extern "C" {
#include <mach/kmod.h>
#include <libkern/kernel_mach_header.h>
#include <libkern/prelink.h>
}
#include <libkern/version.h>
#include <libkern/c++/OSContainers.h>
#include <libkern/OSKextLibPrivate.h>
#include <libkern/c++/OSKext.h>
#include <IOKit/IOLib.h>
#include <IOKit/IORegistryEntry.h>
#include <IOKit/IODeviceTreeSupport.h>
#include <IOKit/IOCatalogue.h>
#if PRAGMA_MARK
#pragma mark Bootstrap Declarations
#endif
extern "C" {
extern void (*record_startup_extensions_function)(void);
extern void (*load_security_extensions_function)(void);
};
static void bootstrapRecordStartupExtensions(void);
static void bootstrapLoadSecurityExtensions(void);
#if PRAGMA_MARK
#pragma mark Macros
#endif
#define CONST_STRLEN(str) (sizeof(str) - 1)
#if PRAGMA_MARK
#pragma mark Kernel Component Kext Identifiers
#endif
static const char * sKernelComponentNames[] = {
"com.apple.kernel",
"com.apple.kpi.bsd",
"com.apple.kpi.dsep",
"com.apple.kpi.iokit",
"com.apple.kpi.libkern",
"com.apple.kpi.mach",
"com.apple.kpi.private",
"com.apple.kpi.unsupported",
"com.apple.iokit.IONVRAMFamily",
"com.apple.driver.AppleNMI",
"com.apple.iokit.IOSystemManagementFamily",
"com.apple.iokit.ApplePlatformFamily",
#if defined(__ppc__) || defined(__i386__) || defined(__arm__)
"com.apple.kernel.6.0",
"com.apple.kernel.bsd",
"com.apple.kernel.iokit",
"com.apple.kernel.libkern",
"com.apple.kernel.mach",
#endif
NULL
};
#if PRAGMA_MARK
#pragma mark KLDBootstrap Class
#endif
class KLDBootstrap {
friend void bootstrapRecordStartupExtensions(void);
friend void bootstrapLoadSecurityExtensions(void);
private:
void readStartupExtensions(void);
void readPrelinkedExtensions(
kernel_section_t * prelinkInfoSect);
void readBooterExtensions(void);
OSReturn readMkextExtensions(
OSString * deviceTreeName,
OSData * deviceTreeData);
OSReturn loadKernelComponentKexts(void);
void readBuiltinPersonalities(void);
void loadSecurityExtensions(void);
public:
KLDBootstrap(void);
~KLDBootstrap(void);
};
static KLDBootstrap sBootstrapObject;
KLDBootstrap::KLDBootstrap(void)
{
if (this != &sBootstrapObject) {
panic("Attempt to access bootstrap segment.");
}
record_startup_extensions_function = &bootstrapRecordStartupExtensions;
load_security_extensions_function = &bootstrapLoadSecurityExtensions;
OSKext::initialize();
}
KLDBootstrap::~KLDBootstrap(void)
{
if (this != &sBootstrapObject) {
panic("Attempt to access bootstrap segment.");
}
record_startup_extensions_function = 0;
load_security_extensions_function = 0;
}
void
KLDBootstrap::readStartupExtensions(void)
{
kernel_section_t * prelinkInfoSect = NULL;
OSKextLog( NULL,
kOSKextLogProgressLevel |
kOSKextLogGeneralFlag | kOSKextLogDirectoryScanFlag |
kOSKextLogKextBookkeepingFlag,
"Reading startup extensions.");
prelinkInfoSect = getsectbyname(kPrelinkInfoSegment, kPrelinkInfoSection);
if (prelinkInfoSect->size) {
readPrelinkedExtensions(prelinkInfoSect);
} else {
readBooterExtensions();
}
loadKernelComponentKexts();
readBuiltinPersonalities();
OSKext::sendAllKextPersonalitiesToCatalog();
return;
}
void
KLDBootstrap::readPrelinkedExtensions(
kernel_section_t * prelinkInfoSect)
{
OSArray * infoDictArray = NULL; OSArray * personalitiesArray = NULL; OSObject * parsedXML = NULL; OSDictionary * prelinkInfoDict = NULL; OSString * errorString = NULL; OSKext * theKernel = NULL;
#if CONFIG_KXLD
kernel_section_t * kernelLinkStateSection = NULL; #endif
kernel_segment_command_t * prelinkLinkStateSegment = NULL; kernel_segment_command_t * prelinkTextSegment = NULL; kernel_segment_command_t * prelinkInfoSegment = NULL;
void * prelinkData = NULL; void * prelinkCopy = NULL; vm_size_t prelinkLength = 0;
#if !__LP64__ && !defined(__arm__)
