Loading...
--- xnu/xnu-1228/iokit/Kernel/IOUserClient.cpp
+++ xnu/xnu-1699.26.8/iokit/Kernel/IOUserClient.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2006 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1998-2008 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
@@ -27,6 +27,7 @@
*/
+#include <libkern/c++/OSKext.h>
#include <IOKit/IOKitServer.h>
#include <IOKit/IOKitKeysPrivate.h>
#include <IOKit/IOUserClient.h>
@@ -34,8 +35,24 @@
#include <IOKit/IORegistryEntry.h>
#include <IOKit/IOCatalogue.h>
#include <IOKit/IOMemoryDescriptor.h>
+#include <IOKit/IOBufferMemoryDescriptor.h>
#include <IOKit/IOLib.h>
+#include <IOKit/IOStatisticsPrivate.h>
+#include <IOKit/IOTimeStamp.h>
+#include <libkern/OSDebug.h>
#include <sys/proc.h>
+#include <sys/kauth.h>
+
+#if CONFIG_MACF
+
+extern "C" {
+#include <security/mac_framework.h>
+};
+#include <sys/kauth.h>
+
+#define IOMACF_LOG 0
+
+#endif /* CONFIG_MACF */
#include <IOKit/assert.h>
@@ -45,7 +62,7 @@
#define SCALAR64(x) ((io_user_scalar_t)((unsigned int)x))
#define SCALAR32(x) ((uint32_t )x)
#define ARG32(x) ((void *)SCALAR32(x))
-#define REF64(x) ((io_user_reference_t)((natural_t)(x)))
+#define REF64(x) ((io_user_reference_t)((UInt64)(x)))
#define REF32(x) ((int)(x))
enum
@@ -54,6 +71,32 @@
kIOUCAsync64Flag = 1ULL
};
+#if IOKITSTATS
+
+#define IOStatisticsRegisterCounter() \
+do { \
+ reserved->counter = IOStatistics::registerUserClient(this); \
+} while (0)
+
+#define IOStatisticsUnregisterCounter() \
+do { \
+ if (reserved) \
+ IOStatistics::unregisterUserClient(reserved->counter); \
+} while (0)
+
+#define IOStatisticsClientCall() \
+do { \
+ IOStatistics::countUserClientCall(client); \
+} while (0)
+
+#else
+
+#define IOStatisticsRegisterCounter()
+#define IOStatisticsUnregisterCounter()
+#define IOStatisticsClientCall()
+
+#endif /* IOKITSTATS */
+
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
// definitions we should get from osfmk
@@ -85,6 +128,7 @@
extern void iokit_retain_port( ipc_port_t port );
extern void iokit_release_port( ipc_port_t port );
+extern void iokit_release_port_send( ipc_port_t port );
extern kern_return_t iokit_switch_object_port( ipc_port_t port, io_object_t obj, ipc_kobject_type_t type );
@@ -210,7 +254,7 @@
machPort = (IOMachPort *) dict->getObject( (const OSSymbol *) obj );
if( machPort) {
- destroyed = (machPort->mscount == *mscount);
+ destroyed = (machPort->mscount <= *mscount);
if( destroyed)
dict->removeObject( (const OSSymbol *) obj );
else
@@ -379,8 +423,10 @@
if( IKOT_IOKIT_CONNECT == type)
{
- if( (client = OSDynamicCast( IOUserClient, obj )))
+ if( (client = OSDynamicCast( IOUserClient, obj ))) {
+ IOStatisticsClientCall();
client->clientDied();
+ }
}
else if( IKOT_IOKIT_OBJECT == type)
{
@@ -422,7 +468,7 @@
virtual void free();
static bool _handler( void * target,
- void * ref, IOService * newService );
+ void * ref, IOService * newService, IONotifier * notifier );
virtual bool handler( void * ref, IOService * newService );
virtual OSObject * getNextObject();
@@ -436,7 +482,7 @@
mach_msg_header_t msgHdr;
mach_msg_body_t msgBody;
mach_msg_port_descriptor_t ports[1];
- OSNotificationHeader64 notifyHeader;
+ OSNotificationHeader64 notifyHeader __attribute__ ((packed));
};
PingMsg * pingMsg;
@@ -587,7 +633,7 @@
}
bool IOServiceUserNotification::_handler( void * target,
- void * ref, IOService * newService )
+ void * ref, IOService * newService, IONotifier * notifier )
{
return( ((IOServiceUserNotification *) target)->handler( ref, newService ));
