Loading...
--- xnu/xnu-12377.121.6/iokit/Kernel/IONVRAMV3Handler.cpp
+++ xnu/xnu-11215.41.3/iokit/Kernel/IONVRAMV3Handler.cpp
@@ -201,7 +201,7 @@
uint8_t *_nvramImage;
- OSSharedPtr<OSDictionary> _varDict;
+ OSSharedPtr<OSDictionary> &_varDict;
uint32_t _commonSize;
uint32_t _systemSize;
@@ -212,9 +212,6 @@
uint32_t _currentOffset;
OSSharedPtr<OSArray> _varEntries;
-
- IORWLock *_variableLock;
- IOLock *_controllerLock;
IOReturn unserializeImage(const uint8_t *image, IOByteCount length);
IOReturn reclaim(void);
@@ -232,12 +229,17 @@
void findExistingEntry(const uuid_t varGuid, const char *varName, struct nvram_v3_var_entry **existing, unsigned int *existingIndex);
IOReturn syncRaw(void);
IOReturn syncBlock(void);
+ IOReturn handleEphDM(void);
+
public:
virtual
~IONVRAMV3Handler() APPLE_KEXT_OVERRIDE;
- IONVRAMV3Handler();
+ IONVRAMV3Handler(OSSharedPtr<OSDictionary> &varDict);
+
static bool isValidImage(const uint8_t *image, IOByteCount length);
- static IONVRAMV3Handler *init(IODTNVRAM *provider, const uint8_t *image, IOByteCount length);
+
+ static IONVRAMV3Handler *init(IODTNVRAM *provider, const uint8_t *image, IOByteCount length,
+ OSSharedPtr<OSDictionary> &varDict);
virtual bool getNVRAMProperties(void) APPLE_KEXT_OVERRIDE;
virtual IOReturn unserializeVariables(void) APPLE_KEXT_OVERRIDE;
@@ -251,14 +253,14 @@
virtual uint32_t getSystemUsed(void) const APPLE_KEXT_OVERRIDE;
virtual uint32_t getCommonUsed(void) const APPLE_KEXT_OVERRIDE;
virtual bool getSystemPartitionActive(void) const APPLE_KEXT_OVERRIDE;
- virtual IOReturn getVarDict(OSSharedPtr<OSDictionary> &varDictCopy) APPLE_KEXT_OVERRIDE;
};
IONVRAMV3Handler::~IONVRAMV3Handler()
{
}
-IONVRAMV3Handler::IONVRAMV3Handler()
+IONVRAMV3Handler::IONVRAMV3Handler(OSSharedPtr<OSDictionary> &varDict) :
+ _varDict(varDict)
{
}
@@ -275,21 +277,16 @@
}
IONVRAMV3Handler*
-IONVRAMV3Handler::init(IODTNVRAM *provider, const uint8_t *image, IOByteCount length)
+IONVRAMV3Handler::init(IODTNVRAM *provider, const uint8_t *image, IOByteCount length,
+ OSSharedPtr<OSDictionary> &varDict)
{
OSSharedPtr<IORegistryEntry> entry;
OSSharedPtr<OSObject> prop;
bool propertiesOk;
- IONVRAMV3Handler *handler = new IONVRAMV3Handler();
+ IONVRAMV3Handler *handler = new IONVRAMV3Handler(varDict);
handler->_provider = provider;
-
- handler->_variableLock = IORWLockAlloc();
- require(handler->_variableLock != nullptr, exit);
-
- handler->_controllerLock = IOLockAlloc();
- require(handler->_controllerLock != nullptr, exit);
propertiesOk = handler->getNVRAMProperties();
require_action(propertiesOk, exit, DEBUG_ERROR("Unable to get NVRAM properties\n"));
@@ -351,7 +348,6 @@
DEBUG_INFO("flushSystem=%d, flushCommon=%d\n", flushSystem, flushCommon);
- NVRAMWRITELOCK(_variableLock);
if (flushSystem || flushCommon) {
const OSSymbol *canonicalKey;
OSSharedPtr<OSDictionary> dictCopy;
