]> git.saurik.com Git - apple/xnu.git/blame - osfmk/kern/ipc_mig.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-4903.270.47.tar.gz
[apple/xnu.git] / osfmk / kern / ipc_mig.c
CommitLineData
1c79356b 1/*
91447636 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
1c79356b 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
0a7de745 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
0a7de745 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
0a7de745 17 *
2d21ac55
A		 18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
0a7de745 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
0a7de745 31/*
1c79356b
A		 32 * Mach Operating System
33 * Copyright (c) 1991,1990 Carnegie Mellon University
34 * All Rights Reserved.
0a7de745 35 *
1c79356b
A		 36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
0a7de745 41 *
1c79356b
A		 42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
0a7de745 45 *
1c79356b 46 * Carnegie Mellon requests users of this software to return to
0a7de745 47 *
1c79356b
A		 48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
0a7de745 52 *
1c79356b
A		 53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56/*
57 */
58
1c79356b
A		 59#include <mach/boolean.h>
60#include <mach/port.h>
0b4e3aa0 61#include <mach/mig.h>
1c79356b
A		 62#include <mach/mig_errors.h>
63#include <mach/mach_types.h>
64#include <mach/mach_traps.h>
0b4e3aa0 65
1c79356b
A		 66#include <kern/ipc_tt.h>
67#include <kern/ipc_mig.h>
91447636 68#include <kern/kalloc.h>
1c79356b
A		 69#include <kern/task.h>
70#include <kern/thread.h>
71#include <kern/ipc_kobject.h>
72#include <kern/misc_protos.h>
91447636 73
1c79356b
A		 74#include <ipc/port.h>
75#include <ipc/ipc_kmsg.h>
76#include <ipc/ipc_entry.h>
77#include <ipc/ipc_object.h>
78#include <ipc/ipc_mqueue.h>
79#include <ipc/ipc_space.h>
80#include <ipc/ipc_port.h>
81#include <ipc/ipc_pset.h>
6d2010ae 82#include <ipc/ipc_notify.h>
0b4e3aa0 83#include <vm/vm_map.h>
1c79356b 84
b0d623f7
A		 85#include <libkern/OSAtomic.h>
86
d9a64523
A		 87void
88mach_msg_receive_results_complete(ipc_object_t object);
89
1c79356b
A		 90/*
91 * Routine: mach_msg_send_from_kernel
92 * Purpose:
93 * Send a message from the kernel.
94 *
95 * This is used by the client side of KernelUser interfaces
96 * to implement SimpleRoutines. Currently, this includes
97 * memory_object messages.
98 * Conditions:
99 * Nothing locked.
100 * Returns:
101 * MACH_MSG_SUCCESS Sent the message.
1c79356b 102 * MACH_SEND_INVALID_DEST Bad destination port.
c910b4d9
A		 103 * MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
104 * or destination is above kernel limit
1c79356b
A		 105 */
106
b0d623f7
A		 107#if IKM_SUPPORT_LEGACY
108
109#undef mach_msg_send_from_kernel
110mach_msg_return_t mach_msg_send_from_kernel(
0a7de745
A		 111 mach_msg_header_t *msg,
112 mach_msg_size_t send_size);
b0d623f7 113
1c79356b
A		 114mach_msg_return_t
115mach_msg_send_from_kernel(
0a7de745
A		 116 mach_msg_header_t *msg,
117 mach_msg_size_t send_size)
1c79356b
A		 118{
119 ipc_kmsg_t kmsg;
120 mach_msg_return_t mr;
121
0a7de745 122 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 123
b0d623f7 124 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
39037602 125 if (mr != MACH_MSG_SUCCESS) {
0a7de745 126 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
b0d623f7 127 return mr;
39037602 128 }
b0d623f7 129
6d2010ae
A		 130 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
131 if (mr != MACH_MSG_SUCCESS) {
132 ipc_kmsg_free(kmsg);
0a7de745 133 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
6d2010ae 134 return mr;
0a7de745 135 }
b0d623f7 136
490019cf
A		 137 /*
138 * respect the thread's SEND_IMPORTANCE option to allow importance
139 * donation from the kernel-side of user threads
140 * (11938665 & 23925818)
141 */
142 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
0a7de745 143 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
490019cf 144 option &= ~MACH_SEND_NOIMPORTANCE;
0a7de745 145 }
490019cf
A		 146
147 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
b0d623f7
A		 148 if (mr != MACH_MSG_SUCCESS) {
149 ipc_kmsg_destroy(kmsg);
0a7de745 150 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
b0d623f7
A		 151 }
152
153 return mr;
154}
155
156#endif /* IKM_SUPPORT_LEGACY */
157
158mach_msg_return_t
159mach_msg_send_from_kernel_proper(
0a7de745
A		 160 mach_msg_header_t *msg,
161 mach_msg_size_t send_size)
b0d623f7
A		 162{
163 ipc_kmsg_t kmsg;
164 mach_msg_return_t mr;
165
0a7de745 166 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 167
