1/* 2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 * 28 * 29 * Copyright (c) 1982, 1986, 1989, 1991, 1992, 1993 30 * The Regents of the University of California. All rights reserved. 31 * (c) UNIX System Laboratories, Inc. 32 * All or some portions of this file are derived from material licensed 33 * to the University of California by American Telephone and Telegraph 34 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 35 * the permission of UNIX System Laboratories, Inc. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)init_main.c 8.16 (Berkeley) 5/14/95 66 */ 67 68/* 69 * 70 * Mach Operating System 71 * Copyright (c) 1987 Carnegie-Mellon University 72 * All rights reserved. The CMU software License Agreement specifies 73 * the terms and conditions for use and redistribution. 74 */ 75/* 76 * NOTICE: This file was modified by McAfee Research in 2004 to introduce 77 * support for mandatory and extensible security protections. This notice 78 * is included in support of clause 2.2 (b) of the Apple Public License, 79 * Version 2.0. 80 */ 81 82#include <sys/param.h> 83#include <sys/filedesc.h> 84#include <sys/kernel.h> 85#include <sys/mount_internal.h> 86#include <sys/proc_internal.h> 87#include <sys/kauth.h> 88#include <sys/systm.h> 89#include <sys/vnode_internal.h> 90#include <sys/conf.h> 91#include <sys/buf_internal.h> 92#include <sys/clist.h> 93#include <sys/user.h> 94#include <sys/time.h> 95#include <sys/systm.h> 96#include <sys/mman.h> 97 98#include <security/audit/audit.h> 99 100#include <sys/malloc.h> 101#include <sys/dkstat.h> 102#include <sys/codesign.h> 103 104#include <kern/startup.h> 105#include <kern/thread.h> 106#include <kern/task.h> 107#include <kern/ast.h> 108#include <kern/kalloc.h> 109#include <mach/mach_host.h> 110 111#include <mach/vm_param.h> 112 113#include <vm/vm_map.h> 114#include <vm/vm_kern.h> 115 116#include <sys/ux_exception.h> /* for ux_exception_port */ 117 118#include <sys/reboot.h> 119#include <mach/exception_types.h> 120#include <dev/busvar.h> /* for pseudo_inits */ 121#include <sys/kdebug.h> 122 123#include <mach/mach_types.h> 124#include <mach/vm_prot.h> 125#include <mach/semaphore.h> 126#include <mach/sync_policy.h> 127#include <kern/clock.h> 128#include <mach/kern_return.h> 129#include <mach/thread_act.h> /* for thread_resume() */ 130#include <mach/task.h> /* for task_set_exception_ports() */ 131#include <sys/ux_exception.h> /* for ux_handler() */ 132#include <sys/ubc_internal.h> /* for ubc_init() */ 133#include <sys/mcache.h> /* for mcache_init() */ 134#include <sys/mbuf.h> /* for mbinit() */ 135#include <sys/event.h> /* for knote_init() */ 136#include <sys/kern_memorystatus.h> /* for memorystatus_init() */ 137#include <sys/aio_kern.h> /* for aio_init() */ 138#include <sys/semaphore.h> /* for psem_cache_init() */ 139#include <net/dlil.h> /* for dlil_init() */ 140#include <net/kpi_protocol.h> /* for proto_kpi_init() */ 141#include <net/iptap.h> /* for iptap_init() */ 142#include <sys/pipe.h> /* for pipeinit() */ 143#include <sys/socketvar.h> /* for socketinit() */ 144#include <sys/protosw.h> /* for domaininit() */ 145#include <kern/sched_prim.h> /* for thread_wakeup() */ 146#include <net/if_ether.h> /* for ether_family_init() */ 147#include <net/if_gif.h> /* for gif_init() */ 148#include <vm/vm_protos.h> /* for vnode_pager_bootstrap() */ 149#include <miscfs/devfs/devfsdefs.h> /* for devfs_kernel_mount() */ 150#include <mach/host_priv.h> /* for host_set_exception_ports() */ 151#include <kern/host.h> /* for host_priv_self() */ 152#include <vm/vm_kern.h> /* for kmem_suballoc() */ 153#include <sys/semaphore.h> /* for psem_lock_init() */ 154#include <sys/msgbuf.h> /* for log_setsize() */ 155#include <sys/tty.h> /* for tty_init() */ 156#include <sys/proc_uuid_policy.h> /* proc_uuid_policy_init() */ 157#include <netinet/flow_divert.h> /* flow_divert_init() */ 158#include <net/content_filter.h> /* for cfil_init() */ 159#include <net/necp.h> /* for necp_init() */ 160#include <net/packet_mangler.h> /* for pkt_mnglr_init() */ 161#include <net/if_utun.h> /* for utun_register_control() */ 162#include <net/if_ipsec.h> /* for ipsec_register_control() */ 163#include <net/net_str_id.h> /* for net_str_id_init() */ 164#include <net/netsrc.h> /* for netsrc_init() */ 165#include <net/ntstat.h> /* for nstat_init() */ 166#include <netinet/tcp_cc.h> /* for tcp_cc_init() */ 167#include <kern/assert.h> /* for assert() */ 168#include <sys/kern_overrides.h> /* for init_system_override() */ 169 170#include <net/init.h> 171 172#if CONFIG_MACF 173#include <security/mac_framework.h> 174#include <security/mac_internal.h> /* mac_init_bsd() */ 175#include <security/mac_mach_internal.h> /* mac_update_task_label() */ 176#endif 177 178#include <machine/exec.h> 179 180#if NFSCLIENT 181#include <sys/netboot.h> 182#endif 183 184#if CONFIG_IMAGEBOOT 185#include <sys/imageboot.h> 186#endif 187 188#if PFLOG 189#include <net/if_pflog.h> 190#endif 191 192#include <pexpert/pexpert.h> 193#include <machine/pal_routines.h> 194#include <console/video_console.h> 195 196void * get_user_regs(thread_t); /* XXX kludge for <machine/thread.h> */ 197void IOKitInitializeTime(void); /* XXX */ 198void IOSleep(unsigned int); /* XXX */ 199void loopattach(void); /* XXX */ 200 201const char copyright[] = 202"Copyright (c) 1982, 1986, 1989, 1991, 1993\n\t" 203"The Regents of the University of California. " 204"All rights reserved.\n\n"; 205 206/* Components of the first process -- never freed. */ 207struct proc proc0; 208struct session session0; 209struct pgrp pgrp0; 210struct filedesc filedesc0; 211struct plimit limit0; 212struct pstats pstats0; 213struct sigacts sigacts0; 214proc_t kernproc; 215proc_t initproc; 216 217long tk_cancc; 218long tk_nin; 219long tk_nout; 220long tk_rawcc; 221 222int lock_trace = 0; 223/* Global variables to make pstat happy. We do swapping differently */ 224int nswdev, nswap; 225int nswapmap; 226void *swapmap; 227struct swdevt swdevt[1]; 228 229dev_t rootdev; /* device of the root */ 230dev_t dumpdev; /* device to take dumps on */ 231long dumplo; /* offset into dumpdev */ 232long hostid; 233char hostname[MAXHOSTNAMELEN]; 234int hostnamelen; 235char domainname[MAXDOMNAMELEN]; 236int domainnamelen; 237 238char rootdevice[16]; /* hfs device names have at least 9 chars */ 239 240#if KMEMSTATS 241struct kmemstats kmemstats[M_LAST]; 242#endif 243 244struct vnode *rootvp; 245int boothowto = RB_DEBUG; 246 247extern kern_return_t IOFindBSDRoot(char *, unsigned int, dev_t *, u_int32_t *); 248extern void IOSecureBSDRoot(const char * rootName); 249extern kern_return_t IOKitBSDInit(void ); 250extern void kminit(void); 251extern void file_lock_init(void); 252extern void kmeminit(void); 253extern void bsd_bufferinit(void); 254extern void throttle_init(void); 255extern void macx_init(void); 256extern void acct_init(void); 257 258extern int serverperfmode; 259extern int ncl; 260 261vm_map_t bsd_pageable_map; 262vm_map_t mb_map; 263 264static int bsd_simul_execs; 265static int bsd_pageable_map_size; 266__private_extern__ int execargs_cache_size = 0; 267__private_extern__ int execargs_free_count = 0; 268__private_extern__ vm_offset_t * execargs_cache = NULL; 269 270void bsd_exec_setup(int); 271 272__private_extern__ int bootarg_vnode_cache_defeat = 0; 273 274/* 275 * Prevent kernel-based ASLR from being used, for testing. 276 */ 277#if DEVELOPMENT || DEBUG 278__private_extern__ int bootarg_disable_aslr = 0; 279#endif 280 281int cmask = CMASK; 282extern int customnbuf; 283 284void bsd_init(void); 285kern_return_t bsd_autoconf(void); 286void bsd_utaskbootstrap(void); 287 288static void parse_bsd_args(void); 289extern task_t bsd_init_task; 290extern char init_task_failure_data[]; 291#if CONFIG_DEV_KMEM 292extern void dev_kmem_init(void); 293#endif 294extern void time_zone_slock_init(void); 295extern void select_wait_queue_init(void); 296static void process_name(const char *, proc_t); 297 298static void setconf(void); 299 300#if SYSV_SHM 301extern void sysv_shm_lock_init(void); 302#endif 303#if SYSV_SEM 304extern void sysv_sem_lock_init(void); 305#endif 306#if SYSV_MSG 307extern void sysv_msg_lock_init(void); 308#endif 309 310#if CONFIG_MACF 311#if defined (__i386__) || defined (__x86_64__) 312/* MACF policy_check configuration flags; see policy_check.c for details */ 313int policy_check_flags = 0; 314 315extern int check_policy_init(int); 316#endif 317#endif /* CONFIG_MACF */ 318 319/* If we are using CONFIG_DTRACE */ 320#if CONFIG_DTRACE 321 extern void dtrace_postinit(void); 322#endif 323 324/* 325 * Initialization code. 326 * Called from cold start routine as 327 * soon as a stack and segmentation 328 * have been established. 