Loading...
--- xnu/xnu-2050.22.13/libsa/bootstrap.cpp
+++ xnu/xnu-1504.7.4/libsa/bootstrap.cpp
@@ -36,13 +36,9 @@
#include <libkern/OSKextLibPrivate.h>
#include <libkern/c++/OSKext.h>
#include <IOKit/IOLib.h>
-#include <IOKit/IOService.h>
+#include <IOKit/IORegistryEntry.h>
#include <IOKit/IODeviceTreeSupport.h>
#include <IOKit/IOCatalogue.h>
-
-#if __x86_64__
-#define KASLR_KEXT_DEBUG 0
-#endif
#if PRAGMA_MARK
#pragma mark Bootstrap Declarations
@@ -69,7 +65,6 @@
static void bootstrapRecordStartupExtensions(void);
static void bootstrapLoadSecurityExtensions(void);
-
#if PRAGMA_MARK
#pragma mark Macros
@@ -104,6 +99,20 @@
"com.apple.driver.AppleNMI",
"com.apple.iokit.IOSystemManagementFamily",
"com.apple.iokit.ApplePlatformFamily",
+
+#if defined(__ppc__) || defined(__i386__) || defined(__arm__)
+ /* These ones are not supported on x86_64 or any newer platforms.
+ * They must be version 7.9.9; check by "com.apple.kernel.", with
+ * the trailing period; "com.apple.kernel" always represents the
+ * current kernel version.
+ */
+ "com.apple.kernel.6.0",
+ "com.apple.kernel.bsd",
+ "com.apple.kernel.iokit",
+ "com.apple.kernel.libkern",
+ "com.apple.kernel.mach",
+#endif
+
NULL
};
@@ -132,7 +141,6 @@
OSData * deviceTreeData);
OSReturn loadKernelComponentKexts(void);
- void loadKernelExternalComponents(void);
void readBuiltinPersonalities(void);
void loadSecurityExtensions(void);
@@ -155,6 +163,7 @@
}
record_startup_extensions_function = &bootstrapRecordStartupExtensions;
load_security_extensions_function = &bootstrapLoadSecurityExtensions;
+ OSKext::initialize();
}
/*********************************************************************
@@ -166,8 +175,6 @@
if (this != &sBootstrapObject) {
panic("Attempt to access bootstrap segment.");
}
-
-
record_startup_extensions_function = 0;
load_security_extensions_function = 0;
}
@@ -198,7 +205,6 @@
}
loadKernelComponentKexts();
- loadKernelExternalComponents();
readBuiltinPersonalities();
OSKext::sendAllKextPersonalitiesToCatalog();
@@ -212,11 +218,16 @@
kernel_section_t * prelinkInfoSect)
{
OSArray * infoDictArray = NULL; // do not release
+ OSArray * personalitiesArray = NULL; // do not release
OSObject * parsedXML = NULL; // must release
OSDictionary * prelinkInfoDict = NULL; // do not release
OSString * errorString = NULL; // must release
OSKext * theKernel = NULL; // must release
+#if CONFIG_KXLD
+ kernel_section_t * kernelLinkStateSection = NULL; // see code
+#endif
+ kernel_segment_command_t * prelinkLinkStateSegment = NULL; // see code
kernel_segment_command_t * prelinkTextSegment = NULL; // see code
kernel_segment_command_t * prelinkInfoSegment = NULL; // see code
@@ -224,13 +235,13 @@
* going to fail the boot, so these won't be cleaned up on error.
*/
void * prelinkData = NULL; // see code
+ void * prelinkCopy = NULL; // see code
vm_size_t prelinkLength = 0;
-
-#if __i386__
+#if !__LP64__ && !defined(__arm__)
vm_map_offset_t prelinkDataMapOffset = 0;
- void * prelinkCopy = NULL; // see code
+#endif
+
kern_return_t mem_result = KERN_SUCCESS;
-#endif
OSDictionary * infoDict = NULL; // do not release
@@ -238,15 +249,63 @@
OSNumber * prelinkCountObj = NULL; // must release
u_int i = 0;
-#if NO_KEXTD
- bool developerDevice;
-#endif
OSKextLog(/* kext */ NULL,
kOSKextLogProgressLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"Starting from prelinked kernel.");
+ /*****
+ * Wrap the kernel link state in-place in an OSData.
