[apple/xnu.git] / bsd / kern / mach_fat.c

/*
 * Copyright (c) 1991-2015 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
#include <sys/param.h>
#include <sys/types.h>
#include <sys/uio.h>
#include <sys/vnode.h>
#include <vm/vm_kern.h>
#include <mach/kern_return.h>
#include <mach/vm_param.h>
#include <kern/cpu_number.h>
#include <mach-o/fat.h>
#include <kern/mach_loader.h>
#include <kern/mach_fat.h>
#include <libkern/OSByteOrder.h>
#include <machine/exec.h>

/**********************************************************************
 * Routine:	fatfile_getarch()
 *
 * Function:	Locate the architecture-dependant contents of a fat
 *		file that match this CPU.
 *
 * Args: header:		A pointer to the fat file header.
 *		size:			How large the fat file header is (including fat_arch array)
 *		req_cpu_type:	The required cpu type.
 *		mask_bits:	Bits to mask from the sub-image type when
 *				grading it vs. the req_cpu_type
 *		archret (out):	Pointer to fat_arch structure to hold
 *				the results.
 *
 * Returns:	KERN_SUCCESS:	Valid architecture found.
 *		KERN_FAILURE:	No valid architecture found.
 **********************************************************************/
static load_return_t
fatfile_getarch(
	vm_offset_t	data_ptr,
	vm_size_t	data_size,
	cpu_type_t	req_cpu_type,
	cpu_type_t	mask_bits,
	struct fat_arch	*archret)
{
	load_return_t		lret;
	struct fat_arch		*arch;
	struct fat_arch		*best_arch;
	int			grade;
	int			best_grade;
	uint32_t		nfat_arch, max_nfat_arch;
	cpu_type_t		testtype;
	cpu_type_t		testsubtype;
	struct fat_header	*header;

	if (sizeof(struct fat_header) > data_size) {
		return (LOAD_FAILURE);
	}

	header = (struct fat_header *)data_ptr;
	nfat_arch = OSSwapBigToHostInt32(header->nfat_arch);

	max_nfat_arch = (data_size - sizeof(struct fat_header)) / sizeof(struct fat_arch);
	if (nfat_arch > max_nfat_arch) {
		/* nfat_arch would cause us to read off end of buffer */
		return (LOAD_BADMACHO);
	}

	/*
	 * Scan the fat_arch's looking for the best one.  */
	best_arch = NULL;
	best_grade = 0;
	arch = (struct fat_arch *) (data_ptr + sizeof(struct fat_header));
	for (; nfat_arch-- > 0; arch++) {
 		testtype = OSSwapBigToHostInt32(arch->cputype);
 		testsubtype = OSSwapBigToHostInt32(arch->cpusubtype) & ~CPU_SUBTYPE_MASK;

		/*
		 *	Check to see if right cpu type.
		 */
 		if((testtype & ~mask_bits) != (req_cpu_type & ~mask_bits)) {
			continue;
		}

		/*
		 * 	Get the grade of the cpu subtype (without feature flags)
		 */
 		grade = grade_binary(testtype, testsubtype);

		/*
		 *	Remember it if it's the best we've seen.
		 */
		if (grade > best_grade) {
			best_grade = grade;
			best_arch = arch;
		}
	}

	/*
	 *	Return our results.
	 */
	if (best_arch == NULL) {
		lret = LOAD_BADARCH;
	} else {
		archret->cputype	=
			    OSSwapBigToHostInt32(best_arch->cputype);
		archret->cpusubtype	=
			    OSSwapBigToHostInt32(best_arch->cpusubtype);
		archret->offset		=
			    OSSwapBigToHostInt32(best_arch->offset);
		archret->size		=
			    OSSwapBigToHostInt32(best_arch->size);
		archret->align		=
			    OSSwapBigToHostInt32(best_arch->align);

		lret = LOAD_SUCCESS;
	}

	/*
	 * Free the memory we allocated and return.
	 */
	return(lret);
}

load_return_t
fatfile_getbestarch(
		vm_offset_t		data_ptr,
		vm_size_t		data_size,
		struct fat_arch	*archret)
{
	/*
	 * Ignore all architectural bits when determining if an image
	 * in a fat file should be skipped or graded.
	 */
	return fatfile_getarch(data_ptr, data_size, cpu_type(), CPU_ARCH_MASK, archret);
}

load_return_t
fatfile_getbestarch_for_cputype(
	cpu_type_t cputype,
	vm_offset_t data_ptr,
	vm_size_t data_size,
	struct fat_arch *archret)
{
	/*
	 * Scan the fat_arch array for exact matches for this cpu_type_t only
	 */
	return fatfile_getarch(data_ptr, data_size, cputype, 0, archret);
}

