Loading...
--- xnu/xnu-517.7.21/iokit/Kernel/IOUserClient.cpp
+++ xnu/xnu-792.10.96/iokit/Kernel/IOUserClient.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1998-2004 Apple Computer, Inc. All rights reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
@@ -24,7 +24,6 @@
#include <IOKit/IOKitServer.h>
#include <IOKit/IOUserClient.h>
#include <IOKit/IOService.h>
-#include <IOKit/IOService.h>
#include <IOKit/IORegistryEntry.h>
#include <IOKit/IOCatalogue.h>
#include <IOKit/IOMemoryDescriptor.h>
@@ -55,6 +54,8 @@
extern mach_port_name_t iokit_make_send_right( task_t task,
io_object_t obj, ipc_kobject_type_t type );
+extern kern_return_t iokit_mod_send_right( task_t task, mach_port_name_t name, mach_port_delta_t delta );
+
extern io_object_t iokit_lookup_connect_ref(io_object_t clientRef, ipc_space_t task);
extern io_object_t iokit_lookup_connect_ref_current_task(io_object_t clientRef);
@@ -66,6 +67,7 @@
extern kern_return_t iokit_switch_object_port( ipc_port_t port, io_object_t obj, ipc_kobject_type_t type );
+#include <mach/mach_traps.h>
#include <vm/vm_map.h>
} /* extern "C" */
@@ -383,7 +385,7 @@
OSNotificationHeader notifyHeader;
};
- enum { kMaxOutstanding = 256 };
+ enum { kMaxOutstanding = 1024 };
PingMsg * pingMsg;
vm_size_t msgSize;
@@ -800,6 +802,22 @@
return (kr);
}
+bool IOUserClient::init()
+{
+ if( getPropertyTable())
+ return true;
+ else
+ return super::init();
+}
+
+bool IOUserClient::init(OSDictionary * dictionary)
+{
+ if( getPropertyTable())
+ return true;
+ else
+ return super::init(dictionary);
+}
+
bool IOUserClient::initWithTask(task_t owningTask,
void * securityID,
UInt32 type )
@@ -1015,11 +1033,98 @@
io_object_t object,
io_name_t className )
{
+ const OSMetaClass* my_obj = NULL;
+
if( !object)
return( kIOReturnBadArgument );
-
- strcpy( className, object->getMetaClass()->getClassName());
+
+ my_obj = object->getMetaClass();
+ if (!my_obj) {
+ return (kIOReturnNotFound);
+ }
+
+ strcpy( className, my_obj->getClassName());
return( kIOReturnSuccess );
+}
+
+/* Routine io_object_get_superclass */
+kern_return_t is_io_object_get_superclass(
+ mach_port_t master_port,
+ io_name_t obj_name,
+ io_name_t class_name)
+{
+ const OSMetaClass* my_obj = NULL;
+ const OSMetaClass* superclass = NULL;
+ const OSSymbol *my_name = NULL;
+ const char *my_cstr = NULL;
+
+ if (!obj_name || !class_name)
+ return (kIOReturnBadArgument);
+
+ if( master_port != master_device_port)
+ return( kIOReturnNotPrivileged);
+
+ my_name = OSSymbol::withCString(obj_name);
+
+ if (my_name) {
+ my_obj = OSMetaClass::getMetaClassWithName(my_name);
+ my_name->release();
+ }
+ if (my_obj) {
+ superclass = my_obj->getSuperClass();
+ }
+
+ if (!superclass) {
+ return( kIOReturnNotFound );
+ }
+
+ my_cstr = superclass->getClassName();
+
+ if (my_cstr) {
+ strncpy(class_name, my_cstr, sizeof(io_name_t)-1);
+ return( kIOReturnSuccess );
+ }
+ return (kIOReturnNotFound);
+}
+
+/* Routine io_object_get_bundle_identifier */
+kern_return_t is_io_object_get_bundle_identifier(
+ mach_port_t master_port,
+ io_name_t obj_name,
+ io_name_t bundle_name)
+{
+ const OSMetaClass* my_obj = NULL;
+ const OSSymbol *my_name = NULL;
+ const OSSymbol *identifier = NULL;
+ const char *my_cstr = NULL;
+
+ if (!obj_name || !bundle_name)
+ return (kIOReturnBadArgument);
+
+ if( master_port != master_device_port)
+ return( kIOReturnNotPrivileged);
+
+ my_name = OSSymbol::withCString(obj_name);
+
+ if (my_name) {
+ my_obj = OSMetaClass::getMetaClassWithName(my_name);
+ my_name->release();
+ }
+
+ if (my_obj) {
+ identifier = my_obj->getKmodName();
+ }
+ if (!identifier) {
+ return( kIOReturnNotFound );
+ }
+
+ my_cstr = identifier->getCStringNoCopy();