vm_map_offset_t prelinkDataMapOffset = 0;
#endif
kern_return_t mem_result = KERN_SUCCESS;
OSDictionary * infoDict = NULL;
IORegistryEntry * registryRoot = NULL; OSNumber * prelinkCountObj = NULL;
u_int i = 0;
OSKextLog( NULL,
kOSKextLogProgressLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"Starting from prelinked kernel.");
#if CONFIG_KXLD
kernelLinkStateSection = getsectbyname(kPrelinkLinkStateSegment,
kPrelinkKernelLinkStateSection);
if (!kernelLinkStateSection) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogArchiveFlag,
"Can't find prelinked kernel link state.");
goto finish;
}
theKernel = OSKext::lookupKextWithIdentifier(kOSKextKernelIdentifier);
if (!theKernel) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogArchiveFlag,
"Can't find kernel kext object in prelinked kernel.");
goto finish;
}
prelinkData = (void *) kernelLinkStateSection->addr;
prelinkLength = kernelLinkStateSection->size;
mem_result = kmem_alloc_pageable(kernel_map,
(vm_offset_t *) &prelinkCopy, prelinkLength);
if (mem_result != KERN_SUCCESS) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
"Can't copy prelinked kernel link state.");
goto finish;
}
memcpy(prelinkCopy, prelinkData, prelinkLength);
theKernel->linkState = OSData::withBytesNoCopy(prelinkCopy, prelinkLength);
if (!theKernel->linkState) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
"Can't create prelinked kernel link state wrapper.");
goto finish;
}
theKernel->linkState->setDeallocFunction(osdata_kmem_free);
#endif
prelinkTextSegment = getsegbyname(kPrelinkTextSegment);
if (!prelinkTextSegment) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"Can't find prelinked kexts' text segment.");
goto finish;
}
prelinkData = (void *) prelinkTextSegment->vmaddr;
prelinkLength = prelinkTextSegment->vmsize;
#if !__LP64__
mem_result = kmem_alloc(kernel_map, (vm_offset_t *)&prelinkCopy,
prelinkLength);
if (mem_result != KERN_SUCCESS) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
"Can't copy prelinked kexts' text for VM reassign.");
goto finish;
}
memcpy(prelinkCopy, prelinkData, prelinkLength);
ml_static_mfree((vm_offset_t)prelinkData, prelinkLength);
prelinkDataMapOffset = (vm_map_offset_t)(uintptr_t)prelinkData;
mem_result = vm_map_enter_mem_object(
kernel_map,
&prelinkDataMapOffset,
prelinkLength, 0,
VM_FLAGS_FIXED | VM_FLAGS_OVERWRITE,
(ipc_port_t)NULL,
(vm_object_offset_t) 0,
FALSE,
VM_PROT_ALL,
VM_PROT_ALL,
VM_INHERIT_DEFAULT);
if ((mem_result != KERN_SUCCESS) ||
(prelinkTextSegment->vmaddr != prelinkDataMapOffset))
{
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag | kOSKextLogArchiveFlag,
"Can't create kexts' text VM entry at 0x%llx, length 0x%x (error 0x%x).",
(unsigned long long) prelinkDataMapOffset, prelinkLength, mem_result);
goto finish;
}
prelinkData = (void *)(uintptr_t)prelinkDataMapOffset;
memcpy(prelinkData, prelinkCopy, prelinkLength);
kmem_free(kernel_map, (vm_offset_t)prelinkCopy, prelinkLength);
#endif
parsedXML = OSUnserializeXML((const char *)prelinkInfoSect->addr,
&errorString);
if (parsedXML) {
prelinkInfoDict = OSDynamicCast(OSDictionary, parsedXML);
}
if (!prelinkInfoDict) {
const char * errorCString = "(unknown error)";
if (errorString && errorString->getCStringNoCopy()) {
errorCString = errorString->getCStringNoCopy();
} else if (parsedXML) {
errorCString = "not a dictionary";
}
OSKextLog( NULL, kOSKextLogErrorLevel | kOSKextLogArchiveFlag,
"Error unserializing prelink plist: %s.", errorCString);
goto finish;
}
infoDictArray = OSDynamicCast(OSArray,
prelinkInfoDict->getObject(kPrelinkInfoDictionaryKey));
if (!infoDictArray) {
OSKextLog( NULL, kOSKextLogErrorLevel | kOSKextLogArchiveFlag,
"The prelinked kernel has no kext info dictionaries");