1c79356b 168 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
39037602 169 if (mr != MACH_MSG_SUCCESS) {
0a7de745 170 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
1c79356b 171 return mr;
39037602 172 }
1c79356b 173
6d2010ae
A		 174 mr = ipc_kmsg_copyin_from_kernel(kmsg);
175 if (mr != MACH_MSG_SUCCESS) {
176 ipc_kmsg_free(kmsg);
0a7de745 177 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
6d2010ae
A		 178 return mr;
179 }
1c79356b 180
490019cf
A		 181 /*
182 * respect the thread's SEND_IMPORTANCE option to force importance
183 * donation from the kernel-side of user threads
184 * (11938665 & 23925818)
185 */
186 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
0a7de745 187 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
490019cf 188 option &= ~MACH_SEND_NOIMPORTANCE;
0a7de745 189 }
490019cf
A		 190
191 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
c910b4d9
A		 192 if (mr != MACH_MSG_SUCCESS) {
193 ipc_kmsg_destroy(kmsg);
0a7de745 194 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
c910b4d9
A		 195 }
196
197 return mr;
1c79356b
A		 198}
199
39236c6e
A		 200mach_msg_return_t
201mach_msg_send_from_kernel_with_options(
0a7de745
A		 202 mach_msg_header_t *msg,
203 mach_msg_size_t send_size,
204 mach_msg_option_t option,
205 mach_msg_timeout_t timeout_val)
39236c6e
A		 206{
207 ipc_kmsg_t kmsg;
208 mach_msg_return_t mr;
209
0a7de745 210 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 211
39236c6e 212 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
39037602 213 if (mr != MACH_MSG_SUCCESS) {
0a7de745 214 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
39236c6e 215 return mr;
39037602 216 }
39236c6e
A		 217
218 mr = ipc_kmsg_copyin_from_kernel(kmsg);
219 if (mr != MACH_MSG_SUCCESS) {
220 ipc_kmsg_free(kmsg);
0a7de745 221 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
39236c6e
A		 222 return mr;
223 }
224
39236c6e
A		 225 /*
226 * Until we are sure of its effects, we are disabling
227 * importance donation from the kernel-side of user
228 * threads in importance-donating tasks - unless the
490019cf
A		 229 * option to force importance donation is passed in,
230 * or the thread's SEND_IMPORTANCE option has been set.
231 * (11938665 & 23925818)
39236c6e 232 */
0a7de745 233 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
490019cf 234 option &= ~MACH_SEND_NOIMPORTANCE;
0a7de745 235 } else if ((option & MACH_SEND_IMPORTANCE) == 0) {
39236c6e 236 option |= MACH_SEND_NOIMPORTANCE;
0a7de745 237 }
490019cf 238
39236c6e
A		 239 mr = ipc_kmsg_send(kmsg, option, timeout_val);
240
241 if (mr != MACH_MSG_SUCCESS) {
242 ipc_kmsg_destroy(kmsg);
0a7de745 243 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
39236c6e 244 }
0a7de745 245
39236c6e
A		 246 return mr;
247}
248
249
b0d623f7
A		 250#if IKM_SUPPORT_LEGACY
251
2d21ac55 252mach_msg_return_t
39236c6e 253mach_msg_send_from_kernel_with_options_legacy(
0a7de745
A		 254 mach_msg_header_t *msg,
255 mach_msg_size_t send_size,
256 mach_msg_option_t option,
257 mach_msg_timeout_t timeout_val)
2d21ac55
A		 258{
259 ipc_kmsg_t kmsg;
260 mach_msg_return_t mr;
261
0a7de745 262 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 263
2d21ac55 264 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
39037602 265 if (mr != MACH_MSG_SUCCESS) {
0a7de745 266 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
2d21ac55 267 return mr;
39037602 268 }
2d21ac55 269
6d2010ae
A		 270 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
271 if (mr != MACH_MSG_SUCCESS) {
272 ipc_kmsg_free(kmsg);
0a7de745 273 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
6d2010ae
A		 274 return mr;
275 }
39236c6e 276
39236c6e
A		 277 /*
278 * Until we are sure of its effects, we are disabling
279 * importance donation from the kernel-side of user
280 * threads in importance-donating tasks.
490019cf 281 * (11938665 & 23925818)
39236c6e 282 */
0a7de745 283 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
490019cf 284 option &= ~MACH_SEND_NOIMPORTANCE;
0a7de745 285 } else {
490019cf 286 option |= MACH_SEND_NOIMPORTANCE;
0a7de745 287 }
490019cf 288
2d21ac55 289 mr = ipc_kmsg_send(kmsg, option, timeout_val);
39236c6e 290
2d21ac55 291 if (mr != MACH_MSG_SUCCESS) {
c910b4d9 292 ipc_kmsg_destroy(kmsg);
0a7de745 293 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
2d21ac55 294 }
0a7de745 295
2d21ac55
A		 296 return mr;
297}
298
b0d623f7
A		 299#endif /* IKM_SUPPORT_LEGACY */
300
1c79356b
A		 301/*
302 * Routine: mach_msg_rpc_from_kernel
303 * Purpose:
304 * Send a message from the kernel and receive a reply.
