xnu-1228.7.58

Imported from https://opensource.apple.com/tarballs/xnu/xnu-1228.7.58.tar.gz
yeshuibo · Jun 4, 2017 · e6b06a0 · e6b06a0
1 parent 4cdcc33
commit e6b06a0
Show file tree

Hide file tree

Showing 47 changed files with 553 additions and 424 deletions.
diff --git a/bsd/dev/dtrace/dtrace.c b/bsd/dev/dtrace/dtrace.c
@@ -1071,6 +1071,21 @@ dtrace_priv_proc(dtrace_state_t *state)
 	return (0);
 }
 
+#if defined(__APPLE__)
+/* dtrace_priv_proc() omitting the P_LNOATTACH check. For PID and EXECNAME accesses. */
+static int
+dtrace_priv_proc_relaxed(dtrace_state_t *state)
+{
+
+	if (state->dts_cred.dcr_action & DTRACE_CRA_PROC)
+		return (1);
+
+	cpu_core[CPU->cpu_id].cpuc_dtrace_flags |= CPU_DTRACE_UPRIV;
+
+	return (0);
+}
+#endif /* __APPLE__ */
+
 static int
 dtrace_priv_kernel(dtrace_state_t *state)
 {
@@ -2709,7 +2724,7 @@ dtrace_dif_variable(dtrace_mstate_t *mstate, dtrace_state_t *state, uint64_t v,
 
 #else
 	case DIF_VAR_PID:
-		if (!dtrace_priv_proc(state))
+		if (!dtrace_priv_proc_relaxed(state))
 			return (0);
 
 		/*
@@ -2738,7 +2753,7 @@ dtrace_dif_variable(dtrace_mstate_t *mstate, dtrace_state_t *state, uint64_t v,
 		return ((uint64_t)curthread->t_procp->p_ppid);
 #else
 	case DIF_VAR_PPID:
-		if (!dtrace_priv_proc(state))
+		if (!dtrace_priv_proc_relaxed(state))
 			return (0);
 
 		/*
@@ -2800,7 +2815,7 @@ dtrace_dif_variable(dtrace_mstate_t *mstate, dtrace_state_t *state, uint64_t v,
 		    mstate->dtms_scratch_base + mstate->dtms_scratch_size)
 			return 0;
 
-		if (!dtrace_priv_proc(state))
+		if (!dtrace_priv_proc_relaxed(state))
 			return (0);
 
 		mstate->dtms_scratch_ptr += scratch_size;

diff --git a/bsd/hfs/hfs_btreeio.c b/bsd/hfs/hfs_btreeio.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
@@ -76,6 +76,16 @@ OSStatus GetBTreeBlock(FileReference vp, u_int32_t blockNum, GetBlockOptions opt
 {
     OSStatus	 retval = E_NONE;
     struct buf   *bp = NULL;
+	u_int8_t     allow_empty_node;	  
+
+	/* If the btree block is being read using hint, it is 
+	 * fine for the swap code to find zeroed out nodes. 
+	 */
+	if (options & kGetBlockHint) {
+			allow_empty_node = true;
+	} else {
+			allow_empty_node = false;
+	}
 
     if (options & kGetEmptyBlock) {
         daddr64_t blkno;
@@ -115,21 +125,21 @@ OSStatus GetBTreeBlock(FileReference vp, u_int32_t blockNum, GetBlockOptions opt
                  * size once the B-tree control block is set up with the node size
                  * from the header record.
                  */
-                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeHeaderRecordOnly);
+                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeHeaderRecordOnly, allow_empty_node);
 
 			} else if (block->blockReadFromDisk) {
             	/*
             	 * The node was just read from disk, so always swap/check it.
             	 * This is necessary on big endian since the test below won't trigger.
             	 */
-                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeBigToHost);
+                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeBigToHost, allow_empty_node);
             } else if (*((u_int16_t *)((char *)block->buffer + (block->blockSize - sizeof (u_int16_t)))) == 0x0e00) {
 				/*
 				 * The node was left in the cache in non-native order, so swap it.
 				 * This only happens on little endian, after the node is written
 				 * back to disk.
 				 */
-                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeBigToHost);
+                retval = hfs_swap_BTNode (block, vp, kSwapBTNodeBigToHost, allow_empty_node);
             }
 
