]> git.saurik.com Git - apple/xnu.git/blame - bsd/kern/kern_newsysctl.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-7195.101.1.tar.gz
[apple/xnu.git] / bsd / kern / kern_newsysctl.c
CommitLineData
1c79356b 1/*
cb323159 2 * Copyright (c) 2000-2019 Apple Inc. All rights reserved.
5d5c5d0d 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
0a7de745 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
0a7de745 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
0a7de745 17 *
2d21ac55
A		 18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
0a7de745 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
b0d623f7
A		 27 *
28 *
1c79356b
A		 29 * Copyright (c) 1982, 1986, 1989, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * This code is derived from software contributed to Berkeley by
33 * Mike Karels at Berkeley Software Design, Inc.
34 *
35 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
36 * project, to make these variables more userfriendly.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement:
48 * This product includes software developed by the University of
49 * California, Berkeley and its contributors.
50 * 4. Neither the name of the University nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * SUCH DAMAGE.
65 *
66 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
67 */
68
69
c3c9b80d 70#include <kern/counter.h>
1c79356b
A		 71#include <sys/param.h>
72#include <sys/buf.h>
73#include <sys/kernel.h>
74#include <sys/sysctl.h>
75#include <sys/malloc.h>
91447636 76#include <sys/proc_internal.h>
fe8ab488 77#include <sys/kauth.h>
1c79356b 78#include <sys/systm.h>
fe8ab488 79#include <sys/sysproto.h>
1c79356b 80
c3c9b80d
A		 81#include <os/atomic_private.h>
82
b0d623f7 83#include <security/audit/audit.h>
39037602 84#include <pexpert/pexpert.h>
e5568f75 85
c3c9b80d
A		 86#include <IOKit/IOBSD.h>
87
5ba3f43e
A		 88#if CONFIG_MACF
89#include <security/mac_framework.h>
90#endif
91
cb323159 92#if defined(HAS_APPLE_PAC)
f427ee49 93#include <os/hash.h>
cb323159
A		 94#include <ptrauth.h>
95#endif /* defined(HAS_APPLE_PAC) */
d9a64523 96
c3c9b80d
A		 97static LCK_GRP_DECLARE(sysctl_lock_group, "sysctl");
98static LCK_RW_DECLARE(sysctl_geometry_lock, &sysctl_lock_group);
99static LCK_MTX_DECLARE(sysctl_unlocked_node_lock, &sysctl_lock_group);
1c79356b 100
6d2010ae
A		 101/*
102 * Conditionally allow dtrace to see these functions for debugging purposes.
103 */
104#ifdef STATIC
105#undef STATIC
106#endif
107#if 0
0a7de745 108#define STATIC
6d2010ae
A		 109#else
110#define STATIC static
111#endif
112
113/* forward declarations of static functions */
6d2010ae
A		 114STATIC void sysctl_sysctl_debug_dump_node(struct sysctl_oid_list *l, int i);
115STATIC int sysctl_sysctl_debug(struct sysctl_oid *oidp, void *arg1,
0a7de745 116 int arg2, struct sysctl_req *req);
6d2010ae 117STATIC int sysctl_sysctl_name(struct sysctl_oid *oidp, void *arg1,
0a7de745
A		 118 int arg2, struct sysctl_req *req);
119STATIC int sysctl_sysctl_next_ls(struct sysctl_oid_list *lsp,
120 int *name, u_int namelen, int *next, int *len, int level,
121 struct sysctl_oid **oidpp);
6d2010ae
A		 122STATIC int sysctl_old_kernel(struct sysctl_req *req, const void *p, size_t l);
123STATIC int sysctl_new_kernel(struct sysctl_req *req, void *p, size_t l);
f427ee49 124STATIC int name2oid(char *name, int *oid, size_t *len);
6d2010ae
A		 125STATIC int sysctl_sysctl_name2oid(struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req);
126STATIC int sysctl_sysctl_next(struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 127 struct sysctl_req *req);
6d2010ae 128STATIC int sysctl_sysctl_oidfmt(struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req *req);
6d2010ae
A		 129STATIC int sysctl_old_user(struct sysctl_req *req, const void *p, size_t l);
130STATIC int sysctl_new_user(struct sysctl_req *req, void *p, size_t l);
1c79356b 131
fe8ab488 132STATIC void sysctl_create_user_req(struct sysctl_req *req, struct proc *p, user_addr_t oldp,
0a7de745 133 size_t oldlen, user_addr_t newp, size_t newlen);
f427ee49 134STATIC int sysctl_root(boolean_t from_kernel, boolean_t string_is_canonical, char *namestring, size_t namestringlen, int *name, size_t namelen, struct sysctl_req *req);
1c79356b 135
f427ee49 136int kernel_sysctl(struct proc *p, int *name, size_t namelen, void *old, size_t *oldlenp, void *new, size_t newlen);
0a7de745
A		 137int kernel_sysctlbyname(const char *name, void *oldp, size_t *oldlenp, void *newp, size_t newlen);
138int userland_sysctl(boolean_t string_is_canonical,
139 char *namestring, size_t namestringlen,
140 int *name, u_int namelen, struct sysctl_req *req,
141 size_t *retval);
1c79356b 142
c3c9b80d
A		 143SECURITY_READ_ONLY_LATE(struct sysctl_oid_list) sysctl__children; /* root list */
144__SYSCTL_EXTENSION_NODE();
1c79356b
A		 145
146/*
147 * Initialization of the MIB tree.
148 *
149 * Order by number in each list.
150 */
151
c3c9b80d
A		 152static void
153sysctl_register_oid_locked(struct sysctl_oid *new_oidp,
154 struct sysctl_oid *oidp)
155{
156 struct sysctl_oid_list *parent = new_oidp->oid_parent;
157 struct sysctl_oid_list *parent_rw = NULL;
158 struct sysctl_oid *p, **prevp;
159
160 p = SLIST_FIRST(parent);
161 if (p && p->oid_number == OID_MUTABLE_ANCHOR) {
162 parent_rw = p->oid_arg1;
163 }
164
165 if (oidp->oid_number == OID_AUTO) {
166 int n = OID_AUTO_START;
167
168 /*
169 * If this oid has a number OID_AUTO, give it a number which
170 * is greater than any current oid. Make sure it is at least
171 * OID_AUTO_START to leave space for pre-assigned oid numbers.
172 */
173
174 SLIST_FOREACH_PREVPTR(p, prevp, parent, oid_link) {
175 if (p->oid_number >= n) {
176 n = p->oid_number + 1;
177 }
178 }
179
180 if (parent_rw) {
181 SLIST_FOREACH_PREVPTR(p, prevp, parent_rw, oid_link) {
182 if (p->oid_number >= n) {
183 n = p->oid_number + 1;
184 }
185 }
186 }
187
188 /*
189 * Reflect the number in an allocated OID into the template
190 * of the caller for sysctl_unregister_oid() compares.
191 */
192 oidp->oid_number = new_oidp->oid_number = n;
193 } else {
194 /*
195 * Insert the oid into the parent's list in order.
196 */
197 SLIST_FOREACH_PREVPTR(p, prevp, parent, oid_link) {
198 if (oidp->oid_number == p->oid_number) {
199 panic("attempting to register a sysctl at previously registered slot : %d",
200 oidp->oid_number);
201 } else if (oidp->oid_number < p->oid_number) {
202 break;
203 }
204 }
205
206 if (parent_rw) {
207 SLIST_FOREACH_PREVPTR(p, prevp, parent_rw, oid_link) {
208 if (oidp->oid_number == p->oid_number) {
209 panic("attempting to register a sysctl at previously registered slot : %d",
210 oidp->oid_number);
211 } else if (oidp->oid_number < p->oid_number) {
212 break;
213 }
214 }
215 }
216 }
217
218#if defined(HAS_APPLE_PAC)
219 if (oidp->oid_handler) {
220 /*
221 * Sign oid_handler address-discriminated upon installation to make it
222 * harder to replace with an arbitrary function pointer. Blend with
223 * a hash of oid_arg1 for robustness against memory corruption.
224 */
225 oidp->oid_handler = ptrauth_auth_and_resign(oidp->oid_handler,
226 ptrauth_key_function_pointer,
227 ptrauth_function_pointer_type_discriminator(typeof(oidp->oid_handler)),
228 ptrauth_key_function_pointer,
229 ptrauth_blend_discriminator(&oidp->oid_handler,
230 os_hash_kernel_pointer(oidp->oid_arg1)));
231 }
232#endif /* defined(HAS_APPLE_PAC) */
233
234 SLIST_NEXT(oidp, oid_link) = *prevp;
235 *prevp = oidp;
236}
237
6d2010ae
A		 238void
239sysctl_register_oid(struct sysctl_oid *new_oidp)
1c79356b 240{
c3c9b80d
A		 241 struct sysctl_oid *oidp;
242
243 if (new_oidp->oid_number < OID_AUTO) {
244 panic("trying to register a node %p with an invalid oid_number: %d",
245 new_oidp, new_oidp->oid_number);
246 }
247 if (new_oidp->oid_kind & CTLFLAG_PERMANENT) {
248 panic("Use sysctl_register_oid_early to register permanent nodes");
249 }
6d2010ae
A		 250
251 /*
252 * The OID can be old-style (needs copy), new style without an earlier
253 * version (also needs copy), or new style with a matching version (no
254 * copy needed). Later versions are rejected (presumably, the OID
255 * structure was changed for a necessary reason).
256 */
257 if (!(new_oidp->oid_kind & CTLFLAG_OID2)) {
f427ee49 258#if __x86_64__
6d2010ae 259 /*
c3c9b80d 260 * XXX: KHEAP_DEFAULT is perhaps not the most apropriate zone, as it
6d2010ae
A		 261 * XXX: will subject us to use-after-free by other consumers.
262 */
c3c9b80d
A		 263 oidp = kheap_alloc(KHEAP_DEFAULT, sizeof(struct sysctl_oid),
264 Z_WAITOK | Z_ZERO);
0a7de745
A		 265 if (oidp == NULL) {
266 return; /* reject: no memory */
267 }
6d2010ae
A		 268 /*
269 * Copy the structure only through the oid_fmt field, which
270 * is the last field in a non-OID2 OID structure.
271 *
272 * Note: We may want to set the oid_descr to the
273 * oid_name (or "") at some future date.