305 * Uses ith_rpc_reply for the reply port.
306 *
307 * This is used by the client side of KernelUser interfaces
308 * to implement Routines.
309 * Conditions:
310 * Nothing locked.
311 * Returns:
312 * MACH_MSG_SUCCESS Sent the message.
313 * MACH_RCV_PORT_DIED The reply port was deallocated.
314 */
315
0a7de745
A		 316mach_msg_return_t mach_msg_rpc_from_kernel_body(mach_msg_header_t *msg,
317 mach_msg_size_t send_size, mach_msg_size_t rcv_size, boolean_t legacy);
b0d623f7
A		 318
319#if IKM_SUPPORT_LEGACY
320
321#undef mach_msg_rpc_from_kernel
1c79356b
A		 322mach_msg_return_t
323mach_msg_rpc_from_kernel(
0a7de745
A		 324 mach_msg_header_t *msg,
325 mach_msg_size_t send_size,
326 mach_msg_size_t rcv_size);
b0d623f7
A		 327
328mach_msg_return_t
329mach_msg_rpc_from_kernel(
0a7de745
A		 330 mach_msg_header_t *msg,
331 mach_msg_size_t send_size,
332 mach_msg_size_t rcv_size)
b0d623f7 333{
0a7de745 334 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, TRUE);
b0d623f7
A		 335}
336
337#endif /* IKM_SUPPORT_LEGACY */
338
339mach_msg_return_t
340mach_msg_rpc_from_kernel_proper(
0a7de745
A		 341 mach_msg_header_t *msg,
342 mach_msg_size_t send_size,
343 mach_msg_size_t rcv_size)
b0d623f7 344{
0a7de745 345 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, FALSE);
b0d623f7
A		 346}
347
348mach_msg_return_t
349mach_msg_rpc_from_kernel_body(
0a7de745
A		 350 mach_msg_header_t *msg,
351 mach_msg_size_t send_size,
352 mach_msg_size_t rcv_size,
b0d623f7
A		 353#if !IKM_SUPPORT_LEGACY
354 __unused
355#endif
0a7de745 356 boolean_t legacy)
1c79356b
A		 357{
358 thread_t self = current_thread();
359 ipc_port_t reply;
360 ipc_kmsg_t kmsg;
361 mach_port_seqno_t seqno;
362 mach_msg_return_t mr;
363
1c79356b
A		 364 assert(msg->msgh_local_port == MACH_PORT_NULL);
365
0a7de745 366 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 367
1c79356b 368 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
39037602 369 if (mr != MACH_MSG_SUCCESS) {
0a7de745 370 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
1c79356b 371 return mr;
39037602 372 }
1c79356b 373
1c79356b
A		 374 reply = self->ith_rpc_reply;
375 if (reply == IP_NULL) {
1c79356b 376 reply = ipc_port_alloc_reply();
1c79356b 377 if ((reply == IP_NULL) ||
0a7de745 378 (self->ith_rpc_reply != IP_NULL)) {
1c79356b 379 panic("mach_msg_rpc_from_kernel");
0a7de745 380 }
1c79356b
A		 381 self->ith_rpc_reply = reply;
382 }
383
384 /* insert send-once right for the reply port */
91447636
A		 385 kmsg->ikm_header->msgh_local_port = reply;
386 kmsg->ikm_header->msgh_bits |=
0a7de745 387 MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);
1c79356b 388
b0d623f7 389#if IKM_SUPPORT_LEGACY
0a7de745
A		 390 if (legacy) {
391 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
392 } else {
393 mr = ipc_kmsg_copyin_from_kernel(kmsg);
394 }
b0d623f7 395#else
0a7de745 396 mr = ipc_kmsg_copyin_from_kernel(kmsg);
b0d623f7 397#endif
0a7de745
A		 398 if (mr != MACH_MSG_SUCCESS) {
399 ipc_kmsg_free(kmsg);
400 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
401 return mr;
402 }
490019cf
A		 403
404 /*
405 * respect the thread's SEND_IMPORTANCE option to force importance
406 * donation from the kernel-side of user threads
407 * (11938665 & 23925818)
408 */
409 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
0a7de745 410 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
490019cf 411 option &= ~MACH_SEND_NOIMPORTANCE;
0a7de745 412 }
490019cf
A		 413
414 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
c910b4d9
A		 415 if (mr != MACH_MSG_SUCCESS) {
416 ipc_kmsg_destroy(kmsg);
0a7de745 417 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
c910b4d9
A		 418 return mr;
419 }
1c79356b
A		 420
421 for (;;) {
