result ->setObject(kOSBundleRetainCountKey, anObject: scratchNumber.get());
12662	}
12663	}
12664	}
12665
12666	success = true;
12667
12668	finish:
12669	if (executablePathCString) {
12670	kfree_data(executablePathCString, executablePathCStringSize);
12671	}
12672	if (!success) {
12673	result.reset();
12674	}
12675	return result;
12676	}
12677
12678	/*********************************************************************
12679	*********************************************************************/
12680	/ static /
12681	bool
12682	OSKext::copyUserExecutablePath(const OSSymbol * bundleID, char * pathResult, size_t pathSize)
12683	{
12684	bool ok;
12685	OSSharedPtr<OSKext> kext;
12686
12687	IORecursiveLockLock(lock: sKextLock);
12688	kext.reset(OSDynamicCast(OSKext, sKextsByID ->getObject(bundleID)), OSRetain);
12689	IORecursiveLockUnlock(lock: sKextLock);
12690
12691	if (!kext \|\| !kext ->path \|\| !kext ->userExecutableRelPath) {
12692	return false;
12693	}
12694	snprintf(pathResult, count: pathSize, "%s/Contents/MacOS/%s",
12695	kext ->path ->getCStringNoCopy(),
12696	kext ->userExecutableRelPath ->getCStringNoCopy());
12697	ok = true;
12698
12699	return ok;
12700	}
12701
12702	/*********************************************************************
12703	*********************************************************************/
12704	/ static /
12705	OSReturn
12706	OSKext::requestResource(
12707	const char * kextIdentifierCString,
12708	const char * resourceNameCString,
12709	OSKextRequestResourceCallback callback,
12710	void * context,
12711	OSKextRequestTag * requestTagOut)
12712	{
12713	OSReturn result = kOSReturnError;
12714	OSSharedPtr<OSKext> callbackKext; // looked up
12715
12716	OSKextRequestTag requestTag = -`1`;
12717	OSSharedPtr<OSNumber> requestTagNum;
12718	OSSharedPtr<OSDictionary> requestDict;
12719	OSSharedPtr<OSString> kextIdentifier;
12720	OSSharedPtr<OSString> resourceName;
12721
12722	OSSharedPtr<OSDictionary> callbackRecord;
12723	OSSharedPtr<OSValueObject<OSKextRequestResourceCallback> > callbackWrapper;
12724
12725	OSSharedPtr<OSValueObject<void *> > contextWrapper;
12726
12727	IORecursiveLockLock(lock: sKextLock);
12728
12729	if (requestTagOut) {
12730	*requestTagOut = kOSKextRequestTagInvalid;
12731	}
12732
12733	/ If requests to user space are disabled, don't go any further /
12734	if (!sKernelRequestsEnabled) {
12735	OSKextLog(/ kext / NULL,
12736	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
12737	format: "Can't request resource %s for %s - requests to user space are disabled.",
12738	resourceNameCString,
12739	kextIdentifierCString);
12740	result = kOSKextReturnDisabled;
12741	goto finish;
12742	}
12743
12744	if (!kextIdentifierCString \|\| !resourceNameCString \|\| !callback) {
12745	result = kOSKextReturnInvalidArgument;
12746	goto finish;
12747	}
12748
12749	callbackKext = OSKext::lookupKextWithAddress(address: (vm_address_t)callback);
12750	if (!callbackKext) {
12751	OSKextLog(/ kext / NULL,
12752	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
12753	format: "Resource request has bad callback address.");
12754	result = kOSKextReturnInvalidArgument;
12755	goto finish;
12756	}
12757	if (!callbackKext ->flags.starting && !callbackKext ->flags.started) {
12758	OSKextLog(/ kext / NULL,
12759	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
12760	format: "Resource request callback is in a kext that is not started.");
12761	result = kOSKextReturnInvalidArgument;
12762	goto finish;
12763	}
12764
12765	/ Do not allow any new requests to be made on a kext that is unloading.*
12766	*/
12767	if (callbackKext ->flags.stopping) {
12768	result = kOSKextReturnStopping;
12769	goto finish;
12770	}
12771
12772	/ If we're wrapped the next available request tag around to the negative*
12773	* numbers, we can't service any more requests.
12774	*/
12775	if (sNextRequestTag == kOSKextRequestTagInvalid) {
12776	OSKextLog(/ kext / NULL,
12777	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
12778	format: "No more request tags available; restart required.");
12779	result = kOSKextReturnNoResources;
12780	goto finish;
12781	}
12782	requestTag = sNextRequestTag++;
12783
12784	result = _OSKextCreateRequest(kKextRequestPredicateRequestResource,
12785	requestP&: requestDict);
12786	if (result != kOSReturnSuccess) {
12787	goto finish;
12788	}
12789
12790	kextIdentifier = OSString::withCString(cString: kextIdentifierCString);
12791	resourceName = OSString::withCString(cString: resourceNameCString);
12792	requestTagNum = OSNumber::withNumber(value: (long long unsigned int)requestTag,
12793	numberOfBits: `8` * sizeof(requestTag));
12794	if (!kextIdentifier \|\|
12795	!resourceName \|\|
12796	!requestTagNum \|\|
12797	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12798	kKextRequestArgumentBundleIdentifierKey, value: kextIdentifier.get()) \|\|
12799	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12800	kKextRequestArgumentNameKey, value: resourceName.get()) \|\|
12801	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12802	kKextRequestArgumentRequestTagKey, value: requestTagNum.get())) {
12803	result = kOSKextReturnNoMemory;
12804	goto finish;
12805	}
12806
12807	callbackRecord = OSDynamicPtrCast<OSDictionary>(source: requestDict ->copyCollection());
12808	if (!callbackRecord) {
12809	result = kOSKextReturnNoMemory;
12810	goto finish;
12811	}
12812	// we validate callback address at call time
12813	callbackWrapper = OSValueObjectWithValue(value: callback);
12814	if (context) {
12815	contextWrapper = OSValueObjectWithValue(value: context);
12816	}
12817	if (!callbackWrapper \|\| !_OSKextSetRequestArgument(requestDict: callbackRecord.get(),
12818	kKextRequestArgumentCallbackKey, value: callbackWrapper.get())) {
12819	result = kOSKextReturnNoMemory;
12820	goto finish;
12821	}
12822
12823	if (context) {
12824	if (!contextWrapper \|\| !_OSKextSetRequestArgument(requestDict: callbackRecord.get(),
12825	kKextRequestArgumentContextKey, value: contextWrapper.get())) {
12826	result = kOSKextReturnNoMemory;
12827	goto finish;
12828	}
12829	}
12830
12831	/ Only post the requests after all the other potential failure points*
12832	* have been passed.
12833	*/
12834	if (!sKernelRequests ->setObject(requestDict.get()) \|\|
12835	!sRequestCallbackRecords ->setObject(callbackRecord.get())) {
12836	result = kOSKextReturnNoMemory;
12837	goto finish;
12838	}
12839
12840	OSKext::pingIOKitDaemon();
12841
12842	result = kOSReturnSuccess;
12843	if (requestTagOut) {
12844	*requestTagOut = requestTag;
12845	}
12846
12847	finish:
12848
12849	/ If we didn't succeed, yank the request & callback*
12850	* from their holding arrays.
12851	*/
12852	if (result != kOSReturnSuccess) {
12853	unsigned int index;
12854
12855	index = sKernelRequests ->getNextIndexOfObject(anObject: requestDict.get(), index: `0`);
12856	if (index != (unsigned int)-`1`) {
12857	sKernelRequests ->removeObject(index);
12858	}
12859	index = sRequestCallbackRecords ->getNextIndexOfObject(anObject: callbackRecord.get(), index: `0`);
12860	if (index != (unsigned int)-`1`) {
12861	sRequestCallbackRecords ->removeObject(index);
12862	}
12863	}
12864
12865	OSKext::considerUnloads(/ rescheduleOnly? / rescheduleOnlyFlag: true);
12866
12867	IORecursiveLockUnlock(lock: sKextLock);
12868
12869	return result;
12870	}
12871
12872	OSReturn
12873	OSKext::requestDaemonLaunch(
12874	OSString *kextIdentifier,
12875	OSString *serverName,
12876	OSNumber *serverTag,
12877	OSBoolean *reslide,
12878	IOUserServerCheckInToken * checkInToken,
12879	OSData *serverDUI)
12880	{
12881	OSReturn result = kOSReturnError;
12882	OSSharedPtr<OSDictionary> requestDict;
12883	unsigned int size = `0`;
12884	const char *dextUniqueIDCString = NULL;
12885
12886	if (!kextIdentifier \|\| !serverName \|\| !serverTag \|\| !checkInToken) {
12887	return kOSKextReturnInvalidArgument;
12888	}
12889
12890	if (serverDUI != NULL) {
12891	dextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: serverDUI, size: &size);
12892	}
12893
12894	IORecursiveLockLock(lock: sKextLock);
12895
12896	OSKextLog(/ kext / NULL,
12897	kOSKextLogDebugLevel \|
12898	kOSKextLogGeneralFlag,
12899	format: "Requesting daemon launch for %s %s with serverName %s and tag %llu%s",
12900	kextIdentifier->getCStringNoCopy(),
12901	(dextUniqueIDCString != NULL)?dextUniqueIDCString:"",
12902	serverName->getCStringNoCopy(),
12903	serverTag->unsigned64BitValue(),
12904	reslide == kOSBooleanTrue ? " with reslid shared cache" : ""
12905	);
12906
12907	result = _OSKextCreateRequest(kKextRequestPredicateRequestDaemonLaunch, requestP&: requestDict);
12908	if (result != kOSReturnSuccess) {
12909	goto finish;
12910	}
12911
12912	if (!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12913	kKextRequestArgumentBundleIdentifierKey, value: kextIdentifier) \|\|
12914	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12915	kKextRequestArgumentDriverExtensionServerName, value: serverName) \|\|
12916	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12917	kKextRequestArgumentDriverExtensionServerTag, value: serverTag) \|\|
12918	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12919	kKextRequestArgumentDriverExtensionReslideSharedCache, value: reslide) \|\|
12920	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12921	kKextRequestArgumentCheckInToken, value: checkInToken)) {
12922	result = kOSKextReturnNoMemory;
12923	goto finish;
12924	}
12925
12926	if (serverDUI) {
12927	if (!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12928	kOSBundleDextUniqueIdentifierKey, value: serverDUI)) {
12929	result = kOSKextReturnNoMemory;
12930	goto finish;
12931	}
12932	}
12933
12934	/ Only post the requests after all the other potential failure points*
12935	* have been passed.
12936	*/
12937	if (!sKernelRequests ->setObject(requestDict.get())) {
12938	result = kOSKextReturnNoMemory;
12939	goto finish;
12940	}
12941	OSKext::pingIOKitDaemon();
12942
12943	result = kOSReturnSuccess;
12944	finish:
12945	IORecursiveLockUnlock(lock: sKextLock);
12946	if (dextUniqueIDCString) {
12947	kfree_data(dextUniqueIDCString, size);
12948	}
12949	return result;
12950	}
12951
12952	OSReturn
12953	OSKext::notifyDextUpgrade(
12954	OSString *kextIdentifier,
12955	OSData *dextUniqueIdentifier)
12956	{
12957	OSReturn result = kOSReturnError;
12958	OSSharedPtr<OSDictionary> requestDict;
12959	unsigned int size = `0`;
12960	const char *dextUniqueIDCString = getDextUniqueIDCString(dextUniqueID: dextUniqueIdentifier, size: &size);
12961	assert(dextUniqueIDCString != NULL);
12962
12963	IORecursiveLockLock(lock: sKextLock);
12964
12965	OSKextLog(NULL,
12966	kOSKextLogDebugLevel \|
12967	kOSKextLogGeneralFlag,
12968	format: "Notifying of dext upgrade for %s with UniqueID %s",
12969	kextIdentifier->getCStringNoCopy(), dextUniqueIDCString);
12970
12971	result = _OSKextCreateRequest(kKextRequestPredicateRequestDaemonUpgradeNotification, requestP&: requestDict);
12972	if (result != kOSReturnSuccess) {
12973	goto finish;
12974	}
12975
12976	if (!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12977	kKextRequestArgumentBundleIdentifierKey, value: kextIdentifier) \|\|
12978	!_OSKextSetRequestArgument(requestDict: requestDict.get(),
12979	kKextRequestArgumentDriverUniqueIdentifier, value: dextUniqueIdentifier)) {
12980	result = kOSKextReturnNoMemory;
12981	goto finish;
12982	}
12983
12984	/ Only post the requests after all the other potential failure points*
12985	* have been passed.
12986	*/
12987	if (!sKernelRequests ->setObject(requestDict.get())) {
12988	result = kOSKextReturnNoMemory;
12989	goto finish;
12990	}
12991	OSKext::pingIOKitDaemon();
12992
12993	result = kOSReturnSuccess;
12994	finish:
12995	IORecursiveLockUnlock(lock: sKextLock);
12996
12997	if (dextUniqueIDCString != NULL) {
12998	kfree_data(dextUniqueIDCString, size);
12999	}
13000	return result;
13001	}
13002
13003	/*********************************************************************
13004	* Assumes sKextLock is held.
13005	*********************************************************************/
13006	/ static /
13007	OSReturn
13008	OSKext::dequeueCallbackForRequestTag(
13009	OSKextRequestTag requestTag,
13010	OSSharedPtr<OSDictionary> &callbackRecordOut)
13011	{
13012	OSDictionary * callbackRecordOutRaw = NULL;
13013	OSReturn result;
13014
13015	result = dequeueCallbackForRequestTag(requestTag,
13016	callbackRecordOut: &callbackRecordOutRaw);
13017
13018	if (kOSReturnSuccess == result) {
13019	callbackRecordOut.reset(p: callbackRecordOutRaw, OSNoRetain);
13020	}
13021
13022	return result;
13023	}
13024	OSReturn
13025	OSKext::dequeueCallbackForRequestTag(
13026	OSKextRequestTag requestTag,
13027	OSDictionary ** callbackRecordOut)
13028	{
13029	OSReturn result = kOSReturnError;
13030	OSSharedPtr<OSNumber> requestTagNum;
13031
13032	requestTagNum = OSNumber::withNumber(value: (long long unsigned int)requestTag,
13033	numberOfBits: `8` * sizeof(requestTag));
13034	if (!requestTagNum) {
13035	goto finish;
13036	}
13037
13038	result = OSKext::dequeueCallbackForRequestTag(requestTagNum: requestTagNum.get(),
13039	callbackRecordOut);
13040
13041	finish:
13042	return result;
13043	}
13044
13045	/*********************************************************************
13046	* Assumes sKextLock is held.
13047	*********************************************************************/
13048	/ static /
13049	OSReturn
13050	OSKext::dequeueCallbackForRequestTag(
13051	OSNumber * requestTagNum,
13052	OSSharedPtr<OSDictionary> &callbackRecordOut)
13053	{
13054	OSDictionary * callbackRecordOutRaw = NULL;
13055	OSReturn result;
13056
13057	result = dequeueCallbackForRequestTag(requestTagNum,
13058	callbackRecordOut: &callbackRecordOutRaw);
13059
13060	if (kOSReturnSuccess == result) {
13061	callbackRecordOut.reset(p: callbackRecordOutRaw, OSNoRetain);
13062	}
13063
13064	return result;
13065	}
13066	OSReturn
13067	OSKext::dequeueCallbackForRequestTag(
13068	OSNumber * requestTagNum,
13069	OSDictionary ** callbackRecordOut)
13070	{
13071	OSReturn result = kOSKextReturnInvalidArgument;
13072	OSDictionary * callbackRecord = NULL; // retain if matched!
13073	OSNumber * callbackTagNum = NULL; // do not release
13074	unsigned int count, i;
13075
13076	result = kOSReturnError;
13077	count = sRequestCallbackRecords ->getCount();
13078	for (i = `0`; i < count; i++) {
13079	callbackRecord = OSDynamicCast(OSDictionary,
13080	sRequestCallbackRecords ->getObject(i));
13081	if (!callbackRecord) {
13082	goto finish;
13083	}
13084
13085	/ If we don't find a tag, we basically have a leak here. Maybe*
13086	* we should just remove it.
13087	*/
13088	callbackTagNum = OSDynamicCast(OSNumber, _OSKextGetRequestArgument(
13089	callbackRecord, kKextRequestArgumentRequestTagKey));
13090	if (!callbackTagNum) {
13091	goto finish;
13092	}
13093
13094	/ We could be even more paranoid and check that all the incoming*
13095	* args match what's in the callback record.
13096	*/
13097	if (callbackTagNum->isEqualTo(aNumber: requestTagNum)) {
13098	if (callbackRecordOut) {
13099	*callbackRecordOut = callbackRecord;
13100	callbackRecord->retain();
13101	}
13102	sRequestCallbackRecords ->removeObject(index: i);
13103	result = kOSReturnSuccess;
13104	goto finish;
13105	}
13106	}
13107	result = kOSKextReturnNotFound;
13108
13109	finish:
13110	return result;
13111	}
13112
13113
13114	/*********************************************************************
13115	* Busy timeout triage
13116	*********************************************************************/
13117	/ static /
13118	bool
13119	OSKext::pendingIOKitDaemonRequests(void)
13120	{
13121	return sRequestCallbackRecords && sRequestCallbackRecords ->getCount();
13122	}
13123
13124	/*********************************************************************
13125	* Acquires and releases sKextLock
13126	*
13127	* This function is designed to be called by kernelmanagerd and driverkitd
13128	* and it gathers all codeless kext and dext personalities, and then attempts
13129	* to map a System (pageable) KC and an Auxiliary (aux) KC.
13130	*
13131	* The pageable and aux KC can be loaded only once at boot time.
13132	* Even if the pageable or aux KC fail to load - this function will
13133	* not allow a new pageable or aux KC to be installed by subsequent calls.
13134	* This is done to avoid security issues where userspace has been compromised
13135	* or the pageable kc has been tampered with and the attacker
13136	* attempts to re-load a malicious variant.
13137	* However dexts can be dynamically loaded, so this function can be used
13138	* to request the installation of a new set of dexts even after boot time.
13139	*
13140	*
13141	*
13142	* Return: if a KC fails to load the return value will contain:
13143	* kOSKextReturnKCLoadFailure. If the pageable KC fails,
13144	* the return value will contain kOSKextReturnKCLoadFailureSystemKC.
13145	* Similarly, if the aux kc load fails, the return value will
13146	* contain kOSKextReturnKCLoadFailureAuxKC. The two values
13147	* compose with each other and with kOSKextReturnKCLoadFailure.
13148	*********************************************************************/
13149	/ static /
13150	OSReturn
13151	OSKext::loadFileSetKexts(OSDictionary * requestDict __unused)
13152	{
13153	static bool daemon_ready = false;
13154
13155	OSReturn ret = kOSKextReturnInvalidArgument;
13156	OSReturn kcerr = `0`;
13157	bool start_matching = false;
13158
13159	bool allow_fileset_load = !daemon_ready;
13160	#if !(defined(__x86_64__) \|\| defined(__i386__))
13161	/ never allow KCs full of kexts on non-x86 machines /
13162	allow_fileset_load = false;
13163	#endif
13164
13165	/*
13166	* Change with 70582300
13167	*/
13168	#if 0 \|\| !defined(VM_MAPPED_KEXTS)
13169	/*
13170	* On platforms that don't support the SystemKC or a file-backed
13171	* AuxKC, the kext receipt for 3rd party kexts loaded by the booter
13172	* needs to be queried before we load any codeless kexts or release
13173	* any 3rd party kexts to run. On platforms that support a file-backed
13174	* AuxKC, this process is done via the kext audit mechanism.
13175	*/
13176
13177	printf("KextLog: waiting for kext receipt to be queried.\n");
13178	while (!IOServiceWaitForMatchingResource(kOSKextReceiptQueried, UINT64_MAX)) {
13179	IOSleep(`30`);
13180	}
13181	#endif /* !VM_MAPPED_KEXTS */
13182
13183	/*
13184	* Get the args from the request. Right now we need the file
13185	* name for the pageable and the aux kext collection file sets.
