--- /dev/null
+/*
+ * Copyright (c) 2018 Apple Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+#include "internal.h"
+
+#pragma mark Types
+typedef struct _os_mach_port_disposition {
+ mach_msg_bits_t ompd_bits;
+ const char *const ompd_human;
+} os_mach_port_disposition_t;
+
+#define os_mach_port_disposition_init(d) [d] = { \
+ .ompd_bits = (d), \
+ .ompd_human = #d, \
+}
+
+#pragma mark Top-Level Statics
+static const os_flagset_t _mach_msgh_bits = {
+ os_flag_init(MACH_MSGH_BITS_COMPLEX),
+ os_flag_init(MACH_MSGH_BITS_RAISEIMP),
+ // MACH_MSGH_BITS_DENAP is deprecated
+ os_flag_init(MACH_MSGH_BITS_IMPHOLDASRT),
+ // MACH_MSGH_BITS_DENAPHOLDASRT is deprecated
+ // MACH_MSGH_BITS_CIRCULAR is kernel-internal
+};
+
+static const os_mach_port_disposition_t _mach_port_dispositions[] = {
+ os_mach_port_disposition_init(MACH_MSG_TYPE_MOVE_RECEIVE),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_MOVE_SEND),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_MOVE_SEND_ONCE),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_COPY_SEND),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_MAKE_SEND),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_MAKE_SEND_ONCE),
+ // MACH_MSG_TYPE_COPY_RECEIVE is not a valid operation, so unclear why it's
+ // even defined
+ os_mach_port_disposition_init(MACH_MSG_TYPE_DISPOSE_RECEIVE),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_DISPOSE_SEND),
+ os_mach_port_disposition_init(MACH_MSG_TYPE_DISPOSE_SEND_ONCE),
+};
+
+static inline const char *
+_mach_port_disposition_string(mach_msg_bits_t d)
+{
+ if (d < MACH_MSG_TYPE_MOVE_RECEIVE) {
+ return "[invalid]";
+ }
+ if (d > MACH_MSG_TYPE_DISPOSE_SEND_ONCE) {
+ return "[invalid]";
+ }
+ return _mach_port_dispositions[d].ompd_human;
+}
+
+static const os_flagset_t _mach_port_rights = {
+ os_flag_init(MACH_PORT_TYPE_SEND),
+ os_flag_init(MACH_PORT_TYPE_RECEIVE),
+ os_flag_init(MACH_PORT_TYPE_SEND_ONCE),
+ os_flag_init(MACH_PORT_TYPE_PORT_SET),
+ os_flag_init(MACH_PORT_TYPE_DEAD_NAME),
+ // MACH_PORT_TYPE_LABELH is obsolete
+ // MACH_PORT_TYPE_DNREQUEST->_mach_port_requests
+ // MACH_PORT_TYPE_SPREQUEST->_mach_port_requests
+ // MACH_PORT_TYPE_SPREQUEST_DELAYED->_mach_port_requests
+ // MACH_PORT_RIGHT_NUMBER is obsolete
+};
+
+static const os_flagset_t _mach_port_requests = {
+ os_flag_init(MACH_PORT_TYPE_DNREQUEST),
+ os_flag_init(MACH_PORT_TYPE_SPREQUEST),
+ os_flag_init(MACH_PORT_TYPE_SPREQUEST_DELAYED),
+};
+
+static const os_flagset_t _mach_port_status = {
+ os_flag_init(MACH_PORT_STATUS_FLAG_TEMPOWNER),
+ os_flag_init(MACH_PORT_STATUS_FLAG_GUARDED),
+ os_flag_init(MACH_PORT_STATUS_FLAG_STRICT_GUARD),
+ os_flag_init(MACH_PORT_STATUS_FLAG_IMP_DONATION),
+ // MACH_PORT_STATUS_FLAG_REVIVE is obsolete
+ os_flag_init(MACH_PORT_STATUS_FLAG_TASKPTR),
+};
+
+static const os_flagset_t _mach_special_bits = {
+ os_flag_init(MACH_MSG_IPC_SPACE),
+ os_flag_init(MACH_MSG_VM_SPACE),
+ os_flag_init(MACH_MSG_IPC_KERNEL),
+ os_flag_init(MACH_MSG_VM_KERNEL),
+};
+
+#pragma mark API
+const mach_msg_trailer_t *
+os_mach_msg_get_trailer(const mach_msg_header_t *hdr)
+{
+ // The mach_msg() documentation states that the trailer will follow the
+ // message body on the next natural boundary. But when we moved to 64-bit,
+ // we kept the trailer alignment on a 4-byte boundary for compatibility
+ // reasons. Specifically, natural_t is still 32 bits on both 32- and 64-bit
+ // platforms.