422 ipc_mqueue_t mqueue;
d9a64523 423 ipc_object_t object;
1c79356b 424
3e170ce0 425 assert(reply->ip_in_pset == 0);
39236c6e
A		 426 assert(ip_active(reply));
427
428 /* JMM - why this check? */
3e170ce0 429 if (!self->active && !self->inspection) {
39236c6e
A		 430 ipc_port_dealloc_reply(reply);
431 self->ith_rpc_reply = IP_NULL;
1c79356b
A		 432 return MACH_RCV_INTERRUPTED;
433 }
434
1c79356b
A		 435 self->ith_continuation = (void (*)(mach_msg_return_t))0;
436
39236c6e 437 mqueue = &reply->ip_messages;
1c79356b 438 ipc_mqueue_receive(mqueue,
0a7de745
A		 439 MACH_MSG_OPTION_NONE,
440 MACH_MSG_SIZE_MAX,
441 MACH_MSG_TIMEOUT_NONE,
442 THREAD_INTERRUPTIBLE);
1c79356b
A		 443
444 mr = self->ith_state;
445 kmsg = self->ith_kmsg;
446 seqno = self->ith_seqno;
447
d9a64523
A		 448 __IGNORE_WCASTALIGN(object = (ipc_object_t) reply);
449 mach_msg_receive_results_complete(object);
450
0a7de745 451 if (mr == MACH_MSG_SUCCESS) {
1c79356b 452 break;
0a7de745 453 }
1c79356b
A		 454
455 assert(mr == MACH_RCV_INTERRUPTED);
456
39236c6e
A		 457 assert(reply == self->ith_rpc_reply);
458
3e170ce0 459 if (self->ast & AST_APC) {
39236c6e
A		 460 ipc_port_dealloc_reply(reply);
461 self->ith_rpc_reply = IP_NULL;
0a7de745 462 return mr;
1c79356b
A		 463 }
464 }
1c79356b 465
0a7de745 466 /*
2d21ac55
A		 467 * Check to see how much of the message/trailer can be received.
468 * We chose the maximum trailer that will fit, since we don't
469 * have options telling us which trailer elements the caller needed.
470 */
471 if (rcv_size >= kmsg->ikm_header->msgh_size) {
472 mach_msg_format_0_trailer_t *trailer = (mach_msg_format_0_trailer_t *)
0a7de745 473 ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
2d21ac55
A		 474
475 if (rcv_size >= kmsg->ikm_header->msgh_size + MAX_TRAILER_SIZE) {
476 /* Enough room for a maximum trailer */
477 trailer->msgh_trailer_size = MAX_TRAILER_SIZE;
0a7de745
A		 478 } else if (rcv_size < kmsg->ikm_header->msgh_size +
479 trailer->msgh_trailer_size) {
2d21ac55
A		 480 /* no room for even the basic (default) trailer */
481 trailer->msgh_trailer_size = 0;
482 }
483 assert(trailer->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0);
484 rcv_size = kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size;
485 mr = MACH_MSG_SUCCESS;
486 } else {
487 mr = MACH_RCV_TOO_LARGE;
1c79356b 488 }
1c79356b 489
1c79356b
A		 490
491 /*
492 * We want to preserve rights and memory in reply!
493 * We don't have to put them anywhere; just leave them
494 * as they are.
495 */
b0d623f7 496#if IKM_SUPPORT_LEGACY
0a7de745
A		 497 if (legacy) {
498 ipc_kmsg_copyout_to_kernel_legacy(kmsg, ipc_space_reply);
499 } else {
500 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
501 }
b0d623f7 502#else
0a7de745 503 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
b0d623f7 504#endif
2d21ac55
A		 505 ipc_kmsg_put_to_kernel(msg, kmsg, rcv_size);
506 return mr;
1c79356b
A		 507}
508
e8c3f781
A		 509/*
510 * Routine: mach_msg_destroy_from_kernel_proper
511 * Purpose:
512 * mach_msg_destroy_from_kernel_proper is used to destroy
513 * an unwanted/unexpected reply message from a MIG
514 * kernel-specific user-side stub. It is like ipc_kmsg_destroy(),
515 * except we no longer have the kmsg - just the contents.
516 */
517void
518mach_msg_destroy_from_kernel_proper(mach_msg_header_t *msg)
519{
0a7de745 520 mach_msg_bits_t mbits = msg->msgh_bits;
e8c3f781
A		 521 ipc_object_t object;
522
523 object = (ipc_object_t) msg->msgh_remote_port;
524 if (IO_VALID(object)) {
525 ipc_object_destroy(object, MACH_MSGH_BITS_REMOTE(mbits));
526 }
527
528 /*
529 * The destination (now in msg->msgh_local_port via
530 * ipc_kmsg_copyout_to_kernel) has been consumed with
531 * ipc_object_copyout_dest.