     		/*
@@ -191,8 +201,11 @@ btree_swap_node(struct buf *bp, __unused void *arg)
     block.blockReadFromDisk = (buf_fromcache(bp) == 0);
     block.blockSize = buf_count(bp);
 
-    // swap the data now that this node is ready to go to disk
-    retval = hfs_swap_BTNode (&block, vp, kSwapBTNodeHostToBig);
+    /* Swap the data now that this node is ready to go to disk.
+     * We allow swapping of zeroed out nodes here because we might
+     * be writing node whose last record just got deleted.
+     */
+    retval = hfs_swap_BTNode (&block, vp, kSwapBTNodeHostToBig, true);
     if (retval)
     	panic("btree_swap_node: about to write corrupt node!\n");
 }

diff --git a/bsd/hfs/hfs_catalog.c b/bsd/hfs/hfs_catalog.c
@@ -286,11 +286,11 @@ cat_releasedesc(struct cat_desc *descp)
 
 /*
  * These Catalog functions allow access to the HFS Catalog (database).
- * The catalog b-tree lock must be aquired before calling any of these routines.
+ * The catalog b-tree lock must be acquired before calling any of these routines.
  */
 
 /*
- * cat_lookup - lookup a catalog node using a cnode decriptor
+ * cat_lookup - lookup a catalog node using a cnode descriptor
  *
  * Note: The caller is responsible for releasing the output
  * catalog descriptor (when supplied outdescp is non-null).

diff --git a/bsd/hfs/hfs_cnode.c b/bsd/hfs/hfs_cnode.c
@@ -127,8 +127,10 @@ hfs_vnop_inactive(struct vnop_inactive_args *ap)
 	 */
 	if (v_type == VDIR) {
 		hfs_reldirhints(cp, 0);
-		if (cp->c_flag & C_HARDLINK)
-			hfs_relorigins(cp);
+	}		
+
+	if (cp->c_flag & C_HARDLINK) {
+		hfs_relorigins(cp);
 	}
 
 	if (cp->c_datafork)
@@ -472,6 +474,10 @@ hfs_vnop_reclaim(struct vnop_reclaim_args *ap)
 		if (vnode_isdir(vp)) {
 			hfs_reldirhints(cp, 0);
 		}
+
+		if (cp->c_flag & C_HARDLINK) {
+			hfs_relorigins(cp);
+		}
 	}
 	/* Release the file fork and related data */
 	if (fp) {

diff --git a/bsd/hfs/hfs_cnode.h b/bsd/hfs/hfs_cnode.h
@@ -91,7 +91,7 @@ struct linkorigin {
 typedef struct linkorigin linkorigin_t;
 
 #define MAX_CACHED_ORIGINS  10
-
+#define MAX_CACHED_FILE_ORIGINS 8
 
 /*
  * The cnode is used to represent each active (or recently active)

diff --git a/bsd/hfs/hfs_endian.c b/bsd/hfs/hfs_endian.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
@@ -83,7 +83,8 @@ int
 hfs_swap_BTNode (
     BlockDescriptor *src,
     vnode_t vp,
-    enum HFSBTSwapDirection direction
+    enum HFSBTSwapDirection direction,
+    u_int8_t allow_empty_node
 )
 {
     BTNodeDescriptor *srcDesc = src->buffer;
@@ -177,9 +178,13 @@ hfs_swap_BTNode (
              * Sanity check: must be even, and within the node itself.
              *
              * We may be called to swap an unused node, which contains all zeroes.
-             * This is why we allow the record offset to be zero.
+			 * Unused nodes are expected only when allow_empty_node is true.
+			 * If it is false and record offset is zero, return error.
              */
-            if ((srcOffs[i] & 1) || (srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || (srcOffs[i] >= src->blockSize)) {
+            if ((srcOffs[i] & 1) || (
+			    (allow_empty_node == false) && (srcOffs[i] == 0)) ||
+				(srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || 
+				(srcOffs[i] >= src->blockSize)) { 
             	printf("hfs_swap_BTNode: record #%d invalid offset (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
             	error = fsBTInvalidHeaderErr;
             	goto fail;
@@ -306,9 +311,15 @@ hfs_swap_BTNode (
              * Sanity check: must be even, and within the node itself.
              *
              * We may be called to swap an unused node, which contains all zeroes.
+	    	 * This can happen when the last record from a node gets deleted.
              * This is why we allow the record offset to be zero.
+	     	 * Unused nodes are expected only when allow_empty_node is true 
+	     	 * (the caller should set it to true for kSwapBTNodeBigToHost). 
              */
-            if ((srcOffs[i] & 1) || (srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || (srcOffs[i] >= src->blockSize)) {
+            if ((srcOffs[i] & 1) || 
+			    ((allow_empty_node == false) && (srcOffs[i] == 0)) ||
+				(srcOffs[i] < sizeof(BTNodeDescriptor) && srcOffs[i] != 0) || 
+				(srcOffs[i] >= src->blockSize)) {
             	panic("hfs_UNswap_BTNode: record #%d invalid offset (0x%04X)\n", srcDesc->numRecords-i-1, srcOffs[i]);
             	error = fsBTInvalidHeaderErr;
             	goto fail;