274 */
c3c9b80d 275 memcpy(oidp, new_oidp, offsetof(struct sysctl_oid, oid_descr));
f427ee49
A		 276#else
277 panic("Old style sysctl without a version number isn't supported");
278#endif
6d2010ae
A		 279 } else {
280 /* It's a later version; handle the versions we know about */
281 switch (new_oidp->oid_version) {
282 case SYSCTL_OID_VERSION:
283 /* current version */
284 oidp = new_oidp;
285 break;
286 default:
0a7de745 287 return; /* rejects unknown version */
6d2010ae
A		 288 }
289 }
43866e37 290
c3c9b80d
A		 291 lck_rw_lock_exclusive(&sysctl_geometry_lock);
292 sysctl_register_oid_locked(new_oidp, oidp);
293 lck_rw_unlock_exclusive(&sysctl_geometry_lock);
294}
1c79356b 295
c3c9b80d
A		 296__startup_func
297void
298sysctl_register_oid_early(struct sysctl_oid *oidp)
299{
300 assert((oidp->oid_kind & CTLFLAG_OID2) &&
301 (oidp->oid_kind & CTLFLAG_PERMANENT) &&
302 oidp->oid_version == SYSCTL_OID_VERSION);
303 assert(startup_phase < STARTUP_SUB_SYSCTL);
d9a64523 304
1c79356b 305 /*
c3c9b80d
A		 306 * Clear the flag so that callers can use sysctl_register_oid_early
307 * again if they wish to register their node.
1c79356b 308 */
c3c9b80d
A		 309 if (oidp->oid_kind & CTLFLAG_NOAUTO) {
310 oidp->oid_kind &= ~CTLFLAG_NOAUTO;
311 return;
0a7de745 312 }
43866e37 313
c3c9b80d 314 sysctl_register_oid_locked(oidp, oidp);
1c79356b
A		 315}
316
6d2010ae
A		 317void
318sysctl_unregister_oid(struct sysctl_oid *oidp)
1c79356b 319{
0a7de745 320 struct sysctl_oid *removed_oidp = NULL; /* OID removed from tree */
f427ee49 321#if __x86_64__
0a7de745 322 struct sysctl_oid *old_oidp = NULL; /* OID compatibility copy */
f427ee49 323#endif
c3c9b80d 324 struct sysctl_oid_list *lsp;
2d21ac55
A		 325
326 /* Get the write lock to modify the geometry */
c3c9b80d
A		 327 lck_rw_lock_exclusive(&sysctl_geometry_lock);
328
329 lsp = oidp->oid_parent;
330 if (SLIST_FIRST(lsp) && SLIST_FIRST(lsp)->oid_number == OID_MUTABLE_ANCHOR) {
331 lsp = SLIST_FIRST(lsp)->oid_arg1;
332 }
333
334 if (oidp->oid_kind & CTLFLAG_PERMANENT) {
335 panic("Trying to unregister permanent sysctl %p", oidp);
336 }
2d21ac55 337
6d2010ae 338 if (!(oidp->oid_kind & CTLFLAG_OID2)) {
f427ee49 339#if __x86_64__
6d2010ae
A		 340 /*
341 * We're using a copy so we can get the new fields in an
342 * old structure, so we have to iterate to compare the
343 * partial structure; when we find a match, we remove it
344 * normally and free the memory.
345 */
c3c9b80d 346 SLIST_FOREACH(old_oidp, lsp, oid_link) {
0a7de745
A		 347 if (!memcmp(&oidp->oid_number, &old_oidp->oid_number, (offsetof(struct sysctl_oid, oid_descr) - offsetof(struct sysctl_oid, oid_number)))) {
348 break;
349 }
6d2010ae
A		 350 }
351 if (old_oidp != NULL) {
c3c9b80d 352 SLIST_REMOVE(lsp, old_oidp, sysctl_oid, oid_link);
6d2010ae
A		 353 removed_oidp = old_oidp;
354 }
f427ee49
A		 355#else
356 panic("Old style sysctl without a version number isn't supported");
357#endif
6d2010ae
A		 358 } else {
359 /* It's a later version; handle the versions we know about */
360 switch (oidp->oid_version) {
361 case SYSCTL_OID_VERSION:
362 /* We can just remove the OID directly... */
c3c9b80d 363 SLIST_REMOVE(lsp, oidp, sysctl_oid, oid_link);
6d2010ae
A		 364 removed_oidp = oidp;
365 break;
366 default:
0a7de745
A		 367 /* XXX: Can't happen; probably tree coruption.*/
368 break; /* rejects unknown version */
6d2010ae
A		 369 }
370 }
371
cb323159 372#if defined(HAS_APPLE_PAC)
c3c9b80d 373 if (removed_oidp && removed_oidp->oid_handler) {
cb323159
A		 374 /*
375 * Revert address-discriminated signing performed by
376 * sysctl_register_oid() (in case this oid is registered again).
377 */
f427ee49 378 removed_oidp->oid_handler = ptrauth_auth_and_resign(removed_oidp->oid_handler,
cb323159
A		 379 ptrauth_key_function_pointer,
380 ptrauth_blend_discriminator(&removed_oidp->oid_handler,
f427ee49
A		 381 os_hash_kernel_pointer(removed_oidp->oid_arg1)),
382 ptrauth_key_function_pointer,
383 ptrauth_function_pointer_type_discriminator(typeof(removed_oidp->oid_handler)));
cb323159
A		 384 }
385#endif /* defined(HAS_APPLE_PAC) */
d9a64523 386
6d2010ae
A		 387 /*
388 * We've removed it from the list at this point, but we don't want
389 * to return to the caller until all handler references have drained
390 * out. Doing things in this order prevent other people coming in
391 * and starting new operations against the OID node we want removed.
392 *
393 * Note: oidp could be NULL if it wasn't found.
394 */
0a7de745 395 while (removed_oidp && removed_oidp->oid_refcnt) {
c3c9b80d
A		 396 lck_rw_sleep(&sysctl_geometry_lock, LCK_SLEEP_EXCLUSIVE,
397 &removed_oidp->oid_refcnt, THREAD_UNINT);
6d2010ae 398 }
2d21ac55
A		 399
400 /* Release the write lock */
c3c9b80d 401 lck_rw_unlock_exclusive(&sysctl_geometry_lock);
2d21ac55 402
f427ee49 403#if __x86_64__
c3c9b80d
A		 404 /* If it was allocated, free it after dropping the lock */
405 kheap_free(KHEAP_DEFAULT, old_oidp, sizeof(struct sysctl_oid));
f427ee49 406#endif
1c79356b
A		 407}
408
1c79356b 409/*
39037602 410 * Exported in BSDKernel.exports, kept for binary compatibility
1c79356b 411 */
39037602 412#if defined(__x86_64__)
2d21ac55 413void
39037602 414sysctl_register_fixed(void)
2d21ac55 415{
2d21ac55 416}
39037602
A		 417#endif
418
1c79356b 419/*
2d21ac55
A		 420 * New handler interface
421 * If the sysctl caller (user mode or kernel mode) is interested in the
422 * value (req->oldptr != NULL), we copy the data (bigValue etc.) out,
423 * if the caller wants to set the value (req->newptr), we copy
424 * the data in (*pValue etc.).
1c79356b 425 */
1c79356b 426
2d21ac55 427int
0a7de745
A		 428sysctl_io_number(struct sysctl_req *req, long long bigValue, size_t valueSize, void *pValue, int *changed)
429{
430 int smallValue;
431 int error;
2d21ac55 432
0a7de745
A		 433 if (changed) {
434 *changed = 0;
435 }
2d21ac55
A		 436
437 /*
438 * Handle the various combinations of caller buffer size and
439 * data value size. We are generous in the case where the
440 * caller has specified a 32-bit buffer but the value is 64-bit
441 * sized.
442 */
443
444 /* 32 bit value expected or 32 bit buffer offered */
b0d623f7
A		 445 if (((valueSize == sizeof(int)) ||
446 ((req->oldlen == sizeof(int)) && (valueSize == sizeof(long long))))
0a7de745 447 && (req->oldptr)) {
2d21ac55 448 smallValue = (int)bigValue;
0a7de745
A		 449 if ((long long)smallValue != bigValue) {
450 return ERANGE;
451 }
2d21ac55
A		 452 error = SYSCTL_OUT(req, &smallValue, sizeof(smallValue));
453 } else {
454 /* any other case is either size-equal or a bug */
455 error = SYSCTL_OUT(req, &bigValue, valueSize);
456 }
457 /* error or nothing to set */
0a7de745
A		 458 if (error || !req->newptr) {
459 return error;
460 }
2d21ac55
A		 461
462 /* set request for constant */
0a7de745
A		 463 if (pValue == NULL) {
464 return EPERM;
465 }
2d21ac55
A		 466
467 /* set request needs to convert? */
468 if ((req->newlen == sizeof(int)) && (valueSize == sizeof(long long))) {
469 /* new value is 32 bits, upconvert to 64 bits */
470 error = SYSCTL_IN(req, &smallValue, sizeof(smallValue));
0a7de745 471 if (!error) {
2d21ac55 472 *(long long *)pValue = (long long)smallValue;
0a7de745 473 }
2d21ac55
A		 474 } else if ((req->newlen == sizeof(long long)) && (valueSize == sizeof(int))) {
475 /* new value is 64 bits, downconvert to 32 bits and range check */
476 error = SYSCTL_IN(req, &bigValue, sizeof(bigValue));
477 if (!error) {
478 smallValue = (int)bigValue;
0a7de745
A		 479 if ((long long)smallValue != bigValue) {
480 return ERANGE;
481 }
2d21ac55
A		 482 *(int *)pValue = smallValue;
483 }
484 } else {
485 /* sizes match, just copy in */
486 error = SYSCTL_IN(req, pValue, valueSize);
487 }
0a7de745 488 if (!error && changed) {
2d21ac55 489 *changed = 1;
0a7de745
A		 490 }
491 return error;
2d21ac55
A		 492}
493
494int
495sysctl_io_string(struct sysctl_req *req, char *pValue, size_t valueSize, int trunc, int *changed)
1c79356b 496{
2d21ac55 497 int error;
f427ee49 498 size_t len = strlen(pValue) + 1;
2d21ac55 499
0a7de745
A		 500 if (changed) {
501 *changed = 0;
502 }
2d21ac55 503
f427ee49 504 if (trunc && req->oldptr && req->oldlen && (req->oldlen < len)) {
2d21ac55
A		 505 /* If trunc != 0, if you give it a too small (but larger than
506 * 0 bytes) buffer, instead of returning ENOMEM, it truncates the
507 * returned string to the buffer size. This preserves the semantics
508 * of some library routines implemented via sysctl, which truncate
509 * their returned data, rather than simply returning an error. The
cb323159 510 * returned string is always nul (ascii '\0') terminated. */
0a7de745 511 error = SYSCTL_OUT(req, pValue, req->oldlen - 1);
2d21ac55 512 if (!error) {
cb323159 513 char c = '\0';
2d21ac55
A		 514 error = SYSCTL_OUT(req, &c, 1);
515 }
516 } else {
517 /* Copy string out */
f427ee49 518 error = SYSCTL_OUT(req, pValue, len);
2d21ac55
A		 519 }
520
521 /* error or no new value */
0a7de745
A		 522 if (error || !req->newptr) {
523 return error;
524 }
2d21ac55
A		 525
526 /* attempt to set read-only value */
0a7de745
A		 527 if (valueSize == 0) {
528 return EPERM;
529 }
2d21ac55
A		 530
531 /* make sure there's room for the new string */
0a7de745
A		 532 if (req->newlen >= valueSize) {
533 return EINVAL;
534 }
2d21ac55 535
cb323159 536 /* copy the string in and force nul termination */
2d21ac55
A		 537 error = SYSCTL_IN(req, pValue, req->newlen);
538 pValue[req->newlen] = '\0';
539
0a7de745 540 if (!error && changed) {
2d21ac55 541 *changed = 1;
0a7de745
A		 542 }
543 return error;
1c79356b
A		 544}
545
0a7de745
A		 546int
547sysctl_io_opaque(struct sysctl_req *req, void *pValue, size_t valueSize, int *changed)
2d21ac55
A		 548{
549 int error;
550
0a7de745
A		 551 if (changed) {
552 *changed = 0;
553 }
2d21ac55
A		 554
555 /* Copy blob out */
556 error = SYSCTL_OUT(req, pValue, valueSize);
557
558 /* error or nothing to set */
0a7de745
A		 559 if (error || !req->newptr) {
560 return error;
561 }
2d21ac55
A		 562
563 error = SYSCTL_IN(req, pValue, valueSize);
564
0a7de745 565 if (!error && changed) {
2d21ac55 566 *changed = 1;
0a7de745
A		 567 }
568 return error;
2d21ac55 569}
1c79356b 570
c3c9b80d
A		 571/*
572 * SYSCTL_OID enumerators
573 *
574 * Because system OIDs are immutable, they are composed of 2 lists hanging from
575 * a first dummy OID_MUTABLE_ANCHOR node that has an immutable list hanging from
576 * its `oid_parent` field and a mutable list hanging from its oid_arg1 one.
