]>
Commit | Line | Data |
---|---|---|
1c79356b | 1 | /* |
39037602 | 2 | * Copyright (c) 2000-2016 Apple Inc. All rights reserved. |
1c79356b | 3 | * |
2d21ac55 | 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
1c79356b | 5 | * |
2d21ac55 A |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
8f6c56a5 | 14 | * |
2d21ac55 A |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
17 | * | |
18 | * The Original Code and all software distributed under the License are | |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
8f6c56a5 A |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
2d21ac55 A |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
8f6c56a5 | 25 | * |
2d21ac55 | 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
1c79356b A |
27 | */ |
28 | /* | |
29 | * @OSF_COPYRIGHT@ | |
30 | */ | |
31 | /* | |
32 | * Mach Operating System | |
33 | * Copyright (c) 1991,1990,1989 Carnegie Mellon University | |
34 | * All Rights Reserved. | |
35 | * | |
36 | * Permission to use, copy, modify and distribute this software and its | |
37 | * documentation is hereby granted, provided that both the copyright | |
38 | * notice and this permission notice appear in all copies of the | |
39 | * software, derivative works or modified versions, and any portions | |
40 | * thereof, and that both notices appear in supporting documentation. | |
41 | * | |
42 | * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" | |
43 | * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR | |
44 | * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. | |
45 | * | |
46 | * Carnegie Mellon requests users of this software to return to | |
47 | * | |
48 | * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU | |
49 | * School of Computer Science | |
50 | * Carnegie Mellon University | |
51 | * Pittsburgh PA 15213-3890 | |
52 | * | |
53 | * any improvements or extensions that they make and grant Carnegie Mellon | |
54 | * the rights to redistribute these changes. | |
55 | */ | |
56 | ||
57 | #include <mach_assert.h> | |
1c79356b | 58 | #include <mach_kdp.h> |
5ba3f43e A |
59 | #include <kdp/kdp.h> |
60 | #include <kdp/kdp_core.h> | |
61 | #include <kdp/kdp_internal.h> | |
62 | #include <kdp/kdp_callout.h> | |
1c79356b | 63 | #include <kern/cpu_number.h> |
b0d623f7 | 64 | #include <kern/kalloc.h> |
1c79356b A |
65 | #include <kern/spl.h> |
66 | #include <kern/thread.h> | |
67 | #include <kern/assert.h> | |
68 | #include <kern/sched_prim.h> | |
69 | #include <kern/misc_protos.h> | |
c910b4d9 | 70 | #include <kern/clock.h> |
39236c6e | 71 | #include <kern/telemetry.h> |
fe8ab488 | 72 | #include <kern/ecc.h> |
3e170ce0 | 73 | #include <kern/kern_cdata.h> |
39037602 | 74 | #include <kern/zalloc.h> |
9bccf70c | 75 | #include <vm/vm_kern.h> |
91447636 | 76 | #include <vm/pmap.h> |
1c79356b | 77 | #include <stdarg.h> |
5ba3f43e A |
78 | #include <stdatomic.h> |
79 | #include <sys/pgo.h> | |
80 | #include <console/serial_protos.h> | |
81 | ||
fe8ab488 | 82 | #if !(MACH_KDP && CONFIG_KDP_INTERACTIVE_DEBUGGING) |
2d21ac55 A |
83 | #include <kdp/kdp_udp.h> |
84 | #endif | |
5ba3f43e | 85 | #include <kern/processor.h> |
1c79356b | 86 | |
b0d623f7 | 87 | #if defined(__i386__) || defined(__x86_64__) |
2d21ac55 A |
88 | #include <i386/cpu_threads.h> |
89 | #include <i386/pmCPU.h> | |
90 | #endif | |
91 | ||
92 | #include <IOKit/IOPlatformExpert.h> | |
6d2010ae | 93 | #include <machine/pal_routines.h> |
2d21ac55 | 94 | |
b0d623f7 A |
95 | #include <sys/kdebug.h> |
96 | #include <libkern/OSKextLibPrivate.h> | |
6d2010ae A |
97 | #include <libkern/OSAtomic.h> |
98 | #include <libkern/kernel_mach_header.h> | |
cc8bc92a | 99 | #include <libkern/section_keywords.h> |
6d2010ae | 100 | #include <uuid/uuid.h> |
3e170ce0 | 101 | #include <mach_debug/zone_info.h> |
b0d623f7 | 102 | |
39037602 A |
103 | #include <os/log_private.h> |
104 | ||
5ba3f43e | 105 | #if CONFIG_EMBEDDED |
fe8ab488 | 106 | #include <pexpert/pexpert.h> /* For gPanicBase */ |
5ba3f43e A |
107 | #include <arm/caches_internal.h> |
108 | #include <arm/misc_protos.h> | |
109 | extern volatile struct xnu_hw_shmem_dbg_command_info *hwsd_info; | |
fe8ab488 A |
110 | #endif |
111 | ||
39037602 | 112 | |
1c79356b | 113 | unsigned int halt_in_debugger = 0; |
1c79356b A |
114 | unsigned int current_debugger = 0; |
115 | unsigned int active_debugger = 0; | |
91447636 | 116 | unsigned int panicDebugging = FALSE; |
04b8595b | 117 | unsigned int kdebug_serial = FALSE; |
5ba3f43e A |
118 | unsigned int kernel_debugger_entry_count = 0; |
119 | ||
120 | ||
121 | #if defined(__arm__) | |
122 | #define TRAP_DEBUGGER __asm__ volatile("trap") | |
123 | #elif defined(__arm64__) | |
124 | /* | |
125 | * Magic number; this should be identical to the __arm__ encoding for trap. | |
126 | */ | |
127 | #define TRAP_DEBUGGER __asm__ volatile(".long 0xe7ffdeff") | |
128 | #elif defined (__x86_64__) | |
129 | #define TRAP_DEBUGGER __asm__("int3") | |
130 | #else | |
131 | #error No TRAP_DEBUGGER for this architecture | |
132 | #endif | |
133 | ||
134 | #if defined(__i386__) || defined(__x86_64__) | |
135 | #define panic_stop() pmCPUHalt(PM_HALT_PANIC) | |
136 | #else | |
137 | #define panic_stop() panic_spin_forever() | |
138 | #endif | |
139 | ||
140 | #define CPUDEBUGGEROP PROCESSOR_DATA(current_processor(), debugger_state).db_current_op | |
141 | #define CPUDEBUGGERMSG PROCESSOR_DATA(current_processor(), debugger_state).db_message | |
142 | #define CPUPANICSTR PROCESSOR_DATA(current_processor(), debugger_state).db_panic_str | |
143 | #define CPUPANICARGS PROCESSOR_DATA(current_processor(), debugger_state).db_panic_args | |
144 | #define CPUPANICOPTS PROCESSOR_DATA(current_processor(), debugger_state).db_panic_options | |
145 | #define CPUDEBUGGERSYNC PROCESSOR_DATA(current_processor(), debugger_state).db_proceed_on_sync_failure | |
146 | #define CPUDEBUGGERCOUNT PROCESSOR_DATA(current_processor(), debugger_state).db_entry_count | |
147 | #define CPUDEBUGGERRET PROCESSOR_DATA(current_processor(), debugger_state).db_op_return | |
148 | #define CPUPANICCALLER PROCESSOR_DATA(current_processor(), debugger_state).db_panic_caller | |
149 | ||
150 | #if DEVELOPMENT || DEBUG | |
151 | #define DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED(requested) \ | |
152 | MACRO_BEGIN \ | |
153 | if (requested) { \ | |
154 | volatile int *badpointer = (int *)4; \ | |
155 | *badpointer = 0; \ | |
156 | } \ | |
157 | MACRO_END | |
158 | #endif /* DEVELOPMENT || DEBUG */ | |
159 | ||
160 | debugger_op debugger_current_op = DBOP_NONE; | |
161 | const char *debugger_panic_str = NULL; | |
162 | va_list *debugger_panic_args = NULL; | |
163 | uint64_t debugger_panic_options = 0; | |
164 | const char *debugger_message = NULL; | |
165 | unsigned long debugger_panic_caller = 0; | |
166 | ||
167 | void panic_trap_to_debugger(const char *panic_format_str, va_list *panic_args, unsigned int reason, void *ctx, uint64_t panic_options_mask, unsigned long panic_caller); | |
168 | static void kdp_machine_reboot_type(unsigned int type); | |
169 | __attribute__((noreturn)) void panic_spin_forever(void); | |