+ return (mach_msg_trailer_t *)((uint8_t *)hdr + round_msg(hdr->msgh_size));
+}
+
+const mach_msg_audit_trailer_t *
+os_mach_msg_get_audit_trailer(const mach_msg_header_t *hdr)
+{
+ const mach_msg_trailer_t *tlr = NULL;
+ const mach_msg_audit_trailer_t *audit_tlr = NULL;
+
+ tlr = os_mach_msg_get_trailer(hdr);
+ if (tlr->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0) {
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_audit_trailer_t)) {
+ audit_tlr = (mach_msg_audit_trailer_t *)tlr;
+ }
+ }
+
+ return audit_tlr;
+}
+
+const mach_msg_context_trailer_t *
+os_mach_msg_get_context_trailer(const mach_msg_header_t *hdr)
+{
+ const mach_msg_trailer_t *tlr = NULL;
+ const mach_msg_context_trailer_t *ctx_tlr = NULL;
+
+ tlr = os_mach_msg_get_trailer(hdr);
+ if (tlr->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0) {
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_context_trailer_t)) {
+ ctx_tlr = (mach_msg_context_trailer_t *)tlr;
+ }
+ }
+
+ return ctx_tlr;
+}
+
+char *
+os_mach_msg_copy_description(const mach_msg_header_t *msg)
+{
+ int ret = -1;
+ mach_msg_bits_t local = MACH_MSGH_BITS_LOCAL(msg->msgh_bits);
+ mach_msg_bits_t remote = MACH_MSGH_BITS_REMOTE(msg->msgh_bits);
+ mach_msg_bits_t voucher = MACH_MSGH_BITS_VOUCHER(msg->msgh_bits);
+ char *__os_free bits_desc = NULL;
+ const char *local_desc = _mach_port_disposition_string(local);
+ const char *remote_desc = _mach_port_disposition_string(remote);
+ const char *voucher_desc = _mach_port_disposition_string(voucher);
+ char *desc = NULL;
+ mach_msg_size_t ool_cnt = 0;
+
+ if (msg->msgh_bits & MACH_MSGH_BITS_COMPLEX) {
+ ool_cnt = ((mach_msg_base_t *)msg)->body.msgh_descriptor_count;
+ }
+
+ bits_desc = os_flagset_copy_string(_mach_msgh_bits, msg->msgh_bits);
+ ret = asprintf(&desc, "id = %#x, size = %u, bits = %s, "
+ "local disp = %s, local port = %#x, "
+ "remote disp = %s, remote port = %#x, "
+ "voucher disp = %s, voucher port = %#x, "
+ "out-of-line descriptor cnt = %u",
+ msg->msgh_id, msg->msgh_size, bits_desc,
+ local_desc, msg->msgh_local_port,
+ remote_desc, msg->msgh_remote_port,
+ voucher_desc, msg->msgh_voucher_port,
+ ool_cnt);
+ posix_assert_zero(ret);
+
+ return desc;
+}
+
+char *
+os_mach_msg_trailer_copy_description(const mach_msg_trailer_t *tlr)
+{
+ union {
+ int r;
+ size_t n;
+ } ret = {
+ .r = -1,
+ };
+ char *desc = NULL;
+ char buff[512];
+ char *cursor = buff;
+ size_t left = sizeof(buff);
+ // Yes we do not know the actual size of the trailer yet, so this is
+ // technically unsafe, but we only dereference members after determining
+ // that they are safe to dereference. Just us chickens and all that.
