Redo manual syscalls, and use them for hooking.. And fix mmap, which now makes the whole thing slightly broken, because vm_remap into the middle of the shared region apparently silently does nothing.

1 files changed, 565 insertions, 0 deletions

diff --git a/generated/manual-mach.inc.h b/generated/manual-mach.inc.h
new file mode 100644
index 0000000..ddf31bc
--- /dev/null
+++ b/generated/manual-mach.inc.h
@@ -0,0 +1,565 @@
+/*
+ * IDENTIFICATION:
+ * stub generated Sun Feb 22 22:43:07 2015
+ * with a MiG generated by bootstrap_cmds-91
+ * OPTIONS: 
+ */
+#define	__MIG_check__Reply__thread_act_subsystem__ 1
+
+#include <string.h>
+#include <mach/ndr.h>
+#include <mach/boolean.h>
+#include <mach/kern_return.h>
+#include <mach/notify.h>
+#include <mach/mach_types.h>
+#include <mach/message.h>
+#include <mach/mig_errors.h>
+#include <mach/port.h>
+	
+/* BEGIN VOUCHER CODE */
+
+#ifndef KERNEL
+#if defined(__has_include)
+#if __has_include(<mach/mig_voucher_support.h>)
+#ifndef USING_VOUCHERS
+#endif
+#ifndef __VOUCHER_FORWARD_TYPE_DECLS__
+#define __VOUCHER_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern boolean_t voucher_mach_msg_set(mach_msg_header_t *msg) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif // __VOUCHER_FORWARD_TYPE_DECLS__
+#endif // __has_include(<mach/mach_voucher_types.h>)
+#endif // __has_include
+#endif // !KERNEL
+	
+/* END VOUCHER CODE */
+
+
+
+
+#ifndef	mig_internal
+#define	mig_internal	static __inline__
+#endif	/* mig_internal */
+
+#ifndef	mig_external
+#define mig_external
+#endif	/* mig_external */
+
+#if	!defined(__MigTypeCheck) && defined(TypeCheck)
+#define	__MigTypeCheck		TypeCheck	/* Legacy setting */
+#endif	/* !defined(__MigTypeCheck) */
+
+#if	!defined(__MigKernelSpecificCode) && defined(_MIG_KERNEL_SPECIFIC_CODE_)
+#define	__MigKernelSpecificCode	_MIG_KERNEL_SPECIFIC_CODE_	/* Legacy setting */
+#endif	/* !defined(__MigKernelSpecificCode) */
+
+#ifndef	LimitCheck
+#define	LimitCheck 0
+#endif	/* LimitCheck */
+
+#ifndef	min
+#define	min(a,b)  ( ((a) < (b))? (a): (b) )
+#endif	/* min */
+
+#if !defined(_WALIGN_)
+#define _WALIGN_(x) (((x) + 3) & ~3)
+#endif /* !defined(_WALIGN_) */
+
+#if !defined(_WALIGNSZ_)
+#define _WALIGNSZ_(x) _WALIGN_(sizeof(x))
+#endif /* !defined(_WALIGNSZ_) */
+
+#ifndef	UseStaticTemplates
+#define	UseStaticTemplates	0
+#endif	/* UseStaticTemplates */
+
+#ifndef	__MachMsgErrorWithTimeout
+#define	__MachMsgErrorWithTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	case MACH_SEND_TIMED_OUT: \
+	case MACH_RCV_TIMED_OUT: \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithTimeout */
+
+#ifndef	__MachMsgErrorWithoutTimeout
+#define	__MachMsgErrorWithoutTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithoutTimeout */
+
+#ifndef	__DeclareSendRpc
+#define	__DeclareSendRpc(_NUM_, _NAME_)
+#endif	/* __DeclareSendRpc */
+
+#ifndef	__BeforeSendRpc
+#define	__BeforeSendRpc(_NUM_, _NAME_)
+#endif	/* __BeforeSendRpc */
+
+#ifndef	__AfterSendRpc
+#define	__AfterSendRpc(_NUM_, _NAME_)
+#endif	/* __AfterSendRpc */
+
+#ifndef	__DeclareSendSimple
+#define	__DeclareSendSimple(_NUM_, _NAME_)
+#endif	/* __DeclareSendSimple */
+
+#ifndef	__BeforeSendSimple
+#define	__BeforeSendSimple(_NUM_, _NAME_)
+#endif	/* __BeforeSendSimple */
+
+#ifndef	__AfterSendSimple
+#define	__AfterSendSimple(_NUM_, _NAME_)
+#endif	/* __AfterSendSimple */
+
+#define msgh_request_port	msgh_remote_port
+#define msgh_reply_port		msgh_local_port
+
+
+
+
+
+/* Routine thread_get_state */