13186	*/
13187	OSDictionary * requestArgs = NULL; // do not release
13188	OSString * pageable_filepath = NULL; // do not release
13189	OSString * aux_filepath = NULL; // do not release
13190	OSArray * codeless_kexts = NULL; // do not release
13191
13192	kernel_mach_header_t *akc_mh = NULL;
13193
13194	requestArgs = OSDynamicCast(OSDictionary,
13195	requestDict->getObject(kKextRequestArgumentsKey));
13196
13197	if (requestArgs == NULL) {
13198	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13199	format: "KextLog: No arguments in plist for loading fileset kext\n");
13200	printf("KextLog: No arguments in plist for loading fileset kext\n");
13201	return ret;
13202	}
13203
13204	ret = kOSKextReturnDisabled;
13205
13206	IORecursiveLockLock(lock: sKextLock);
13207
13208	if (!sLoadEnabled) {
13209	OSKextLog(NULL, kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
13210	format: "KextLog: Kext loading is disabled (attempt to load KCs).");
13211	IORecursiveLockUnlock(lock: sKextLock);
13212	return ret;
13213	}
13214
13215	pageable_filepath = OSDynamicCast(OSString,
13216	requestArgs->getObject(kKextRequestArgumentPageableKCFilename));
13217
13218	if (allow_fileset_load && pageable_filepath != NULL) {
13219	printf("KextLog: Loading Pageable KC from file %s\n", pageable_filepath->getCStringNoCopy());
13220
13221	ret = OSKext::loadKCFileSet(filepath: pageable_filepath->getCStringNoCopy(), type: KCKindPageable);
13222	if (ret) {
13223	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13224	format: "KextLog: loadKCFileSet for Pageable KC returned %d\n", ret);
13225
13226	printf("KextLog: loadKCFileSet for Pageable KC returned %d\n", ret);
13227	ret = kOSKextReturnKCLoadFailure;
13228	kcerr \|= kOSKextReturnKCLoadFailureSystemKC;
13229	goto try_auxkc;
13230	}
13231	/*
13232	* Even if the AuxKC fails to load, we still want to send
13233	* the System KC personalities to the catalog for matching
13234	*/
13235	start_matching = true;
13236	} else if (pageable_filepath != NULL) {
13237	OSKextLog(/ kext / NULL, kOSKextLogBasicLevel \| kOSKextLogIPCFlag,
13238	format: "KextLog: ignoring Pageable KC load from %s\n", pageable_filepath->getCStringNoCopy());
13239	ret = kOSKextReturnUnsupported;
13240	}
13241
13242	try_auxkc:
13243	akc_mh = (kernel_mach_header_t*)PE_get_kc_header(type: KCKindAuxiliary);
13244	if (akc_mh) {
13245	/*
13246	* If we try to load a deferred AuxKC, then don't ever attempt
13247	* a filesystem map of a file
13248	*/
13249	allow_fileset_load = false;
13250
13251	/*
13252	* This function is only called once per boot, so we haven't
13253	* yet loaded an AuxKC. If we have registered the AuxKC mach
13254	* header, that means that the kext collection has been placed
13255	* in memory for us by the booter, and is waiting for us to
13256	* process it. Grab the deferred XML plist of info
13257	* dictionaries and add all the kexts.
13258	*/
13259	OSSharedPtr<OSObject> parsedXML;
13260	OSSharedPtr<OSData> loaded_kcUUID;
13261	OSDictionary *infoDict;
13262	parsedXML = consumeDeferredKextCollection(type: KCKindAuxiliary);
13263	infoDict = OSDynamicCast(OSDictionary, parsedXML.get());
13264	#if !defined(VM_MAPPED_KEXTS)
13265	/*
13266	* On platforms where we don't dynamically wire-down / page-in
13267	* kext memory, we need to maintain the invariant that if the
13268	* AuxKC in memory does not contain a kext receipt, then we
13269	* should not load any of the kexts.
13270	*/
13271	size_t receipt_sz = `0`;
13272	if (getsectdatafromheader(akc_mh, kReceiptInfoSegment, kAuxKCReceiptSection, &receipt_sz) == NULL \|\| receipt_sz == `0`) {
13273	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
13274	"KextLog: WARNING: Failed to load AuxKC from memory: missing receipt");
13275	ret = kOSKextReturnKCLoadFailure;
13276	goto try_codeless;
13277	}
13278	#endif
13279	if (infoDict) {
13280	bool added;
13281	printf("KextLog: Adding kexts from in-memory AuxKC\n");
13282	added = OSKext::addKextsFromKextCollection(mh: akc_mh, infoDict,
13283	kPrelinkTextSegment, kcUUID&: loaded_kcUUID, type: KCKindAuxiliary);
13284	if (!loaded_kcUUID) {
13285	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
13286	format: "KextLog: WARNING: did not find UUID in deferred Aux KC!");
13287	} else if (!added) {
13288	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
13289	format: "KextLog: WARNING: Failed to load AuxKC from memory.");
13290	}
13291	/ only return success if the pageable load (above) was successful /
13292	if (ret != kOSKextReturnKCLoadFailure) {
13293	ret = kOSReturnSuccess;
13294	}
13295	/ the registration of the AuxKC parsed out the KC's UUID already /
13296	} else {
13297	if (daemon_ready) {
13298	/*
13299	* Complain, but don't return an error if this isn't the first time the
13300	* IOKit daemon is checking in. If the daemon ever restarts, we will
13301	* hit this case because we've already consumed the deferred personalities.
13302	* We return success here so that a call to this function from a restarted
13303	* daemon with no codeless kexts will succeed.
13304	*/
13305	OSKextLog(/ kext / NULL, kOSKextLogBasicLevel \| kOSKextLogIPCFlag,
13306	format: "KextLog: can't re-parse deferred AuxKC personalities on IOKit daemon restart");
13307	if (ret != kOSKextReturnKCLoadFailure) {
13308	ret = kOSReturnSuccess;
13309	}
13310	} else {
13311	/ this is a real error case /
13312	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
13313	format: "KextLog: ERROR loading deferred AuxKC: PRELINK_INFO wasn't an OSDictionary");
13314	printf("KextLog: ERROR loading deferred AuxKC: PRELINK_INFO wasn't an OSDictionary\n");
13315	ret = kOSKextReturnKCLoadFailure;
13316	kcerr \|= kOSKextReturnKCLoadFailureAuxKC;
13317	}
13318	}
13319	}
13320
13321	aux_filepath = OSDynamicCast(OSString,
13322	requestArgs->getObject(kKextRequestArgumentAuxKCFilename));
13323	if (allow_fileset_load && aux_filepath != NULL) {
13324	printf("KextLog: Loading Aux KC from file %s\n", aux_filepath->getCStringNoCopy());
13325
13326	ret = OSKext::loadKCFileSet(filepath: aux_filepath->getCStringNoCopy(), type: KCKindAuxiliary);
13327	if (ret) {
13328	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13329	format: "KextLog: loadKCFileSet for Aux KC returned %d\n", ret);
13330
13331	printf("KextLog: loadKCFileSet for Aux KC returned %d\n", ret);
13332	ret = kOSKextReturnKCLoadFailure;
13333	kcerr \|= kOSKextReturnKCLoadFailureAuxKC;
13334	goto try_codeless;
13335	}
13336	start_matching = true;
13337	} else if (aux_filepath != NULL) {
13338	OSKextLog(/ kext / NULL, kOSKextLogBasicLevel \| kOSKextLogIPCFlag,
13339	format: "KextLog: Ignoring AuxKC load from %s\n", aux_filepath->getCStringNoCopy());
13340	if (ret != kOSKextReturnKCLoadFailure) {
13341	ret = kOSKextReturnUnsupported;
13342	}
13343	}
13344
13345	try_codeless:
13346	/*
13347	* Load codeless kexts last so that there is no possibilty of a
13348	* codeless kext bundle ID preventing a kext in the system KC from
13349	* loading
13350	*/
13351	codeless_kexts = OSDynamicCast(OSArray,
13352	requestArgs->getObject(kKextRequestArgumentCodelessPersonalities));
13353	if (codeless_kexts != NULL) {
13354	uint32_t count = codeless_kexts->getCount();
13355	OSKextLog(NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13356	format: "KextLog: loading %d codeless kexts/dexts", count);
13357	for (uint32_t i = `0`; i < count; i++) {
13358	OSDictionary *infoDict;
13359	infoDict = OSDynamicCast(OSDictionary,
13360	codeless_kexts->getObject(i));
13361	if (!infoDict) {
13362	continue;
13363	}
13364	// instantiate a new kext, and don't hold a reference
13365	// (the kext subsystem will hold one implicitly)
13366	OSKext::withCodelessInfo(anInfoDict: infoDict, NULL);
13367	}
13368	/ ignore errors that are not KC load failures /
13369	if (ret != kOSKextReturnKCLoadFailure) {
13370	ret = kOSReturnSuccess;
13371	}
13372	start_matching = true;
13373	}
13374
13375	/ send personalities to the IOCatalog once /
13376	if (ret == kOSReturnSuccess \|\| start_matching \|\| sOSKextWasResetAfterUserspaceReboot) {
13377	OSKext::sendAllKextPersonalitiesToCatalog(startMatching: true);
13378	/*
13379	* This request necessarily came from the IOKit daemon (kernelmanagerd), so mark
13380	* things as active and start all the delayed matching: the
13381	* dext and codeless kext personalities should have all been
13382	* delivered via this one call.
13383	*/
13384	if (!daemon_ready) {
13385	OSKext::setIOKitDaemonActive();
13386	OSKext::setDeferredLoadSucceeded(TRUE);
13387	IOService::iokitDaemonLaunched();
13388	}
13389	if (sOSKextWasResetAfterUserspaceReboot) {
13390	sOSKextWasResetAfterUserspaceReboot = false;
13391	OSKext::setIOKitDaemonActive();
13392	IOService::startDeferredMatches();
13393	}
13394	}
13395
13396	if (ret == kOSKextReturnKCLoadFailure) {
13397	ret \|= kcerr;
13398	}
13399
13400	/*
13401	* Only allow this function to attempt to load the pageable and
13402	* aux KCs once per boot.
13403	*/
13404	daemon_ready = true;
13405
13406	IORecursiveLockUnlock(lock: sKextLock);
13407
13408	return ret;
13409	}
13410
13411	OSReturn
13412	OSKext::resetMutableSegments(void)
13413	{
13414	kernel_segment_command_t *seg = NULL;
13415	kernel_mach_header_t k_mh = (kernel_mach_header_t )kmod_info->address;
13416	u_int index = `0`;
13417	OSKextSavedMutableSegment *savedSegment = NULL;
13418	uintptr_t kext_slide = PE_get_kc_slide(type: kc_type);
13419	OSReturn err;
13420
13421	if (!savedMutableSegments) {
13422	OSKextLog(aKext: this, kOSKextLogErrorLevel \| kOSKextLogLoadFlag,
13423	format: "Kext %s cannot be reset, mutable segments were not saved.", getIdentifierCString());
13424	err = kOSKextReturnInternalError;
13425	goto finish;
13426	}
13427
13428	for (seg = firstsegfromheader(header: k_mh), index = `0`; seg; seg = nextsegfromheader(header: k_mh, seg)) {
13429	if (!segmentIsMutable(seg)) {
13430	continue;
13431	}
13432	uint64_t unslid_vmaddr = seg->vmaddr - kext_slide;
13433	uint64_t vmsize = seg->vmsize;
13434	err = kOSKextReturnInternalError;
13435	for (index = `0`; index < savedMutableSegments ->getCount(); index++) {
13436	savedSegment = OSDynamicCast(OSKextSavedMutableSegment, savedMutableSegments ->getObject(index));
13437	assert(savedSegment);
13438	if (savedSegment->getVMAddr() == seg->vmaddr && savedSegment->getVMSize() == seg->vmsize) {
13439	OSKextLog(aKext: this, kOSKextLogDebugLevel \| kOSKextLogLoadFlag,
13440	format: "Resetting kext %s, mutable segment %.s %llx->%llx.", getIdentifierCString(), (int)strnlen(s: seg->segname, n: sizeof*(seg->segname)), seg->segname, unslid_vmaddr, unslid_vmaddr + vmsize - `1`);
13441	err = savedSegment->restoreContents(seg);
13442	if (err != kOSReturnSuccess) {
13443	panic("Kext %s cannot be reset, mutable segment %llx->%llx could not be restored.", getIdentifierCString(), unslid_vmaddr, unslid_vmaddr + vmsize - `1`);
13444	}
13445	}
13446	}
13447	if (err != kOSReturnSuccess) {
13448	panic("Kext %s cannot be reset, could not find saved mutable segment for %llx->%llx.", getIdentifierCString(), unslid_vmaddr, unslid_vmaddr + vmsize - `1`);
13449	}
13450	}
13451	err = kOSReturnSuccess;
13452	finish:
13453	return err;
13454	}
13455
13456
13457	/*********************************************************************
13458	* Assumes sKextLock is held.
13459	*********************************************************************/
13460	/ static /
13461	OSReturn
13462	OSKext::loadKCFileSet(
13463	const char *filepath,
13464	kc_kind_t type)
13465	{
13466	#if VM_MAPPED_KEXTS
13467	/ we only need to load filesets on systems that support VM_MAPPED kexts /
13468	OSReturn err;
13469	struct vnode *vp = NULL;
13470	void *fileset_control;
13471	off_t fsize;
13472	bool pageable = (type == KCKindPageable);
13473
13474	if ((pageable && pageableKCloaded) \|\|
13475	(!pageable && auxKCloaded)) {
13476	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13477	"KC FileSet of type %s is already loaded", (pageable ? "Pageable" : "Aux"));
13478
13479	return kOSKextReturnInvalidArgument;
13480	}
13481
13482	/ Do not allow AuxKC to load if Pageable KC is not loaded /
13483	if (!pageable && !pageableKCloaded) {
13484	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13485	"Trying to load the Aux KC without loading the Pageable KC");
13486	return kOSKextReturnInvalidArgument;
13487	}
13488
13489	fileset_control = ubc_getobject_from_filename(filepath, &vp, &fsize);
13490
13491	if (fileset_control == NULL) {
13492	printf("Could not get memory control object for file %s", filepath);
13493
13494	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13495	"Could not get memory control object for file %s", filepath);
13496	return kOSKextReturnInvalidArgument;
13497	}
13498	if (vp == NULL) {
13499	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13500	"Could not find vnode for file %s", filepath);
13501	return kOSKextReturnInvalidArgument;
13502	}
13503
13504	kernel_mach_header_t *mh = NULL;
13505	uintptr_t slide = `0`;
13506
13507	#if CONFIG_CSR
13508	/*
13509	* When SIP is enabled, the KC we map must be SIP-protected
13510	*/
13511	if (csr_check(CSR_ALLOW_UNRESTRICTED_FS) != `0`) {
13512	struct vnode_attr va;
13513	int error;
13514	VATTR_INIT(&va);
13515	VATTR_WANTED(&va, va_flags);
13516	error = vnode_getattr(vp, &va, vfs_context_current());
13517	if (error) {
13518	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13519	"vnode_getattr(%s) failed (error=%d)", filepath, error);
13520	err = kOSKextReturnInternalError;
13521	goto finish;
13522	}
13523	if (!(va.va_flags & SF_RESTRICTED)) {
13524	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13525	"Path to KC '%s' is not SIP-protected", filepath);
13526	err = kOSKextReturnInvalidArgument;
13527	goto finish;
13528	}
13529	}
13530	#endif
13531
13532	err = OSKext::mapKCFileSet(fileset_control, (vm_size_t)fsize, &mh, `0`, &slide, pageable, NULL);
13533	if (err) {
13534	printf("KextLog: mapKCFileSet returned %d\n", err);
13535
13536	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13537	"mapKCFileSet returned %d\n", err);
13538
13539	err = kOSKextReturnInvalidArgument;
13540	}
13541
13542	#if CONFIG_CSR
13543	finish:
13544	#endif
13545	/ Drop the vnode ref returned by ubc_getobject_from_filename if mapKCFileSet failed /
13546	assert(vp != NULL);
13547	if (err == kOSReturnSuccess) {
13548	PE_set_kc_vp(type, vp);
13549	if (pageable) {
13550	pageableKCloaded = true;
13551	} else {
13552	auxKCloaded = true;
13553	}
13554	} else {
13555	vnode_put(vp);
13556	}
13557
13558	return err;
13559	#else
13560	(void)filepath;
13561	(void)type;
13562	return kOSKextReturnUnsupported;
13563	#endif // VM_MAPPED_KEXTS
13564	}
13565
13566	#if defined(__x86_64__) \|\| defined(__i386__)
13567	/*********************************************************************
13568	* Assumes sKextLock is held.
13569	*********************************************************************/
13570	/ static /
13571	OSReturn
13572	OSKext::mapKCFileSet(
13573	void *control,
13574	vm_size_t fsize,
13575	kernel_mach_header_t **mhp,
13576	off_t file_offset,
13577	uintptr_t *slidep,
13578	bool pageable,
13579	void *map_entry_list)
13580	{
13581	bool fileset_load = false;
13582	kern_return_t ret;
13583	OSReturn err;
13584	kernel_section_t *infoPlistSection = NULL;
13585	OSDictionary *infoDict = NULL;
13586
13587	OSSharedPtr<OSObject> parsedXML;
13588	OSSharedPtr<OSString> errorString;
13589	OSSharedPtr<OSData> loaded_kcUUID;
13590
13591	/ Check if initial load for file set /
13592	if (*mhp == NULL) {
13593	fileset_load = true;
13594
13595	/ Get a page aligned address from kext map to map the file /
13596	vm_map_offset_t pagealigned_addr = get_address_from_kext_map(fsize);
13597	if (pagealigned_addr == `0`) {
13598	return kOSKextReturnNoMemory;
13599	}
13600
13601	mhp = (kernel_mach_header_t )pagealigned_addr;
13602
13603	/ Allocate memory for bailout mechanism /
13604	map_entry_list = allocate_kcfileset_map_entry_list();
13605	if (map_entry_list == NULL) {
13606	return kOSKextReturnNoMemory;
13607	}
13608	}
13609
13610	uintptr_t *slideptr = fileset_load ? slidep : NULL;
13611	err = mapKCTextSegment(control, mhp, file_offset, slideptr, map_entry_list);
13612	/ mhp and slideptr are updated by mapKCTextSegment /
13613	if (err) {
13614	if (fileset_load) {
13615	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13616	}
13617	return err;
13618	}
13619
13620	/ Initialize the kc header globals /
13621	if (fileset_load) {
13622	if (pageable) {
13623	PE_set_kc_header(KCKindPageable, mhp, slidep);
13624	} else {
13625	PE_set_kc_header(KCKindAuxiliary, mhp, slidep);
13626	}
13627	}
13628
13629	/ Iterate through all the segments and map necessary segments /
13630	struct load_command lcp = (struct* load_command ) (mhp + `1`);
13631	for (unsigned int i = `0`; i < (mhp)->ncmds; i++, lcp = (struct* load_command *)((uintptr_t)lcp + lcp->cmdsize)) {
13632	vm_map_offset_t start;
13633	kernel_mach_header_t *k_mh = NULL;
13634	kernel_segment_command_t * seg = NULL;
13635	struct fileset_entry_command *fse = NULL;
13636
13637	if (lcp->cmd == LC_SEGMENT_KERNEL) {
13638	seg = (kernel_segment_command_t *)lcp;
13639	start = ((uintptr_t)(seg->vmaddr)) + *slidep;
13640	} else if (lcp->cmd == LC_FILESET_ENTRY) {
13641	fse = (struct fileset_entry_command *)lcp;
13642	k_mh = (kernel_mach_header_t )(((uintptr_t)(fse->vmaddr)) + slidep);
13643
13644	/ Map the segments of the mach-o binary /
13645	err = OSKext::mapKCFileSet(control, `0`, &k_mh, fse->fileoff, slidep, pageable, map_entry_list);
13646	if (err) {
13647	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13648	return kOSKextReturnInvalidArgument;
13649	}
13650	continue;
13651	} else if (lcp->cmd == LC_DYLD_CHAINED_FIXUPS) {
13652	/ Check if the Aux KC is built pageable style /
13653	if (!pageable && !fileset_load && !auxKCloaded) {
13654	resetAuxKCSegmentOnUnload = true;
13655	}
13656	continue;
13657	} else {
13658	continue;
13659	}
13660
13661	if (fileset_load) {
13662	if (seg->vmsize == `0`) {
13663	continue;
13664	}
13665
13666	/ Only map __PRELINK_INFO, __BRANCH_STUBS, __BRANCH_GOTS and __LINKEDIT sections /
13667	if (strncmp(seg->segname, kPrelinkInfoSegment, sizeof(seg->segname)) != `0` &&
13668	strncmp(seg->segname, kKCBranchStubs, sizeof(seg->segname)) != `0` &&
13669	strncmp(seg->segname, kKCBranchGots, sizeof(seg->segname)) != `0` &&
13670	strncmp(seg->segname, SEG_LINKEDIT, sizeof(seg->segname)) != `0`) {
13671	continue;
13672	}
13673	} else {
13674	if (seg->vmsize == `0`) {
13675	continue;
13676	}
13677
13678	/ Skip the __LINKEDIT, __LINKINFO and __TEXT segments /
13679	if (strncmp(seg->segname, SEG_LINKEDIT, sizeof(seg->segname)) == `0` \|\|
13680	strncmp(seg->segname, SEG_LINKINFO, sizeof(seg->segname)) == `0` \|\|
13681	strncmp(seg->segname, SEG_TEXT, sizeof(seg->segname)) == `0`) {
13682	continue;
13683	}
13684	}
13685
13686	ret = vm_map_kcfileset_segment(
13687	&start, seg->vmsize,
13688	(memory_object_control_t)control, seg->fileoff, seg->maxprot);
13689
13690	if (ret != KERN_SUCCESS) {
13691	if (fileset_load) {
13692	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13693	}
13694	return kOSKextReturnInvalidArgument;
13695	}
13696	add_kcfileset_map_entry(map_entry_list, start, seg->vmsize);
13697	}
13698
13699	/ Return if regular mach-o /
13700	if (!fileset_load) {
13701	return `0`;
13702	}
13703
13704	/*
13705	* Fixup for the Pageable KC and the Aux KC is done by
13706	* i386_slide_kext_collection_mh_addrs, but it differs in
13707	* following ways:
13708	*
13709	* PageableKC: Fixup only __BRANCH_STUBS segment and top level load commands.