}
@@ -621,13 +667,13 @@
else
pingMsg->msgHdr.msgh_local_port = NULL;
- kr = mach_msg_send_from_kernel( &pingMsg->msgHdr,
+ kr = mach_msg_send_from_kernel_proper( &pingMsg->msgHdr,
pingMsg->msgHdr.msgh_size);
if( port)
iokit_release_port( port );
if( KERN_SUCCESS != kr)
- IOLog("%s: mach_msg_send_from_kernel {%x}\n", __FILE__, kr );
+ IOLog("%s: mach_msg_send_from_kernel_proper {%x}\n", __FILE__, kr );
}
return( true );
@@ -754,7 +800,7 @@
else
{
data->messageArgument[0] |= (data->messageArgument[0] << 32);
- argSize = sizeof(messageArgument);
+ argSize = sizeof(uint32_t);
}
}
else
@@ -772,7 +818,7 @@
pingMsg->ports[0].name = providerPort;
thisPort = iokit_port_for_object( this, IKOT_IOKIT_OBJECT );
pingMsg->msgHdr.msgh_local_port = thisPort;
- kr = mach_msg_send_from_kernel( &pingMsg->msgHdr,
+ kr = mach_msg_send_from_kernel_proper( &pingMsg->msgHdr,
pingMsg->msgHdr.msgh_size);
if( thisPort)
iokit_release_port( thisPort );
@@ -780,7 +826,7 @@
iokit_release_port( providerPort );
if( KERN_SUCCESS != kr)
- IOLog("%s: mach_msg_send_from_kernel {%x}\n", __FILE__, kr );
+ IOLog("%s: mach_msg_send_from_kernel_proper {%x}\n", __FILE__, kr );
return( kIOReturnSuccess );
}
@@ -807,10 +853,10 @@
mach_port_t wakePort,
void *callback, void *refcon)
{
- asyncRef[kIOAsyncReservedIndex] = ((natural_t) wakePort)
+ asyncRef[kIOAsyncReservedIndex] = ((uintptr_t) wakePort)
| (kIOUCAsync0Flags & asyncRef[kIOAsyncReservedIndex]);
- asyncRef[kIOAsyncCalloutFuncIndex] = (natural_t) callback;
- asyncRef[kIOAsyncCalloutRefconIndex] = (natural_t) refcon;
+ asyncRef[kIOAsyncCalloutFuncIndex] = (uintptr_t) callback;
+ asyncRef[kIOAsyncCalloutRefconIndex] = (uintptr_t) refcon;
}
void IOUserClient::setAsyncReference64(OSAsyncReference64 asyncRef,
@@ -823,7 +869,7 @@
asyncRef[kIOAsyncCalloutRefconIndex] = refcon;
}
-inline OSDictionary * CopyConsoleUser(UInt32 uid)
+static OSDictionary * CopyConsoleUser(UInt32 uid)
{
OSArray * array;
OSDictionary * user = 0;
@@ -847,6 +893,29 @@
return user;
}
+static OSDictionary * CopyUserOnConsole(void)
+{
+ OSArray * array;
+ OSDictionary * user = 0;
+
+ if ((array = OSDynamicCast(OSArray,
+ IORegistryEntry::getRegistryRoot()->copyProperty(gIOConsoleUsersKey))))
+ {
+ for (unsigned int idx = 0;
+ (user = OSDynamicCast(OSDictionary, array->getObject(idx)));
+ idx++)
+ {
+ if (kOSBooleanTrue == user->getObject(gIOConsoleSessionOnConsoleKey))
+ {
+ user->retain();
+ break;
+ }
+ }
+ array->release();
+ }
+ return (user);
+}
+
IOReturn IOUserClient::clientHasPrivilege( void * securityToken,
const char * privilegeName )
{
@@ -857,26 +926,71 @@
OSDictionary * user;
bool secureConsole;
- if ((secureConsole = !strcmp(privilegeName, kIOClientPrivilegeSecureConsoleProcess)))
+
+ if (!strncmp(privilegeName, kIOClientPrivilegeForeground,
+ sizeof(kIOClientPrivilegeForeground)))
+ {
+ /* is graphics access denied for current task? */
+ if (proc_get_task_selfgpuacc_deny() != 0)
+ return (kIOReturnNotPrivileged);
+ else
+ return (kIOReturnSuccess);
+ }
+
+ if (!strncmp(privilegeName, kIOClientPrivilegeConsoleSession,
+ sizeof(kIOClientPrivilegeConsoleSession)))
+ {
+ kauth_cred_t cred;
+ proc_t p;
+
+ task = (task_t) securityToken;
+ if (!task)
+ task = current_task();
+ p = (proc_t) get_bsdtask_info(task);
+ kr = kIOReturnNotPrivileged;
+
+ if (p && (cred = kauth_cred_proc_ref(p)))
+ {
+ user = CopyUserOnConsole();
+ if (user)
+ {
+ OSNumber * num;
+ if ((num = OSDynamicCast(OSNumber, user->getObject(gIOConsoleSessionAuditIDKey)))
