| skipped 19 lines |
20 | 20 | | ```cpp |
21 | 21 | | IOReturn IOHIDDevice::postElementTransaction(const void* elementData, UInt32 dataSize, UInt32 completionTimeout, IOHIDCompletion * completion) |
22 | 22 | | { |
23 | | - | IOReturn ret = kIOReturnError; |
24 | | - | uint32_t cookies_[kMaxLocalCookieArrayLength]; |
25 | | - | uint32_t *cookies = cookies_; |
26 | | - | uint32_t cookieCount = 0; |
27 | | - | uint32_t cookieSize = 0; |
28 | | - | uint32_t dataOffset = 0; |
29 | | - | uint8_t *data = (uint8_t*)elementData; |
30 | | - | IOMemoryDescriptor *elementDesc = getMemoryWithCurrentElementValues(); |
31 | | - | require(_elementArray && elementDesc, fail); |
| 23 | + | IOReturn ret = kIOReturnError; |
| 24 | + | uint32_t cookies_[kMaxLocalCookieArrayLength]; |
| 25 | + | uint32_t *cookies = cookies_; |
| 26 | + | uint32_t cookieCount = 0; |
| 27 | + | uint32_t cookieSize = 0; |
| 28 | + | uint32_t dataOffset = 0; |
| 29 | + | uint8_t *data = (uint8_t*)elementData; |
| 30 | + | IOMemoryDescriptor *elementDesc = getMemoryWithCurrentElementValues(); |
| 31 | + | require(_elementArray && elementDesc, fail); |
32 | 32 | | |
33 | | - | WORKLOOP_LOCK; |
| 33 | + | WORKLOOP_LOCK; |
34 | 34 | | |
35 | | - | // Find the number of cookies in the data. Check that all cookies are valid elements. [1] |
36 | | - | while (dataOffset < dataSize) { |
37 | | - | const IOHIDElementValueHeader *headerPtr = (const IOHIDElementValueHeader *)(data + dataOffset); |
38 | | - | IOHIDElementPrivate *element = GetElement(headerPtr->cookie); |
39 | | - | if (!element) { |
40 | | - | HIDDeviceLogError("Could not find element for cookie: %d", headerPtr->cookie); |
41 | | - | ret = kIOReturnAborted; |
42 | | - | goto fail; |
43 | | - | } |
44 | | - | cookieCount++; |
| 35 | + | // Find the number of cookies in the data. Check that all cookies are valid elements. [1] |
| 36 | + | while (dataOffset < dataSize) { |
| 37 | + | const IOHIDElementValueHeader *headerPtr = (const IOHIDElementValueHeader *)(data + dataOffset); |
| 38 | + | IOHIDElementPrivate *element = GetElement(headerPtr->cookie); |
| 39 | + | if (!element) { |
| 40 | + | HIDDeviceLogError("Could not find element for cookie: %d", headerPtr->cookie); |
| 41 | + | ret = kIOReturnAborted; |
| 42 | + | goto fail; |
| 43 | + | } |
| 44 | + | cookieCount++; |
45 | 45 | | |
46 | | - | require_noerr_action(os_add3_overflow(dataOffset, headerPtr->length, sizeof(IOHIDElementValueHeader), &dataOffset), fail, HIDDeviceLogError("Overflow iterating cookie data buffer %u %u", dataOffset, headerPtr->length)); |
47 | | - | } |
48 | | - | // Data isn't as large as expected, don't overrun, just abort |
49 | | - | if (dataOffset != dataSize) { // [2] |
50 | | - | HIDDeviceLogError("Cookie data buffer is smaller than expected. %u vs. %u", |
51 | | - | (unsigned int)dataSize, (unsigned int)dataOffset); |
52 | | - | ret = kIOReturnAborted; |
53 | | - | goto fail; |
54 | | - | } |
55 | | - | dataOffset = 0; |
| 46 | + | require_noerr_action(os_add3_overflow(dataOffset, headerPtr->length, sizeof(IOHIDElementValueHeader), &dataOffset), fail, HIDDeviceLogError("Overflow iterating cookie data buffer %u %u", dataOffset, headerPtr->length)); |