329 * Functions: 330 * turn on clock 331 * hand craft 0th process 332 * call all initialization routines 333 * hand craft 1st user process 334 */ 335 336/* 337 * Sets the name for the given task. 338 */ 339static void 340process_name(const char *s, proc_t p) 341{ 342 size_t length = strlen(s); 343 344 bcopy(s, p->p_comm, 345 length >= sizeof(p->p_comm) ? sizeof(p->p_comm) : 346 length + 1); 347} 348 349/* To allow these values to be patched, they're globals here */ 350#include <machine/vmparam.h> 351struct rlimit vm_initial_limit_stack = { DFLSSIZ, MAXSSIZ - PAGE_MAX_SIZE }; 352struct rlimit vm_initial_limit_data = { DFLDSIZ, MAXDSIZ }; 353struct rlimit vm_initial_limit_core = { DFLCSIZ, MAXCSIZ }; 354 355extern thread_t cloneproc(task_t, coalition_t, proc_t, int, int); 356extern int (*mountroot)(void); 357 358lck_grp_t * proc_lck_grp; 359lck_grp_t * proc_slock_grp; 360lck_grp_t * proc_fdmlock_grp; 361lck_grp_t * proc_mlock_grp; 362lck_grp_attr_t * proc_lck_grp_attr; 363lck_attr_t * proc_lck_attr; 364lck_mtx_t * proc_list_mlock; 365lck_mtx_t * proc_klist_mlock; 366 367extern lck_mtx_t * execargs_cache_lock; 368 369/* hook called after root is mounted XXX temporary hack */ 370void (*mountroot_post_hook)(void); 371void (*unmountroot_pre_hook)(void); 372 373/* 374 * This function is called very early on in the Mach startup, from the 375 * function start_kernel_threads() in osfmk/kern/startup.c. It's called 376 * in the context of the current (startup) task using a call to the 377 * function kernel_thread_create() to jump into start_kernel_threads(). 378 * Internally, kernel_thread_create() calls thread_create_internal(), 379 * which calls uthread_alloc(). The function of uthread_alloc() is 380 * normally to allocate a uthread structure, and fill out the uu_sigmask, 381 * uu_context fields. It skips filling these out in the case of the "task" 382 * being "kernel_task", because the order of operation is inverted. To 383 * account for that, we need to manually fill in at least the contents 384 * of the uu_context.vc_ucred field so that the uthread structure can be 385 * used like any other. 386 */ 387 388void 389bsd_init(void) 390{ 391 struct uthread *ut; 392 unsigned int i; 393 struct vfs_context context; 394 kern_return_t ret; 395 struct ucred temp_cred; 396 struct posix_cred temp_pcred; 397#if NFSCLIENT || CONFIG_IMAGEBOOT 398 boolean_t netboot = FALSE; 399#endif 400 401#define bsd_init_kprintf(x...) /* kprintf("bsd_init: " x) */ 402 403 throttle_init(); 404 405 printf(copyright); 406 407 bsd_init_kprintf("calling kmeminit\n"); 408 kmeminit(); 409 410 bsd_init_kprintf("calling parse_bsd_args\n"); 411 parse_bsd_args(); 412 413#if CONFIG_DEV_KMEM 414 bsd_init_kprintf("calling dev_kmem_init\n"); 415 dev_kmem_init(); 416#endif 417 418 /* Initialize kauth subsystem before instancing the first credential */ 419 bsd_init_kprintf("calling kauth_init\n"); 420 kauth_init(); 421 422 /* Initialize process and pgrp structures. */ 423 bsd_init_kprintf("calling procinit\n"); 424 procinit(); 425 426 /* Initialize the ttys (MUST be before kminit()/bsd_autoconf()!)