+ * This is unnecessary (and the link state may not be present) if the kernel
+ * does not have kxld support because this information is only used for
+ * runtime linking.
+ */
+#if CONFIG_KXLD
+ kernelLinkStateSection = getsectbyname(kPrelinkLinkStateSegment,
+ kPrelinkKernelLinkStateSection);
+ if (!kernelLinkStateSection) {
+ OSKextLog(/* kext */ NULL,
+ kOSKextLogErrorLevel |
+ kOSKextLogArchiveFlag,
+ "Can't find prelinked kernel link state.");
+ goto finish;
+ }
+
+ theKernel = OSKext::lookupKextWithIdentifier(kOSKextKernelIdentifier);
+ if (!theKernel) {
+ OSKextLog(/* kext */ NULL,
+ kOSKextLogErrorLevel |
+ kOSKextLogArchiveFlag,
+ "Can't find kernel kext object in prelinked kernel.");
+ goto finish;
+ }
+
+ prelinkData = (void *) kernelLinkStateSection->addr;
+ prelinkLength = kernelLinkStateSection->size;
+
+ mem_result = kmem_alloc_pageable(kernel_map,
+ (vm_offset_t *) &prelinkCopy, prelinkLength);
+ if (mem_result != KERN_SUCCESS) {
+ OSKextLog(/* kext */ NULL,
+ kOSKextLogErrorLevel |
+ kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
+ "Can't copy prelinked kernel link state.");
+ goto finish;
+ }
+ memcpy(prelinkCopy, prelinkData, prelinkLength);
+
+ theKernel->linkState = OSData::withBytesNoCopy(prelinkCopy, prelinkLength);
+ if (!theKernel->linkState) {
+ OSKextLog(/* kext */ NULL,
+ kOSKextLogErrorLevel |
+ kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
+ "Can't create prelinked kernel link state wrapper.");
+ goto finish;
+ }
+ theKernel->linkState->setDeallocFunction(osdata_kmem_free);
+#endif
+
prelinkTextSegment = getsegbyname(kPrelinkTextSegment);
if (!prelinkTextSegment) {
OSKextLog(/* kext */ NULL,
@@ -255,62 +314,16 @@
"Can't find prelinked kexts' text segment.");
goto finish;
}
-
-#if KASLR_KEXT_DEBUG
- unsigned long scratchSize;
- vm_offset_t scratchAddr;
-
- IOLog("kaslr: prelinked kernel address info: \n");
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__TEXT", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __TEXT \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__DATA", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __DATA \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__LINKEDIT", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __LINKEDIT \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__KLD", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __KLD \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__PRELINK_TEXT", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __PRELINK_TEXT \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-
- scratchAddr = (vm_offset_t) getsegdatafromheader(&_mh_execute_header, "__PRELINK_INFO", &scratchSize);
- IOLog("kaslr: start 0x%lx end 0x%lx length %lu for __PRELINK_INFO \n",
- (unsigned long)scratchAddr,
- (unsigned long)(scratchAddr + scratchSize),
- scratchSize);
-#endif
prelinkData = (void *) prelinkTextSegment->vmaddr;
prelinkLength = prelinkTextSegment->vmsize;
-#if __i386__
+#if !__LP64__
/* To enable paging and write/execute protections on the kext
* executables, we need to copy them out of the booter-created
* memory, reallocate that space with VM, then prelinkCopy them back in.
- *
- * This isn't necessary on x86_64 because kexts have their own VM
- * region for that architecture.
- *
- * XXX: arm's pmap implementation doesn't seem to let us do this.
+ * This isn't necessary on LP64 because kexts have their own VM
+ * region on that architecture model.
*/
mem_result = kmem_alloc(kernel_map, (vm_offset_t *)&prelinkCopy,
@@ -362,7 +375,7 @@
memcpy(prelinkData, prelinkCopy, prelinkLength);
kmem_free(kernel_map, (vm_offset_t)prelinkCopy, prelinkLength);
-#endif /* __i386__ */
+#endif /* !__LP64__ */
/* Unserialize the info dictionary from the prelink info section.