+ const mach_msg_mac_trailer_t *max = (const mach_msg_mac_trailer_t *)tlr;
+
+ if (tlr->msgh_trailer_type != MACH_MSG_TRAILER_FORMAT_0) {
+ ret.r = asprintf(&desc, "type = %u, size = %u",
+ tlr->msgh_trailer_type, tlr->msgh_trailer_size);
+ os_assert_zero(ret.r);
+ goto __out;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_trailer_t)) {
+ ret.r = snprintf(cursor, left, "format = %u, size = %u",
+ tlr->msgh_trailer_type, tlr->msgh_trailer_size);
+ os_assert_sprintf(ret.r, left);
+
+ // Safe since the above assert has verified that ret is both positive
+ // and less than or equal to the size of the buffer.
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_seqno_trailer_t)) {
+ ret.r = snprintf(cursor, left, ", seqno = %u", max->msgh_seqno);
+ os_assert_sprintf(ret.r, left);
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_security_trailer_t)) {
+ ret.r = snprintf(cursor, left, ", security.uid = %u, security.gid = %u",
+ max->msgh_sender.val[0], max->msgh_sender.val[1]);
+ os_assert_sprintf(ret.r, left);
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_audit_trailer_t)) {
+ ret.r = snprintf(cursor, left, ", audit.auid = %u, "
+ "audit.euid = %u, audit.egid = %u, "
+ "audit.ruid = %u, audit.rgid = %u, "
+ "audit.pid = %u, audit.asid = %u, audit.pidvers = %u",
+ max->msgh_audit.val[0], max->msgh_audit.val[1],
+ max->msgh_audit.val[2], max->msgh_audit.val[3],
+ max->msgh_audit.val[4], max->msgh_audit.val[5],
+ max->msgh_audit.val[6], max->msgh_audit.val[7]);
+ os_assert_sprintf(ret.r, left);
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_context_trailer_t)) {
+ uint64_t ctx = max->msgh_context;
+ ret.r = snprintf(cursor, left, ", context = %#llx", ctx);
+ os_assert_sprintf(ret.r, left);
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ if (tlr->msgh_trailer_size >= sizeof(mach_msg_mac_trailer_t)) {
+ ret.r = snprintf(cursor, left, ", labels.sender = %#x",
+ max->msgh_labels.sender);
+ os_assert_sprintf(ret.r, left);
+ cursor += ret.n;
+ left -= ret.n;
+ }
+
+ desc = os_strdup(buff);
+
+__out:
+ return desc;
+}
+
+char *
+os_mach_port_copy_description(mach_port_t p)
+{
+ kern_return_t kr = KERN_FAILURE;
+ mach_port_right_t right = 0;
+ mach_port_type_t type = 0;
+ mach_port_urefs_t urefs = 0;
+ mach_port_status_t status;
+ mach_msg_type_number_t status_size = MACH_PORT_RECEIVE_STATUS_COUNT;
+ char *desc = NULL;
+ char *__os_free rightdesc = NULL;
+ char *__os_free requestdesc = NULL;
+ char *__os_free statusdesc = NULL;
+ char *__os_free urefsdesc = NULL;
+ char *which_urefs = "";
+ int ret = -1;
+
+ if (p == MACH_PORT_NULL) {
+ return os_strdup("null");
+ }
+ if (p == MACH_PORT_DEAD) {
+ return os_strdup("dead-name");
+ }
+
+ kr = mach_port_type(mach_task_self(), p, &type);
+ switch (kr) {
+ case KERN_SUCCESS:
+ rightdesc = os_flagset_copy_string(_mach_port_rights, type);