*/ 427 tty_init(); 428 429 kernproc = &proc0; /* implicitly bzero'ed */ 430 431 /* kernel_task->proc = kernproc; */ 432 set_bsdtask_info(kernel_task,(void *)kernproc); 433 434 /* give kernproc a name */ 435 bsd_init_kprintf("calling process_name\n"); 436 process_name("kernel_task", kernproc); 437 438 /* allocate proc lock group attribute and group */ 439 bsd_init_kprintf("calling lck_grp_attr_alloc_init\n"); 440 proc_lck_grp_attr= lck_grp_attr_alloc_init(); 441 442 proc_lck_grp = lck_grp_alloc_init("proc", proc_lck_grp_attr); 443#if CONFIG_FINE_LOCK_GROUPS 444 proc_slock_grp = lck_grp_alloc_init("proc-slock", proc_lck_grp_attr); 445 proc_fdmlock_grp = lck_grp_alloc_init("proc-fdmlock", proc_lck_grp_attr); 446 proc_mlock_grp = lck_grp_alloc_init("proc-mlock", proc_lck_grp_attr); 447#endif 448 /* Allocate proc lock attribute */ 449 proc_lck_attr = lck_attr_alloc_init(); 450#if 0 451#if __PROC_INTERNAL_DEBUG 452 lck_attr_setdebug(proc_lck_attr); 453#endif 454#endif 455 456#if CONFIG_FINE_LOCK_GROUPS 457 proc_list_mlock = lck_mtx_alloc_init(proc_mlock_grp, proc_lck_attr); 458 proc_klist_mlock = lck_mtx_alloc_init(proc_mlock_grp, proc_lck_attr); 459 lck_mtx_init(&kernproc->p_mlock, proc_mlock_grp, proc_lck_attr); 460 lck_mtx_init(&kernproc->p_fdmlock, proc_fdmlock_grp, proc_lck_attr); 461 lck_spin_init(&kernproc->p_slock, proc_slock_grp, proc_lck_attr); 462#else 463 proc_list_mlock = lck_mtx_alloc_init(proc_lck_grp, proc_lck_attr); 464 proc_klist_mlock = lck_mtx_alloc_init(proc_lck_grp, proc_lck_attr); 465 lck_mtx_init(&kernproc->p_mlock, proc_lck_grp, proc_lck_attr); 466 lck_mtx_init(&kernproc->p_fdmlock, proc_lck_grp, proc_lck_attr); 467 lck_spin_init(&kernproc->p_slock, proc_lck_grp, proc_lck_attr); 468#endif 469 470 assert(bsd_simul_execs != 0); 471 execargs_cache_lock = lck_mtx_alloc_init(proc_lck_grp, proc_lck_attr); 472 execargs_cache_size = bsd_simul_execs; 473 execargs_free_count = bsd_simul_execs; 474 execargs_cache = (vm_offset_t *)kalloc(bsd_simul_execs * sizeof(vm_offset_t)); 475 bzero(execargs_cache, bsd_simul_execs * sizeof(vm_offset_t)); 476 477 if (current_task() != kernel_task) 478 printf("bsd_init: We have a problem, " 479 "current task is not kernel task\n"); 480 481 bsd_init_kprintf("calling get_bsdthread_info\n"); 482 ut = (uthread_t)get_bsdthread_info(current_thread()); 483 484#if CONFIG_MACF 485 /* 486 * Initialize the MAC Framework 487 */ 488 mac_policy_initbsd(); 489 kernproc->p_mac_enforce = 0; 490 491#if defined (__i386__) || defined (__x86_64__) 492 /* 493 * We currently only support this on i386/x86_64, as that is the 494 * only lock code we have instrumented so far. 495 */ 496 check_policy_init(policy_check_flags); 497#endif 498#endif /* MAC */ 499 500 /* Initialize System Override call */ 501 init_system_override(); 502 503 /* 504 * Create process 0. 505 */ 506 proc_list_lock(); 507 LIST_INSERT_HEAD(&allproc, kernproc, p_list); 508 kernproc->p_pgrp = &pgrp0; 509 LIST_INSERT_HEAD(PGRPHASH(0), &pgrp0, pg_hash); 510 LIST_INIT(&pgrp0.pg_members); 511#ifdef CONFIG_FINE_LOCK_GROUPS 512 lck_mtx_init(&pgrp0.pg_mlock, proc_mlock_grp, proc_lck_attr); 513#else 514 lck_mtx_init(&pgrp0.pg_mlock, proc_lck_grp, proc_lck_attr); 515#endif 516 /* There is no other bsd thread this point and is safe without pgrp lock */ 517 LIST_INSERT_HEAD(&pgrp0.pg_members, kernproc, p_pglist); 518 kernproc->p_listflag |= P_LIST_INPGRP; 519 kernproc->p_pgrpid = 0; 520 kernproc->p_uniqueid = 0; 521 522 pgrp0.pg_session = &session0; 523 pgrp0.pg_membercnt = 1; 524 525 session0.s_count = 1; 526 session0.s_leader = kernproc; 527 session0.s_listflags = 0; 528#ifdef CONFIG_FINE_LOCK_GROUPS 529 lck_mtx_init(&session0.s_mlock, proc_mlock_grp, proc_lck_attr); 530#else 531 lck_mtx_init(&session0.s_mlock, proc_lck_grp, proc_lck_attr); 532#endif 533 LIST_INSERT_HEAD(SESSHASH(0), &session0, s_hash); 534 proc_list_unlock(); 535 536#if CONFIG_LCTX 537 kernproc->p_lctx = NULL; 538#endif 539 540 kernproc->task = kernel_task; 541 542 kernproc->p_stat = SRUN; 543 kernproc->p_flag = P_SYSTEM; 544 kernproc->p_lflag = 0; 545 kernproc->p_ladvflag = 0; 546 547#if DEVELOPMENT || DEBUG 548 if (bootarg_disable_aslr) 549 kernproc->p_flag |= P_DISABLE_ASLR; 550#endif 551 552 kernproc->p_nice = NZERO; 553 kernproc->p_pptr = kernproc; 554 555 TAILQ_INIT(&kernproc->p_uthlist); 556 TAILQ_INSERT_TAIL(&kernproc->p_uthlist, ut, uu_list); 557 558 kernproc->sigwait = FALSE; 559 kernproc->sigwait_thread = THREAD_NULL; 560 kernproc->exit_thread = THREAD_NULL; 561 kernproc->p_csflags = CS_VALID; 562 563 /* 564 * Create credential. This also Initializes the audit information. 