#include <dev/busvar.h> /* for pseudo_inits */
#include <sys/kdebug.h>
#include <sys/monotonic.h>
-#include <sys/reason.h>
#include <mach/mach_types.h>
#include <mach/vm_prot.h>
#include <mach/semaphore.h>
#include <mach/sync_policy.h>
#include <kern/clock.h>
+#include <sys/csr.h>
#include <mach/kern_return.h>
#include <mach/thread_act.h> /* for thread_resume() */
#include <sys/mcache.h> /* for mcache_init() */
#include <net/if_gif.h> /* for gif_init() */
#include <miscfs/devfs/devfsdefs.h> /* for devfs_kernel_mount() */
#include <vm/vm_kern.h> /* for kmem_suballoc() */
-#include <sys/semaphore.h> /* for psem_lock_init() */
#include <sys/msgbuf.h> /* for log_setsize() */
-#include <sys/tty.h> /* for tty_init() */
#include <sys/proc_uuid_policy.h> /* proc_uuid_policy_init() */
#include <netinet/flow_divert.h> /* flow_divert_init() */
#include <net/content_filter.h> /* for cfil_init() */
void *swapmap;
struct swdevt swdevt[1];
+static LCK_GRP_DECLARE(hostname_lck_grp, "hostname");
+LCK_MTX_DECLARE(hostname_lock, &hostname_lck_grp);
+LCK_MTX_DECLARE(domainname_lock, &hostname_lck_grp);
+
dev_t rootdev; /* device of the root */
dev_t dumpdev; /* device to take dumps on */
long dumplo; /* offset into dumpdev */
long hostid;
char hostname[MAXHOSTNAMELEN];
-lck_mtx_t hostname_lock;
-lck_grp_t *hostname_lck_grp;
char domainname[MAXDOMNAMELEN];
-lck_mtx_t domainname_lock;
-
-char rootdevice[DEVMAXNAMESIZE];
+char rootdevice[DEVMAXNAMESIZE];
struct vnode *rootvp;
bool rootvp_is_ssd = false;
__private_extern__ int proc_ref_tracking_disabled = 0; /* disable panics on leaked proc refs across syscall boundary */
#endif
-#if OS_REASON_DEBUG
-__private_extern__ int os_reason_debug_disabled = 0; /* disable asserts for when we fail to allocate OS reasons */
-#endif
-
extern kern_return_t IOFindBSDRoot(char *, unsigned int, dev_t *, u_int32_t *);
extern void IOSecureBSDRoot(const char * rootName);
extern kern_return_t IOKitBSDInit(void );
extern boolean_t IOSetRecoveryBoot(bsd_bootfail_mode_t, uuid_t, boolean_t);
extern void kminit(void);
-extern void file_lock_init(void);
extern void bsd_bufferinit(void);
extern void oslog_setsize(int size);
extern void throttle_init(void);
-extern void acct_init(void);
#if CONFIG_LOCKERBOOT
#define LOCKER_PROTOBOOT_MOUNT "/protoboot"
#if CONFIG_DEV_KMEM
extern void dev_kmem_init(void);
#endif
-extern void time_zone_slock_init(void);
extern void select_waitq_init(void);
static void process_name(const char *, proc_t);
static void setconf(void);
#if CONFIG_BASESYSTEMROOT
-static int bsd_find_basesystem_dmg(char *bsdmgpath_out, bool *rooted_dmg);
+static int bsd_find_basesystem_dmg(char *bsdmgpath_out, bool *rooted_dmg, bool *skip_signature_check);
static boolean_t bsdmgroot_bootable(void);
#endif // CONFIG_BASESYSTEMROOT
extern thread_t cloneproc(task_t, coalition_t, proc_t, int, int);
extern int (*mountroot)(void);
-lck_grp_t * proc_lck_grp;
-lck_grp_t * proc_slock_grp;
-lck_grp_t * proc_fdmlock_grp;
-lck_grp_t * proc_kqhashlock_grp;
-lck_grp_t * proc_knhashlock_grp;
-lck_grp_t * proc_ucred_mlock_grp;
-lck_grp_t * proc_mlock_grp;
-lck_grp_t * proc_dirslock_grp;