| 47 | + | } |
| 48 | + | // Data isn't as large as expected, don't overrun, just abort |
| 49 | + | if (dataOffset != dataSize) { // [2] |
| 50 | + | HIDDeviceLogError("Cookie data buffer is smaller than expected. %u vs. %u", |
| 51 | + | (unsigned int)dataSize, (unsigned int)dataOffset); |
| 52 | + | ret = kIOReturnAborted; |
| 53 | + | goto fail; |
| 54 | + | } |
| 55 | + | dataOffset = 0; |
56 | 56 | | |
57 | | - | require_noerr_action(os_mul_overflow(cookieCount, sizeof(uint32_t), &cookieSize), |
58 | | - | fail, |
59 | | - | HIDDeviceLogError("Overflow calculating cookieSize")); |
| 57 | + | require_noerr_action(os_mul_overflow(cookieCount, sizeof(uint32_t), &cookieSize), |
| 58 | + | fail, |
| 59 | + | HIDDeviceLogError("Overflow calculating cookieSize")); |
60 | 60 | | |
61 | | - | cookies = (cookieCount <= kMaxLocalCookieArrayLength) ? cookies : (uint32_t*)IOMallocData(cookieSize); // [3] |
| 61 | + | cookies = (cookieCount <= kMaxLocalCookieArrayLength) ? cookies : (uint32_t*)IOMallocData(cookieSize); // [3] |
62 | 62 | | |
63 | | - | if (cookies == NULL) { |
64 | | - | ret = kIOReturnNoMemory; |
65 | | - | goto fail; |
66 | | - | } |
| 63 | + | if (cookies == NULL) { |
| 64 | + | ret = kIOReturnNoMemory; |
| 65 | + | goto fail; |
| 66 | + | } |
67 | 67 | | |
68 | | - | // Update the elements, this replaced the shared kernel-user shared memory. |
69 | | - | for (size_t index = 0; dataOffset < dataSize; ++index) { // [4] |
70 | | - | const IOHIDElementValueHeader *headerPtr; |
71 | | - | IOHIDElementPrivate *element; |
72 | | - | OSData *elementVal; |
| 68 | + | // Update the elements, this replaced the shared kernel-user shared memory. |
| 69 | + | for (size_t index = 0; dataOffset < dataSize; ++index) { // [4] |
| 70 | + | const IOHIDElementValueHeader *headerPtr; |
| 71 | + | IOHIDElementPrivate *element; |
| 72 | + | OSData *elementVal; |
73 | 73 | | |
74 | | - | headerPtr = (const IOHIDElementValueHeader *)(data + dataOffset); |
75 | | - | element = GetElement(headerPtr->cookie); |
76 | | - | dataOffset += headerPtr->length + sizeof(IOHIDElementValueHeader); |
| 74 | + | headerPtr = (const IOHIDElementValueHeader *)(data + dataOffset); |
| 75 | + | element = GetElement(headerPtr->cookie); |
| 76 | + | dataOffset += headerPtr->length + sizeof(IOHIDElementValueHeader); |
77 | 77 | | |
78 | | - | elementVal = OSData::withBytesNoCopy((void*)headerPtr->value, |
79 | | - | headerPtr->length); // [5] |
80 | | - | require_action(elementVal, fail, ret = kIOReturnNoMemory); |
81 | | - | element->setDataBits(elementVal); |
82 | | - | elementVal->release(); |
| 78 | + | elementVal = OSData::withBytesNoCopy((void*)headerPtr->value, |
| 79 | + | headerPtr->length); // [5] |
| 80 | + | require_action(elementVal, fail, ret = kIOReturnNoMemory); |
| 81 | + | element->setDataBits(elementVal); |
| 82 | + | elementVal->release(); |
83 | 83 | | |
84 | | - | cookies[index] = headerPtr->cookie; // [6] |
85 | | - | } |
| 84 | + | cookies[index] = headerPtr->cookie; // [6] |
| 85 | + | } |
86 | 86 | | |
87 | | - | // Actually post elements |
88 | | - | ret = postElementValues((IOHIDElementCookie *)cookies, (UInt32)cookieCount, 0, completionTimeout, completion); |