577 *
578 * Those enumerators abstract away the implicit merging of those two lists in
579 * two possible order:
580 * - oid_number order (which will interleave both sorted lists)
581 * - system order which will list the immutable list first,
582 * and the mutable list second.
583 */
584struct sysctl_oid_iterator {
585 struct sysctl_oid *a;
586 struct sysctl_oid *b;
587};
588
589static struct sysctl_oid_iterator
590sysctl_oid_iterator_begin(struct sysctl_oid_list *l)
591{
592 struct sysctl_oid_iterator it = { };
593 struct sysctl_oid *a = SLIST_FIRST(l);
594
595 if (a == NULL) {
596 return it;
597 }
598
599 if (a->oid_number == OID_MUTABLE_ANCHOR) {
600 it.a = SLIST_NEXT(a, oid_link);
601 it.b = SLIST_FIRST((struct sysctl_oid_list *)a->oid_arg1);
602 } else {
603 it.a = a;
604 }
605 return it;
606}
607
608static struct sysctl_oid *
609sysctl_oid_iterator_next_num_order(struct sysctl_oid_iterator *it)
610{
611 struct sysctl_oid *a = it->a;
612 struct sysctl_oid *b = it->b;
613
614 if (a == NULL && b == NULL) {
615 return NULL;
616 }
617
618 if (a == NULL) {
619 it->b = SLIST_NEXT(b, oid_link);
620 return b;
621 }
622
623 if (b == NULL || a->oid_number <= b->oid_number) {
624 it->a = SLIST_NEXT(a, oid_link);
625 return a;
626 }
627
628 it->b = SLIST_NEXT(b, oid_link);
629 return b;
630}
631
632#define SYSCTL_OID_FOREACH_NUM_ORDER(oidp, l) \
633 for (struct sysctl_oid_iterator it = sysctl_oid_iterator_begin(l); \
634 ((oidp) = sysctl_oid_iterator_next_num_order(&it)); )
635
636static struct sysctl_oid *
637sysctl_oid_iterator_next_system_order(struct sysctl_oid_iterator *it)
638{
639 struct sysctl_oid *a = it->a;
640 struct sysctl_oid *b = it->b;
641
642 if (a) {
643 it->a = SLIST_NEXT(a, oid_link);
644 return a;
645 }
646
647 if (b) {
648 it->b = SLIST_NEXT(b, oid_link);
649 return b;
650 }
651
652 return NULL;
653}
654
655#define SYSCTL_OID_FOREACH_SYS_ORDER(oidp, l) \
656 for (struct sysctl_oid_iterator it = sysctl_oid_iterator_begin(l); \
657 ((oidp) = sysctl_oid_iterator_next_system_order(&it)); )
658
1c79356b
A		 659/*
660 * "Staff-functions"
661 *
0a7de745 662 * These functions implement a presently undocumented interface
1c79356b
A		 663 * used by the sysctl program to walk the tree, and get the type
664 * so it can print the value.
665 * This interface is under work and consideration, and should probably
666 * be killed with a big axe by the first person who can find the time.
667 * (be aware though, that the proper interface isn't as obvious as it
668 * may seem, there are various conflicting requirements.
669 *
670 * {0,0} printf the entire MIB-tree.
671 * {0,1,...} return the name of the "..." OID.
672 * {0,2,...} return the next OID.
673 * {0,3} return the OID of the name in "new"
674 * {0,4,...} return the kind & format info for the "..." OID.
675 */
676
6d2010ae
A		 677/*
678 * sysctl_sysctl_debug_dump_node
679 *
680 * Description: Dump debug information for a given sysctl_oid_list at the
681 * given oid depth out to the kernel log, via printf
682 *
683 * Parameters: l sysctl_oid_list pointer
684 * i current node depth
685 *
686 * Returns: (void)
687 *
688 * Implicit: kernel log, modified
689 *
690 * Locks: Assumes sysctl_geometry_lock is held prior to calling
691 *
692 * Notes: This function may call itself recursively to resolve Node
693 * values, which potentially have an inferioer sysctl_oid_list
694 *
695 * This function is only callable indirectly via the function
696 * sysctl_sysctl_debug()
697 *
698 * Bugs: The node depth indentation does not work; this may be an
699 * artifact of leading space removal by the log daemon itself
700 * or some intermediate routine.
701 */
702STATIC void
1c79356b
A		 703sysctl_sysctl_debug_dump_node(struct sysctl_oid_list *l, int i)
704{
1c79356b 705 struct sysctl_oid *oidp;
c3c9b80d
A		 706 struct sysctl_oid_list *lp;
707 const char *what;
1c79356b 708
c3c9b80d
A		 709 SYSCTL_OID_FOREACH_SYS_ORDER(oidp, l) {
710 switch (oidp->oid_kind & CTLTYPE) {
711 case CTLTYPE_NODE:
712 lp = oidp->oid_arg1;
713 what = "Node ";
714 if (lp && SLIST_FIRST(lp) &&
715 SLIST_FIRST(lp)->oid_number == OID_MUTABLE_ANCHOR) {
716 what = "NodeExt";
717 } else {
718 }
719 break;
720 case CTLTYPE_INT:
721 what = "Int ";
722 break;
723 case CTLTYPE_STRING:
724 what = "String ";
725 break;
726 case CTLTYPE_QUAD:
727 what = "Quad ";
728 break;
729 case CTLTYPE_OPAQUE:
730 what = "Opaque ";
731 break;
732 default:
733 what = "Unknown";
734 break;
0a7de745 735 }
1c79356b 736
c3c9b80d 737 printf("%*s%-3d[%c%c%c%c%c] %s %s\n", i, "", oidp->oid_number,
0a7de745
A		 738 oidp->oid_kind & CTLFLAG_LOCKED ? 'L':' ',
739 oidp->oid_kind & CTLFLAG_RD ? 'R':' ',
c3c9b80d
A		 740 oidp->oid_kind & CTLFLAG_WR ? 'W':' ',
741 oidp->oid_kind & CTLFLAG_PERMANENT ? ' ':'*',
742 oidp->oid_handler ? 'h' : ' ',
743 what, oidp->oid_name);
1c79356b 744
c3c9b80d 745 if ((oidp->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
0a7de745 746 if (!oidp->oid_handler) {
c3c9b80d 747 sysctl_sysctl_debug_dump_node(lp, i + 2);
0a7de745 748 }
1c79356b 749 }
1c79356b
A		 750 }
751}
752
6d2010ae
A		 753/*
754 * sysctl_sysctl_debug
755 *
756 * Description: This function implements the "sysctl.debug" portion of the
757 * OID space for sysctl.
758 *
759 * OID: 0, 0
760 *
761 * Parameters: __unused
762 *
763 * Returns: ENOENT
764 *
765 * Implicit: kernel log, modified
766 *
767 * Locks: Acquires and then releases a read lock on the
768 * sysctl_geometry_lock
769 */
770STATIC int
2d21ac55 771sysctl_sysctl_debug(__unused struct sysctl_oid *oidp, __unused void *arg1,
0a7de745 772 __unused int arg2, __unused struct sysctl_req *req)
1c79356b 773{
c3c9b80d 774 lck_rw_lock_shared(&sysctl_geometry_lock);
1c79356b 775 sysctl_sysctl_debug_dump_node(&sysctl__children, 0);
c3c9b80d 776 lck_rw_done(&sysctl_geometry_lock);
1c79356b
A		 777 return ENOENT;
778}
779
0a7de745
A		 780SYSCTL_PROC(_sysctl, 0, debug, CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_LOCKED,
781 0, 0, sysctl_sysctl_debug, "-", "");
1c79356b 782
6d2010ae
A		 783/*
784 * sysctl_sysctl_name
785 *
786 * Description: Convert an OID into a string name; this is used by the user
787 * space sysctl() command line utility; this is done in a purely
788 * advisory capacity (e.g. to provide node names for "sysctl -A"
789 * output).
790 *
791 * OID: 0, 1
792 *
793 * Parameters: oidp __unused
794 * arg1 A pointer to the OID name list
795 * integer array, beginning at
796 * adjusted option base 2
797 * arg2 The number of elements which
798 * remain in the name array
799 *
800 * Returns: 0 Success
801 * SYSCTL_OUT:EPERM Permission denied
802 * SYSCTL_OUT:EFAULT Bad user supplied buffer
803 * SYSCTL_OUT:??? Return value from user function
804 * for SYSCTL_PROC leaf node
805 *
806 * Implict: Contents of user request buffer, modified
807 *
808 * Locks: Acquires and then releases a read lock on the
809 * sysctl_geometry_lock
810 *
811 * Notes: SPI (System Programming Interface); this is subject to change
812 * and may not be relied upon by third party applications; use
813 * a subprocess to communicate with the "sysctl" command line
814 * command instead, if you believe you need this functionality.
815 * Preferrably, use sysctlbyname() instead.
816 *
817 * Setting of the NULL termination of the output string is
818 * delayed until after the geometry lock is dropped. If there
819 * are no Entries remaining in the OID name list when this
820 * function is called, it will still write out the termination
821 * byte.