-lck_grp_attr_t * proc_lck_grp_attr;
-lck_attr_t * proc_lck_attr;
-lck_mtx_t * proc_list_mlock;
-lck_mtx_t * proc_klist_mlock;
+LCK_ATTR_DECLARE(proc_lck_attr, 0, 0);
+LCK_GRP_DECLARE(proc_lck_grp, "proc");
+LCK_GRP_DECLARE(proc_slock_grp, "proc-slock");
+LCK_GRP_DECLARE(proc_fdmlock_grp, "proc-fdmlock");
+LCK_GRP_DECLARE(proc_mlock_grp, "proc-mlock");
+LCK_GRP_DECLARE(proc_ucred_mlock_grp, "proc-ucred-mlock");
+LCK_GRP_DECLARE(proc_dirslock_grp, "proc-dirslock");
+LCK_GRP_DECLARE(proc_kqhashlock_grp, "proc-kqhashlock");
+LCK_GRP_DECLARE(proc_knhashlock_grp, "proc-knhashlock");
-#if CONFIG_XNUPOST
-lck_grp_t * sysctl_debug_test_stackshot_owner_grp;
-lck_mtx_t * sysctl_debug_test_stackshot_owner_init_mtx;
-#endif /* !CONFIG_XNUPOST */
-extern lck_mtx_t * execargs_cache_lock;
+LCK_MTX_DECLARE_ATTR(proc_list_mlock, &proc_mlock_grp, &proc_lck_attr);
#if XNU_TARGET_OS_OSX
/* hook called after root is mounted XXX temporary hack */
#endif
void set_rootvnode(vnode_t);
-extern lck_rw_t * rootvnode_rw_lock;
+extern lck_rw_t rootvnode_rw_lock;
/* called with an iocount and usecount on new_rootvnode */
void
return is_ramdisk;
}
-/*
- * This function is called before IOKit initialization, so that globals
- * like the sysctl tree are initialized before kernel extensions
- * are started (since they may want to register sysctls
- */
-void
-bsd_early_init(void)
-{
- sysctl_early_init();
-}
-
/*
* This function is called very early on in the Mach startup, from the
* function start_kernel_threads() in osfmk/kern/startup.c. It's called
bsd_init_kprintf("calling procinit\n");
procinit();
- /* Initialize the ttys (MUST be before kminit()/bsd_autoconf()!)*/
- tty_init();
-
/* kernel_task->proc = kernproc; */
set_bsdtask_info(kernel_task, (void *)kernproc);
bsd_init_kprintf("calling process_name\n");
process_name("kernel_task", kernproc);
- /* allocate proc lock group attribute and group */
- bsd_init_kprintf("calling lck_grp_attr_alloc_init\n");
- proc_lck_grp_attr = lck_grp_attr_alloc_init();
-
- proc_lck_grp = lck_grp_alloc_init("proc", proc_lck_grp_attr);
-
- proc_slock_grp = lck_grp_alloc_init("proc-slock", proc_lck_grp_attr);
- proc_ucred_mlock_grp = lck_grp_alloc_init("proc-ucred-mlock", proc_lck_grp_attr);
- proc_mlock_grp = lck_grp_alloc_init("proc-mlock", proc_lck_grp_attr);
- proc_fdmlock_grp = lck_grp_alloc_init("proc-fdmlock", proc_lck_grp_attr);
- proc_kqhashlock_grp = lck_grp_alloc_init("proc-kqhashlock", proc_lck_grp_attr);
- proc_knhashlock_grp = lck_grp_alloc_init("proc-knhashlock", proc_lck_grp_attr);
- proc_dirslock_grp = lck_grp_alloc_init("proc-dirslock", proc_lck_grp_attr);
-#if CONFIG_XNUPOST
- sysctl_debug_test_stackshot_owner_grp = lck_grp_alloc_init("test-stackshot-owner-grp", LCK_GRP_ATTR_NULL);
- sysctl_debug_test_stackshot_owner_init_mtx = lck_mtx_alloc_init(
- sysctl_debug_test_stackshot_owner_grp,
- LCK_ATTR_NULL);
-#endif /* !CONFIG_XNUPOST */
/* Allocate proc lock attribute */
- proc_lck_attr = lck_attr_alloc_init();
- proc_list_mlock = lck_mtx_alloc_init(proc_mlock_grp, proc_lck_attr);
- proc_klist_mlock = lck_mtx_alloc_init(proc_mlock_grp, proc_lck_attr);
