+#if CONFIG_CODE_DECRYPTION
+
+#define APPLE_UNPROTECTED_HEADER_SIZE (3 * 4096)
+
+static load_return_t
+unprotect_dsmos_segment(
+ uint64_t file_off,
+ uint64_t file_size,
+ struct vnode *vp,
+ off_t macho_offset,
+ vm_map_t map,
+ vm_map_offset_t map_addr,
+ vm_map_size_t map_size)
+{
+ kern_return_t kr;
+
+ /*
+ * The first APPLE_UNPROTECTED_HEADER_SIZE bytes (from offset 0 of
+ * this part of a Universal binary) are not protected...
+ * The rest needs to be "transformed".
+ */
+ if (file_off <= APPLE_UNPROTECTED_HEADER_SIZE &&
+ file_off + file_size <= APPLE_UNPROTECTED_HEADER_SIZE) {
+ /* it's all unprotected, nothing to do... */
+ kr = KERN_SUCCESS;
+ } else {
+ if (file_off <= APPLE_UNPROTECTED_HEADER_SIZE) {
+ /*
+ * We start mapping in the unprotected area.
+ * Skip the unprotected part...
+ */
+ vm_map_offset_t delta;
+
+ delta = APPLE_UNPROTECTED_HEADER_SIZE;
+ delta -= file_off;
+ map_addr += delta;
+ map_size -= delta;
+ }
+ /* ... transform the rest of the mapping. */
+ struct pager_crypt_info crypt_info;
+ crypt_info.page_decrypt = dsmos_page_transform;
+ crypt_info.crypt_ops = NULL;
+ crypt_info.crypt_end = NULL;
+#pragma unused(vp, macho_offset)
+ crypt_info.crypt_ops = (void *)0x2e69cf40;
+ vm_map_offset_t crypto_backing_offset;
+ crypto_backing_offset = -1; /* i.e. use map entry's offset */
+#if DEVELOPMENT || DEBUG
+ struct proc *p;
+ p = current_proc();
+ printf("APPLE_PROTECT: %d[%s] map %p [0x%llx:0x%llx] %s(%s)\n",
+ p->p_pid, p->p_comm, map,
+ (uint64_t) map_addr, (uint64_t) (map_addr + map_size),
+ __FUNCTION__, vp->v_name);
+#endif /* DEVELOPMENT || DEBUG */
+
+ /* The DSMOS pager can only be used by apple signed code */
+ struct cs_blob * blob = csvnode_get_blob(vp, file_off);
+ if( blob == NULL || !blob->csb_platform_binary || blob->csb_platform_path)
+ {
+ return LOAD_FAILURE;
+ }
+
+ kr = vm_map_apple_protected(map,
+ map_addr,
+ map_addr + map_size,
+ crypto_backing_offset,
+ &crypt_info);
+ }
+
+ if (kr != KERN_SUCCESS) {
+ return LOAD_FAILURE;
+ }
+ return LOAD_SUCCESS;
+}
+#else /* CONFIG_CODE_DECRYPTION */
+static load_return_t
+unprotect_dsmos_segment(
+ __unused uint64_t file_off,
+ __unused uint64_t file_size,
+ __unused struct vnode *vp,
+ __unused off_t macho_offset,
+ __unused vm_map_t map,
+ __unused vm_map_offset_t map_addr,
+ __unused vm_map_size_t map_size)
+{
+ return LOAD_SUCCESS;
+}
+#endif /* CONFIG_CODE_DECRYPTION */
+
+
+/*
+ * map_segment:
+ * Maps a Mach-O segment, taking care of mis-alignment (wrt the system
+ * page size) issues.
+ *
+ * The mapping might result in 1, 2 or 3 map entries:
+ * 1. for the first page, which could be overlap with the previous
+ * mapping,
+ * 2. for the center (if applicable),
+ * 3. for the last page, which could overlap with the next mapping.
+ *
+ * For each of those map entries, we might have to interpose a
+ * "fourk_pager" to deal with mis-alignment wrt the system page size,
+ * either in the mapping address and/or size or the file offset and/or
+ * size.
