xnu-3248.40.184

Imported from https://opensource.apple.com/tarballs/xnu/xnu-3248.40.184.tar.gz
BonjourHub · Jun 4, 2017 · 147abd9 · 147abd9
1 parent a9751ba
commit 147abd9
Show file tree

Hide file tree

Showing 187 changed files with 7,857 additions and 1,525 deletions.
diff --git a/bsd/bsm/audit_kevents.h b/bsd/bsm/audit_kevents.h
@@ -809,5 +809,7 @@
 #define	AUE_WATCHEVENT		AUE_NULL
 #define	AUE_WORKQOPEN		AUE_NULL
 #define	AUE_WORKQOPS		AUE_NULL
+#define	AUE_PERSONA		AUE_NULL
+#define	AUE_USRCTL		AUE_NULL
 
 #endif /* !_BSM_AUDIT_KEVENTS_H_ */
diff --git a/bsd/conf/files b/bsd/conf/files
@@ -91,6 +91,7 @@ OPTIONS/hfs					optional hfs
 OPTIONS/fdesc				optional fdesc
 OPTIONS/fifo				optional fifo
 OPTIONS/devfs				optional devfs
+OPTIONS/routefs				optional routefs
 OPTIONS/crypto				optional crypto
 OPTIONS/journaling			optional journaling
 OPTIONS/hfs_compression		optional hfs_compression
@@ -187,6 +188,8 @@ bsd/miscfs/mockfs/mockfs_fsnode.c	optional mockfs
 bsd/miscfs/mockfs/mockfs_vfsops.c	optional mockfs
 bsd/miscfs/mockfs/mockfs_vnops.c	optional mockfs
 
+bsd/miscfs/routefs/routefs_ops.c	optional routefs
+
 bsd/kern/decmpfs.c			standard
 
 bsd/net/net_stubs.c			standard
@@ -453,6 +456,7 @@ bsd/kern/kern_fork.c			standard
 bsd/kern/kern_asl.c			standard
 bsd/kern/kern_malloc.c			standard
 bsd/kern/kern_mman.c			standard
+bsd/kern/kern_persona.c			standard
 bsd/kern/kern_physio.c			standard
 bsd/kern/kern_priv.c			standard
 bsd/kern/kern_proc.c			standard
@@ -483,6 +487,7 @@ bsd/kern/sys_pipe.c			standard
 bsd/kern/sys_socket.c			optional sockets
 bsd/kern/sys_domain.c			optional sockets
 bsd/kern/sys_coalition.c		optional config_coalitions
+bsd/kern/sys_persona.c			optional config_personas
 bsd/kern/sys_work_interval.c		standard
 ./syscalls.c				standard
 bsd/kern/tty.c				standard

diff --git a/bsd/hfs/hfs_quota.c b/bsd/hfs/hfs_quota.c
@@ -215,7 +215,7 @@ hfs_chkdq(cp, change, cred, flags)
 
 /*
  * Check for a valid change to a users allocation.
- * Issue an error message if appropriate.
+ * Issue an error message and vfs event if appropriate.
  */
 int
 hfs_chkdqchg(cp, change, cred, type)
@@ -227,7 +227,11 @@ hfs_chkdqchg(cp, change, cred, type)
 	register struct dquot *dq = cp->c_dquot[type];
 	u_int64_t ncurbytes;
 	struct vnode *vp = cp->c_vp ? cp->c_vp : cp->c_rsrc_vp;
-
+
+	fsid_t fsid;
+	fsid.val[0] = VTOHFS(vp)->hfs_raw_dev;
+	fsid.val[1] = vfs_typenum(VTOVFS(vp));
+
 	dqlock(dq);
 
 	ncurbytes = dq->dq_curbytes + change;
@@ -242,6 +246,7 @@ hfs_chkdqchg(cp, change, cred, type)
 			    quotatypes[type]);
 #endif
 			dq->dq_flags |= DQ_BLKS;
+			vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 		}
 		dqunlock(dq);
 
@@ -263,6 +268,7 @@ hfs_chkdqchg(cp, change, cred, type)
 				printf("\nhfs: warning, %s %s\n",
 				    quotatypes[type], "disk quota exceeded");
 #endif
+			vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 			dqunlock(dq);
 
 			return (0);
@@ -276,6 +282,7 @@ hfs_chkdqchg(cp, change, cred, type)
 				    "disk quota exceeded for too long");
 #endif
 				dq->dq_flags |= DQ_BLKS;
+				vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 			}
 			dqunlock(dq);
 
@@ -374,6 +381,10 @@ int hfs_isiqchg_allowed(dq, hfsmp, change, cred, type, uid)
 {
 	u_int32_t ncurinodes;
 