532 */
533
534 /* MIG kernel users don't receive vouchers */
0a7de745 535 assert(!MACH_MSGH_BITS_VOUCHER(mbits));
e8c3f781
A		 536
537 /* For simple messages, we're done */
538 if ((mbits & MACH_MSGH_BITS_COMPLEX) == 0) {
539 return;
540 }
541
542 /* Discard descriptor contents */
543 mach_msg_body_t *body = (mach_msg_body_t *)(msg + 1);
544 mach_msg_descriptor_t *daddr = (mach_msg_descriptor_t *)(body + 1);
545 mach_msg_size_t i;
546
0a7de745 547 for (i = 0; i < body->msgh_descriptor_count; i++, daddr++) {
e8c3f781 548 switch (daddr->type.type) {
e8c3f781
A		 549 case MACH_MSG_PORT_DESCRIPTOR: {
550 mach_msg_port_descriptor_t *dsc = &daddr->port;
551 if (IO_VALID((ipc_object_t) dsc->name)) {
552 ipc_object_destroy((ipc_object_t) dsc->name, dsc->disposition);
553 }
554 break;
555 }
556 case MACH_MSG_OOL_VOLATILE_DESCRIPTOR:
0a7de745 557 case MACH_MSG_OOL_DESCRIPTOR: {
e8c3f781
A		 558 mach_msg_ool_descriptor_t *dsc =
559 (mach_msg_ool_descriptor_t *)&daddr->out_of_line;
560
561 if (dsc->size > 0) {
562 vm_map_copy_discard((vm_map_copy_t) dsc->address);
563 } else {
564 assert(dsc->address == (void *) 0);
565 }
566 break;
567 }
0a7de745
A		 568 case MACH_MSG_OOL_PORTS_DESCRIPTOR: {
569 ipc_object_t *objects;
570 mach_msg_type_number_t j;
571 mach_msg_ool_ports_descriptor_t *dsc;
e8c3f781 572
0a7de745 573 dsc = (mach_msg_ool_ports_descriptor_t *)&daddr->ool_ports;
e8c3f781
A		 574 objects = (ipc_object_t *) dsc->address;
575
576 if (dsc->count == 0) {
577 break;
578 }
579 assert(objects != 0);
580 for (j = 0; j < dsc->count; j++) {
581 object = objects[j];
582 if (IO_VALID(object)) {
583 ipc_object_destroy(object, dsc->disposition);
584 }
585 }
586 kfree(dsc->address, (vm_size_t) dsc->count * sizeof(mach_port_t));
587 break;
588 }
0a7de745 589 default:
e8c3f781
A		 590 break;
591 }
592 }
593}
1c79356b 594
91447636 595/************** These Calls are set up for kernel-loaded tasks/threads **************/
1c79356b
A		 596
597/*
91447636 598 * Routine: mach_msg_overwrite
1c79356b
A		 599 * Purpose:
600 * Like mach_msg_overwrite_trap except that message buffers
601 * live in kernel space. Doesn't handle any options.
602 *
603 * This is used by in-kernel server threads to make
604 * kernel calls, to receive request messages, and
605 * to send reply messages.
606 * Conditions:
607 * Nothing locked.
608 * Returns:
609 */
610
611mach_msg_return_t
612mach_msg_overwrite(
0a7de745
A		 613 mach_msg_header_t *msg,
614 mach_msg_option_t option,
615 mach_msg_size_t send_size,
616 mach_msg_size_t rcv_size,
617 mach_port_name_t rcv_name,
618 __unused mach_msg_timeout_t msg_timeout,
619 mach_msg_priority_t override,
620 __unused mach_msg_header_t *rcv_msg,
621 __unused mach_msg_size_t rcv_msg_size)
1c79356b
A		 622{
623 ipc_space_t space = current_space();
624 vm_map_t map = current_map();
625 ipc_kmsg_t kmsg;
626 mach_port_seqno_t seqno;
627 mach_msg_return_t mr;
316670eb 628 mach_msg_trailer_size_t trailer_size;
1c79356b
A		 629
630 if (option & MACH_SEND_MSG) {
0a7de745
A		 631 mach_msg_size_t msg_and_trailer_size;
632 mach_msg_max_trailer_t *max_trailer;
91447636 633
5ba3f43e
A		 634 if ((send_size & 3) ||
635 send_size < sizeof(mach_msg_header_t) ||
0a7de745 636 (send_size < sizeof(mach_msg_body_t) && (msg->msgh_bits & MACH_MSGH_BITS_COMPLEX))) {
91447636 637 return MACH_SEND_MSG_TOO_SMALL;
0a7de745 638 }
91447636 639
0a7de745 640 if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE) {
8ad349bb 641 return MACH_SEND_TOO_LARGE;
0a7de745 642 }
91447636 643
0a7de745 644 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
39037602 645
8ad349bb 646 msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
91447636
A		 647 kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
648
39037602 649 if (kmsg == IKM_NULL) {
0a7de745 650 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, MACH_SEND_NO_BUFFER);
91447636 651 return MACH_SEND_NO_BUFFER;
39037602 652 }
1c79356b 653
0a7de745
A		 654 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_LINK) | DBG_FUNC_NONE,
655 (uintptr_t)0, /* this should only be called from the kernel! */
656 VM_KERNEL_ADDRPERM((uintptr_t)kmsg),
657 0, 0,
658 0);
91447636
A		 659 (void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);
660
661 kmsg->ikm_header->msgh_size = send_size;
662
0a7de745 663 /*
91447636
A		 664 * Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
665 * However, the internal size field of the trailer (msgh_trailer_size)
666 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
667 * the cases where no implicit data is requested.
