static xpc_object_t
auth_item_copy_auth_item_xpc(auth_item_t item)
{
xpc_object_t xpc_data = xpc_dictionary_create(NULL, NULL, 0);
xpc_dictionary_set_string(xpc_data, AUTH_XPC_ITEM_NAME, item->data.name);
if (item->data.value) {
xpc_dictionary_set_data(xpc_data, AUTH_XPC_ITEM_VALUE, item->data.value, item->data.valueLength);
}
xpc_dictionary_set_uint64(xpc_data, AUTH_XPC_ITEM_FLAGS, item->data.flags);
xpc_dictionary_set_uint64(xpc_data, AUTH_XPC_ITEM_TYPE, item->type);
return xpc_data;
}
CAMLprim value
caml_init_vmnet(value v_mode)
{
CAMLparam1(v_mode);
CAMLlocal3(v_iface_ref,v_res,v_mac);
xpc_object_t interface_desc = xpc_dictionary_create(NULL, NULL, 0);
xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, Int_val(v_mode));
uuid_t uuid;
uuid_generate_random(uuid);
xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
__block interface_ref iface = NULL;
__block vmnet_return_t iface_status = 0;
__block unsigned char *mac = malloc(6);
if (!mac) caml_raise_out_of_memory ();
__block unsigned int mtu = 0;
__block unsigned int max_packet_size = 0;
dispatch_queue_t if_create_q = dispatch_queue_create("org.openmirage.vmnet.create", DISPATCH_QUEUE_SERIAL);
dispatch_semaphore_t iface_created = dispatch_semaphore_create(0);
iface = vmnet_start_interface(interface_desc, if_create_q,
^(vmnet_return_t status, xpc_object_t interface_param) {
iface_status = status;
if (status != VMNET_SUCCESS || !interface_param) {
dispatch_semaphore_signal(iface_created);
return;
}
//printf("mac desc: %s\n", xpc_copy_description(xpc_dictionary_get_value(interface_param, vmnet_mac_address_key)));
const char *macStr = xpc_dictionary_get_string(interface_param, vmnet_mac_address_key);
unsigned char lmac[6];
if (sscanf(macStr, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx", &lmac[0], &lmac[1], &lmac[2], &lmac[3], &lmac[4], &lmac[5]) != 6)
errx(1, "Unexpected MAC address received from vmnet");
memcpy(mac, lmac, 6);
mtu = xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key);
max_packet_size = xpc_dictionary_get_uint64(interface_param, vmnet_max_packet_size_key);
dispatch_semaphore_signal(iface_created);
});
static int
vmnet_get_mac_address_from_uuid(char *guest_uuid_str) {
/*
* from vmn_create() in https://github.com/mist64/xhyve/blob/master/src/pci_virtio_vmnet.c
*/
xpc_object_t interface_desc;
uuid_t uuid;
__block interface_ref iface;
__block vmnet_return_t iface_status;
dispatch_semaphore_t iface_created;
dispatch_queue_t if_create_q;
uint32_t uuid_status;
interface_desc = xpc_dictionary_create(NULL, NULL, 0);
xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, VMNET_SHARED_MODE);
uuid_from_string(guest_uuid_str, &uuid, &uuid_status);
if (uuid_status != uuid_s_ok) {
fprintf(stderr, "Invalid UUID\n");
return -1;
}
xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
iface = NULL;
iface_status = 0;
if_create_q = dispatch_queue_create("org.xhyve.vmnet.create", DISPATCH_QUEUE_SERIAL);
iface_created = dispatch_semaphore_create(0);
iface = vmnet_start_interface(interface_desc, if_create_q,
^(vmnet_return_t status, xpc_object_t interface_param)
{
iface_status = status;
if (status != VMNET_SUCCESS || !interface_param) {
dispatch_semaphore_signal(iface_created);
return;
}
printf("%s\n", xpc_dictionary_get_string(interface_param, vmnet_mac_address_key));
dispatch_semaphore_signal(iface_created);
});
CFDictionaryRef xpcEngineUpdate(CFTypeRef target, uint flags, CFDictionaryRef context)
{
Message msg("update");
// target can be NULL, a CFURLRef, a SecRequirementRef, or a CFNumberRef
if (target) {
if (CFGetTypeID(target) == CFNumberGetTypeID())