13710	* The fixup of kext segments and kext load commands are done at kext
13711	* load time by calling i386_slide_individual_kext.
13712	*
13713	* AuxKC old style: Fixup all the segments and all the load commands.
13714	*
13715	* AuxKC pageable style: Same as the Pageable KC.
13716	*/
13717	bool adjust_mach_header = (pageable ? true : ((resetAuxKCSegmentOnUnload) ? true : false));
13718	ret = i386_slide_kext_collection_mh_addrs(mhp, slidep, adjust_mach_header);
13719	if (ret != KERN_SUCCESS) {
13720	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13721	return kOSKextReturnInvalidArgument;
13722	}
13723
13724	/ Get the prelink info dictionary /
13725	infoPlistSection = getsectbynamefromheader(*mhp, kPrelinkInfoSegment, kPrelinkInfoSection);
13726	parsedXML = OSUnserializeXML((const char *)infoPlistSection->addr, errorString);
13727	if (parsedXML) {
13728	infoDict = OSDynamicCast(OSDictionary, parsedXML.get());
13729	}
13730
13731	if (!infoDict) {
13732	const char *errorCString = "(unknown error)";
13733
13734	if (errorString && errorString->getCStringNoCopy()) {
13735	errorCString = errorString->getCStringNoCopy();
13736	} else if (parsedXML) {
13737	errorCString = "not a dictionary";
13738	}
13739	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
13740	"Error unserializing kext info plist section: %s.", errorCString);
13741	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13742	return kOSKextReturnInvalidArgument;
13743	}
13744
13745	/ Validate that the Kext Collection is prelinked to the loaded KC /
13746	err = OSKext::validateKCFileSetUUID(infoDict, pageable ? KCKindPageable : KCKindAuxiliary);
13747	if (err) {
13748	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, TRUE, pageable);
13749	return kOSKextReturnInvalidArgument;
13750	}
13751
13752	/ Set Protection of Segments /
13753	OSKext::protectKCFileSet(*mhp, pageable ? KCKindPageable : KCKindAuxiliary);
13754
13755	OSKext::addKextsFromKextCollection(*mhp,
13756	infoDict, kPrelinkTextSegment,
13757	loaded_kcUUID, pageable ? KCKindPageable : KCKindAuxiliary);
13758
13759	/ Copy in the KC UUID /
13760	if (!loaded_kcUUID) {
13761	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
13762	"WARNING: did not find UUID in prelinked %s KC!", pageable ? "Pageable" : "Aux");
13763	} else if (pageable) {
13764	pageablekc_uuid_valid = TRUE;
13765	memcpy((void )&pageablekc_uuid, (const* void *)loaded_kcUUID->getBytesNoCopy(), loaded_kcUUID->getLength());
13766	uuid_unparse_upper(pageablekc_uuid, pageablekc_uuid_string);
13767	} else {
13768	auxkc_uuid_valid = TRUE;
13769	memcpy((void )&auxkc_uuid, (const* void *)loaded_kcUUID->getBytesNoCopy(), loaded_kcUUID->getLength());
13770	uuid_unparse_upper(auxkc_uuid, auxkc_uuid_string);
13771	}
13772
13773	deallocate_kcfileset_map_entry_list_and_unmap_entries(map_entry_list, FALSE, pageable);
13774
13775	return `0`;
13776	}
13777
13778	/*********************************************************************
13779	* Assumes sKextLock is held.
13780	*********************************************************************/
13781	/ static /
13782	OSReturn
13783	OSKext::mapKCTextSegment(
13784	void *control,
13785	kernel_mach_header_t **mhp,
13786	off_t file_offset,
13787	uintptr_t *slidep,
13788	void *map_entry_list)
13789	{
13790	kern_return_t ret;
13791	vm_map_offset_t mach_header_map_size = vm_map_round_page(sizeof(kernel_mach_header_t),
13792	PAGE_MASK);
13793	vm_map_offset_t load_command_map_size = `0`;
13794	kernel_mach_header_t base_mh = mhp;
13795
13796	/ Map the mach header at start of fileset for now (vmaddr = 0) /
13797	ret = vm_map_kcfileset_segment(
13798	(vm_map_offset_t *)&base_mh, mach_header_map_size,
13799	(memory_object_control_t)control, file_offset, (VM_PROT_READ \| VM_PROT_WRITE));
13800
13801	if (ret != KERN_SUCCESS) {
13802	printf("Kext Log: mapKCTextSegment failed to map mach header of fileset %x", ret);
13803
13804	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13805	"Failed to map mach header of kc fileset with error %d", ret);
13806	return kOSKextReturnInvalidArgument;
13807	}
13808
13809	if (slidep) {
13810	/ Verify that it's an MH_FILESET /
13811	if (base_mh->filetype != MH_FILESET) {
13812	printf("Kext Log: mapKCTextSegment mach header filetype"
13813	" is not an MH_FILESET, it is %x", base_mh->filetype);
13814
13815	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13816	"mapKCTextSegment mach header filetype is not an MH_FILESET, it is %x", base_mh->filetype);
13817
13818	/ Unmap the mach header /
13819	vm_unmap_kcfileset_segment((vm_map_offset_t *)&base_mh, mach_header_map_size);
13820	return kOSKextReturnInvalidArgument;
13821	}
13822	}
13823
13824	/ Map the remaining pages of load commands /
13825	if (base_mh->sizeofcmds > mach_header_map_size) {
13826	vm_map_offset_t load_command_addr = ((vm_map_offset_t)base_mh) + mach_header_map_size;
13827	load_command_map_size = base_mh->sizeofcmds - mach_header_map_size;
13828
13829	/ Map the load commands /
13830	ret = vm_map_kcfileset_segment(
13831	&load_command_addr, load_command_map_size,
13832	(memory_object_control_t)control, file_offset + mach_header_map_size,
13833	(VM_PROT_READ \| VM_PROT_WRITE));
13834
13835	if (ret != KERN_SUCCESS) {
13836	printf("KextLog: mapKCTextSegment failed to map load commands of fileset %x", ret);
13837	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13838	"Failed to map load commands of kc fileset with error %d", ret);
13839
13840	/ Unmap the mach header /
13841	vm_unmap_kcfileset_segment((vm_map_offset_t *)&base_mh, mach_header_map_size);
13842	return kOSKextReturnInvalidArgument;
13843	}
13844	}
13845
13846	kernel_segment_command_t *text_seg;
13847	text_seg = getsegbynamefromheader((kernel_mach_header_t *)base_mh, SEG_TEXT);
13848
13849	/ Calculate the slide and vm addr of mach header /
13850	if (slidep) {
13851	mhp = (kernel_mach_header_t )((uintptr_t)base_mh + text_seg->vmaddr);
13852	slidep = ((uintptr_t)mhp) - text_seg->vmaddr;
13853	}
13854
13855	/ Cache the text segment size and file offset before unmapping /
13856	vm_map_offset_t text_segment_size = text_seg->vmsize;
13857	vm_object_offset_t text_segment_fileoff = text_seg->fileoff;
13858	vm_prot_t text_maxprot = text_seg->maxprot;
13859
13860	/ Unmap the first page and loadcommands and map the text segment /
13861	ret = vm_unmap_kcfileset_segment((vm_map_offset_t *)&base_mh, mach_header_map_size);
13862	assert(ret == KERN_SUCCESS);
13863
13864	if (load_command_map_size) {
13865	vm_map_offset_t load_command_addr = ((vm_map_offset_t)base_mh) + mach_header_map_size;
13866	ret = vm_unmap_kcfileset_segment(&load_command_addr, load_command_map_size);
13867	assert(ret == KERN_SUCCESS);
13868	}
13869
13870	/ Map the text segment at actual vm addr specified in fileset /
13871	ret = vm_map_kcfileset_segment((vm_map_offset_t *)mhp, text_segment_size,
13872	(memory_object_control_t)control, text_segment_fileoff, text_maxprot);
13873	if (ret != KERN_SUCCESS) {
13874	OSKextLog(/ kext / NULL, kOSKextLogDebugLevel \| kOSKextLogIPCFlag,
13875	"Failed to map Text segment of kc fileset with error %d", ret);
13876	return kOSKextReturnInvalidArgument;
13877	}
13878
13879	add_kcfileset_map_entry(map_entry_list, (vm_map_offset_t)*mhp, text_segment_size);
13880	return `0`;
13881	}
13882
13883	/*********************************************************************
13884	* Assumes sKextLock is held.
13885	*********************************************************************/
13886	/ static /
13887	OSReturn
13888	OSKext::protectKCFileSet(
13889	kernel_mach_header_t *mh,
13890	kc_kind_t type)
13891	{
13892	vm_map_t kext_map = g_kext_map;
13893	kernel_segment_command_t * seg = NULL;
13894	vm_map_offset_t start = `0`;
13895	vm_map_offset_t end = `0`;
13896	OSReturn ret = `0`;
13897
13898	/ Set VM permissions /
13899	seg = firstsegfromheader((kernel_mach_header_t *)mh);
13900	while (seg) {
13901	start = round_page(seg->vmaddr);
13902	end = trunc_page(seg->vmaddr + seg->vmsize);
13903
13904	/*
13905	* Wire down and protect __TEXT, __BRANCH_STUBS and __BRANCH_GOTS
13906	* for the Pageable KC and the Aux KC, wire down and protect __LINKEDIT
13907	* for the Aux KC as well.
13908	*/
13909	if (strncmp(seg->segname, kKCBranchGots, sizeof(seg->segname)) == `0` \|\|
13910	strncmp(seg->segname, kKCBranchStubs, sizeof(seg->segname)) == `0` \|\|
13911	strncmp(seg->segname, SEG_TEXT, sizeof(seg->segname)) == `0` \|\|
13912	(type == KCKindAuxiliary && !resetAuxKCSegmentOnUnload &&
13913	strncmp(seg->segname, SEG_LINKEDIT, sizeof(seg->segname)) == `0`)) {
13914	ret = OSKext_protect((kernel_mach_header_t *)mh,
13915	kext_map, start, end, seg->maxprot, TRUE, type);
13916	if (ret != KERN_SUCCESS) {
13917	printf("OSKext protect failed with error %d", ret);
13918	return kOSKextReturnInvalidArgument;
13919	}
13920
13921	ret = OSKext_protect((kernel_mach_header_t *)mh,
13922	kext_map, start, end, seg->initprot, FALSE, type);
13923	if (ret != KERN_SUCCESS) {
13924	printf("OSKext protect failed with error %d", ret);
13925	return kOSKextReturnInvalidArgument;
13926	}
13927
13928	ret = OSKext_wire((kernel_mach_header_t *)mh,
13929	kext_map, start, end, seg->initprot, FALSE, type);
13930	if (ret != KERN_SUCCESS) {
13931	printf("OSKext wire failed with error %d", ret);
13932	return kOSKextReturnInvalidArgument;
13933	}
13934	}
13935
13936	seg = nextsegfromheader((kernel_mach_header_t *) mh, seg);
13937	}
13938
13939	return `0`;
13940	}
13941
13942	/*********************************************************************
13943	* Assumes sKextLock is held.
13944	*********************************************************************/
13945	/ static /
13946	void
13947	OSKext::freeKCFileSetcontrol(void)
13948	{
13949	PE_reset_all_kc_vp();
13950	}
13951
13952	/*********************************************************************
13953	* Assumes sKextLock is held.
13954	*
13955	* resetKCFileSetSegments: Kext start function expects data segment to
13956	* be pristine on every load, unmap the dirty segments on unload and
13957	* remap them from FileSet on disk. Remap all segments of kext since
13958	* fixups are done per kext and not per segment.
13959	*********************************************************************/
13960	OSReturn
13961	OSKext::resetKCFileSetSegments(void)
13962	{
13963	kernel_segment_command_t *seg = NULL;
13964	kernel_segment_command_t *text_seg;
13965	uint32_t text_fileoff;
13966	kernel_mach_header_t *k_mh = NULL;
13967	uintptr_t slide;
13968	struct vnode *vp = NULL;
13969	void *fileset_control = NULL;
13970	bool pageable = (kc_type == KCKindPageable);
13971	OSReturn err;
13972	kern_return_t kr;
13973
13974	/ Check the vnode reference is still available /
13975	vp = (struct vnode *)PE_get_kc_vp(kc_type);
13976	if (vp == NULL) {
13977	OSKextLog(this, kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
13978	"Kext %s could not be reset, since reboot released the vnode ref", getIdentifierCString());
13979	return kOSKextReturnInternalError;
13980	}
13981
13982	fileset_control = ubc_getobject(vp, `0`);
13983	assert(fileset_control != NULL);
13984
13985	OSKextLog(this, kOSKextLogProgressLevel \| kOSKextLogLoadFlag,
13986	"Kext %s resetting all segments", getIdentifierCString());
13987
13988	k_mh = (kernel_mach_header_t *)kmod_info->address;
13989	text_seg = getsegbynamefromheader((kernel_mach_header_t *)kmod_info->address, SEG_TEXT);
13990	text_fileoff = text_seg->fileoff;
13991	slide = PE_get_kc_slide(kc_type);
13992
13993	seg = firstsegfromheader((kernel_mach_header_t *)k_mh);
13994	while (seg) {
13995	if (seg->vmsize == `0`) {
13996	seg = nextsegfromheader((kernel_mach_header_t *) k_mh, seg);
13997	continue;
13998	}
13999
14000	/ Skip the __LINKEDIT, __LINKINFO and __TEXT segments /
14001	if (strncmp(seg->segname, SEG_LINKEDIT, sizeof(seg->segname)) == `0` \|\|
14002	strncmp(seg->segname, SEG_LINKINFO, sizeof(seg->segname)) == `0` \|\|
14003	strncmp(seg->segname, SEG_TEXT, sizeof(seg->segname)) == `0`) {
14004	seg = nextsegfromheader((kernel_mach_header_t *) k_mh, seg);
14005	continue;
14006	}
14007
14008	kr = vm_unmap_kcfileset_segment(&seg->vmaddr, seg->vmsize);
14009	assert(kr == KERN_SUCCESS);
14010	seg = nextsegfromheader((kernel_mach_header_t *) k_mh, seg);
14011	}
14012
14013	/ Unmap the text segment /
14014	kr = vm_unmap_kcfileset_segment(&text_seg->vmaddr, text_seg->vmsize);
14015	assert(kr == KERN_SUCCESS);
14016
14017	/ Map all the segments of the kext /
14018	err = OSKext::mapKCFileSet(fileset_control, `0`, &k_mh, text_fileoff, &slide, pageable, NULL);
14019	if (err) {
14020	panic("Could not reset segments of a mapped kext, error %x", err);
14021	}
14022
14023	/ Update address in kmod_info, since it has been reset /
14024	if (kmod_info->address) {
14025	kmod_info->address = (((uintptr_t)(kmod_info->address)) + slide);
14026	}
14027
14028	return `0`;
14029	}
14030
14031	/*********************************************************************
14032	* Mechanism to track all segment mapping while mapping KC fileset.
14033	*********************************************************************/
14034
14035	struct kcfileset_map_entry {
14036	vm_map_offset_t me_start;
14037	vm_map_offset_t me_size;
14038	};
14039
14040	struct kcfileset_map_entry_list {
14041	int kme_list_count;
14042	int kme_list_index;
14043	struct kcfileset_map_entry kme_list[];
14044	};
14045
14046	#define KCFILESET_MAP_ENTRY_MAX (16380)
14047
14048	static void *
14049	allocate_kcfileset_map_entry_list(void)
14050	{
14051	struct kcfileset_map_entry_list *entry_list;
14052
14053	entry_list = kalloc_type(struct kcfileset_map_entry_list,
14054	struct kcfileset_map_entry, KCFILESET_MAP_ENTRY_MAX, Z_WAITOK_ZERO);
14055
14056	entry_list->kme_list_count = KCFILESET_MAP_ENTRY_MAX;
14057	entry_list->kme_list_index = `0`;
14058	return entry_list;
14059	}
14060
14061	static void
14062	add_kcfileset_map_entry(
14063	void *map_entry_list,
14064	vm_map_offset_t start,
14065	vm_map_offset_t size)
14066	{
14067	if (map_entry_list == NULL) {
14068	return;
14069	}
14070
14071	struct kcfileset_map_entry_list entry_list = (struct* kcfileset_map_entry_list *)map_entry_list;
14072
14073	if (entry_list->kme_list_index >= entry_list->kme_list_count) {
14074	panic("Ran out of map kc fileset list");
14075	}
14076
14077	entry_list->kme_list[entry_list->kme_list_index].me_start = start;
14078	entry_list->kme_list[entry_list->kme_list_index].me_size = size;
14079
14080	entry_list->kme_list_index++;
14081	}
14082
14083	static void
14084	deallocate_kcfileset_map_entry_list_and_unmap_entries(
14085	void *map_entry_list,
14086	boolean_t unmap_entries,
14087	bool pageable)
14088	{
14089	struct kcfileset_map_entry_list entry_list = (struct* kcfileset_map_entry_list *)map_entry_list;
14090
14091	if (unmap_entries) {
14092	for (int i = `0`; i < entry_list->kme_list_index; i++) {
14093	kern_return_t ret;
14094	ret = vm_unmap_kcfileset_segment(
14095	&(entry_list->kme_list[i].me_start),
14096	entry_list->kme_list[i].me_size);
14097	assert(ret == KERN_SUCCESS);
14098	}
14099
14100	PE_reset_kc_header(pageable ? KCKindPageable : KCKindAuxiliary);
14101	}
14102
14103	kfree_type(struct kcfileset_map_entry_list, struct kcfileset_map_entry,
14104	KCFILESET_MAP_ENTRY_MAX, entry_list);
14105	}
14106
14107	/*********************************************************************
14108	* Mechanism to map kext segment.
14109	*********************************************************************/
14110
14111	kern_return_t
14112	vm_map_kcfileset_segment(
14113	vm_map_offset_t *start,
14114	vm_map_offset_t size,
14115	void *control,
14116	vm_object_offset_t fileoffset,
14117	vm_prot_t max_prot)
14118	{
14119	vm_map_kernel_flags_t vmk_flags = {
14120	.vmf_fixed = true,
14121	.vmkf_no_copy_on_read = true,
14122	.vmkf_cs_enforcement_override = true,
14123	.vm_tag = VM_KERN_MEMORY_OSKEXT,
14124	};
14125	kern_return_t ret;
14126
14127	/ Add Write to max prot to allow fixups /
14128	max_prot = max_prot \| VM_PROT_WRITE;
14129
14130	/*
14131	* Map the segments from file as COPY mappings to
14132	* make sure changes on disk to the file does not affect
14133	* mapped segments.
14134	*/
14135	ret = vm_map_enter_mem_object_control(
14136	g_kext_map,
14137	start,
14138	size,
14139	(mach_vm_offset_t)`0`,
14140	vmk_flags,
14141	(memory_object_control_t)control,
14142	fileoffset,
14143	TRUE, / copy /
14144	(VM_PROT_READ \| VM_PROT_WRITE), max_prot,
14145	VM_INHERIT_NONE);
14146
14147	return ret;
14148	}
14149
14150	kern_return_t
14151	vm_unmap_kcfileset_segment(
14152	vm_map_offset_t *start,
14153	vm_map_offset_t size)
14154	{
14155	return mach_vm_deallocate(g_kext_map, *start, size);
14156	}
14157
14158	#endif //(__x86_64__) \|\| defined(__i386__)
14159
14160	/*********************************************************************
14161	* Assumes sKextLock is held.
