#include <libkern/c++/OSKext.h>
+#include <libkern/c++/OSSharedPtr.h>
#include <IOKit/IOKitServer.h>
#include <IOKit/IOKitKeysPrivate.h>
#include <IOKit/IOUserClient.h>
};
#define super OSObject
-OSDefineMetaClassAndStructors(IOMachPort, OSObject)
+OSDefineMetaClassAndStructorsWithZone(IOMachPort, OSObject, ZC_ZFREE_CLEARMEM)
static IOLock * gIOObjectPortLock;
IOLock * gIOUserServerLock;
+SECURITY_READ_ONLY_LATE(const struct io_filter_callbacks *) gIOUCFilterCallbacks;
+
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
SLIST_HEAD(IOMachPortHashList, IOMachPort);
-#if CONFIG_EMBEDDED
-#define PORT_HASH_SIZE 256
-#else
+#if defined(XNU_TARGET_OS_OSX)
#define PORT_HASH_SIZE 4096
-#endif /* CONFIG_EMBEDDED */
+#else /* defined(!XNU_TARGET_OS_OSX) */
+#define PORT_HASH_SIZE 256
+#endif /* !defined(!XNU_TARGET_OS_OSX) */
-IOMachPortHashList ports[PORT_HASH_SIZE];
+IOMachPortHashList gIOMachPortHash[PORT_HASH_SIZE];
void
IOMachPortInitialize(void)
{
for (size_t i = 0; i < PORT_HASH_SIZE; i++) {
- SLIST_INIT(&ports[i]);
+ SLIST_INIT(&gIOMachPortHash[i]);
}
}
IOMachPortHashList*
IOMachPort::bucketForObject(OSObject *obj, ipc_kobject_type_t type )
{
- return &ports[os_hash_kernel_pointer(obj) % PORT_HASH_SIZE];
+ return &gIOMachPortHash[os_hash_kernel_pointer(obj) % PORT_HASH_SIZE];
}
IOMachPort*
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+static bool
+IOTaskRegistryCompatibility(task_t task)
+{
+ return false;
+}
+
+static void
+IOTaskRegistryCompatibilityMatching(task_t task, OSDictionary * matching)
+{
+ if (!IOTaskRegistryCompatibility(task)) {
+ return;
+ }
+ matching->setObject(gIOCompatibilityMatchKey, kOSBooleanTrue);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
class IOUserIterator : public OSIterator
{
OSDeclareDefaultStructors(IOUserIterator);
#if DEVELOPMENT || DEBUG
} else if ((noti = OSDynamicCast(IOUserNotification, obj))
&& ((serviceNoti = OSDynamicCast(_IOServiceNotifier, noti->holdNotify)))) {
- s = OSSerialize::withCapacity(page_size);
+ s = OSSerialize::withCapacity((unsigned int) page_size);
if (s && serviceNoti->matching->serialize(s)) {
snprintf(desc, KOBJECT_DESCRIPTION_LENGTH, "%s(%s)", obj->getMetaClass()->getClassName(), s->text());
}
}
}
+// FIXME: Implementation of these functions are hidden from the static analyzer.
+// As for now, the analyzer doesn't consistently support wrapper functions
+// for retain and release.
+#ifndef __clang_analyzer__
void
iokit_add_reference( io_object_t obj, natural_t type )
{
obj->release();
}
}
+#endif // __clang_analyzer__
void
iokit_remove_connect_reference( io_object_t obj )
IOUserClient * client;
IOMemoryMap * map;
IOUserNotification * notify;
+ IOUserServerCheckInToken * token;
if (!IOMachPort::noMoreSendersForObject( obj, type, mscount )) {
return kIOReturnNotReady;
}
- if (IKOT_IOKIT_CONNECT == type) {
+ switch (type) {
+ case IKOT_IOKIT_CONNECT:
if ((client = OSDynamicCast( IOUserClient, obj ))) {
IOStatisticsClientCall();
- IOLockLock(client->lock);
+ IORWLockWrite(client->lock);
client->clientDied();
- IOLockUnlock(client->lock);
+ IORWLockUnlock(client->lock);
}
- } else if (IKOT_IOKIT_OBJECT == type) {
+ break;
+ case IKOT_IOKIT_OBJECT:
if ((map = OSDynamicCast( IOMemoryMap, obj ))) {
map->taskDied();
} else if ((notify = OSDynamicCast( IOUserNotification, obj ))) {
notify->setNotification( NULL );
}
+ break;
+ case IKOT_IOKIT_IDENT:
+ if ((token = OSDynamicCast( IOUserServerCheckInToken, obj ))) {
+ IOUserServerCheckInToken::notifyNoSenders( token );
+ }
+ break;
}
return kIOReturnSuccess;
enum { kMaxOutstanding = 1024 };
PingMsg * pingMsg;
- vm_size_t msgSize;
+ mach_msg_size_t msgSize;
OSArray * newSet;
bool armed;
bool ipcLogged;
};
PingMsg * pingMsg;
- vm_size_t msgSize;
+ mach_msg_size_t msgSize;
uint8_t clientIs64;