/**********************************************************************
 * Routine:	fatfile_getarch_with_bits()
 *
 * Function:	Locate the architecture-dependant contents of a fat
 *		file that match this CPU.
 *
 * Args:	vp:		The vnode for the fat file.
 *		archbits:	Architecture specific feature bits
 *		header:		A pointer to the fat file header.
 *		archret (out):	Pointer to fat_arch structure to hold
 *				the results.
 *
 * Returns:	KERN_SUCCESS:	Valid architecture found.
 *		KERN_FAILURE:	No valid architecture found.
 **********************************************************************/
load_return_t
fatfile_getarch_with_bits(
	integer_t		archbits,
	vm_offset_t 	data_ptr,
	vm_size_t		data_size,
	struct fat_arch		*archret)
{
	/*
	 * Scan the fat_arch array for matches with the requested
	 * architectural bits set, and for the current hardware cpu CPU.
	 */
	return fatfile_getarch(data_ptr, data_size, (archbits & CPU_ARCH_MASK) | (cpu_type() & ~CPU_ARCH_MASK), 0, archret);
}

/*
 * Validate the fat_header and fat_arch array in memory. We check that:
 *
 * 1) arch count would not exceed the data buffer
 * 2) arch list does not contain duplicate cputype/cpusubtype tuples
 * 3) arch list does not have two overlapping slices. The area
 *    at the front of the file containing the fat headers is implicitly
 *    a range that a slice should also not try to cover
 */
load_return_t
fatfile_validate_fatarches(vm_offset_t data_ptr, vm_size_t data_size)
{
	uint32_t magic, nfat_arch;
	uint32_t max_nfat_arch, i, j;
	uint32_t fat_header_size;

	struct fat_arch		*arches;
	struct fat_header	*header;

	if (sizeof(struct fat_header) > data_size) {
		return (LOAD_FAILURE);
	}

	header = (struct fat_header *)data_ptr;
	magic = OSSwapBigToHostInt32(header->magic);
	nfat_arch = OSSwapBigToHostInt32(header->nfat_arch);

	if (magic != FAT_MAGIC) {
		/* must be FAT_MAGIC big endian */
		return (LOAD_FAILURE);
	}

	max_nfat_arch = (data_size - sizeof(struct fat_header)) / sizeof(struct fat_arch);
	if (nfat_arch > max_nfat_arch) {
		/* nfat_arch would cause us to read off end of buffer */
		return (LOAD_BADMACHO);
	}

	/* now that we know the fat_arch list fits in the buffer, how much does it use? */
	fat_header_size = sizeof(struct fat_header) + nfat_arch * sizeof(struct fat_arch);
	arches = (struct fat_arch *)(data_ptr + sizeof(struct fat_header));

	for (i=0; i < nfat_arch; i++) {
		uint32_t i_begin = OSSwapBigToHostInt32(arches[i].offset);
		uint32_t i_size = OSSwapBigToHostInt32(arches[i].size);
		uint32_t i_cputype = OSSwapBigToHostInt32(arches[i].cputype);
		uint32_t i_cpusubtype = OSSwapBigToHostInt32(arches[i].cpusubtype);

		if (i_begin < fat_header_size) {
			/* slice is trying to claim part of the file used by fat headers themselves */
			return (LOAD_BADMACHO);
		}

		if ((UINT32_MAX - i_size) < i_begin) {
			/* start + size would overflow */
			return (LOAD_BADMACHO);
		}
		uint32_t i_end = i_begin + i_size;

		for (j=i+1; j < nfat_arch; j++) {
			uint32_t j_begin = OSSwapBigToHostInt32(arches[j].offset);
			uint32_t j_size = OSSwapBigToHostInt32(arches[j].size);
			uint32_t j_cputype = OSSwapBigToHostInt32(arches[j].cputype);
			uint32_t j_cpusubtype = OSSwapBigToHostInt32(arches[j].cpusubtype);