14162	*********************************************************************/
14163	/ static /
14164	OSReturn
14165	OSKext::validateKCFileSetUUID(
14166	OSDictionary *infoDict,
14167	kc_kind_t type)
14168	{
14169	OSReturn ret = kOSReturnSuccess;
14170
14171	if (!kernelcache_uuid_valid) {
14172	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
14173	format: "validateKCFileSetUUID Boot KC UUID was not set at boot.");
14174	ret = kOSKextReturnInvalidArgument;
14175	goto finish;
14176	}
14177	ret = OSKext::validateKCUUIDfromPrelinkInfo(loaded_kcuuid: &kernelcache_uuid, type, infoDict, kPrelinkInfoBootKCIDKey);
14178	if (ret != `0`) {
14179	goto finish;
14180	}
14181
14182	#if defined(__x86_64__) \|\| defined(__i386__)
14183	/ Check if the Aux KC is prelinked to correct Pageable KC /
14184	if (type == KCKindAuxiliary) {
14185	if (!pageablekc_uuid_valid) {
14186	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
14187	"validateKCFileSetUUID Pageable KC UUID was not set while loading Pageable KC.");
14188	ret = kOSKextReturnInvalidArgument;
14189	goto finish;
14190	}
14191	ret = OSKext::validateKCUUIDfromPrelinkInfo(&pageablekc_uuid, type, infoDict, kPrelinkInfoPageableKCIDKey);
14192	if (ret != `0`) {
14193	goto finish;
14194	}
14195	}
14196	#endif //(__x86_64__) \|\| defined(__i386__)
14197
14198	printf("KextLog: Collection UUID matches with loaded KCs.\n");
14199	finish:
14200	return ret;
14201	}
14202
14203	/*********************************************************************
14204	* Assumes sKextLock is held.
14205	*********************************************************************/
14206	/ static /
14207	OSReturn
14208	OSKext::validateKCUUIDfromPrelinkInfo(
14209	uuid_t *loaded_kcuuid,
14210	kc_kind_t type,
14211	OSDictionary *infoDict,
14212	const char *uuid_key)
14213	{
14214	/ extract the UUID from the dictionary /
14215	OSData *prelinkinfoKCUUID = OSDynamicCast(OSData, infoDict->getObject(uuid_key));
14216	if (!prelinkinfoKCUUID) {
14217	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
14218	format: "validateKCUUID Info plist does not contain %s KC UUID key.", uuid_key);
14219	return kOSKextReturnInvalidArgument;
14220	}
14221
14222	if (prelinkinfoKCUUID->getLength() != sizeof(uuid_t)) {
14223	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
14224	format: "validateKCUUID %s KC UUID has wrong length: %d.", uuid_key, prelinkinfoKCUUID->getLength());
14225	return kOSKextReturnInvalidArgument;
14226	}
14227
14228	if (memcmp(s1: (void )loaded_kcuuid, s2: (const* void *)prelinkinfoKCUUID->getBytesNoCopy(),
14229	n: prelinkinfoKCUUID->getLength())) {
14230	OSData *info_dict_uuid;
14231	uuid_string_t info_dict_uuid_str = {};
14232	uuid_string_t expected_uuid_str = {};
14233	uuid_string_t given_uuid_str = {};
14234	uuid_t given_uuid;
14235
14236	/ extract the KC UUID from the dictionary /
14237	info_dict_uuid = OSDynamicCast(OSData, infoDict->getObject(kPrelinkInfoKCIDKey));
14238	if (info_dict_uuid && info_dict_uuid->getLength() == sizeof(uuid_t)) {
14239	uuid_t tmp_uuid;
14240	memcpy(dst: tmp_uuid, src: (const void )info_dict_uuid->getBytesNoCopy(), n: sizeof*(tmp_uuid));
14241	uuid_unparse(uu: tmp_uuid, out: info_dict_uuid_str);
14242	}
14243
14244	uuid_unparse(uu: *loaded_kcuuid, out: expected_uuid_str);
14245	memcpy(dst: given_uuid, src: (const void )prelinkinfoKCUUID->getBytesNoCopy(), n: sizeof*(given_uuid));
14246	uuid_unparse(uu: given_uuid, out: given_uuid_str);
14247
14248	printf("KextLog: ERROR: UUID from key:%s %s != expected %s (KC UUID: %s)\n", uuid_key,
14249	given_uuid_str, expected_uuid_str, info_dict_uuid_str);
14250	OSKextLog(/ kext / NULL, kOSKextLogErrorLevel \| kOSKextLogArchiveFlag,
14251	format: "KextLog: ERROR: UUID from key:%s %s != expected %s (KC UUID: %s)\n", uuid_key,
14252	given_uuid_str, expected_uuid_str, info_dict_uuid_str);
14253	if (type == KCKindPageable && sPanicOnKCMismatch) {
14254	panic("System KC UUID %s linked against %s, but %s is loaded",
14255	info_dict_uuid_str, given_uuid_str, expected_uuid_str);
14256	}
14257	return kOSKextReturnInvalidArgument;
14258	}
14259
14260	return `0`;
14261	}
14262
14263	/*********************************************************************
14264	* Assumes sKextLock is held.
14265	*********************************************************************/
14266	/ static /
14267	OSReturn
14268	OSKext::dispatchResource(OSDictionary * requestDict)
14269	{
14270	OSReturn result = kOSReturnError;
14271	OSSharedPtr<OSDictionary> callbackRecord;
14272	OSNumber * requestTag = NULL; // do not release
14273	OSNumber * requestResult = NULL; // do not release
14274	OSData * dataObj = NULL; // do not release
14275	uint32_t dataLength = `0`;
14276	const void * dataPtr = NULL; // do not free
14277	OSValueObject<OSKextRequestResourceCallback> * callbackWrapper = nullptr; // do not release
14278	OSKextRequestResourceCallback callback = NULL;
14279	OSValueObject<void > contextWrapper = nullptr; // do not release
14280	void * context = NULL; // do not free
14281	OSSharedPtr<OSKext> callbackKext;
14282
14283	/ Get the args from the request. Right now we need the tag*
14284	* to look up the callback record, and the result for invoking the callback.
14285	*/
14286	requestTag = OSDynamicCast(OSNumber, _OSKextGetRequestArgument(requestDict,
14287	kKextRequestArgumentRequestTagKey));
14288	requestResult = OSDynamicCast(OSNumber, _OSKextGetRequestArgument(requestDict,
14289	kKextRequestArgumentResultKey));
14290	if (!requestTag \|\| !requestResult) {
14291	result = kOSKextReturnInvalidArgument;
14292	goto finish;
14293	}
14294
14295	/ Look for a callback record matching this request's tag.*
14296	*/
14297	result = dequeueCallbackForRequestTag(requestTagNum: requestTag, callbackRecordOut&: callbackRecord);
14298	if (result != kOSReturnSuccess) {
14299	goto finish;
14300	}
14301
14302	/*****
14303	* Get the context pointer of the callback record (if there is one).
14304	*/
14305	contextWrapper = OSDynamicCast(OSValueObject<void *>, _OSKextGetRequestArgument(
14306	callbackRecord.get(), kKextRequestArgumentContextKey));
14307	context = _OSKextExtractPointer(wrapper: contextWrapper);
14308	if (contextWrapper && !context) {
14309	goto finish;
14310	}
14311
14312	callbackWrapper = OSDynamicCast(OSValueObject<OSKextRequestResourceCallback>,
14313	_OSKextGetRequestArgument(callbackRecord.get(),
14314	kKextRequestArgumentCallbackKey));
14315	callback = _OSKextExtractCallbackPointer(wrapper: callbackWrapper);
14316	if (!callback) {
14317	goto finish;
14318	}
14319
14320	/ Check for a data obj. We might not have one and that's ok, that means*
14321	* we didn't find the requested resource, and we still have to tell the
14322	* caller that via the callback.
14323	*/
14324	dataObj = OSDynamicCast(OSData, _OSKextGetRequestArgument(requestDict,
14325	kKextRequestArgumentValueKey));
14326	if (dataObj) {
14327	dataPtr = dataObj->getBytesNoCopy();
14328	dataLength = dataObj->getLength();
14329	}
14330
14331	callbackKext = OSKext::lookupKextWithAddress(address: (vm_address_t)callback);
14332	if (!callbackKext) {
14333	OSKextLog(/ kext / NULL,
14334	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
14335	format: "Can't invoke callback for resource request; ");
14336	goto finish;
14337	}
14338	if (!callbackKext ->flags.starting && !callbackKext ->flags.started) {
14339	OSKextLog(/ kext / NULL,
14340	kOSKextLogErrorLevel \| kOSKextLogIPCFlag,
14341	format: "Can't invoke kext resource callback; ");
14342	goto finish;
14343	}
14344
14345	(void)callback(requestTag->unsigned32BitValue(),
14346	(OSReturn)requestResult->unsigned32BitValue(),
14347	dataPtr, dataLength, context);
14348
14349	result = kOSReturnSuccess;
14350
14351	finish:
14352	return result;
14353	}
14354
14355	/*********************************************************************
14356	* Assumes sKextLock is held.
14357	*********************************************************************/
14358	/ static /
14359	OSReturn
14360	OSKext::setMissingAuxKCBundles(OSDictionary * requestDict)
14361	{
14362	OSSharedPtr<OSDictionary> missingIDs;
14363	OSArray bundleIDList = NULL; // do not release*
14364
14365	bundleIDList = OSDynamicCast(OSArray, _OSKextGetRequestArgument(
14366	requestDict, kKextRequestArgumentMissingBundleIDs));
14367	if (!bundleIDList) {
14368	return kOSKextReturnInvalidArgument;
14369	}
14370
14371	missingIDs = OSDictionary::withCapacity(capacity: bundleIDList->getCount());
14372	if (!missingIDs) {
14373	return kOSKextReturnNoMemory;
14374	}
14375
14376	uint32_t count, i;
14377	count = bundleIDList->getCount();
14378	for (i = `0`; i < count; i++) {
14379	OSString *thisID = OSDynamicCast(OSString, bundleIDList->getObject(i));
14380	if (thisID) {
14381	missingIDs ->setObject(aKey: thisID, anObject: kOSBooleanFalse);
14382	}
14383	}
14384
14385	sNonLoadableKextsByID.reset(p: missingIDs.get(), OSRetain);
14386
14387	return kOSReturnSuccess;
14388	}
14389
14390	/*********************************************************************
14391	* Assumes sKextLock is held.
14392	*********************************************************************/
14393	/ static /
14394	OSReturn
14395	OSKext::setAuxKCBundleAvailable(OSString kextIdentifier, OSDictionary requestDict)
14396	{
14397	bool loadable = true;
14398	if (!kextIdentifier) {
14399	return kOSKextReturnInvalidArgument;
14400	}
14401
14402	if (requestDict) {
14403	OSBoolean *loadableArg;
14404	loadableArg = OSDynamicCast(OSBoolean, _OSKextGetRequestArgument(
14405	requestDict, kKextRequestArgumentBundleAvailability));
14406	/ If we find the "Bundle Available" arg, and it's false, then*
14407	* mark the bundle ID as _not_ loadable
14408	*/
14409	if (loadableArg && !loadableArg->getValue()) {
14410	loadable = false;
14411	}
14412	}
14413
14414	if (!sNonLoadableKextsByID) {
14415	sNonLoadableKextsByID = OSDictionary::withCapacity(capacity: `1`);
14416	}
14417
14418	sNonLoadableKextsByID ->setObject(aKey: kextIdentifier, anObject: OSBoolean::withBoolean(value: loadable));
14419
14420	OSKextLog(/ kext / NULL,
14421	kOSKextLogBasicLevel \| kOSKextLogIPCFlag,
14422	format: "KextLog: AuxKC bundle %s marked as %s",
14423	kextIdentifier->getCStringNoCopy(),
14424	(loadable ? "loadable" : "NOT loadable"));
14425
14426	return kOSReturnSuccess;
14427	}
14428
14429	/*********************************************************************
14430	*********************************************************************/
14431	/ static /
14432	void
14433	OSKext::invokeRequestCallback(
14434	OSDictionary * callbackRecord,
14435	OSReturn callbackResult)
14436	{
14437	OSString * predicate = _OSKextGetRequestPredicate(requestDict: callbackRecord);
14438	OSSharedPtr<OSNumber> resultNum;
14439
14440	if (!predicate) {
14441	goto finish;
14442	}
14443
14444	resultNum = OSNumber::withNumber(value: (long long unsigned int)callbackResult,
14445	numberOfBits: `8` * sizeof(callbackResult));
14446	if (!resultNum) {
14447	goto finish;
14448	}
14449
14450	/ Insert the result into the callback record and dispatch it as if it*
14451	* were the reply coming down from user space.
14452	*/
14453	_OSKextSetRequestArgument(requestDict: callbackRecord, kKextRequestArgumentResultKey,
14454	value: resultNum.get());
14455
14456	if (predicate->isEqualTo(kKextRequestPredicateRequestResource)) {
14457	/ This removes the pending callback record.*
14458	*/
14459	OSKext::dispatchResource(requestDict: callbackRecord);
14460	}
14461
14462	finish:
14463	return;
14464	}
14465
14466	/*********************************************************************
14467	* Assumes sKextLock is held.
14468	*********************************************************************/
14469	/ static /
14470	OSReturn
14471	OSKext::cancelRequest(
14472	OSKextRequestTag requestTag,
14473	void ** contextOut)
14474	{
14475	OSReturn result = kOSKextReturnNoMemory;
14476	OSSharedPtr<OSDictionary> callbackRecord;
14477	OSValueObject<void > contextWrapper = nullptr; // do not release
14478
14479	IORecursiveLockLock(lock: sKextLock);
14480	result = OSKext::dequeueCallbackForRequestTag(requestTag,
14481	callbackRecordOut&: callbackRecord);
14482	IORecursiveLockUnlock(lock: sKextLock);
14483
14484	if (result == kOSReturnSuccess && contextOut) {
14485	contextWrapper = OSDynamicCast(OSValueObject<void *>,
14486	_OSKextGetRequestArgument(callbackRecord.get(),
14487	kKextRequestArgumentContextKey));
14488	*contextOut = _OSKextExtractPointer(wrapper: contextWrapper);
14489	}
14490
14491	return result;
14492	}
14493
14494	/*********************************************************************
14495	* Assumes sKextLock is held.
14496	*********************************************************************/
14497	void
14498	OSKext::invokeOrCancelRequestCallbacks(
14499	OSReturn callbackResult,
14500	bool invokeFlag)
14501	{
14502	unsigned int count, i;
14503
14504	count = sRequestCallbackRecords ->getCount();
14505	if (!count) {
14506	goto finish;
14507	}
14508
14509	i = count - `1`;
14510	do {
14511	OSDictionary * request = OSDynamicCast(OSDictionary,
14512	sRequestCallbackRecords ->getObject(i));
14513
14514	if (!request) {
14515	continue;
14516	}
14517	auto * callbackWrapper = OSDynamicCast(OSValueObject<OSKextRequestResourceCallback>,
14518	_OSKextGetRequestArgument(request,
14519	kKextRequestArgumentCallbackKey));
14520
14521	if (!callbackWrapper) {
14522	sRequestCallbackRecords ->removeObject(index: i);
14523	continue;
14524	}
14525
14526	vm_address_t callbackAddress = (vm_address_t)
14527	ptrauth_strip(_OSKextExtractPointer(callbackWrapper), ptrauth_key_function_pointer);
14528
14529	if ((kmod_info->address <= callbackAddress) &&
14530	(callbackAddress < (kmod_info->address + kmod_info->size))) {
14531	if (invokeFlag) {
14532	/ This removes the callback record.*
14533	*/
14534	invokeRequestCallback(callbackRecord: request, callbackResult);
14535	} else {
14536	sRequestCallbackRecords ->removeObject(index: i);
14537	}
14538	}
14539	} while (i--);
14540
14541	finish:
14542	return;
14543	}
14544
14545	/*********************************************************************
14546	* Assumes sKextLock is held.
14547	*********************************************************************/
14548	uint32_t
14549	OSKext::countRequestCallbacks(void)
14550	{
14551	uint32_t result = `0`;
14552	unsigned int count, i;
14553
14554	count = sRequestCallbackRecords ->getCount();
14555	if (!count) {
14556	goto finish;
14557	}
14558
14559	i = count - `1`;
14560	do {
14561	OSDictionary * request = OSDynamicCast(OSDictionary,
14562	sRequestCallbackRecords ->getObject(i));
14563
14564	if (!request) {
14565	continue;
14566	}
14567	auto * callbackWrapper = OSDynamicCast(OSValueObject<OSKextRequestResourceCallback>,
14568	_OSKextGetRequestArgument(request,
14569	kKextRequestArgumentCallbackKey));
14570
14571	if (!callbackWrapper) {
14572	continue;
14573	}
14574
14575	vm_address_t callbackAddress = (vm_address_t)
14576	ptrauth_strip(_OSKextExtractPointer(callbackWrapper), ptrauth_key_function_pointer);
14577
14578	if ((kmod_info->address <= callbackAddress) &&
14579	(callbackAddress < (kmod_info->address + kmod_info->size))) {
14580	result++;
14581	}
14582	} while (i--);
14583
14584	finish:
14585	return result;
14586	}
14587
14588	/*********************************************************************
14589	*********************************************************************/
14590	static OSReturn
14591	_OSKextCreateRequest(
14592	const char * predicate,
14593	OSSharedPtr<OSDictionary> & requestR)
14594	{
14595	OSReturn result = kOSKextReturnNoMemory;
14596	OSSharedPtr<OSDictionary> request;
14597
14598	request = OSDictionary::withCapacity(capacity: `2`);
14599	if (!request) {
14600	goto finish;
14601	}
14602	result = _OSDictionarySetCStringValue(dict: request.get(),
14603	kKextRequestPredicateKey, value: predicate);
14604	if (result != kOSReturnSuccess) {
14605	goto finish;
14606	}
14607	result = kOSReturnSuccess;
14608
14609	finish:
14610	if (result == kOSReturnSuccess) {
14611	requestR = os::move(t&: request);
14612	}
14613
14614	return result;
14615	}
14616
14617	/*********************************************************************
14618	*********************************************************************/
14619	static OSString *
14620	_OSKextGetRequestPredicate(OSDictionary * requestDict)
14621	{
14622	return OSDynamicCast(OSString,
14623	requestDict->getObject(kKextRequestPredicateKey));
14624	}
14625
14626	/*********************************************************************
14627	*********************************************************************/
14628	static OSObject *
14629	_OSKextGetRequestArgument(
14630	OSDictionary * requestDict,
14631	const char * argName)
14632	{
14633	OSDictionary * args = OSDynamicCast(OSDictionary,
14634	requestDict->getObject(kKextRequestArgumentsKey));
14635	if (args) {
14636	return args->getObject(aKey: argName);
14637	}
14638	return NULL;
14639	}
14640
14641	/*********************************************************************
14642	*********************************************************************/
14643	static bool
14644	_OSKextSetRequestArgument(
14645	OSDictionary * requestDict,
14646	const char * argName,
14647	OSMetaClassBase * value)
14648	{
14649	OSDictionary * args = OSDynamicCast(OSDictionary,
14650	requestDict->getObject(kKextRequestArgumentsKey));
14651	OSSharedPtr<OSDictionary> newArgs;
14652	if (!args) {
14653	newArgs = OSDictionary::withCapacity(capacity: `2`);
14654	args = newArgs.get();
14655	if (!args) {
14656	goto finish;
14657	}
14658	requestDict->setObject(kKextRequestArgumentsKey, anObject: args);
14659	}
14660	if (args) {
14661	return args->setObject(aKey: argName, anObject: value);
14662	}
14663	finish:
14664	return false;
14665	}
14666
14667	/*********************************************************************
14668	*********************************************************************/
14669	template <typename T>
14670	static T *
14671	_OSKextExtractPointer(OSValueObject<T > wrapper)
14672	{
14673	if (!wrapper) {
14674	return nullptr;
14675	}
14676	return wrapper->getRef();
14677	}
14678
14679	/*********************************************************************
14680	*********************************************************************/
14681	static OSKextRequestResourceCallback
14682	_OSKextExtractCallbackPointer(OSValueObject<OSKextRequestResourceCallback> * wrapper)
14683	{
14684	if (!wrapper) {
14685	return nullptr;
14686	}
14687	return wrapper->getRef();
14688	}
14689
14690
14691	/*********************************************************************
14692	*********************************************************************/
14693	static OSReturn
14694	_OSDictionarySetCStringValue(
14695	OSDictionary * dict,
14696	const char * cKey,
14697	const char * cValue)
14698	{
14699	OSReturn result = kOSKextReturnNoMemory;
14700	OSSharedPtr<const OSSymbol> key;
14701	OSSharedPtr<OSString> value;
14702
14703	key = OSSymbol::withCString(cString: cKey);
14704	value = OSString::withCString(cString: cValue);
14705	if (!key \|\| !value) {
14706	goto finish;
14707	}
14708	if (dict->setObject(aKey: key.get(), anObject: value.get())) {
14709	result = kOSReturnSuccess;
14710	}
14711
14712	finish:
14713	return result;
14714	}
14715
14716	/*********************************************************************
14717	*********************************************************************/
14718	static bool
14719	_OSArrayContainsCString(
14720	OSArray * array,
14721	const char * cString)
14722	{
14723	bool result = false;
14724	OSSharedPtr<const OSSymbol> symbol;
14725	uint32_t count, i;
14726
14727	if (!array \|\| !cString) {
14728	goto finish;
14729	}
14730
14731	symbol = OSSymbol::withCStringNoCopy(cString);
14732	if (!symbol) {
14733	goto finish;
14734	}
14735
14736	count = array->getCount();
14737	for (i = `0`; i < count; i++) {
14738	OSObject * thisObject = array->getObject(index: i);
14739	if (symbol ->isEqualTo(anObject: thisObject)) {
14740	result = true;
14741	goto finish;
14742	}
14743	}
14744
14745	finish:
14746	return result;
14747	}
14748
14749	#if CONFIG_KXLD
14750	/*********************************************************************
14751	* We really only care about boot / system start up related kexts.