goto finish;
}
for (i = 0; i < infoDictArray->getCount(); ++i) {
infoDict = OSDynamicCast(OSDictionary, infoDictArray->getObject(i));
if (!infoDict) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"Can't find info dictionary for prelinked kext #%d.", i);
continue;
}
OSKext * newKext = OSKext::withPrelinkedInfoDict(infoDict);
OSSafeReleaseNULL(newKext);
}
personalitiesArray = OSDynamicCast(OSArray,
prelinkInfoDict->getObject(kPrelinkPersonalitiesKey));
if (!personalitiesArray) {
OSKextLog( NULL, kOSKextLogErrorLevel | kOSKextLogArchiveFlag,
"The prelinked kernel has no personalities array");
goto finish;
}
if (personalitiesArray->getCount()) {
gIOCatalogue->addDrivers(personalitiesArray);
}
registryRoot = IORegistryEntry::getRegistryRoot();
assert(registryRoot);
prelinkCountObj = OSNumber::withNumber(
(unsigned long long)infoDictArray->getCount(),
8 * sizeof(uint32_t));
assert(prelinkCountObj);
if (prelinkCountObj) {
registryRoot->setProperty(kOSPrelinkKextCountKey, prelinkCountObj);
}
OSSafeReleaseNULL(prelinkCountObj);
prelinkCountObj = OSNumber::withNumber(
(unsigned long long)personalitiesArray->getCount(),
8 * sizeof(uint32_t));
assert(prelinkCountObj);
if (prelinkCountObj) {
registryRoot->setProperty(kOSPrelinkPersonalityCountKey, prelinkCountObj);
}
OSKextLog( NULL,
kOSKextLogProgressLevel |
kOSKextLogGeneralFlag | kOSKextLogKextBookkeepingFlag |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"%u prelinked kexts, and %u additional personalities.",
infoDictArray->getCount(), personalitiesArray->getCount());
#if __LP64__
ml_static_mfree((vm_offset_t) prelinkData, prelinkLength);
#endif
prelinkLinkStateSegment = getsegbyname(kPrelinkLinkStateSegment);
if (prelinkLinkStateSegment) {
ml_static_mfree((vm_offset_t)prelinkLinkStateSegment->vmaddr,
(vm_size_t)prelinkLinkStateSegment->vmsize);
}
prelinkInfoSegment = getsegbyname(kPrelinkInfoSegment);
if (prelinkInfoSegment) {
ml_static_mfree((vm_offset_t)prelinkInfoSegment->vmaddr,
(vm_size_t)prelinkInfoSegment->vmsize);
}
finish:
OSSafeRelease(errorString);
OSSafeRelease(parsedXML);
OSSafeRelease(theKernel);
OSSafeRelease(prelinkCountObj);
return;
}
#define BOOTER_KEXT_PREFIX "Driver-"
#define BOOTER_MKEXT_PREFIX "DriversPackage-"
typedef struct _DeviceTreeBuffer {
uint32_t paddr;
uint32_t length;
} _DeviceTreeBuffer;
void
KLDBootstrap::readBooterExtensions(void)
{
IORegistryEntry * booterMemoryMap = NULL; OSDictionary * propertyDict = NULL; OSCollectionIterator * keyIterator = NULL; OSString * deviceTreeName = NULL;
const _DeviceTreeBuffer * deviceTreeBuffer = NULL; char * booterDataPtr = NULL; OSData * booterData = NULL;
OSKext * aKext = NULL;
OSKextLog( NULL,
kOSKextLogProgressLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogKextBookkeepingFlag,
"Reading startup extensions/mkexts from booter memory.");
booterMemoryMap = IORegistryEntry::fromPath( "/chosen/memory-map", gIODTPlane);
if (!booterMemoryMap) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag | kOSKextLogDirectoryScanFlag,
"Can't read booter memory map.");
goto finish;
}
propertyDict = booterMemoryMap->dictionaryWithProperties();
if (!propertyDict) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag,
"Can't get property dictionary from memory map.");
goto finish;
}
keyIterator = OSCollectionIterator::withCollection(propertyDict);
if (!keyIterator) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag,
"Can't allocate iterator for driver images.");
goto finish;
}
while ( ( deviceTreeName =
OSDynamicCast(OSString, keyIterator->getNextObject() ))) {
boolean_t isMkext = FALSE;
const char * devTreeNameCString = deviceTreeName->getCStringNoCopy();
OSData * deviceTreeEntry = OSDynamicCast(OSData,