822 *
823 * This function differs from other sysctl functions in that
824 * it can not take an output buffer length of 0 to determine the
825 * space which will be required. It is suggested that the buffer
826 * length be PATH_MAX, and that authors of new sysctl's refrain
827 * from exceeding this string length.
828 */
829STATIC int
2d21ac55 830sysctl_sysctl_name(__unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 831 struct sysctl_req *req)
1c79356b
A		 832{
833 int *name = (int *) arg1;
834 u_int namelen = arg2;
835 int error = 0;
836 struct sysctl_oid *oid;
837 struct sysctl_oid_list *lsp = &sysctl__children, *lsp2;
d9a64523 838 char tempbuf[10] = {};
1c79356b 839
c3c9b80d 840 lck_rw_lock_shared(&sysctl_geometry_lock);
1c79356b
A		 841 while (namelen) {
842 if (!lsp) {
0a7de745
A		 843 snprintf(tempbuf, sizeof(tempbuf), "%d", *name);
844 if (req->oldidx) {
1c79356b 845 error = SYSCTL_OUT(req, ".", 1);
0a7de745
A		 846 }
847 if (!error) {
91447636 848 error = SYSCTL_OUT(req, tempbuf, strlen(tempbuf));
0a7de745 849 }
6d2010ae 850 if (error) {
c3c9b80d 851 lck_rw_done(&sysctl_geometry_lock);
0a7de745 852 return error;
6d2010ae 853 }
1c79356b
A		 854 namelen--;
855 name++;
856 continue;
857 }
858 lsp2 = 0;
c3c9b80d 859 SYSCTL_OID_FOREACH_NUM_ORDER(oid, lsp) {
0a7de745 860 if (oid->oid_number != *name) {
1c79356b 861 continue;
0a7de745 862 }
1c79356b 863
0a7de745 864 if (req->oldidx) {
1c79356b 865 error = SYSCTL_OUT(req, ".", 1);
0a7de745
A		 866 }
867 if (!error) {
1c79356b 868 error = SYSCTL_OUT(req, oid->oid_name,
0a7de745
A		 869 strlen(oid->oid_name));
870 }
6d2010ae 871 if (error) {
c3c9b80d 872 lck_rw_done(&sysctl_geometry_lock);
0a7de745 873 return error;
6d2010ae 874 }
1c79356b
A		 875
876 namelen--;
877 name++;
878
0a7de745 879 if ((oid->oid_kind & CTLTYPE) != CTLTYPE_NODE) {
1c79356b 880 break;
0a7de745 881 }
1c79356b 882
0a7de745 883 if (oid->oid_handler) {
1c79356b 884 break;
0a7de745 885 }
1c79356b
A		 886
887 lsp2 = (struct sysctl_oid_list *)oid->oid_arg1;
888 break;
889 }
890 lsp = lsp2;
891 }
c3c9b80d 892 lck_rw_done(&sysctl_geometry_lock);
0a7de745 893 return SYSCTL_OUT(req, "", 1);
1c79356b
A		 894}
895
6d2010ae 896SYSCTL_NODE(_sysctl, 1, name, CTLFLAG_RD | CTLFLAG_LOCKED, sysctl_sysctl_name, "");
1c79356b 897
6d2010ae
A		 898/*
899 * sysctl_sysctl_next_ls
900 *
901 * Description: For a given OID name value, return the next consecutive OID
902 * name value within the geometry tree
903 *
904 * Parameters: lsp The OID list to look in
905 * name The OID name to start from
906 * namelen The length of the OID name
907 * next Pointer to new oid storage to
908 * fill in
909 * len Pointer to receive new OID
910 * length value of storage written
911 * level OID tree depth (used to compute
912 * len value)
913 * oidpp Pointer to OID list entry
914 * pointer; used to walk the list
915 * forward across recursion
916 *
917 * Returns: 0 Returning a new entry
918 * 1 End of geometry list reached
919 *
920 * Implicit: *next Modified to contain the new OID
921 * *len Modified to contain new length
922 *
923 * Locks: Assumes sysctl_geometry_lock is held prior to calling
924 *
925 * Notes: This function will not return OID values that have special
926 * handlers, since we can not tell wheter these handlers consume
927 * elements from the OID space as parameters. For this reason,
928 * we STRONGLY discourage these types of handlers
929 */
930STATIC int
0a7de745
A		 931sysctl_sysctl_next_ls(struct sysctl_oid_list *lsp, int *name, u_int namelen,
932 int *next, int *len, int level, struct sysctl_oid **oidpp)
1c79356b
A		 933{
934 struct sysctl_oid *oidp;
935
936 *len = level;
c3c9b80d 937 SYSCTL_OID_FOREACH_NUM_ORDER(oidp, lsp) {
1c79356b
A		 938 *next = oidp->oid_number;
939 *oidpp = oidp;
940
941 if (!namelen) {
0a7de745 942 if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE) {
1c79356b 943 return 0;
0a7de745
A		 944 }
945 if (oidp->oid_handler) {
1c79356b
A		 946 /* We really should call the handler here...*/
947 return 0;
0a7de745 948 }
1c79356b 949 lsp = (struct sysctl_oid_list *)oidp->oid_arg1;
2d21ac55 950
0a7de745 951 if (!SLIST_FIRST(lsp)) {
2d21ac55
A		 952 /* This node had no children - skip it! */
953 continue;
0a7de745 954 }
2d21ac55 955
0a7de745
A		 956 if (!sysctl_sysctl_next_ls(lsp, 0, 0, next + 1,
957 len, level + 1, oidpp)) {
1c79356b 958 return 0;
0a7de745 959 }
1c79356b
A		 960 goto next;
961 }
962
0a7de745 963 if (oidp->oid_number < *name) {
1c79356b 964 continue;
0a7de745 965 }
1c79356b
A		 966
967 if (oidp->oid_number > *name) {
0a7de745 968 if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE) {
1c79356b 969 return 0;
0a7de745
A		 970 }
971 if (oidp->oid_handler) {
1c79356b 972 return 0;
0a7de745 973 }
1c79356b 974 lsp = (struct sysctl_oid_list *)oidp->oid_arg1;
0a7de745
A		 975 if (!sysctl_sysctl_next_ls(lsp, name + 1, namelen - 1,
976 next + 1, len, level + 1, oidpp)) {
977 return 0;
978 }
1c79356b
A		 979 goto next;
980 }
0a7de745 981 if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE) {
1c79356b 982 continue;
0a7de745 983 }
1c79356b 984
0a7de745 985 if (oidp->oid_handler) {
1c79356b 986 continue;
0a7de745 987 }
1c79356b
A		 988
989 lsp = (struct sysctl_oid_list *)oidp->oid_arg1;
0a7de745
A		 990 if (!sysctl_sysctl_next_ls(lsp, name + 1, namelen - 1, next + 1,
991 len, level + 1, oidpp)) {
992 return 0;
993 }
994next:
1c79356b
A		 995 namelen = 1;
996 *len = level;
997 }
998 return 1;
999}
1000
6d2010ae
A		 1001/*
1002 * sysctl_sysctl_next
1003 *
1004 * Description: This is an iterator function designed to iterate the oid tree
1005 * and provide a list of OIDs for use by the user space "sysctl"
1006 * command line tool
1007 *
1008 * OID: 0, 2
1009 *
1010 * Parameters: oidp __unused
1011 * arg1 Pointer to start OID name
1012 * arg2 Start OID name length
1013 * req Pointer to user request buffer
1014 *
1015 * Returns: 0 Success
1016 * ENOENT Reached end of OID space
1017 * SYSCTL_OUT:EPERM Permission denied
1018 * SYSCTL_OUT:EFAULT Bad user supplied buffer
1019 * SYSCTL_OUT:??? Return value from user function
1020 * for SYSCTL_PROC leaf node
1021 *
1022 * Implict: Contents of user request buffer, modified
1023 *
1024 * Locks: Acquires and then releases a read lock on the
1025 * sysctl_geometry_lock
1026 *
1027 * Notes: SPI (System Programming Interface); this is subject to change
1028 * and may not be relied upon by third party applications; use
1029 * a subprocess to communicate with the "sysctl" command line
1030 * command instead, if you believe you need this functionality.
1031 * Preferrably, use sysctlbyname() instead.
1032 *
1033 * This function differs from other sysctl functions in that
1034 * it can not take an output buffer length of 0 to determine the
1035 * space which will be required. It is suggested that the buffer
1036 * length be PATH_MAX, and that authors of new sysctl's refrain
1037 * from exceeding this string length.
1038 */
1039STATIC int
2d21ac55 1040sysctl_sysctl_next(__unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 1041 struct sysctl_req *req)
1c79356b
A		 1042{
1043 int *name = (int *) arg1;
1044 u_int namelen = arg2;
1045 int i, j, error;
1046 struct sysctl_oid *oid;
1047 struct sysctl_oid_list *lsp = &sysctl__children;
d9a64523 1048 int newoid[CTL_MAXNAME] = {};
1c79356b 1049
c3c9b80d 1050 lck_rw_lock_shared(&sysctl_geometry_lock);
0a7de745 1051 i = sysctl_sysctl_next_ls(lsp, name, namelen, newoid, &j, 1, &oid);
c3c9b80d 1052 lck_rw_done(&sysctl_geometry_lock);
0a7de745 1053 if (i) {
1c79356b 1054 return ENOENT;
0a7de745
A		 1055 }
1056 error = SYSCTL_OUT(req, newoid, j * sizeof(int));
1057 return error;
1c79356b
A		 1058}
1059
6d2010ae 1060SYSCTL_NODE(_sysctl, 2, next, CTLFLAG_RD | CTLFLAG_LOCKED, sysctl_sysctl_next, "");
1c79356b 1061
6d2010ae
A		 1062/*
1063 * name2oid
1064 *
1065 * Description: Support function for use by sysctl_sysctl_name2oid(); looks
1066 * up an OID name given a string name.