+ && (cred->cr_audit.as_aia_p->ai_asid == (au_asid_t) num->unsigned32BitValue()))
+ {
+ kr = kIOReturnSuccess;
+ }
+ user->release();
+ }
+ kauth_cred_unref(&cred);
+ }
+ return (kr);
+ }
+
+ if ((secureConsole = !strncmp(privilegeName, kIOClientPrivilegeSecureConsoleProcess,
+ sizeof(kIOClientPrivilegeSecureConsoleProcess))))
task = (task_t)((IOUCProcessToken *)securityToken)->token;
else
task = (task_t)securityToken;
-
+
count = TASK_SECURITY_TOKEN_COUNT;
kr = task_info( task, TASK_SECURITY_TOKEN, (task_info_t) &token, &count );
if (KERN_SUCCESS != kr)
{}
- else if (!strcmp(privilegeName, kIOClientPrivilegeAdministrator)) {
+ else if (!strncmp(privilegeName, kIOClientPrivilegeAdministrator,
+ sizeof(kIOClientPrivilegeAdministrator))) {
if (0 != token.val[0])
kr = kIOReturnNotPrivileged;
- } else if (!strcmp(privilegeName, kIOClientPrivilegeLocalUser)) {
+ } else if (!strncmp(privilegeName, kIOClientPrivilegeLocalUser,
+ sizeof(kIOClientPrivilegeLocalUser))) {
user = CopyConsoleUser(token.val[0]);
if ( user )
user->release();
else
kr = kIOReturnNotPrivileged;
- } else if (secureConsole || !strcmp(privilegeName, kIOClientPrivilegeConsoleUser)) {
+ } else if (secureConsole || !strncmp(privilegeName, kIOClientPrivilegeConsoleUser,
+ sizeof(kIOClientPrivilegeConsoleUser))) {
user = CopyConsoleUser(token.val[0]);
if ( user ) {
if (user->getObject(gIOConsoleSessionOnConsoleKey) != kOSBooleanTrue)
@@ -898,28 +1012,28 @@
bool IOUserClient::init()
{
- if( getPropertyTable())
- return true;
- else
- return super::init();
+ if (getPropertyTable() || super::init())
+ return reserve();
+
+ return false;
}
bool IOUserClient::init(OSDictionary * dictionary)
{
- if( getPropertyTable())
- return true;
- else
- return super::init(dictionary);
+ if (getPropertyTable() || super::init(dictionary))
+ return reserve();
+
+ return false;
}
bool IOUserClient::initWithTask(task_t owningTask,
void * securityID,
UInt32 type )
-{
- if( getPropertyTable())
- return true;
- else
- return super::init();
+{
+ if (getPropertyTable() || super::init())
+ return reserve();
+
+ return false;
}
bool IOUserClient::initWithTask(task_t owningTask,
@@ -935,11 +1049,30 @@
return( ok );
}
+bool IOUserClient::reserve()
+{
+ if(!reserved) {
+ reserved = IONew(ExpansionData, 1);
+ if (!reserved) {
+ return false;
+ }
+ }
+
+ IOStatisticsRegisterCounter();
+
+ return true;
+}
+
void IOUserClient::free()
{
if( mappings)
mappings->release();
-
+
+ IOStatisticsUnregisterCounter();
+
+ if (reserved)
+ IODelete(reserved, ExpansionData, 1);
+
super::free();
}
@@ -966,6 +1099,14 @@
return( kIOReturnUnsupported);
}
+IOReturn IOUserClient::registerNotificationPort(
+ mach_port_t port,
+ UInt32 type,
+ io_user_reference_t refCon)
+{
+ return (registerNotificationPort(port, type, (UInt32) refCon));
+}
+
IOReturn IOUserClient::getNotificationSemaphore( UInt32 notification_type,
semaphore_t * semaphore )
{
@@ -984,29 +1125,16 @@
return( kIOReturnUnsupported);
}
+#if !__LP64__
IOMemoryMap * IOUserClient::mapClientMemory(
IOOptionBits type,
task_t task,
IOOptionBits mapFlags,
IOVirtualAddress atAddress )
{
- IOReturn err;
- IOOptionBits options = 0;
- IOMemoryDescriptor * memory;
- IOMemoryMap * map = 0;
-
- err = clientMemoryForType( (UInt32) type, &options, &memory );
-
- if( memory && (kIOReturnSuccess == err)) {
-
- options = (options & ~kIOMapUserOptionsMask)
- | (mapFlags & kIOMapUserOptionsMask);
- map = memory->map( task, atAddress, options );
- memory->release();
- }
-
- return( map );
-}
+ return (NULL);
+}
+#endif