propertyDict->getObject(deviceTreeName));
OSSafeReleaseNULL(booterData);
if (!deviceTreeEntry) {
continue;
}
if (!strncmp(devTreeNameCString, BOOTER_KEXT_PREFIX,
CONST_STRLEN(BOOTER_KEXT_PREFIX))) {
isMkext = FALSE;
} else if (!strncmp(devTreeNameCString, BOOTER_MKEXT_PREFIX,
CONST_STRLEN(BOOTER_MKEXT_PREFIX))) {
isMkext = TRUE;
} else {
continue;
}
deviceTreeBuffer = (const _DeviceTreeBuffer *)
deviceTreeEntry->getBytesNoCopy(0, sizeof(deviceTreeBuffer));
if (!deviceTreeBuffer) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag,
"Device tree entry %s has NULL pointer.",
devTreeNameCString);
goto finish; }
booterDataPtr = (char *)ml_static_ptovirt(deviceTreeBuffer->paddr);
if (!booterDataPtr) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag,
"Can't get virtual address for device tree mkext entry %s.",
devTreeNameCString);
goto finish;
}
booterData = OSData::withBytesNoCopy(booterDataPtr,
deviceTreeBuffer->length);
if (!booterData) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag,
"Error - Can't allocate OSData wrapper for device tree entry %s.",
devTreeNameCString);
goto finish;
}
booterData->setDeallocFunction(osdata_phys_free);
if (isMkext) {
readMkextExtensions(deviceTreeName, booterData);
} else {
OSKext * newKext = OSKext::withBooterData(deviceTreeName, booterData);
OSSafeRelease(newKext);
}
booterMemoryMap->removeProperty(deviceTreeName);
}
finish:
OSSafeRelease(booterMemoryMap);
OSSafeRelease(propertyDict);
OSSafeRelease(keyIterator);
OSSafeRelease(booterData);
OSSafeRelease(aKext);
return;
}
OSReturn
KLDBootstrap::readMkextExtensions(
OSString * deviceTreeName,
OSData * booterData)
{
OSReturn result = kOSReturnError;
uint32_t checksum;
IORegistryEntry * registryRoot = NULL; OSData * checksumObj = NULL;
OSKextLog( NULL,
kOSKextLogStepLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogArchiveFlag,
"Reading startup mkext archive from device tree entry %s.",
deviceTreeName->getCStringNoCopy());
result = OSKext::readMkextArchive(booterData, &checksum);
if (result == kOSReturnSuccess) {
OSKextLog( NULL,
kOSKextLogProgressLevel |
kOSKextLogArchiveFlag,
"Startup mkext archive has checksum 0x%x.", (int)checksum);
registryRoot = IORegistryEntry::getRegistryRoot();
assert(registryRoot);
checksumObj = OSData::withBytes((void *)&checksum, sizeof(checksum));
assert(checksumObj);
if (checksumObj) {
registryRoot->setProperty(kOSStartupMkextCRC, checksumObj);
}
}
return result;
}
#define COM_APPLE "com.apple."
void
KLDBootstrap::loadSecurityExtensions(void)
{
OSDictionary * extensionsDict = NULL; OSCollectionIterator * keyIterator = NULL; OSString * bundleID = NULL; OSKext * theKext = NULL; OSBoolean * isSecurityKext = NULL;
OSKextLog( NULL,
kOSKextLogStepLevel |
kOSKextLogLoadFlag,
"Loading security extensions.");
extensionsDict = OSKext::copyKexts();
if (!extensionsDict) {
return;
}
keyIterator = OSCollectionIterator::withCollection(extensionsDict);
if (!keyIterator) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogGeneralFlag,
"Failed to allocate iterator for security extensions.");
goto finish;
}
while ((bundleID = OSDynamicCast(OSString, keyIterator->getNextObject()))) {
const char * bundle_id = bundleID->getCStringNoCopy();
if (!bundle_id ||
(strncmp(bundle_id, COM_APPLE, CONST_STRLEN(COM_APPLE)) != 0)) {
continue;
}
theKext = OSDynamicCast(OSKext, extensionsDict->getObject(bundleID));
if (!theKext) {
continue;
}
isSecurityKext = OSDynamicCast(OSBoolean,
theKext->getPropertyForHostArch("AppleSecurityExtension"));
if (isSecurityKext && isSecurityKext->isTrue()) {
OSKextLog( NULL,
kOSKextLogStepLevel |
kOSKextLogLoadFlag,
"Loading security extension %s.", bundleID->getCStringNoCopy());