668 */
669 max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
670 max_trailer->msgh_sender = current_thread()->task->sec_token;
671 max_trailer->msgh_audit = current_thread()->task->audit_token;
672 max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
673 max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
39236c6e 674
39037602 675 mr = ipc_kmsg_copyin(kmsg, space, map, override, &option);
39236c6e 676
1c79356b
A		 677 if (mr != MACH_MSG_SUCCESS) {
678 ipc_kmsg_free(kmsg);
0a7de745 679 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
1c79356b
A		 680 return mr;
681 }
682
39236c6e
A		 683 do {
684 mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE, MACH_MSG_TIMEOUT_NONE);
0a7de745 685 } while (mr == MACH_SEND_INTERRUPTED);
39236c6e 686
1c79356b
A		 687 assert(mr == MACH_MSG_SUCCESS);
688 }
689
690 if (option & MACH_RCV_MSG) {
691 thread_t self = current_thread();
692
693 do {
694 ipc_object_t object;
695 ipc_mqueue_t mqueue;
696
697 mr = ipc_mqueue_copyin(space, rcv_name,
0a7de745
A		 698 &mqueue, &object);
699 if (mr != MACH_MSG_SUCCESS) {
1c79356b 700 return mr;
0a7de745 701 }
d9a64523 702
1c79356b
A		 703 /* hold ref for object */
704
705 self->ith_continuation = (void (*)(mach_msg_return_t))0;
706 ipc_mqueue_receive(mqueue,
0a7de745
A		 707 MACH_MSG_OPTION_NONE,
708 MACH_MSG_SIZE_MAX,
709 MACH_MSG_TIMEOUT_NONE,
710 THREAD_ABORTSAFE);
1c79356b
A		 711 mr = self->ith_state;
712 kmsg = self->ith_kmsg;
713 seqno = self->ith_seqno;
714
d9a64523 715 mach_msg_receive_results_complete(object);
316670eb 716 io_release(object);
1c79356b 717 } while (mr == MACH_RCV_INTERRUPTED);
39037602 718
0a7de745 719 if (mr != MACH_MSG_SUCCESS) {
1c79356b 720 return mr;
0a7de745 721 }
1c79356b 722
316670eb 723 trailer_size = ipc_kmsg_add_trailer(kmsg, space, option, current_thread(), seqno, TRUE,
0a7de745 724 kmsg->ikm_header->msgh_remote_port->ip_context);
316670eb
A		 725
726 if (rcv_size < (kmsg->ikm_header->msgh_size + trailer_size)) {
1c79356b 727 ipc_kmsg_copyout_dest(kmsg, space);
91447636
A		 728 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
729 ipc_kmsg_free(kmsg);
1c79356b
A		 730 return MACH_RCV_TOO_LARGE;
731 }
732
fe8ab488 733 mr = ipc_kmsg_copyout(kmsg, space, map, MACH_MSG_BODY_NULL, option);
1c79356b 734 if (mr != MACH_MSG_SUCCESS) {
0a7de745 735 if ((mr & ~MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
1c79356b 736 ipc_kmsg_put_to_kernel(msg, kmsg,
0a7de745 737 kmsg->ikm_header->msgh_size + trailer_size);
1c79356b
A		 738 } else {
739 ipc_kmsg_copyout_dest(kmsg, space);
91447636
A		 740 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
741 ipc_kmsg_free(kmsg);
1c79356b
A		 742 }
743
744 return mr;
745 }
746
91447636 747 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
0a7de745 748 kmsg->ikm_header->msgh_size + trailer_size);
91447636 749 ipc_kmsg_free(kmsg);
1c79356b
A		 750 }
751
752 return MACH_MSG_SUCCESS;
753}
754
755/*
756 * Routine: mig_get_reply_port
757 * Purpose:
758 * Called by client side interfaces living in the kernel
91447636 759 * to get a reply port.
1c79356b
A		 760 */
761mach_port_t
762mig_get_reply_port(void)
763{
0a7de745 764 return MACH_PORT_NULL;
1c79356b
A		 765}
766
767/*
768 * Routine: mig_dealloc_reply_port
769 * Purpose:
770 * Called by client side interfaces to get rid of a reply port.
1c79356b
A		 771 */
772
773void
774mig_dealloc_reply_port(
91447636 775 __unused mach_port_t reply_port)
1c79356b 776{
1c79356b
A		 777}
778
779/*
780 * Routine: mig_put_reply_port
781 * Purpose:
0a7de745 782 * Called by client side interfaces after each RPC to
1c79356b
A		 783 * let the client recycle the reply port if it wishes.
784 */
785void
786mig_put_reply_port(
91447636 787 __unused mach_port_t reply_port)
1c79356b
A		 788{
789}
790
791/*
792 * mig_strncpy.c - by Joshua Block
793 *
794 * mig_strncp -- Bounded string copy. Does what the library routine strncpy
0a7de745 795 * OUGHT to do: Copies the (null terminated) string in src into dest, a
1c79356b
A		 796 * buffer of length len. Assures that the copy is still null terminated
797 * and doesn't overflow the buffer, truncating the copy if necessary.