+	fsid_t fsid;
+	fsid.val[0] = hfsmp->hfs_raw_dev;
+	fsid.val[1] = vfs_typenum(HFSTOVFS(hfsmp));
+
 	dqlock(dq);
 
 	ncurinodes = dq->dq_curinodes + change;
@@ -384,6 +395,7 @@ int hfs_isiqchg_allowed(dq, hfsmp, change, cred, type, uid)
 		if ((dq->dq_flags & DQ_INODS) == 0 &&
 		    uid == kauth_cred_getuid(cred)) {
 			dq->dq_flags |= DQ_INODS;
+			vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 		}
 		dqunlock(dq);
 
@@ -399,13 +411,15 @@ int hfs_isiqchg_allowed(dq, hfsmp, change, cred, type, uid)
 		microuptime(&tv);
 		if (dq->dq_curinodes < dq->dq_isoftlimit) {
 			dq->dq_itime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_itime;
+			vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 			dqunlock(dq);
 			return (0);
 		}
 		if (tv.tv_sec > (time_t)dq->dq_itime) {
 			if (((dq->dq_flags & DQ_INODS) == 0) &&
 			    (uid == kauth_cred_getuid(cred))) {
 				dq->dq_flags |= DQ_INODS;
+				vfs_event_signal(&fsid, VQ_QUOTA, (intptr_t)NULL);
 			}
 			dqunlock(dq);
 

diff --git a/bsd/kern/bsd_init.c b/bsd/kern/bsd_init.c
@@ -546,6 +546,10 @@ bsd_init(void)
 	LIST_INSERT_HEAD(SESSHASH(0), &session0, s_hash);
 	proc_list_unlock();
 
+#if CONFIG_PERSONAS
+	kernproc->p_persona = NULL;
+#endif
+
 	kernproc->task = kernel_task;
 
 	kernproc->p_stat = SRUN;

diff --git a/bsd/kern/kdebug.c b/bsd/kern/kdebug.c
@@ -991,12 +991,12 @@ kernel_debug_enter(
 				need_kds_wakeup = TRUE;
 			}
 			lck_spin_unlock(kdw_spin_lock);
-
-			ml_set_interrupts_enabled(s);
-
-			if (need_kds_wakeup == TRUE)
-				wakeup(&kds_waiter);
 		}
+
+		ml_set_interrupts_enabled(s);
+
+		if (need_kds_wakeup == TRUE)
+			wakeup(&kds_waiter);
 	}
 }
 

diff --git a/bsd/kern/kern_credential.c b/bsd/kern/kern_credential.c
@@ -2073,14 +2073,66 @@ static int	kauth_cred_cache_lookup(int from, int to, void *src, void *dst);
 
 #if CONFIG_EXT_RESOLVER == 0
 /*
- * If there's no resolver, short-circuit the kauth_cred_x2y() lookups.
+ * If there's no resolver, only support a subset of the kauth_cred_x2y() lookups.
  */
 static __inline int
-kauth_cred_cache_lookup(__unused int from, __unused int to,
-	__unused void *src, __unused void *dst)
+kauth_cred_cache_lookup(int from, int to, void *src, void *dst)
 {
-	return (EWOULDBLOCK);
-
+	/* NB: These must match the definitions used by Libinfo's mbr_identifier_translate(). */
+	static const uuid_t _user_compat_prefix = {0xff, 0xff, 0xee, 0xee, 0xdd, 0xdd, 0xcc, 0xcc, 0xbb, 0xbb, 0xaa, 0xaa, 0x00, 0x00, 0x00, 0x00};
+	static const uuid_t _group_compat_prefix = {0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00};
+#define COMPAT_PREFIX_LEN	(sizeof(uuid_t) - sizeof(id_t))
+
+	assert(from != to);
+
+	switch (from) {
+	case KI_VALID_UID: {
+		id_t uid = htonl(*(id_t *)src);
+
+		if (to == KI_VALID_GUID) {
+			uint8_t *uu = dst;
+			memcpy(uu, _user_compat_prefix, sizeof(_user_compat_prefix));
+			memcpy(&uu[COMPAT_PREFIX_LEN], &uid, sizeof(uid));
+			return (0);
+		}
+		break;
+	}
+	case KI_VALID_GID: {
+		id_t gid = htonl(*(id_t *)src);
+
+		if (to == KI_VALID_GUID) {
+			uint8_t *uu = dst;
+			memcpy(uu, _group_compat_prefix, sizeof(_group_compat_prefix));
+			memcpy(&uu[COMPAT_PREFIX_LEN], &gid, sizeof(gid));
+			return (0);
+		}
+		break;
+	}
+	case KI_VALID_GUID: {
+		const uint8_t *uu = src;
+
+		if (to == KI_VALID_UID) {
+			if (memcmp(uu, _user_compat_prefix, COMPAT_PREFIX_LEN) == 0) {
+				id_t uid;
+				memcpy(&uid, &uu[COMPAT_PREFIX_LEN], sizeof(uid));
+				*(id_t *)dst = ntohl(uid);
+				return (0);
+			}
+		} else if (to == KI_VALID_GID) {
+			if (memcmp(uu, _group_compat_prefix, COMPAT_PREFIX_LEN) == 0) {
+				id_t gid;
+				memcpy(&gid, &uu[COMPAT_PREFIX_LEN], sizeof(gid));
+				*(id_t *)dst = ntohl(gid);
+				return (0);
+			}
+		}
+		break;
+	}
+	default:
+		/* NOT IMPLEMENTED */
+		break;
+	}
+	return (ENOENT);
 }
 #endif
 