@@ -373,7 +369,7 @@
clear = ((flushSystem && (uuid_compare(varGuid, gAppleSystemVariableGuid) == 0)) ||
(flushCommon && (uuid_compare(varGuid, gAppleSystemVariableGuid) != 0))) &&
- verifyPermission(op, varGuid, varName, getSystemPartitionActive(), true);
+ verifyPermission(op, varGuid, varName, getSystemPartitionActive());
if (clear) {
DEBUG_INFO("Clearing entry for %s:%s\n", uuidString, varName);
@@ -389,7 +385,6 @@
DEBUG_INFO("_commonUsed %#x, _systemUsed %#x\n", _commonUsed, _systemUsed);
exit:
- NVRAMRWUNLOCK(_variableLock);
return ret;
}
@@ -404,17 +399,15 @@
const struct v3_var_header *storeVar;
OSData *entryContainer;
- NVRAMLOCKASSERTHELD(_controllerLock);
-
controllerBank = findCurrentBank();
if (_currentBank != controllerBank) {
- DEBUG_ERROR("_currentBank %#x != controllerBank %#x\n", _currentBank, controllerBank);
+ DEBUG_ERROR("_currentBank %#x != controllerBank %#x", _currentBank, controllerBank);
}
_currentBank = controllerBank;
- controllerImage = (uint8_t *)IOMallocZeroData(_bankSize);
+ controllerImage = (uint8_t *)IOMallocData(_bankSize);
_nvramController->select(_currentBank);
_nvramController->read(0, controllerImage, _bankSize);
@@ -433,7 +426,6 @@
// as VAR_NEW_STATE_NONE meaning no action needed
// Otherwise if the data is different or it is not found on the controller image we mark it as VAR_NEW_STATE_APPEND
// which will have us invalidate the existing entry if there is one and append it on the next save
- NVRAMREADLOCK(_variableLock);
for (unsigned int i = 0; i < _varEntries->getCount(); i++) {
uint32_t offset = sizeof(struct v3_store_header);
uint32_t latestOffset;
@@ -452,7 +444,7 @@
uint8_t state = prevVarHeader->state & VAR_DELETED & VAR_IN_DELETED_TRANSITION;
ret = _nvramController->write(prevOffset + offsetof(struct v3_var_header, state), &state, sizeof(state));
- require_noerr_action(ret, unlock, DEBUG_ERROR("existing state w fail, ret=%#x\n", ret));
+ require_noerr_action(ret, exit, DEBUG_ERROR("existing state w fail, ret=%#x\n", ret));
}
prevOffset = latestOffset;
@@ -490,12 +482,15 @@
}
}
}
+
ret = find_current_offset_in_image(controllerImage, _bankSize, &_currentOffset);
- require_noerr_action(ret, unlock, DEBUG_ERROR("Unidentified bytes in image\n"));
+ if (ret != kIOReturnSuccess) {
+ DEBUG_ERROR("Unidentified bytes in image, reclaiming\n");
+ ret = reclaim();
+ require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim byte recovery failed, invalid controller state!!! ret=%#x\n", ret));
+ }
DEBUG_INFO("New _currentOffset=%#x\n", _currentOffset);
-unlock:
- NVRAMRWUNLOCK(_variableLock);
exit:
IOFreeData(controllerImage, _bankSize);
return ret;
@@ -515,9 +510,6 @@
OSSharedPtr<const OSSymbol> canonicalKey;
const char *variableName;
uint32_t variableSize;
-
- // Anyone calling setEntryForRemove should've already held the lock for write.
