--- xnu/xnu-8020.121.3/libkern/c++/OSSerialize.cpp
+++ xnu/xnu-8792.61.2/libkern/c++/OSSerialize.cpp
@@ -31,6 +31,7 @@
 
 #include <sys/cdefs.h>
 #include <vm/vm_kern.h>
+#include <os/hash.h>
 
 #include <libkern/c++/OSContainers.h>
 #include <libkern/c++/OSLib.h>
@@ -52,6 +53,16 @@
 OSMetaClassDefineReservedUnused(OSSerialize, 6);
 OSMetaClassDefineReservedUnused(OSSerialize, 7);
 
+static inline kmem_guard_t
+OSSerialize_guard()
+{
+	kmem_guard_t guard = {
+		.kmg_tag     = IOMemoryTag(kernel_map),
+	};
+
+	return guard;
+}
+
 
 char *
 OSSerialize::text() const
@@ -189,6 +200,8 @@
 bool
 OSSerialize::initWithCapacity(unsigned int inCapacity)
 {
+	kmem_return_t kmr;
+
 	if (!super::init()) {
 		return false;
 	}
@@ -203,26 +216,28 @@
 	if (!inCapacity) {
 		inCapacity = 1;
 	}
-	if (round_page_overflow(inCapacity, &capacity)) {
+	if (round_page_overflow(inCapacity, &inCapacity)) {
 		tags.reset();
 		return false;
 	}
 
-	capacityIncrement = capacity;
+	capacityIncrement = inCapacity;
 
 	// allocate from the kernel map so that we can safely map this data
 	// into user space (the primary use of the OSSerialize object)
 
-	kern_return_t rc = kmem_alloc(kernel_map, (vm_offset_t *)&data,
-	    capacity, (kma_flags_t)(KMA_DATA | KMA_ZERO),
-	    IOMemoryTag(kernel_map));
-	if (rc) {
-		return false;
-	}
-
-	OSCONTAINER_ACCUMSIZE(capacity);
-
-	return true;
+	kmr = kmem_alloc_guard(kernel_map, inCapacity, /* mask */ 0,
+	    (kma_flags_t)(KMA_ZERO | KMA_DATA), OSSerialize_guard());
+
+	if (kmr.kmr_return == KERN_SUCCESS) {
+		data = (char *)kmr.kmr_ptr;
+		capacity = inCapacity;
+		OSCONTAINER_ACCUMSIZE(capacity);
+		return true;
+	}
+
+	capacity = 0;
+	return false;
 }
 
 OSSharedPtr<OSSerialize>
@@ -262,7 +277,7 @@
 unsigned int
 OSSerialize::ensureCapacity(unsigned int newCapacity)
 {
-	char *newData;
+	kmem_return_t kmr;
 
 	if (newCapacity <= capacity) {
 		return capacity;
@@ -272,25 +287,18 @@
 		return capacity;
 	}
 
-	kern_return_t rc = kmem_realloc(kernel_map,
-	    (vm_offset_t)data,
-	    capacity,
-	    (vm_offset_t *)&newData,
-	    newCapacity,
-	    VM_KERN_MEMORY_IOKIT);
-	if (!rc) {
-		OSCONTAINER_ACCUMSIZE(newCapacity);
-
-		// kmem realloc does not free the old address range
-		kmem_free(kernel_map, (vm_offset_t)data, capacity);
-		OSCONTAINER_ACCUMSIZE(-((size_t)capacity));
-
-		// kmem realloc does not zero out the new memory
-		// and this could end up going to user land
-		bzero(&newData[capacity], newCapacity - capacity);
-
-		data = newData;
+	kmr = kmem_realloc_guard(kernel_map, (vm_offset_t)data, capacity,
+	    newCapacity, (kmr_flags_t)(KMR_ZERO | KMR_DATA | KMR_FREEOLD),
+	    OSSerialize_guard());
+
+	if (kmr.kmr_return == KERN_SUCCESS) {
+		size_t delta = 0;
+
+		data     = (char *)kmr.kmr_ptr;
+		delta   -= capacity;
 		capacity = newCapacity;
+		delta   += capacity;
+		OSCONTAINER_ACCUMSIZE(delta);
 	}
 
 	return capacity;
@@ -299,9 +307,12 @@
 void
 OSSerialize::free()
 {
-	if (data) {
-		kmem_free(kernel_map, (vm_offset_t)data, capacity);
+	if (capacity) {
+		kmem_free_guard(kernel_map, (vm_offset_t)data, capacity,
+		    KMF_NONE, OSSerialize_guard());
 		OSCONTAINER_ACCUMSIZE( -((size_t)capacity));
+		data = nullptr;
+		capacity = 0;
 	}
 	super::free();
 }