int owningPID;
bool ipcLogged;
virtual bool init( mach_port_t port, natural_t type,
void * reference, vm_size_t referenceSize,
- vm_size_t extraSize,
+ mach_msg_size_t extraSize,
bool clientIs64 );
virtual void free() APPLE_KEXT_OVERRIDE;
return false;
}
- msgSize = sizeof(PingMsg) - sizeof(OSAsyncReference64) + referenceSize;
+ msgSize = (mach_msg_size_t) (sizeof(PingMsg) - sizeof(OSAsyncReference64) + referenceSize);
+
pingMsg = (PingMsg *) IOMalloc( msgSize);
if (!pingMsg) {
return false;
bool
IOServiceMessageUserNotification::init( mach_port_t port, natural_t type,
- void * reference, vm_size_t referenceSize, vm_size_t extraSize,
+ void * reference, vm_size_t referenceSize, mach_msg_size_t extraSize,
bool client64 )
{
if (!super::init()) {
owningPID = proc_selfpid();
extraSize += sizeof(IOServiceInterestContent64);
- msgSize = sizeof(PingMsg) - sizeof(OSAsyncReference64) + referenceSize;
+ msgSize = (mach_msg_size_t) (sizeof(PingMsg) - sizeof(OSAsyncReference64) + referenceSize);
pingMsg = (PingMsg *) IOMalloc( msgSize);
if (!pingMsg) {
return false;
void * allocMsg;
kern_return_t kr;
vm_size_t argSize;
- vm_size_t thisMsgSize;
+ mach_msg_size_t thisMsgSize;
ipc_port_t thisPort, providerPort;
struct PingMsg * thisMsg;
IOServiceInterestContent64 * data;
type |= ((argSize & kIOKitNoticationMsgSizeMask) << kIOKitNoticationTypeSizeAdjShift);
argSize = (argSize + kIOKitNoticationMsgSizeMask) & ~kIOKitNoticationMsgSizeMask;
- thisMsgSize = msgSize
- + sizeof(IOServiceInterestContent64)
- - sizeof(data->messageArgument)
- + argSize;
+ if (os_add3_overflow(msgSize, sizeof(IOServiceInterestContent64) - sizeof(data->messageArgument), argSize, &thisMsgSize)) {
+ return kIOReturnBadArgument;
+ }
if (thisMsgSize > sizeof(stackMsg)) {
allocMsg = IOMalloc(thisMsgSize);
gIOUserClientOwnersLock = IOLockAlloc();
gIOUserServerLock = IOLockAlloc();
assert(gIOObjectPortLock && gIOUserClientOwnersLock);
+
+#if IOTRACKING
+ IOTrackingQueueCollectUser(IOUserIterator::gMetaClass.getTracking());
+ IOTrackingQueueCollectUser(IOServiceMessageUserNotification::gMetaClass.getTracking());
+ IOTrackingQueueCollectUser(IOServiceUserNotification::gMetaClass.getTracking());
+ IOTrackingQueueCollectUser(IOUserClient::gMetaClass.getTracking());
+ IOTrackingQueueCollectUser(IOMachPort::gMetaClass.getTracking());
+#endif /* IOTRACKING */
}
void
+#if __LP64__
+__attribute__((__noreturn__))
+#endif
IOUserClient::setAsyncReference(OSAsyncReference asyncRef,
mach_port_t wakePort,
void *callback, void *refcon)
{
+#if __LP64__
+ panic("setAsyncReference not valid for 64b");
+#else
asyncRef[kIOAsyncReservedIndex] = ((uintptr_t) wakePort)
| (kIOUCAsync0Flags & asyncRef[kIOAsyncReservedIndex]);
asyncRef[kIOAsyncCalloutFuncIndex] = (uintptr_t) callback;
asyncRef[kIOAsyncCalloutRefconIndex] = (uintptr_t) refcon;
+#endif
}
void
return kr;
}
+#define MAX_ENTITLEMENTS_LEN (128 * 1024)
OSDictionary *
IOUserClient::copyClientEntitlements(task_t task)
{
-#define MAX_ENTITLEMENTS_LEN (128 * 1024)
-
proc_t p = NULL;
pid_t pid = 0;
size_t len = 0;
void *entitlements_blob = NULL;
- char *entitlements_data = NULL;
- OSObject *entitlements_obj = NULL;
OSDictionary *entitlements = NULL;
- OSString *errorString = NULL;
p = (proc_t)get_bsdtask_info(task);
if (p == NULL) {
- goto fail;
+ return NULL;
}
pid = proc_pid(p);
}
if (cs_entitlements_blob_get(p, &entitlements_blob, &len) != 0) {
- goto fail;
+ return NULL;
}
+ return IOUserClient::copyEntitlementsFromBlob(entitlements_blob, len);
+}
+
+OSDictionary *
+IOUserClient::copyEntitlementsFromBlob(void *entitlements_blob, size_t len)
+{
+ char *entitlements_data = NULL;
+ OSObject *entitlements_obj = NULL;
+ OSString *errorString = NULL;
+ OSDictionary *entitlements = NULL;
if (len <= offsetof(CS_GenericBlob, data)) {
goto fail;
*/
