xnu-3789.60.24

Imported from https://opensource.apple.com/tarballs/xnu/xnu-3789.60.24.tar.gz

bsd/conf/files

@@ -151,6 +151,7 @@ bsd/libkern/skpc.c			standard
 bsd/libkern/strsep.c			standard
 bsd/libkern/bcd.c			standard
 bsd/libkern/memchr.c			standard
+bsd/libkern/url_encode.c		standard
 
 bsd/vfs/vfs_attrlist.c			standard
 bsd/vfs/vfs_bio.c			standard

bsd/kern/imageboot.c

@@ -872,11 +872,20 @@ imageboot_setup_new()
 #endif
 
 	if (auth_root) {
-		const char *path = root_path;
+		/* Copy the path to use locally */
+		char *path_alloc = kalloc(MAXPATHLEN);
+		if (path_alloc == NULL) {
+			panic("imageboot path allocation failed\n");
+		}
+
+		char *path = path_alloc;
+		strlcpy(path, root_path, MAXPATHLEN);
+
 		size_t len = strlen(kIBFilePrefix);
 		if (strncmp(kIBFilePrefix, path, len) == 0) {
-			/* remove the file:// prefix */
+			/* its a URL - remove the file:// prefix and percent-decode */
 			path += len;
+			url_decode(path);
 		}
 
 		AUTHDBG("authenticating root image at %s", path);
@@ -885,6 +894,8 @@ imageboot_setup_new()
 			panic("root image authentication failed (err = %d)\n", error);
 		}
 		AUTHDBG("successfully authenticated %s", path);
+
+		kfree_safe(path_alloc);
 	}
 
 	error = imageboot_mount_image(root_path, height);

bsd/kern/kern_descrip.c

@@ -2547,7 +2547,7 @@ fcntl_nocancel(proc_t p, struct fcntl_nocancel_args *uap, int32_t *retval)
 
 		if ( (error = vnode_getwithref(vp)) == 0 ) {
 #define STK_PARAMS 128
-			char stkbuf[STK_PARAMS];
+			char stkbuf[STK_PARAMS] = {0};
 			unsigned int size;
 			caddr_t data, memp;
 			/*

bsd/kern/kern_ktrace.c

@@ -135,19 +135,9 @@ static void ktrace_set_invalid_owning_pid(void);
  */
 int ktrace_root_set_owner_allowed = 0;
 
-void
-ktrace_reset(uint32_t reset_mask)
+static void
+ktrace_reset_internal(uint32_t reset_mask)
 {
-	lck_mtx_assert(ktrace_lock, LCK_MTX_ASSERT_OWNED);
-	assert(reset_mask != 0);
-
-	if (ktrace_active_mask == 0) {
-		if (!ktrace_keep_ownership_on_reset) {
-			assert(ktrace_state == KTRACE_STATE_OFF);
-		}
-		return;
-	}
-
 	if (!ktrace_keep_ownership_on_reset) {
 		ktrace_active_mask &= ~reset_mask;
 	}
@@ -172,6 +162,21 @@ ktrace_reset(uint32_t reset_mask)
 	}
 }
 
+void
+ktrace_reset(uint32_t reset_mask)
+{
+	lck_mtx_assert(ktrace_lock, LCK_MTX_ASSERT_OWNED);
+
+	if (ktrace_active_mask == 0) {
+		if (!ktrace_keep_ownership_on_reset) {
+			assert(ktrace_state == KTRACE_STATE_OFF);
+		}
+		return;
+	}
+
+	ktrace_reset_internal(reset_mask);
+}
+
 static void
 ktrace_promote_background(void)
 {
@@ -365,7 +370,7 @@ ktrace_set_invalid_owning_pid(void)
 {
 	if (ktrace_keep_ownership_on_reset) {
 		ktrace_keep_ownership_on_reset = FALSE;
-		ktrace_reset(ktrace_active_mask);
+		ktrace_reset_internal(ktrace_active_mask);
 	}
 }
 

bsd/kern/kern_memorystatus.c

@@ -635,6 +635,14 @@ unsigned int memorystatus_frozen_count = 0;
 unsigned int memorystatus_suspended_count = 0;
 unsigned int memorystatus_policy_more_free_offset_pages = 0;
 
+#if CONFIG_JETSAM
+#if DEVELOPMENT || DEBUG
+SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages, CTLFLAG_RD | CTLFLAG_LOCKED, &memorystatus_available_pages, 0, "");
+#else
+SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages, CTLFLAG_RD| CTLFLAG_MASKED | CTLFLAG_LOCKED, &memorystatus_available_pages, 0, "");
+#endif /* DEVELOPMENT || DEBUG */
+#endif /* CONFIG_JETSAM */
+
 /*
  * We use this flag to signal if we have any HWM offenders
  * on the system. This way we can reduce the number of wakeups
@@ -983,7 +991,6 @@ SYSCTL_PROC(_kern, OID_AUTO, memorystatus_vm_pressure_send, CTLTYPE_QUAD|CTLFLAG
 