798 *
799 * Parameters:
0a7de745 800 *
1c79356b 801 * dest - Pointer to destination buffer.
0a7de745 802 *
1c79356b 803 * src - Pointer to source string.
0a7de745 804 *
1c79356b
A		 805 * len - Length of destination buffer.
806 */
0a7de745 807int
1c79356b 808mig_strncpy(
0a7de745
A		 809 char *dest,
810 const char *src,
811 int len)
1c79356b 812{
0a7de745
A		 813 int i = 0;
814
815 if (len > 0) {
816 if (dest != NULL) {
817 if (src != NULL) {
818 for (i = 1; i < len; i++) {
819 if (!(*dest++ = *src++)) {
820 return i;
821 }
822 }
823 }
824 *dest = '\0';
825 }
1c79356b 826 }
0a7de745 827 return i;
1c79356b
A		 828}
829
39037602
A		 830/*
831 * mig_strncpy_zerofill -- Bounded string copy. Does what the
832 * library routine strncpy OUGHT to do: Copies the (null terminated)
833 * string in src into dest, a buffer of length len. Assures that
834 * the copy is still null terminated and doesn't overflow the buffer,
835 * truncating the copy if necessary. If the string in src is smaller
836 * than given length len, it will zero fill the remaining bytes in dest.
837 *
838 * Parameters:
839 *
840 * dest - Pointer to destination buffer.
841 *
842 * src - Pointer to source string.
843 *
844 * len - Length of destination buffer.
845 */
846int
847mig_strncpy_zerofill(
0a7de745
A		 848 char *dest,
849 const char *src,
850 int len)
39037602
A		 851{
852 int i = 0;
853 boolean_t terminated = FALSE;
854 int retval = 0;
855
856 if (len <= 0 || dest == NULL) {
857 return 0;
858 }
859
860 if (src == NULL) {
861 terminated = TRUE;
862 }
863
864 for (i = 1; i < len; i++) {
865 if (!terminated) {
866 if (!(*dest++ = *src++)) {
867 retval = i;
868 terminated = TRUE;
869 }
870 } else {
871 *dest++ = '\0';
872 }
873 }
874
875 *dest = '\0';
876 if (!terminated) {
877 retval = i;
878 }
879
880 return retval;
881}
882
5ba3f43e 883void *
1c79356b 884mig_user_allocate(
0a7de745 885 vm_size_t size)
1c79356b
A		 886{
887 return (char *)kalloc(size);
888}
889
890void
891mig_user_deallocate(
0a7de745
A		 892 char *data,
893 vm_size_t size)
1c79356b 894{
91447636 895 kfree(data, size);
1c79356b
A		 896}
897
0b4e3aa0
A		 898/*
899 * Routine: mig_object_init
900 * Purpose:
901 * Initialize the base class portion of a MIG object. We
902 * will lazy init the port, so just clear it for now.
903 */
904kern_return_t
905mig_object_init(
0a7de745
A		 906 mig_object_t mig_object,
907 const IMIGObject *interface)
0b4e3aa0 908{
0a7de745 909 if (mig_object == MIG_OBJECT_NULL) {
91447636 910 return KERN_INVALID_ARGUMENT;
0a7de745 911 }
91447636 912 mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
0b4e3aa0 913 mig_object->port = MACH_PORT_NULL;
91447636 914 return KERN_SUCCESS;
0b4e3aa0
A		 915}
916
917/*
918 * Routine: mig_object_destroy
919 * Purpose:
920 * The object is being freed. This call lets us clean
921 * up any state we have have built up over the object's
922 * lifetime.
923 * Conditions:
924 * Since notifications and the port hold references on
925 * on the object, neither can exist when this is called.
926 * This is a good place to assert() that condition.
927 */
928void
929mig_object_destroy(
0a7de745 930 __assert_only mig_object_t mig_object)
0b4e3aa0
A		 931{
932 assert(mig_object->port == MACH_PORT_NULL);
933 return;
934}
935
936/*
937 * Routine: mig_object_reference
938 * Purpose:
939 * Pure virtual helper to invoke the MIG object's AddRef
940 * method.
941 * Conditions:
942 * MIG object port may be locked.
943 */
944void
945mig_object_reference(
0a7de745 946 mig_object_t mig_object)
0b4e3aa0
A		 947{
948 assert(mig_object != MIG_OBJECT_NULL);
949 mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
950}
951
952/*
953 * Routine: mig_object_deallocate
954 * Purpose:
955 * Pure virtual helper to invoke the MIG object's Release
956 * method.
957 * Conditions:
958 * Nothing locked.
959 */
960void
961mig_object_deallocate(
0a7de745 962 mig_object_t mig_object)
0b4e3aa0
A		 963{
964 assert(mig_object != MIG_OBJECT_NULL);
965 mig_object->pVtbl->Release((IMIGObject *)mig_object);
966}
967
968/*
969 * Routine: convert_mig_object_to_port [interface]
970 * Purpose:
971 * Base implementation of MIG outtrans routine to convert from
972 * a mig object reference to a new send right on the object's
973 * port. The object reference is consumed.