len -= offsetof(CS_GenericBlob, data);
if (len > MAX_ENTITLEMENTS_LEN) {
- IOLog("failed to parse entitlements for %s[%u]: %lu bytes of entitlements exceeds maximum of %u\n",
- proc_best_name(p), pid, len, MAX_ENTITLEMENTS_LEN);
+ IOLog("failed to parse entitlements: %lu bytes of entitlements exceeds maximum of %u\n",
+ len, MAX_ENTITLEMENTS_LEN);
goto fail;
}
entitlements_obj = OSUnserializeXML(entitlements_data, len + 1, &errorString);
if (errorString != NULL) {
- IOLog("failed to parse entitlements for %s[%u]: %s\n",
- proc_best_name(p), pid, errorString->getCStringNoCopy());
+ IOLog("failed to parse entitlements: %s\n", errorString->getCStringNoCopy());
goto fail;
}
if (entitlements_obj == NULL) {
return entitlements;
}
+OSDictionary *
+IOUserClient::copyClientEntitlementsVnode(vnode_t vnode, off_t offset)
+{
+ size_t len = 0;
+ void *entitlements_blob = NULL;
+
+ if (cs_entitlements_blob_get_vnode(vnode, offset, &entitlements_blob, &len) != 0) {
+ return NULL;
+ }
+ return IOUserClient::copyEntitlementsFromBlob(entitlements_blob, len);
+}
+
OSObject *
IOUserClient::copyClientEntitlement( task_t task,
const char * entitlement )
return value;
}
+OSObject *
+IOUserClient::copyClientEntitlementVnode(
+ struct vnode *vnode,
+ off_t offset,
+ const char *entitlement)
+{
+ OSDictionary *entitlements;
+ OSObject *value;
+
+ entitlements = copyClientEntitlementsVnode(vnode, offset);
+ if (entitlements == NULL) {
+ return NULL;
+ }
+
+ /* Fetch the entitlement value from the dictionary. */
+ value = entitlements->getObject(entitlement);
+ if (value != NULL) {
+ value->retain();
+ }
+
+ entitlements->release();
+ return value;
+}
+
bool
IOUserClient::init()
{
IOUserClient::reserve()
{
if (!reserved) {
- reserved = IONew(ExpansionData, 1);
+ reserved = IONewZero(ExpansionData, 1);
if (!reserved) {
return false;
}
return KERN_SUCCESS;
}
+struct IOUCFilterPolicy {
+ task_t task;
+ io_filter_policy_t filterPolicy;
+ IOUCFilterPolicy * next;
+};
+
+io_filter_policy_t
+IOUserClient::filterForTask(task_t task, io_filter_policy_t addFilterPolicy)
+{
+ IOUCFilterPolicy * elem;
+ io_filter_policy_t filterPolicy;
+
+ filterPolicy = 0;
+ IOLockLock(filterLock);
+
+ for (elem = reserved->filterPolicies; elem && (elem->task != task); elem = elem->next) {
+ }
+
+ if (elem) {
+ if (addFilterPolicy) {
+ assert(addFilterPolicy == elem->filterPolicy);
+ }
+ filterPolicy = elem->filterPolicy;
+ } else if (addFilterPolicy) {
+ elem = IONewZero(IOUCFilterPolicy, 1);
+ if (elem) {
+ elem->task = task;
+ elem->filterPolicy = addFilterPolicy;
+ elem->next = reserved->filterPolicies;
+ reserved->filterPolicies = elem;
+ filterPolicy = addFilterPolicy;
+ }
+ }
+
+ IOLockUnlock(filterLock);
+ return filterPolicy;
+}
+
void
IOUserClient::free()
{
mappings->release();
}
if (lock) {
- IOLockFree(lock);
+ IORWLockFree(lock);
+ }
+ if (filterLock) {
+ IOLockFree(filterLock);
}
IOStatisticsUnregisterCounter();
assert(!owners.prev);
if (reserved) {
+ IOUCFilterPolicy * elem;
+ IOUCFilterPolicy * nextElem;
+ for (elem = reserved->filterPolicies; elem; elem = nextElem) {
+ nextElem = elem->next;
+ if (elem->filterPolicy && gIOUCFilterCallbacks->io_filter_release) {
+ gIOUCFilterCallbacks->io_filter_release(elem->filterPolicy);
+ }
+ IODelete(elem, IOUCFilterPolicy, 1);
+ }
IODelete(reserved, ExpansionData, 1);
}
return kIOReturnUnsupported;
}
+IOReturn
+IOUserClient::clientMemoryForType( UInt32 type,
+ IOOptionBits * options,
+ OSSharedPtr<IOMemoryDescriptor>& memory )
+{
+ IOMemoryDescriptor* memoryRaw = nullptr;
+ IOReturn result = clientMemoryForType(type, options, &memoryRaw);
+ memory.reset(memoryRaw, OSNoRetain);
+ return result;
+}
+
#if !__LP64__
IOMemoryMap *
IOUserClient::mapClientMemory(
return object ? kIOReturnSuccess : kIOReturnIPCError;
}