- NVRAMRWLOCKASSERTEXCLUSIVE(_variableLock);
require_action(v3Entry != nullptr, exit, DEBUG_INFO("remove with no entry\n"));
@@ -532,7 +524,7 @@
v3Entry->new_state = VAR_NEW_STATE_REMOVE;
- _varDict->removeObject(canonicalKey.get());
+ _provider->_varDict->removeObject(canonicalKey.get());
if (system) {
if (_systemUsed < variableSize) {
@@ -549,7 +541,8 @@
if (_provider->_diags) {
_provider->_diags->logVariable(getPartitionTypeForGUID(v3Entry->header.guid),
kIONVRAMOperationDelete,
- variableName);
+ variableName,
+ nullptr);
}
}
@@ -635,6 +628,79 @@
return ret;
}
+typedef struct {
+ const char *name;
+ OSSharedPtr<OSObject> value;
+} ephDMAllowListEntry;
+
+static
+ephDMAllowListEntry ephDMEntries[] = {
+ // Mobile Obliteration clears the following variables after it runs
+ { .name = "oblit-begins" },
+ { .name = "orig-oblit" },
+ { .name = "oblit-failure" },
+ { .name = "oblit-inprogress" },
+ { .name = "obliteration" },
+ // darwin-init is used for configuring internal builds
+ { .name = "darwin-init" }
+};
+
+IOReturn
+IONVRAMV3Handler::handleEphDM(void)
+{
+ OSSharedPtr<IORegistryEntry> entry;
+ OSData* data;
+ OSSharedPtr<OSObject> prop;
+ uint32_t ephDM = 0;
+ IOReturn ret = kIOReturnSuccess;
+ OSSharedPtr<const OSSymbol> canonicalKey;
+ uint32_t skip = 0;
+
+ // For ephemeral data mode, NVRAM needs to be cleared on every boot
+ // For system region supported targets, iBoot clears the system region
+ // For other targets, iBoot clears all the persistent variables
+ // So xnu only needs to clear the common region
+ entry = IORegistryEntry::fromPath("/product", gIODTPlane);
+ if (entry) {
+ prop = entry->copyProperty("ephemeral-data-mode");
+ if (prop) {
+ data = OSDynamicCast(OSData, prop.get());
+ if (data) {
+ ephDM = *((uint32_t *)data->getBytesNoCopy());
+ }
+ }
+ }
+
+ require_action(ephDM != 0, exit, DEBUG_ALWAYS("ephemeral-data-mode not supported\n"));
+ require_action(_systemSize != 0, exit, DEBUG_ALWAYS("No system region, no need to clear\n"));
+
+ if (PE_parse_boot_argn("epdm-skip-nvram", &skip, sizeof(skip))) {
+ require_action(!(gInternalBuild && (skip == 1)), exit, DEBUG_ALWAYS("Internal build + epdm-skip-nvram set to true, skip nvram clearing\n"));
+ }
+
+ // Go through the allowlist and stash the values
+ for (uint32_t entry = 0; entry < ARRAY_SIZE(ephDMEntries); entry++) {
+ canonicalKey = keyWithGuidAndCString(gAppleNVRAMGuid, ephDMEntries[entry].name);
+ ephDMEntries[entry].value.reset(OSDynamicCast(OSData, _varDict->getObject(canonicalKey.get())), OSRetain);
+ }
+
+ DEBUG_ALWAYS("Obliterating common region\n");
+ ret = flush(gAppleNVRAMGuid, kIONVRAMOperationObliterate);
+ require_noerr_action(ret, exit, DEBUG_ERROR("Flushing common region failed, ret=%#08x\n", ret));
+
+ // Now write the allowlist variables back
+ for (uint32_t entry = 0; entry < ARRAY_SIZE(ephDMEntries); entry++) {
+ if (ephDMEntries[entry].value.get() == nullptr) {
+ continue;
+ }
+ ret = setVariableInternal(gAppleNVRAMGuid, ephDMEntries[entry].name, ephDMEntries[entry].value.get());
+ require_noerr_action(ret, exit, DEBUG_ERROR("Setting allowlist variable %s failed, ret=%#08x\n", ephDMEntries[entry].name, ret));
+ }
+
+exit:
+ return ret;
+}
+
IOReturn
IONVRAMV3Handler::unserializeVariables(void)
{
@@ -732,16 +798,15 @@
propSymbol, propObject)) {
OSSharedPtr<const OSSymbol> canonicalKey = keyWithGuidAndCString(v3Entry->header.guid, (const char *)v3Entry->header.name_data_buf);
- DEBUG_INFO("adding %s, variableLength=%zu, dataLength=%u, system=%d\n",
- canonicalKey->getCStringNoCopy(), variable_length(header), v3Entry->header.dataSize, system);
+ DEBUG_INFO("adding %s, dataLength=%u, system=%d\n",
+ canonicalKey->getCStringNoCopy(), v3Entry->header.dataSize, system);
_varDict->setObject(canonicalKey.get(), propObject.get());
if (_provider->_diags) {
_provider->_diags->logVariable(getPartitionTypeForGUID(v3Entry->header.guid),
kIONVRAMOperationInit, propSymbol.get()->getCStringNoCopy(),
- (void *)(uintptr_t)v3Entry->header.dataSize,
- (void *)(uintptr_t)offset);
+ (void *)(uintptr_t)(header->name_data_buf + header->nameSize));
}
}
IOFreeData(v3Entry, nvram_v3_var_container_size(header));
@@ -791,9 +856,6 @@
size_t newEntrySize;
uuid_string_t uuidString;
- // Anyone calling setVariableInternal should've already held the lock for write.