+ requestdesc = os_flagset_copy_string(_mach_port_requests, type);
+ break;
+ default:
+ ret = asprintf(&rightdesc, "[%#x]", kr);
+ posix_assert_zero(ret);
+ }
+
+ kr = mach_port_get_attributes(mach_task_self(), p,
+ MACH_PORT_RECEIVE_STATUS, (mach_port_info_t)&status, &status_size);
+ switch (kr) {
+ case KERN_SUCCESS:
+ if (status.mps_flags) {
+ statusdesc = os_flagset_copy_string(_mach_port_status,
+ status.mps_flags);
+ } else {
+ statusdesc = os_strdup("[none]");
+ }
+
+ break;
+ case KERN_INVALID_RIGHT:
+ if (!(type & MACH_PORT_TYPE_RECEIVE)) {
+ statusdesc = os_strdup("[none]");
+ break;
+ }
+ default:
+ ret = asprintf(&statusdesc, "[%#x]", kr);
+ posix_assert_zero(ret);
+ }
+
+ if (type & MACH_PORT_TYPE_SEND) {
+ right = MACH_PORT_RIGHT_SEND;
+ which_urefs = "send";
+ } else if (type & MACH_PORT_TYPE_DEAD_NAME) {
+ right = MACH_PORT_RIGHT_DEAD_NAME;
+ which_urefs = "dead name";
+ }
+
+ if (which_urefs) {
+ kr = mach_port_get_refs(mach_task_self(), p, right, &urefs);
+ switch (kr) {
+ case KERN_SUCCESS:
+ ret = asprintf(&urefsdesc, ", %s urefs = %u", which_urefs, urefs);
+ break;
+ default:
+ ret = asprintf(&urefsdesc, ", %s urefs = [%#x]",
+ which_urefs, kr);
+ break;
+ }
+ }
+
+ ret = asprintf(&desc, "name = %#x, rights = %s, requests = %s, "
+ "status = %s%s",
+ p, rightdesc, requestdesc, statusdesc, urefsdesc);
+ posix_assert_zero(ret);
+
+ return desc;
+}
+
+#pragma mark API from <os/assumes.h>
+// These live here because the implementations uses functionality from
+// libdarwin, and we don't want to have a circular dependency between Libc and
+// libsystem_darwin. The long-term plan is to move assumes() and assert()
+// functionality into libdarwin anyway.
+void
+os_assert_mach(const char *op, kern_return_t kr)
+{
+ kern_return_t real_kr = (kern_return_t)(kr & (~MACH_MSG_MASK));
+ kern_return_t extra = (kern_return_t)(kr & MACH_MSG_MASK);
+ const char *err_string = NULL;
+ const char *err_type_string = NULL;
+ char err_buff[64];
+ char code_buff[16];
+ const char *special_desc = NULL;
+ int sys = err_get_system(real_kr);
+ int sub = err_get_sub(real_kr);
+ int code = err_get_code(real_kr);
+
+ if (kr == KERN_SUCCESS) {
+ return;
+ }
+
+ if (kr >= BOOTSTRAP_NOT_PRIVILEGED && kr <= BOOTSTRAP_NO_CHILDREN) {
+ err_string = bootstrap_strerror(kr);
+ snprintf(code_buff, sizeof(code_buff), "%d", kr);
+ err_type_string = "bootstrap";
+ } else {
+ err_string = mach_error_string(real_kr);
+ if (strcmp(err_string, "unknown error code") == 0) {
+ snprintf(err_buff, sizeof(err_buff), "[%#x|%#x|%#x]",
+ sys, sub, code);
+ err_string = err_buff;
+ err_type_string = "unrecognized";
+ } else {
+ err_type_string = "mach";
+ }
+
+ if (kr <= MIG_TYPE_ERROR && kr >= MIG_TRAILER_ERROR) {
+ snprintf(code_buff, sizeof(code_buff), "%d", kr);
+ } else {
+ snprintf(code_buff, sizeof(code_buff), "%#x", kr);
+ special_desc = os_flagset_copy_string(_mach_special_bits, extra);