14752	* We return true if we're less than REBUILD_MAX_TIME since start up,
14753	* otherwise return false.
14754	*********************************************************************/
14755	bool
14756	_OSKextInPrelinkRebuildWindow(void)
14757	{
14758	static bool outside_the_window = false;
14759	AbsoluteTime my_abstime;
14760	UInt64 my_ns;
14761	SInt32 my_secs;
14762
14763	if (outside_the_window) {
14764	return false;
14765	}
14766	clock_get_uptime(&my_abstime);
14767	absolutetime_to_nanoseconds(my_abstime, &my_ns);
14768	my_secs = (SInt32)(my_ns / NSEC_PER_SEC);
14769	if (my_secs > REBUILD_MAX_TIME) {
14770	outside_the_window = true;
14771	return false;
14772	}
14773	return true;
14774	}
14775	#endif /* CONFIG_KXLD */
14776
14777	/*********************************************************************
14778	*********************************************************************/
14779	bool
14780	_OSKextInUnloadedPrelinkedKexts( const OSSymbol * theBundleID )
14781	{
14782	int unLoadedCount, i;
14783	bool result = false;
14784
14785	IORecursiveLockLock(lock: sKextLock);
14786
14787	if (sUnloadedPrelinkedKexts == NULL) {
14788	goto finish;
14789	}
14790	unLoadedCount = sUnloadedPrelinkedKexts ->getCount();
14791	if (unLoadedCount == `0`) {
14792	goto finish;
14793	}
14794
14795	for (i = `0`; i < unLoadedCount; i++) {
14796	const OSSymbol * myBundleID; // do not release
14797
14798	myBundleID = OSDynamicCast(OSSymbol, sUnloadedPrelinkedKexts ->getObject(i));
14799	if (!myBundleID) {
14800	continue;
14801	}
14802	if (theBundleID->isEqualTo(cString: myBundleID->getCStringNoCopy())) {
14803	result = true;
14804	break;
14805	}
14806	}
14807	finish:
14808	IORecursiveLockUnlock(lock: sKextLock);
14809	return result;
14810	}
14811
14812	#if PRAGMA_MARK
14813	#pragma mark Personalities (IOKit Drivers)
14814	#endif
14815	/*********************************************************************
14816	*********************************************************************/
14817	/ static /
14818	OSSharedPtr<OSArray>
14819	OSKext::copyAllKextPersonalities(bool filterSafeBootFlag)
14820	{
14821	OSSharedPtr<OSArray> result;
14822	OSSharedPtr<OSCollectionIterator> kextIterator;
14823	OSSharedPtr<OSArray> personalities;
14824
14825	OSString * kextID = NULL; // do not release
14826	OSKext * theKext = NULL; // do not release
14827
14828	IORecursiveLockLock(lock: sKextLock);
14829
14830	/ Let's conservatively guess that any given kext has around 3*
14831	* personalities for now.
14832	*/
14833	result = OSArray::withCapacity(capacity: sKextsByID ->getCount() * `3`);
14834	if (!result) {
14835	goto finish;
14836	}
14837
14838	kextIterator = OSCollectionIterator::withCollection(inColl: sKextsByID.get());
14839	if (!kextIterator) {
14840	goto finish;
14841	}
14842
14843	while ((kextID = OSDynamicCast(OSString, kextIterator ->getNextObject()))) {
14844	theKext = OSDynamicCast(OSKext, sKextsByID ->getObject(kextID));
14845	if (theKext->flags.requireExplicitLoad) {
14846	OSKextLog(aKext: theKext,
14847	kOSKextLogDebugLevel \|
14848	kOSKextLogLoadFlag,
14849	format: "Kext %s requires an explicit kextload; "
14850	"omitting its personalities.",
14851	theKext->getIdentifierCString());
14852	} else if (!sSafeBoot \|\| !filterSafeBootFlag \|\| theKext->isLoadableInSafeBoot()) {
14853	personalities = theKext->copyPersonalitiesArray();
14854	if (!personalities) {
14855	continue;
14856	}
14857	result ->merge(otherArray: personalities.get());
14858	} else {
14859	// xxx - check for better place to put this log msg
14860	OSKextLog(aKext: theKext,
14861	kOSKextLogWarningLevel \|
14862	kOSKextLogLoadFlag,
14863	format: "Kext %s is not loadable during safe boot; "
14864	"omitting its personalities.",
14865	theKext->getIdentifierCString());
14866	}
14867	}
14868
14869	finish:
14870	IORecursiveLockUnlock(lock: sKextLock);
14871
14872	return result;
14873	}
14874
14875	/*********************************************************************
14876	*********************************************************************/
14877	/ static /
14878	void
14879	OSKext::sendAllKextPersonalitiesToCatalog(bool startMatching)
14880	{
14881	int numPersonalities = `0`;
14882
14883	OSKextLog(/ kext / NULL,
14884	kOSKextLogStepLevel \|
14885	kOSKextLogLoadFlag,
14886	format: "Sending all eligible registered kexts' personalities "
14887	"to the IOCatalogue %s.",
14888	startMatching ? "and starting matching" : "but not starting matching");
14889
14890	OSSharedPtr<OSArray> personalities = OSKext::copyAllKextPersonalities(
14891	/ filterSafeBootFlag / true);
14892
14893	if (personalities) {
14894	gIOCatalogue ->addDrivers(array: personalities.get(), doNubMatching: startMatching);
14895	numPersonalities = personalities ->getCount();
14896	}
14897
14898	OSKextLog(/ kext / NULL,
14899	kOSKextLogStepLevel \|
14900	kOSKextLogLoadFlag,
14901	format: "%d kext personalit%s sent to the IOCatalogue; %s.",
14902	numPersonalities, numPersonalities > `0` ? "ies" : "y",
14903	startMatching ? "matching started" : "matching not started");
14904	return;
14905	}
14906
14907	/*********************************************************************
14908	* Do not make a deep copy, just convert the IOKitPersonalities dict
14909	* to an array for sending to the IOCatalogue.
14910	*********************************************************************/
14911	OSSharedPtr<OSArray>
14912	OSKext::copyPersonalitiesArray(void)
14913	{
14914	OSSharedPtr<OSArray> result;
14915	OSDictionary * personalities = NULL; // do not release
14916	OSSharedPtr<OSCollectionIterator> personalitiesIterator;
14917
14918	OSString * personalityName = NULL; // do not release
14919	OSString * personalityBundleIdentifier = NULL; // do not release
14920
14921	personalities = OSDynamicCast(OSDictionary,
14922	getPropertyForHostArch(kIOKitPersonalitiesKey));
14923	if (!personalities) {
14924	goto finish;
14925	}
14926
14927	result = OSArray::withCapacity(capacity: personalities->getCount());
14928	if (!result) {
14929	goto finish;
14930	}
14931
14932	personalitiesIterator =
14933	OSCollectionIterator::withCollection(inColl: personalities);
14934	if (!personalitiesIterator) {
14935	goto finish;
14936	}
14937	while ((personalityName = OSDynamicCast(OSString,
14938	personalitiesIterator ->getNextObject()))) {
14939	OSDictionary * personality = OSDynamicCast(OSDictionary,
14940	personalities->getObject(personalityName));
14941
14942	if (personality) {
14943	/******
14944	* If the personality doesn't have a CFBundleIdentifier, or if it
14945	* differs from the kext's, insert the kext's ID so we can find it.
14946	* The publisher ID is used to remove personalities from bundles
14947	* correctly.
14948	*/
14949	personalityBundleIdentifier = OSDynamicCast(OSString,
14950	personality->getObject(kCFBundleIdentifierKey));
14951
14952	if (!personalityBundleIdentifier) {
14953	personality->setObject(kCFBundleIdentifierKey, anObject: bundleID.get());
14954	} else if (!personalityBundleIdentifier->isEqualTo(aString: bundleID.get())) {
14955	personality->setObject(kIOPersonalityPublisherKey, anObject: bundleID.get());
14956	}
14957	}
14958
14959	result ->setObject(personality);
14960	}
14961
14962	finish:
14963	return result;
14964	}
14965
14966	/*********************************************************************
14967	* Might want to change this to a bool return?
14968	*********************************************************************/
14969	OSReturn
14970	OSKext::sendPersonalitiesToCatalog(
14971	bool startMatching,
14972	OSArray * personalityNames)
14973	{
14974	OSReturn result = kOSReturnSuccess;
14975	OSSharedPtr<OSArray> personalitiesToSend;
14976	OSDictionary * kextPersonalities = NULL; // do not release
14977	int count, i;
14978
14979	if (!sLoadEnabled) {
14980	OSKextLog(aKext: this,
14981	kOSKextLogErrorLevel \|
14982	kOSKextLogLoadFlag,
14983	format: "Kext loading is disabled (attempt to start matching for kext %s).",
14984	getIdentifierCString());
14985	result = kOSKextReturnDisabled;
14986	goto finish;
14987	}
14988
14989	if (sSafeBoot && !isLoadableInSafeBoot()) {
14990	OSKextLog(aKext: this,
14991	kOSKextLogErrorLevel \|
14992	kOSKextLogLoadFlag,
14993	format: "Kext %s is not loadable during safe boot; "
14994	"not sending personalities to the IOCatalogue.",
14995	getIdentifierCString());
14996	result = kOSKextReturnNotLoadable;
14997	goto finish;
14998	}
14999
15000	if (!personalityNames \|\| !personalityNames->getCount()) {
15001	personalitiesToSend = copyPersonalitiesArray();
15002	} else {
15003	kextPersonalities = OSDynamicCast(OSDictionary,
15004	getPropertyForHostArch(kIOKitPersonalitiesKey));
15005	if (!kextPersonalities \|\| !kextPersonalities->getCount()) {
15006	// not an error
15007	goto finish;
15008	}
15009	personalitiesToSend = OSArray::withCapacity(capacity: `0`);
15010	if (!personalitiesToSend) {
15011	result = kOSKextReturnNoMemory;
15012	goto finish;
15013	}
15014	count = personalityNames->getCount();
15015	for (i = `0`; i < count; i++) {
15016	OSString * name = OSDynamicCast(OSString,
15017	personalityNames->getObject(i));
15018	if (!name) {
15019	continue;
15020	}
15021	OSDictionary * personality = OSDynamicCast(OSDictionary,
15022	kextPersonalities->getObject(name));
15023	if (personality) {
15024	personalitiesToSend ->setObject(personality);
15025	}
15026	}
15027	}
15028	if (personalitiesToSend) {
15029	unsigned numPersonalities = personalitiesToSend ->getCount();
15030	OSKextLog(aKext: this,
15031	kOSKextLogStepLevel \|
15032	kOSKextLogLoadFlag,
15033	format: "Kext %s sending %d personalit%s to the IOCatalogue%s.",
15034	getIdentifierCString(),
15035	numPersonalities,
15036	numPersonalities > `1` ? "ies" : "y",
15037	startMatching ? " and starting matching" : " but not starting matching");
15038	gIOCatalogue ->addDrivers(array: personalitiesToSend.get(), doNubMatching: startMatching);
15039	}
15040	finish:
15041	return result;
15042	}
15043
15044	/*********************************************************************
15045	* xxx - We should allow removing the kext's declared personalities,
15046	* xxx - even with other bundle identifiers.
15047	*********************************************************************/
15048	void
15049	OSKext::removePersonalitiesFromCatalog(void)
15050	{
15051	OSSharedPtr<OSDictionary> personality;
15052
15053	personality = OSDictionary::withCapacity(capacity: `1`);
15054	if (!personality) {
15055	goto finish;
15056	}
15057	personality ->setObject(kCFBundleIdentifierKey, anObject: getIdentifier());
15058
15059	OSKextLog(aKext: this,
15060	kOSKextLogStepLevel \|
15061	kOSKextLogLoadFlag,
15062	format: "Kext %s removing all personalities naming it from the IOCatalogue.",
15063	getIdentifierCString());
15064
15065	/ Have the IOCatalog remove all personalities matching this kext's*
15066	* bundle ID and trigger matching anew.
15067	*/
15068	gIOCatalogue ->removeDrivers(matching: personality.get(), / startMatching / doNubMatching: true);
15069
15070	finish:
15071	return;
15072	}
15073
15074	void
15075	OSKext::updatePersonalitiesInCatalog(OSArray *upgradedPersonalities)
15076	{
15077	if (!upgradedPersonalities \|\| upgradedPersonalities->getCount() == `0`) {
15078	return;
15079	}
15080
15081	OSSharedPtr<OSDictionary> personalityToRemove = OSDictionary::withCapacity(capacity: `1`);
15082	if (!personalityToRemove) {
15083	return;
15084	}
15085
15086	/*
15087	* Create a personality dictionary with just the bundleID.
15088	* We will remove any personality that has a matching bundleID,
15089	* irrespective of which other keys are present on the dictionary.
15090	*/
15091	personalityToRemove ->setObject(kCFBundleIdentifierKey, anObject: getIdentifier());
15092	gIOCatalogue ->exchangeDrivers(matchingForRemove: personalityToRemove.get(), personalitiesToAdd: upgradedPersonalities, doNubMatching: true);
15093	}
15094
15095	#if PRAGMA_MARK
15096	#pragma mark Logging
15097	#endif
15098	/*********************************************************************
15099	* Do not call any function that takes sKextLock here!
15100	*********************************************************************/
15101	/ static /
15102	OSKextLogSpec
15103	OSKext::setUserSpaceLogFilter(
15104	OSKextLogSpec newUserLogFilter,
15105	bool captureFlag)
15106	{
15107	OSKextLogSpec result;
15108	bool allocError = false;
15109
15110	/ Do not call any function that takes sKextLoggingLock during*
15111	* this critical block. That means do logging after.
15112	*/
15113	IOLockLock(sKextLoggingLock);
15114
15115	result = sUserSpaceKextLogFilter;
15116	sUserSpaceKextLogFilter = newUserLogFilter;
15117
15118	if (newUserLogFilter && captureFlag &&
15119	!sUserSpaceLogSpecArray && !sUserSpaceLogMessageArray) {
15120	// xxx - do some measurements for a good initial capacity?
15121	sUserSpaceLogSpecArray = OSArray::withCapacity(capacity: `0`);
15122	sUserSpaceLogMessageArray = OSArray::withCapacity(capacity: `0`);
15123
15124	if (!sUserSpaceLogSpecArray \|\| !sUserSpaceLogMessageArray) {
15125	allocError = true;
15126	}
15127	}
15128
15129	IOLockUnlock(sKextLoggingLock);
15130
15131	/ If the config flag itself is changing, log the state change*
15132	* going both ways, before setting up the user-space log arrays,
15133	* so that this is only logged in the kernel.
15134	*/
15135	if (result != newUserLogFilter) {
15136	OSKextLog(/ kext / NULL,
15137	kOSKextLogDebugLevel \|
15138	kOSKextLogGeneralFlag,
15139	format: "User-space log flags changed from 0x%x to 0x%x.",
15140	result, newUserLogFilter);
15141	}
15142	if (allocError) {
15143	OSKextLog(/ kext / NULL,
15144	kOSKextLogErrorLevel \|
15145	kOSKextLogGeneralFlag,
15146	format: "Failed to allocate user-space log message arrays.");
15147	}
15148
15149	return result;
15150	}
15151
15152	/*********************************************************************
15153	* Do not call any function that takes sKextLock here!
15154	*********************************************************************/
15155	/ static /
15156	OSSharedPtr<OSArray>
15157	OSKext::clearUserSpaceLogFilter(void)
15158	{
15159	OSSharedPtr<OSArray> result;
15160	OSKextLogSpec oldLogFilter;
15161	OSKextLogSpec newLogFilter = kOSKextLogSilentFilter;
15162
15163	/ Do not call any function that takes sKextLoggingLock during*
15164	* this critical block. That means do logging after.
15165	*/
15166	IOLockLock(sKextLoggingLock);
15167
15168	result = OSArray::withCapacity(capacity: `2`);
15169	if (result) {
15170	result ->setObject(sUserSpaceLogSpecArray.get());
15171	result ->setObject(sUserSpaceLogMessageArray.get());
15172	}
15173	sUserSpaceLogSpecArray.reset();
15174	sUserSpaceLogMessageArray.reset();
15175
15176	oldLogFilter = sUserSpaceKextLogFilter;
15177	sUserSpaceKextLogFilter = newLogFilter;
15178
15179	IOLockUnlock(sKextLoggingLock);
15180
15181	/ If the config flag itself is changing, log the state change*
15182	* going both ways, after tearing down the user-space log
15183	* arrays, so this is only logged within the kernel.
15184	*/
15185	if (oldLogFilter != newLogFilter) {
15186	OSKextLog(/ kext / NULL,
15187	kOSKextLogDebugLevel \|
15188	kOSKextLogGeneralFlag,
15189	format: "User-space log flags changed from 0x%x to 0x%x.",
15190	oldLogFilter, newLogFilter);
15191	}
15192
15193	return result;
15194	}
15195
15196
15197	/*********************************************************************
15198	* Do not call any function that takes sKextLock here!
15199	*********************************************************************/
15200	/ static /
15201	OSKextLogSpec
15202	OSKext::getUserSpaceLogFilter(void)
15203	{
15204	OSKextLogSpec result;
15205
15206	IOLockLock(sKextLoggingLock);
15207	result = sUserSpaceKextLogFilter;
15208	IOLockUnlock(sKextLoggingLock);
15209
15210	return result;
15211	}
15212
15213	/*********************************************************************
15214	* This function is called by OSMetaClass during kernel C++ setup.
15215	* Be careful what you access here; assume only OSKext::initialize()
15216	* has been called.
15217	*
15218	* Do not call any function that takes sKextLock here!
15219	*********************************************************************/
15220	#define VTRESET "\033[0m"
15221
15222	#define VTBOLD "\033[1m"
15223	#define VTUNDER "\033[4m"
15224
15225	#define VTRED "\033[31m"
15226	#define VTGREEN "\033[32m"
15227	#define VTYELLOW "\033[33m"
15228	#define VTBLUE "\033[34m"
15229	#define VTMAGENTA "\033[35m"
15230	#define VTCYAN "\033[36m"
15231
15232	inline const char *
15233	colorForFlags(OSKextLogSpec flags)
15234	{
15235	OSKextLogSpec logLevel = flags & kOSKextLogLevelMask;
15236
15237	switch (logLevel) {
15238	case kOSKextLogErrorLevel:
15239	return VTRED VTBOLD;
15240	case kOSKextLogWarningLevel:
15241	return VTRED;
15242	case kOSKextLogBasicLevel:
15243	return VTYELLOW VTUNDER;
15244	case kOSKextLogProgressLevel:
15245	return VTYELLOW;
15246	case kOSKextLogStepLevel:
15247	return VTGREEN;
15248	case kOSKextLogDetailLevel:
15249	return VTCYAN;
15250	case kOSKextLogDebugLevel:
15251	return VTMAGENTA;
15252	default:
15253	return ""; // white
15254	}
15255	}
15256
15257	inline bool
15258	logSpecMatch(
15259	OSKextLogSpec msgLogSpec,
15260	OSKextLogSpec logFilter)
15261	{
15262	OSKextLogSpec filterKextGlobal = logFilter & kOSKextLogKextOrGlobalMask;
15263	OSKextLogSpec filterLevel = logFilter & kOSKextLogLevelMask;
15264	OSKextLogSpec filterFlags = logFilter & kOSKextLogFlagsMask;
15265
15266	OSKextLogSpec msgKextGlobal = msgLogSpec & kOSKextLogKextOrGlobalMask;
15267	OSKextLogSpec msgLevel = msgLogSpec & kOSKextLogLevelMask;
15268	OSKextLogSpec msgFlags = msgLogSpec & kOSKextLogFlagsMask;
15269
15270	/ Explicit messages always get logged.*
15271	*/
15272	if (msgLevel == kOSKextLogExplicitLevel) {
15273	return true;
15274	}
15275
15276	/ Warnings and errors are logged regardless of the flags.*
15277	*/
15278	if (msgLevel <= kOSKextLogBasicLevel && (msgLevel <= filterLevel)) {
15279	return true;
15280	}
15281
15282	/ A verbose message that isn't for a logging-enabled kext and isn't global*
15283	* does not get logged.