- NVRAMRWLOCKASSERTEXCLUSIVE(_variableLock);
-
system = (uuid_compare(varGuid, gAppleSystemVariableGuid) == 0);
canonicalKey = keyWithGuidAndCString(varGuid, variableName);
@@ -889,13 +951,9 @@
IONVRAMV3Handler::setVariable(const uuid_t varGuid, const char *variableName, OSObject *object)
{
uuid_t destGuid;
- IOReturn ret = kIOReturnError;
if (strcmp(variableName, "reclaim-int") == 0) {
- NVRAMLOCK(_controllerLock);
- ret = reclaim();
- NVRAMUNLOCK(_controllerLock);
- return ret;
+ return reclaim();
}
if (getSystemPartitionActive()) {
@@ -915,11 +973,7 @@
}
}
- NVRAMWRITELOCK(_variableLock);
- ret = setVariableInternal(destGuid, variableName, object);
- NVRAMRWUNLOCK(_variableLock);
-
- return ret;
+ return setVariableInternal(destGuid, variableName, object);
}
uint32_t
@@ -929,8 +983,6 @@
uint32_t maxGen = 0;
uint32_t currentBank = 0;
- NVRAMLOCKASSERTHELD(_controllerLock);
-
for (unsigned int i = 0; i < _bankCount; i++) {
_nvramController->select(i);
_nvramController->read(0, (uint8_t *)&storeHeader, sizeof(storeHeader));
@@ -941,7 +993,7 @@
}
}
- DEBUG_ALWAYS("currentBank=%#x, gen=%#x\n", currentBank, maxGen);
+ DEBUG_ALWAYS("currentBank=%#x, gen=%#x", currentBank, maxGen);
return currentBank;
}
@@ -950,8 +1002,6 @@
IONVRAMV3Handler::setController(IONVRAMController *controller)
{
IOReturn ret = kIOReturnSuccess;
-
- NVRAMLOCK(_controllerLock);
if (_nvramController == NULL) {
_nvramController = controller;
@@ -964,18 +1014,19 @@
if (_resetData) {
_resetData = false;
DEBUG_ERROR("_resetData set, issuing reclaim recovery\n");
- goto reclaim;
- }
-
- if (reloadInternal() == kIOReturnSuccess) {
+ ret = reclaim();
+ require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, invalid controller state!!! ret=%#x\n", ret));
goto exit;
}
-reclaim:
- ret = reclaim();
- require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, invalid controller state!!! ret=%#x\n", ret));
+ ret = reloadInternal();
+ if (ret != kIOReturnSuccess) {
+ DEBUG_ERROR("Invalid image found, issuing reclaim recovery\n");
+ ret = reclaim();
+ require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, invalid controller state!!! ret=%#x\n", ret));
+ }
+
exit:
- NVRAMUNLOCK(_controllerLock);
return ret == kIOReturnSuccess;
}
@@ -993,9 +1044,8 @@
OSSharedPtr<OSArray> remainingEntries;
DEBUG_INFO("called\n");
- NVRAMLOCKASSERTHELD(_controllerLock);
-
- bankData = (uint8_t *)IOMallocZeroData(_bankSize);
+
+ bankData = (uint8_t *)IOMallocData(_bankSize);
require_action(bankData != nullptr, exit, ret = kIOReturnNoMemory);
ret = _nvramController->select(next_bank);
@@ -1005,8 +1055,6 @@
verify_noerr_action(ret, DEBUG_INFO("eraseBank failed, ret=%#08x\n", ret));
_currentBank = next_bank;
-
- NVRAMREADLOCK(_variableLock);
remainingEntries = OSArray::withCapacity(_varEntries->getCapacity());
@@ -1043,17 +1091,16 @@
memcpy(bankData, (uint8_t *)&newStoreHeader, sizeof(newStoreHeader));
ret = _nvramController->write(0, bankData, new_bank_offset);
- require_noerr_action(ret, unlock, DEBUG_ERROR("reclaim bank write failed, ret=%08x\n", ret));