+static kern_return_t manual_thread_get_state
+(
+	thread_act_t target_act,
+	thread_state_flavor_t flavor,
+	thread_state_t old_state,
+	mach_msg_type_number_t *old_stateCnt
+, mach_port_t reply_port)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		thread_state_flavor_t flavor;
+		mach_msg_type_number_t old_stateCnt;
+	} Request;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		mach_msg_type_number_t old_stateCnt;
+		natural_t old_state[224];
+		mach_msg_trailer_t trailer;
+	} Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		mach_msg_type_number_t old_stateCnt;
+		natural_t old_state[224];
+	} __Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__thread_get_state_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__thread_get_state_t__defined */
+
+	__DeclareSendRpc(3603, "thread_get_state")
+
+	InP->NDR = NDR_record;
+
+	InP->flavor = flavor;
+
+	if (*old_stateCnt < 224)
+		InP->old_stateCnt = *old_stateCnt;
+	else
+		InP->old_stateCnt = 224;
+
+	InP->Head.msgh_bits =
+		MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = target_act;
+	InP->Head.msgh_reply_port = reply_port;
+	InP->Head.msgh_id = 3603;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(3603, "thread_get_state")
+	msg_result = manual_mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(3603, "thread_get_state")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		__MachMsgErrorWithoutTimeout(msg_result);
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__thread_get_state_t__defined)
+	check_result = __MIG_check__Reply__thread_get_state_t((__Reply__thread_get_state_t *)Out0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__thread_get_state_t__defined) */
+
+	if (Out0P->old_stateCnt > *old_stateCnt) {
+		(void)manual_memcpy((char *) old_state, (const char *) Out0P->old_state, 4 *  *old_stateCnt);
+		*old_stateCnt = Out0P->old_stateCnt;
+		{ return MIG_ARRAY_TOO_LARGE; }
+	}
+	(void)manual_memcpy((char *) old_state, (const char *) Out0P->old_state, 4 * Out0P->old_stateCnt);
+
+	*old_stateCnt = Out0P->old_stateCnt;
+
+	return KERN_SUCCESS;
+}
+
+
+
+/* Routine thread_set_state */
+static kern_return_t manual_thread_set_state
+(
+	thread_act_t target_act,
+	thread_state_flavor_t flavor,
+	thread_state_t new_state,
+	mach_msg_type_number_t new_stateCnt
+, mach_port_t reply_port)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		thread_state_flavor_t flavor;
+		mach_msg_type_number_t new_stateCnt;
+		natural_t new_state[224];
+	} Request;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		mach_msg_trailer_t trailer;
+	} Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+
+	mach_msg_return_t msg_result;
+	unsigned int msgh_size;
+
+#ifdef	__MIG_check__Reply__thread_set_state_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__thread_set_state_t__defined */
+
+	__DeclareSendRpc(3604, "thread_set_state")
+
+	InP->NDR = NDR_record;
+
+	InP->flavor = flavor;
+
+	if (new_stateCnt > 224) {
+		{ return MIG_ARRAY_TOO_LARGE; }
+	}
+	(void)manual_memcpy((char *) InP->new_state, (const char *) new_state, 4 * new_stateCnt);
+
+	InP->new_stateCnt = new_stateCnt;
+
+	msgh_size = (mach_msg_size_t)(sizeof(Request) - 896) + ((4 * new_stateCnt));
+	InP->Head.msgh_bits =
+		MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = target_act;
+	InP->Head.msgh_reply_port = reply_port;
+	InP->Head.msgh_id = 3604;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(3604, "thread_set_state")