diff --git a/bsd/hfs/hfs_endian.h b/bsd/hfs/hfs_endian.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000, 2002-2003, 2005-2008 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
@@ -93,7 +93,8 @@ enum HFSBTSwapDirection {
 	kSwapBTNodeHeaderRecordOnly	=	3
 };
 
-int  hfs_swap_BTNode (BlockDescriptor *src, vnode_t vp, enum HFSBTSwapDirection direction);
+int  hfs_swap_BTNode (BlockDescriptor *src, vnode_t vp, enum HFSBTSwapDirection direction, 
+	u_int8_t allow_empty_node);
 
 #ifdef __cplusplus
 }

diff --git a/bsd/hfs/hfs_link.c b/bsd/hfs/hfs_link.c
@@ -677,12 +677,10 @@ hfs_unlink(struct hfsmount *hfsmp, struct vnode *dvp, struct vnode *vp, struct c
 		goto out;
 	}
 
-	/* Purge any cached origin entries for a directory hard link. */
-	if (cndesc.cd_flags & CD_ISDIR) {
-		hfs_relorigin(cp, dcp->c_fileid);
-		if (dcp->c_fileid != dcp->c_cnid) {
-			hfs_relorigin(cp, dcp->c_cnid);
-		}
+	/* Purge any cached origin entries for a directory or file hard link. */
+	hfs_relorigin(cp, dcp->c_fileid);
+	if (dcp->c_fileid != dcp->c_cnid) {
+		hfs_relorigin(cp, dcp->c_cnid);
 	}
 
 	/* Delete the link record. */
@@ -996,7 +994,7 @@ hfs_lookuplink(struct hfsmount *hfsmp, cnid_t linkfileid, cnid_t *prevlinkid,  c
 }
 
 /*
- * Cache the orgin of a directory hard link
+ * Cache the origin of a directory or file hard link
  *
  * cnode must be lock on entry
  */
@@ -1007,6 +1005,7 @@ hfs_savelinkorigin(cnode_t *cp, cnid_t parentcnid)
 	linkorigin_t *origin = NULL;
 	void * thread = current_thread();
 	int count = 0;
+	int maxorigins = (S_ISDIR(cp->c_mode)) ? MAX_CACHED_ORIGINS : MAX_CACHED_FILE_ORIGINS;
 
 	/*
 	 *  Look for an existing origin first.  If not found, create/steal one.
@@ -1020,7 +1019,7 @@ hfs_savelinkorigin(cnode_t *cp, cnid_t parentcnid)
 	}
 	if (origin == NULL) {
 		/* Recycle the last (i.e., the oldest) if we have too many. */
-		if (count > MAX_CACHED_ORIGINS) {
+		if (count > maxorigins) {
 			origin = TAILQ_LAST(&cp->c_originlist, hfs_originhead);
 			TAILQ_REMOVE(&cp->c_originlist, origin, lo_link);
 		} else {
@@ -1034,7 +1033,7 @@ hfs_savelinkorigin(cnode_t *cp, cnid_t parentcnid)
 }
 
 /*
- * Release any cached origins for a directory hard link
+ * Release any cached origins for a directory or file hard link
  *
  * cnode must be lock on entry
  */
@@ -1051,7 +1050,7 @@ hfs_relorigins(struct cnode *cp)
 }
 
 /*
- * Release a specific origin for a directory hard link
+ * Release a specific origin for a directory or file hard link
  *
  * cnode must be lock on entry
  */
@@ -1073,7 +1072,7 @@ hfs_relorigin(struct cnode *cp, cnid_t parentcnid)
 }
 