+ require_noerr_action(ret, exit, DEBUG_ERROR("reclaim bank write failed, ret=%08x\n", ret));
_currentOffset = (uint32_t)new_bank_offset;
DEBUG_INFO("Reclaim complete, _currentBank=%u _generation=%u, _currentOffset=%#x\n", _currentBank, _generation, _currentOffset);
_newData = false;
+
_varEntries.reset(remainingEntries.get(), OSRetain);
-unlock:
- NVRAMRWUNLOCK(_variableLock);
exit:
IOFreeData(bankData, _bankSize);
@@ -1067,8 +1114,6 @@
struct v3_var_header *varHeader;
OSData *entryContainer;
size_t appendSize = 0;
-
- NVRAMRWLOCKASSERTHELD(_variableLock);
for (unsigned int i = 0; i < _varEntries->getCount(); i++) {
entryContainer = OSDynamicCast(OSData, _varEntries->getObject(i));
@@ -1096,24 +1141,25 @@
size_t *invalidateOffsets = nullptr;
size_t invalidateOffsetsCount = 0;
size_t invalidateOffsetIndex = 0;
+ size_t invalidatedSize = 0;
require_action(_nvramController != nullptr, exit, DEBUG_INFO("No _nvramController\n"));
require_action(_newData == true, exit, DEBUG_INFO("No _newData to sync\n"));
require_action(_bankSize != 0, exit, DEBUG_INFO("No nvram size info\n"));
- NVRAMREADLOCK(_variableLock);
DEBUG_INFO("_varEntries->getCount()=%#x\n", _varEntries->getCount());
if (getAppendSize() + _currentOffset < _bankSize) {
// No reclaim, build append and invalidate list
+
remainingEntries = OSArray::withCapacity(_varEntries->getCapacity());
- appendBuffer = (uint8_t *)IOMallocZeroData(_bankSize);
- require_action(appendBuffer, unlock, ret = kIOReturnNoMemory);
+ appendBuffer = (uint8_t *)IOMallocData(_bankSize);
+ require_action(appendBuffer, exit, ret = kIOReturnNoMemory);
invalidateOffsetsCount = _varEntries->getCount();
- invalidateOffsets = (size_t *)IOMallocZeroData(invalidateOffsetsCount * sizeof(size_t));
- require_action(invalidateOffsets, unlock, ret = kIOReturnNoMemory);
+ invalidateOffsets = (size_t *)IOMallocData(invalidateOffsetsCount * sizeof(size_t));
+ require_action(invalidateOffsets, exit, ret = kIOReturnNoMemory);
for (unsigned int i = 0; i < _varEntries->getCount(); i++) {
entryContainer = OSDynamicCast(OSData, _varEntries->getObject(i));
@@ -1140,13 +1186,16 @@
if (prevOffset) {
invalidateOffsets[invalidateOffsetIndex++] = prevOffset;
+ invalidatedSize += variable_length((struct v3_var_header *)prevOffset);
}
remainingEntries->setObject(entryContainer);
} else if (varEntry->new_state == VAR_NEW_STATE_REMOVE) {
if (varEntry->existing_offset) {
DEBUG_INFO("marking entry at offset %#lx deleted\n", varEntry->existing_offset);
+
invalidateOffsets[invalidateOffsetIndex++] = varEntry->existing_offset;
+ invalidatedSize += variable_length((struct v3_var_header *)varEntry->existing_offset);
} else {
DEBUG_INFO("No existing_offset , removing\n");
}
@@ -1162,7 +1211,7 @@
// Write appendBuffer
DEBUG_INFO("Appending append buffer size=%#zx at offset=%#x\n", appendBufferOffset, _currentOffset);
ret = _nvramController->write(_currentOffset, appendBuffer, appendBufferOffset);
- require_noerr_action(ret, unlock, DEBUG_ERROR("could not re-append, ret=%#x\n", ret));