1067 *
1068 * Parameters: name NULL terminated string name
1069 * oid Pointer to receive OID name
1070 * len Pointer to receive OID length
1071 * pointer value (see "Notes")
1072 *
1073 * Returns: 0 Success
1074 * ENOENT Entry not found
1075 *
1076 * Implicit: *oid Modified to contain OID value
1077 * *len Modified to contain OID length
1078 *
1079 * Locks: Assumes sysctl_geometry_lock is held prior to calling
1080 */
1081STATIC int
f427ee49 1082name2oid(char *name, int *oid, size_t *len)
1c79356b 1083{
c3c9b80d 1084 struct sysctl_oid_iterator it;
1c79356b 1085 struct sysctl_oid *oidp;
1c79356b 1086 char *p;
c3c9b80d 1087 char i;
1c79356b 1088
0a7de745 1089 if (!*name) {
1c79356b 1090 return ENOENT;
0a7de745 1091 }
1c79356b 1092
0a7de745
A		 1093 p = name + strlen(name) - 1;
1094 if (*p == '.') {
1c79356b 1095 *p = '\0';
0a7de745 1096 }
1c79356b
A		 1097
1098 *len = 0;
1099
0a7de745 1100 for (p = name; *p && *p != '.'; p++) {
1c79356b 1101 ;
0a7de745 1102 }
1c79356b 1103 i = *p;
0a7de745 1104 if (i == '.') {
1c79356b 1105 *p = '\0';
0a7de745 1106 }
1c79356b 1107
c3c9b80d
A		 1108 it = sysctl_oid_iterator_begin(&sysctl__children);
1109 oidp = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1110
1111 while (oidp && *len < CTL_MAXNAME) {
1112 if (strcmp(name, oidp->oid_name)) {
c3c9b80d 1113 oidp = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1114 continue;
1115 }
1116 *oid++ = oidp->oid_number;
1117 (*len)++;
1118
f427ee49 1119 if (i == '\0') {
0a7de745 1120 return 0;
1c79356b
A		 1121 }
1122
0a7de745 1123 if ((oidp->oid_kind & CTLTYPE) != CTLTYPE_NODE) {
1c79356b 1124 break;
0a7de745 1125 }
1c79356b 1126
0a7de745 1127 if (oidp->oid_handler) {
1c79356b 1128 break;
0a7de745 1129 }
1c79356b 1130
c3c9b80d
A		 1131 it = sysctl_oid_iterator_begin(oidp->oid_arg1);
1132 oidp = sysctl_oid_iterator_next_system_order(&it);
1133
fe8ab488 1134 *p = i; /* restore */
0a7de745
A		 1135 name = p + 1;
1136 for (p = name; *p && *p != '.'; p++) {
1137 ;
1138 }
1c79356b 1139 i = *p;
0a7de745 1140 if (i == '.') {
1c79356b 1141 *p = '\0';
0a7de745 1142 }
1c79356b
A		 1143 }
1144 return ENOENT;
1145}
1146
6d2010ae
A		 1147/*
1148 * sysctl_sysctl_name2oid
1149 *
1150 * Description: Translate a string name to an OID name value; this is used by
1151 * the sysctlbyname() function as well as by the "sysctl" command
1152 * line command.
1153 *
1154 * OID: 0, 3
1155 *
1156 * Parameters: oidp __unused
1157 * arg1 __unused
1158 * arg2 __unused
1159 * req Request structure
1160 *
1161 * Returns: ENOENT Input length too short
1162 * ENAMETOOLONG Input length too long
1163 * ENOMEM Could not allocate work area
1164 * SYSCTL_IN/OUT:EPERM Permission denied
1165 * SYSCTL_IN/OUT:EFAULT Bad user supplied buffer
1166 * SYSCTL_IN/OUT:??? Return value from user function
1167 * name2oid:ENOENT Not found
1168 *
1169 * Implicit: *req Contents of request, modified
1170 *
1171 * Locks: Acquires and then releases a read lock on the
1172 * sysctl_geometry_lock
1173 *
1174 * Notes: SPI (System Programming Interface); this is subject to change
1175 * and may not be relied upon by third party applications; use
1176 * a subprocess to communicate with the "sysctl" command line
1177 * command instead, if you believe you need this functionality.
1178 * Preferrably, use sysctlbyname() instead.
1179 *
1180 * This function differs from other sysctl functions in that
1181 * it can not take an output buffer length of 0 to determine the
1182 * space which will be required. It is suggested that the buffer
1183 * length be PATH_MAX, and that authors of new sysctl's refrain
1184 * from exceeding this string length.
1185 */
1186STATIC int
2d21ac55 1187sysctl_sysctl_name2oid(__unused struct sysctl_oid *oidp, __unused void *arg1,
0a7de745 1188 __unused int arg2, struct sysctl_req *req)
1c79356b
A		 1189{
1190 char *p;
d9a64523 1191 int error, oid[CTL_MAXNAME] = {};
f427ee49 1192 size_t len = 0; /* set by name2oid() */
1c79356b 1193
0a7de745 1194 if (req->newlen < 1) {
1c79356b 1195 return ENOENT;
0a7de745
A		 1196 }
1197 if (req->newlen >= MAXPATHLEN) { /* XXX arbitrary, undocumented */
1198 return ENAMETOOLONG;
1199 }
1c79356b 1200
c3c9b80d 1201 p = kheap_alloc(KHEAP_TEMP, req->newlen + 1, Z_WAITOK);
0a7de745
A		 1202 if (!p) {
1203 return ENOMEM;
1204 }
1c79356b
A		 1205
1206 error = SYSCTL_IN(req, p, req->newlen);
1207 if (error) {
c3c9b80d 1208 kheap_free(KHEAP_TEMP, p, req->newlen + 1);
0a7de745 1209 return error;
1c79356b
A		 1210 }
1211
0a7de745 1212 p[req->newlen] = '\0';
1c79356b 1213
6d2010ae
A		 1214 /*
1215 * Note: We acquire and release the geometry lock here to
1216 * avoid making name2oid needlessly complex.
1217 */
c3c9b80d 1218 lck_rw_lock_shared(&sysctl_geometry_lock);
6d2010ae 1219 error = name2oid(p, oid, &len);
c3c9b80d 1220 lck_rw_done(&sysctl_geometry_lock);
1c79356b 1221
c3c9b80d 1222 kheap_free(KHEAP_TEMP, p, req->newlen + 1);
1c79356b 1223
0a7de745
A		 1224 if (error) {
1225 return error;
1226 }
1c79356b
A		 1227
1228 error = SYSCTL_OUT(req, oid, len * sizeof *oid);
0a7de745 1229 return error;
1c79356b
A		 1230}
1231
0a7de745
A		 1232SYSCTL_PROC(_sysctl, 3, name2oid, CTLFLAG_RW | CTLFLAG_ANYBODY | CTLFLAG_KERN | CTLFLAG_LOCKED, 0, 0,
1233 sysctl_sysctl_name2oid, "I", "");
1c79356b 1234
6d2010ae
A		 1235/*
1236 * sysctl_sysctl_oidfmt
1237 *
1238 * Description: For a given OID name, determine the format of the data which
1239 * is associated with it. This is used by the "sysctl" command
1240 * line command.
1241 *
1242 * OID: 0, 4
1243 *
1244 * Parameters: oidp __unused
1245 * arg1 The OID name to look up
1246 * arg2 The length of the OID name
1247 * req Pointer to user request buffer
1248 *
1249 * Returns: 0 Success
1250 * EISDIR Malformed request
1251 * ENOENT No such OID name
1252 * SYSCTL_OUT:EPERM Permission denied
1253 * SYSCTL_OUT:EFAULT Bad user supplied buffer
1254 * SYSCTL_OUT:??? Return value from user function
1255 *
1256 * Implict: Contents of user request buffer, modified
1257 *
1258 * Locks: Acquires and then releases a read lock on the
1259 * sysctl_geometry_lock
1260 *
1261 * Notes: SPI (System Programming Interface); this is subject to change
1262 * and may not be relied upon by third party applications; use
1263 * a subprocess to communicate with the "sysctl" command line
1264 * command instead, if you believe you need this functionality.
1265 *
1266 * This function differs from other sysctl functions in that
1267 * it can not take an output buffer length of 0 to determine the
1268 * space which will be required. It is suggested that the buffer
1269 * length be PATH_MAX, and that authors of new sysctl's refrain
1270 * from exceeding this string length.
1271 */
1272STATIC int
2d21ac55 1273sysctl_sysctl_oidfmt(__unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 1274 struct sysctl_req *req)
1c79356b 1275{
6d2010ae 1276 int *name = (int *) arg1;
0a7de745 1277 int error = ENOENT; /* default error: not found */
1c79356b 1278 u_int namelen = arg2;
2d21ac55 1279 u_int indx;
c3c9b80d 1280 struct sysctl_oid_iterator it;
1c79356b 1281 struct sysctl_oid *oid;
1c79356b 1282
c3c9b80d
A		 1283 lck_rw_lock_shared(&sysctl_geometry_lock);
1284
1285 it = sysctl_oid_iterator_begin(&sysctl__children);
1286 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1287
1288 indx = 0;
1289 while (oid && indx < CTL_MAXNAME) {
1290 if (oid->oid_number == name[indx]) {
1291 indx++;
1292 if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
0a7de745 1293 if (oid->oid_handler) {
1c79356b 1294 goto found;
0a7de745
A		 1295 }
1296 if (indx == namelen) {
1c79356b 1297 goto found;
0a7de745 1298 }
c3c9b80d
A		 1299 it = sysctl_oid_iterator_begin(oid->oid_arg1);
1300 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b 1301 } else {
6d2010ae
A		 1302 if (indx != namelen) {
1303 error = EISDIR;
1304 goto err;
1305 }
1c79356b
A		 1306 goto found;
1307 }
1308 } else {
c3c9b80d 1309 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1310 }
1311 }
6d2010ae
A		 1312 /* Not found */
1313 goto err;
1314
1c79356b 1315found:
0a7de745 1316 if (!oid->oid_fmt) {
6d2010ae 1317 goto err;
0a7de745
A		 1318 }
1319 error = SYSCTL_OUT(req,
1320 &oid->oid_kind, sizeof(oid->oid_kind));
1321 if (!error) {
1322 error = SYSCTL_OUT(req, oid->oid_fmt,
1323 strlen(oid->oid_fmt) + 1);
1324 }
6d2010ae 1325err:
c3c9b80d 1326 lck_rw_done(&sysctl_geometry_lock);
0a7de745 1327 return error;
1c79356b
A		 1328}
1329
6d2010ae 1330SYSCTL_NODE(_sysctl, 4, oidfmt, CTLFLAG_RD | CTLFLAG_LOCKED, sysctl_sysctl_oidfmt, "");
1c79356b 1331
1c79356b
A		 1332
1333/*
1334 * Default "handler" functions.
1335 */
1336
1337/*
1338 * Handle an int, signed or unsigned.
1339 * Two cases:
1340 * a variable: point arg1 at it.
1341 * a constant: pass it in arg2.
1342 */
1343
1344int
2d21ac55 1345sysctl_handle_int(__unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 1346 struct sysctl_req *req)
1c79356b 1347{
2d21ac55 1348 return sysctl_io_number(req, arg1? *(int*)arg1: arg2, sizeof(int), arg1, NULL);
1c79356b
A		 1349}
1350
1351/*
1352 * Handle a long, signed or unsigned. arg1 points to it.
1353 */
1354
1355int
2d21ac55 1356sysctl_handle_long(__unused struct sysctl_oid *oidp, void *arg1,
0a7de745 1357 __unused int arg2, struct sysctl_req *req)
1c79356b 1358{
0a7de745
A		 1359 if (!arg1) {
1360 return EINVAL;
1361 }
2d21ac55 1362 return sysctl_io_number(req, *(long*)arg1, sizeof(long), arg1, NULL);
1c79356b
A		 1363}
1364
43866e37
A		 1365/*
1366 * Handle a quad, signed or unsigned. arg1 points to it.