IOMemoryMap * IOUserClient::mapClientMemory64(
IOOptionBits type,
@@ -1092,6 +1220,25 @@
}
return trap;
+}
+
+IOReturn IOUserClient::releaseAsyncReference64(OSAsyncReference64 reference)
+{
+ mach_port_t port;
+ port = (mach_port_t) (reference[0] & ~kIOUCAsync0Flags);
+
+ if (MACH_PORT_NULL != port)
+ iokit_release_port_send(port);
+
+ return (kIOReturnSuccess);
+}
+
+IOReturn IOUserClient::releaseNotificationPort(mach_port_t port)
+{
+ if (MACH_PORT_NULL != port)
+ iokit_release_port_send(port);
+
+ return (kIOReturnSuccess);
}
IOReturn IOUserClient::sendAsyncResult(OSAsyncReference reference,
@@ -1131,8 +1278,7 @@
{
OSNotificationHeader64 notifyHdr;
IOAsyncCompletionContent asyncContent;
- uint32_t pad;
- io_user_reference_t args[kMaxAsyncArgs];
+ io_user_reference_t args[kMaxAsyncArgs] __attribute__ ((packed));
} msg64;
} m;
};
@@ -1159,7 +1305,6 @@
sizeof(replyMsg.msgHdr) + sizeof(replyMsg.m.msg64)
- (kMaxAsyncArgs - numArgs) * sizeof(io_user_reference_t);
replyMsg.m.msg64.notifyHdr.size = sizeof(IOAsyncCompletionContent)
- + sizeof(uint32_t)
+ numArgs * sizeof(io_user_reference_t);
replyMsg.m.msg64.notifyHdr.type = kIOAsyncCompletionNotificationType;
bcopy(reference, replyMsg.m.msg64.notifyHdr.reference, sizeof(OSAsyncReference64));
@@ -1189,10 +1334,10 @@
replyMsg.m.msg32.args[idx] = REF32(args[idx]);
}
- kr = mach_msg_send_from_kernel( &replyMsg.msgHdr,
+ kr = mach_msg_send_from_kernel_proper( &replyMsg.msgHdr,
replyMsg.msgHdr.msgh_size);
if( KERN_SUCCESS != kr)
- IOLog("%s: mach_msg_send_from_kernel {%x}\n", __FILE__, kr );
+ IOLog("%s: mach_msg_send_from_kernel_proper {%x}\n", __FILE__, kr );
return kr;
}
@@ -1212,16 +1357,16 @@
io_name_t className )
{
const OSMetaClass* my_obj = NULL;
-
- if( !object)
- return( kIOReturnBadArgument );
+
+ if( !object)
+ return( kIOReturnBadArgument );
my_obj = object->getMetaClass();
if (!my_obj) {
return (kIOReturnNotFound);
}
- strcpy( className, my_obj->getClassName());
+ strlcpy( className, my_obj->getClassName(), sizeof(io_name_t));
return( kIOReturnSuccess );
}
@@ -1405,9 +1550,9 @@
kern_return_t *result,
boolean_t *matches )
{
- kern_return_t kr;
- vm_offset_t data;
- vm_map_offset_t map_data;
+ kern_return_t kr;
+ vm_offset_t data;
+ vm_map_offset_t map_data;
kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) matching );
data = CAST_DOWN(vm_offset_t, map_data);
@@ -1528,10 +1673,9 @@
if( !userNotify)
continue;
- notify = IOService::addNotification( sym, dict,
+ notify = IOService::addMatchingNotification( sym, dict,
&userNotify->_handler, userNotify );
if( notify) {
- dict = 0;
*notification = userNotify;
userNotify->setNotification( notify );
err = kIOReturnSuccess;
@@ -1649,6 +1793,7 @@
io_name_t notification_type,
io_string_t matching,
mach_port_t port,
+ // for binary compatibility reasons, this must be natural_t for ILP32
natural_t ref,
io_object_t * notification )
{
@@ -1753,6 +1898,7 @@
{
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
return( client->getNotificationSemaphore( (UInt32) notification_type,
semaphore ));
}
@@ -1933,10 +2079,22 @@
return( kIOReturnNotFound );
}
+/* Routine io_registry_entry_get_registry_entry_id */
+kern_return_t is_io_registry_entry_get_registry_entry_id(
+ io_object_t registry_entry,
+ uint64_t *entry_id )
+{
+ CHECK( IORegistryEntry, registry_entry, entry );
+
+ *entry_id = entry->getRegistryEntryID();
+
+ return (kIOReturnSuccess);
+}
+
// Create a vm_map_copy_t or kalloc'ed data for memory
// to be copied out. ipc will free after the copyout.