170 | extern kern_return_t do_stackshot(void); | |
1c79356b A |
171 | |
172 | int mach_assert = 1; | |
173 | ||
5ba3f43e | 174 | #define NESTEDDEBUGGERENTRYMAX 5 |
1c79356b | 175 | |
5ba3f43e A |
176 | #if CONFIG_EMBEDDED |
177 | #define DEBUG_BUF_SIZE (4096) | |
178 | #define KDBG_TRACE_PANIC_FILENAME "/var/log/panic.trace" | |
179 | #else | |
180 | /* | |
cc8bc92a | 181 | * EXTENDED_/DEBUG_BUF_SIZE can't grow without updates to SMC and iBoot to store larger panic logs on co-processor systems */ |
5ba3f43e | 182 | #define DEBUG_BUF_SIZE ((3 * PAGE_SIZE) + offsetof(struct macos_panic_header, mph_data)) |
cc8bc92a | 183 | #define EXTENDED_DEBUG_BUF_SIZE 0x0013ff80 |
5c9f4661 | 184 | static_assert(((EXTENDED_DEBUG_BUF_SIZE % PANIC_FLUSH_BOUNDARY) == 0), "Extended debug buf size must match SMC alignment requirements"); |
5ba3f43e A |
185 | #define KDBG_TRACE_PANIC_FILENAME "/var/tmp/panic.trace" |
186 | #endif | |
c910b4d9 | 187 | |
5ba3f43e A |
188 | /* debug_buf is directly linked with iBoot panic region for embedded targets */ |
189 | #if CONFIG_EMBEDDED | |
190 | char *debug_buf_base = NULL; | |
fe8ab488 A |
191 | char *debug_buf_ptr = NULL; |
192 | unsigned int debug_buf_size = 0; | |
193 | #else | |
c910b4d9 | 194 | char debug_buf[DEBUG_BUF_SIZE]; |
5ba3f43e A |
195 | struct macos_panic_header *panic_info = (struct macos_panic_header *)debug_buf; |
196 | char *debug_buf_base = (debug_buf + offsetof(struct macos_panic_header, mph_data)); | |
197 | char *debug_buf_ptr = (debug_buf + offsetof(struct macos_panic_header, mph_data)); | |
198 | ||
199 | /* | |
200 | * We don't include the size of the panic header in the length of the data we actually write. | |
201 | * On co-processor platforms, we lose sizeof(struct macos_panic_header) bytes from the end of | |
202 | * the end of the log because we only support writing (3*PAGESIZE) bytes. | |
203 | */ | |
cc8bc92a A |
204 | unsigned int debug_buf_size = (DEBUG_BUF_SIZE - offsetof(struct macos_panic_header, mph_data)); |
205 | ||
206 | boolean_t extended_debug_log_enabled = FALSE; | |
fe8ab488 | 207 | #endif |
2d21ac55 | 208 | |
5ba3f43e A |
209 | /* Debugger state */ |
210 | atomic_int debugger_cpu = ATOMIC_VAR_INIT(DEBUGGER_NO_CPU); | |
211 | boolean_t debugger_allcpus_halted = FALSE; | |
212 | boolean_t debugger_safe_to_return = TRUE; | |
213 | unsigned int debugger_context = 0; | |
39037602 | 214 | |
2d21ac55 | 215 | static char model_name[64]; |
39236c6e | 216 | unsigned char *kernel_uuid; |
2d21ac55 | 217 | |
5ba3f43e A |
218 | /* |
219 | * By default we treat Debugger() the same as calls to panic(), unless | |
220 | * we have debug boot-args present and the DB_KERN_DUMP_ON_NMI *NOT* set. | |
221 | * If DB_KERN_DUMP_ON_NMI is *NOT* set, return from Debugger() is supported. | |
222 | * | |
223 | * Return from Debugger() is currently only implemented on x86 | |
224 | */ | |
225 | static boolean_t debugger_is_panic = TRUE; | |
316670eb | 226 | |
cc8bc92a A |
227 | #if DEVELOPMENT || DEBUG |
228 | boolean_t debug_boot_arg_inited = FALSE; | |
229 | #endif | |
230 | ||
231 | SECURITY_READ_ONLY_LATE(unsigned int) debug_boot_arg; | |
2d21ac55 | 232 | |
5ba3f43e A |
233 | char kernel_uuid_string[37]; /* uuid_string_t */ |
234 | char panic_disk_error_description[512]; | |
235 | size_t panic_disk_error_description_size = sizeof(panic_disk_error_description); | |
9bccf70c | 236 | |
5ba3f43e | 237 | extern unsigned int write_trace_on_panic; |
39037602 A |
238 | int kext_assertions_enable = |
239 | #if DEBUG || DEVELOPMENT | |
240 | TRUE; | |
241 | #else | |
242 | FALSE; | |
243 | #endif | |
244 | ||
1c79356b A |
245 | void |
246 | panic_init(void) | |
247 | { | |
6d2010ae A |
248 | unsigned long uuidlen = 0; |
249 | void *uuid; | |
250 | ||
251 | uuid = getuuidfromheader(&_mh_execute_header, &uuidlen); | |
252 | if ((uuid != NULL) && (uuidlen == sizeof(uuid_t))) { | |
39236c6e A |
253 | kernel_uuid = uuid; |
254 | uuid_unparse_upper(*(uuid_t *)uuid, kernel_uuid_string); | |
6d2010ae A |
255 | } |
256 | ||
3e170ce0 A |
257 | if (!PE_parse_boot_argn("assertions", &mach_assert, sizeof(mach_assert))) { |
258 | mach_assert = 1; | |
259 | } | |
5ba3f43e | 260 | |
cc8bc92a A |
261 | /* |
262 | * Initialize the value of the debug boot-arg | |
263 | */ | |
264 | debug_boot_arg = 0; | |
265 | #if ((CONFIG_EMBEDDED && MACH_KDP) || defined(__x86_64__)) | |
266 | if (PE_parse_boot_argn("debug", &debug_boot_arg, sizeof (debug_boot_arg))) { | |
267 | #if DEVELOPMENT || DEBUG | |
268 | if (debug_boot_arg & DB_HALT) { | |
269 | halt_in_debugger=1; | |
270 | } | |
271 | #endif | |
5ba3f43e | 272 | |
cc8bc92a A |
273 | #if CONFIG_EMBEDDED |
274 | if (debug_boot_arg & DB_NMI) { | |
275 | panicDebugging = TRUE; | |
276 | } | |
277 | #else | |
278 | panicDebugging = TRUE; | |
279 | #if KDEBUG_MOJO_TRACE | |
280 | if (debug_boot_arg & DB_PRT_KDEBUG) { | |
281 | kdebug_serial = TRUE; | |
282 | } | |
283 | #endif | |
284 | #endif /* CONFIG_EMBEDDED */ | |
285 | } | |
286 | #endif /* ((CONFIG_EMBEDDED && MACH_KDP) || defined(__x86_64__)) */ | |
287 | ||
288 | #if DEVELOPMENT || DEBUG | |
289 | debug_boot_arg_inited = TRUE; | |
290 | #endif | |
291 | ||
292 | #if !CONFIG_EMBEDDED | |
293 | /* | |
294 | * By default we treat Debugger() the same as calls to panic(), unless | |
295 | * we have debug boot-args present and the DB_KERN_DUMP_ON_NMI *NOT* set. | |
296 | * If DB_KERN_DUMP_ON_NMI is *NOT* set, return from Debugger() is supported. | |
297 | * This is because writing an on-device corefile is a destructive operation. | |
298 | * | |
299 | * Return from Debugger() is currently only implemented on x86 | |
300 | */ | |
301 | if (PE_i_can_has_debugger(NULL) && !(debug_boot_arg & DB_KERN_DUMP_ON_NMI)) { | |
5ba3f43e A |
302 | debugger_is_panic = FALSE; |
303 | } | |
304 | #endif | |
305 | ||
1c79356b A |
306 | } |
307 | ||
cc8bc92a A |
308 | #if defined (__x86_64__) |
309 | void | |
310 | extended_debug_log_init(void) | |
311 | { | |
312 | assert(coprocessor_paniclog_flush); | |
313 | /* | |
314 | * Allocate an extended panic log buffer that has space for the panic | |
315 | * stackshot at the end. Update the debug buf pointers appropriately | |
316 | * to point at this new buffer. | |
317 | */ | |
318 | char *new_debug_buf = kalloc(EXTENDED_DEBUG_BUF_SIZE); | |
5c9f4661 A |
319 | /* |
320 | * iBoot pre-initializes the panic region with the NULL character. We set this here | |
321 | * so we can accurately calculate the CRC for the region without needing to flush the | |
322 | * full region over SMC. | |
323 | */ | |
324 | memset(new_debug_buf, '\0', EXTENDED_DEBUG_BUF_SIZE); | |
cc8bc92a A |
325 | |
326 | panic_info = (struct macos_panic_header *)new_debug_buf; | |
327 | debug_buf_ptr = debug_buf_base = (new_debug_buf + offsetof(struct macos_panic_header, mph_data)); | |
328 | debug_buf_size = (EXTENDED_DEBUG_BUF_SIZE - offsetof(struct macos_panic_header, mph_data)); | |
329 | ||
330 | extended_debug_log_enabled = TRUE; | |
331 | } | |
332 | #endif /* defined (__x86_64__) */ | |
333 | ||
2d21ac55 A |
334 | void |
335 | debug_log_init(void) | |