- lck_mtx_init(&kernproc->p_mlock, proc_mlock_grp, proc_lck_attr);
- lck_mtx_init(&kernproc->p_fdmlock, proc_fdmlock_grp, proc_lck_attr);
- lck_mtx_init(&kernproc->p_ucred_mlock, proc_ucred_mlock_grp, proc_lck_attr);
- lck_spin_init(&kernproc->p_slock, proc_slock_grp, proc_lck_attr);
- lck_rw_init(&kernproc->p_dirs_lock, proc_dirslock_grp, proc_lck_attr);
+ lck_mtx_init(&kernproc->p_mlock, &proc_mlock_grp, &proc_lck_attr);
+ lck_mtx_init(&kernproc->p_fdmlock, &proc_fdmlock_grp, &proc_lck_attr);
+ lck_mtx_init(&kernproc->p_ucred_mlock, &proc_ucred_mlock_grp, &proc_lck_attr);
+ lck_spin_init(&kernproc->p_slock, &proc_slock_grp, &proc_lck_attr);
+ lck_rw_init(&kernproc->p_dirs_lock, &proc_dirslock_grp, &proc_lck_attr);
assert(bsd_simul_execs != 0);
- execargs_cache_lock = lck_mtx_alloc_init(proc_lck_grp, proc_lck_attr);
execargs_cache_size = bsd_simul_execs;
execargs_free_count = bsd_simul_execs;
execargs_cache = zalloc_permanent(bsd_simul_execs * sizeof(vm_offset_t),
ulock_initialize();
- hostname_lck_grp = lck_grp_alloc_init("hostname", LCK_GRP_ATTR_NULL);
- lck_mtx_init(&hostname_lock, hostname_lck_grp, LCK_ATTR_NULL);
- lck_mtx_init(&domainname_lock, hostname_lck_grp, LCK_ATTR_NULL);
-
/*
* Create process 0.
*/
kernproc->p_pgrp = &pgrp0;
LIST_INSERT_HEAD(PGRPHASH(0), &pgrp0, pg_hash);
LIST_INIT(&pgrp0.pg_members);
- lck_mtx_init(&pgrp0.pg_mlock, proc_mlock_grp, proc_lck_attr);
+ lck_mtx_init(&pgrp0.pg_mlock, &proc_mlock_grp, &proc_lck_attr);
/* There is no other bsd thread this point and is safe without pgrp lock */
LIST_INSERT_HEAD(&pgrp0.pg_members, kernproc, p_pglist);
kernproc->p_listflag |= P_LIST_INPGRP;
session0.s_count = 1;
session0.s_leader = kernproc;
session0.s_listflags = 0;
- lck_mtx_init(&session0.s_mlock, proc_mlock_grp, proc_lck_attr);
+ lck_mtx_init(&session0.s_mlock, &proc_mlock_grp, &proc_lck_attr);
LIST_INSERT_HEAD(SESSHASH(0), &session0, s_hash);
proc_list_unlock();
TAILQ_INIT(&kernproc->p_aio_doneq);
kernproc->p_aio_total_count = 0;
- bsd_init_kprintf("calling file_lock_init\n");
- file_lock_init();
-
#if CONFIG_MACF
mac_cred_label_associate_kernel(kernproc->p_ucred);
#endif
filedesc0.fd_knlist = NULL;
filedesc0.fd_knhash = NULL;
filedesc0.fd_knhashmask = 0;
- lck_mtx_init(&filedesc0.fd_kqhashlock, proc_kqhashlock_grp, proc_lck_attr);
- lck_mtx_init(&filedesc0.fd_knhashlock, proc_knhashlock_grp, proc_lck_attr);
+ lck_mtx_init(&filedesc0.fd_kqhashlock, &proc_kqhashlock_grp, &proc_lck_attr);
+ lck_mtx_init(&filedesc0.fd_knhashlock, &proc_knhashlock_grp, &proc_lck_attr);
/* Create the limits structures. */
kernproc->p_limit = &limit0;
}
}
- bsd_init_kprintf("calling fpxlog_init\n");
- fpxlog_init();
-
/*
* Initialize buffers and hash links for buffers
*
bsd_init_kprintf("calling vfsinit\n");
vfsinit();
- /* Initialize file locks. */
- bsd_init_kprintf("calling lf_init\n");
- lf_init();
-
#if CONFIG_PROC_UUID_POLICY
/* Initial proc_uuid_policy subsystem */
bsd_init_kprintf("calling proc_uuid_policy_init()\n");
bsd_init_kprintf("calling aio_init\n");
aio_init();
- /* Initialize SysV shm subsystem locks; the subsystem proper is
- * initialized through a sysctl.