@@ -3159,11 +3211,11 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 		*resultp = 1;
 		break;
 	default:
-#if CONFIG_EXT_RESOLVER
 	{
-		struct kauth_identity ki;
 		gid_t gid;
-#if 6603280
+#if CONFIG_EXT_RESOLVER
+		struct kauth_identity ki;
+
 		/*
 		 * Grovel the identity cache looking for this GUID.
 		 * If we find it, and it is for a user record, return
@@ -3190,7 +3242,7 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 				return (0);
 			}
 		}
-#endif /* 6603280 */
+#endif /* CONFIG_EXT_RESOLVER */
 		/*
 		 * Attempt to translate the GUID to a GID.  Even if
 		 * this fails, we will have primed the cache if it is
@@ -3207,13 +3259,12 @@ kauth_cred_ismember_guid(__unused kauth_cred_t cred, guid_t *guidp, int *resultp
 				error = 0;
 			}
 		} else {
+#if CONFIG_EXT_RESOLVER
  do_check:
+#endif /* CONFIG_EXT_RESOLVER */
 			error = kauth_cred_ismember_gid(cred, gid, resultp);
 		}
 	}
-#else	/* CONFIG_EXT_RESOLVER */
-		error = ENOENT;
-#endif	/* CONFIG_EXT_RESOLVER */
 		break;
 	}
 	return(error);

diff --git a/bsd/kern/kern_cs.c b/bsd/kern/kern_cs.c
@@ -175,6 +175,10 @@ cs_allow_invalid(struct proc *p)
 			    p->p_pid);
 	proc_lock(p);
 	p->p_csflags &= ~(CS_KILL | CS_HARD);
+	if (p->p_csflags & CS_VALID)
+	{
+		p->p_csflags |= CS_DEBUGGED;
+	}
 	proc_unlock(p);
 	vm_map_switch_protect(get_task_map(p->task), FALSE);
 #endif

diff --git a/bsd/kern/kern_csr.c b/bsd/kern/kern_csr.c
@@ -2,7 +2,7 @@
  * Copyright (c) 2014 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
- * 
+ *
  * This file contains Original Code and/or Modifications of Original Code
  * as defined in and that are subject to the Apple Public Source License
  * Version 2.0 (the 'License'). You may not use this file except in
@@ -11,18 +11,18 @@
  * unlawful or unlicensed copies of an Apple operating system, or to
  * circumvent, violate, or enable the circumvention or violation of, any
  * terms of an Apple operating system software license agreement.
- * 
+ *
  * Please obtain a copy of the License at
  * http://www.opensource.apple.com/apsl/ and read it before using this file.
- * 
+ *
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  * Please see the License for the specific language governing rights and
  * limitations under the License.
- * 
+ *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  */
 
@@ -85,12 +85,6 @@ csr_check(csr_config_t mask)
 	return error;
 }
 
-void
-csr_set_allow_all(int value)
-{
-	csr_allow_all = !!value; // force value to 0 or 1
-}
-
 /*
  * Syscall stubs
  */

diff --git a/bsd/kern/kern_descrip.c b/bsd/kern/kern_descrip.c
@@ -2377,10 +2377,7 @@ fcntl_nocancel(proc_t p, struct fcntl_nocancel_args *uap, int32_t *retval)
 			}
 		}
 
-		const CS_SuperBlob *super_blob = (void *)t_blob->csb_mem_kaddr;
-		const CS_CodeDirectory *cd = findCodeDirectory(super_blob,
-	 						 (const char *) super_blob,
-							 (const char *) super_blob + t_blob->csb_mem_size);
+		const CS_CodeDirectory *cd = t_blob->csb_cd;
 		if (cd == NULL) {
 			error = ENOENT;
 			goto outdrop;

diff --git a/bsd/kern/kern_event.c b/bsd/kern/kern_event.c
@@ -906,6 +906,7 @@ filt_timerattach(struct knote *kn)
 	error = filt_timervalidate(kn);
 	if (error != 0) {
 		filt_timerunlock();
+		thread_call_free(callout);
 		return (error);
 	}
 
@@ -1651,7 +1652,7 @@ kevent_internal(struct proc *p,
 	struct kqueue *kq;
 	struct fileproc *fp = NULL;
 	struct kevent_internal_s kev;
-	int error, noutputs;
+	int error = 0, noutputs;
 	struct timeval atv;
 
 #if 1