+IOReturn
+IOUserClient::copyObjectForPortNameInTask(task_t task, mach_port_name_t port_name,
+ OSSharedPtr<OSObject>& obj)
+{
+ OSObject* objRaw = NULL;
+ IOReturn result = copyObjectForPortNameInTask(task, port_name, &objRaw);
+ obj.reset(objRaw, OSNoRetain);
+ return result;
+}
+
IOReturn
IOUserClient::adjustPortNameReferencesInTask(task_t task, mach_port_name_t port_name, mach_port_delta_t delta)
{
return method;
}
+IOExternalMethod *
+IOUserClient::
+getTargetAndMethodForIndex(OSSharedPtr<IOService>& targetP, UInt32 index)
+{
+ IOService* targetPRaw = NULL;
+ IOExternalMethod* result = getTargetAndMethodForIndex(&targetPRaw, index);
+ targetP.reset(targetPRaw, OSRetain);
+ return result;
+}
+
IOExternalAsyncMethod *
IOUserClient::
getAsyncTargetAndMethodForIndex(IOService ** targetP, UInt32 index)
return method;
}
+IOExternalAsyncMethod *
+IOUserClient::
+getAsyncTargetAndMethodForIndex(OSSharedPtr<IOService>& targetP, UInt32 index)
+{
+ IOService* targetPRaw = NULL;
+ IOExternalAsyncMethod* result = getAsyncTargetAndMethodForIndex(&targetPRaw, index);
+ targetP.reset(targetPRaw, OSRetain);
+ return result;
+}
+
IOExternalTrap *
IOUserClient::
getTargetAndTrapForIndex(IOService ** targetP, UInt32 index)
return kIOReturnSuccess;
}
-
static kern_return_t
internal_io_service_match_property_table(
io_service_t _service,
OSDictionary * dict;
assert(matching_size);
+
+
obj = OSUnserializeXML(matching, matching_size);
if ((dict = OSDynamicCast( OSDictionary, obj))) {
+ IOTaskRegistryCompatibilityMatching(current_task(), dict);
*matches = service->passiveMatch( dict );
kr = kIOReturnSuccess;
} else {
obj = OSUnserializeXML(matching, matching_size);
if ((dict = OSDynamicCast( OSDictionary, obj))) {
+ IOTaskRegistryCompatibilityMatching(current_task(), dict);
*existing = IOUserIterator::withIterator(IOService::getMatchingServices( dict ));
kr = kIOReturnSuccess;
} else {
obj = OSUnserializeXML(matching, matching_size);
if ((dict = OSDynamicCast( OSDictionary, obj))) {
+ IOTaskRegistryCompatibilityMatching(current_task(), dict);
*service = IOService::copyMatchingService( dict );
kr = *service ? kIOReturnSuccess : kIOReturnNotFound;
} else {
IOServiceUserNotification * userNotify = NULL;
IONotifier * notify = NULL;
const OSSymbol * sym;
+ OSObject * obj;
OSDictionary * dict;
IOReturn err;
- unsigned long int userMsgType;
+ natural_t userMsgType;
if (master_port != master_device_port) {
return kIOReturnNotPrivileged;
}
assert(matching_size);
- dict = OSDynamicCast(OSDictionary, OSUnserializeXML(matching, matching_size));
+ obj = OSUnserializeXML(matching, matching_size);
+ dict = OSDynamicCast(OSDictionary, obj);
if (!dict) {
err = kIOReturnBadArgument;
continue;
}
+ IOTaskRegistryCompatibilityMatching(current_task(), dict);
if ((sym == gIOPublishNotification)
|| (sym == gIOFirstPublishNotification)) {
if (sym) {
sym->release();
}
- if (dict) {
- dict->release();
+ if (obj) {
+ obj->release();
}
return err;
natural_t notification_type,
semaphore_t *semaphore )
{
+ IOReturn ret;
CHECK( IOUserClient, connection, client );
IOStatisticsClientCall();
- return client->getNotificationSemaphore((UInt32) notification_type,
- semaphore );
+ IORWLockWrite(client->lock);
+ ret = client->getNotificationSemaphore((UInt32) notification_type,
+ semaphore );
+ IORWLockUnlock(client->lock);
+
+ return ret;
}
/* Routine io_registry_get_root_entry */
entry = IORegistryEntry::fromPath( path );
+ if (!entry && IOTaskRegistryCompatibility(current_task())) {
+ OSDictionary * matching;
+ const OSObject * objects[2] = { kOSBooleanTrue, NULL };
+ const OSSymbol * keys[2] = { gIOCompatibilityMatchKey, gIOPathMatchKey };
+
+ objects[1] = OSString::withCStringNoCopy(path);
+ matching = OSDictionary::withObjects(objects, keys, 2, 2);
+ if (matching) {