-static kern_return_t copyoutkdata( void * data, vm_size_t len,
+static kern_return_t copyoutkdata( const void * data, vm_size_t len,
io_buf_ptr_t * buf )
{
kern_return_t err;
@@ -2150,11 +2308,17 @@
obj = OSUnserializeXML( (const char *) data );
vm_deallocate( kernel_map, data, propertiesCnt );
- if( obj) {
+ if (!obj)
+ res = kIOReturnBadArgument;
+#if CONFIG_MACF
+ else if (0 != mac_iokit_check_set_properties(kauth_cred_get(),
+ registry_entry, obj))
+ res = kIOReturnNotPermitted;
+#endif
+ else
res = entry->setProperties( obj );
- obj->release();
- } else
- res = kIOReturnBadArgument;
+ if (obj)
+ obj->release();
} else
res = err;
@@ -2205,11 +2369,15 @@
/* Routine io_service_get_state */
kern_return_t is_io_service_get_state(
io_object_t _service,
- uint64_t *state )
+ uint64_t *state,
+ uint32_t *busy_state,
+ uint64_t *accumulated_busy_time )
{
CHECK( IOService, _service, service );
- *state = service->getState();
+ *state = service->getState();
+ *busy_state = service->getBusyState();
+ *accumulated_busy_time = service->getAccumulatedBusyTime();
return( kIOReturnSuccess );
}
@@ -2219,9 +2387,15 @@
io_object_t _service,
mach_timespec_t wait_time )
{
+ uint64_t timeoutNS;
+
CHECK( IOService, _service, service );
- return( service->waitQuiet( &wait_time ));
+ timeoutNS = wait_time.tv_sec;
+ timeoutNS *= kSecondScale;
+ timeoutNS += wait_time.tv_nsec;
+
+ return( service->waitQuiet(timeoutNS) );
}
/* Routine io_service_request_probe */
@@ -2232,30 +2406,6 @@
CHECK( IOService, _service, service );
return( service->requestProbe( options ));
-}
-
-
-/* Routine io_service_open */
-kern_return_t is_io_service_open(
- io_object_t _service,
- task_t owningTask,
- uint32_t connect_type,
- io_object_t *connection )
-{
- IOUserClient * client;
- IOReturn err;
-
- CHECK( IOService, _service, service );
-
- err = service->newUserClient( owningTask, (void *) owningTask,
- connect_type, 0, &client );
-
- if( err == kIOReturnSuccess) {
- assert( OSDynamicCast(IOUserClient, client) );
- *connection = client;
- }
-
- return( err);
}
/* Routine io_service_open_ndr */
@@ -2333,16 +2483,26 @@
disallowAccess = (crossEndian
&& (kOSBooleanTrue != service->getProperty(kIOUserClientCrossEndianCompatibleKey))
&& (kOSBooleanTrue != client->getProperty(kIOUserClientCrossEndianCompatibleKey)));
-
- if (disallowAccess)
+ if (disallowAccess) res = kIOReturnUnsupported;
+#if CONFIG_MACF
+ else if (0 != mac_iokit_check_open(kauth_cred_get(), client, connect_type))
+ res = kIOReturnNotPermitted;
+#endif
+ if (kIOReturnSuccess != res)
{
+ IOStatisticsClientCall();
client->clientClose();
client->release();
client = 0;
- res = kIOReturnUnsupported;
break;
}
client->sharedInstance = (0 != client->getProperty(kIOUserClientSharedInstanceKey));
+ OSString * creatorName = IOCopyLogNameForPID(proc_selfpid());
+ if (creatorName)
+ {
+ client->setProperty(kIOUserClientCreatorKey, creatorName);
+ creatorName->release();
+ }
}
}
while (false);
@@ -2363,6 +2523,7 @@
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
client->clientClose();
return( kIOReturnSuccess );
@@ -2395,8 +2556,9 @@
{
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
return( client->registerNotificationPort( port, notification_type,
- reference ));
+ (io_user_reference_t) reference ));
}
/* Routine io_connect_set_notification_port */
@@ -2408,6 +2570,7 @@
{
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
return( client->registerNotificationPort( port, notification_type,
reference ));
}
@@ -2428,6 +2591,7 @@
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
map = client->mapClientMemory64( memory_type, into_task, flags, *address );
if( map) {
@@ -2485,6 +2649,8 @@
return (err);
}
+
+} /* extern "C" */
IOMemoryMap * IOUserClient::removeMappingForDescriptor(IOMemoryDescriptor * mem)
{
@@ -2513,6 +2679,8 @@
return (map);
}
+extern "C" {
+
/* Routine io_connect_unmap_memory_from_task */
kern_return_t is_io_connect_unmap_memory_from_task
(
@@ -2528,6 +2696,7 @@
CHECK( IOUserClient, connection, client );
+ IOStatisticsClientCall();
err = client->clientMemoryForType( (UInt32) memory_type, &options, &memory );
if( memory && (kIOReturnSuccess == err)) {
@@ -2549,7 +2718,7 @@
name = IOMachPort::makeSendRightForTask( from_task, map, IKOT_IOKIT_OBJECT );
if (name)
{
- map->unmap();
+ map->userClientUnmap();
err = iokit_mod_send_right( from_task, name, -2 );