336 | { | |
5ba3f43e | 337 | #if CONFIG_EMBEDDED |
fe8ab488 A |
338 | if (!gPanicBase) { |
339 | printf("debug_log_init: Error!! gPanicBase is still not initialized\n"); | |
340 | return; | |
341 | } | |
5ba3f43e A |
342 | /* Shift debug buf start location and size by the length of the panic header */ |
343 | debug_buf_base = (char *)gPanicBase + sizeof(struct embedded_panic_header); | |
344 | debug_buf_ptr = debug_buf_base; | |
345 | debug_buf_size = gPanicSize - sizeof(struct embedded_panic_header); | |
fe8ab488 | 346 | #else |
cc8bc92a A |
347 | bzero(panic_info, DEBUG_BUF_SIZE); |
348 | ||
5ba3f43e A |
349 | assert(debug_buf_base != NULL); |
350 | assert(debug_buf_ptr != NULL); | |
351 | assert(debug_buf_size != 0); | |
fe8ab488 | 352 | #endif |
2d21ac55 A |
353 | } |
354 | ||
5ba3f43e A |
355 | static void |
356 | DebuggerLock() | |
357 | { | |
358 | int my_cpu = cpu_number(); | |
359 | int debugger_exp_cpu = DEBUGGER_NO_CPU; | |
360 | assert(ml_get_interrupts_enabled() == FALSE); | |
361 | ||
362 | if (debugger_cpu == my_cpu) { | |
363 | return; | |
364 | } | |
365 | ||
366 | while(!atomic_compare_exchange_strong(&debugger_cpu, &debugger_exp_cpu, my_cpu)) { | |
367 | debugger_exp_cpu = DEBUGGER_NO_CPU; | |
368 | } | |
369 | ||
370 | return; | |
371 | } | |
372 | ||
373 | static void | |
374 | DebuggerUnlock() | |
375 | { | |
376 | assert(debugger_cpu == cpu_number()); | |
377 | ||
378 | /* | |
379 | * We don't do an atomic exchange here in case | |
380 | * there's another CPU spinning to acquire the debugger_lock | |
381 | * and we never get a chance to update it. We already have the | |
382 | * lock so we can simply store DEBUGGER_NO_CPU and follow with | |
383 | * a barrier. | |
384 | */ | |
385 | debugger_cpu = DEBUGGER_NO_CPU; | |
386 | OSMemoryBarrier(); | |
387 | ||
388 | return; | |
389 | } | |
390 | ||
391 | static kern_return_t | |
392 | DebuggerHaltOtherCores(boolean_t proceed_on_failure) | |
393 | { | |
394 | #if CONFIG_EMBEDDED | |
395 | return DebuggerXCallEnter(proceed_on_failure); | |
396 | #else /* CONFIG_EMBEDDED */ | |
397 | #pragma unused(proceed_on_failure) | |
398 | mp_kdp_enter(proceed_on_failure); | |
399 | return KERN_SUCCESS; | |
2d21ac55 | 400 | #endif |
5ba3f43e A |
401 | } |
402 | ||
403 | static void | |
404 | DebuggerResumeOtherCores() | |
405 | { | |
406 | #if CONFIG_EMBEDDED | |
407 | DebuggerXCallReturn(); | |
408 | #else /* CONFIG_EMBEDDED */ | |
409 | mp_kdp_exit(); | |
410 | #endif | |
411 | } | |
412 | ||
413 | static void | |
414 | DebuggerSaveState(debugger_op db_op, const char *db_message, const char *db_panic_str, | |
415 | va_list *db_panic_args, uint64_t db_panic_options, | |
416 | boolean_t db_proceed_on_sync_failure, unsigned long db_panic_caller) | |
417 | { | |
418 | CPUDEBUGGEROP = db_op; | |
419 | ||
420 | /* Preserve the original panic message */ | |
421 | if (CPUDEBUGGERCOUNT == 1 || CPUPANICSTR == NULL) { | |
422 | CPUDEBUGGERMSG = db_message; | |
423 | CPUPANICSTR = db_panic_str; | |
424 | CPUPANICARGS = db_panic_args; | |
425 | CPUPANICCALLER = db_panic_caller; | |
426 | } else if (CPUDEBUGGERCOUNT > 1 && db_panic_str != NULL) { | |
cc8bc92a A |
427 | kprintf("Nested panic detected:"); |
428 | if (db_panic_str != NULL) | |
429 | _doprnt(db_panic_str, db_panic_args, PE_kputc, 0); | |
5ba3f43e A |
430 | } |
431 | ||
432 | CPUDEBUGGERSYNC = db_proceed_on_sync_failure; | |
433 | CPUDEBUGGERRET = KERN_SUCCESS; | |
434 | ||
435 | /* Reset these on any nested panics */ | |
436 | CPUPANICOPTS = db_panic_options; | |
437 | ||
438 | return; | |
439 | } | |
2d21ac55 | 440 | |
b0d623f7 | 441 | /* |
5ba3f43e A |
442 | * Save the requested debugger state/action into the current processor's processor_data |
443 | * and trap to the debugger. | |
b0d623f7 | 444 | */ |
5ba3f43e A |
445 | kern_return_t |
446 | DebuggerTrapWithState(debugger_op db_op, const char *db_message, const char *db_panic_str, | |
447 | va_list *db_panic_args, uint64_t db_panic_options, | |
448 | boolean_t db_proceed_on_sync_failure, unsigned long db_panic_caller) | |
449 | { | |
450 | kern_return_t ret; | |
451 | ||
452 | assert(ml_get_interrupts_enabled() == FALSE); | |
453 | DebuggerSaveState(db_op, db_message, db_panic_str, | |
454 | db_panic_args, db_panic_options, db_proceed_on_sync_failure, | |
455 | db_panic_caller); | |
456 | ||
457 | TRAP_DEBUGGER; | |
458 | ||
459 | ret = CPUDEBUGGERRET; | |
b0d623f7 | 460 | |
5ba3f43e A |
461 | DebuggerSaveState(DBOP_NONE, NULL, NULL, NULL, 0, FALSE, 0); |
462 | ||
463 | return ret; | |
464 | } | |
465 | ||
466 | void __attribute__((noinline)) | |
467 | Assert( | |
468 | const char *file, | |
469 | int line, | |
470 | const char *expression | |
471 | ) | |
b0d623f7 | 472 | { |
5ba3f43e A |
473 | if (!mach_assert) { |
474 | kprintf("%s:%d non-fatal Assertion: %s", file, line, expression); | |
475 | return; | |
476 | } | |
477 | ||
478 | panic_plain("%s:%d Assertion failed: %s", file, line, expression); | |
b0d623f7 A |
479 | } |
480 | ||
fe8ab488 | 481 | |
5ba3f43e A |
482 | void |
483 | Debugger(const char *message) | |
1c79356b | 484 | { |
5ba3f43e A |
485 | DebuggerWithContext(0, NULL, message, DEBUGGER_OPTION_NONE); |
486 | } | |
1c79356b | 487 | |
5ba3f43e A |
488 | void |
489 | DebuggerWithContext(unsigned int reason, void *ctx, const char *message, | |
490 | uint64_t debugger_options_mask) | |
491 | { | |
492 | spl_t previous_interrupts_state; | |
493 | boolean_t old_doprnt_hide_pointers = doprnt_hide_pointers; | |
7ddcb079 | 494 | |
5ba3f43e | 495 | previous_interrupts_state = ml_set_interrupts_enabled(FALSE); |
7ddcb079 A |
496 | disable_preemption(); |
497 | ||
5ba3f43e | 498 | CPUDEBUGGERCOUNT++; |
b0d623f7 | 499 | |
5ba3f43e A |
500 | if (CPUDEBUGGERCOUNT > NESTEDDEBUGGERENTRYMAX) { |
501 | static boolean_t in_panic_kprintf = FALSE; | |
2d21ac55 | 502 | |
5ba3f43e A |
503 | /* Notify any listeners that we've started a panic */ |
504 | PEHaltRestart(kPEPanicBegin); | |
91447636 | 505 | |
5ba3f43e A |
506 | if (!in_panic_kprintf) { |
507 | in_panic_kprintf = TRUE; | |
508 | kprintf("Detected nested debugger entry count exceeding %d\n", | |
509 | NESTEDDEBUGGERENTRYMAX); | |
510 | in_panic_kprintf = FALSE; | |
511 | } | |
316670eb | 512 | |
5ba3f43e A |
513 | if (!panicDebugging) { |
514 | kdp_machine_reboot_type(kPEPanicRestartCPU); | |
1c79356b | 515 | } |
5ba3f43e A |
516 | |
517 | panic_spin_forever(); | |
1c79356b | 518 | } |
1c79356b | 519 | |
5ba3f43e A |
520 | #if DEVELOPMENT || DEBUG |
521 | DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_options_mask & DEBUGGER_OPTION_RECURPANIC_ENTRY)); | |
522 | #endif | |
523 | ||
524 | doprnt_hide_pointers = FALSE; | |
525 | ||
526 | if (ctx != NULL) { | |
527 | DebuggerSaveState(DBOP_DEBUGGER, message, | |
528 | NULL, NULL, debugger_options_mask, TRUE, 0); | |
529 | handle_debugger_trap(reason, 0, 0, ctx); | |
530 | DebuggerSaveState(DBOP_NONE, NULL, NULL, | |
531 | NULL, 0, FALSE, 0); | |
532 | } else { | |
533 | DebuggerTrapWithState(DBOP_DEBUGGER, message, | |
534 | NULL, NULL, debugger_options_mask, TRUE, 0); | |
535 | } | |