+ entry = IOService::copyMatchingService(matching);
+ }
+ OSSafeReleaseNULL(matching);
+ OSSafeReleaseNULL(objects[1]);
+ }
+
*registry_entry = entry;
return kIOReturnSuccess;
return kIOReturnSuccess;
}
+
+static OSObject *
+IOCopyPropertyCompatible(IORegistryEntry * regEntry, const char * name)
+{
+ OSObject * obj;
+ OSObject * compatProps;
+ OSDictionary * props;
+
+ obj = regEntry->copyProperty(name);
+ if (!obj
+ && IOTaskRegistryCompatibility(current_task())
+ && (compatProps = regEntry->copyProperty(gIOCompatibilityPropertiesKey))) {
+ props = OSDynamicCast(OSDictionary, compatProps);
+ if (props) {
+ obj = props->getObject(name);
+ if (obj) {
+ obj->retain();
+ }
+ }
+ compatProps->release();
+ }
+
+ return obj;
+}
+
/* Routine io_registry_entry_get_property */
kern_return_t
is_io_registry_entry_get_property_bytes(
}
#endif
- obj = entry->copyProperty(property_name);
+ obj = IOCopyPropertyCompatible(entry, property_name);
if (!obj) {
return kIOReturnNoResources;
}
mach_msg_type_number_t *propertiesCnt )
{
kern_return_t err;
- vm_size_t len;
+ unsigned int len;
OSObject * obj;
CHECK( IORegistryEntry, registry_entry, entry );
}
#endif
- obj = entry->copyProperty(property_name);
+ obj = IOCopyPropertyCompatible(entry, property_name);
if (!obj) {
return kIOReturnNotFound;
}
mach_msg_type_number_t *propertiesCnt )
{
kern_return_t err;
- vm_size_t len;
+ unsigned int len;
OSObject * obj;
CHECK( IORegistryEntry, registry_entry, entry );
io_buf_ptr_t *properties,
mach_msg_type_number_t *propertiesCnt)
{
- kern_return_t err = kIOReturnSuccess;
- vm_size_t len;
+ kern_return_t err = kIOReturnSuccess;
+ unsigned int len;
+ OSObject * compatProperties;
OSSerialize * s;
OSSerialize::Editor editor = NULL;
void * editRef = NULL;
return kIOReturnNoMemory;
}
- if (!entry->serializeProperties(s)) {
+ if (IOTaskRegistryCompatibility(current_task())
+ && (compatProperties = entry->copyProperty(gIOCompatibilityPropertiesKey))) {
+ OSDictionary * dict;
+
+ dict = entry->dictionaryWithProperties();
+ if (!dict) {
+ err = kIOReturnNoMemory;
+ } else {
+ dict->removeObject(gIOCompatibilityPropertiesKey);
+ dict->merge(OSDynamicCast(OSDictionary, compatProperties));
+ if (!dict->serialize(s)) {
+ err = kIOReturnUnsupported;
+ }
+ dict->release();
+ }
+ compatProperties->release();
+ } else if (!entry->serializeProperties(s)) {
err = kIOReturnUnsupported;
}
mach_msg_type_number_t *propertiesCnt )
{
kern_return_t err;
- vm_size_t len;
+ unsigned int len;
OSObject * obj;
const OSSymbol * sym;
obj = entry->copyPropertyKeys();
} else {
if ((kIORegistryIterateRecursively & options) && plane[0]) {
- obj = entry->copyProperty(property_name,
- IORegistryEntry::getPlane(plane), options );
+ if (!IOTaskRegistryCompatibility(current_task())) {
+ obj = entry->copyProperty(property_name,
+ IORegistryEntry::getPlane(plane), options);
+ } else {
+ obj = IOCopyPropertyCompatible(entry, property_name);
+ if ((NULL == obj) && plane && (options & kIORegistryIterateRecursively)) {
+ IORegistryIterator * iter;
+ iter = IORegistryIterator::iterateOver(entry, IORegistryEntry::getPlane(plane), options);
+ if (iter) {
+ while ((NULL == obj) && (entry = iter->getNextObject())) {
+ obj = IOCopyPropertyCompatible(entry, property_name);
+ }
+ iter->release();
+ }
+ }
+ }
} else {
- obj = entry->copyProperty(property_name);
+ obj = IOCopyPropertyCompatible(entry, property_name);
}
if (obj && gIORemoveOnReadProperties->containsObject(sym)) {
entry->removeProperty(sym);
return kIOReturnBadArgument;
}
+#if CONFIG_MACF
+ if (mac_iokit_check_open_service(kauth_cred_get(), service, connect_type) != 0) {
+ return kIOReturnNotPermitted;
+ }
+#endif
do{
if (properties) {
return kIOReturnUnsupported;
if (res == kIOReturnSuccess) {
assert( OSDynamicCast(IOUserClient, client));