*/
@@ -383,22 +396,6 @@
"Error unserializing prelink plist: %s.", errorCString);
goto finish;
}
-
-#if NO_KEXTD
- /* Check if we should keep developer kexts around. Default:
- * Release: No
- * Development: Yes
- * Debug : Yes
- * TODO: Check DeviceTree instead of a boot-arg <rdar://problem/10604201>
- */
-#if DEVELOPMENT
- developerDevice = true;
-#else
- developerDevice = false;
-#endif
-
- PE_parse_boot_argn("developer", &developerDevice, sizeof(developerDevice));
-#endif /* NO_KEXTD */
infoDictArray = OSDynamicCast(OSArray,
prelinkInfoDict->getObject(kPrelinkInfoDictionaryKey));
@@ -420,34 +417,6 @@
continue;
}
-#if NO_KEXTD
- /* If we're not on a developer device, skip and free developer kexts.
- */
- if (developerDevice == false) {
- OSBoolean *devOnlyBool = OSDynamicCast(OSBoolean,
- infoDict->getObject(kOSBundleDeveloperOnlyKey));
- if (devOnlyBool == kOSBooleanTrue) {
- OSString *bundleID = OSDynamicCast(OSString,
- infoDict->getObject(kCFBundleIdentifierKey));
- if (bundleID) {
- OSKextLog(NULL, kOSKextLogWarningLevel | kOSKextLogGeneralFlag,
- "Kext %s not loading on non-dev device.", bundleID->getCStringNoCopy());
- }
-
- OSNumber *addressNum = OSDynamicCast(OSNumber,
- infoDict->getObject(kPrelinkExecutableLoadKey));
- OSNumber *lengthNum = OSDynamicCast(OSNumber,
- infoDict->getObject(kPrelinkExecutableSizeKey));
- if (addressNum && lengthNum) {
-#error Pick the right way to free prelinked data on this arch
- }
-
- infoDictArray->removeObject(i--);
- continue;
- }
- }
-#endif /* NO_KEXTD */
-
/* Create the kext for the entry, then release it, because the
* kext system keeps them around until explicitly removed.
* Any creation/registration failures are already logged for us.
@@ -456,6 +425,21 @@
OSSafeReleaseNULL(newKext);
}
+ /* Get all of the personalities for kexts that were not prelinked and
+ * add them to the catalogue.
+ */
+ personalitiesArray = OSDynamicCast(OSArray,
+ prelinkInfoDict->getObject(kPrelinkPersonalitiesKey));
+ if (!personalitiesArray) {
+ OSKextLog(/* kext */ NULL, kOSKextLogErrorLevel | kOSKextLogArchiveFlag,
+ "The prelinked kernel has no personalities array");
+ goto finish;
+ }
+
+ if (personalitiesArray->getCount()) {
+ gIOCatalogue->addDrivers(personalitiesArray);
+ }
+
/* Store the number of prelinked kexts in the registry so we can tell
* when the system has been started from a prelinked kernel.
*/
@@ -470,20 +454,36 @@
registryRoot->setProperty(kOSPrelinkKextCountKey, prelinkCountObj);
}
+ OSSafeReleaseNULL(prelinkCountObj);
+ prelinkCountObj = OSNumber::withNumber(
+ (unsigned long long)personalitiesArray->getCount(),
+ 8 * sizeof(uint32_t));
+ assert(prelinkCountObj);
+ if (prelinkCountObj) {
+ registryRoot->setProperty(kOSPrelinkPersonalityCountKey, prelinkCountObj);
+ }
+
OSKextLog(/* kext */ NULL,
kOSKextLogProgressLevel |
kOSKextLogGeneralFlag | kOSKextLogKextBookkeepingFlag |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
- "%u prelinked kexts",
- infoDictArray->getCount());
-
-#if CONFIG_KEXT_BASEMENT
- /* On CONFIG_KEXT_BASEMENT systems, kexts are copied to their own
- * special VM region during OSKext init time, so we can free the whole
- * segment now.