+ }
+ }
+
+ if (special_desc) {
+ os_crash("%s failed: %s error = %s [%s], special bits = %s",
+ op, err_type_string, err_string, code_buff, special_desc);
+ } else {
+ os_crash("%s failed: %s error = %s [%s]",
+ op, err_type_string, err_string, code_buff);
+ }
+}
+
+void
+os_assert_mach_port_status(const char *desc, mach_port_t p,
+ mach_port_status_t *expected)
+{
+ kern_return_t kr = KERN_FAILURE;
+ mach_port_status_t status;
+ mach_msg_type_number_t status_cnt = MACH_PORT_RECEIVE_STATUS_COUNT;
+
+ kr = mach_port_get_attributes(mach_task_self(), p, MACH_PORT_RECEIVE_STATUS,
+ (mach_port_info_t)&status, &status_cnt);
+ os_assert_mach("get status", kr);
+
+ if (expected->mps_pset != UINT32_MAX) {
+ if (expected->mps_pset != status.mps_pset) {
+ os_crash("port set mismatch: actual = %u, expected = %u",
+ status.mps_pset, expected->mps_pset);
+ }
+ }
+ if (expected->mps_seqno != UINT32_MAX) {
+ if (expected->mps_seqno != status.mps_seqno) {
+ os_crash("sequence number mismatch: actual = %u, expected = %u",
+ status.mps_seqno, expected->mps_seqno);
+ }
+ }
+ if (expected->mps_mscount != UINT32_MAX) {
+ if (expected->mps_mscount != status.mps_mscount) {
+ os_crash("make-send count mismatch: actual = %u, expected = %u",
+ status.mps_mscount, expected->mps_mscount);
+ }
+ }
+ if (expected->mps_qlimit != UINT32_MAX) {
+ if (expected->mps_qlimit != status.mps_qlimit) {
+ os_crash("queue limit mismatch: actual = %u, expected = %u",
+ status.mps_qlimit, expected->mps_qlimit);
+ }
+ }
+ if (expected->mps_msgcount != UINT32_MAX) {
+ if (expected->mps_msgcount != status.mps_msgcount) {
+ os_crash("message count mismatch: actual = %u, expected = %u",
+ status.mps_msgcount, expected->mps_msgcount);
+ }
+ }
+ if (expected->mps_sorights != UINT32_MAX) {
+ if (expected->mps_sorights != status.mps_sorights) {
+ os_crash("send-once rights mismatch: actual = %u, expected = %u",
+ status.mps_sorights, expected->mps_sorights);
+ }
+ }
+ if (expected->mps_srights != INT32_MAX) {
+ if (expected->mps_srights != status.mps_srights) {
+ os_crash("send rights mismatch: actual = %d, expected = %d",
+ status.mps_srights, expected->mps_srights);
+ }
+ }
+ if (expected->mps_pdrequest != INT32_MAX) {
+ if (expected->mps_pdrequest != status.mps_pdrequest) {
+ os_crash("port-destroyed mismatch: actual = %d, expected = %d",
+ status.mps_pdrequest, expected->mps_pdrequest);
+ }
+ }
+ if (expected->mps_nsrequest != INT32_MAX) {
+ if (expected->mps_nsrequest != status.mps_nsrequest) {
+ os_crash("no-senders mismatch: actual = %d, expected = %d",
+ status.mps_nsrequest, expected->mps_nsrequest);
+ }
+ }
+ if (expected->mps_flags) {
+ if (expected->mps_flags != status.mps_flags) {
+ os_crash("flags mismatch: actual = %#x, expected = %#x",
+ status.mps_flags, expected->mps_flags);
+ }
+ }
+}
projects / apple / libc.git / blobdiff