39037602 | 536 | |
5ba3f43e A |
537 | CPUDEBUGGERCOUNT--; |
538 | doprnt_hide_pointers = old_doprnt_hide_pointers; | |
539 | enable_preemption(); | |
540 | ml_set_interrupts_enabled(previous_interrupts_state); | |
541 | } | |
542 | ||
543 | static struct kdp_callout { | |
544 | struct kdp_callout * callout_next; | |
545 | kdp_callout_fn_t callout_fn; | |
546 | boolean_t callout_in_progress; | |
547 | void * callout_arg; | |
548 | } * kdp_callout_list = NULL; | |
549 | ||
550 | /* | |
551 | * Called from kernel context to register a kdp event callout. | |
552 | */ | |
553 | void | |
554 | kdp_register_callout(kdp_callout_fn_t fn, void * arg) | |
555 | { | |
556 | struct kdp_callout * kcp; | |
557 | struct kdp_callout * list_head; | |
558 | ||
559 | kcp = kalloc(sizeof(*kcp)); | |
560 | if (kcp == NULL) | |
561 | panic("kdp_register_callout() kalloc failed"); | |
562 | ||
563 | kcp->callout_fn = fn; | |
564 | kcp->callout_arg = arg; | |
565 | kcp->callout_in_progress = FALSE; | |
566 | ||
567 | /* Lock-less list insertion using compare and exchange. */ | |
568 | do { | |
569 | list_head = kdp_callout_list; | |
570 | kcp->callout_next = list_head; | |
571 | } while (!OSCompareAndSwapPtr(list_head, kcp, &kdp_callout_list)); | |
316670eb | 572 | } |
1c79356b | 573 | |
39037602 | 574 | static void |
5ba3f43e | 575 | kdp_callouts(kdp_event_t event) |
316670eb | 576 | { |
5ba3f43e | 577 | struct kdp_callout *kcp = kdp_callout_list; |
2d21ac55 | 578 | |
5ba3f43e A |
579 | while (kcp) { |
580 | if (!kcp->callout_in_progress) { | |
581 | kcp->callout_in_progress = TRUE; | |
582 | kcp->callout_fn(kcp->callout_arg, event); | |
583 | kcp->callout_in_progress = FALSE; | |
584 | } | |
585 | kcp = kcp->callout_next; | |
55e303ae | 586 | } |
1c79356b A |
587 | } |
588 | ||
5ba3f43e A |
589 | /* |
590 | * An overview of the xnu panic path: | |
591 | * | |
592 | * Several panic wrappers (panic(), panic_with_options(), etc.) all funnel into panic_trap_to_debugger(). | |
593 | * panic_trap_to_debugger() sets the panic state in the current processor's processor_data_t prior | |
594 | * to trapping into the debugger. Once we trap to the debugger, we end up in handle_debugger_trap() | |
595 | * which tries to acquire the panic lock by atomically swapping the current CPU number into debugger_cpu. | |
596 | * debugger_cpu acts as a synchronization point, from which the winning CPU can halt the other cores and | |
597 | * continue to debugger_collect_diagnostics() where we write the paniclog, corefile (if appropriate) and proceed | |
598 | * according to the device's boot-args. | |
599 | */ | |
600 | #undef panic | |
316670eb A |
601 | void |
602 | panic(const char *str, ...) | |
603 | { | |
5ba3f43e A |
604 | va_list panic_str_args; |
605 | ||
606 | va_start(panic_str_args, str); | |
607 | panic_trap_to_debugger(str, &panic_str_args, 0, NULL, 0, (unsigned long)(char *)__builtin_return_address(0)); | |
608 | va_end(panic_str_args); | |
609 | } | |
610 | ||
611 | void | |
612 | panic_with_options(unsigned int reason, void *ctx, uint64_t debugger_options_mask, const char *str, ...) | |
613 | { | |
614 | va_list panic_str_args; | |
615 | ||
616 | va_start(panic_str_args, str); | |
617 | panic_trap_to_debugger(str, &panic_str_args, reason, ctx, debugger_options_mask, (unsigned long)(char *)__builtin_return_address(0)); | |
618 | va_end(panic_str_args); | |
619 | } | |
620 | ||
621 | void | |
622 | panic_context(unsigned int reason, void *ctx, const char *str, ...) | |
623 | { | |
624 | va_list panic_str_args; | |
625 | ||
626 | va_start(panic_str_args, str); | |
627 | panic_trap_to_debugger(str, &panic_str_args, reason, ctx, 0, (unsigned long)(char *)__builtin_return_address(0)); | |
628 | va_end(panic_str_args); | |
629 | } | |
630 | ||
631 | #pragma clang diagnostic push | |
632 | #pragma clang diagnostic ignored "-Wmissing-noreturn" | |
633 | void | |
634 | panic_trap_to_debugger(const char *panic_format_str, va_list *panic_args, unsigned int reason, void | |
635 | *ctx, uint64_t panic_options_mask, unsigned long panic_caller) | |
636 | { | |
637 | #pragma clang diagnostic pop | |
638 | ||
639 | if (ml_wants_panic_trap_to_debugger()) { | |
640 | ml_panic_trap_to_debugger(panic_format_str, panic_args, reason, ctx, panic_options_mask, panic_caller); | |
641 | ||
642 | /* | |
643 | * This should not return, but we return here for the tail call | |
644 | * as it simplifies the backtrace. | |
645 | */ | |
646 | return; | |
647 | } | |
648 | ||
649 | CPUDEBUGGERCOUNT++; | |
650 | ||
651 | if (CPUDEBUGGERCOUNT > NESTEDDEBUGGERENTRYMAX) { | |
652 | static boolean_t in_panic_kprintf = FALSE; | |
653 | ||
654 | /* Notify any listeners that we've started a panic */ | |
655 | PEHaltRestart(kPEPanicBegin); | |
656 | ||
657 | if (!in_panic_kprintf) { | |
658 | in_panic_kprintf = TRUE; | |
659 | kprintf("Detected nested debugger entry count exceeding %d\n", | |
660 | NESTEDDEBUGGERENTRYMAX); | |
661 | in_panic_kprintf = FALSE; | |
662 | } | |
663 | ||
664 | if (!panicDebugging) { | |
665 | kdp_machine_reboot_type(kPEPanicRestartCPU); | |
666 | } | |
667 | ||
668 | panic_spin_forever(); | |
669 | } | |
670 | ||
671 | #if DEVELOPMENT || DEBUG | |
672 | DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((panic_options_mask & DEBUGGER_OPTION_RECURPANIC_ENTRY)); | |
673 | #endif | |
674 | ||
675 | #if CONFIG_EMBEDDED | |
676 | if (PE_arm_debug_panic_hook) | |
677 | PE_arm_debug_panic_hook(panic_format_str); | |
678 | #endif | |
316670eb | 679 | |
39037602 A |
680 | #if defined (__x86_64__) |
681 | plctrace_disable(); | |
682 | #endif | |
39037602 | 683 | |
5ba3f43e A |
684 | if (write_trace_on_panic && kdebug_enable) { |
685 | if (get_preemption_level() == 0 && !ml_at_interrupt_context()) { | |
686 | ml_set_interrupts_enabled(TRUE); | |
687 | KDBG(TRACE_PANIC); | |
688 | kdbg_dump_trace_to_file(KDBG_TRACE_PANIC_FILENAME); | |
689 | } | |
690 | } | |
691 | ||
692 | ml_set_interrupts_enabled(FALSE); | |
693 | disable_preemption(); | |
39037602 | 694 | |
5ba3f43e A |
695 | #if defined (__x86_64__) |
696 | pmSafeMode(x86_lcpu(), PM_SAFE_FL_SAFE); | |
697 | #endif /* defined (__x86_64__) */ | |
3e170ce0 A |
698 | |
699 | /* Never hide pointers from panic logs. */ | |
700 | doprnt_hide_pointers = FALSE; | |
701 | ||
5ba3f43e A |
702 | if (ctx != NULL) { |
703 | /* | |
704 | * We called into panic from a trap, no need to trap again. Set the | |
705 | * state on the current CPU and then jump to handle_debugger_trap. | |
706 | */ | |
707 | DebuggerSaveState(DBOP_PANIC, "panic", | |
708 | panic_format_str, panic_args, | |
709 | panic_options_mask, TRUE, panic_caller); | |
710 | handle_debugger_trap(reason, 0, 0, ctx); | |
316670eb | 711 | } |
316670eb | 712 | |
5ba3f43e | 713 | #if defined(__arm64__) |
316670eb | 714 | /* |
5ba3f43e | 715 | * Signal to fastsim that it should open debug ports (nop on hardware) |
316670eb | 716 | */ |
5ba3f43e A |
717 | __asm__ volatile("HINT 0x45"); |
718 | #endif /* defined(__arm64__) */ | |
3e170ce0 | 719 | |
5ba3f43e A |
720 | DebuggerTrapWithState(DBOP_PANIC, "panic", panic_format_str, |