+ require_noerr_action(ret, exit, DEBUG_ERROR("could not re-append, ret=%#x\n", ret));
_currentOffset += appendBufferOffset;
} else {
@@ -1175,7 +1224,7 @@
uint8_t state = VAR_ADDED & VAR_DELETED & VAR_IN_DELETED_TRANSITION;
ret = _nvramController->write(invalidateOffsets[i] + offsetof(struct v3_var_header, state), &state, sizeof(state));
- require_noerr_action(ret, unlock, DEBUG_ERROR("unable to invalidate at offset %#zx, ret=%#x\n", invalidateOffsets[i], ret));
+ require_noerr_action(ret, exit, DEBUG_ERROR("unable to invalidate at offset %#zx, ret=%#x\n", invalidateOffsets[i], ret));
DEBUG_INFO("Invalidated entry at offset=%#zx\n", invalidateOffsets[i]);
}
} else {
@@ -1183,12 +1232,10 @@
}
_newData = false;
+
_varEntries.reset(remainingEntries.get(), OSRetain);
-unlock:
- NVRAMRWUNLOCK(_variableLock);
} else {
// Will need to reclaim, rebuild store and write everything at once
- NVRAMRWUNLOCK(_variableLock);
ret = reclaim();
}
@@ -1218,9 +1265,8 @@
require_action(_newData == true, exit, DEBUG_INFO("No _newData to sync\n"));
require_action(_bankSize != 0, exit, DEBUG_INFO("No nvram size info\n"));
- block = (uint8_t *)IOMallocZeroData(_bankSize);
-
- NVRAMREADLOCK(_variableLock);
+ block = (uint8_t *)IOMallocData(_bankSize);
+
remainingEntries = OSArray::withCapacity(_varEntries->getCapacity());
ret = _nvramController->select(next_bank);
@@ -1262,17 +1308,12 @@
}
}
- // 0xFF out the remaining space, this will allow banks to switch between append mode and
- // block mode if ever needed
- memset(block + new_bank_offset, 0xFF, _bankSize - (uint32_t)new_bank_offset);
-
ret = _nvramController->write(0, block, _bankSize);
verify_noerr_action(ret, DEBUG_ERROR("w fail, ret=%#x\n", ret));
_nvramController->sync();
_varEntries.reset(remainingEntries.get(), OSRetain);
- NVRAMRWUNLOCK(_variableLock);
_newData = false;
@@ -1289,15 +1330,10 @@
{
IOReturn ret;
- NVRAMLOCK(_controllerLock);
-
if (_reload) {
ret = reloadInternal();
- if (ret != kIOReturnSuccess) {
- DEBUG_ERROR("Reload failed, ret=%#x, reclaiming\n", ret);
- ret = reclaim();
- require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, ret=%#x\n", ret));
- }
+ require_noerr_action(ret, exit, DEBUG_ERROR("Reload failed, ret=%#x", ret));
+
_reload = false;
}
@@ -1306,14 +1342,13 @@
if (ret != kIOReturnSuccess) {
ret = reclaim();
- require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, ret=%#x\n", ret));
+ require_noerr_action(ret, exit, DEBUG_ERROR("Reclaim recovery failed, ret=%#x", ret));
}
} else {
ret = syncBlock();
}
exit:
- NVRAMUNLOCK(_controllerLock);
return ret;
}
@@ -1508,22 +1543,3 @@
return true;
}
-
-IOReturn
-IONVRAMV3Handler::getVarDict(OSSharedPtr<OSDictionary> &varDictCopy)
-{
- IOReturn ret = kIOReturnNotFound;
-
- NVRAMREADLOCK(_variableLock);
- if (_varDict) {
- varDictCopy = OSDictionary::withDictionary(_varDict.get());
- if (varDictCopy) {
- if (OSDictionary::withCapacity(varDictCopy->getCount()) != nullptr) {
- ret = kIOReturnSuccess;
- }
- }
- }
- NVRAMRWUNLOCK(_variableLock);
-
- return ret;
-}