xpc_dictionary_set_uint64(msg, "rule", cfNumber<int64_t>(CFNumberRef(target)));
else if (CFGetTypeID(target) == CFURLGetTypeID())
xpc_dictionary_set_string(msg, "url", cfString(CFURLRef(target)).c_str());
else if (CFGetTypeID(target) == SecRequirementGetTypeID()) {
CFRef<CFDataRef> data;
MacOSError::check(SecRequirementCopyData(SecRequirementRef(target), kSecCSDefaultFlags, &data.aref()));
xpc_dictionary_set_data(msg, "requirement", CFDataGetBytePtr(data), CFDataGetLength(data));
} else
MacOSError::throwMe(errSecCSInvalidObjectRef);
}
xpc_dictionary_set_int64(msg, "flags", flags);
CFRef<CFMutableDictionaryRef> ctx = makeCFMutableDictionary();
if (context)
CFDictionaryApplyFunction(context, copyCFDictionary, ctx);
AuthorizationRef localAuthorization = NULL;
if (CFDictionaryGetValue(ctx, kSecAssessmentUpdateKeyAuthorization) == NULL) { // no caller-provided authorization
MacOSError::check(AuthorizationCreate(NULL, NULL, kAuthorizationFlagDefaults, &localAuthorization));
AuthorizationExternalForm extForm;
MacOSError::check(AuthorizationMakeExternalForm(localAuthorization, &extForm));
CFDictionaryAddValue(ctx, kSecAssessmentUpdateKeyAuthorization, CFTempData(&extForm, sizeof(extForm)));
}
CFRef<CFDataRef> contextData = makeCFData(CFDictionaryRef(ctx));
xpc_dictionary_set_data(msg, "context", CFDataGetBytePtr(contextData), CFDataGetLength(contextData));
msg.send();
if (localAuthorization)
AuthorizationFree(localAuthorization, kAuthorizationFlagDefaults);
if (int64_t error = xpc_dictionary_get_int64(msg, "error"))
MacOSError::throwMe(error);
size_t resultLength;
const void *resultData = xpc_dictionary_get_data(msg, "result", &resultLength);
return makeCFDictionaryFrom(resultData, resultLength);
}
/*
* Create an interface for the guest using Apple's vmnet framework.
*
* The interface works in VMNET_SHARED_MODE which allows for packets
* of the guest to reach other guests and the Internet.
*
* See also: https://developer.apple.com/library/mac/documentation/vmnet/Reference/vmnet_Reference/index.html
*/
static int
vmn_create(struct pci_vtnet_softc *sc)
{
xpc_object_t interface_desc;
uuid_t uuid;
__block interface_ref iface;
__block vmnet_return_t iface_status;
dispatch_semaphore_t iface_created;
dispatch_queue_t if_create_q;
dispatch_queue_t if_q;
struct vmnet_state *vms;
uint32_t uuid_status;
interface_desc = xpc_dictionary_create(NULL, NULL, 0);
xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key,
VMNET_SHARED_MODE);
if (guest_uuid_str != NULL) {
uuid_from_string(guest_uuid_str, &uuid, &uuid_status);
if (uuid_status != uuid_s_ok) {
return (-1);
}
} else {
uuid_generate_random(uuid);
}
xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
iface = NULL;
iface_status = 0;
vms = malloc(sizeof(struct vmnet_state));
if (!vms) {
return (-1);
}
if_create_q = dispatch_queue_create("org.xhyve.vmnet.create",
DISPATCH_QUEUE_SERIAL);
iface_created = dispatch_semaphore_create(0);
iface = vmnet_start_interface(interface_desc, if_create_q,
^(vmnet_return_t status, xpc_object_t interface_param)
{
iface_status = status;
if (status != VMNET_SUCCESS || !interface_param) {
dispatch_semaphore_signal(iface_created);
return;
}
if (sscanf(xpc_dictionary_get_string(interface_param,
vmnet_mac_address_key),
"%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
&vms->mac[0], &vms->mac[1], &vms->mac[2], &vms->mac[3],
&vms->mac[4], &vms->mac[5]) != 6)
{
assert(0);
}
vms->mtu = (unsigned)
xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key);
vms->max_packet_size = (unsigned)
xpc_dictionary_get_uint64(interface_param,
vmnet_max_packet_size_key);
dispatch_semaphore_signal(iface_created);
});