err = kIOReturnSuccess;
}
@@ -2590,6 +2759,7 @@
CHECK( IOUserClient, connection, client );
CHECK( IOUserClient, connect_to, to );
+ IOStatisticsClientCall();
return( client->connectClient( to ) );
}
@@ -2604,6 +2774,97 @@
return( is_io_registry_entry_set_properties( connection, properties, propertiesCnt, result ));
}
+/* Routine io_user_client_method */
+kern_return_t is_io_connect_method_var_output
+(
+ io_connect_t connection,
+ uint32_t selector,
+ io_scalar_inband64_t scalar_input,
+ mach_msg_type_number_t scalar_inputCnt,
+ io_struct_inband_t inband_input,
+ mach_msg_type_number_t inband_inputCnt,
+ mach_vm_address_t ool_input,
+ mach_vm_size_t ool_input_size,
+ io_struct_inband_t inband_output,
+ mach_msg_type_number_t *inband_outputCnt,
+ io_scalar_inband64_t scalar_output,
+ mach_msg_type_number_t *scalar_outputCnt,
+ io_buf_ptr_t *var_output,
+ mach_msg_type_number_t *var_outputCnt
+)
+{
+ CHECK( IOUserClient, connection, client );
+
+ IOExternalMethodArguments args;
+ IOReturn ret;
+ IOMemoryDescriptor * inputMD = 0;
+ OSObject * structureVariableOutputData = 0;
+
+ bzero(&args.__reserved[0], sizeof(args.__reserved));
+ args.version = kIOExternalMethodArgumentsCurrentVersion;
+
+ args.selector = selector;
+
+ args.asyncWakePort = MACH_PORT_NULL;
+ args.asyncReference = 0;
+ args.asyncReferenceCount = 0;
+ args.structureVariableOutputData = &structureVariableOutputData;
+
+ args.scalarInput = scalar_input;
+ args.scalarInputCount = scalar_inputCnt;
+ args.structureInput = inband_input;
+ args.structureInputSize = inband_inputCnt;
+
+ if (ool_input)
+ inputMD = IOMemoryDescriptor::withAddressRange(ool_input, ool_input_size,
+ kIODirectionOut, current_task());
+
+ args.structureInputDescriptor = inputMD;
+
+ args.scalarOutput = scalar_output;
+ args.scalarOutputCount = *scalar_outputCnt;
+ args.structureOutput = inband_output;
+ args.structureOutputSize = *inband_outputCnt;
+ args.structureOutputDescriptor = NULL;
+ args.structureOutputDescriptorSize = 0;
+
+ IOStatisticsClientCall();
+ ret = client->externalMethod( selector, &args );
+
+ *scalar_outputCnt = args.scalarOutputCount;
+ *inband_outputCnt = args.structureOutputSize;
+
+ if (var_outputCnt && var_output && (kIOReturnSuccess == ret))
+ {
+ OSSerialize * serialize;
+ OSData * data;
+ vm_size_t len;
+
+ if ((serialize = OSDynamicCast(OSSerialize, structureVariableOutputData)))
+ {
+ len = serialize->getLength();
+ *var_outputCnt = len;
+ ret = copyoutkdata(serialize->text(), len, var_output);
+ }
+ else if ((data = OSDynamicCast(OSData, structureVariableOutputData)))
+ {
+ len = data->getLength();
+ *var_outputCnt = len;
+ ret = copyoutkdata(data->getBytesNoCopy(), len, var_output);
+ }
+ else
+ {
+ ret = kIOReturnUnderrun;
+ }
+ }
+
+ if (inputMD)
+ inputMD->release();
+ if (structureVariableOutputData)
+ structureVariableOutputData->release();
+
+ return (ret);
+}
/* Routine io_user_client_method */
kern_return_t is_io_connect_method
@@ -2616,12 +2877,12 @@
mach_msg_type_number_t inband_inputCnt,
mach_vm_address_t ool_input,
mach_vm_size_t ool_input_size,
+ io_struct_inband_t inband_output,
+ mach_msg_type_number_t *inband_outputCnt,
io_scalar_inband64_t scalar_output,
mach_msg_type_number_t *scalar_outputCnt,
- io_struct_inband_t inband_output,
- mach_msg_type_number_t *inband_outputCnt,
mach_vm_address_t ool_output,
- mach_vm_size_t * ool_output_size
+ mach_vm_size_t *ool_output_size
)
{
CHECK( IOUserClient, connection, client );
@@ -2636,9 +2897,10 @@
args.selector = selector;
- args.asyncWakePort = MACH_PORT_NULL;
- args.asyncReference = 0;
- args.asyncReferenceCount = 0;
+ args.asyncWakePort = MACH_PORT_NULL;
+ args.asyncReference = 0;
+ args.asyncReferenceCount = 0;
+ args.structureVariableOutputData = 0;
args.scalarInput = scalar_input;
args.scalarInputCount = scalar_inputCnt;
@@ -2656,15 +2918,16 @@
args.structureOutput = inband_output;
args.structureOutputSize = *inband_outputCnt;
- if (ool_output)
+ if (ool_output && ool_output_size)
{
outputMD = IOMemoryDescriptor::withAddressRange(ool_output, *ool_output_size,
kIODirectionIn, current_task());
}
args.structureOutputDescriptor = outputMD;
- args.structureOutputDescriptorSize = *ool_output_size;
-
+ args.structureOutputDescriptorSize = ool_output_size ? *ool_output_size : 0;
+
+ IOStatisticsClientCall();
ret = client->externalMethod( selector, &args );