- */
-#if SYSV_SHM
- bsd_init_kprintf("calling sysv_shm_lock_init\n");
- sysv_shm_lock_init();
-#endif
-#if SYSV_SEM
- bsd_init_kprintf("calling sysv_sem_lock_init\n");
- sysv_sem_lock_init();
-#endif
-#if SYSV_MSG
- bsd_init_kprintf("sysv_msg_lock_init\n");
- sysv_msg_lock_init();
-#endif
- bsd_init_kprintf("calling pshm_lock_init\n");
- pshm_lock_init();
- bsd_init_kprintf("calling psem_lock_init\n");
- psem_lock_init();
-
pthread_init();
/* POSIX Shm and Sem */
bsd_init_kprintf("calling pshm_cache_init\n");
pshm_cache_init();
bsd_init_kprintf("calling psem_cache_init\n");
psem_cache_init();
- bsd_init_kprintf("calling time_zone_slock_init\n");
- time_zone_slock_init();
bsd_init_kprintf("calling select_waitq_init\n");
select_waitq_init();
kernproc->p_fd->fd_cdir = NULL;
kernproc->p_fd->fd_rdir = NULL;
+#if defined (__x86_64__) && (DEBUG || DEVELOPMENT)
+ hvg_bsd_init();
+#endif /* DEBUG || DEVELOPMENT */
+
#if CONFIG_FREEZE
#ifndef CONFIG_MEMORYSTATUS
#error "CONFIG_FREEZE defined without matching CONFIG_MEMORYSTATUS"
memorystatus_init();
#endif /* CONFIG_MEMORYSTATUS */
- bsd_init_kprintf("calling acct_init\n");
- acct_init();
-
bsd_init_kprintf("calling sysctl_mib_init\n");
sysctl_mib_init();
bsd_init_kprintf("calling bsd_autoconf\n");
bsd_autoconf();
- bsd_init_kprintf("calling os_reason_init\n");
- os_reason_init();
-
#if CONFIG_DTRACE
dtrace_postinit();
#endif
(void)vnode_ref(init_rootvnode);
(void)vnode_put(init_rootvnode);
- lck_rw_lock_exclusive(rootvnode_rw_lock);
+ lck_rw_lock_exclusive(&rootvnode_rw_lock);
set_rootvnode(init_rootvnode);
- lck_rw_unlock_exclusive(rootvnode_rw_lock);
+ lck_rw_unlock_exclusive(&rootvnode_rw_lock);
init_rootvnode = NULLVP; /* use rootvnode after this point */
if (bsdmgroot_bootable()) {
int error;
bool rooted_dmg = false;
+ bool skip_signature_check = false;
printf("trying to find and mount BaseSystem dmg as root volume\n");
#if DEVELOPMENT || DEBUG
panic("%s: M_NAMEI zone exhausted", __FUNCTION__);
}
- error = bsd_find_basesystem_dmg(dmgpath, &rooted_dmg);
+ error = bsd_find_basesystem_dmg(dmgpath, &rooted_dmg, &skip_signature_check);
if (error) {
bsd_init_kprintf("failed to to find BaseSystem dmg: error = %d\n", error);
} else {
bsd_init_kprintf("found BaseSystem dmg at: %s\n", dmgpath);
- error = imageboot_pivot_image(dmgpath, IMAGEBOOT_DMG, "/System/Volumes/BaseSystem", "System/Volumes/macOS", rooted_dmg);
+ error = imageboot_pivot_image(dmgpath, IMAGEBOOT_DMG, "/System/Volumes/BaseSystem", "System/Volumes/macOS", rooted_dmg, skip_signature_check);
if (error) {
bsd_init_kprintf("couldn't mount BaseSystem dmg: error = %d", error);
}
consider_zone_gc(FALSE);
#endif
- /* Initialize System Override call */
- init_system_override();
-
bsd_init_kprintf("done\n");
}
panic("bsd_utaskbootstrap: initproc not set\n");
}
#endif
+
+ zalloc_first_proc_made();
+
/*
* Since we aren't going back out the normal way to our parent,
* we have to drop the transition locks explicitly.