721 | panic_args, panic_options_mask, TRUE, panic_caller); | |
3e170ce0 | 722 | |
5ba3f43e A |
723 | /* |
724 | * Not reached. | |
725 | */ | |
726 | panic_stop(); | |
316670eb A |
727 | } |
728 | ||
39037602 | 729 | __attribute__((noreturn)) |
39037602 | 730 | void |
5ba3f43e | 731 | panic_spin_forever() |
39037602 | 732 | { |
5ba3f43e A |
733 | paniclog_append_noflush("\nPlease go to https://panic.apple.com to report this panic\n"); |
734 | ||
735 | for (;;) { } | |
736 | } | |
737 | ||
738 | static void | |
739 | kdp_machine_reboot_type(unsigned int type) | |
740 | { | |
741 | printf("Attempting system restart..."); | |
742 | PEHaltRestart(type); | |
743 | halt_all_cpus(TRUE); | |
744 | } | |
745 | ||
746 | void | |
747 | kdp_machine_reboot(void) | |
748 | { | |
749 | kdp_machine_reboot_type(kPEPanicRestartCPU); | |
750 | } | |
751 | ||
752 | /* | |
753 | * Gather and save diagnostic information about a panic (or Debugger call). | |
754 | * | |
755 | * On embedded, Debugger and Panic are treated very similarly -- WDT uses Debugger so we can | |
756 | * theoretically return from it. On desktop, Debugger is treated as a conventional debugger -- i.e no | |
757 | * paniclog is written and no core is written unless we request a core on NMI. | |
758 | * | |
759 | * This routine handles kicking off local coredumps, paniclogs, calling into the Debugger/KDP (if it's configured), | |
760 | * and calling out to any other functions we have for collecting diagnostic info. | |
761 | */ | |
762 | static void | |
763 | debugger_collect_diagnostics(unsigned int exception, unsigned int code, unsigned int subcode, void *state) | |
764 | { | |
765 | #if DEVELOPMENT || DEBUG | |
766 | DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_PRELOG)); | |
767 | #endif | |
768 | ||
769 | #if defined(__x86_64__) | |
cc8bc92a | 770 | kprintf("Debugger called: <%s>\n", debugger_message ? debugger_message : ""); |
5ba3f43e A |
771 | #endif |
772 | /* | |
773 | * DB_HALT (halt_in_debugger) can be requested on startup, we shouldn't generate | |
774 | * a coredump/paniclog for this type of debugger entry. If KDP isn't configured, | |
775 | * we'll just spin in kdp_raise_exception. | |
776 | */ | |
777 | if (debugger_current_op == DBOP_DEBUGGER && halt_in_debugger) { | |
778 | kdp_raise_exception(exception, code, subcode, state); | |
779 | if (debugger_safe_to_return && !debugger_is_panic) { | |
780 | return; | |
781 | } | |
782 | } | |
783 | ||
784 | if ((debugger_current_op == DBOP_PANIC) || | |
cc8bc92a | 785 | ((debugger_current_op == DBOP_DEBUGGER) && debugger_is_panic)) { |
5ba3f43e A |
786 | /* |
787 | * Attempt to notify listeners once and only once that we've started | |
788 | * panicking. Only do this for Debugger() calls if we're treating | |
789 | * Debugger() calls like panic(). | |
790 | */ | |
791 | PEHaltRestart(kPEPanicBegin); | |
792 | ||
793 | /* | |
794 | * Set the begin pointer in the panic log structure. We key off of this | |
795 | * static variable rather than contents from the panic header itself in case someone | |
796 | * has stomped over the panic_info structure. Also initializes the header magic. | |
797 | */ | |
798 | static boolean_t began_writing_paniclog = FALSE; | |
799 | if (!began_writing_paniclog) { | |
800 | PE_init_panicheader(); | |
801 | began_writing_paniclog = TRUE; | |
802 | } else { | |
803 | /* | |
804 | * If we reached here, update the panic header to keep it as consistent | |
805 | * as possible during a nested panic | |
806 | */ | |
807 | PE_update_panicheader_nestedpanic(); | |
808 | } | |
809 | } | |
810 | ||
811 | /* | |
812 | * Write panic string if this was a panic. | |
813 | * | |
814 | * TODO: Consider moving to SavePanicInfo as this is part of the panic log. | |
815 | */ | |
816 | if (debugger_current_op == DBOP_PANIC) { | |
817 | paniclog_append_noflush("panic(cpu %d caller 0x%lx): ", (unsigned) cpu_number(), debugger_panic_caller); | |
818 | if (debugger_panic_str) { | |
819 | _doprnt(debugger_panic_str, debugger_panic_args, consdebug_putc, 0); | |
820 | } | |
821 | paniclog_append_noflush("\n"); | |
822 | } | |
cc8bc92a A |
823 | #if defined(__x86_64__) |
824 | else if (((debugger_current_op == DBOP_DEBUGGER) && debugger_is_panic)) { | |
825 | paniclog_append_noflush("Debugger called: <%s>\n", debugger_message ? debugger_message : ""); | |
826 | } | |
5ba3f43e A |
827 | |
828 | /* | |
829 | * Debugger() is treated like panic() on embedded -- for example we use it for WDT | |
830 | * panics (so we need to write a paniclog). On desktop Debugger() is used in the | |
831 | * conventional sense. | |
832 | */ | |
cc8bc92a | 833 | if (debugger_current_op == DBOP_PANIC || ((debugger_current_op == DBOP_DEBUGGER) && debugger_is_panic)) |
5ba3f43e A |
834 | #endif |
835 | { | |
836 | kdp_callouts(KDP_EVENT_PANICLOG); | |
39037602 | 837 | |
5ba3f43e A |
838 | /* |
839 | * Write paniclog and panic stackshot (if supported) | |
840 | * TODO: Need to clear panic log when return from debugger | |
841 | * hooked up for embedded | |
842 | */ | |
843 | SavePanicInfo(debugger_message, debugger_panic_options); | |
39037602 | 844 | |
5ba3f43e A |
845 | #if DEVELOPMENT || DEBUG |
846 | DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_POSTLOG)); | |
847 | #endif | |
39037602 | 848 | |
5ba3f43e A |
849 | /* DEBUGGER_OPTION_PANICLOGANDREBOOT is used for two finger resets on embedded so we get a paniclog */ |
850 | if (debugger_panic_options & DEBUGGER_OPTION_PANICLOGANDREBOOT) | |
851 | PEHaltRestart(kPEPanicRestartCPU); | |
39037602 | 852 | } |
5ba3f43e A |
853 | |
854 | #if CONFIG_KDP_INTERACTIVE_DEBUGGING | |
39037602 | 855 | /* |
5ba3f43e A |
856 | * If reboot on panic is enabled and the caller of panic indicated that we should skip |
857 | * local coredumps, don't try to write these and instead go straight to reboot. This | |
858 | * allows us to persist any data that's stored in the panic log. | |
39037602 | 859 | */ |
5ba3f43e | 860 | if ((debugger_panic_options & DEBUGGER_OPTION_SKIP_LOCAL_COREDUMP) && |
cc8bc92a | 861 | (debug_boot_arg & DB_REBOOT_POST_CORE)) { |
5ba3f43e A |
862 | kdp_machine_reboot_type(kPEPanicRestartCPU); |
863 | } | |
864 | ||
865 | /* | |
866 | * Consider generating a local corefile if the infrastructure is configured | |
867 | * and we haven't disabled on-device coredumps. | |
868 | */ | |
cc8bc92a | 869 | if (kdp_has_polled_corefile() && !(debug_boot_arg & DB_DISABLE_LOCAL_CORE)) { |
5ba3f43e A |
870 | int ret = -1; |
871 | ||
872 | #if defined (__x86_64__) | |
873 | /* On x86 we don't do a coredump on Debugger unless the DB_KERN_DUMP_ON_NMI boot-arg is specified. */ | |
cc8bc92a | 874 | if (debugger_current_op != DBOP_DEBUGGER || (debug_boot_arg & DB_KERN_DUMP_ON_NMI)) |
5ba3f43e A |
875 | #endif |
876 | { | |
877 | /* | |
878 | * Doing an on-device coredump leaves the disk driver in a state | |
879 | * that can not be resumed. | |
880 | */ | |
881 | debugger_safe_to_return = FALSE; | |
882 | begin_panic_transfer(); | |
883 | ret = kern_dump(KERN_DUMP_DISK); | |
884 | abort_panic_transfer(); | |
885 | ||