*scalar_outputCnt = args.scalarOutputCount;
@@ -2693,10 +2956,10 @@
mach_msg_type_number_t inband_inputCnt,
mach_vm_address_t ool_input,
mach_vm_size_t ool_input_size,
+ io_struct_inband_t inband_output,
+ mach_msg_type_number_t *inband_outputCnt,
io_scalar_inband64_t scalar_output,
mach_msg_type_number_t *scalar_outputCnt,
- io_struct_inband_t inband_output,
- mach_msg_type_number_t *inband_outputCnt,
mach_vm_address_t ool_output,
mach_vm_size_t * ool_output_size
)
@@ -2746,6 +3009,7 @@
args.structureOutputDescriptor = outputMD;
args.structureOutputDescriptorSize = *ool_output_size;
+ IOStatisticsClientCall();
ret = client->externalMethod( selector, &args );
*inband_outputCnt = args.structureOutputSize;
@@ -2783,8 +3047,8 @@
_input, inputCount,
NULL, 0,
0, 0,
+ NULL, &struct_outputCnt,
_output, outputCount,
- NULL, &struct_outputCnt,
0, &ool_output_size);
for (i = 0; i < *outputCount; i++)
@@ -2902,8 +3166,8 @@
_input, inputCount,
NULL, 0,
0, 0,
+ NULL, &struct_outputCnt,
_output, outputCount,
- NULL, &struct_outputCnt,
0, &ool_output_size);
for (i = 0; i < *outputCount; i++)
@@ -2942,8 +3206,8 @@
_input, inputCount,
NULL, 0,
0, 0,
+ output, outputCount,
NULL, &scalar_outputCnt,
- output, outputCount,
0, &ool_output_size));
}
@@ -2979,8 +3243,8 @@
_input, inputCount,
inputStruct, inputStructCount,
0, 0,
+ NULL, &inband_outputCnt,
NULL, &scalar_outputCnt,
- NULL, &inband_outputCnt,
0, &ool_output_size));
}
@@ -3010,8 +3274,8 @@
NULL, 0,
input, inputCount,
0, 0,
+ output, outputCount,
NULL, &scalar_outputCnt,
- output, outputCount,
0, &ool_output_size));
}
@@ -3130,8 +3394,8 @@
_input, inputCount,
NULL, 0,
0, 0,
+ output, outputCount,
NULL, &scalar_outputCnt,
- output, outputCount,
0, &ool_output_size));
}
@@ -3142,7 +3406,7 @@
const io_user_scalar_t * input,
mach_msg_type_number_t inputCount,
io_struct_inband_t output,
- mach_msg_type_number_t * outputCount )
+ IOByteCount * outputCount )
{
IOMethod func;
IOReturn err;
@@ -3303,8 +3567,8 @@
_input, inputCount,
inputStruct, inputStructCount,
0, 0,
+ NULL, &inband_outputCnt,
NULL, &scalar_outputCnt,
- NULL, &inband_outputCnt,
0, &ool_output_size));
}
@@ -3476,8 +3740,8 @@
NULL, 0,
input, inputCount,
0, 0,
+ output, outputCount,
NULL, &scalar_outputCnt,
- output, outputCount,
0, &ool_output_size));
}
@@ -3487,7 +3751,7 @@
io_struct_inband_t input,
mach_msg_type_number_t inputCount,
io_struct_inband_t output,
- mach_msg_type_number_t * outputCount )
+ IOByteCount * outputCount )
{
IOMethod func;
IOReturn err = kIOReturnBadArgument;
@@ -3636,7 +3900,7 @@
err = kIOReturnNoMemory;
continue;
} else
- strcpy( matching, s->text());
+ strlcpy(matching, s->text(), sizeof(io_string_t));
}
while( false);
@@ -3665,15 +3929,19 @@
if( master_port != master_device_port)
return kIOReturnNotPrivileged;
- // FIXME: This is a hack. Should have own function for removeKernelLinker()
- if( (flag != kIOCatalogRemoveKernelLinker && flag != kIOCatalogKextdFinishedLaunching) && ( !inData || !inDataCount) )
+ if( (flag != kIOCatalogRemoveKernelLinker &&
+ flag != kIOCatalogKextdActive &&
+ flag != kIOCatalogKextdFinishedLaunching) &&
+ ( !inData || !inDataCount) )
+ {
return kIOReturnBadArgument;
+ }
if (inData) {
vm_map_offset_t map_data;
kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t)inData);
- data = CAST_DOWN(vm_offset_t, map_data);
+ data = CAST_DOWN(vm_offset_t, map_data);
if( kr != KERN_SUCCESS)
return kr;
@@ -3691,6 +3959,23 @@
}
switch ( flag ) {
+ case kIOCatalogResetDrivers:
+ case kIOCatalogResetDriversNoMatch: {
+ OSArray * array;
+
+ array = OSDynamicCast(OSArray, obj);
+ if (array) {
+ if ( !gIOCatalogue->resetAndAddDrivers(array,
+ flag == kIOCatalogResetDrivers) ) {
+
+ kr = kIOReturnError;
+ }
+ } else {
+ kr = kIOReturnBadArgument;
+ }
+ }
+ break;
+
case kIOCatalogAddDrivers:
case kIOCatalogAddDriversNoMatch: {
OSArray * array;
@@ -3740,21 +4025,31 @@
}
break;
- case kIOCatalogRemoveKernelLinker: {
- if (gIOCatalogue->removeKernelLinker() != KERN_SUCCESS) {
- kr = kIOReturnError;
- } else {
- kr = kIOReturnSuccess;
- }
- }
+ case kIOCatalogRemoveKernelLinker:
+ kr = KERN_NOT_SUPPORTED;
+ break;
+
+ case kIOCatalogKextdActive:
+#if !NO_KEXTD
+ IOServiceTrace(IOSERVICE_KEXTD_ALIVE, 0, 0, 0, 0);
+ OSKext::setKextdActive();
+
+ /* Dump all nonloaded startup extensions; kextd will now send them
+ * down on request.
