Further flesh out sysctl children resolution

Carnations-Botanica · Dec 1, 2024 · f54a7d9 · f54a7d9
1 parent 49a95f2
commit f54a7d9
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 2 deletions.
diff --git a/VMHide/kern_start.cpp b/VMHide/kern_start.cpp
@@ -11,10 +11,50 @@ static VMH vmhInstance;
 
 VMH *VMH::callbackVMH;
 
+// gets sysctl__children memory address and returns it
+mach_vm_address_t sysctlChildrenAddr(KernelPatcher &patcher) {
+
+    // resolve the _sysctl__children symbol with the given patcher
+    mach_vm_address_t sysctlChildrenAddress = patcher.solveSymbol(KernelPatcher::KernelID, "_sysctl__children");
+
+    // check if the address was successfully resolved, else return 0
+    if (sysctlChildrenAddress) {
+        DBGLOG(MODULE_SYSCTL, "Resolved _sysctl__children at address: 0x%llx", sysctlChildrenAddress);
+
+        // cast the address to sysctl_oid_list*
+        sysctl_oid_list *sysctlChildren = reinterpret_cast<sysctl_oid_list *>(sysctlChildrenAddress);
+
+        // log the address for debugging
+        DBGLOG(MODULE_SYSCTL, "Sysctl children list at address: 0x%llx", reinterpret_cast<mach_vm_address_t>(sysctlChildren));
+
+        // iterate over the sysctl_oid_list
+        sysctl_oid *oid;
+        SLIST_FOREACH(oid, sysctlChildren, oid_link) {
+            // log each OID's name and number
+            DBGLOG(MODULE_SYSCTL, "OID Name: %s, OID Number: %d", oid->oid_name, oid->oid_number);
+        }
+
+        return sysctlChildrenAddress;
+    } else {
+        KernelPatcher::Error err = patcher.getError();
+        SYSLOG(MODULE_SYSCTL, "Failed to resolve _sysctl__children. (Lilu returned: %d)", err);
+        patcher.clearError();
+        return 0;
+    }
+
+}
+
 // Function to solve the _sysctl__children symbol address
 static void solveSysCtlChildrenAddr(void *user __unused, KernelPatcher &Patcher) {
 
-    DBGLOG(MODULE_SYSCTL, "solveSysCtlChildrenAddr called");
+    // Log area
+    DBGLOG(MODULE_SYSCTL, "solveSysCtlChildrenAddr called after Patcher loaded successfully.");
+
+    // Get the address of _sysctl__children here
+    mach_vm_address_t sysCtlChildrenAddress = sysctlChildrenAddr(Patcher);
+
+    // Log area
+    DBGLOG(MODULE_SYSCTL, "mach_vm_address_t of sysCtlChildrenAddress is: 0x%llx", sysCtlChildrenAddress);
 
 }
 
@@ -26,7 +66,8 @@ void VMH::init() {
     DBGLOG(MODULE_INIT, "Hello World from VMHide!");
 
     // Register the root function to solve _sysctl__children on patcher load
-    lilu.onPatcherLoad(solveSysCtlChildrenAddr);
+    DBGLOG(MODULE_INIT, "Attempting to onPatcherLoadForce...");
+    lilu.onPatcherLoadForce(solveSysCtlChildrenAddr);
 
 }
 

diff --git a/VMHide/kern_start.hpp b/VMHide/kern_start.hpp
@@ -51,6 +51,11 @@ class VMH {
      */
     static void solveSysCtlChildrenAddr(void *user __unused, KernelPatcher &Patcher);
 
+    /**
+     *  Returns address for the sysctl children symbol
+     */
+    mach_vm_address_t sysctlChildrenAddr(KernelPatcher &patcher);
+
     /**
      *  Function to reroute kern hv vmm present function to our own custom one in VMH
      */