565 */ 566 bsd_init_kprintf("calling bzero\n"); 567 bzero(&temp_cred, sizeof(temp_cred)); 568 bzero(&temp_pcred, sizeof(temp_pcred)); 569 temp_pcred.cr_ngroups = 1; 570 /* kern_proc, shouldn't call up to DS for group membership */ 571 temp_pcred.cr_flags = CRF_NOMEMBERD; 572 temp_cred.cr_audit.as_aia_p = audit_default_aia_p; 573 574 bsd_init_kprintf("calling kauth_cred_create\n"); 575 /* 576 * We have to label the temp cred before we create from it to 577 * properly set cr_ngroups, or the create will fail. 578 */ 579 posix_cred_label(&temp_cred, &temp_pcred); 580 kernproc->p_ucred = kauth_cred_create(&temp_cred); 581 582 /* update cred on proc */ 583 PROC_UPDATE_CREDS_ONPROC(kernproc); 584 585 /* give the (already exisiting) initial thread a reference on it */ 586 bsd_init_kprintf("calling kauth_cred_ref\n"); 587 kauth_cred_ref(kernproc->p_ucred); 588 ut->uu_context.vc_ucred = kernproc->p_ucred; 589 ut->uu_context.vc_thread = current_thread(); 590 591 TAILQ_INIT(&kernproc->p_aio_activeq); 592 TAILQ_INIT(&kernproc->p_aio_doneq); 593 kernproc->p_aio_total_count = 0; 594 kernproc->p_aio_active_count = 0; 595 596 bsd_init_kprintf("calling file_lock_init\n"); 597 file_lock_init(); 598 599#if CONFIG_MACF 600 mac_cred_label_associate_kernel(kernproc->p_ucred); 601#endif 602 603 /* Create the file descriptor table. */ 604 kernproc->p_fd = &filedesc0; 605 filedesc0.fd_cmask = cmask; 606 filedesc0.fd_knlistsize = -1; 607 filedesc0.fd_knlist = NULL; 608 filedesc0.fd_knhash = NULL; 609 filedesc0.fd_knhashmask = 0; 610 611 /* Create the limits structures. */ 612 kernproc->p_limit = &limit0; 613 for (i = 0; i < sizeof(kernproc->p_rlimit)/sizeof(kernproc->p_rlimit[0]); i++) 614 limit0.pl_rlimit[i].rlim_cur = 615 limit0.pl_rlimit[i].rlim_max = RLIM_INFINITY; 616 limit0.pl_rlimit[RLIMIT_NOFILE].rlim_cur = NOFILE; 617 limit0.pl_rlimit[RLIMIT_NPROC].rlim_cur = maxprocperuid; 618 limit0.pl_rlimit[RLIMIT_NPROC].rlim_max = maxproc; 619 limit0.pl_rlimit[RLIMIT_STACK] = vm_initial_limit_stack; 620 limit0.pl_rlimit[RLIMIT_DATA] = vm_initial_limit_data; 621 limit0.pl_rlimit[RLIMIT_CORE] = vm_initial_limit_core; 622 limit0.pl_refcnt = 1; 623 624 kernproc->p_stats = &pstats0; 625 kernproc->p_sigacts = &sigacts0; 626 627 /* 628 * Charge root for one process: launchd. 629 */ 630 bsd_init_kprintf("calling chgproccnt\n"); 631 (void)chgproccnt(0, 1); 632 633 /* 634 * Allocate a kernel submap for pageable memory 635 * for temporary copying (execve()). 636 */ 637 { 638 vm_offset_t minimum; 639 640 bsd_init_kprintf("calling kmem_suballoc\n"); 641 assert(bsd_pageable_map_size != 0); 642 ret = kmem_suballoc(kernel_map, 643 &minimum, 644 (vm_size_t)bsd_pageable_map_size, 645 TRUE, 646 VM_FLAGS_ANYWHERE, 647 &bsd_pageable_map); 648 if (ret != KERN_SUCCESS) 649 panic("bsd_init: Failed to allocate bsd pageable map"); 650 } 651 652 /* 653 * Initialize buffers and hash links for buffers 654 * 655 * SIDE EFFECT: Starts a thread for bcleanbuf_thread(), so must 656 * happen after a credential has been associated with 657 * the kernel task. 658 */ 659 bsd_init_kprintf("calling bsd_bufferinit\n"); 660 bsd_bufferinit(); 661 662 /* Initialize the execve() semaphore */ 663 bsd_init_kprintf("calling semaphore_create\n"); 664 665 if (ret != KERN_SUCCESS) 666 panic("bsd_init: Failed to create execve semaphore"); 667 668 /* 669 * Initialize the calendar. 670 */ 671 bsd_init_kprintf("calling IOKitInitializeTime\n"); 672 IOKitInitializeTime(); 673 674 bsd_init_kprintf("calling ubc_init\n"); 675 ubc_init(); 676 677 /* 678 * Initialize device-switches. 679 */ 680 bsd_init_kprintf("calling devsw_init() \n"); 681 devsw_init(); 682 683 /* Initialize the file systems. */ 684 bsd_init_kprintf("calling vfsinit\n"); 685 vfsinit(); 686 687#if CONFIG_PROC_UUID_POLICY 688 /* Initial proc_uuid_policy subsystem */ 689 bsd_init_kprintf("calling proc_uuid_policy_init()\n"); 690 proc_uuid_policy_init(); 691#endif 692 693#if SOCKETS 694 /* Initialize per-CPU cache allocator */ 695 mcache_init(); 696 697 /* Initialize mbuf's. */ 698 bsd_init_kprintf("calling mbinit\n"); 699 mbinit(); 700 net_str_id_init(); /* for mbuf tags */ 701#endif /* SOCKETS */ 702 703 /* 704 * Initializes security event auditing. 