			if ((i_cputype == j_cputype) && (i_cpusubtype == j_cpusubtype)) {
				/* duplicate cputype/cpusubtype, results in ambiguous references */
				return (LOAD_BADMACHO);
			}

			if ((UINT32_MAX - j_size) < j_begin) {
				/* start + size would overflow */
				return (LOAD_BADMACHO);
			}
			uint32_t j_end = j_begin + j_size;

			if (i_begin <= j_begin) {
				if (i_end <= j_begin) {
					/* I completely precedes J */
				} else {
					/* I started before J, but ends somewhere in or after J */
					return (LOAD_BADMACHO);
				}
			} else {
				if (i_begin >= j_end) {
					/* I started after J started but also after J ended */
				} else {
					/* I started after J started but before it ended, so there is overlap */
					return (LOAD_BADMACHO);
				}
			}
		}
	}

	return (LOAD_SUCCESS);
}
Commit	Line	Data
1c79356b	1	/*
c18c124e	2	* Copyright (c) 1991-2015 Apple Computer, Inc. All rights reserved.
5d5c5d0d	3	*
2d21ac55	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b	5	*
2d21ac55 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
8f6c56a5	14	*
2d21ac55 A	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5 A	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
8f6c56a5 A	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55 A	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
8f6c56a5	25	*
2d21ac55	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b	27	*/
1c79356b A	28	#include <sys/param.h>
	29	#include <sys/types.h>
	30	#include <sys/uio.h>
	31	#include <sys/vnode.h>
	32	#include <vm/vm_kern.h>
	33	#include <mach/kern_return.h>
	34	#include <mach/vm_param.h>
	35	#include <kern/cpu_number.h>
	36	#include <mach-o/fat.h>
	37	#include <kern/mach_loader.h>
b0d623f7	38	#include <kern/mach_fat.h>
0c530ab8 A	39	#include <libkern/OSByteOrder.h>
0c530ab8 A	40	#include <machine/exec.h>
1c79356b A	41
1c79356b A	42	/**********************************************************************
39236c6e	43	* Routine: fatfile_getarch()
1c79356b A	44	*
	45	* Function: Locate the architecture-dependant contents of a fat
	46	* file that match this CPU.
	47	*
c18c124e A	48	* Args: header: A pointer to the fat file header.
c18c124e A	49	* size: How large the fat file header is (including fat_arch array)
91447636 A	50	* req_cpu_type: The required cpu type.
	51	* mask_bits: Bits to mask from the sub-image type when
	52	* grading it vs. the req_cpu_type
1c79356b A	53	* archret (out): Pointer to fat_arch structure to hold
	54	* the results.
	55	*
	56	* Returns: KERN_SUCCESS: Valid architecture found.
	57	* KERN_FAILURE: No valid architecture found.
	58	**********************************************************************/
55e303ae	59	static load_return_t
39236c6e	60	fatfile_getarch(
55e303ae	61	vm_offset_t data_ptr,
c18c124e	62	vm_size_t data_size,
91447636 A	63	cpu_type_t req_cpu_type,
91447636 A	64	cpu_type_t mask_bits,
55e303ae	65	struct fat_arch *archret)
1c79356b	66	{
1c79356b	67	load_return_t lret;
1c79356b A	68	struct fat_arch *arch;
	69	struct fat_arch *best_arch;
	70	int grade;
	71	int best_grade;
c18c124e	72	uint32_t nfat_arch, max_nfat_arch;
2d21ac55 A	73	cpu_type_t testtype;
2d21ac55 A	74	cpu_type_t testsubtype;
1c79356b	75	struct fat_header *header;
1c79356b	76
c18c124e A	77	if (sizeof(struct fat_header) > data_size) {
	78	return (LOAD_FAILURE);
	79	}
1c79356b A	80
1c79356b A	81	header = (struct fat_header *)data_ptr;
0c530ab8	82	nfat_arch = OSSwapBigToHostInt32(header->nfat_arch);
1c79356b	83
c18c124e A	84	max_nfat_arch = (data_size - sizeof(struct fat_header)) / sizeof(struct fat_arch);
