Loading...
--- xnu/xnu-12377.121.6/iokit/bsddev/IOKitBSDInit.cpp
+++ xnu/xnu-11417.121.6/iokit/bsddev/IOKitBSDInit.cpp
@@ -664,12 +664,7 @@
if (reboot) {
IOLog("\nAbout to reboot into Recovery!\n");
- // Mitigation for SEP hanging on kPERestartCPU (radar://164664790).
- // We panic and on the next boot we should land into recovery.
- // This should be reverted back to calling
- // PEHaltRestart(kPERestartCPU) in rdar://169561102.
- panic("Reboot into Recovery (this panic is expected)");
- // (void)PEHaltRestart(kPERestartCPU);
+ (void)PEHaltRestart(kPEPanicRestartCPUNoCallouts);
}
return true;
@@ -1574,10 +1569,6 @@
}
proc_t proc = (proc_t)get_bsdtask_info(task);
- if (proc == NULL) {
- return false;
- }
-
kern_return_t ret = amfi->OSEntitlements.queryEntitlementStringWithProc(
proc,
entitlement,
@@ -1596,14 +1587,6 @@
return IOTaskHasEntitlement(NULL, entitlement);
}
-/*
- * Reminder to reader: This only returns `true` if:
- * - The entitlement is boolean-valued
- * - The value is `true`
- * If you are looking to check whether an entitlement is present,
- * you likely want `IOVnodeIsEntitlementPresentWithAnyValue`
- * or `IOTaskHasEntitlementAsBooleanOrObject` (caveat emptor).
- */
extern "C" boolean_t
IOTaskHasEntitlement(task_t task, const char *entitlement)
{
@@ -1617,10 +1600,6 @@
}
proc_t proc = (proc_t)get_bsdtask_info(task);
- if (proc == NULL) {
- return false;
- }
-
kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
proc,
entitlement);
@@ -1632,24 +1611,27 @@
return false;
}
-extern "C" boolean_t
-IOTaskGetIntegerEntitlement(task_t task, const char *entitlement, uint64_t *value)
+extern "C" OS_ALWAYS_INLINE char*
+IOCurrentTaskGetEntitlement(const char *entitlement)
+{
+ return IOTaskGetEntitlement(NULL, entitlement);
+}
+
+extern "C" char*
+IOTaskGetEntitlement(task_t task, const char *entitlement)
{
void *entitlement_object = NULL;
+ char *return_value = NULL;
if (task == NULL) {
task = current_task();
}
/* Validate input arguments */
- if (task == kernel_task || entitlement == NULL || value == NULL) {
- return false;
+ if (task == kernel_task || entitlement == NULL) {
+ return NULL;
}
proc_t proc = (proc_t)get_bsdtask_info(task);
-
- if (proc == NULL) {
- return false;
- }
kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
proc,
@@ -1657,115 +1639,20 @@
&entitlement_object);
if (ret != KERN_SUCCESS) {
- return false;
+ return NULL;
}
assert(entitlement_object != NULL);
OSObject *os_object = (OSObject*)entitlement_object;
- OSNumber *os_number = OSDynamicCast(OSNumber, os_object);
-
- boolean_t has_entitlement = os_number != NULL;
- if (has_entitlement) {
- *value = os_number->unsigned64BitValue();
- }
+ OSString *os_string = OSDynamicCast(OSString, os_object);
+
+ /* Get a C string version of the OSString */
+ return_value = copyOSStringAsCString(os_string);
/* Free the OSObject which was given to us */
OSSafeReleaseNULL(os_object);
- return has_entitlement;
-}
-
-extern "C" OS_ALWAYS_INLINE char*
-IOCurrentTaskGetEntitlement(const char *entitlement)
-{
- return IOTaskGetEntitlement(NULL, entitlement);
-}
-
-extern "C" char*
-IOTaskGetEntitlement(task_t task, const char *entitlement)
-{
- void *entitlement_object = NULL;
- char *return_value = NULL;
-
- if (task == NULL) {
- task = current_task();
- }
-
- /* Validate input arguments */
- if (task == kernel_task || entitlement == NULL) {
- return NULL;
- }
- proc_t proc = (proc_t)get_bsdtask_info(task);
-
- if (proc == NULL) {
- return NULL;
- }
-
- kern_return_t ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
- proc,
- entitlement,
- &entitlement_object);
-
- if (ret != KERN_SUCCESS) {
- return NULL;
- }
- assert(entitlement_object != NULL);
-
- OSObject *os_object = (OSObject*)entitlement_object;
- OSString *os_string = OSDynamicCast(OSString, os_object);
-
- /* Get a C string version of the OSString */
- return_value = copyOSStringAsCString(os_string);
-
- /* Free the OSObject which was given to us */
- OSSafeReleaseNULL(os_object);
-
return return_value;
-}
-
-extern "C" boolean_t
-IOTaskHasEntitlementAsBooleanOrObject(task_t task, const char *entitlement)
-{
- if (task == NULL) {
- task = current_task();
- }
-
- /* Validate input arguments */
- if (task == kernel_task || entitlement == NULL) {
- return false;
- }
- proc_t proc = (proc_t)get_bsdtask_info(task);
-
- if (proc == NULL) {
- return false;
- }
-
- kern_return_t ret = amfi->OSEntitlements.queryEntitlementBooleanWithProc(
- proc,
- entitlement);
- if (ret == KERN_SUCCESS) {
- return true;
- }
-
- /* Check for the presence of an object */
- void *entitlement_object = NULL;
- ret = amfi->OSEntitlements.copyEntitlementAsOSObjectWithProc(
- proc,
- entitlement,
- &entitlement_object);
- if (ret != KERN_SUCCESS) {
- return false;
- }
- assert(entitlement_object != NULL);
-
- OSObject *os_object = (OSObject*)entitlement_object;
-
- bool not_false_entitlement = (os_object != kOSBooleanFalse);
-
- /* Free the OSObject which was given to us */
- OSSafeReleaseNULL(os_object);
-
- return not_false_entitlement;
}
extern "C" boolean_t
@@ -1780,20 +1667,6 @@
}
obj->release();
return obj != kOSBooleanFalse;
-}
-
-extern "C" boolean_t
-IOVnodeIsEntitlementPresentWithAnyValue(vnode_t vnode, int64_t off, const char *entitlement)
-{
- OSObject * obj;
- off_t offset = (off_t)off;
-
- obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
- if (!obj) {
- return false;
- }
- obj->release();
- return true;
}
/*
@@ -1837,28 +1710,6 @@
return true;
}
-extern boolean_t
-IOVnodeGetIntegerEntitlement(struct vnode *vnode, int64_t off, const char *entitlement, uint64_t *value)
-{
- OSObject *obj;
- boolean_t ret = false;
- off_t offset = (off_t)off;
-
- obj = IOUserClient::copyClientEntitlementVnode(vnode, offset, entitlement);
- if (!obj) {
- return ret;
- }
-
- OSNumber *num = OSDynamicCast(OSNumber, obj);
- if (num) {
- *value = num->unsigned64BitValue();
- ret = true;
- }
-
- obj->release();
- return ret;
-}
-
extern "C" char *
IOVnodeGetEntitlement(vnode_t vnode, int64_t off, const char *entitlement)
{