886 | #if DEVELOPMENT || DEBUG | |
887 | DEBUGGER_DEBUGGING_NESTED_PANIC_IF_REQUESTED((debugger_panic_options & DEBUGGER_OPTION_RECURPANIC_POSTCORE)); | |
888 | #endif | |
889 | } | |
890 | ||
891 | /* If we wrote a corefile and DB_REBOOT_POST_CORE is set, reboot */ | |
cc8bc92a | 892 | if (ret == 0 && (debug_boot_arg & DB_REBOOT_POST_CORE)) { |
5ba3f43e | 893 | kdp_machine_reboot_type(kPEPanicRestartCPU); |
cc8bc92a | 894 | } |
5ba3f43e A |
895 | } |
896 | ||
5c9f4661 A |
897 | if (debug_boot_arg & DB_REBOOT_ALWAYS) { |
898 | kdp_machine_reboot_type(kPEPanicRestartCPU); | |
899 | } | |
900 | ||
5ba3f43e A |
901 | /* If KDP is configured, try to trap to the debugger */ |
902 | if (current_debugger != NO_CUR_DB) { | |
903 | kdp_raise_exception(exception, code, subcode, state); | |
904 | /* | |
905 | * Only return if we entered via Debugger and it's safe to return | |
906 | * (we halted the other cores successfully, this isn't a nested panic, etc) | |
907 | */ | |
908 | if (debugger_current_op == DBOP_DEBUGGER && | |
909 | debugger_safe_to_return && | |
910 | kernel_debugger_entry_count == 1 && | |
911 | !debugger_is_panic) { | |
912 | return; | |
913 | } | |
914 | } | |
915 | ||
916 | #if CONFIG_EMBEDDED | |
917 | if (panicDebugging) { | |
918 | /* If panic debugging is configured, spin for astris to connect */ | |
919 | panic_spin_shmcon(); | |
920 | } | |
921 | #endif /* CONFIG_EMBEDDED */ | |
922 | #endif /* CONFIG_KDP_INTERACTIVE_DEBUGGING */ | |
923 | ||
924 | if (!panicDebugging) { | |
925 | kdp_machine_reboot_type(kPEPanicRestartCPU); | |
926 | } | |
927 | ||
928 | panic_spin_forever(); | |
39037602 A |
929 | } |
930 | ||
5ba3f43e A |
931 | #if INTERRUPT_MASKED_DEBUG |
932 | uint64_t debugger_trap_timestamps[9]; | |
933 | # define DEBUGGER_TRAP_TIMESTAMP(i) debugger_trap_timestamps[i] = mach_absolute_time(); | |
934 | #else | |
935 | # define DEBUGGER_TRAP_TIMESTAMP(i) | |
39037602 | 936 | #endif |
5ba3f43e | 937 | |
316670eb | 938 | void |
5ba3f43e | 939 | handle_debugger_trap(unsigned int exception, unsigned int code, unsigned int subcode, void *state) |
316670eb | 940 | { |
5ba3f43e A |
941 | unsigned int initial_not_in_kdp = not_in_kdp; |
942 | kern_return_t ret; | |
943 | debugger_op db_prev_op = debugger_current_op; | |
944 | ||
945 | DEBUGGER_TRAP_TIMESTAMP(0); | |
946 | ||
947 | DebuggerLock(); | |
948 | ret = DebuggerHaltOtherCores(CPUDEBUGGERSYNC); | |
316670eb | 949 | |
5ba3f43e | 950 | DEBUGGER_TRAP_TIMESTAMP(1); |
39236c6e | 951 | |
5ba3f43e A |
952 | #if INTERRUPT_MASKED_DEBUG |
953 | if (serialmode & SERIALMODE_OUTPUT) { | |
954 | ml_spin_debug_reset(current_thread()); | |
955 | } | |
956 | #endif | |
957 | if (ret != KERN_SUCCESS) { | |
958 | CPUDEBUGGERRET = ret; | |
959 | DebuggerUnlock(); | |
960 | return; | |
961 | } | |
962 | ||
963 | /* Update the global panic/debugger nested entry level */ | |
964 | kernel_debugger_entry_count = CPUDEBUGGERCOUNT; | |
965 | ||
966 | /* | |
967 | * TODO: Should we do anything special for nested panics here? i.e. if we've trapped more than twice | |
968 | * should we call into the debugger if it's configured and then reboot if the panic log has been written? | |
969 | */ | |
970 | ||
971 | if (CPUDEBUGGEROP == DBOP_NONE) { | |
972 | /* If there was no debugger context setup, we trapped due to a software breakpoint */ | |
973 | debugger_current_op = DBOP_BREAKPOINT; | |
974 | } else { | |
975 | /* Not safe to return from a nested panic/debugger call */ | |
976 | if (debugger_current_op == DBOP_PANIC || | |
977 | debugger_current_op == DBOP_DEBUGGER) { | |
978 | debugger_safe_to_return = FALSE; | |
979 | } | |
980 | ||
981 | debugger_current_op = CPUDEBUGGEROP; | |
982 | ||
983 | /* Only overwrite the panic message if there is none already - save the data from the first call */ | |
984 | if (debugger_panic_str == NULL) { | |
985 | debugger_panic_str = CPUPANICSTR; | |
986 | debugger_panic_args = CPUPANICARGS; | |
987 | debugger_message = CPUDEBUGGERMSG; | |
988 | debugger_panic_caller = CPUPANICCALLER; | |
989 | } | |
990 | ||
991 | debugger_panic_options = CPUPANICOPTS; | |
316670eb | 992 | } |
316670eb A |
993 | |
994 | /* | |
5ba3f43e A |
995 | * Clear the op from the processor debugger context so we can handle |
996 | * breakpoints in the debugger | |
316670eb | 997 | */ |
5ba3f43e A |
998 | CPUDEBUGGEROP = DBOP_NONE; |
999 | ||
1000 | DEBUGGER_TRAP_TIMESTAMP(2); | |
1001 | ||
1002 | kdp_callouts(KDP_EVENT_ENTER); | |
1003 | not_in_kdp = 0; | |
1004 | ||
1005 | DEBUGGER_TRAP_TIMESTAMP(3); | |
1006 | ||
1007 | if (debugger_current_op == DBOP_BREAKPOINT) { | |
1008 | kdp_raise_exception(exception, code, subcode, state); | |
1009 | } else if (debugger_current_op == DBOP_STACKSHOT) { | |
1010 | CPUDEBUGGERRET = do_stackshot(); | |
1011 | #if PGO | |
1012 | } else if (debugger_current_op == DBOP_RESET_PGO_COUNTERS) { | |
1013 | CPUDEBUGGERRET = do_pgo_reset_counters(); | |
1014 | #endif | |
1015 | } else { | |
1016 | debugger_collect_diagnostics(exception, code, subcode, state); | |
1017 | } | |
1018 | ||
1019 | DEBUGGER_TRAP_TIMESTAMP(4); | |
1020 | ||
1021 | not_in_kdp = initial_not_in_kdp; | |
1022 | kdp_callouts(KDP_EVENT_EXIT); | |
1023 | ||
1024 | DEBUGGER_TRAP_TIMESTAMP(5); | |
1025 | ||
1026 | if (debugger_current_op != DBOP_BREAKPOINT) { | |
1027 | debugger_panic_str = NULL; | |
1028 | debugger_panic_args = NULL; | |
1029 | debugger_panic_options = 0; | |
1030 | debugger_message = NULL; | |
1031 | } | |
1032 | ||
1033 | /* Restore the previous debugger state */ | |
1034 | debugger_current_op = db_prev_op; | |
1035 | ||
1036 | DEBUGGER_TRAP_TIMESTAMP(6); | |
1037 | ||
1038 | DebuggerResumeOtherCores(); | |
1039 | ||
1040 | DEBUGGER_TRAP_TIMESTAMP(7); | |
1041 | ||
1042 | DebuggerUnlock(); | |
1043 | ||
1044 | DEBUGGER_TRAP_TIMESTAMP(8); | |
1045 | ||
1046 | return; | |
316670eb A |
1047 | } |
1048 | ||
39037602 A |
1049 | __attribute__((noinline,not_tail_called)) |
1050 | void log(__unused int level, char *fmt, ...) | |
1c79356b | 1051 | { |
39037602 | 1052 | void *caller = __builtin_return_address(0); |
1c79356b | 1053 | va_list listp; |
39037602 A |
1054 | va_list listp2; |
1055 | ||
1c79356b A |
1056 | |
1057 | #ifdef lint | |
1058 | level++; | |
1059 | #endif /* lint */ | |
1060 | #ifdef MACH_BSD | |
1c79356b | 1061 | va_start(listp, fmt); |
39037602 A |
1062 | va_copy(listp2, listp); |
1063 | ||
1064 | disable_preemption(); | |
1065 | _doprnt(fmt, &listp, cons_putc_locked, 0); | |
1c79356b | 1066 | enable_preemption(); |
39037602 A |
1067 | |
1068 | va_end(listp); | |
1069 | ||
1070 | os_log_with_args(OS_LOG_DEFAULT, OS_LOG_TYPE_DEFAULT, fmt, listp2, caller); | |
1071 | va_end(listp2); | |
1c79356b A |
1072 | #endif |
1073 | } | |
9bccf70c | 1074 | |
39037602 | 1075 | /* |
5ba3f43e A |
1076 | * Per <rdar://problem/24974766>, skip appending log messages to |
1077 | * the new logging infrastructure in contexts where safety is | |
1078 | * uncertain. These contexts include: | |
39037602 A |
1079 | * - When we're in the debugger |
1080 | * - We're in a panic | |
1081 | * - Interrupts are disabled | |