OSKext::loadKextWithIdentifier(bundleID->getCStringNoCopy(),
false);
}
}
finish:
OSSafeRelease(keyIterator);
OSSafeRelease(extensionsDict);
return;
}
OSReturn
KLDBootstrap::loadKernelComponentKexts(void)
{
OSReturn result = kOSReturnSuccess; OSKext * theKext = NULL; const char ** kextIDPtr = NULL;
for (kextIDPtr = &sKernelComponentNames[0]; *kextIDPtr; kextIDPtr++) {
OSSafeReleaseNULL(theKext);
theKext = OSKext::lookupKextWithIdentifier(*kextIDPtr);
if (theKext) {
if (kOSReturnSuccess != OSKext::loadKextWithIdentifier(
*kextIDPtr, false)) {
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogDirectoryScanFlag | kOSKextLogKextBookkeepingFlag,
"Failed to initialize kernel component %s.", *kextIDPtr);
result = kOSReturnError;
}
}
}
OSSafeRelease(theKext);
return result;
}
void
KLDBootstrap::readBuiltinPersonalities(void)
{
OSObject * parsedXML = NULL; OSArray * builtinExtensions = NULL; OSArray * allPersonalities = NULL; OSString * errorString = NULL; kernel_section_t * infosect = NULL; OSCollectionIterator * personalitiesIterator = NULL; unsigned int count, i;
OSKextLog( NULL,
kOSKextLogStepLevel |
kOSKextLogLoadFlag,
"Reading built-in kernel personalities for I/O Kit drivers.");
infosect = getsectbyname("__BUILTIN", "__info");
if (!infosect) {
goto finish;
}
parsedXML = OSUnserializeXML((const char *) (uintptr_t)infosect->addr,
&errorString);
if (parsedXML) {
builtinExtensions = OSDynamicCast(OSArray, parsedXML);
}
if (!builtinExtensions) {
const char * errorCString = "(unknown error)";
if (errorString && errorString->getCStringNoCopy()) {
errorCString = errorString->getCStringNoCopy();
} else if (parsedXML) {
errorCString = "not an array";
}
OSKextLog( NULL,
kOSKextLogErrorLevel |
kOSKextLogLoadFlag,
"Error unserializing built-in personalities: %s.", errorCString);
goto finish;
}
count = builtinExtensions->getCount();
allPersonalities = OSArray::withCapacity(count * 3);
for (i = 0; i < count; i++) {
OSDictionary * infoDict = NULL; OSString * moduleName = NULL; OSDictionary * personalities; OSString * personalityName;
OSSafeReleaseNULL(personalitiesIterator);
infoDict = OSDynamicCast(OSDictionary,
builtinExtensions->getObject(i));
if (!infoDict) {
continue;
}
moduleName = OSDynamicCast(OSString,
infoDict->getObject(kCFBundleIdentifierKey));
if (!moduleName) {
continue;
}
OSKextLog( NULL,
kOSKextLogStepLevel |
kOSKextLogLoadFlag,
"Adding personalities for built-in driver %s:",
moduleName->getCStringNoCopy());
personalities = OSDynamicCast(OSDictionary,
infoDict->getObject("IOKitPersonalities"));
if (!personalities) {
continue;
}
personalitiesIterator = OSCollectionIterator::withCollection(personalities);
if (!personalitiesIterator) {
continue; }
while ((personalityName = OSDynamicCast(OSString,
personalitiesIterator->getNextObject()))) {
OSDictionary * personality = OSDynamicCast(OSDictionary,
personalities->getObject(personalityName));
OSKextLog( NULL,
kOSKextLogDetailLevel |
kOSKextLogLoadFlag,
"Adding built-in driver personality %s.",
personalityName->getCStringNoCopy());
if (personality && !personality->getObject(kCFBundleIdentifierKey)) {
personality->setObject(kCFBundleIdentifierKey, moduleName);
}
allPersonalities->setObject(personality);
}
}
gIOCatalogue->addDrivers(allPersonalities, false);
finish:
OSSafeRelease(parsedXML);
OSSafeRelease(allPersonalities);
OSSafeRelease(errorString);
OSSafeRelease(personalitiesIterator);
return;
}
#if PRAGMA_MARK
#pragma mark Bootstrap Functions
#endif
static void bootstrapRecordStartupExtensions(void)
{
sBootstrapObject.readStartupExtensions();
return;
}
static void bootstrapLoadSecurityExtensions(void)
{
sBootstrapObject.loadSecurityExtensions();
return;
}