+ if (!client->reserved) {
+ if (!client->reserve()) {
+ client->clientClose();
+ OSSafeReleaseNULL(client);
+ res = kIOReturnNoMemory;
+ }
+ }
+ }
+ if (res == kIOReturnSuccess) {
client->sharedInstance = (NULL != client->getProperty(kIOUserClientSharedInstanceKey));
- client->messageAppSuspended = (NULL != client->getProperty(kIOUserClientMessageAppSuspendedKey));
- client->closed = false;
- client->lock = IOLockAlloc();
+ if (client->sharedInstance) {
+ IOLockLock(gIOUserClientOwnersLock);
+ }
+ if (!client->lock) {
+ client->lock = IORWLockAlloc();
+ client->filterLock = IOLockAlloc();
+
+ client->messageAppSuspended = (NULL != client->getProperty(kIOUserClientMessageAppSuspendedKey));
+ {
+ OSObject * obj;
+ extern const OSSymbol * gIOSurfaceIdentifier;
+ obj = client->getProperty(kIOUserClientDefaultLockingKey);
+ if (obj) {
+ client->defaultLocking = (kOSBooleanFalse != client->getProperty(kIOUserClientDefaultLockingKey));
+ } else {
+ const OSMetaClass * meta;
+ OSKext * kext;
+ meta = client->getMetaClass();
+ kext = meta->getKext();
+ if (!kext || !kext->hasDependency(gIOSurfaceIdentifier)) {
+ client->defaultLocking = true;
+ client->setProperty(kIOUserClientDefaultLockingKey, kOSBooleanTrue);
+ }
+ }
+ }
+ }
+ if (client->sharedInstance) {
+ IOLockUnlock(gIOUserClientOwnersLock);
+ }
disallowAccess = (crossEndian
&& (kOSBooleanTrue != service->getProperty(kIOUserClientCrossEndianCompatibleKey))
}
#endif
+ if ((kIOReturnSuccess == res)
+ && gIOUCFilterCallbacks
+ && gIOUCFilterCallbacks->io_filter_resolver) {
+ io_filter_policy_t filterPolicy;
+ filterPolicy = client->filterForTask(owningTask, 0);
+ if (!filterPolicy) {
+ res = gIOUCFilterCallbacks->io_filter_resolver(owningTask, client, connect_type, &filterPolicy);
+ if (kIOReturnUnsupported == res) {
+ res = kIOReturnSuccess;
+ } else if (kIOReturnSuccess == res) {
+ client->filterForTask(owningTask, filterPolicy);
+ }
+ }
+ }
+
if (kIOReturnSuccess == res) {
res = client->registerOwner(owningTask);
}
IOStatisticsClientCall();
if (client->sharedInstance || OSCompareAndSwap8(0, 1, &client->closed)) {
- IOLockLock(client->lock);
+ IORWLockWrite(client->lock);
client->clientClose();
- IOLockUnlock(client->lock);
+ IORWLockUnlock(client->lock);
} else {
IOLog("ignored is_io_service_close(0x%qx,%s)\n",
client->getRegistryEntryID(), client->getName());
CHECK( IOUserClient, connection, client );
IOStatisticsClientCall();
- IOLockLock(client->lock);
+ IORWLockWrite(client->lock);
ret = client->registerNotificationPort( port, notification_type,
(io_user_reference_t) reference );
- IOLockUnlock(client->lock);
+ IORWLockUnlock(client->lock);
return ret;
}
CHECK( IOUserClient, connection, client );
IOStatisticsClientCall();
- IOLockLock(client->lock);
+ IORWLockWrite(client->lock);
ret = client->registerNotificationPort( port, notification_type,
reference );
- IOLockUnlock(client->lock);
+ IORWLockUnlock(client->lock);
return ret;
}
}
IOStatisticsClientCall();
+ if (client->defaultLocking) {
+ IORWLockWrite(client->lock);
+ }
map = client->mapClientMemory64( memory_type, into_task, flags, *address );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
if (map) {
*address = map->getAddress();
}
IOStatisticsClientCall();
+ if (client->defaultLocking) {
+ IORWLockWrite(client->lock);
+ }
err = client->clientMemoryForType((UInt32) memory_type, &options, &memory );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
if (memory && (kIOReturnSuccess == err)) {
options = (options & ~kIOMapUserOptionsMask)
IOLockUnlock( gIOObjectPortLock);
mach_port_name_t name = 0;
- if (from_task != current_task()) {
+ bool is_shared_instance_or_from_current_task = from_task != current_task() || client->sharedInstance;
+ if (is_shared_instance_or_from_current_task) {