| 87 | + | // Actually post elements |
| 88 | + | ret = postElementValues((IOHIDElementCookie *)cookies, (UInt32)cookieCount, 0, completionTimeout, completion); |
89 | 89 | | |
90 | 90 | | fail: |
91 | | - | WORKLOOP_UNLOCK; |
92 | | - | if (cookies != &cookies_[0]) { |
93 | | - | IOFreeData(cookies, cookieSize); |
94 | | - | } |
| 91 | + | WORKLOOP_UNLOCK; |
| 92 | + | if (cookies != &cookies_[0]) { |
| 93 | + | IOFreeData(cookies, cookieSize); |
| 94 | + | } |
95 | 95 | | |
96 | | - | return ret; |
| 96 | + | return ret; |
97 | 97 | | } |
98 | 98 | | ``` |
99 | 99 | | |
| skipped 10 lines |
110 | 110 | | kern_return_t |
111 | 111 | | IMPL(IOHIDInterface, SetElementValues) |
112 | 112 | | { |
113 | | - | IOReturn ret = kIOReturnError; |
114 | | - | UInt8 *values = NULL; |
115 | | - | IOBufferMemoryDescriptor *md = NULL; |
| 113 | + | IOReturn ret = kIOReturnError; |
| 114 | + | UInt8 *values = NULL; |
| 115 | + | IOBufferMemoryDescriptor *md = NULL; |
116 | 116 | | |
117 | | - | md = OSDynamicCast(IOBufferMemoryDescriptor, elementValues); |
118 | | - | require_action(md && count, exit, ret = kIOReturnBadArgument); |
| 117 | + | md = OSDynamicCast(IOBufferMemoryDescriptor, elementValues); |
| 118 | + | require_action(md && count, exit, ret = kIOReturnBadArgument); |
119 | 119 | | |
120 | | - | values = (UInt8 *)md->getBytesNoCopy(); |
| 120 | + | values = (UInt8 *)md->getBytesNoCopy(); |
121 | 121 | | |
122 | | - | // Post the data to the device |
123 | | - | ret = _owner->postElementTransaction(values, (UInt32)md->getLength()); |
124 | | - | require_noerr_action(ret, exit, HIDServiceLogError("postElementValues failed: 0x%x", ret)); |
| 122 | + | // Post the data to the device |
| 123 | + | ret = _owner->postElementTransaction(values, (UInt32)md->getLength()); |
| 124 | + | require_noerr_action(ret, exit, HIDServiceLogError("postElementValues failed: 0x%x", ret)); |
125 | 125 | | |
126 | 126 | | exit: |
127 | | - | return ret; |
| 127 | + | return ret; |
128 | 128 | | } |
129 | 129 | | ``` |
130 | 130 | | |
| skipped 31 lines |
162 | 162 | | |
163 | 163 | | If this fails, you can also try building without signing using: |
164 | 164 | | |
165 | | - | xcodebuild build CODE_SIGN_IDENTITY="" CODE_SIGNING_REQUIRED=NO |
| 165 | + | xcodebuild build CODE_SIGN_IDENTITY="" CODE_SIGNING_REQUIRED=NO |
166 | 166 | | |
167 | 167 | | And then manually signing using: |
168 | 168 | | |
169 | | - | codesign -fs self-sign-cert --entitlements HIDDriverLoader/HIDDriverLoader.entitlements build/Release/HIDDriverLoader.app/Contents/MacOS/HIDDriverLoader |
170 | | - | codesign -fs self-sign-cert --entitlements HIDDriver/HIDDriver.entitlements build/Release/HIDDriverLoader.app/Contents/Library/SystemExtensions/*.dext/*.driver |
| 169 | + | codesign -fs self-sign-cert --entitlements HIDDriverLoader/HIDDriverLoader.entitlements build/Release/HIDDriverLoader.app/Contents/MacOS/HIDDriverLoader |
| 170 | + | codesign -fs self-sign-cert --entitlements HIDDriver/HIDDriver.entitlements build/Release/HIDDriverLoader.app/Contents/Library/SystemExtensions/*.dext/*.driver |
171 | 171 | | |
172 | 172 | | ### Thank you for reading :) |
173 | 173 | | |