 SYSCTL_INT(_kern, OID_AUTO, memorystatus_idle_snapshot, CTLFLAG_RW|CTLFLAG_LOCKED, &memorystatus_idle_snapshot, 0, "");
 
-SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages, CTLFLAG_RD|CTLFLAG_LOCKED, &memorystatus_available_pages, 0, "");
 SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages_critical, CTLFLAG_RD|CTLFLAG_LOCKED, &memorystatus_available_pages_critical, 0, "");
 SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages_critical_base, CTLFLAG_RW|CTLFLAG_LOCKED, &memorystatus_available_pages_critical_base, 0, "");
 SYSCTL_UINT(_kern, OID_AUTO, memorystatus_available_pages_critical_idle_offset, CTLFLAG_RW|CTLFLAG_LOCKED, &memorystatus_available_pages_critical_idle_offset, 0, "");

bsd/kern/kern_symfile.c

@@ -251,7 +251,7 @@ kern_open_file_for_direct_io(const char * name,
 
     bzero(ref, sizeof(*ref));
     p = kernproc;
-    ref->ctx = vfs_context_create(vfs_context_kernel());
+    ref->ctx = vfs_context_kernel();
 
     fmode  = (create_file) ? (O_CREAT | FWRITE) : FWRITE;
     cmode =  S_IRUSR | S_IWUSR;
@@ -261,7 +261,10 @@ kern_open_file_for_direct_io(const char * name,
     VATTR_SET(&va, va_mode, cmode);
     VATTR_SET(&va, va_dataprotect_flags, VA_DP_RAWENCRYPTED);
     VATTR_SET(&va, va_dataprotect_class, PROTECTION_CLASS_D);
-    if ((error = vn_open_auth(&nd, &fmode, &va))) goto out;
+    if ((error = vn_open_auth(&nd, &fmode, &va))) {
+	kprintf("vn_open_auth(fmode: %d, cmode: %d) failed with error: %d\n", fmode, cmode, error);
+	goto out;
+    }
 
     ref->vp = nd.ni_vp;
     if (ref->vp->v_type == VREG)
@@ -273,7 +276,10 @@ kern_open_file_for_direct_io(const char * name,
 
     if (write_file_addr && write_file_len)
     {
-	if ((error = kern_write_file(ref, write_file_offset, write_file_addr, write_file_len, 0))) goto out;
+	if ((error = kern_write_file(ref, write_file_offset, write_file_addr, write_file_len, IO_SKIP_ENCRYPTION))) {
+		kprintf("kern_write_file() failed with error: %d\n", error);
+		goto out;
+	}
     }
 
     VATTR_INIT(&va);
@@ -508,13 +514,13 @@ kern_open_file_for_direct_io(const char * name,
     {
         vnode_close(ref->vp, FWRITE, ref->ctx);
         ref->vp = NULLVP;
-	vfs_context_rele(ref->ctx);
 	ref->ctx = NULL;
     }
 
 out:
     printf("kern_open_file_for_direct_io(%p, %d)\n", ref, error);
 
+
     if (error && locked)
     {
         p1 = &device;
@@ -529,7 +535,7 @@ kern_open_file_for_direct_io(const char * name,
 	    vnode_close(ref->vp, FWRITE, ref->ctx);
 	    ref->vp = NULLVP;
 	}
-	vfs_context_rele(ref->ctx);
+	ref->ctx = NULL;
 	kfree(ref, sizeof(struct kern_direct_file_io_ref_t));
 	ref = NULL;
     }
@@ -612,18 +618,17 @@ kern_close_file_for_direct_io(struct kern_direct_file_io_ref_t * ref,
 
         if (addr && write_length)
         {
-            (void) kern_write_file(ref, write_offset, addr, write_length, 0);
+            (void) kern_write_file(ref, write_offset, addr, write_length, IO_SKIP_ENCRYPTION);
         }
 
         error = vnode_close(ref->vp, FWRITE, ref->ctx);
 
         ref->vp = NULLVP;
         kprintf("vnode_close(%d)\n", error);
+
     }
-    if (ref->ctx)
-    {
-	vfs_context_rele(ref->ctx);
-	ref->ctx = NULL;
-    }
+
+    ref->ctx = NULL;
+
     kfree(ref, sizeof(struct kern_direct_file_io_ref_t));
 }

bsd/kern/uipc_usrreq.c

@@ -1892,13 +1892,13 @@ unp_externalize(struct mbuf *rights)
 	struct fileglob **rp = (struct fileglob **)(cm + 1);
 	int *fds = (int *)(cm + 1);
 	struct fileproc *fp;
-	struct fileglob **fgl;
+	struct fileproc **fileproc_l;
 	int newfds = (cm->cmsg_len - sizeof (*cm)) / sizeof (int);
 	int f, error = 0;
 