name = IOMachPort::makeSendRightForTask( from_task, map, IKOT_IOKIT_OBJECT );
map->release();
}
} else {
IOMachPort::releasePortForObject( map, IKOT_IOKIT_OBJECT );
}
- if (from_task == current_task()) {
+ if (!is_shared_instance_or_from_current_task) {
map->release();
}
} else {
CHECK( IOUserClient, connection, client );
CHECK( IOUserClient, connect_to, to );
+ IOReturn ret;
+
IOStatisticsClientCall();
- return client->connectClient( to );
+ if (client->defaultLocking) {
+ IORWLockWrite(client->lock);
+ }
+ ret = client->connectClient( to );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
+ return ret;
}
args.structureOutputDescriptorSize = 0;
IOStatisticsClientCall();
- ret = client->externalMethod( selector, &args );
+ ret = kIOReturnSuccess;
+
+ io_filter_policy_t filterPolicy = client->filterForTask(current_task(), 0);
+ if (filterPolicy && gIOUCFilterCallbacks->io_filter_applier) {
+ ret = gIOUCFilterCallbacks->io_filter_applier(filterPolicy, io_filter_type_external_method, selector);
+ }
+ if (kIOReturnSuccess == ret) {
+ if (client->defaultLocking) {
+ IORWLockRead(client->lock);
+ }
+ ret = client->externalMethod( selector, &args );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
+ }
*scalar_outputCnt = args.scalarOutputCount;
*inband_outputCnt = args.structureOutputSize;
if (var_outputCnt && var_output && (kIOReturnSuccess == ret)) {
OSSerialize * serialize;
OSData * data;
- vm_size_t len;
+ unsigned int len;
if ((serialize = OSDynamicCast(OSSerialize, structureVariableOutputData))) {
len = serialize->getLength();
if (ool_input && (ool_input_size <= sizeof(io_struct_inband_t))) {
return kIOReturnIPCError;
}
- if (ool_output && (*ool_output_size <= sizeof(io_struct_inband_t))) {
- return kIOReturnIPCError;
+ if (ool_output) {
+ if (*ool_output_size <= sizeof(io_struct_inband_t)) {
+ return kIOReturnIPCError;
+ }
+ if (*ool_output_size > UINT_MAX) {
+ return kIOReturnIPCError;
+ }
}
if (ool_input) {
}
args.structureOutputDescriptor = outputMD;
- args.structureOutputDescriptorSize = ool_output_size ? *ool_output_size : 0;
+ args.structureOutputDescriptorSize = ool_output_size
+ ? ((typeof(args.structureOutputDescriptorSize)) * ool_output_size)
+ : 0;
IOStatisticsClientCall();
- ret = client->externalMethod( selector, &args );
+ ret = kIOReturnSuccess;
+ io_filter_policy_t filterPolicy = client->filterForTask(current_task(), 0);
+ if (filterPolicy && gIOUCFilterCallbacks->io_filter_applier) {
+ ret = gIOUCFilterCallbacks->io_filter_applier(filterPolicy, io_filter_type_external_method, selector);
+ }
+ if (kIOReturnSuccess == ret) {
+ if (client->defaultLocking) {
+ IORWLockRead(client->lock);
+ }
+ ret = client->externalMethod( selector, &args );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
+ }
*scalar_outputCnt = args.scalarOutputCount;
*inband_outputCnt = args.structureOutputSize;
IOMemoryDescriptor * inputMD = NULL;
IOMemoryDescriptor * outputMD = NULL;
+ if (referenceCnt < 1) {
+ return kIOReturnBadArgument;
+ }
+
bzero(&args.__reserved[0], sizeof(args.__reserved));
args.__reservedA = 0;
args.version = kIOExternalMethodArgumentsCurrentVersion;
if (ool_input && (ool_input_size <= sizeof(io_struct_inband_t))) {
return kIOReturnIPCError;
}
- if (ool_output && (*ool_output_size <= sizeof(io_struct_inband_t))) {
- return kIOReturnIPCError;
+ if (ool_output) {
+ if (*ool_output_size <= sizeof(io_struct_inband_t)) {
+ return kIOReturnIPCError;
+ }
+ if (*ool_output_size > UINT_MAX) {
+ return kIOReturnIPCError;
+ }
}
if (ool_input) {
}
args.structureOutputDescriptor = outputMD;
- args.structureOutputDescriptorSize = *ool_output_size;
+ args.structureOutputDescriptorSize = ((typeof(args.structureOutputDescriptorSize)) * ool_output_size);
IOStatisticsClientCall();
- ret = client->externalMethod( selector, &args );