+ if (my_cstr) {
+ strncpy(bundle_name, identifier->getCStringNoCopy(), sizeof(io_name_t)-1);
+ return( kIOReturnSuccess );
+ }
+
+ return (kIOReturnBadArgument);
}
/* Routine io_object_conforms_to */
@@ -1124,8 +1229,10 @@
{
kern_return_t kr;
vm_offset_t data;
-
- kr = vm_map_copyout( kernel_map, &data, (vm_map_copy_t) matching );
+ vm_map_offset_t map_data;
+
+ kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) matching );
+ data = CAST_DOWN(vm_offset_t, map_data);
if( KERN_SUCCESS == kr) {
// must return success after vm_map_copyout() succeeds
@@ -1174,8 +1281,10 @@
{
kern_return_t kr;
vm_offset_t data;
-
- kr = vm_map_copyout( kernel_map, &data, (vm_map_copy_t) matching );
+ vm_map_offset_t map_data;
+
+ kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) matching );
+ data = CAST_DOWN(vm_offset_t, map_data);
if( KERN_SUCCESS == kr) {
// must return success after vm_map_copyout() succeeds
@@ -1275,8 +1384,10 @@
{
kern_return_t kr;
vm_offset_t data;
-
- kr = vm_map_copyout( kernel_map, &data, (vm_map_copy_t) matching );
+ vm_map_offset_t map_data;
+
+ kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) matching );
+ data = CAST_DOWN(vm_offset_t, map_data);
if( KERN_SUCCESS == kr) {
// must return success after vm_map_copyout() succeeds
@@ -1558,7 +1669,7 @@
kern_return_t err;
vm_map_copy_t copy;
- err = vm_map_copyin( kernel_map, (vm_offset_t) data, len,
+ err = vm_map_copyin( kernel_map, CAST_USER_ADDR_T(data), len,
false /* src_destroy */, ©);
assert( err == KERN_SUCCESS );
@@ -1630,6 +1741,7 @@
return( ret );
}
+
/* Routine io_registry_entry_get_property */
kern_return_t is_io_registry_entry_get_property(
io_object_t registry_entry,
@@ -1752,10 +1864,12 @@
kern_return_t err;
IOReturn res;
vm_offset_t data;
+ vm_map_offset_t map_data;
CHECK( IORegistryEntry, registry_entry, entry );
- err = vm_map_copyout( kernel_map, &data, (vm_map_copy_t) properties );
+ err = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) properties );
+ data = CAST_DOWN(vm_offset_t, map_data);
if( KERN_SUCCESS == err) {
@@ -1861,7 +1975,7 @@
CHECK( IOService, _service, service );
err = service->newUserClient( owningTask, (void *) owningTask,
- connect_type, &client );
+ connect_type, 0, &client );
if( err == kIOReturnSuccess) {
assert( OSDynamicCast(IOUserClient, client) );
@@ -1869,6 +1983,101 @@
}
return( err);
+}
+
+/* Routine io_service_open_ndr */
+kern_return_t is_io_service_open_extended(
+ io_object_t _service,
+ task_t owningTask,
+ int connect_type,
+ NDR_record_t ndr,
+ io_buf_ptr_t properties,
+ mach_msg_type_number_t propertiesCnt,
+ natural_t * result,
+ io_object_t *connection )
+{
+ IOUserClient * client = 0;
+ kern_return_t err = KERN_SUCCESS;
+ IOReturn res = kIOReturnSuccess;
+ OSDictionary * propertiesDict = 0;
+ bool crossEndian;
+ bool disallowAccess;
+
+ CHECK( IOService, _service, service );
+
+ do
+ {
+ if (properties)
+ {
+ OSObject * obj;
+ vm_offset_t data;
+ vm_map_offset_t map_data;
+
+ err = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t) properties );
+ res = err;
+ data = CAST_DOWN(vm_offset_t, map_data);
+ if (KERN_SUCCESS == err)
+ {
+ // must return success after vm_map_copyout() succeeds
+ obj = OSUnserializeXML( (const char *) data );
+ vm_deallocate( kernel_map, data, propertiesCnt );
+ propertiesDict = OSDynamicCast(OSDictionary, obj);
+ if (!propertiesDict)
+ {
+ res = kIOReturnBadArgument;
+ if (obj)
+ obj->release();
+ }
+ }
+ if (kIOReturnSuccess != res)
+ break;
+ }
+
+ crossEndian = (ndr.int_rep != NDR_record.int_rep);
+ if (crossEndian)
+ {
+ if (!propertiesDict)
+ propertiesDict = OSDictionary::withCapacity(4);
+ OSData * data = OSData::withBytes(&ndr, sizeof(ndr));