1367 */
1368
1369int
2d21ac55 1370sysctl_handle_quad(__unused struct sysctl_oid *oidp, void *arg1,
0a7de745 1371 __unused int arg2, struct sysctl_req *req)
43866e37 1372{
0a7de745
A		 1373 if (!arg1) {
1374 return EINVAL;
1375 }
2d21ac55 1376 return sysctl_io_number(req, *(long long*)arg1, sizeof(long long), arg1, NULL);
43866e37
A		 1377}
1378
1379/*
1380 * Expose an int value as a quad.
1381 *
1382 * This interface allows us to support interfaces defined
1383 * as using quad values while the implementation is still
1384 * using ints.
1385 */
1386int
2d21ac55 1387sysctl_handle_int2quad(__unused struct sysctl_oid *oidp, void *arg1,
0a7de745 1388 __unused int arg2, struct sysctl_req *req)
43866e37
A		 1389{
1390 int error = 0;
1391 long long val;
1392 int newval;
1393
0a7de745
A		 1394 if (!arg1) {
1395 return EINVAL;
1396 }
43866e37
A		 1397 val = (long long)*(int *)arg1;
1398 error = SYSCTL_OUT(req, &val, sizeof(long long));
1399
0a7de745
A		 1400 if (error || !req->newptr) {
1401 return error;
1402 }
43866e37
A		 1403
1404 error = SYSCTL_IN(req, &val, sizeof(long long));
1405 if (!error) {
1406 /*
1407 * Value must be representable; check by
1408 * casting and then casting back.
1409 */
1410 newval = (int)val;
1411 if ((long long)newval != val) {
1412 error = ERANGE;
1413 } else {
1414 *(int *)arg1 = newval;
1415 }
1416 }
0a7de745 1417 return error;
43866e37
A		 1418}
1419
1c79356b
A		 1420/*
1421 * Handle our generic '\0' terminated 'C' string.
1422 * Two cases:
0a7de745
A		 1423 * a variable string: point arg1 at it, arg2 is max length.
1424 * a constant string: point arg1 at it, arg2 is zero.
1c79356b
A		 1425 */
1426
1427int
2d21ac55 1428sysctl_handle_string( __unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 1429 struct sysctl_req *req)
1c79356b 1430{
2d21ac55 1431 return sysctl_io_string(req, arg1, arg2, 0, NULL);
1c79356b
A		 1432}
1433
1434/*
1435 * Handle any kind of opaque data.
1436 * arg1 points to it, arg2 is the size.
1437 */
1438
1439int
2d21ac55 1440sysctl_handle_opaque(__unused struct sysctl_oid *oidp, void *arg1, int arg2,
0a7de745 1441 struct sysctl_req *req)
1c79356b 1442{
2d21ac55 1443 return sysctl_io_opaque(req, arg1, arg2, NULL);
1c79356b
A		 1444}
1445
1446/*
1447 * Transfer functions to/from kernel space.
1c79356b 1448 */
6d2010ae 1449STATIC int
1c79356b
A		 1450sysctl_old_kernel(struct sysctl_req *req, const void *p, size_t l)
1451{
1452 size_t i = 0;
1c79356b
A		 1453
1454 if (req->oldptr) {
1455 i = l;
0a7de745 1456 if (i > req->oldlen - req->oldidx) {
1c79356b 1457 i = req->oldlen - req->oldidx;
0a7de745
A		 1458 }
1459 if (i > 0) {
2d21ac55 1460 bcopy((const void*)p, CAST_DOWN(char *, (req->oldptr + req->oldidx)), i);
0a7de745 1461 }
1c79356b
A		 1462 }
1463 req->oldidx += l;
0a7de745
A		 1464 if (req->oldptr && i != l) {
1465 return ENOMEM;
1466 }
1467 return 0;
1c79356b
A		 1468}
1469
6d2010ae 1470STATIC int
1c79356b
A		 1471sysctl_new_kernel(struct sysctl_req *req, void *p, size_t l)
1472{
0a7de745 1473 if (!req->newptr) {
1c79356b 1474 return 0;
0a7de745
A		 1475 }
1476 if (req->newlen - req->newidx < l) {
1477 return EINVAL;
1478 }
91447636 1479 bcopy(CAST_DOWN(char *, (req->newptr + req->newidx)), p, l);
1c79356b 1480 req->newidx += l;
0a7de745 1481 return 0;
1c79356b
A		 1482}
1483
1484int
f427ee49 1485kernel_sysctl(struct proc *p, int *name, size_t namelen, void *old, size_t *oldlenp, void *new, size_t newlen)
1c79356b
A		 1486{
1487 int error = 0;
1488 struct sysctl_req req;
1489
43866e37
A		 1490 /*
1491 * Construct request.
1492 */
1c79356b 1493 bzero(&req, sizeof req);
1c79356b 1494 req.p = p;
0a7de745 1495 if (oldlenp) {
1c79356b 1496 req.oldlen = *oldlenp;
0a7de745
A		 1497 }
1498 if (old) {
91447636 1499 req.oldptr = CAST_USER_ADDR_T(old);
0a7de745 1500 }
1c79356b
A		 1501 if (newlen) {
1502 req.newlen = newlen;
91447636 1503 req.newptr = CAST_USER_ADDR_T(new);
1c79356b 1504 }
1c79356b
A		 1505 req.oldfunc = sysctl_old_kernel;
1506 req.newfunc = sysctl_new_kernel;
1507 req.lock = 1;
1508
43866e37 1509 /* make the request */
fe8ab488 1510 error = sysctl_root(TRUE, FALSE, NULL, 0, name, namelen, &req);
1c79356b 1511
0a7de745
A		 1512 if (error && error != ENOMEM) {
1513 return error;
1514 }
1c79356b 1515
0a7de745 1516 if (oldlenp) {
43866e37 1517 *oldlenp = req.oldidx;
0a7de745 1518 }
43866e37 1519
0a7de745 1520 return error;
1c79356b
A		 1521}
1522
1523/*
1524 * Transfer function to/from user space.
1525 */
6d2010ae 1526STATIC int
1c79356b
A		 1527sysctl_old_user(struct sysctl_req *req, const void *p, size_t l)
1528{
1529 int error = 0;
1530 size_t i = 0;
1531
1532 if (req->oldptr) {
0a7de745
A		 1533 if (req->oldlen - req->oldidx < l) {
1534 return ENOMEM;
1535 }
1c79356b 1536 i = l;
0a7de745 1537 if (i > req->oldlen - req->oldidx) {
1c79356b 1538 i = req->oldlen - req->oldidx;
0a7de745
A		 1539 }
1540 if (i > 0) {
2d21ac55 1541 error = copyout((const void*)p, (req->oldptr + req->oldidx), i);
0a7de745 1542 }
1c79356b
A		 1543 }
1544 req->oldidx += l;
0a7de745
A		 1545 if (error) {
1546 return error;
1547 }
1548 if (req->oldptr && i < l) {
1549 return ENOMEM;
1550 }
1551 return 0;
1c79356b
A		 1552}
1553
6d2010ae 1554STATIC int
1c79356b
A		 1555sysctl_new_user(struct sysctl_req *req, void *p, size_t l)
1556{
1557 int error;
1558
0a7de745 1559 if (!req->newptr) {
1c79356b 1560 return 0;
0a7de745
A		 1561 }
1562 if (req->newlen - req->newidx < l) {
1563 return EINVAL;
1564 }
91447636 1565 error = copyin((req->newptr + req->newidx), p, l);
1c79356b 1566 req->newidx += l;
0a7de745 1567 return error;
1c79356b
A		 1568}
1569
c3c9b80d
A		 1570#define WRITE_EXPERIMENT_FACTORS_ENTITLEMENT "com.apple.private.write-kr-experiment-factors"
1571/*
1572 * Is the current task allowed to write to experiment factors?
1573 * tasks with the WRITE_EXPERIMENT_FACTORS_ENTITLEMENT are always allowed to write these.
1574 * In the development / debug kernel we also allow root to write them.
1575 */
1576STATIC bool
1577can_write_experiment_factors(__unused struct sysctl_req *req)
1578{
1579 if (IOTaskHasEntitlement(current_task(), WRITE_EXPERIMENT_FACTORS_ENTITLEMENT)) {
1580 return true;
1581 }
1582#if DEBUG || DEVELOPMENT
1583 return !proc_suser(req->p);
1584#else
1585 return false;
1586#endif /* DEBUG || DEVELOPMENT */
1587}
1588
1c79356b
A		 1589/*
1590 * Traverse our tree, and find the right node, execute whatever it points
1591 * at, and return the resulting error code.
1592 */
1593
1594int
c3c9b80d
A		 1595sysctl_root(boolean_t from_kernel, boolean_t string_is_canonical,
1596 char *namestring, size_t namestringlen,
1597 int *name, size_t namelen, struct sysctl_req *req)
1c79356b 1598{
2d21ac55
A		 1599 u_int indx;
1600 int i;
c3c9b80d 1601 struct sysctl_oid_iterator it;
1c79356b 1602 struct sysctl_oid *oid;
d9a64523 1603 sysctl_handler_t oid_handler = NULL;
1c79356b 1604 int error;
fe8ab488
A		 1605 boolean_t unlocked_node_found = FALSE;
1606 boolean_t namestring_started = FALSE;
2d21ac55
A		 1607
1608 /* Get the read lock on the geometry */
c3c9b80d 1609 lck_rw_lock_shared(&sysctl_geometry_lock);
1c79356b 1610
fe8ab488
A		 1611 if (string_is_canonical) {
1612 /* namestring is actually canonical, name/namelen needs to be populated */
1613 error = name2oid(namestring, name, &namelen);
1614 if (error) {
1615 goto err;
1616 }
1617 }
0a7de745 1618
c3c9b80d
A		 1619 it = sysctl_oid_iterator_begin(&sysctl__children);
1620 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1621
1622 indx = 0;
1623 while (oid && indx < CTL_MAXNAME) {
1624 if (oid->oid_number == name[indx]) {
fe8ab488
A		 1625 if (!from_kernel && !string_is_canonical) {
1626 if (namestring_started) {
1627 if (strlcat(namestring, ".", namestringlen) >= namestringlen) {
1628 error = ENAMETOOLONG;
1629 goto err;
1630 }
1631 }
1632
1633 if (strlcat(namestring, oid->oid_name, namestringlen) >= namestringlen) {
1634 error = ENAMETOOLONG;
1635 goto err;
1636 }
1637 namestring_started = TRUE;
1638 }
0a7de745 1639
1c79356b 1640 indx++;
0a7de745 1641 if (!(oid->oid_kind & CTLFLAG_LOCKED)) {
fe8ab488 1642 unlocked_node_found = TRUE;
2d21ac55 1643 }
0a7de745 1644 if (oid->oid_kind & CTLFLAG_NOLOCK) {
1c79356b 1645 req->lock = 0;
0a7de745 1646 }
6d2010ae
A		 1647 /*
1648 * For SYSCTL_PROC() functions which are for sysctl's
1649 * which have parameters at the end of their OID
1650 * space, you need to OR CTLTYPE_NODE into their
1651 * access value.
