X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/fe8ab488e9161c46dd9885d58fc52996dc0249ff..d190cdc3f5544636abb56dc1874be391d3e1b148:/bsd/kern/kern_core.c

diff --git a/bsd/kern/kern_core.c b/bsd/kern/kern_core.c
index 2bd9de059..5cb6e4fa2 100644
--- a/bsd/kern/kern_core.c
+++ b/bsd/kern/kern_core.c
@@ -32,6 +32,7 @@
  *	This file contains machine independent code for performing core dumps.
  *
  */
+#if CONFIG_COREDUMP
 
 #include <mach/vm_param.h>
 #include <mach/thread_status.h>
@@ -65,6 +66,11 @@
 
 #include <security/audit/audit.h>
 
+#if CONFIG_CSR
+#include <sys/codesign.h>
+#include <sys/csr.h>
+#endif
+
 typedef struct {
 	int	flavor;			/* the number for this flavor */
 	mach_msg_type_number_t	count;	/* count of ints in this flavor */
@@ -90,19 +96,12 @@ typedef struct {
 	int flavor_count;
 } tir_t;
 
-/* XXX should be static */
-void collectth_state(thread_t th_act, void *tirp);
-
 extern int freespace_mb(vnode_t vp);
 
 /* XXX not in a Mach header anywhere */
-kern_return_t thread_getstatus(register thread_t act, int flavor,
+kern_return_t thread_getstatus(thread_t act, int flavor,
 	thread_state_t tstate, mach_msg_type_number_t *count);
 void task_act_iterate_wth_args(task_t, void(*)(thread_t, void *), void *);
-extern kern_return_t task_suspend_internal(task_t);
-
-static cpu_type_t process_cpu_type(proc_t proc);
-static cpu_type_t process_cpu_subtype(proc_t proc);
 
 #ifdef SECURE_KERNEL
 __XNU_PRIVATE_EXTERN int do_coredump = 0;	/* default: don't dump cores */
@@ -143,7 +142,7 @@ process_cpu_subtype(proc_t core_proc)
 	return what_we_think;
 }
 
-void
+static void
 collectth_state(thread_t th_act, void *tirp)
 {
 	vm_offset_t	header;
@@ -182,7 +181,6 @@ collectth_state(thread_t th_act, void *tirp)
 		t->hoffset = hoffset;
 }
 
-
 /*
  * coredump
  *
@@ -192,7 +190,7 @@ collectth_state(thread_t th_act, void *tirp)
  * Parameters:	core_proc			Process to dump core [*]
  *				reserve_mb			If non-zero, leave filesystem with
  *									at least this much free space.
- *				ignore_ulimit		If set, ignore the process's core file ulimit.	
+ *				coredump_flags	Extra options (ignore rlimit, run fsync)
  *
  * Returns:	0				Success
  *		EFAULT				Failed
@@ -203,7 +201,7 @@ collectth_state(thread_t th_act, void *tirp)
  */
 #define	MAX_TSTATE_FLAVORS	10
 int
-coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
+coredump(proc_t core_proc, uint32_t reserve_mb, int coredump_flags)
 {
 /* Begin assumptions that limit us to only the current process */
 	vfs_context_t ctx = vfs_context_current();
@@ -257,6 +255,20 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 		return (EFAULT);
 	}
 
+#if CONFIG_CSR
+	/* If the process is restricted, CSR isn't configured to allow
+	 * restricted processes to be debugged, and CSR isn't configured in
+	 * AppleInternal mode, then don't dump core. */
+	if (cs_restricted(core_proc) &&
+	    csr_check(CSR_ALLOW_TASK_FOR_PID) &&
+	    csr_check(CSR_ALLOW_APPLE_INTERNAL)) {
+#if CONFIG_AUDIT
+		audit_proc_coredump(core_proc, NULL, EFAULT);
+#endif
+		return (EFAULT);
+	}
+#endif
+
 	if (IS_64BIT_PROCESS(core_proc)) {
 		is_64 = 1;
 		mach_header_sz = sizeof(struct mach_header_64);
@@ -265,8 +277,10 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 
 	mapsize = get_vmmap_size(map);
 
-	if ((mapsize >=  core_proc->p_rlimit[RLIMIT_CORE].rlim_cur) && (ignore_ulimit == 0))
+	if (((coredump_flags & COREDUMP_IGNORE_ULIMIT) == 0) &&
+	    (mapsize >=  core_proc->p_rlimit[RLIMIT_CORE].rlim_cur))
 		return (EFAULT);
+
 	(void) task_suspend_internal(task);
 
 	MALLOC(alloced_name, char *, MAXPATHLEN, M_TEMP, M_NOWAIT | M_ZERO);
@@ -325,7 +339,7 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 
 	header_size = command_size + mach_header_sz;
 
-	if (kmem_alloc(kernel_map, &header, (vm_size_t)header_size) != KERN_SUCCESS) {
+	if (kmem_alloc(kernel_map, &header, (vm_size_t)header_size, VM_KERN_MEMORY_DIAG) != KERN_SUCCESS) {
 		error = ENOMEM;
 		goto out;
 	}
@@ -416,6 +430,7 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 			sc64->maxprot = maxprot;
 			sc64->initprot = prot;
 			sc64->nsects = 0;
+			sc64->flags = 0;
 		} else  {
 			sc = (struct segment_command *) (header + hoffset);
 			sc->cmd = LC_SEGMENT;
@@ -429,6 +444,7 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 			sc->maxprot = maxprot;
 			sc->initprot = prot;
 			sc->nsects = 0;
+			sc->flags = 0;
 		}
 
 		/*
@@ -488,6 +504,9 @@ coredump(proc_t core_proc, uint32_t reserve_mb, int ignore_ulimit)
 	error = vn_rdwr(UIO_WRITE, vp, (caddr_t)header, header_size, (off_t)0,
 			UIO_SYSSPACE, IO_NOCACHE|IO_NODELOCKED|IO_UNIT, cred, (int *) 0, core_proc);
 	kmem_free(kernel_map, header, header_size);
+
+	if ((coredump_flags & COREDUMP_FULLFSYNC) && error == 0)
+		error = VNOP_IOCTL(vp, F_FULLFSYNC, (caddr_t)NULL, 0, ctx);
 out:
 	error1 = vnode_close(vp, FWRITE, ctx);
 out2:
@@ -501,3 +520,11 @@ out2:
 
 	return (error);
 }
+
+#else /* CONFIG_COREDUMP */
+
+/* When core dumps aren't needed, no need to compile this file at all */
+
+#error assertion failed: this section is not compiled
+
+#endif /* CONFIG_COREDUMP */