	85	if (nfat_arch > max_nfat_arch) {
	86	/* nfat_arch would cause us to read off end of buffer */
	87	return (LOAD_BADMACHO);
1c79356b	88	}
1c79356b	89
2d21ac55 A	90	/*
2d21ac55 A	91	* Scan the fat_arch's looking for the best one. */
1c79356b A	92	best_arch = NULL;
1c79356b A	93	best_grade = 0;
c18c124e	94	arch = (struct fat_arch *) (data_ptr + sizeof(struct fat_header));
1c79356b	95	for (; nfat_arch-- > 0; arch++) {
39236c6e A	96	testtype = OSSwapBigToHostInt32(arch->cputype);
39236c6e A	97	testsubtype = OSSwapBigToHostInt32(arch->cpusubtype) & ~CPU_SUBTYPE_MASK;
2d21ac55	98
1c79356b A	99	/*
	100	* Check to see if right cpu type.
	101	*/
39236c6e	102	if((testtype & ~mask_bits) != (req_cpu_type & ~mask_bits)) {
1c79356b	103	continue;
2d21ac55	104	}
1c79356b A	105
1c79356b A	106	/*
2d21ac55	107	* Get the grade of the cpu subtype (without feature flags)
1c79356b	108	*/
39236c6e	109	grade = grade_binary(testtype, testsubtype);
1c79356b A	110
	111	/*
	112	* Remember it if it's the best we've seen.
	113	*/
	114	if (grade > best_grade) {
	115	best_grade = grade;
	116	best_arch = arch;
	117	}
	118	}
	119
	120	/*
	121	* Return our results.
	122	*/
	123	if (best_arch == NULL) {
	124	lret = LOAD_BADARCH;
	125	} else {
	126	archret->cputype =
0c530ab8	127	OSSwapBigToHostInt32(best_arch->cputype);
1c79356b	128	archret->cpusubtype =
0c530ab8	129	OSSwapBigToHostInt32(best_arch->cpusubtype);
1c79356b	130	archret->offset =
0c530ab8	131	OSSwapBigToHostInt32(best_arch->offset);
1c79356b	132	archret->size =
0c530ab8	133	OSSwapBigToHostInt32(best_arch->size);
1c79356b	134	archret->align =
0c530ab8	135	OSSwapBigToHostInt32(best_arch->align);
1c79356b A	136
	137	lret = LOAD_SUCCESS;
	138	}
	139
	140	/*
	141	* Free the memory we allocated and return.
	142	*/
	143	return(lret);
	144	}
	145
55e303ae	146	load_return_t
c18c124e	147	fatfile_getbestarch(
55e303ae	148	vm_offset_t data_ptr,
c18c124e A	149	vm_size_t data_size,
c18c124e A	150	struct fat_arch *archret)
55e303ae	151	{
39236c6e A	152	/*
	153	* Ignore all architectural bits when determining if an image
	154	* in a fat file should be skipped or graded.
	155	*/
c18c124e A	156	return fatfile_getarch(data_ptr, data_size, cpu_type(), CPU_ARCH_MASK, archret);
	157	}
	158
	159	load_return_t
	160	fatfile_getbestarch_for_cputype(
	161	cpu_type_t cputype,
	162	vm_offset_t data_ptr,
	163	vm_size_t data_size,
	164	struct fat_arch *archret)
	165	{
	166	/*
	167	* Scan the fat_arch array for exact matches for this cpu_type_t only
	168	*/
	169	return fatfile_getarch(data_ptr, data_size, cputype, 0, archret);
91447636 A	170	}
	171
	172	/**********************************************************************
	173	* Routine: fatfile_getarch_with_bits()
	174	*
	175	* Function: Locate the architecture-dependant contents of a fat
	176	* file that match this CPU.
	177	*
	178	* Args: vp: The vnode for the fat file.
	179	* archbits: Architecture specific feature bits
	180	* header: A pointer to the fat file header.
	181	* archret (out): Pointer to fat_arch structure to hold
	182	* the results.
	183	*
	184	* Returns: KERN_SUCCESS: Valid architecture found.
	185	* KERN_FAILURE: No valid architecture found.
	186	**********************************************************************/
	187	load_return_t
	188	fatfile_getarch_with_bits(
91447636 A	189	integer_t archbits,
91447636 A	190	vm_offset_t data_ptr,
c18c124e	191	vm_size_t data_size,
91447636 A	192	struct fat_arch *archret)
91447636 A	193	{
c18c124e A	194	/*
	195	* Scan the fat_arch array for matches with the requested