1082 | * - Or Pre-emption is disabled | |
1083 | * In all the above cases, it is potentially unsafe to log messages. | |
1084 | */ | |
1085 | ||
5ba3f43e A |
1086 | boolean_t |
1087 | oslog_is_safe(void) { | |
1088 | return (kernel_debugger_entry_count == 0 && | |
39037602 A |
1089 | not_in_kdp == 1 && |
1090 | get_preemption_level() == 0 && | |
1091 | ml_get_interrupts_enabled() == TRUE); | |
1092 | } | |
1093 | ||
5ba3f43e A |
1094 | boolean_t |
1095 | debug_mode_active(void) | |
1096 | { | |
1097 | return ((0 != kernel_debugger_entry_count != 0) || (0 == not_in_kdp)); | |
1098 | } | |
1099 | ||
9bccf70c A |
1100 | void |
1101 | debug_putc(char c) | |
1102 | { | |
2d21ac55 | 1103 | if ((debug_buf_size != 0) && |
5ba3f43e | 1104 | ((debug_buf_ptr - debug_buf_base) < (int)debug_buf_size)) { |
9bccf70c A |
1105 | *debug_buf_ptr=c; |
1106 | debug_buf_ptr++; | |
1107 | } | |
1108 | } | |
2d21ac55 | 1109 | |
5ba3f43e A |
1110 | #if defined (__x86_64__) |
1111 | struct pasc { | |
1112 | unsigned a: 7; | |
1113 | unsigned b: 7; | |
1114 | unsigned c: 7; | |
1115 | unsigned d: 7; | |
1116 | unsigned e: 7; | |
1117 | unsigned f: 7; | |
1118 | unsigned g: 7; | |
1119 | unsigned h: 7; | |
1120 | } __attribute__((packed)); | |
2d21ac55 | 1121 | |
5ba3f43e A |
1122 | typedef struct pasc pasc_t; |
1123 | ||
1124 | /* | |
1125 | * In-place packing routines -- inefficient, but they're called at most once. | |
1126 | * Assumes "buflen" is a multiple of 8. Used for compressing paniclogs on x86. | |
1127 | */ | |
1128 | int | |
1129 | packA(char *inbuf, uint32_t length, uint32_t buflen) | |
2d21ac55 A |
1130 | { |
1131 | unsigned int i, j = 0; | |
1132 | pasc_t pack; | |
1133 | ||
6d2010ae | 1134 | length = MIN(((length + 7) & ~7), buflen); |
2d21ac55 A |
1135 | |
1136 | for (i = 0; i < length; i+=8) | |
1137 | { | |
1138 | pack.a = inbuf[i]; | |
1139 | pack.b = inbuf[i+1]; | |
1140 | pack.c = inbuf[i+2]; | |
1141 | pack.d = inbuf[i+3]; | |
1142 | pack.e = inbuf[i+4]; | |
1143 | pack.f = inbuf[i+5]; | |
1144 | pack.g = inbuf[i+6]; | |
1145 | pack.h = inbuf[i+7]; | |
1146 | bcopy ((char *) &pack, inbuf + j, 7); | |
1147 | j += 7; | |
1148 | } | |
6d2010ae | 1149 | return j; |
2d21ac55 A |
1150 | } |
1151 | ||
5ba3f43e A |
1152 | void |
1153 | unpackA(char *inbuf, uint32_t length) | |
2d21ac55 A |
1154 | { |
1155 | pasc_t packs; | |
1156 | unsigned i = 0; | |
1157 | length = (length * 8)/7; | |
1158 | ||
1159 | while (i < length) { | |
1160 | packs = *(pasc_t *)&inbuf[i]; | |
1161 | bcopy(&inbuf[i+7], &inbuf[i+8], MAX(0, (int) (length - i - 8))); | |
1162 | inbuf[i++] = packs.a; | |
1163 | inbuf[i++] = packs.b; | |
1164 | inbuf[i++] = packs.c; | |
1165 | inbuf[i++] = packs.d; | |
1166 | inbuf[i++] = packs.e; | |
1167 | inbuf[i++] = packs.f; | |
1168 | inbuf[i++] = packs.g; | |
1169 | inbuf[i++] = packs.h; | |
1170 | } | |
1171 | } | |
5ba3f43e | 1172 | #endif /* defined (__x86_64__) */ |
2d21ac55 A |
1173 | |
1174 | extern void *proc_name_address(void *p); | |
1175 | ||
1176 | static void | |
1177 | panic_display_process_name(void) { | |
3e170ce0 A |
1178 | /* because of scoping issues len(p_comm) from proc_t is hard coded here */ |
1179 | char proc_name[17] = "Unknown"; | |
2d21ac55 A |
1180 | task_t ctask = 0; |
1181 | void *cbsd_info = 0; | |
1182 | ||
1183 | if (ml_nofault_copy((vm_offset_t)¤t_thread()->task, (vm_offset_t) &ctask, sizeof(task_t)) == sizeof(task_t)) | |
3e170ce0 | 1184 | if(ml_nofault_copy((vm_offset_t)&ctask->bsd_info, (vm_offset_t)&cbsd_info, sizeof(cbsd_info)) == sizeof(cbsd_info)) |
2d21ac55 A |
1185 | if (cbsd_info && (ml_nofault_copy((vm_offset_t) proc_name_address(cbsd_info), (vm_offset_t) &proc_name, sizeof(proc_name)) > 0)) |
1186 | proc_name[sizeof(proc_name) - 1] = '\0'; | |
5ba3f43e | 1187 | paniclog_append_noflush("\nBSD process name corresponding to current thread: %s\n", proc_name); |
2d21ac55 A |
1188 | } |
1189 | ||
5ba3f43e A |
1190 | unsigned |
1191 | panic_active(void) { | |
1192 | return ((debugger_panic_str != (char *) 0)); | |
2d21ac55 A |
1193 | } |
1194 | ||
5ba3f43e A |
1195 | void |
1196 | populate_model_name(char *model_string) { | |
2d21ac55 A |
1197 | strlcpy(model_name, model_string, sizeof(model_name)); |
1198 | } | |
1199 | ||
5ba3f43e A |
1200 | void |
1201 | panic_display_model_name(void) { | |
2d21ac55 A |
1202 | char tmp_model_name[sizeof(model_name)]; |
1203 | ||
1204 | if (ml_nofault_copy((vm_offset_t) &model_name, (vm_offset_t) &tmp_model_name, sizeof(model_name)) != sizeof(model_name)) | |
1205 | return; | |
1206 | ||
6d2010ae A |
1207 | tmp_model_name[sizeof(tmp_model_name) - 1] = '\0'; |
1208 | ||
1209 | if (tmp_model_name[0] != 0) | |
5ba3f43e | 1210 | paniclog_append_noflush("System model name: %s\n", tmp_model_name); |
6d2010ae A |
1211 | } |
1212 | ||
5ba3f43e A |
1213 | void |
1214 | panic_display_kernel_uuid(void) { | |
39236c6e | 1215 | char tmp_kernel_uuid[sizeof(kernel_uuid_string)]; |
6d2010ae | 1216 | |
39236c6e | 1217 | if (ml_nofault_copy((vm_offset_t) &kernel_uuid_string, (vm_offset_t) &tmp_kernel_uuid, sizeof(kernel_uuid_string)) != sizeof(kernel_uuid_string)) |
6d2010ae | 1218 | return; |
2d21ac55 | 1219 | |
6d2010ae | 1220 | if (tmp_kernel_uuid[0] != '\0') |
5ba3f43e | 1221 | paniclog_append_noflush("Kernel UUID: %s\n", tmp_kernel_uuid); |
2d21ac55 A |
1222 | } |
1223 | ||
5ba3f43e A |
1224 | void |
1225 | panic_display_kernel_aslr(void) { | |
316670eb | 1226 | if (vm_kernel_slide) { |
5ba3f43e A |
1227 | paniclog_append_noflush("Kernel slide: 0x%016lx\n", (unsigned long) vm_kernel_slide); |
1228 | paniclog_append_noflush("Kernel text base: %p\n", (void *) vm_kernel_stext); | |
316670eb | 1229 | } |
316670eb A |
1230 | } |
1231 | ||
5ba3f43e A |
1232 | void |
1233 | panic_display_hibb(void) { | |
fe8ab488 | 1234 | #if defined(__i386__) || defined (__x86_64__) |
5ba3f43e | 1235 | paniclog_append_noflush("__HIB text base: %p\n", (void *) vm_hib_base); |
fe8ab488 A |
1236 | #endif |
1237 | } | |
1238 | ||
5ba3f43e A |
1239 | static void |
1240 | panic_display_uptime(void) { | |
c910b4d9 A |
1241 | uint64_t uptime; |
1242 | absolutetime_to_nanoseconds(mach_absolute_time(), &uptime); | |
1243 | ||
5ba3f43e | 1244 | paniclog_append_noflush("\nSystem uptime in nanoseconds: %llu\n", uptime); |
c910b4d9 A |
1245 | } |
1246 | ||
5ba3f43e A |
1247 | static void |
1248 | panic_display_disk_errors(void) { | |
d190cdc3 A |
1249 | |
1250 | if (panic_disk_error_description[0]) { | |
1251 | panic_disk_error_description[sizeof(panic_disk_error_description) - 1] = '\0'; | |
5ba3f43e | 1252 | paniclog_append_noflush("Root disk errors: \"%s\"\n", panic_disk_error_description); |
d190cdc3 A |
1253 | } |
1254 | }; | |
1255 | ||
2d21ac55 A |
1256 | extern const char version[]; |
1257 | extern char osversion[]; | |
1258 | ||
6d2010ae A |
1259 | static volatile uint32_t config_displayed = 0; |
1260 | ||
5ba3f43e A |
1261 | __private_extern__ void |
1262 | panic_display_system_configuration(boolean_t launchd_exit) { | |
2d21ac55 | 1263 | |
d190cdc3 | 1264 | if (!launchd_exit) panic_display_process_name(); |
6d2010ae A |