1652 *
1653 * NOTE: For binary backward compatibility ONLY! Do
1654 * NOT add new sysctl's that do this! Existing
1655 * sysctl's which do this will eventually have
1656 * compatibility code in user space, and this method
1657 * will become unsupported.
1658 */
1c79356b 1659 if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
0a7de745 1660 if (oid->oid_handler) {
1c79356b 1661 goto found;
0a7de745
A		 1662 }
1663 if (indx == namelen) {
2d21ac55
A		 1664 error = ENOENT;
1665 goto err;
1666 }
1667
c3c9b80d
A		 1668 it = sysctl_oid_iterator_begin(oid->oid_arg1);
1669 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b 1670 } else {
0a7de745 1671 if (indx != namelen) {
2d21ac55
A		 1672 error = EISDIR;
1673 goto err;
1674 }
1c79356b
A		 1675 goto found;
1676 }
1677 } else {
c3c9b80d 1678 oid = sysctl_oid_iterator_next_system_order(&it);
1c79356b
A		 1679 }
1680 }
2d21ac55
A		 1681 error = ENOENT;
1682 goto err;
1c79356b 1683found:
0a7de745 1684
fe8ab488
A		 1685 /*
1686 * indx is the index of the first remaining OID name,
1687 * for sysctls that take them as arguments
1688 */
1689 if (!from_kernel && !string_is_canonical && (indx < namelen)) {
1690 char tempbuf[10];
1691 u_int indx2;
0a7de745 1692
fe8ab488 1693 for (indx2 = indx; indx2 < namelen; indx2++) {
0a7de745
A		 1694 snprintf(tempbuf, sizeof(tempbuf), "%d", name[indx2]);
1695
fe8ab488
A		 1696 if (namestring_started) {
1697 if (strlcat(namestring, ".", namestringlen) >= namestringlen) {
1698 error = ENAMETOOLONG;
1699 goto err;
1700 }
1701 }
0a7de745 1702
fe8ab488
A		 1703 if (strlcat(namestring, tempbuf, namestringlen) >= namestringlen) {
1704 error = ENAMETOOLONG;
1705 goto err;
1706 }
1707 namestring_started = TRUE;
1708 }
1709 }
0a7de745 1710
1c79356b
A		 1711 /* If writing isn't allowed */
1712 if (req->newptr && (!(oid->oid_kind & CTLFLAG_WR) ||
0a7de745 1713 ((oid->oid_kind & CTLFLAG_SECURE) && securelevel > 0))) {
2d21ac55
A		 1714 error = (EPERM);
1715 goto err;
1c79356b
A		 1716 }
1717
43866e37
A		 1718 /*
1719 * If we're inside the kernel, the OID must be marked as kernel-valid.
43866e37 1720 */
0a7de745 1721 if (from_kernel && !(oid->oid_kind & CTLFLAG_KERN)) {
2d21ac55
A		 1722 error = (EPERM);
1723 goto err;
1724 }
43866e37 1725
c3c9b80d
A		 1726 if (req->newptr && req->p) {
1727 if (oid->oid_kind & CTLFLAG_EXPERIMENT) {
1728 /*
1729 * Experiment factors have different permissions since they need to be
1730 * writable by procs with WRITE_EXPERIMENT_FACTORS_ENTITLEMENT.
1731 */
1732 if (!can_write_experiment_factors(req)) {
1733 error = (EPERM);
1734 goto err;
1735 }
1736 } else {
1737 /*
1738 * This is where legacy enforcement of permissions occurs. If the
1739 * flag does not say CTLFLAG_ANYBODY, then we prohibit anyone but
1740 * root from writing new values down. If local enforcement happens
1741 * at the leaf node, then it needs to be set as CTLFLAG_ANYBODY. In
1742 * addition, if the leaf node is set this way, then in order to do
1743 * specific enforcement, it has to be of type SYSCTL_PROC.
1744 */
1745 if (!(oid->oid_kind & CTLFLAG_ANYBODY) &&
1746 (error = proc_suser(req->p))) {
1747 goto err;
1748 }
1749 }
0a7de745 1750 }
1c79356b 1751
d9a64523
A		 1752 /*
1753 * sysctl_unregister_oid() may change the handler value, so grab it
1754 * under the lock.
1755 */
1756 oid_handler = oid->oid_handler;
1757 if (!oid_handler) {
0a7de745 1758 error = EINVAL;
2d21ac55 1759 goto err;
1c79356b
A		 1760 }
1761
6d2010ae
A		 1762 /*
1763 * Reference the OID and drop the geometry lock; this prevents the
1764 * OID from being deleted out from under the handler call, but does
1765 * not prevent other calls into handlers or calls to manage the
1766 * geometry elsewhere from blocking...
1767 */
c3c9b80d
A		 1768 if ((oid->oid_kind & CTLFLAG_PERMANENT) == 0) {
1769 OSAddAtomic(1, &oid->oid_refcnt);
1770 }
6d2010ae 1771
c3c9b80d 1772 lck_rw_done(&sysctl_geometry_lock);
6d2010ae 1773
fe8ab488
A		 1774#if CONFIG_MACF
1775 if (!from_kernel) {
1776 error = mac_system_check_sysctlbyname(kauth_cred_get(),
0a7de745
A		 1777 namestring,
1778 name,
1779 namelen,
1780 req->oldptr,
1781 req->oldlen,
1782 req->newptr,
1783 req->newlen);
1784 if (error) {
fe8ab488 1785 goto dropref;
0a7de745 1786 }
fe8ab488
A		 1787 }
1788#endif
0a7de745 1789
6d2010ae 1790 /*
fe8ab488
A		 1791 * ...however, we still have to grab the mutex for those calls which
1792 * may be into code whose reentrancy is protected by it.
6d2010ae 1793 */
0a7de745 1794 if (unlocked_node_found) {
c3c9b80d 1795 lck_mtx_lock(&sysctl_unlocked_node_lock);
2d21ac55 1796 }
1c79356b 1797
cb323159
A		 1798#if defined(HAS_APPLE_PAC)
1799 /*
1800 * oid_handler is signed address-discriminated by sysctl_register_oid().
1801 */
f427ee49 1802 oid_handler = ptrauth_auth_and_resign(oid_handler,
cb323159
A		 1803 ptrauth_key_function_pointer,
1804 ptrauth_blend_discriminator(&oid->oid_handler,
f427ee49
A		 1805 os_hash_kernel_pointer(oid->oid_arg1)),
1806 ptrauth_key_function_pointer,
1807 ptrauth_function_pointer_type_discriminator(typeof(oid_handler)));
cb323159 1808#endif /* defined(HAS_APPLE_PAC) */
d9a64523 1809
1c79356b 1810 if ((oid->oid_kind & CTLTYPE) == CTLTYPE_NODE) {
f427ee49 1811 i = oid_handler(oid, name + indx, (int)(namelen - indx), req);
1c79356b 1812 } else {
d9a64523 1813 i = oid_handler(oid, oid->oid_arg1, oid->oid_arg2, req);
1c79356b 1814 }
2d21ac55
A		 1815 error = i;
1816
0a7de745 1817 if (unlocked_node_found) {
c3c9b80d 1818 lck_mtx_unlock(&sysctl_unlocked_node_lock);
2d21ac55 1819 }
1c79356b 1820
fe8ab488
A		 1821#if CONFIG_MACF
1822 /* only used from another CONFIG_MACF block */
1823dropref:
1824#endif
1825
6d2010ae
A		 1826 /*
1827 * This is tricky... we re-grab the geometry lock in order to drop
1828 * the reference and wake on the address; since the geometry
1829 * lock is a reader/writer lock rather than a mutex, we have to
1830 * wake on all apparent 1->0 transitions. This abuses the drop
1831 * after the reference decrement in order to wake any lck_rw_sleep()
1832 * in progress in sysctl_unregister_oid() that slept because of a
1833 * non-zero reference count.
1834 *
1835 * Note: OSAddAtomic() is defined to return the previous value;
1836 * we use this and the fact that the lock itself is a
1837 * barrier to avoid waking every time through on "hot"
1838 * OIDs.