-	MALLOC(fgl, struct fileglob **, newfds * sizeof (struct fileglob *),
-		M_TEMP, M_WAITOK);
-	if (fgl == NULL) {
+	MALLOC(fileproc_l, struct fileproc **,
+	    newfds * sizeof (struct fileproc *), M_TEMP, M_WAITOK);
+	if (fileproc_l == NULL) {
 		error = ENOMEM;
 		goto discard;
 	}
@@ -1942,27 +1942,40 @@ unp_externalize(struct mbuf *rights)
 			panic("unp_externalize: MALLOC_ZONE");
 		fp->f_iocount = 0;
 		fp->f_fglob = rp[i];
-		if (fg_removeuipc_mark(rp[i]))
-			fgl[i] = rp[i];
-		else
-			fgl[i] = NULL;
+		if (fg_removeuipc_mark(rp[i])) {
+
+			/*
+			 * Take an iocount on the fp for completing the
+			 * removal from the global msg queue
+			 */
+			fp->f_iocount++;
+			fileproc_l[i] = fp;
+		} else {
+			fileproc_l[i] = NULL;
+		}
 		procfdtbl_releasefd(p, f, fp);
 		fds[i] = f;
 	}
 	proc_fdunlock(p);
 
 	for (i = 0; i < newfds; i++) {
-		if (fgl[i] != NULL) {
-			VERIFY(fgl[i]->fg_lflags & FG_RMMSGQ);
-			fg_removeuipc(fgl[i]);
+		if (fileproc_l[i] != NULL) {
+			VERIFY(fileproc_l[i]->f_fglob != NULL &&
+			    (fileproc_l[i]->f_fglob->fg_lflags & FG_RMMSGQ));
+			VERIFY(fds[i] > 0);
+			fg_removeuipc(fileproc_l[i]->f_fglob);
+
+			/* Drop the iocount */
+			fp_drop(p, fds[i], fileproc_l[i], 0);
+			fileproc_l[i] = NULL;
 		}
-		if (fds[i])
+		if (fds[i] != 0)
 			(void) OSAddAtomic(-1, &unp_rights);
 	}
 
 discard:
-	if (fgl)
-		FREE(fgl, M_TEMP);
+	if (fileproc_l != NULL)
+		FREE(fileproc_l, M_TEMP);
 	if (error) {
 		for (i = 0; i < newfds; i++) {
 			unp_discard(*rp, p);

bsd/libkern/libkern.h

@@ -149,6 +149,7 @@ extern quad_t	strtoq(const char *, char **, int);
 extern u_quad_t strtouq(const char *, char **, int);
 extern char	*strsep(char **, const char *);
 extern void	*memchr(const void *, int, size_t);
+extern void	url_decode(char *str);
 
 int	snprintf(char *, size_t, const char *, ...) __printflike(3,4);
 

bsd/libkern/url_encode.c

@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016 Apple Inc. All rights reserved.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
+ */
+
+#include <libkern/libkern.h>
+
+static int
+hex2int(int c)
+{
+	if (c >= '0' && c <= '9') {
+		return c - '0';
+	} else if (c >= 'A' && c <= 'F') {
+		return c - 'A' + 10;
+	} else if (c >= 'a' && c <= 'f') {
+		return c - 'a' + 10;
+	}
+	return 0;
+}
+
+static bool
+isprint(int ch)
+{
+	return ch >= 0x20 && ch <= 0x7e;
+}
+
+/*
+ * In-place decode of URL percent-encoded str
+ */
+void
+url_decode(char *str)
+{
+	if (!str) {
+		return;
+	}
+
+	while (*str) {
+		if (*str == '%') {
+			char c = 0;
+			char *esc = str++; /* remember the start of the escape sequence */
+
+			if (*str) {
+				c += hex2int(*str++);
+			}
+			if (*str) {
+				c = (c << 4) + hex2int(*str++);
+			}
+
+			if (isprint(c)) {
+				/* overwrite the '%' with the new char, and bump the rest of the
+				 * string down a few characters */
+				*esc++ = c;
+				str = memmove(esc, str, strlen(str)+1);
+			} else {
+				str++;
+			}
+
+		} else {
+			str++;
+		}
+	}
+}