15284	*/
15285	if (!msgKextGlobal && !filterKextGlobal) {
15286	return false;
15287	}
15288
15289	/ Warnings and errors are logged regardless of the flags.*
15290	* All other messages must fit the flags and
15291	* have a level at or below the filter.
15292	*
15293	*/
15294	if ((msgFlags & filterFlags) && (msgLevel <= filterLevel)) {
15295	return true;
15296	}
15297	return false;
15298	}
15299
15300	extern "C" {
15301	void
15302	OSKextLog(
15303	OSKext * aKext,
15304	OSKextLogSpec msgLogSpec,
15305	const char * format, ...)
15306	{
15307	va_list argList;
15308
15309	va_start(argList, format);
15310	OSKextVLog(aKext, msgLogSpec, format, srcArgList: argList);
15311	va_end(argList);
15312	}
15313
15314	void
15315	OSKextVLog(
15316	OSKext * aKext,
15317	OSKextLogSpec msgLogSpec,
15318	const char * format,
15319	va_list srcArgList)
15320	{
15321	bool logForKernel = false;
15322	bool logForUser = false;
15323	va_list argList;
15324	char stackBuffer[`120`];
15325	uint32_t length = `0`;
15326	char * allocBuffer = NULL; // must kfree
15327	OSSharedPtr<OSNumber> logSpecNum;
15328	OSSharedPtr<OSString> logString;
15329	char * buffer = stackBuffer; // do not free
15330
15331	IOLockLock(sKextLoggingLock);
15332
15333	/ Set the kext/global bit in the message spec if we have no*
15334	* kext or if the kext requests logging.
15335	*/
15336	if (!aKext \|\| aKext->flags.loggingEnabled) {
15337	msgLogSpec = msgLogSpec \| kOSKextLogKextOrGlobalMask;
15338	}
15339
15340	logForKernel = logSpecMatch(msgLogSpec, logFilter: sKernelLogFilter);
15341	if (sUserSpaceLogSpecArray && sUserSpaceLogMessageArray) {
15342	logForUser = logSpecMatch(msgLogSpec, logFilter: sUserSpaceKextLogFilter);
15343	}
15344
15345	if (!(logForKernel \|\| logForUser)) {
15346	goto finish;
15347	}
15348
15349	/ No goto from here until past va_end()!*
15350	*/
15351	va_copy(argList, srcArgList);
15352	length = vsnprintf(stackBuffer, sizeof(stackBuffer), format, argList);
15353	va_end(argList);
15354
15355	if (length + `1` >= sizeof(stackBuffer)) {
15356	allocBuffer = (char *)kalloc_data_tag(length + `1`,
15357	Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
15358	if (!allocBuffer) {
15359	goto finish;
15360	}
15361
15362	/ No goto from here until past va_end()!*
15363	*/
15364	va_copy(argList, srcArgList);
15365	vsnprintf(allocBuffer, length + `1`, format, argList);
15366	va_end(argList);
15367
15368	buffer = allocBuffer;
15369	}
15370
15371	/ If user space wants the log message, queue it up.*
15372	*/
15373	if (logForUser && sUserSpaceLogSpecArray && sUserSpaceLogMessageArray) {
15374	logSpecNum = OSNumber::withNumber(value: msgLogSpec, numberOfBits: `8` * sizeof(msgLogSpec));
15375	logString = OSString::withCString(cString: buffer);
15376	if (logSpecNum && logString) {
15377	sUserSpaceLogSpecArray ->setObject(logSpecNum.get());
15378	sUserSpaceLogMessageArray ->setObject(logString.get());
15379	}
15380	}
15381
15382	/ Always log messages from the kernel according to the kernel's*
15383	* log flags.
15384	*/
15385	if (logForKernel) {
15386	/ If we are in console mode and have a custom log filter,*
15387	* colorize the log message.
15388	*/
15389	if (sBootArgLogFilterFound) {
15390	const char * color = ""; // do not free
15391	color = colorForFlags(flags: msgLogSpec);
15392	printf("%s%s%s\n", colorForFlags(flags: msgLogSpec),
15393	buffer, color[`0`] ? VTRESET : "");
15394	} else {
15395	printf("%s\n", buffer);
15396	}
15397	}
15398
15399	finish:
15400	IOLockUnlock(sKextLoggingLock);
15401
15402	if (allocBuffer) {
15403	kfree_data(allocBuffer, length + `1`);
15404	}
15405	return;
15406	}
15407
15408	#if KASLR_IOREG_DEBUG
15409
15410	#define IOLOG_INDENT( the_indention ) \
15411	{ \
15412	int i; \
15413	for ( i = 0; i < (the_indention); i++ ) { \
15414	IOLog(" "); \
15415	} \
15416	}
15417
15418	extern vm_offset_t vm_kernel_stext;
15419	extern vm_offset_t vm_kernel_etext;
15420	extern mach_vm_offset_t kext_alloc_base;
15421	extern mach_vm_offset_t kext_alloc_max;
15422
15423	bool ScanForAddrInObject(OSObject * theObject,
15424	int indent );
15425
15426	bool
15427	ScanForAddrInObject(OSObject * theObject,
15428	int indent)
15429	{
15430	const OSMetaClass * myTypeID;
15431	OSSharedPtr<OSCollectionIterator> myIter;
15432	OSSymbol * myKey;
15433	OSObject * myValue;
15434	bool myResult = false;
15435
15436	if (theObject == NULL) {
15437	IOLog("%s: theObject is NULL \n",
15438	__FUNCTION__);
15439	return myResult;
15440	}
15441
15442	myTypeID = OSTypeIDInst(theObject);
15443
15444	if (myTypeID == OSTypeID(OSDictionary)) {
15445	OSDictionary * myDictionary;
15446
15447	myDictionary = OSDynamicCast(OSDictionary, theObject);
15448	myIter = OSCollectionIterator::withCollection( myDictionary );
15449	if (myIter == NULL) {
15450	return myResult;
15451	}
15452
15453	// !! reset the iterator
15454	myIter->reset();
15455
15456	while ((myKey = OSDynamicCast(OSSymbol, myIter->getNextObject()))) {
15457	bool myTempResult;
15458
15459	myValue = myDictionary->getObject(myKey);
15460	myTempResult = ScanForAddrInObject(myValue, (indent + `4`));
15461	if (myTempResult) {
15462	// if we ever get a true result return true
15463	myResult = true;
15464	IOLOG_INDENT(indent);
15465	IOLog("OSDictionary key \"%s\" \n", myKey->getCStringNoCopy());
15466	}
15467	}
15468
15469	// !! release the iterator
15470	myIter.reset();
15471	} else if (myTypeID == OSTypeID(OSArray)) {
15472	OSArray * myArray;
15473
15474	myArray = OSDynamicCast(OSArray, theObject);
15475	myIter = OSCollectionIterator::withCollection(myArray);
15476	if (myIter == NULL) {
15477	return myResult;
15478	}
15479	// !! reset the iterator
15480	myIter->reset();
15481
15482	while ((myValue = myIter->getNextObject())) {
15483	bool myTempResult;
15484	myTempResult = ScanForAddrInObject(myValue, (indent + `4`));
15485	if (myTempResult) {
15486	// if we ever get a true result return true
15487	myResult = true;
15488	IOLOG_INDENT(indent);
15489	IOLog("OSArray: \n");
15490	}
15491	}
15492	// !! release the iterator
15493	myIter.reset();
15494	} else if (myTypeID == OSTypeID(OSString) \|\| myTypeID == OSTypeID(OSSymbol)) {
15495	// should we look for addresses in strings?
15496	} else if (myTypeID == OSTypeID(OSData)) {
15497	void * * myPtrPtr;
15498	unsigned int myLen;
15499	OSData * myDataObj;
15500
15501	myDataObj = OSDynamicCast(OSData, theObject);
15502	myPtrPtr = (void * *) myDataObj->getBytesNoCopy();
15503	myLen = myDataObj->getLength();
15504
15505	if (myPtrPtr && myLen && myLen > `7`) {
15506	int i;
15507	int myPtrCount = (myLen / sizeof(void *));
15508
15509	for (i = `0`; i < myPtrCount; i++) {
15510	UInt64 numberValue = (UInt64) * (myPtrPtr);
15511
15512	if (kext_alloc_max != `0` &&
15513	numberValue >= kext_alloc_base &&
15514	numberValue < kext_alloc_max) {
15515	OSSharedPtr<OSKext> myKext;
15516	// IOLog("found OSData %p in kext map %p to %p \n",
15517	// (myPtrPtr),*
15518	// (void ) kext_alloc_base,*
15519	// (void ) kext_alloc_max);*
15520
15521	myKext = OSKext::lookupKextWithAddress((vm_address_t) *(myPtrPtr));
15522	if (myKext) {
15523	IOLog("found addr %p from an OSData obj within kext \"%s\" \n",
15524	*(myPtrPtr),
15525	myKext->getIdentifierCString());
15526	}
15527	myResult = true;
15528	}
15529	if (vm_kernel_etext != `0` &&
15530	numberValue >= vm_kernel_stext &&
15531	numberValue < vm_kernel_etext) {
15532	IOLog("found addr %p from an OSData obj within kernel text segment %p to %p \n",
15533	*(myPtrPtr),
15534	(void *) vm_kernel_stext,
15535	(void *) vm_kernel_etext);
15536	myResult = true;
15537	}
15538	myPtrPtr++;
15539	}
15540	}
15541	} else if (myTypeID == OSTypeID(OSBoolean)) {
15542	// do nothing here...
15543	} else if (myTypeID == OSTypeID(OSNumber)) {
15544	OSNumber * number = OSDynamicCast(OSNumber, theObject);
15545
15546	UInt64 numberValue = number->unsigned64BitValue();
15547
15548	if (kext_alloc_max != `0` &&
15549	numberValue >= kext_alloc_base &&
15550	numberValue < kext_alloc_max) {
15551	OSSharedPtr<OSKext> myKext;
15552	IOLog("found OSNumber in kext map %p to %p \n",
15553	(void *) kext_alloc_base,
15554	(void *) kext_alloc_max);
15555	IOLog("OSNumber 0x%08llx (%llu) \n", numberValue, numberValue);
15556
15557	myKext = OSKext::lookupKextWithAddress((vm_address_t) numberValue );
15558	if (myKext) {
15559	IOLog("found in kext \"%s\" \n",
15560	myKext->getIdentifierCString());
15561	}
15562
15563	myResult = true;
15564	}
15565	if (vm_kernel_etext != `0` &&
15566	numberValue >= vm_kernel_stext &&
15567	numberValue < vm_kernel_etext) {
15568	IOLog("found OSNumber in kernel text segment %p to %p \n",
15569	(void *) vm_kernel_stext,
15570	(void *) vm_kernel_etext);
15571	IOLog("OSNumber 0x%08llx (%llu) \n", numberValue, numberValue);
15572	myResult = true;
15573	}
15574	}
15575	#if 0
15576	else {
15577	const OSMetaClass* myMetaClass = NULL;
15578
15579	myMetaClass = theObject->getMetaClass();
15580	if (myMetaClass) {
15581	IOLog("class %s \n", myMetaClass->getClassName());
15582	} else {
15583	IOLog("Unknown object \n" );
15584	}
15585	}
15586	#endif
15587
15588	return myResult;
15589	}
15590	#endif // KASLR_KEXT_DEBUG
15591	}; / extern "C" /
15592
15593	#if PRAGMA_MARK
15594	#pragma mark Backtrace Dump & kmod_get_info() support
15595	#endif
15596	/*********************************************************************
15597	* This function must be safe to call in panic context.
15598	*********************************************************************/
15599	/ static /
15600	void
15601	OSKext::printKextsInBacktrace(
15602	vm_offset_t * addr __unused,
15603	unsigned int cnt __unused,
15604	int (* printf_func)(const char *fmt, ...) __unused,
15605	uint32_t flags __unused)
15606	{
15607	addr64_t summary_page = `0`;
15608	addr64_t last_summary_page = `0`;
15609
15610	if (kPrintKextsLock & flags) {
15611	if (!sKextSummariesLock) {
15612	return;
15613	}
15614	IOLockLock(sKextSummariesLock);
15615	}
15616
15617	if (!gLoadedKextSummaries) {
15618	(*printf_func)(" can't perform kext scan: no kext summary");
15619	goto finish;
15620	}
15621
15622	summary_page = trunc_page((addr64_t)(uintptr_t)gLoadedKextSummaries);
15623	last_summary_page = round_page(x: summary_page + sLoadedKextSummariesAllocSize);
15624	for (; summary_page < last_summary_page; summary_page += PAGE_SIZE) {
15625	if (pmap_find_phys(pmap: kernel_pmap, va: summary_page) == `0`) {
15626	(*printf_func)(" can't perform kext scan: "
15627	"missing kext summary page %p", summary_page);
15628	goto finish;
15629	}
15630	}
15631
15632	foreachKextInBacktrace(addr, cnt, flags: `0`, handler: ^(OSKextLoadedKextSummary *summary, uint32_t index) {
15633	if (index == `0` && !(kPrintKextsTerse & flags)) {
15634	(*printf_func)(" Kernel Extensions in backtrace:\n");
15635	}
15636
15637	printSummary(summary, printf_func, flags);
15638	});
15639
15640	finish:
15641	if (kPrintKextsLock & flags) {
15642	IOLockUnlock(sKextSummariesLock);
15643	}
15644
15645	return;
15646	}
15647
15648	void
15649	OSKext::foreachKextInBacktrace(
15650	vm_offset_t * addr,
15651	uint32_t cnt,
15652	uint32_t flags,
15653	void (^ handler)(OSKextLoadedKextSummary *summary, uint32_t index))
15654	{
15655	uint32_t n = `0`;
15656
15657	if (kPrintKextsLock & flags) {
15658	if (!sKextSummariesLock) {
15659	return;
15660	}
15661	IOLockLock(sKextSummariesLock);
15662	}
15663
15664	for (uint32_t i = `0`; i < gLoadedKextSummaries->numSummaries; ++i) {
15665	OSKextLoadedKextSummary * summary;
15666
15667	summary = gLoadedKextSummaries->summaries + i;
15668	if (!summary->address) {
15669	continue;
15670	}
15671
15672	if (!summaryIsInBacktrace(summary, addr, cnt)) {
15673	continue;
15674	}
15675
15676	handler(summary, n++);
15677	}
15678
15679	if (kPrintKextsLock & flags) {
15680	IOLockUnlock(sKextSummariesLock);
15681	}
15682	}
15683
15684	/*********************************************************************
15685	* This function must be safe to call in panic context.
15686	*********************************************************************/
15687	/ static /
15688	boolean_t
15689	OSKext::summaryIsInBacktrace(
15690	OSKextLoadedKextSummary * summary,
15691	vm_offset_t * addr,
15692	unsigned int cnt)
15693	{
15694	u_int i = `0`;
15695
15696	for (i = `0`; i < cnt; i++) {
15697	vm_offset_t kscan_addr = addr[i];
15698	#if __has_feature(ptrauth_calls)
15699	kscan_addr = (vm_offset_t)VM_KERNEL_STRIP_PTR(kscan_addr);
15700	#endif /* __has_feature(ptrauth_calls) */
15701	if ((kscan_addr >= summary->text_exec_address) &&
15702	(kscan_addr < (summary->text_exec_address + summary->text_exec_size))) {
15703	return TRUE;
15704	}
15705	}
15706
15707	return FALSE;
15708	}
15709
15710	/*
15711	* Get the kext summary object for the kext where 'addr' lies. Must be called with
15712	* sKextSummariesLock held.
15713	*/
15714	OSKextLoadedKextSummary *
15715	OSKext::summaryForAddress(uintptr_t addr)
15716	{
15717	#if __has_feature(ptrauth_calls)
15718	addr = (uintptr_t)VM_KERNEL_STRIP_PTR(addr);
15719	#endif /* __has_feature(ptrauth_calls) */
15720	for (unsigned i = `0`; i < gLoadedKextSummaries->numSummaries; ++i) {
15721	OSKextLoadedKextSummary *summary = &gLoadedKextSummaries->summaries[i];
15722	if (!summary->address) {
15723	continue;
15724	}
15725
15726	#if VM_MAPPED_KEXTS
15727	/ On our platforms that use VM_MAPPED_KEXTS, we currently do not*
15728	* support split kexts, but we also may unmap the kexts, which can
15729	* race with the above codepath (see OSKext::unload). As such,
15730	* use a simple range lookup if we are using VM_MAPPED_KEXTS.
15731	*/
15732	if ((addr >= summary->address) && (addr < (summary->address + summary->size))) {
15733	return summary;
15734	}
15735	#else
15736	kernel_mach_header_t mh = (kernel_mach_header_t )summary->address;
15737	kernel_segment_command_t *seg;
15738
15739	for (seg = firstsegfromheader(header: mh); seg != NULL; seg = nextsegfromheader(header: mh, seg)) {
15740	if ((addr >= seg->vmaddr) && (addr < (seg->vmaddr + seg->vmsize))) {
15741	return summary;
15742	}
15743	}
15744	#endif
15745	}
15746
15747	/ addr did not map to any kext /
15748	return NULL;
15749	}
15750
15751	/ static /
15752	void *
15753	OSKext::kextForAddress(const void *address)
15754	{
15755	OSKextActiveAccount * active;
15756	OSKext * kext = NULL;
15757	uint32_t baseIdx;
15758	uint32_t lim;
15759	uintptr_t addr = (uintptr_t) address;
15760	size_t i;
15761
15762	if (!addr) {
15763	return NULL;
15764	}
15765	#if __has_feature(ptrauth_calls)
15766	addr = (uintptr_t)VM_KERNEL_STRIP_PTR(addr);
15767	#endif /* __has_feature(ptrauth_calls) */
15768
15769	if (sKextAccountsCount) {
15770	lck_ticket_lock(tlock: sKextAccountsLock, grp: sKextAccountsLockGrp);
15771	// bsearch sKextAccounts list
15772	for (baseIdx = `0`, lim = sKextAccountsCount; lim; lim >>= `1`) {
15773	active = &sKextAccounts[baseIdx + (lim >> `1`)];
15774	if ((addr >= active->address) && (addr < active->address_end)) {
15775	kext = active->account->kext;
15776	if (kext && kext->kmod_info) {
15777	lck_ticket_unlock(tlock: sKextAccountsLock);
15778	return (void *)kext->kmod_info->address;
15779	}
15780	break;
15781	} else if (addr > active->address) {
15782	// move right
15783	baseIdx += (lim >> `1`) + `1`;
15784	lim--;
15785	}
15786	// else move left
15787	}
15788	lck_ticket_unlock(tlock: sKextAccountsLock);
15789	}
15790	if (kernel_text_contains(addr)) {
15791	return (void *)&_mh_execute_header;
15792	}
15793	if (gLoadedKextSummaries) {
15794	IOLockLock(sKextSummariesLock);
15795	for (i = `0`; i < gLoadedKextSummaries->numSummaries; i++) {
15796	OSKextLoadedKextSummary *summary = gLoadedKextSummaries->summaries + i;
15797	if (addr >= summary->address && addr < summary->address + summary->size) {
15798	void kextAddress = (void* *)summary->address;
15799	IOLockUnlock(sKextSummariesLock);
15800	return kextAddress;
15801	}
15802	}
15803	IOLockUnlock(sKextSummariesLock);
15804	}
15805
15806	return NULL;
15807	}
15808
15809	/ static /
15810	kern_return_t
15811	OSKext::summaryForAddressExt(
15812	const void * address,
15813	OSKextLoadedKextSummary * summary)
15814	{
15815	kern_return_t result = KERN_FAILURE;
15816	const OSKextLoadedKextSummary * foundSummary = NULL;
15817
15818	/*
15819	* This needs to be safe to call even before the lock has been initialized
15820	* in OSKext::initialize(), as we might get here from the ksancov runtime
15821	* when instrumenting XNU itself with sanitizer coverage.
15822	*/
15823	if (!sKextSummariesLock) {
15824	return result;
15825	}
15826
15827	IOLockLock(sKextSummariesLock);
15828	if (gLoadedKextSummaries) {
15829	foundSummary = summaryForAddress(addr: (uintptr_t)address);
15830	if (foundSummary) {
15831	memcpy(dst: summary, src: foundSummary, n: sizeof(*summary));
15832	result = KERN_SUCCESS;
15833	} else {
15834	result = KERN_NOT_FOUND;
15835	}
15836	}
15837	IOLockUnlock(sKextSummariesLock);
15838
15839	return result;
15840	}
15841
15842	/*
15843	* Find a OSKextLoadedKextSummary given the ID from a kmod_info_t *
15844	* Safe to call in panic context.
15845	*/
15846	static OSKextLoadedKextSummary *
15847	findSummary(uint32_t tagID)
15848	{
15849	OSKextLoadedKextSummary * summary;
15850	for (size_t i = `0`; i < gLoadedKextSummaries->numSummaries; ++i) {
15851	summary = gLoadedKextSummaries->summaries + i;
15852	if (summary->loadTag == tagID) {
15853	return summary;
15854	}
15855	}
15856	return NULL;
15857	}
15858
15859	/*********************************************************************
15860	* This function must be safe to call in panic context.