1265 | if (OSCompareAndSwap(0, 1, &config_displayed)) { |
1266 | char buf[256]; | |
d190cdc3 | 1267 | if (!launchd_exit && strlcpy(buf, PE_boot_args(), sizeof(buf))) |
5ba3f43e A |
1268 | paniclog_append_noflush("Boot args: %s\n", buf); |
1269 | paniclog_append_noflush("\nMac OS version:\n%s\n", | |
2d21ac55 | 1270 | (osversion[0] != 0) ? osversion : "Not yet set"); |
5ba3f43e | 1271 | paniclog_append_noflush("\nKernel version:\n%s\n",version); |
6d2010ae | 1272 | panic_display_kernel_uuid(); |
d190cdc3 A |
1273 | if (!launchd_exit) { |
1274 | panic_display_kernel_aslr(); | |
1275 | panic_display_hibb(); | |
1276 | panic_display_pal_info(); | |
1277 | } | |
2d21ac55 | 1278 | panic_display_model_name(); |
d190cdc3 A |
1279 | panic_display_disk_errors(); |
1280 | if (!launchd_exit) { | |
1281 | panic_display_uptime(); | |
1282 | panic_display_zprint(); | |
6d2010ae | 1283 | #if CONFIG_ZLEAKS |
d190cdc3 | 1284 | panic_display_ztrace(); |
6d2010ae | 1285 | #endif /* CONFIG_ZLEAKS */ |
5ba3f43e | 1286 | kext_dump_panic_lists(&paniclog_append_noflush); |
d190cdc3 | 1287 | } |
2d21ac55 A |
1288 | } |
1289 | } | |
1290 | ||
39037602 | 1291 | extern unsigned int stack_total; |
6d2010ae | 1292 | extern unsigned long long stack_allocs; |
c910b4d9 | 1293 | |
5ba3f43e | 1294 | #if defined (__x86_64__) |
c910b4d9 | 1295 | extern unsigned int inuse_ptepages_count; |
6d2010ae | 1296 | extern long long alloc_ptepages_count; |
c910b4d9 A |
1297 | #endif |
1298 | ||
5ba3f43e A |
1299 | extern boolean_t panic_include_zprint; |
1300 | extern mach_memory_info_t *panic_kext_memory_info; | |
1301 | extern vm_size_t panic_kext_memory_size; | |
c910b4d9 | 1302 | |
5ba3f43e A |
1303 | __private_extern__ void |
1304 | panic_display_zprint() | |
c910b4d9 A |
1305 | { |
1306 | if(panic_include_zprint == TRUE) { | |
1307 | ||
1308 | unsigned int i; | |
1309 | struct zone zone_copy; | |
1310 | ||
5ba3f43e | 1311 | paniclog_append_noflush("%-20s %10s %10s\n", "Zone Name", "Cur Size", "Free Size"); |
39037602 A |
1312 | for (i = 0; i < num_zones; i++) { |
1313 | if(ml_nofault_copy((vm_offset_t)(&zone_array[i]), (vm_offset_t)&zone_copy, sizeof(struct zone)) == sizeof(struct zone)) { | |
1314 | if(zone_copy.cur_size > (1024*1024)) { | |
5ba3f43e | 1315 | paniclog_append_noflush("%-20s %10lu %10lu\n",zone_copy.zone_name, (uintptr_t)zone_copy.cur_size,(uintptr_t)(zone_copy.countfree * zone_copy.elem_size)); |
c910b4d9 | 1316 | } |
39037602 | 1317 | } |
c910b4d9 A |
1318 | } |
1319 | ||
5ba3f43e | 1320 | paniclog_append_noflush("%-20s %10lu\n", "Kernel Stacks", (uintptr_t)(kernel_stack_size * stack_total)); |
b0d623f7 | 1321 | |
5ba3f43e A |
1322 | #if defined (__x86_64__) |
1323 | paniclog_append_noflush("%-20s %10lu\n", "PageTables",(uintptr_t)(PAGE_SIZE * inuse_ptepages_count)); | |
c910b4d9 | 1324 | #endif |
b0d623f7 | 1325 | |
5ba3f43e | 1326 | paniclog_append_noflush("%-20s %10lu\n", "Kalloc.Large", (uintptr_t)kalloc_large_total); |
3e170ce0 | 1327 | if (panic_kext_memory_info) { |
5ba3f43e A |
1328 | mach_memory_info_t *mem_info = panic_kext_memory_info; |
1329 | paniclog_append_noflush("\n%-5s %10s\n", "Kmod", "Size"); | |
1330 | for (i = 0; i < (panic_kext_memory_size / sizeof(mach_zone_info_t)); i++) { | |
3e170ce0 | 1331 | if (((mem_info[i].flags & VM_KERN_SITE_TYPE) == VM_KERN_SITE_KMOD) && (mem_info[i].size > (1024 * 1024))) { |
5ba3f43e | 1332 | paniclog_append_noflush("%-5lld %10lld\n", mem_info[i].site, mem_info[i].size); |
3e170ce0 A |
1333 | } |
1334 | } | |
1335 | } | |
c910b4d9 A |
1336 | } |
1337 | } | |
1338 | ||
fe8ab488 | 1339 | #if CONFIG_ECC_LOGGING |
5ba3f43e A |
1340 | __private_extern__ void |
1341 | panic_display_ecc_errors() | |
fe8ab488 A |
1342 | { |
1343 | uint32_t count = ecc_log_get_correction_count(); | |
1344 | ||
1345 | if (count > 0) { | |
5ba3f43e | 1346 | paniclog_append_noflush("ECC Corrections:%u\n", count); |
fe8ab488 A |
1347 | } |
1348 | } | |
1349 | #endif /* CONFIG_ECC_LOGGING */ | |
1350 | ||
6d2010ae A |
1351 | #if CONFIG_ZLEAKS |
1352 | extern boolean_t panic_include_ztrace; | |
1353 | extern struct ztrace* top_ztrace; | |
04b8595b A |
1354 | void panic_print_symbol_name(vm_address_t search); |
1355 | ||
6d2010ae A |
1356 | /* |
1357 | * Prints the backtrace most suspected of being a leaker, if we paniced in the zone allocator. | |
1358 | * top_ztrace and panic_include_ztrace comes from osfmk/kern/zalloc.c | |
1359 | */ | |
5ba3f43e A |
1360 | __private_extern__ void |
1361 | panic_display_ztrace(void) | |
6d2010ae A |
1362 | { |
1363 | if(panic_include_ztrace == TRUE) { | |
1364 | unsigned int i = 0; | |
04b8595b A |
1365 | boolean_t keepsyms = FALSE; |
1366 | ||
1367 | PE_parse_boot_argn("keepsyms", &keepsyms, sizeof (keepsyms)); | |
6d2010ae A |
1368 | struct ztrace top_ztrace_copy; |
1369 | ||
1370 | /* Make sure not to trip another panic if there's something wrong with memory */ | |
1371 | if(ml_nofault_copy((vm_offset_t)top_ztrace, (vm_offset_t)&top_ztrace_copy, sizeof(struct ztrace)) == sizeof(struct ztrace)) { | |
5ba3f43e | 1372 | paniclog_append_noflush("\nBacktrace suspected of leaking: (outstanding bytes: %lu)\n", (uintptr_t)top_ztrace_copy.zt_size); |
6d2010ae A |
1373 | /* Print the backtrace addresses */ |
1374 | for (i = 0; (i < top_ztrace_copy.zt_depth && i < MAX_ZTRACE_DEPTH) ; i++) { | |
5ba3f43e | 1375 | paniclog_append_noflush("%p ", top_ztrace_copy.zt_stack[i]); |
04b8595b A |
1376 | if (keepsyms) { |
1377 | panic_print_symbol_name((vm_address_t)top_ztrace_copy.zt_stack[i]); | |
1378 | } | |
5ba3f43e | 1379 | paniclog_append_noflush("\n"); |
6d2010ae A |
1380 | } |
1381 | /* Print any kexts in that backtrace, along with their link addresses so we can properly blame them */ | |
1382 | kmod_panic_dump((vm_offset_t *)&top_ztrace_copy.zt_stack[0], top_ztrace_copy.zt_depth); | |
1383 | } | |
1384 | else { | |
5ba3f43e | 1385 | paniclog_append_noflush("\nCan't access top_ztrace...\n"); |
6d2010ae | 1386 | } |
5ba3f43e | 1387 | paniclog_append_noflush("\n"); |
6d2010ae A |
1388 | } |
1389 | } | |
1390 | #endif /* CONFIG_ZLEAKS */ | |
1391 | ||
39236c6e | 1392 | #if !CONFIG_TELEMETRY |
5ba3f43e A |
1393 | int |
1394 | telemetry_gather(user_addr_t buffer __unused, uint32_t *length __unused, boolean_t mark __unused) | |
39236c6e A |
1395 | { |
1396 | return KERN_NOT_SUPPORTED; | |
1397 | } | |
1398 | #endif | |
5ba3f43e A |
1399 | |
1400 | #include <machine/machine_cpu.h> | |
1401 | ||
1402 | uint32_t kern_feature_overrides = 0; | |
1403 | ||
1404 | boolean_t kern_feature_override(uint32_t fmask) { | |
1405 | if (kern_feature_overrides == 0) { | |
1406 | uint32_t fdisables = 0; | |
1407 | /* Expected to be first invoked early, in a single-threaded | |
1408 | * environment | |
1409 | */ | |
1410 | if (PE_parse_boot_argn("validation_disables", &fdisables, sizeof(fdisables))) { | |
1411 | fdisables |= KF_INITIALIZED; | |
1412 | kern_feature_overrides = fdisables; | |
1413 | } else { | |
1414 | kern_feature_overrides |= KF_INITIALIZED; | |
1415 | } | |
1416 | } | |
1417 | return ((kern_feature_overrides & fmask) == fmask); | |
1418 | } |