+ ret = kIOReturnSuccess;
+ io_filter_policy_t filterPolicy = client->filterForTask(current_task(), 0);
+ if (filterPolicy && gIOUCFilterCallbacks->io_filter_applier) {
+ ret = gIOUCFilterCallbacks->io_filter_applier(filterPolicy, io_filter_type_external_async_method, selector);
+ }
+ if (kIOReturnSuccess == ret) {
+ if (client->defaultLocking) {
+ IORWLockRead(client->lock);
+ }
+ ret = client->externalMethod( selector, &args );
+ if (client->defaultLocking) {
+ IORWLockUnlock(client->lock);
+ }
+ }
*scalar_outputCnt = args.scalarOutputCount;
*inband_outputCnt = args.structureOutputSize;
return err;
}
-#if !NO_KEXTD
-bool gIOKextdClearedBusy = false;
-#endif
-
/* Routine io_catalog_send_data */
kern_return_t
is_io_catalog_send_data(
return kIOReturnBadArgument;
}
- if (!IOTaskHasEntitlement(current_task(), kOSKextManagementEntitlement)) {
+ if (!IOTaskHasEntitlement(current_task(), kIOCatalogManagementEntitlement)) {
OSString * taskName = IOCopyLogNameForPID(proc_selfpid());
IOLog("IOCatalogueSendData(%s): Not entitled\n", taskName ? taskName->getCStringNoCopy() : "");
OSSafeReleaseNULL(taskName);
case kIOCatalogStartMatching__Removed:
case kIOCatalogRemoveKernelLinker__Removed:
- kr = KERN_NOT_SUPPORTED;
- break;
-
case kIOCatalogKextdActive:
-#if !NO_KEXTD
- IOServiceTrace(IOSERVICE_KEXTD_ALIVE, 0, 0, 0, 0);
- OSKext::setKextdActive();
-
- /* Dump all nonloaded startup extensions; kextd will now send them
- * down on request.
- */
- OSKext::flushNonloadedKexts( /* flushPrelinkedKexts */ false);
-#endif
- kr = kIOReturnSuccess;
+ case kIOCatalogKextdFinishedLaunching:
+ kr = KERN_NOT_SUPPORTED;
break;
- case kIOCatalogKextdFinishedLaunching: {
-#if !NO_KEXTD
- if (!gIOKextdClearedBusy) {
- IOService::kextdLaunched();
- gIOKextdClearedBusy = true;
- }
-#endif
- kr = kIOReturnSuccess;
- }
- break;
-
default:
kr = kIOReturnBadArgument;
break;
if (kr == kIOReturnSuccess) {
vm_offset_t data;
vm_map_copy_t copy;
- vm_size_t size;
+ unsigned int size;
size = s->getLength();
kr = vm_allocate_kernel(kernel_map, &data, size, VM_FLAGS_ANYWHERE, VM_KERN_MEMORY_IOKIT);
if (kr == kIOReturnSuccess) {
bcopy(s->text(), (void *)data, size);
kr = vm_map_copyin(kernel_map, (vm_map_address_t)data,
- (vm_map_size_t)size, true, ©);
+ size, true, ©);
*outData = (char *)copy;
*outDataCount = size;
}
}
OSSafeReleaseNULL(object);
} else if ((userClient = OSDynamicCast(IOUserClient, iokit_lookup_connect_ref_current_task((mach_port_name_t) ref)))) {
- IOExternalTrap *trap;
+ IOExternalTrap *trap = NULL;
IOService *target = NULL;
- trap = userClient->getTargetAndTrapForIndex(&target, args->index);
-
+ result = kIOReturnSuccess;
+ io_filter_policy_t filterPolicy = userClient->filterForTask(current_task(), 0);
+ if (filterPolicy && gIOUCFilterCallbacks->io_filter_applier) {
+ result = gIOUCFilterCallbacks->io_filter_applier(filterPolicy, io_filter_type_trap, args->index);
+ }
+ if (kIOReturnSuccess == result) {
+ trap = userClient->getTargetAndTrapForIndex(&target, args->index);
+ }
if (trap && target) {
IOTrap func;
}
}
- args->structureOutputSize = structureOutputSize;
+ if (structureOutputSize > UINT_MAX) {
+ structureOutputSize = 0;
+ err = kIOReturnBadArgument;
+ }
+
+ args->structureOutputSize = ((typeof(args->structureOutputSize))structureOutputSize);
return err;
}
+IOReturn
+IOUserClient::registerFilterCallbacks(const struct io_filter_callbacks *callbacks, size_t size)
+{
+ if (size < sizeof(*callbacks)) {
+ return kIOReturnBadArgument;
+ }
+ if (!OSCompareAndSwapPtr(NULL, __DECONST(void *, callbacks), &gIOUCFilterCallbacks)) {
+ return kIOReturnBusy;
+ }
+ return kIOReturnSuccess;
+}
+
#if __LP64__
OSMetaClassDefineReservedUnused(IOUserClient, 0);
OSMetaClassDefineReservedUnused(IOUserClient, 1);
projects / apple / xnu.git / blobdiff