15861	*********************************************************************/
15862	void
15863	OSKext::printSummary(
15864	OSKextLoadedKextSummary * summary,
15865	int (* printf_func)(const char *fmt, ...),
15866	uint32_t flags)
15867	{
15868	kmod_reference_t * kmod_ref = NULL;
15869	uuid_string_t uuid;
15870	char version[kOSKextVersionMaxLength];
15871	uint64_t tmpAddr;
15872	uint64_t tmpSize;
15873	OSKextLoadedKextSummary *dependencySummary;
15874
15875	if (!OSKextVersionGetString(aVersion: summary->version, buffer: version, bufferSize: sizeof(version))) {
15876	strlcpy(dst: version, src: "unknown version", n: sizeof(version));
15877	}
15878	(void) uuid_unparse(uu: summary->uuid, out: uuid);
15879
15880	#if defined(__arm__) \|\| defined(__arm64__)
15881	tmpAddr = summary->text_exec_address;
15882	tmpSize = summary->text_exec_size;
15883	#else
15884	tmpAddr = summary->address;
15885	tmpSize = summary->size;
15886	#endif
15887	if (kPrintKextsUnslide & flags) {
15888	tmpAddr = ml_static_unslide(vaddr: tmpAddr);
15889	}
15890	(*printf_func)("%s%s(%s)[%s]@0x%llx->0x%llx\n",
15891	(kPrintKextsTerse & flags) ? "" : " ",
15892	summary->name, version, uuid,
15893	tmpAddr, tmpAddr + tmpSize - `1`);
15894
15895	if (kPrintKextsTerse & flags) {
15896	return;
15897	}
15898
15899	/ print dependency info /
15900	for (kmod_ref = (kmod_reference_t *) summary->reference_list;
15901	kmod_ref;
15902	kmod_ref = kmod_ref->next) {
15903	kmod_info_t * rinfo;
15904
15905	if (pmap_find_phys(pmap: kernel_pmap, va: (addr64_t)((uintptr_t)kmod_ref)) == `0`) {
15906	(*printf_func)(" kmod dependency scan stopped "
15907	"due to missing dependency page: %p\n",
15908	(kPrintKextsUnslide & flags) ? (void *)ml_static_unslide(vaddr: (vm_offset_t)kmod_ref) : kmod_ref);
15909	break;
15910	}
15911	rinfo = kmod_ref->info;
15912
15913	if (pmap_find_phys(pmap: kernel_pmap, va: (addr64_t)((uintptr_t)rinfo)) == `0`) {
15914	(*printf_func)(" kmod dependency scan stopped "
15915	"due to missing kmod page: %p\n",
15916	(kPrintKextsUnslide & flags) ? (void *)ml_static_unslide(vaddr: (vm_offset_t)rinfo) : rinfo);
15917	break;
15918	}
15919
15920	if (!rinfo->address) {
15921	continue; // skip fake entries for built-ins
15922	}
15923
15924	dependencySummary = findSummary(tagID: rinfo->id);
15925	uuid[`0`] = `0x00`;
15926	tmpAddr = rinfo->address;
15927	tmpSize = rinfo->size;
15928	if (dependencySummary) {
15929	(void) uuid_unparse(uu: dependencySummary->uuid, out: uuid);
15930	#if defined(__arm__) \|\| defined(__arm64__)
15931	tmpAddr = dependencySummary->text_exec_address;
15932	tmpSize = dependencySummary->text_exec_size;
15933	#endif
15934	}
15935
15936	if (kPrintKextsUnslide & flags) {
15937	tmpAddr = ml_static_unslide(vaddr: tmpAddr);
15938	}
15939	(*printf_func)(" dependency: %s(%s)[%s]@%p->%p\n",
15940	rinfo->name, rinfo->version, uuid, tmpAddr, tmpAddr + tmpSize - `1`);
15941	}
15942	return;
15943	}
15944
15945
15946	#if !defined(__arm__) && !defined(__arm64__)
15947	/*******************************************************************************
15948	* substitute() looks at an input string (a pointer within a larger buffer)
15949	* for a match to a substring, and on match it writes the marker & substitution
15950	* character to an output string, updating the scan (from) and
15951	* output (to) indexes as appropriate.
15952	*******************************************************************************/
15953	static int substitute(
15954	const char * scan_string,
15955	char * string_out,
15956	uint32_t * to_index,
15957	uint32_t * from_index,
15958	const char * substring,
15959	char marker,
15960	char substitution);
15961
15962	/ string_out must be at least KMOD_MAX_NAME bytes.*
15963	*/
15964	static int
15965	substitute(
15966	const char * scan_string,
15967	char * string_out,
15968	uint32_t * to_index,
15969	uint32_t * from_index,
15970	const char * substring,
15971	char marker,
15972	char substitution)
15973	{
15974	size_t substring_length = strnlen(substring, KMOD_MAX_NAME - `1`);
15975
15976	/ On a substring match, append the marker (if there is one) and then*
15977	* the substitution character, updating the output (to) index accordingly.
15978	* Then update the input (from) length by the length of the substring
15979	* that got replaced.
15980	*/
15981	if (!strncmp(scan_string, substring, substring_length)) {
15982	if (marker) {
15983	string_out[(*to_index)++] = marker;
15984	}
15985	string_out[(*to_index)++] = substitution;
15986	(*from_index) += substring_length;
15987	return `1`;
15988	}
15989	return `0`;
15990	}
15991
15992	/*******************************************************************************
15993	* compactIdentifier() takes a CFBundleIdentifier in a buffer of at least
15994	* KMOD_MAX_NAME characters and performs various substitutions of common
15995	* prefixes & substrings as defined by tables in kext_panic_report.h.
15996	*******************************************************************************/
15997	static void compactIdentifier(
15998	const char * identifier,
15999	char * identifier_out,
16000	char ** identifier_out_end);
16001
16002	static void
16003	compactIdentifier(
16004	const char * identifier,
16005	char * identifier_out,
16006	char ** identifier_out_end)
16007	{
16008	uint32_t from_index, to_index;
16009	uint32_t scan_from_index = `0`;
16010	uint32_t scan_to_index = `0`;
16011	subs_entry_t * subs_entry = NULL;
16012	int did_sub = `0`;
16013
16014	from_index = to_index = `0`;
16015	identifier_out[`0`] = `'\0'`;
16016
16017	/ Replace certain identifier prefixes with shorter @+character sequences.*
16018	* Check the return value of substitute() so we only replace the prefix.
16019	*/
16020	for (subs_entry = &kext_identifier_prefix_subs[`0`];
16021	subs_entry->substring && !did_sub;
16022	subs_entry++) {
16023	did_sub = substitute(identifier, identifier_out,
16024	&scan_to_index, &scan_from_index,
16025	subs_entry->substring, / marker / `'\0'`, subs_entry->substitute);
16026	}
16027	did_sub = `0`;
16028
16029	/ Now scan through the identifier looking for the common substrings*
16030	* and replacing them with shorter !+character sequences via substitute().
16031	*/
16032	for (/ see above /;
16033	scan_from_index < KMOD_MAX_NAME - `1` && identifier[scan_from_index];
16034	/ see loop /) {
16035	const char * scan_string = &identifier[scan_from_index];
16036
16037	did_sub = `0`;
16038
16039	if (scan_from_index) {
16040	for (subs_entry = &kext_identifier_substring_subs[`0`];
16041	subs_entry->substring && !did_sub;
16042	subs_entry++) {
16043	did_sub = substitute(scan_string, identifier_out,
16044	&scan_to_index, &scan_from_index,
16045	subs_entry->substring, `'!'`, subs_entry->substitute);
16046	}
16047	}
16048
16049	/ If we didn't substitute, copy the input character to the output.*
16050	*/
16051	if (!did_sub) {
16052	identifier_out[scan_to_index++] = identifier[scan_from_index++];
16053	}
16054	}
16055
16056	identifier_out[scan_to_index] = `'\0'`;
16057	if (identifier_out_end) {
16058	*identifier_out_end = &identifier_out[scan_to_index];
16059	}
16060
16061	return;
16062	}
16063	#endif /* !defined(__arm__) && !defined(__arm64__) */
16064
16065	/*******************************************************************************
16066	* assemble_identifier_and_version() adds to a string buffer a compacted
16067	* bundle identifier followed by a version string.
16068	*******************************************************************************/
16069
16070	/ identPlusVers must be at least 2KMOD_MAX_NAME in length.
16071	*/
16072	static size_t assemble_identifier_and_version(
16073	kmod_info_t * kmod_info,
16074	char * identPlusVers,
16075	size_t bufSize);
16076
16077	static size_t
16078	assemble_identifier_and_version(
16079	kmod_info_t * kmod_info,
16080	char * identPlusVers,
16081	size_t bufSize)
16082	{
16083	size_t result = `0`;
16084
16085	#if defined(__arm__) \|\| defined(__arm64__)
16086	result = strlcpy(dst: identPlusVers, src: kmod_info->name, KMOD_MAX_NAME);
16087	#else
16088	compactIdentifier(kmod_info->name, identPlusVers, NULL);
16089	result = strnlen(identPlusVers, KMOD_MAX_NAME - `1`);
16090	#endif
16091	identPlusVers[result++] = `'\t'`; // increment for real char
16092	identPlusVers[result] = `'\0'`; // don't increment for nul char
16093	result = strlcat(dst: identPlusVers, src: kmod_info->version, n: bufSize);
16094	if (result >= bufSize) {
16095	identPlusVers[bufSize - `1`] = `'\0'`;
16096	result = bufSize - `1`;
16097	}
16098
16099	return result;
16100	}
16101
16102	/*******************************************************************************
16103	* Assumes sKextLock is held.
16104	*******************************************************************************/
16105	/ static /
16106	int
16107	OSKext::saveLoadedKextPanicListTyped(
16108	const char * prefix,
16109	int invertFlag,
16110	int libsFlag,
16111	char * paniclist,
16112	uint32_t list_size)
16113	{
16114	int result = -`1`;
16115	unsigned int count, i;
16116
16117	count = sLoadedKexts ->getCount();
16118	if (!count) {
16119	goto finish;
16120	}
16121
16122	i = count - `1`;
16123	do {
16124	OSObject * rawKext = sLoadedKexts ->getObject(index: i);
16125	OSKext * theKext = OSDynamicCast(OSKext, rawKext);
16126	int match;
16127	size_t identPlusVersLength;
16128	size_t tempLen;
16129	char identPlusVers[`2` * KMOD_MAX_NAME];
16130
16131	if (!rawKext) {
16132	printf("OSKext::saveLoadedKextPanicListTyped - "
16133	"NULL kext in loaded kext list; continuing\n");
16134	continue;
16135	}
16136
16137	if (!theKext) {
16138	printf("OSKext::saveLoadedKextPanicListTyped - "
16139	"Kext type cast failed in loaded kext list; continuing\n");
16140	continue;
16141	}
16142
16143	/ Skip all built-in kexts.*
16144	*/
16145	if (theKext->isKernelComponent()) {
16146	continue;
16147	}
16148
16149	kmod_info_t * kmod_info = theKext->kmod_info;
16150
16151	/ Filter for kmod name (bundle identifier).*
16152	*/
16153	match = !strncmp(s1: kmod_info->name, s2: prefix, n: strnlen(s: prefix, KMOD_MAX_NAME));
16154	if ((match && invertFlag) \|\| (!match && !invertFlag)) {
16155	continue;
16156	}
16157
16158	/ Filter for libraries (kexts that have a compatible version).*
16159	*/
16160	if ((libsFlag == `0` && theKext->getCompatibleVersion() > `1`) \|\|
16161	(libsFlag == `1` && theKext->getCompatibleVersion() < `1`)) {
16162	continue;
16163	}
16164
16165	if (!kmod_info \|\|
16166	!pmap_find_phys(pmap: kernel_pmap, va: (addr64_t)((uintptr_t)kmod_info))) {
16167	printf("kext scan stopped due to missing kmod_info page: %p\n",
16168	kmod_info);
16169	goto finish;
16170	}
16171
16172	identPlusVersLength = assemble_identifier_and_version(kmod_info,
16173	identPlusVers,
16174	bufSize: sizeof(identPlusVers));
16175	if (!identPlusVersLength) {
16176	printf("error saving loaded kext info\n");
16177	goto finish;
16178	}
16179
16180	/ make sure everything fits and we null terminate.*
16181	*/
16182	tempLen = strlcat(dst: paniclist, src: identPlusVers, n: list_size);
16183	if (tempLen >= list_size) {
16184	// panic list is full, keep it and null terminate
16185	paniclist[list_size - `1`] = `0x00`;
16186	result = `0`;
16187	goto finish;
16188	}
16189	tempLen = strlcat(dst: paniclist, src: "\n", n: list_size);
16190	if (tempLen >= list_size) {
16191	// panic list is full, keep it and null terminate
16192	paniclist[list_size - `1`] = `0x00`;
16193	result = `0`;
16194	goto finish;
16195	}
16196	} while (i--);
16197
16198	result = `0`;
16199	finish:
16200
16201	return result;
16202	}
16203
16204	/*********************************************************************
16205	*********************************************************************/
16206	/ static /
16207	void
16208	OSKext::saveLoadedKextPanicList(void)
16209	{
16210	char * newlist = NULL;
16211	uint32_t newlist_size = `0`;
16212
16213	newlist_size = KEXT_PANICLIST_SIZE;
16214	newlist = (char *)kalloc_data_tag(newlist_size,
16215	Z_WAITOK, VM_KERN_MEMORY_OSKEXT);
16216
16217	if (!newlist) {
16218	OSKextLog(/ kext / NULL,
16219	kOSKextLogErrorLevel \| kOSKextLogGeneralFlag,
16220	format: "Couldn't allocate kext panic log buffer.");
16221	goto finish;
16222	}
16223
16224	newlist[`0`] = `'\0'`;
16225
16226	// non-"com.apple." kexts
16227	if (OSKext::saveLoadedKextPanicListTyped(prefix: "com.apple.", / invert? / invertFlag: `1`,
16228	/ libs? / libsFlag: -`1`, paniclist: newlist, list_size: newlist_size) != `0`) {
16229	goto finish;
16230	}
16231	// "com.apple." nonlibrary kexts
16232	if (OSKext::saveLoadedKextPanicListTyped(prefix: "com.apple.", / invert? / invertFlag: `0`,
16233	/ libs? / libsFlag: `0`, paniclist: newlist, list_size: newlist_size) != `0`) {
16234	goto finish;
16235	}
16236	// "com.apple." library kexts
16237	if (OSKext::saveLoadedKextPanicListTyped(prefix: "com.apple.", / invert? / invertFlag: `0`,
16238	/ libs? / libsFlag: `1`, paniclist: newlist, list_size: newlist_size) != `0`) {
16239	goto finish;
16240	}
16241
16242	if (loaded_kext_paniclist) {
16243	kfree_data(loaded_kext_paniclist, loaded_kext_paniclist_size);
16244	}
16245	loaded_kext_paniclist = newlist;
16246	newlist = NULL;
16247	loaded_kext_paniclist_size = newlist_size;
16248
16249	finish:
16250	if (newlist) {
16251	kfree_data(newlist, newlist_size);
16252	}
16253	return;
16254	}
16255
16256	/*********************************************************************
16257	* Assumes sKextLock is held.
16258	*********************************************************************/
16259	void
16260	OSKext::savePanicString(bool isLoading)
16261	{
16262	u_long len;
16263
16264	if (!kmod_info) {
16265	return; // do not goto finish here b/c of lock
16266	}
16267
16268	len = assemble_identifier_and_version( kmod_info,
16269	identPlusVers: (isLoading) ? last_loaded_str_buf : last_unloaded_str_buf,
16270	bufSize: (isLoading) ? sizeof(last_loaded_str_buf) : sizeof(last_unloaded_str_buf));
16271	if (!len) {
16272	printf("error saving unloaded kext info\n");
16273	goto finish;
16274	}
16275
16276	if (isLoading) {
16277	last_loaded_strlen = len;
16278	last_loaded_address = (void *)kmod_info->address;
16279	last_loaded_size = kmod_info->size;
16280	clock_get_uptime(result: &last_loaded_timestamp);
16281	} else {
16282	last_unloaded_strlen = len;
16283	last_unloaded_address = (void *)kmod_info->address;
16284	last_unloaded_size = kmod_info->size;
16285	clock_get_uptime(result: &last_unloaded_timestamp);
16286	}
16287
16288	finish:
16289	return;
16290	}
16291
16292	/*********************************************************************
16293	*********************************************************************/
16294	/ static /
16295	void
16296	OSKext::printKextPanicLists(int (printf_func)(const* char *fmt, ...))
16297	{
16298	if (last_loaded_strlen) {
16299	printf_func("last started kext at %llu: %.*s (addr %p, size %lu)\n",
16300	AbsoluteTime_to_scalar(&last_loaded_timestamp),
16301	last_loaded_strlen, last_loaded_str_buf,
16302	last_loaded_address, last_loaded_size);
16303	}
16304
16305	if (last_unloaded_strlen) {
16306	printf_func("last stopped kext at %llu: %.*s (addr %p, size %lu)\n",
16307	AbsoluteTime_to_scalar(&last_unloaded_timestamp),
16308	last_unloaded_strlen, last_unloaded_str_buf,
16309	last_unloaded_address, last_unloaded_size);
16310	}
16311
16312	printf_func("loaded kexts:\n");
16313	if (loaded_kext_paniclist &&
16314	pmap_find_phys(pmap: kernel_pmap, va: (addr64_t) (uintptr_t) loaded_kext_paniclist) &&
16315	loaded_kext_paniclist[`0`]) {
16316	printf_func("%.*s",
16317	strnlen(s: loaded_kext_paniclist, n: loaded_kext_paniclist_size),
16318	loaded_kext_paniclist);
16319	} else {
16320	printf_func("(none)\n");
16321	}
16322	return;
16323	}
16324
16325	/*********************************************************************
16326	* Assumes sKextLock is held.