+	msg_result = manual_mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, msgh_size, (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(3604, "thread_set_state")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		__MachMsgErrorWithoutTimeout(msg_result);
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__thread_set_state_t__defined)
+	check_result = __MIG_check__Reply__thread_set_state_t((__Reply__thread_set_state_t *)Out0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__thread_set_state_t__defined) */
+
+	return KERN_SUCCESS;
+}
+
+
+
+/* Routine mach_vm_remap */
+static kern_return_t manual_mach_vm_remap
+(
+	vm_map_t target_task,
+	mach_vm_address_t *target_address,
+	mach_vm_size_t size,
+	mach_vm_offset_t mask,
+	int flags,
+	vm_map_t src_task,
+	mach_vm_address_t src_address,
+	boolean_t copy,
+	vm_prot_t *cur_protection,
+	vm_prot_t *max_protection,
+	vm_inherit_t inheritance
+, mach_port_t reply_port)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_port_descriptor_t src_task;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_vm_address_t target_address;
+		mach_vm_size_t size;
+		mach_vm_offset_t mask;
+		int flags;
+		mach_vm_address_t src_address;
+		boolean_t copy;
+		vm_inherit_t inheritance;
+	} Request;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		mach_vm_address_t target_address;
+		vm_prot_t cur_protection;
+		vm_prot_t max_protection;
+		mach_msg_trailer_t trailer;
+	} Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		mach_vm_address_t target_address;
+		vm_prot_t cur_protection;
+		vm_prot_t max_protection;
+	} __Reply;
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__mach_vm_remap_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__mach_vm_remap_t__defined */
+
+	__DeclareSendRpc(4813, "mach_vm_remap")
+
+#if	UseStaticTemplates
+	const static mach_msg_port_descriptor_t src_taskTemplate = {
+		/* name = */		MACH_PORT_NULL,
+		/* pad1 = */		0,
+		/* pad2 = */		0,
+		/* disp = */		19,
+		/* type = */		MACH_MSG_PORT_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+	InP->msgh_body.msgh_descriptor_count = 1;
+#if	UseStaticTemplates
+	InP->src_task = src_taskTemplate;
+	InP->src_task.name = src_task;
+#else	/* UseStaticTemplates */
+	InP->src_task.name = src_task;
+	InP->src_task.disposition = 19;
+	InP->src_task.type = MACH_MSG_PORT_DESCRIPTOR;
+#endif	/* UseStaticTemplates */
+
+	InP->NDR = NDR_record;
+
+	InP->target_address = *target_address;
+
+	InP->size = size;
+
+	InP->mask = mask;
+
+	InP->flags = flags;
+
+	InP->src_address = src_address;
+
+	InP->copy = copy;
+
+	InP->inheritance = inheritance;
+
+	InP->Head.msgh_bits = MACH_MSGH_BITS_COMPLEX|
+		MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = target_task;
+	InP->Head.msgh_reply_port = reply_port;
+	InP->Head.msgh_id = 4813;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(4813, "mach_vm_remap")
+	msg_result = manual_mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(4813, "mach_vm_remap")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		__MachMsgErrorWithoutTimeout(msg_result);
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__mach_vm_remap_t__defined)
+	check_result = __MIG_check__Reply__mach_vm_remap_t((__Reply___kernelrpc_mach_vm_remap_t *)Out0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__mach_vm_remap_t__defined) */
+
+	*target_address = Out0P->target_address;
+
+	*cur_protection = Out0P->cur_protection;
+
+	*max_protection = Out0P->max_protection;
+
+	return KERN_SUCCESS;
+}
+
+
+