}
#endif
-#if OS_REASON_DEBUG
- if (PE_parse_boot_argn("-disable_osreason_debug", namep, sizeof(namep))) {
- os_reason_debug_disabled = 1;
- }
-#endif
-
PE_parse_boot_argn("sigrestrict", &sigrestrict_arg, sizeof(sigrestrict_arg));
#if DEVELOPMENT || DEBUG
// BaseSystem.dmg into its argument (which must be a char[MAXPATHLEN]).
static
int
-bsd_find_basesystem_dmg(char *bsdmgpath_out, bool *rooted_dmg)
+bsd_find_basesystem_dmg(char *bsdmgpath_out, bool *rooted_dmg, bool *skip_signature_check)
{
int error;
size_t len;
char *dmgbasepath;
char *dmgpath;
+ bool allow_rooted_dmg = false;
dmgbasepath = zalloc_flags(ZV_NAMEI, Z_ZERO | Z_WAITOK);
dmgpath = zalloc_flags(ZV_NAMEI, Z_ZERO | Z_WAITOK);
vnode_t imagevp = NULLVP;
+#if DEVELOPMENT || DEBUG
+ allow_rooted_dmg = true;
+#endif
+
//must provide output bool
- if (rooted_dmg) {
+ if (rooted_dmg && skip_signature_check) {
*rooted_dmg = false;
+ *skip_signature_check = false;
} else {
error = EINVAL;
goto done;
goto done;
}
+ if (csr_check(CSR_ALLOW_ANY_RECOVERY_OS) == 0) {
+ *skip_signature_check = true;
+ allow_rooted_dmg = true;
+ }
+
#if defined(__arm64__)
const char *boot_obj_path = IOGetBootObjectsPath();
if (boot_obj_path) {
goto done;
}
-#if DEVELOPMENT || DEBUG
- len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
- if (len > MAXPATHLEN) {
- error = ENAMETOOLONG;
- goto done;
- }
+ if (allow_rooted_dmg) {
+ len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
+ if (len > MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto done;
+ }
- len = strlcat(dmgpath, "arm64eBaseSystem.rooted.dmg", MAXPATHLEN);
- if (len > MAXPATHLEN) {
- error = ENAMETOOLONG;
- goto done;
- }
+ len = strlcat(dmgpath, "arm64eBaseSystem.rooted.dmg", MAXPATHLEN);
+ if (len > MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto done;
+ }
- error = vnode_lookup(dmgpath, 0, &imagevp, vfs_context_kernel());
- if (error == 0) {
- *rooted_dmg = true;
- goto done;
+ error = vnode_lookup(dmgpath, 0, &imagevp, vfs_context_kernel());
+ if (error == 0) {
+ *rooted_dmg = true;
+ *skip_signature_check = true;
+ goto done;
+ }
+ memset(dmgpath, 0, MAXPATHLEN);
}
- memset(dmgpath, 0, MAXPATHLEN);
-#endif // DEVELOPMENT || DEBUG
len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
if (len > MAXPATHLEN) {
goto done;
}
-#if DEVELOPMENT || DEBUG
- // Try BaseSystem.rooted.dmg
- len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
- if (len > MAXPATHLEN) {
- error = ENAMETOOLONG;
- goto done;
- }
+ if (allow_rooted_dmg) {
+ // Try BaseSystem.rooted.dmg
+ len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
+ if (len > MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto done;
+ }
- len = strlcat(dmgpath, "/BaseSystem.rooted.dmg", MAXPATHLEN);
- if (len > MAXPATHLEN) {
- error = ENAMETOOLONG;
- goto done;
- }
+ len = strlcat(dmgpath, "/BaseSystem.rooted.dmg", MAXPATHLEN);
+ if (len > MAXPATHLEN) {
+ error = ENAMETOOLONG;
+ goto done;
+ }
- error = vnode_lookup(dmgpath, 0, &imagevp, vfs_context_kernel());
- if (error == 0) {
- // we found it! success!
- *rooted_dmg = true;
- goto done;
+ error = vnode_lookup(dmgpath, 0, &imagevp, vfs_context_kernel());
+ if (error == 0) {
+ // we found it! success!
+ *rooted_dmg = true;
+ *skip_signature_check = true;
+ goto done;
+ }
}
-#endif // DEVELOPMENT || DEBUG
// Try BaseSystem.dmg
len = strlcpy(dmgpath, dmgbasepath, MAXPATHLEN);
projects / apple / xnu.git / blobdiff