+ */
+ OSKext::flushNonloadedKexts( /* flushPrelinkedKexts */ false);
+#endif
+ kr = kIOReturnSuccess;
break;
case kIOCatalogKextdFinishedLaunching: {
#if !NO_KEXTD
static bool clearedBusy = false;
+
if (!clearedBusy) {
IOService * serviceRoot = IOService::getServiceRoot();
if (serviceRoot) {
+ IOServiceTrace(IOSERVICE_KEXTD_READY, 0, 0, 0, 0);
serviceRoot->adjustBusy(-1);
clearedBusy = true;
}
@@ -3792,6 +4087,7 @@
return( kr );
switch ( flag ) {
+#if !defined(SECURE_KERNEL)
case kIOCatalogServiceTerminate:
OSIterator * iter;
IOService * service;
@@ -3821,6 +4117,7 @@
kr = gIOCatalogue->terminateDriversForModule(name,
flag == kIOCatalogModuleUnload);
break;
+#endif
default:
kr = kIOReturnBadArgument;
@@ -3892,7 +4189,9 @@
return kIOReturnSuccess;
}
-/* Routine io_catalog_module_loaded */
+/* Routine io_catalog_module_loaded.
+ * Is invoked from IOKitLib's IOCatalogueModuleLoaded(). Doesn't seem to be used.
+ */
kern_return_t is_io_catalog_module_loaded(
mach_port_t master_port,
io_name_t name)
@@ -3957,11 +4256,14 @@
return result;
}
+} /* extern "C" */
+
IOReturn IOUserClient::externalMethod( uint32_t selector, IOExternalMethodArguments * args,
IOExternalMethodDispatch * dispatch, OSObject * target, void * reference )
{
IOReturn err;
IOService * object;
+ IOByteCount structureOutputSize;
if (dispatch)
{
@@ -4002,6 +4304,7 @@
return (err);
}
+
// pre-Leopard API's don't do ool structs
if (args->structureInputDescriptor || args->structureOutputDescriptor)
{
@@ -4009,12 +4312,21 @@
return (err);
}
+ structureOutputSize = args->structureOutputSize;
+
if (args->asyncWakePort)
{
IOExternalAsyncMethod * method;
if( !(method = getAsyncTargetAndMethodForIndex(&object, selector)) )
return (kIOReturnUnsupported);
+
+ if (kIOUCForegroundOnly & method->flags)
+ {
+ /* is graphics access denied for current task? */
+ if (proc_get_task_selfgpuacc_deny() != 0)
+ return (kIOReturnNotPermitted);
+ }
switch (method->flags & kIOUCTypeMask)
{
@@ -4059,12 +4371,20 @@
if( !(method = getTargetAndMethodForIndex(&object, selector)) )
return (kIOReturnUnsupported);
+ if (kIOUCForegroundOnly & method->flags)
+ {
+ /* is graphics access denied for current task? */
+ if (proc_get_task_selfgpuacc_deny() != 0)
+ return (kIOReturnNotPermitted);
+
+ }
+
switch (method->flags & kIOUCTypeMask)
{
case kIOUCScalarIStructI:
err = shim_io_connect_method_scalarI_structureI( method, object,
args->scalarInput, args->scalarInputCount,
- (char *)args->structureInput, args->structureInputSize );
+ (char *) args->structureInput, args->structureInputSize );
break;
case kIOUCScalarIScalarO:
@@ -4076,14 +4396,14 @@
case kIOUCScalarIStructO:
err = shim_io_connect_method_scalarI_structureO( method, object,
args->scalarInput, args->scalarInputCount,
- (char *) args->structureOutput, &args->structureOutputSize );
+ (char *) args->structureOutput, &structureOutputSize );
break;
case kIOUCStructIStructO:
err = shim_io_connect_method_structureI_structureO( method, object,
- (char *)args->structureInput, args->structureInputSize,
- (char *) args->structureOutput, &args->structureOutputSize );
+ (char *) args->structureInput, args->structureInputSize,
+ (char *) args->structureOutput, &structureOutputSize );
break;
default:
@@ -4091,14 +4411,20 @@
break;
}
}
+
+ args->structureOutputSize = structureOutputSize;
+
return (err);
}
-}; /* extern "C" */
-
+#if __LP64__
+OSMetaClassDefineReservedUnused(IOUserClient, 0);
+OSMetaClassDefineReservedUnused(IOUserClient, 1);
+#else
OSMetaClassDefineReservedUsed(IOUserClient, 0);
-OSMetaClassDefineReservedUnused(IOUserClient, 1);
+OSMetaClassDefineReservedUsed(IOUserClient, 1);
+#endif
OSMetaClassDefineReservedUnused(IOUserClient, 2);
OSMetaClassDefineReservedUnused(IOUserClient, 3);
OSMetaClassDefineReservedUnused(IOUserClient, 4);