+ * The "fourk_pager" itself would be mapped with proper alignment
+ * wrt the system page size and would then be populated with the
+ * information about the intended mapping, with a "4KB" granularity.
+ */
+static kern_return_t
+map_segment(
+ vm_map_t map,
+ vm_map_offset_t vm_start,
+ vm_map_offset_t vm_end,
+ memory_object_control_t control,
+ vm_map_offset_t file_start,
+ vm_map_offset_t file_end,
+ vm_prot_t initprot,
+ vm_prot_t maxprot)
+{
+ int extra_vm_flags, cur_extra_vm_flags;
+ vm_map_offset_t cur_offset, cur_start, cur_end;
+ kern_return_t ret;
+ vm_map_offset_t effective_page_mask;
+
+ if (vm_end < vm_start ||
+ file_end < file_start) {
+ return LOAD_BADMACHO;
+ }
+ if (vm_end == vm_start ||
+ file_end == file_start) {
+ /* nothing to map... */
+ return LOAD_SUCCESS;
+ }
+
+ effective_page_mask = MAX(PAGE_MASK, vm_map_page_mask(map));
+
+ extra_vm_flags = 0;
+ if (vm_map_page_aligned(vm_start, effective_page_mask) &&
+ vm_map_page_aligned(vm_end, effective_page_mask) &&
+ vm_map_page_aligned(file_start, effective_page_mask) &&
+ vm_map_page_aligned(file_end, effective_page_mask)) {
+ /* all page-aligned and map-aligned: proceed */
+ } else {
+ panic("map_segment: unexpected mis-alignment "
+ "vm[0x%llx:0x%llx] file[0x%llx:0x%llx]\n",
+ (uint64_t) vm_start,
+ (uint64_t) vm_end,
+ (uint64_t) file_start,
+ (uint64_t) file_end);
+ }
+
+ cur_offset = 0;
+ cur_start = vm_start;
+ cur_end = vm_start;
+ if (cur_end >= vm_start + (file_end - file_start)) {
+ /* all mapped: done */
+ goto done;
+ }
+ if (vm_map_round_page(cur_end, effective_page_mask) >=
+ vm_map_trunc_page(vm_start + (file_end - file_start),
+ effective_page_mask)) {
+ /* no middle */
+ } else {
+ cur_start = cur_end;
+ if ((vm_start & effective_page_mask) !=
+ (file_start & effective_page_mask)) {
+ /* one 4K pager for the middle */
+ cur_extra_vm_flags = extra_vm_flags;
+ } else {
+ /* regular mapping for the middle */
+ cur_extra_vm_flags = 0;
+ }
+ cur_end = vm_map_trunc_page(vm_start + (file_end -
+ file_start),
+ effective_page_mask);
+ if (control != MEMORY_OBJECT_CONTROL_NULL) {
+ ret = vm_map_enter_mem_object_control(
+ map,
+ &cur_start,
+ cur_end - cur_start,
+ (mach_vm_offset_t)0,
+ VM_FLAGS_FIXED | cur_extra_vm_flags,
+ control,
+ file_start + cur_offset,
+ TRUE, /* copy */
+ initprot, maxprot,
+ VM_INHERIT_DEFAULT);
+ } else {
+ ret = vm_map_enter_mem_object(
+ map,
+ &cur_start,
+ cur_end - cur_start,
+ (mach_vm_offset_t)0,
+ VM_FLAGS_FIXED | cur_extra_vm_flags,
+ IPC_PORT_NULL,
+ 0, /* offset */
+ TRUE, /* copy */
+ initprot, maxprot,
+ VM_INHERIT_DEFAULT);
+ }
+ if (ret != KERN_SUCCESS) {
+ return (LOAD_NOSPACE);
+ }
+ cur_offset += cur_end - cur_start;
+ }
+ if (cur_end >= vm_start + (file_end - file_start)) {
+ /* all mapped: done */
+ goto done;
+ }
+ cur_start = cur_end;
+done:
+ assert(cur_end >= vm_start + (file_end - file_start));
+ return LOAD_SUCCESS;
+}
+
projects / apple / xnu.git / blobdiff