705 * XXX: Should/could this occur later? 706 */ 707#if CONFIG_AUDIT 708 bsd_init_kprintf("calling audit_init\n"); 709 audit_init(); 710#endif 711 712 /* Initialize kqueues */ 713 bsd_init_kprintf("calling knote_init\n"); 714 knote_init(); 715 716 /* Initialize for async IO */ 717 bsd_init_kprintf("calling aio_init\n"); 718 aio_init(); 719 720 /* Initialize pipes */ 721 bsd_init_kprintf("calling pipeinit\n"); 722 pipeinit(); 723 724 /* Initialize SysV shm subsystem locks; the subsystem proper is 725 * initialized through a sysctl. 726 */ 727#if SYSV_SHM 728 bsd_init_kprintf("calling sysv_shm_lock_init\n"); 729 sysv_shm_lock_init(); 730#endif 731#if SYSV_SEM 732 bsd_init_kprintf("calling sysv_sem_lock_init\n"); 733 sysv_sem_lock_init(); 734#endif 735#if SYSV_MSG 736 bsd_init_kprintf("sysv_msg_lock_init\n"); 737 sysv_msg_lock_init(); 738#endif 739 bsd_init_kprintf("calling pshm_lock_init\n"); 740 pshm_lock_init(); 741 bsd_init_kprintf("calling psem_lock_init\n"); 742 psem_lock_init(); 743 744 pthread_init(); 745 /* POSIX Shm and Sem */ 746 bsd_init_kprintf("calling pshm_cache_init\n"); 747 pshm_cache_init(); 748 bsd_init_kprintf("calling psem_cache_init\n"); 749 psem_cache_init(); 750 bsd_init_kprintf("calling time_zone_slock_init\n"); 751 time_zone_slock_init(); 752 bsd_init_kprintf("calling select_wait_queue_init\n"); 753 select_wait_queue_init(); 754 755 /* 756 * Initialize protocols. Block reception of incoming packets 757 * until everything is ready. 758 */ 759 bsd_init_kprintf("calling sysctl_register_fixed\n"); 760 sysctl_register_fixed(); 761 bsd_init_kprintf("calling sysctl_mib_init\n"); 762 sysctl_mib_init(); 763#if NETWORKING 764 bsd_init_kprintf("calling dlil_init\n"); 765 dlil_init(); 766 bsd_init_kprintf("calling proto_kpi_init\n"); 767 proto_kpi_init(); 768#endif /* NETWORKING */ 769#if SOCKETS 770 bsd_init_kprintf("calling socketinit\n"); 771 socketinit(); 772 bsd_init_kprintf("calling domaininit\n"); 773 domaininit(); 774 iptap_init(); 775#if FLOW_DIVERT 776 flow_divert_init(); 777#endif /* FLOW_DIVERT */ 778#endif /* SOCKETS */ 779 780 kernproc->p_fd->fd_cdir = NULL; 781 kernproc->p_fd->fd_rdir = NULL; 782 783#if CONFIG_FREEZE 784#ifndef CONFIG_MEMORYSTATUS 785 #error "CONFIG_FREEZE defined without matching CONFIG_MEMORYSTATUS" 786#endif 787 /* Initialise background freezing */ 788 bsd_init_kprintf("calling memorystatus_freeze_init\n"); 789 memorystatus_freeze_init(); 790#endif 791 792#if CONFIG_MEMORYSTATUS 793 /* Initialize kernel memory status notifications */ 794 bsd_init_kprintf("calling memorystatus_init\n"); 795 memorystatus_init(); 796#endif /* CONFIG_MEMORYSTATUS */ 797 798 bsd_init_kprintf("calling macx_init\n"); 799 macx_init(); 800 801 bsd_init_kprintf("calling acct_init\n"); 802 acct_init(); 803 804#ifdef GPROF 805 /* Initialize kernel profiling. */ 806 kmstartup(); 807#endif 808 809 bsd_init_kprintf("calling bsd_autoconf\n"); 810 bsd_autoconf(); 811 812#if CONFIG_DTRACE 813 dtrace_postinit(); 814#endif 815 816 /* 817 * We attach the loopback interface *way* down here to ensure 818 * it happens after autoconf(), otherwise it becomes the 819 * "primary" interface. 820 */ 821#include <loop.h> 822#if NLOOP > 0 823 bsd_init_kprintf("calling loopattach\n"); 824 loopattach(); /* XXX */ 825#endif 826#if NGIF 827 /* Initialize gif interface (after lo0) */ 828 gif_init(); 829#endif 830 831#if PFLOG 832 /* Initialize packet filter log interface */ 833 pfloginit(); 834#endif /* PFLOG */ 835 836#if NETHER > 0 837 /* Register the built-in dlil ethernet interface family */ 838 bsd_init_kprintf("calling ether_family_init\n"); 839 ether_family_init(); 840#endif /* ETHER */ 841 842#if NETWORKING 843 /* Call any kext code that wants to run just after network init */ 844 bsd_init_kprintf("calling net_init_run\n"); 845 net_init_run(); 846 847#if CONTENT_FILTER 848 cfil_init(); 849#endif 850 851#if PACKET_MANGLER 852 pkt_mnglr_init(); 853#endif 854 855#if NECP 856 /* Initialize Network Extension Control Policies */ 857 necp_init(); 858#endif 859 860 /* register user tunnel kernel control handler */ 861 utun_register_control(); 862#if IPSEC 863 ipsec_register_control(); 864#endif /* IPSEC */ 865 netsrc_init(); 866 nstat_init(); 867 tcp_cc_init(); 868#endif /* NETWORKING */ 869 870 bsd_init_kprintf("calling vnode_pager_bootstrap\n"); 871 vnode_pager_bootstrap(); 872 873 bsd_init_kprintf("calling inittodr\n"); 874 inittodr(0); 875 876 /* Mount the root file system. */ 877 while( TRUE) { 878 int err; 879 880 bsd_init_kprintf("calling setconf\n"); 881 setconf(); 882#if NFSCLIENT 883 netboot = (mountroot == netboot_mountroot); 884#endif 885 886 bsd_init_kprintf("vfs_mountroot\n"); 887 if (0 == (err = vfs_mountroot())) 888 break; 889 rootdevice[0] = '\0'; 890#if NFSCLIENT 891 if (netboot) { 892 PE_display_icon( 0, "noroot"); /* XXX a netboot-specific icon would be nicer */ 893 vc_progress_set(FALSE, 0); 894 for (i=1; 1; i*=2) { 895 printf("bsd_init: failed to mount network root, error %d, %s\n", 896 err, PE_boot_args()); 897 printf("We are hanging here...\n"); 898 IOSleep(i*60*1000); 899 } 900 /*NOTREACHED*/ 901 } 902#endif 903 printf("cannot mount root, errno = %d\n", err); 904 boothowto |= RB_ASKNAME; 905 } 906 907 IOSecureBSDRoot(rootdevice); 908 909 context.vc_thread = current_thread(); 910 context.vc_ucred = kernproc->p_ucred; 911 mountlist.tqh_first->mnt_flag |= MNT_ROOTFS; 912 913 bsd_init_kprintf("calling VFS_ROOT\n"); 914 /* Get the vnode for '/'. Set fdp->fd_fd.fd_cdir to reference it. */ 915 if (VFS_ROOT(mountlist.tqh_first, &rootvnode, &context)) 916 panic("bsd_init: cannot find root vnode: %s", PE_boot_args()); 917 rootvnode->v_flag |= VROOT; 918 (void)vnode_ref(rootvnode); 919 (void)vnode_put(rootvnode); 920 filedesc0.fd_cdir = rootvnode; 921 922#if NFSCLIENT 923 if (netboot) { 924 int err; 925 926 netboot = TRUE; 927 /* post mount setup */ 928 if ((err = netboot_setup()) != 0) { 929 PE_display_icon( 0, "noroot"); /* XXX a netboot-specific icon would be nicer */ 930 vc_progress_set(FALSE, 0); 931 for (i=1; 1; i*=2) { 932 printf("bsd_init: NetBoot could not find root, error %d: %s\n", 933 err, PE_boot_args()); 934 printf("We are hanging here...\n"); 935 IOSleep(i*60*1000); 936 } 937 /*NOTREACHED*/ 938 } 939 } 940#endif 941 942 943#if CONFIG_IMAGEBOOT 944 /* 945 * See if a system disk image is present. If so, mount it and 946 * switch the root vnode to point to it 947 */ 948 if (netboot == FALSE && imageboot_needed()) { 949 /* 950 * An image was found. No turning back: we're booted 951 * with a kernel from the disk image. 952 */ 953 imageboot_setup(); 954 } 955#endif /* CONFIG_IMAGEBOOT */ 956 957 /* set initial time; all other resource data is already zero'ed */ 958 microtime_with_abstime(&kernproc->p_start, &kernproc->p_stats->ps_start); 959 960#if DEVFS 961 { 962 char mounthere[] = "/dev"; /* !const because of internal casting */ 963 964 bsd_init_kprintf("calling devfs_kernel_mount\n"); 965 devfs_kernel_mount(mounthere); 966 } 967#endif /* DEVFS */ 968 969 /* Initialize signal state for process 0. */ 970 bsd_init_kprintf("calling siginit\n"); 971 siginit(kernproc); 972 973 bsd_init_kprintf("calling bsd_utaskbootstrap\n"); 974 bsd_utaskbootstrap(); 975 976#if defined(__LP64__) 977 kernproc->p_flag |= P_LP64; 978#endif 979 980 pal_kernel_announce(); 981 982 bsd_init_kprintf("calling mountroot_post_hook\n"); 983 984 /* invoke post-root-mount hook */ 985 if (mountroot_post_hook != NULL) 986 mountroot_post_hook(); 987 988#if 0 /* not yet */ 989 consider_zone_gc(FALSE); 990#endif 991 992 bsd_init_kprintf("done\n"); 993} 994 995void 996bsdinit_task(void) 997{ 998 proc_t p = current_proc(); 999 struct uthread *ut; 1000 thread_t thread; 1001 1002 process_name("init", p); 1003 1004 ux_handler_init(); 1005 1006 thread = current_thread(); 1007 (void) host_set_exception_ports(host_priv_self(), 1008 EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT),//pilotfish (shark) needs this port 1009 (mach_port_t) ux_exception_port, 1010 EXCEPTION_DEFAULT| MACH_EXCEPTION_CODES, 1011 0); 1012 1013 ut = (uthread_t)get_bsdthread_info(thread); 1014 1015 bsd_init_task = get_threadtask(thread); 1016 init_task_failure_data[0] = 0; 1017 1018#if CONFIG_MACF 1019 mac_cred_label_associate_user(p->p_ucred); 1020#endif 1021 load_init_program(p); 1022 lock_trace = 1; 1023} 1024 1025kern_return_t 1026bsd_autoconf(void) 1027{ 1028 kprintf("bsd_autoconf: calling kminit\n"); 1029 kminit(); 1030 1031 /* 1032 * Early startup for bsd pseudodevices. 