 /*
- * Test if a directory hard link has a cached origin
+ * Test if a directory or file hard link has a cached origin
  *
  * cnode must be lock on entry
  */
@@ -1095,7 +1094,7 @@ hfs_haslinkorigin(cnode_t *cp)
 }
 
 /*
- * Obtain the current parent cnid of a directory hard link
+ * Obtain the current parent cnid of a directory or file hard link
  *
  * cnode must be lock on entry
  */
@@ -1117,7 +1116,7 @@ hfs_currentparent(cnode_t *cp)
 }
 
 /*
- * Obtain the current cnid of a directory hard link
+ * Obtain the current cnid of a directory or file hard link
  *
  * cnode must be lock on entry
  */

diff --git a/bsd/hfs/hfs_lookup.c b/bsd/hfs/hfs_lookup.c
@@ -360,9 +360,15 @@ hfs_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp, int
 			}
 			goto exit;
 		}
-
-		/* Save the origin info of a directory link for future ".." requests. */
-		if (S_ISDIR(attr.ca_mode) && (attr.ca_recflags & kHFSHasLinkChainMask)) {
+
+		/* 
+		 * Save the origin info for file and directory hardlinks.  Directory hardlinks 
+		 * need the origin for '..' lookups, and file hardlinks need it to ensure that 
+		 * competing lookups do not cause us to vend different hardlinks than the ones requested.
+		 * We want to restrict saving the cache entries to LOOKUP namei operations, since
+		 * we're really doing this to protect getattr.
+		 */
+		if ((cnp->cn_nameiop == LOOKUP) && (VTOC(tvp)->c_flag & C_HARDLINK)) {
 			hfs_savelinkorigin(VTOC(tvp), VTOC(dvp)->c_fileid);
 		}
 		*cnode_locked = 1;
@@ -479,6 +485,14 @@ hfs_vnop_lookup(struct vnop_lookup_args *ap)
 				replace_desc(cp, &desc);
 			hfs_systemfile_unlock(VTOHFS(dvp), lockflags);
 		}
+
+		/* Save the lookup result in the origin list for future lookups, but
+		 * only if it was through a LOOKUP nameiop
+		 */
+		if (cnp->cn_nameiop == LOOKUP) {
+			hfs_savelinkorigin(cp, dcp->c_fileid);
+		}	   
+
 		hfs_unlock(cp);
 	}
 #if NAMEDRSRCFORK

diff --git a/bsd/hfs/hfs_readwrite.c b/bsd/hfs/hfs_readwrite.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2008 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
@@ -80,6 +80,8 @@ enum {
 
 /* from bsd/vfs/vfs_cluster.c */
 extern int is_file_clean(vnode_t vp, off_t filesize);
+/* from bsd/hfs/hfs_vfsops.c */
+extern int hfs_vfs_vget(struct mount *mp, ino64_t ino, struct vnode **vpp, vfs_context_t context);
 
 static int  hfs_clonelink(struct vnode *, int, kauth_cred_t, struct proc *);
 static int  hfs_clonefile(struct vnode *, int, int, int);
@@ -1328,7 +1330,11 @@ hfs_vnop_ioctl( struct vnop_ioctl_args /* {
 		bufptr = (char *)ap->a_data;
 		cnid = strtoul(bufptr, NULL, 10);
 
-		if ((error = hfs_vget(hfsmp, cnid, &file_vp, 1))) {
+		/* We need to call hfs_vfs_vget to leverage the code that will fix the
+		 * origin list for us if needed, as opposed to calling hfs_vget, since
+		 * we will need it for the subsequent build_path call.  
+		 */
+		if ((error = hfs_vfs_vget(HFSTOVFS(hfsmp), cnid, &file_vp, context))) {
 			return (error);
 		}
 		error = build_path(file_vp, bufptr, sizeof(pathname_t), &outlen, 0, context);
@@ -3029,7 +3035,7 @@ hfs_vnop_bwrite(struct vnop_bwrite_args *ap)
 			block.blockSize = buf_count(bp);
 
 			/* Endian un-swap B-Tree node */
-			retval = hfs_swap_BTNode (&block, vp, kSwapBTNodeHostToBig);
+			retval = hfs_swap_BTNode (&block, vp, kSwapBTNodeHostToBig, false);
 			if (retval)
 				panic("hfs_vnop_bwrite: about to write corrupt node!\n");
 		}