16327	*********************************************************************/
16328	/ static /
16329	void
16330	OSKext::updateLoadedKextSummaries(void)
16331	{
16332	kern_return_t result = KERN_FAILURE;
16333	OSKextLoadedKextSummaryHeader *summaryHeader = NULL;
16334	OSKextLoadedKextSummaryHeader *summaryHeaderAlloc = NULL;
16335	OSKext *aKext;
16336	vm_map_offset_t start, end;
16337	size_t summarySize = `0`;
16338	size_t size;
16339	u_int count;
16340	u_int maxKexts;
16341	u_int i, j;
16342	OSKextActiveAccount * accountingList;
16343	OSKextActiveAccount * prevAccountingList;
16344	uint32_t idx, accountingListAlloc, accountingListCount, prevAccountingListCount;
16345
16346	prevAccountingList = NULL;
16347	prevAccountingListCount = `0`;
16348
16349	#if DEVELOPMENT \|\| DEBUG
16350	if (IORecursiveLockHaveLock(sKextLock) == false) {
16351	panic("sKextLock must be held");
16352	}
16353	#endif
16354
16355	IOLockLock(sKextSummariesLock);
16356
16357	count = sLoadedKexts ->getCount();
16358	for (i = `0`, maxKexts = `0`; i < count; ++i) {
16359	aKext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
16360	maxKexts += (aKext && (aKext->isExecutable() \|\| aKext->isSpecialKernelBinary()));
16361	}
16362
16363	if (!maxKexts) {
16364	goto finish;
16365	}
16366	if (maxKexts < kOSKextTypicalLoadCount) {
16367	maxKexts = kOSKextTypicalLoadCount;
16368	}
16369
16370	/ Calculate the size needed for the new summary headers.*
16371	*/
16372
16373	size = sizeof(*gLoadedKextSummaries);
16374	size += maxKexts * sizeof(*gLoadedKextSummaries->summaries);
16375	size = round_page(x: size);
16376
16377	if (gLoadedKextSummaries == NULL \|\| sLoadedKextSummariesAllocSize < size) {
16378	if (gLoadedKextSummaries) {
16379	kmem_free(map: kernel_map, addr: (vm_offset_t)gLoadedKextSummaries, size: sLoadedKextSummariesAllocSize);
16380	gLoadedKextSummaries = NULL;
16381	gLoadedKextSummariesTimestamp = mach_absolute_time();
16382	sLoadedKextSummariesAllocSize = `0`;
16383	}
16384	result = kmem_alloc(map: kernel_map, addrp: (vm_offset_t *)&summaryHeaderAlloc, size,
16385	flags: KMA_DATA, VM_KERN_MEMORY_OSKEXT);
16386	if (result != KERN_SUCCESS) {
16387	goto finish;
16388	}
16389	summaryHeader = summaryHeaderAlloc;
16390	summarySize = size;
16391	} else {
16392	summaryHeader = gLoadedKextSummaries;
16393	summarySize = sLoadedKextSummariesAllocSize;
16394
16395	start = (vm_map_offset_t) summaryHeader;
16396	end = start + summarySize;
16397	result = vm_map_protect(map: kernel_map,
16398	start,
16399	end,
16400	VM_PROT_DEFAULT,
16401	FALSE);
16402	if (result != KERN_SUCCESS) {
16403	goto finish;
16404	}
16405	}
16406
16407	/ Populate the summary header.*
16408	*/
16409
16410	bzero(s: summaryHeader, n: summarySize);
16411	summaryHeader->version = kOSKextLoadedKextSummaryVersion;
16412	summaryHeader->entry_size = sizeof(OSKextLoadedKextSummary);
16413
16414	/ Populate each kext summary.*
16415	*/
16416
16417	count = sLoadedKexts ->getCount();
16418	accountingListAlloc = `0`;
16419	for (i = `0`, j = `0`; i < count && j < maxKexts; ++i) {
16420	aKext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
16421	if (!aKext \|\| (!aKext->isExecutable() && !aKext->isSpecialKernelBinary())) {
16422	continue;
16423	}
16424
16425	aKext->updateLoadedKextSummary(summary: &summaryHeader->summaries[j++]);
16426	summaryHeader->numSummaries++;
16427	accountingListAlloc++;
16428	}
16429
16430	accountingList = IONew(typeof(accountingList[`0`]), accountingListAlloc);
16431	accountingListCount = `0`;
16432	for (i = `0`, j = `0`; i < count && j < maxKexts; ++i) {
16433	aKext = OSDynamicCast(OSKext, sLoadedKexts ->getObject(i));
16434	if (!aKext \|\| (!aKext->isExecutable() && !aKext->isSpecialKernelBinary())) {
16435	continue;
16436	}
16437
16438	OSKextActiveAccount activeAccount;
16439	aKext->updateActiveAccount(accountp: &activeAccount);
16440	// order by address
16441	for (idx = `0`; idx < accountingListCount; idx++) {
16442	if (activeAccount.address < accountingList[idx].address) {
16443	break;
16444	}
16445	}
16446	bcopy(src: &accountingList[idx], dst: &accountingList[idx + `1`], n: (accountingListCount - idx) * sizeof(accountingList[`0`]));
16447	accountingList[idx] = activeAccount;
16448	accountingListCount++;
16449	}
16450	assert(accountingListCount == accountingListAlloc);
16451	/ Write protect the buffer and move it into place.*
16452	*/
16453
16454	start = (vm_map_offset_t) summaryHeader;
16455	end = start + summarySize;
16456
16457	result = vm_map_protect(map: kernel_map, start, end, VM_PROT_READ, FALSE);
16458	if (result != KERN_SUCCESS) {
16459	goto finish;
16460	}
16461
16462	gLoadedKextSummaries = summaryHeader;
16463	gLoadedKextSummariesTimestamp = mach_absolute_time();
16464	sLoadedKextSummariesAllocSize = summarySize;
16465	summaryHeaderAlloc = NULL;
16466
16467	/ Call the magic breakpoint function through a static function pointer so*
16468	* the compiler can't optimize the function away.
16469	*/
16470	if (sLoadedKextSummariesUpdated) {
16471	(*sLoadedKextSummariesUpdated)();
16472	}
16473
16474	lck_ticket_lock(tlock: sKextAccountsLock, grp: sKextAccountsLockGrp);
16475	prevAccountingList = sKextAccounts;
16476	prevAccountingListCount = sKextAccountsCount;
16477	sKextAccounts = accountingList;
16478	sKextAccountsCount = accountingListCount;
16479	lck_ticket_unlock(tlock: sKextAccountsLock);
16480
16481	finish:
16482	IOLockUnlock(sKextSummariesLock);
16483
16484	/ If we had to allocate a new buffer but failed to generate the summaries,*
16485	* free that now.
16486	*/
16487	if (summaryHeaderAlloc) {
16488	kmem_free(map: kernel_map, addr: (vm_offset_t)summaryHeaderAlloc, size: summarySize);
16489	}
16490	if (prevAccountingList) {
16491	IODelete(prevAccountingList, typeof(accountingList[`0`]), prevAccountingListCount);
16492	}
16493
16494	return;
16495	}
16496
16497	/*********************************************************************
16498	*********************************************************************/
16499	void
16500	OSKext::updateLoadedKextSummary(OSKextLoadedKextSummary *summary)
16501	{
16502	OSSharedPtr<OSData> uuid;
16503
16504	strlcpy(dst: summary->name, src: getIdentifierCString(),
16505	n: sizeof(summary->name));
16506
16507	uuid = copyUUID();
16508	if (uuid) {
16509	memcpy(dst: summary->uuid, src: uuid ->getBytesNoCopy(), n: sizeof(summary->uuid));
16510	}
16511
16512	if (flags.builtin) {
16513	// this value will stop lldb from parsing the mach-o header
16514	// summary->address = UINT64_MAX;
16515	// summary->size = 0;
16516	summary->address = kmod_info->address;
16517	summary->size = kmod_info->size;
16518	} else {
16519	summary->address = kmod_info->address;
16520	summary->size = kmod_info->size;
16521	}
16522	summary->version = getVersion();
16523	summary->loadTag = kmod_info->id;
16524	summary->flags = `0`;
16525	summary->reference_list = (uint64_t) kmod_info->reference_list;
16526
16527	summary->text_exec_address = (uint64_t) getsegdatafromheader((kernel_mach_header_t *)summary->address, "__TEXT_EXEC", &summary->text_exec_size);
16528	if (summary->text_exec_address == `0`) {
16529	// Fallback to __TEXT
16530	summary->text_exec_address = (uint64_t) getsegdatafromheader((kernel_mach_header_t *)summary->address, "__TEXT", &summary->text_exec_size);
16531	}
16532
16533	/**
16534	* If the addresses within the Mach-O are unslid, then manually slide any
16535	* addresses coming from the Mach-O as higher layer software using these
16536	* summaries expects a slid address here.
16537	*/
16538	if (flags.unslidMachO) {
16539	summary->text_exec_address = (uint64_t) ml_static_slide(vaddr: (vm_offset_t) summary->text_exec_address);
16540	}
16541
16542	return;
16543	}
16544
16545	/*********************************************************************
16546	*********************************************************************/
16547
16548	void
16549	OSKext::updateActiveAccount(OSKextActiveAccount *accountp)
16550	{
16551	kernel_mach_header_t *hdr = NULL;
16552	kernel_segment_command_t *seg = NULL;
16553
16554	bzero(s: accountp, n: sizeof(*accountp));
16555
16556	hdr = (kernel_mach_header_t *)kmod_info->address;
16557	if (getcommandfromheader(hdr, LC_SEGMENT_SPLIT_INFO) \|\| isInFileset()) {
16558	/*
16559	* If this kext supports split segments (or is in a new
16560	* MH_FILESET kext collection), use the first
16561	* executable segment as the range for instructions
16562	* (and thus for backtracing.
16563	*/
16564	for (seg = firstsegfromheader(header: hdr); seg != NULL; seg = nextsegfromheader(header: hdr, seg)) {
16565	if (seg->initprot & VM_PROT_EXECUTE) {
16566	break;
16567	}
16568	}
16569	}
16570	if (seg) {
16571	accountp->address = seg->vmaddr;
16572	if (accountp->address) {
16573	accountp->address_end = seg->vmaddr + seg->vmsize;
16574	}
16575	} else {
16576	/ For non-split kexts and for kexts without executable*
16577	* segments, just use the kmod_info range (as the kext
16578	* is either all in one range or should not show up in
16579	* instruction backtraces).
16580	*/
16581	accountp->address = kmod_info->address;
16582	if (accountp->address) {
16583	accountp->address_end = kmod_info->address + kmod_info->size;
16584	}
16585	}
16586
16587	accountp->account = this->account;
16588	}
16589
16590	bool
16591	OSKext::isDriverKit(void)
16592	{
16593	OSString *bundleType;
16594
16595	if (infoDict) {
16596	bundleType = OSDynamicCast(OSString, infoDict ->getObject(kCFBundlePackageTypeKey));
16597	if (bundleType && bundleType->isEqualTo(kOSKextBundlePackageTypeDriverKit)) {
16598	return TRUE;
16599	}
16600	}
16601	return FALSE;
16602	}
16603
16604	bool
16605	OSKext::isInFileset(void)
16606	{
16607	if (!kmod_info) {
16608	goto check_prelinked;
16609	}
16610
16611	if (kmod_info->address && kernel_mach_header_is_in_fileset((kernel_mach_header_t *)kmod_info->address)) {
16612	return true;
16613	}
16614
16615	check_prelinked:
16616	if (isPrelinked()) {
16617	/*
16618	* If we haven't setup kmod_info yet, but we know
16619	* we're loading a prelinked kext in an MH_FILESET KC,
16620	* then return true
16621	*/
16622	kc_format_t kc_format;
16623	if (PE_get_primary_kc_format(type: &kc_format) && kc_format == KCFormatFileset) {
16624	return true;
16625	}
16626	}
16627	return false;
16628	}
16629
16630	OSSharedPtr<OSDextStatistics>
16631	OSKext::copyDextStatistics(void)
16632	{
16633	return dextStatistics;
16634	}
16635
16636	bool
16637	OSKextSavedMutableSegment::initWithSegment(kernel_segment_command_t *seg)
16638	{
16639	kern_return_t result;
16640	if (!super::init()) {
16641	return false;
16642	}
16643	if (seg == nullptr) {
16644	return false;
16645	}
16646	result = kmem_alloc(map: kernel_map, addrp: (vm_offset_t *)&data, size: seg->vmsize,
16647	flags: KMA_PAGEABLE, VM_KERN_MEMORY_KEXT);
16648	if (result != KERN_SUCCESS) {
16649	return false;
16650	}
16651	memcpy(dst: (void )data, src: (const* void *)seg->vmaddr, n: seg->vmsize);
16652	savedSegment = seg;
16653	vmsize = seg->vmsize;
16654	vmaddr = seg->vmaddr;
16655	return true;
16656	}
16657
16658	OSSharedPtr<OSKextSavedMutableSegment>
16659	OSKextSavedMutableSegment::withSegment(kernel_segment_command_t *seg)
16660	{
16661	OSSharedPtr<OSKextSavedMutableSegment> me = OSMakeShared<OSKextSavedMutableSegment>();
16662	if (me && !me ->initWithSegment(seg)) {
16663	return nullptr;
16664	}
16665	return me;
16666	}
16667
16668	void
16669	OSKextSavedMutableSegment::free(void)
16670	{
16671	if (data) {
16672	kmem_free(map: kernel_map, addr: (vm_offset_t)data, size: vmsize);
16673	}
16674	}
16675
16676	vm_offset_t
16677	OSKextSavedMutableSegment::getVMAddr() const
16678	{
16679	return vmaddr;
16680	}
16681
16682	vm_offset_t
16683	OSKextSavedMutableSegment::getVMSize() const
16684	{
16685	return vmsize;
16686	}
16687
16688	OSReturn
16689	OSKextSavedMutableSegment::restoreContents(kernel_segment_command_t *seg)
16690	{
16691	if (seg != savedSegment) {
16692	return kOSKextReturnInvalidArgument;
16693	}
16694	if (seg->vmaddr != vmaddr \|\| seg->vmsize != vmsize) {
16695	return kOSKextReturnInvalidArgument;
16696	}
16697	memcpy(dst: (void *)seg->vmaddr, src: data, n: vmsize);
16698	return kOSReturnSuccess;
16699	}
16700
16701	extern "C" kern_return_t
16702	OSKextSetReceiptQueried(void)
16703	{
16704	OSKextLog(/ kext / NULL,
16705	kOSKextLogStepLevel \| kOSKextLogGeneralFlag,
16706	format: "Setting kext receipt as queried");
16707
16708	IOService::publishResource(kOSKextReceiptQueried, value: kOSBooleanTrue);
16709	return KERN_SUCCESS;
16710	}
16711
16712	extern "C" const vm_allocation_site_t *
16713	OSKextGetAllocationSiteForCaller(uintptr_t address)
16714	{
16715	OSKextActiveAccount * active;
16716	vm_allocation_site_t * site;
16717	vm_allocation_site_t * releasesite;
16718
16719	uint32_t baseIdx;
16720	uint32_t lim;
16721	#if __has_feature(ptrauth_calls)
16722	address = (uintptr_t)VM_KERNEL_STRIP_PTR(address);
16723	#endif /* __has_feature(ptrauth_calls) */
16724
16725	lck_ticket_lock(tlock: sKextAccountsLock, grp: sKextAccountsLockGrp);
16726	site = releasesite = NULL;
16727
16728	// bsearch sKextAccounts list
16729	for (baseIdx = `0`, lim = sKextAccountsCount; lim; lim >>= `1`) {
16730	active = &sKextAccounts[baseIdx + (lim >> `1`)];
16731	if ((address >= active->address) && (address < active->address_end)) {
16732	site = &active->account->site;
16733	if (!site->tag) {
16734	vm_tag_alloc_locked(site, releasesiteP: &releasesite);
16735	}
16736	break;
16737	} else if (address > active->address) {
16738	// move right
16739	baseIdx += (lim >> `1`) + `1`;
16740	lim--;
16741	}
16742	// else move left
16743	}
16744	lck_ticket_unlock(tlock: sKextAccountsLock);
16745	if (releasesite) {
16746	kern_allocation_name_release(allocation: releasesite);
16747	}
16748
16749	return site;
16750	}
16751
16752	#if DEVELOPMENT \|\| DEBUG
16753	extern "C" void
16754	OSKextGetRefGrpForCaller(uintptr_t address, void (^cb)(struct os_refgrp *))
16755	{
16756	OSKextActiveAccount * active;
16757
16758	uint32_t baseIdx;
16759	uint32_t lim;
16760	#if __has_feature(ptrauth_calls)
16761	address = (uintptr_t)VM_KERNEL_STRIP_PTR(address);
16762	#endif /* __has_feature(ptrauth_calls) */
16763
16764	lck_ticket_lock(sKextAccountsLock, sKextAccountsLockGrp);
16765
16766	// bsearch sKextAccounts list
16767	for (baseIdx = `0`, lim = sKextAccountsCount; lim; lim >>= `1`) {
16768	active = &sKextAccounts[baseIdx + (lim >> `1`)];
16769	if ((address >= active->address) && (address < active->address_end)) {
16770	cb(&active->account->task_refgrp);
16771	break;
16772	} else if (address > active->address) {
16773	// move right
16774	baseIdx += (lim >> `1`) + `1`;
16775	lim--;
16776	}
16777	// else move left
16778	}
16779	lck_ticket_unlock(sKextAccountsLock);
16780	}
16781	#endif /* DEVELOPMENT \|\| DEBUG */
16782
16783	extern "C" uint32_t
16784	OSKextGetKmodIDForSite(const vm_allocation_site_t * site, char * name, vm_size_t namelen)
16785	{
16786	OSKextAccount * account = (typeof(account))site;
16787	const char * kname;
16788
16789	if (name) {
16790	if (account->kext) {
16791	kname = account->kext->getIdentifierCString();
16792	} else {
16793	kname = "<>";
16794	}
16795	strlcpy(dst: name, src: kname, n: namelen);
16796	}
16797
16798	return account->loadTag;
16799	}
16800
16801	extern "C" void
16802	OSKextFreeSite(vm_allocation_site_t * site)
16803	{
16804	OSKextAccount * freeAccount = (typeof(freeAccount))site;
16805	IOFreeType(freeAccount, OSKextAccount);
16806	}
16807
16808	/*********************************************************************
16809	*********************************************************************/
16810
16811	#if CONFIG_IMAGEBOOT
16812	int
16813	OSKextGetUUIDForName(const char *name, uuid_t uuid)
16814	{
16815	OSSharedPtr<OSKext> kext = OSKext::lookupKextWithIdentifier(kextIdentifier: name);
16816	if (!kext) {
16817	return `1`;
16818	}
16819
16820	OSSharedPtr<OSData> uuid_data = kext ->copyUUID();
16821	if (uuid_data) {
16822	memcpy(dst: uuid, src: uuid_data ->getBytesNoCopy(), n: sizeof(uuid_t));
16823	return `0`;
16824	}
16825
16826	return `1`;
16827	}
16828	#endif
16829
16830
16831
16832	class OSDextCrash : public OSObject {
16833	OSDeclareDefaultStructors(OSDextCrash);
16834	public:
16835	static OSPtr<OSDextCrash> withTimestamp(uint64_t timestamp);
16836	uint64_t getTimestamp();
16837
16838	private:
16839	virtual bool initWithTimestamp(uint64_t timestamp);
16840	uint64_t fTimestamp;
16841	};
16842
16843	OSDefineMetaClassAndStructors(OSDextCrash, OSObject);
16844
16845	OSSharedPtr<OSDextCrash>
16846	OSDextCrash::withTimestamp(uint64_t timestamp)
16847	{
16848	OSSharedPtr<OSDextCrash> result = OSMakeShared<OSDextCrash>();
16849	if (!result ->initWithTimestamp(timestamp)) {
16850	return NULL;
16851	}
16852	return result;
16853	}
16854
16855	bool
16856	OSDextCrash::initWithTimestamp(uint64_t timestamp)
16857	{
16858	if (!OSObject::init()) {
16859	return false;
16860	}
16861	fTimestamp = timestamp;
16862	return true;
16863	}
16864
16865	uint64_t
16866	OSDextCrash::getTimestamp()
16867	{
16868	return fTimestamp;
16869	}
16870
16871	OSSharedPtr<OSDextStatistics>
16872	OSDextStatistics::create()
16873	{
16874	OSSharedPtr<OSDextStatistics> result = OSMakeShared<OSDextStatistics>();
16875	if (!result ->init()) {
16876	return NULL;
16877	}
16878	return result;
16879	}
16880
16881	bool
16882	OSDextStatistics::init()
16883	{
16884	if (!OSObject::init()) {
16885	return false;
16886	}
16887
16888	lock = IOLockAlloc();
16889	crashes = OSArray::withCapacity(capacity: kMaxDextCrashesInOneDay);
16890	return true;
16891	}
16892
16893	void
16894	OSDextStatistics::free()
16895	{
16896	if (lock) {
16897	IOLockFree(lock);
16898	}
16899	crashes.reset();
16900	OSObject::free();
16901	}
16902
16903	OSDextCrashPolicy
16904	OSDextStatistics::recordCrash()
16905	{
16906	size_t i = `0`;
16907	uint64_t timestamp = mach_continuous_time();
16908	uint64_t interval;
16909	nanoseconds_to_absolutetime(nanoseconds: `86400` * NSEC_PER_SEC / 1 day /, result: &interval);
16910	uint64_t lastTimestamp = timestamp > interval ? timestamp - interval : `0`;
16911	OSDextCrashPolicy policy;
16912
16913	IOLockLock(lock);
16914	OSSharedPtr<OSDextCrash> crash = OSDextCrash::withTimestamp(timestamp);
16915	for (i = `0`; i < crashes ->getCount();) {
16916	OSDextCrash * current = OSDynamicCast(OSDextCrash, crashes ->getObject(i));
16917	assert(current != NULL);
16918	if (current->getTimestamp() < lastTimestamp) {
16919	crashes ->removeObject(index: i);
16920	} else {
16921	i++;
16922	}
16923	}
16924
16925	crashes ->setObject(crash);
16926
16927	if (crashes ->getCount() > kMaxDextCrashesInOneDay) {
16928	policy = kOSDextCrashPolicyReboot;
16929	} else {
16930	policy = kOSDextCrashPolicyNone;
16931	}
16932
16933	IOLockUnlock(lock);
16934
16935	return policy;
16936	}
16937
16938	size_t
16939	OSDextStatistics::getCrashCount()
16940	{
16941	size_t result = `0`;
16942	IOLockLock(lock);
16943	result = crashes ->getCount();
16944	IOLockUnlock(lock);
16945	return result;
16946	}
16947
16948	static int
16949	sysctl_willuserspacereboot
16950	(__unused struct sysctl_oid oidp, __unused void* arg1, __unused int* arg2, struct sysctl_req *req)
16951	{
16952	int new_value = `0`, old_value = `0`, changed = `0`;
16953	int error = sysctl_io_number(req, bigValue: old_value, valueSize: sizeof(int), pValue: &new_value, changed: &changed);
16954	if (error) {
16955	return error;
16956	}
16957	if (changed) {
16958	OSKext::willUserspaceReboot();
16959	}
16960	return `0`;
16961	}
16962
16963	static SYSCTL_PROC(_kern, OID_AUTO, willuserspacereboot,
16964	CTLTYPE_INT \| CTLFLAG_RW \| CTLFLAG_LOCKED,
16965	NULL, `0`, sysctl_willuserspacereboot, "I", "");
16966

Browse the source code of xnu/libkern/c++/OSKext.cpp