1839 */
c3c9b80d
A		 1840 lck_rw_lock_shared(&sysctl_geometry_lock);
1841
1842 if ((oid->oid_kind & CTLFLAG_PERMANENT) == 0) {
1843 if (OSAddAtomic(-1, &oid->oid_refcnt) == 1) {
1844 wakeup(&oid->oid_refcnt);
1845 }
0a7de745 1846 }
6d2010ae 1847
2d21ac55 1848err:
c3c9b80d 1849 lck_rw_done(&sysctl_geometry_lock);
0a7de745 1850 return error;
1c79356b
A		 1851}
1852
0a7de745
A		 1853void
1854sysctl_create_user_req(struct sysctl_req *req, struct proc *p, user_addr_t oldp,
1855 size_t oldlen, user_addr_t newp, size_t newlen)
fe8ab488
A		 1856{
1857 bzero(req, sizeof(*req));
0a7de745 1858
fe8ab488 1859 req->p = p;
0a7de745 1860
fe8ab488
A		 1861 req->oldlen = oldlen;
1862 req->oldptr = oldp;
0a7de745 1863
fe8ab488
A		 1864 if (newlen) {
1865 req->newlen = newlen;
1866 req->newptr = newp;
1867 }
0a7de745 1868
fe8ab488
A		 1869 req->oldfunc = sysctl_old_user;
1870 req->newfunc = sysctl_new_user;
1871 req->lock = 1;
1872
1873 return;
1874}
1c79356b
A		 1875
1876int
fe8ab488 1877sysctl(proc_t p, struct sysctl_args *uap, __unused int32_t *retval)
1c79356b 1878{
cb323159 1879 int error, new_error;
fe8ab488
A		 1880 size_t oldlen = 0, newlen;
1881 int name[CTL_MAXNAME];
1882 struct sysctl_req req;
1883 char *namestring;
1884 size_t namestringlen = MAXPATHLEN;
0a7de745 1885
fe8ab488
A		 1886 /*
1887 * all top-level sysctl names are non-terminal
1888 */
0a7de745
A		 1889 if (uap->namelen > CTL_MAXNAME || uap->namelen < 2) {
1890 return EINVAL;
1891 }
fe8ab488 1892 error = copyin(uap->name, &name[0], uap->namelen * sizeof(int));
0a7de745
A		 1893 if (error) {
1894 return error;
1895 }
1896
fe8ab488 1897 AUDIT_ARG(ctlname, name, uap->namelen);
0a7de745
A		 1898
1899 if (uap->newlen > SIZE_T_MAX) {
1900 return EINVAL;
1901 }
fe8ab488 1902 newlen = (size_t)uap->newlen;
0a7de745 1903
fe8ab488 1904 if (uap->oldlenp != USER_ADDR_NULL) {
0a7de745 1905 uint64_t oldlen64 = fuulong(uap->oldlenp);
fe8ab488
A		 1906
1907 /*
1908 * If more than 4G, clamp to 4G
1909 */
0a7de745 1910 if (oldlen64 > SIZE_T_MAX) {
fe8ab488 1911 oldlen = SIZE_T_MAX;
0a7de745 1912 } else {
fe8ab488 1913 oldlen = (size_t)oldlen64;
0a7de745 1914 }
fe8ab488 1915 }
0a7de745 1916
fe8ab488
A		 1917 sysctl_create_user_req(&req, p, uap->old, oldlen, uap->new, newlen);
1918
1919 /* Guess that longest length for the passed-in MIB, if we can be more aggressive than MAXPATHLEN */
1920 if (uap->namelen == 2) {
1921 if (name[0] == CTL_KERN && name[1] < KERN_MAXID) {
1922 namestringlen = 32; /* "kern.speculative_reads_disabled" */
1923 } else if (name[0] == CTL_HW && name[1] < HW_MAXID) {
1924 namestringlen = 32; /* "hw.cachelinesize_compat" */
1925 }
0a7de745 1926 }
fe8ab488 1927
c3c9b80d 1928 namestring = kheap_alloc(KHEAP_TEMP, namestringlen, Z_WAITOK);
fe8ab488 1929 if (!namestring) {
0a7de745
A		 1930 oldlen = 0;
1931 goto err;
fe8ab488 1932 }
1c79356b 1933
fe8ab488 1934 error = userland_sysctl(FALSE, namestring, namestringlen, name, uap->namelen, &req, &oldlen);
0a7de745 1935
c3c9b80d 1936 kheap_free(KHEAP_TEMP, namestring, namestringlen);
0a7de745
A		 1937
1938 if ((error) && (error != ENOMEM)) {
1939 return error;
1940 }
1941
fe8ab488 1942err:
0a7de745 1943 if (uap->oldlenp != USER_ADDR_NULL) {
cb323159
A		 1944 /*
1945 * Only overwrite the old error value on a new error
1946 */
1947 new_error = suulong(uap->oldlenp, oldlen);
1948
1949 if (new_error) {
1950 error = new_error;
1951 }
0a7de745
A		 1952 }
1953
1954 return error;
fe8ab488 1955}
1c79356b 1956
cb323159
A		 1957// sysctlbyname is also exported as KPI to kexts
1958// and the syscall name cannot conflict with it
fe8ab488 1959int
cb323159 1960sys_sysctlbyname(proc_t p, struct sysctlbyname_args *uap, __unused int32_t *retval)
fe8ab488 1961{
cb323159 1962 int error, new_error;
fe8ab488
A		 1963 size_t oldlen = 0, newlen;
1964 char *name;
1965 size_t namelen = 0;
1966 struct sysctl_req req;
1967 int oid[CTL_MAXNAME];
1968
0a7de745
A		 1969 if (uap->namelen >= MAXPATHLEN) { /* XXX arbitrary, undocumented */
1970 return ENAMETOOLONG;
1971 }
fe8ab488 1972 namelen = (size_t)uap->namelen;
0a7de745 1973
c3c9b80d 1974 name = kheap_alloc(KHEAP_TEMP, namelen + 1, Z_WAITOK);
0a7de745
A		 1975 if (!name) {
1976 return ENOMEM;
1977 }
fe8ab488
A		 1978
1979 error = copyin(uap->name, name, namelen);
1980 if (error) {
c3c9b80d 1981 kheap_free(KHEAP_TEMP, name, namelen + 1);
0a7de745 1982 return error;
1c79356b 1983 }
fe8ab488
A		 1984 name[namelen] = '\0';
1985
1986 /* XXX
1987 * AUDIT_ARG(ctlname, name, uap->namelen);
1988 */
0a7de745 1989
fe8ab488 1990 if (uap->newlen > SIZE_T_MAX) {
c3c9b80d 1991 kheap_free(KHEAP_TEMP, name, namelen + 1);
0a7de745 1992 return EINVAL;
fe8ab488
A		 1993 }
1994 newlen = (size_t)uap->newlen;
0a7de745 1995
fe8ab488 1996 if (uap->oldlenp != USER_ADDR_NULL) {
0a7de745
A		 1997 uint64_t oldlen64 = fuulong(uap->oldlenp);
1998
fe8ab488
A		 1999 /*
2000 * If more than 4G, clamp to 4G
2001 */
0a7de745 2002 if (oldlen64 > SIZE_T_MAX) {
fe8ab488 2003 oldlen = SIZE_T_MAX;
0a7de745 2004 } else {
fe8ab488 2005 oldlen = (size_t)oldlen64;
0a7de745 2006 }
fe8ab488 2007 }
0a7de745 2008
fe8ab488
A		 2009 sysctl_create_user_req(&req, p, uap->old, oldlen, uap->new, newlen);
2010
0a7de745
A		 2011 error = userland_sysctl(TRUE, name, namelen + 1, oid, CTL_MAXNAME, &req, &oldlen);
2012
c3c9b80d 2013 kheap_free(KHEAP_TEMP, name, namelen + 1);
fe8ab488 2014
0a7de745
A		 2015 if ((error) && (error != ENOMEM)) {
2016 return error;
2017 }
2018
2019 if (uap->oldlenp != USER_ADDR_NULL) {
cb323159
A		 2020 /*
2021 * Only overwrite the old error value on a new error
2022 */
2023 new_error = suulong(uap->oldlenp, oldlen);
2024
2025 if (new_error) {
2026 error = new_error;
2027 }
0a7de745
A		 2028 }
2029
2030 return error;
1c79356b
A		 2031}
2032
2033/*
2034 * This is used from various compatibility syscalls too. That's why name
2035 * must be in kernel space.
2036 */
2037int
fe8ab488 2038userland_sysctl(boolean_t string_is_canonical,
0a7de745
A		 2039 char *namestring, size_t namestringlen,
2040 int *name, u_int namelen, struct sysctl_req *req,
2041 size_t *retval)
1c79356b
A		 2042{
2043 int error = 0;
fe8ab488 2044 struct sysctl_req req2;
1c79356b
A		 2045
2046 do {
0a7de745
A		 2047 /* if EAGAIN, reset output cursor */
2048 req2 = *req;
2049 if (!string_is_canonical) {
2050 namestring[0] = '\0';
2051 }
1c79356b 2052
0a7de745 2053 error = sysctl_root(FALSE, string_is_canonical, namestring, namestringlen, name, namelen, &req2);
fe8ab488 2054 } while (error == EAGAIN);
1c79356b 2055
0a7de745
A		 2056 if (error && error != ENOMEM) {
2057 return error;
2058 }
1c79356b
A		 2059
2060 if (retval) {
0a7de745 2061 if (req2.oldptr && req2.oldidx > req2.oldlen) {
fe8ab488 2062 *retval = req2.oldlen;
0a7de745 2063 } else {
fe8ab488 2064 *retval = req2.oldidx;
0a7de745 2065 }
1c79356b 2066 }
0a7de745 2067 return error;
1c79356b 2068}
1c79356b
A		 2069
2070/*
43866e37
A		 2071 * Kernel versions of the userland sysctl helper functions.
2072 *
2073 * These allow sysctl to be used in the same fashion in both
2074 * userland and the kernel.
2075 *
2076 * Note that some sysctl handlers use copyin/copyout, which
2077 * may not work correctly.
fe8ab488
A		 2078 *
2079 * The "sysctlbyname" KPI for use by kexts is aliased to this function.
de355530 2080 */
1c79356b 2081
43866e37 2082int
fe8ab488 2083kernel_sysctlbyname(const char *name, void *oldp, size_t *oldlenp, void *newp, size_t newlen)
43866e37 2084{
fe8ab488
A		 2085 int oid[CTL_MAXNAME];
2086 int name2mib_oid[2];
43866e37
A		 2087 int error;
2088 size_t oidlen;
de355530 2089
fe8ab488
A		 2090 /* look up the OID with magic service node */
2091 name2mib_oid[0] = 0;
2092 name2mib_oid[1] = 3;
de355530 2093
fe8ab488 2094 oidlen = sizeof(oid);
3e170ce0 2095 error = kernel_sysctl(current_proc(), name2mib_oid, 2, oid, &oidlen, __DECONST(void *, name), strlen(name));
fe8ab488 2096 oidlen /= sizeof(int);
f427ee49
A		 2097 if (oidlen > UINT_MAX) {
2098 error = EDOM;
2099 }
0a7de745 2100
43866e37 2101 /* now use the OID */
0a7de745 2102 if (error == 0) {
f427ee49 2103 error = kernel_sysctl(current_proc(), oid, (u_int)oidlen, oldp, oldlenp, newp, newlen);
0a7de745
A		 2104 }
2105 return error;
1c79356b 2106}
c3c9b80d
A		 2107
2108int
2109scalable_counter_sysctl_handler SYSCTL_HANDLER_ARGS
2110{
2111#pragma unused(arg2, oidp)
2112 scalable_counter_t counter = *(scalable_counter_t*) arg1;
2113 uint64_t value = counter_load(&counter);
2114 return SYSCTL_OUT(req, &value, sizeof(value));
2115}
2116
2117#define X(name, T) \
2118int \
2119experiment_factor_##name##_handler SYSCTL_HANDLER_ARGS \
2120{ \
2121 int error, changed = 0; \
2122 T *ptr; \
2123 T new_value, current_value; \
2124 struct experiment_spec *spec = (struct experiment_spec *) arg1; \
2125 if (!arg1) { \
2126 return EINVAL; \
2127 } \
2128 ptr = (T *)(spec->ptr); \
2129 current_value = *ptr; \
2130 error = sysctl_io_number(req, current_value, sizeof(T), &new_value, &changed); \
2131 if (error != 0) { \
2132 return error; \
2133 } \
2134 if (changed) { \
2135 if (new_value < (T) spec->min_value || new_value > (T) spec->max_value) { \
2136 return EINVAL; \
2137 } \
2138 if (os_atomic_cmpxchg(&spec->modified, false, true, acq_rel)) { \
2139 spec->original_value = current_value; \
2140 } \
2141 os_atomic_store_wide(ptr, new_value, relaxed); \
2142 } \
2143 return 0; \
2144}
2145
2146experiment_factor_numeric_types
2147#undef X
mirror of XNU