+ if (data)
+ {
+ if (propertiesDict)
+ propertiesDict->setObject(kIOUserClientCrossEndianKey, data);
+ data->release();
+ }
+ }
+
+ res = service->newUserClient( owningTask, (void *) owningTask,
+ connect_type, propertiesDict, &client );
+
+ if (propertiesDict)
+ propertiesDict->release();
+
+ if (res == kIOReturnSuccess)
+ {
+ assert( OSDynamicCast(IOUserClient, client) );
+
+ disallowAccess = (crossEndian
+ && (kOSBooleanTrue != service->getProperty(kIOUserClientCrossEndianCompatibleKey))
+ && (kOSBooleanTrue != client->getProperty(kIOUserClientCrossEndianCompatibleKey)));
+
+ if (disallowAccess)
+ {
+ client->clientClose();
+ client->release();
+ client = 0;
+ res = kIOReturnUnsupported;
+ break;
+ }
+ client->sharedInstance = (0 != client->getProperty(kIOUserClientSharedInstanceKey));
+ }
+ }
+ while (false);
+
+ *connection = client;
+ *result = res;
+
+ return (err);
}
/* Routine io_service_close */
@@ -1937,7 +2146,8 @@
if( mapSize)
*mapSize = map->getLength();
- if( task != current_task()) {
+ if( client->sharedInstance
+ || (task != current_task())) {
// push a name out to the task owning the map,
// so we can clean up maps
#if IOASSERT
@@ -2014,14 +2224,28 @@
map = memory->map( task, mapAddr, options );
memory->release();
- if( map) {
+ if( map)
+ {
IOLockLock( gIOObjectPortLock);
if( client->mappings)
client->mappings->removeObject( map);
IOLockUnlock( gIOObjectPortLock);
- IOMachPort::releasePortForObject( map, IKOT_IOKIT_OBJECT );
- map->release();
- } else
+
+ mach_port_name_t name = 0;
+ if (task != current_task())
+ name = IOMachPort::makeSendRightForTask( task, map, IKOT_IOKIT_OBJECT );
+ if (name)
+ {
+ map->unmap();
+ err = iokit_mod_send_right( task, name, -2 );
+ err = kIOReturnSuccess;
+ }
+ else
+ IOMachPort::releasePortForObject( map, IKOT_IOKIT_OBJECT );
+ if (task == current_task())
+ map->release();
+ }
+ else
err = kIOReturnBadArgument;
}
@@ -2698,8 +2922,12 @@
if(flag != kIOCatalogRemoveKernelLinker && ( !inData || !inDataCount) )
return kIOReturnBadArgument;
- if (data) {
- kr = vm_map_copyout( kernel_map, &data, (vm_map_copy_t)inData);
+ if (inData) {
+ vm_map_offset_t map_data;
+
+ kr = vm_map_copyout( kernel_map, &map_data, (vm_map_copy_t)inData);
+ data = CAST_DOWN(vm_offset_t, map_data);
+
if( kr != KERN_SUCCESS)
return kr;
@@ -2869,10 +3097,11 @@
vm_size_t size;
size = s->getLength();
- kr = vm_allocate(kernel_map, &data, size, true);
+ kr = vm_allocate(kernel_map, &data, size, VM_FLAGS_ANYWHERE);
if ( kr == kIOReturnSuccess ) {
bcopy(s->text(), (void *)data, size);
- kr = vm_map_copyin(kernel_map, data, size, true, ©);
+ kr = vm_map_copyin(kernel_map, (vm_map_address_t)data,
+ (vm_map_size_t)size, true, ©);
*outData = (char *)copy;
*outDataCount = size;
}
@@ -2938,19 +3167,17 @@
return kIOReturnSuccess;
}
-kern_return_t iokit_user_client_trap(io_object_t userClientRef, UInt32 index,
- void *p1, void *p2, void *p3,
- void *p4, void *p5, void *p6)
+kern_return_t iokit_user_client_trap(struct iokit_user_client_trap_args *args)
{
kern_return_t result = kIOReturnBadArgument;
IOUserClient *userClient;
if ((userClient = OSDynamicCast(IOUserClient,
- iokit_lookup_connect_ref_current_task(userClientRef)))) {
+ iokit_lookup_connect_ref_current_task((OSObject *)(args->userClientRef))))) {
IOExternalTrap *trap;
IOService *target = NULL;
- trap = userClient->getTargetAndTrapForIndex(&target, index);
+ trap = userClient->getTargetAndTrapForIndex(&target, args->index);
if (trap && target) {
IOTrap func;
@@ -2958,7 +3185,7 @@
func = trap->func;
if (func) {
- result = (target->*func)(p1, p2, p3, p4, p5, p6);
+ result = (target->*func)(args->p1, args->p2, args->p3, args->p4, args->p5, args->p6);
}
}