+ "%u prelinked kexts, and %u additional personalities.",
+ infoDictArray->getCount(), personalitiesArray->getCount());
+
+#if __LP64__
+ /* On LP64 systems, kexts are copied to their own special VM region
+ * during OSKext init time, so we can free the whole segment now.
*/
ml_static_mfree((vm_offset_t) prelinkData, prelinkLength);
-#endif /* __x86_64__ */
+#endif /* __LP64__ */
+
+ /* Free the link state segment, kexts have copied out what they need.
+ */
+ prelinkLinkStateSegment = getsegbyname(kPrelinkLinkStateSegment);
+ if (prelinkLinkStateSegment) {
+ ml_static_mfree((vm_offset_t)prelinkLinkStateSegment->vmaddr,
+ (vm_size_t)prelinkLinkStateSegment->vmsize);
+ }
/* Free the prelink info segment, we're done with it.
*/
@@ -749,7 +749,7 @@
}
isSecurityKext = OSDynamicCast(OSBoolean,
- theKext->getPropertyForHostArch(kAppleSecurityExtensionKey));
+ theKext->getPropertyForHostArch("AppleSecurityExtension"));
if (isSecurityKext && isSecurityKext->isTrue()) {
OSKextLog(/* kext */ NULL,
kOSKextLogStepLevel |
@@ -806,80 +806,6 @@
OSSafeRelease(theKext);
return result;
-}
-
-/*********************************************************************
-* Ensure that Kernel External Components are loaded early in boot,
-* before other kext personalities get sent to the IOCatalogue. These
-* kexts are treated specially because they may provide the implementation
-* for kernel-vended KPI, so they must register themselves before
-* general purpose IOKit probing begins.
-*********************************************************************/
-
-#define COM_APPLE_KEC "com.apple.kec."
-
-void
-KLDBootstrap::loadKernelExternalComponents(void)
-{
- OSDictionary * extensionsDict = NULL; // must release
- OSCollectionIterator * keyIterator = NULL; // must release
- OSString * bundleID = NULL; // don't release
- OSKext * theKext = NULL; // don't release
- OSBoolean * isKernelExternalComponent = NULL; // don't release
-
- OSKextLog(/* kext */ NULL,
- kOSKextLogStepLevel |
- kOSKextLogLoadFlag,
- "Loading Kernel External Components.");
-
- extensionsDict = OSKext::copyKexts();
- if (!extensionsDict) {
- return;
- }
-
- keyIterator = OSCollectionIterator::withCollection(extensionsDict);
- if (!keyIterator) {
- OSKextLog(/* kext */ NULL,
- kOSKextLogErrorLevel |
- kOSKextLogGeneralFlag,
- "Failed to allocate iterator for Kernel External Components.");
- goto finish;
- }
-
- while ((bundleID = OSDynamicCast(OSString, keyIterator->getNextObject()))) {
-
- const char * bundle_id = bundleID->getCStringNoCopy();
-
- /* Skip extensions whose bundle IDs don't start with "com.apple.kec.".
- */
- if (!bundle_id ||
- (strncmp(bundle_id, COM_APPLE_KEC, CONST_STRLEN(COM_APPLE_KEC)) != 0)) {
-
- continue;
- }
-
- theKext = OSDynamicCast(OSKext, extensionsDict->getObject(bundleID));
- if (!theKext) {
- continue;
- }
-
- isKernelExternalComponent = OSDynamicCast(OSBoolean,
- theKext->getPropertyForHostArch(kAppleKernelExternalComponentKey));
- if (isKernelExternalComponent && isKernelExternalComponent->isTrue()) {
- OSKextLog(/* kext */ NULL,
- kOSKextLogStepLevel |
- kOSKextLogLoadFlag,
- "Loading kernel external component %s.", bundleID->getCStringNoCopy());
- OSKext::loadKextWithIdentifier(bundleID->getCStringNoCopy(),
- /* allowDefer */ false);
- }
- }
-
-finish:
- OSSafeRelease(keyIterator);
- OSSafeRelease(extensionsDict);
-
- return;
}
/*********************************************************************
@@ -1020,4 +946,3 @@
sBootstrapObject.loadSecurityExtensions();
return;
}
-