1033 */ 1034 { 1035 struct pseudo_init *pi; 1036 1037 for (pi = pseudo_inits; pi->ps_func; pi++) 1038 (*pi->ps_func) (pi->ps_count); 1039 } 1040 1041 return( IOKitBSDInit()); 1042} 1043 1044 1045#include <sys/disklabel.h> /* for MAXPARTITIONS */ 1046 1047static void 1048setconf(void) 1049{ 1050 u_int32_t flags; 1051 kern_return_t err; 1052 1053 err = IOFindBSDRoot(rootdevice, sizeof(rootdevice), &rootdev, &flags); 1054 if( err) { 1055 printf("setconf: IOFindBSDRoot returned an error (%d);" 1056 "setting rootdevice to 'sd0a'.\n", err); /* XXX DEBUG TEMP */ 1057 rootdev = makedev( 6, 0 ); 1058 strlcpy(rootdevice, "sd0a", sizeof(rootdevice)); 1059 flags = 0; 1060 } 1061 1062#if NFSCLIENT 1063 if( flags & 1 ) { 1064 /* network device */ 1065 mountroot = netboot_mountroot; 1066 } else { 1067#endif 1068 /* otherwise have vfs determine root filesystem */ 1069 mountroot = NULL; 1070#if NFSCLIENT 1071 } 1072#endif 1073 1074} 1075 1076void 1077bsd_utaskbootstrap(void) 1078{ 1079 thread_t thread; 1080 struct uthread *ut; 1081 1082 /* 1083 * Clone the bootstrap process from the kernel process, without 1084 * inheriting either task characteristics or memory from the kernel; 1085 */ 1086 thread = cloneproc(TASK_NULL, COALITION_NULL, kernproc, FALSE, TRUE); 1087 1088 /* Hold the reference as it will be dropped during shutdown */ 1089 initproc = proc_find(1); 1090#if __PROC_INTERNAL_DEBUG 1091 if (initproc == PROC_NULL) 1092 panic("bsd_utaskbootstrap: initproc not set\n"); 1093#endif 1094 /* 1095 * Since we aren't going back out the normal way to our parent, 1096 * we have to drop the transition locks explicitly. 1097 */ 1098 proc_signalend(initproc, 0); 1099 proc_transend(initproc, 0); 1100 1101 ut = (struct uthread *)get_bsdthread_info(thread); 1102 ut->uu_sigmask = 0; 1103 act_set_astbsd(thread); 1104 (void) thread_resume(thread); 1105} 1106 1107static void 1108parse_bsd_args(void) 1109{ 1110 char namep[16]; 1111 int msgbuf; 1112 1113 if ( PE_parse_boot_argn("-s", namep, sizeof (namep))) 1114 boothowto |= RB_SINGLE; 1115 1116 if (PE_parse_boot_argn("-b", namep, sizeof (namep))) 1117 boothowto |= RB_NOBOOTRC; 1118 1119 if (PE_parse_boot_argn("-x", namep, sizeof (namep))) /* safe boot */ 1120 boothowto |= RB_SAFEBOOT; 1121 1122 1123 /* disable vnode_cache_is_authorized() by setting vnode_cache_defeat */ 1124 if (PE_parse_boot_argn("-vnode_cache_defeat", namep, sizeof (namep))) 1125 bootarg_vnode_cache_defeat = 1; 1126 1127#if DEVELOPMENT || DEBUG 1128 if (PE_parse_boot_argn("-disable_aslr", namep, sizeof (namep))) 1129 bootarg_disable_aslr = 1; 1130#endif 1131 1132 PE_parse_boot_argn("ncl", &ncl, sizeof (ncl)); 1133 if (PE_parse_boot_argn("nbuf", &max_nbuf_headers, 1134 sizeof (max_nbuf_headers))) { 1135 customnbuf = 1; 1136 } 1137 1138#if CONFIG_MACF 1139#if defined (__i386__) || defined (__x86_64__) 1140 PE_parse_boot_argn("policy_check", &policy_check_flags, sizeof (policy_check_flags)); 1141#endif 1142#endif /* CONFIG_MACF */ 1143 1144 if (PE_parse_boot_argn("msgbuf", &msgbuf, sizeof (msgbuf))) { 1145 log_setsize(msgbuf); 1146 } 1147 1148 if (PE_parse_boot_argn("-novfscache", namep, sizeof(namep))) { 1149 nc_disabled = 1; 1150 } 1151} 1152 1153void 1154bsd_exec_setup(int scale) 1155{ 1156 1157 switch (scale) { 1158 case 0: 1159 case 1: 1160 bsd_simul_execs = BSD_SIMUL_EXECS; 1161 break; 1162 case 2: 1163 case 3: 1164 bsd_simul_execs = 65; 1165 break; 1166 case 4: 1167 case 5: 1168 bsd_simul_execs = 129; 1169 break; 1170 case 6: 1171 case 7: 1172 bsd_simul_execs = 257; 1173 break; 1174 default: 1175 bsd_simul_execs = 513; 1176 break; 1177 1178 } 1179 bsd_pageable_map_size = (bsd_simul_execs * BSD_PAGEABLE_SIZE_PER_EXEC); 1180} 1181 1182#if !NFSCLIENT 1183int 1184netboot_root(void); 1185 1186int 1187netboot_root(void) 1188{ 1189 return(0); 1190} 1191#endif 1192