	196	* architectural bits set, and for the current hardware cpu CPU.
	197	*/
	198	return fatfile_getarch(data_ptr, data_size, (archbits & CPU_ARCH_MASK) \| (cpu_type() & ~CPU_ARCH_MASK), 0, archret);
55e303ae	199	}
1c79356b	200
c18c124e A	201	/*
	202	* Validate the fat_header and fat_arch array in memory. We check that:
	203	*
	204	* 1) arch count would not exceed the data buffer
	205	* 2) arch list does not contain duplicate cputype/cpusubtype tuples
	206	* 3) arch list does not have two overlapping slices. The area
	207	* at the front of the file containing the fat headers is implicitly
	208	* a range that a slice should also not try to cover
	209	*/
	210	load_return_t
	211	fatfile_validate_fatarches(vm_offset_t data_ptr, vm_size_t data_size)
	212	{
	213	uint32_t magic, nfat_arch;
	214	uint32_t max_nfat_arch, i, j;
	215	uint32_t fat_header_size;
	216
	217	struct fat_arch *arches;
	218	struct fat_header *header;
	219
	220	if (sizeof(struct fat_header) > data_size) {
	221	return (LOAD_FAILURE);
	222	}
	223
	224	header = (struct fat_header *)data_ptr;
	225	magic = OSSwapBigToHostInt32(header->magic);
	226	nfat_arch = OSSwapBigToHostInt32(header->nfat_arch);
	227
	228	if (magic != FAT_MAGIC) {
	229	/* must be FAT_MAGIC big endian */
	230	return (LOAD_FAILURE);
	231	}
	232
	233	max_nfat_arch = (data_size - sizeof(struct fat_header)) / sizeof(struct fat_arch);
	234	if (nfat_arch > max_nfat_arch) {
	235	/* nfat_arch would cause us to read off end of buffer */
	236	return (LOAD_BADMACHO);
	237	}
	238
	239	/* now that we know the fat_arch list fits in the buffer, how much does it use? */
	240	fat_header_size = sizeof(struct fat_header) + nfat_arch * sizeof(struct fat_arch);
	241	arches = (struct fat_arch *)(data_ptr + sizeof(struct fat_header));
	242
	243	for (i=0; i < nfat_arch; i++) {
	244	uint32_t i_begin = OSSwapBigToHostInt32(arches[i].offset);
	245	uint32_t i_size = OSSwapBigToHostInt32(arches[i].size);
	246	uint32_t i_cputype = OSSwapBigToHostInt32(arches[i].cputype);
	247	uint32_t i_cpusubtype = OSSwapBigToHostInt32(arches[i].cpusubtype);
	248
	249	if (i_begin < fat_header_size) {
	250	/* slice is trying to claim part of the file used by fat headers themselves */
	251	return (LOAD_BADMACHO);
	252	}
	253
	254	if ((UINT32_MAX - i_size) < i_begin) {
	255	/* start + size would overflow */
	256	return (LOAD_BADMACHO);
	257	}
	258	uint32_t i_end = i_begin + i_size;
	259
	260	for (j=i+1; j < nfat_arch; j++) {
	261	uint32_t j_begin = OSSwapBigToHostInt32(arches[j].offset);
	262	uint32_t j_size = OSSwapBigToHostInt32(arches[j].size);
	263	uint32_t j_cputype = OSSwapBigToHostInt32(arches[j].cputype);
	264	uint32_t j_cpusubtype = OSSwapBigToHostInt32(arches[j].cpusubtype);
265
266	if ((i_cputype == j_cputype) && (i_cpusubtype == j_cpusubtype)) {
267	/* duplicate cputype/cpusubtype, results in ambiguous references */
268	return (LOAD_BADMACHO);
269	}
270
271	if ((UINT32_MAX - j_size) < j_begin) {
272	/* start + size would overflow */
273	return (LOAD_BADMACHO);
274	}
275	uint32_t j_end = j_begin + j_size;
276
277	if (i_begin <= j_begin) {
278	if (i_end <= j_begin) {
279	/* I completely precedes J */
280	} else {
281	/* I started before J, but ends somewhere in or after J */
282	return (LOAD_BADMACHO);
283	}
284	} else {
285	if (i_begin >= j_end) {
286	/* I started after J started but also after J ended */
287	} else {
288	/* I started after J started but before it ended, so there is overlap */
289	return (LOAD_BADMACHO);
290	}
291	}
292	}
293	}
294
295	return (LOAD_SUCCESS);
296	}