974 * Returns:
975 * IP_NULL - Null MIG object supplied
976 * Otherwise, a newly made send right for the port
977 * Conditions:
978 * Nothing locked.
979 */
980ipc_port_t
981convert_mig_object_to_port(
0a7de745 982 mig_object_t mig_object)
0b4e3aa0 983{
0a7de745
A		 984 ipc_port_t port;
985 boolean_t deallocate = TRUE;
0b4e3aa0 986
0a7de745 987 if (mig_object == MIG_OBJECT_NULL) {
0b4e3aa0 988 return IP_NULL;
0a7de745 989 }
0b4e3aa0
A		 990
991 port = mig_object->port;
992 while ((port == IP_NULL) ||
0a7de745
A		 993 ((port = ipc_port_make_send(port)) == IP_NULL)) {
994 ipc_port_t previous;
0b4e3aa0
A		 995
996 /*
997 * Either the port was never set up, or it was just
998 * deallocated out from under us by the no-senders
999 * processing. In either case, we must:
1000 * Attempt to make one
0a7de745 1001 * Arrange for no senders
0b4e3aa0
A		 1002 * Try to atomically register it with the object
1003 * Destroy it if we are raced.
1004 */
1005 port = ipc_port_alloc_kernel();
1006 ip_lock(port);
1007 ipc_kobject_set_atomically(port,
0a7de745
A		 1008 (ipc_kobject_t) mig_object,
1009 IKOT_MIG);
0b4e3aa0
A		 1010
1011 /* make a sonce right for the notification */
1012 port->ip_sorights++;
1013 ip_reference(port);
1014
1015 ipc_port_nsrequest(port, 1, port, &previous);
1016 /* port unlocked */
1017
1018 assert(previous == IP_NULL);
1019
b0d623f7 1020 if (OSCompareAndSwapPtr((void *)IP_NULL, (void *)port,
0a7de745 1021 (void * volatile *)&mig_object->port)) {
0b4e3aa0
A		 1022 deallocate = FALSE;
1023 } else {
1024 ipc_port_dealloc_kernel(port);
1025 port = mig_object->port;
1026 }
1027 }
1028
0a7de745 1029 if (deallocate) {
0b4e3aa0 1030 mig_object->pVtbl->Release((IMIGObject *)mig_object);
0a7de745 1031 }
0b4e3aa0 1032
0a7de745 1033 return port;
0b4e3aa0
A		 1034}
1035
1036
1037/*
1038 * Routine: convert_port_to_mig_object [interface]
1039 * Purpose:
1040 * Base implementation of MIG intrans routine to convert from
1041 * an incoming port reference to a new reference on the
1042 * underlying object. A new reference must be created, because
1043 * the port's reference could go away asynchronously.
1044 * Returns:
1045 * NULL - Not an active MIG object port or iid not supported
1046 * Otherwise, a reference to the underlying MIG interface
1047 * Conditions:
1048 * Nothing locked.
1049 */
1050mig_object_t
1051convert_port_to_mig_object(
0a7de745
A		 1052 ipc_port_t port,
1053 const MIGIID *iid)
0b4e3aa0 1054{
0a7de745
A		 1055 mig_object_t mig_object;
1056 void *ppv;
0b4e3aa0 1057
0a7de745 1058 if (!IP_VALID(port)) {
0b4e3aa0 1059 return NULL;
0a7de745 1060 }
0b4e3aa0
A		 1061
1062 ip_lock(port);
1063 if (!ip_active(port) || (ip_kotype(port) != IKOT_MIG)) {
1064 ip_unlock(port);
1065 return NULL;
1066 }
1067
1068 /*
1069 * Our port points to some MIG object interface. Now
1070 * query it to get a reference to the desired interface.
1071 */
1072 ppv = NULL;
1073 mig_object = (mig_object_t)port->ip_kobject;
1074 mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
1075 ip_unlock(port);
1076 return (mig_object_t)ppv;
1077}
1078
1079/*
1080 * Routine: mig_object_no_senders [interface]
1081 * Purpose:
1082 * Base implementation of a no-senders notification handler
1083 * for MIG objects. If there truly are no more senders, must
1084 * destroy the port and drop its reference on the object.
1085 * Returns:
1086 * TRUE - port deallocate and reference dropped
1087 * FALSE - more senders arrived, re-registered for notification
1088 * Conditions:
1089 * Nothing locked.
1090 */
1091
1092boolean_t
1093mig_object_no_senders(
0a7de745
A		 1094 ipc_port_t port,
1095 mach_port_mscount_t mscount)
0b4e3aa0 1096{
0a7de745 1097 mig_object_t mig_object;
0b4e3aa0
A		 1098
1099 ip_lock(port);
1100 if (port->ip_mscount > mscount) {
0a7de745 1101 ipc_port_t previous;
0b4e3aa0
A		 1102
1103 /*
1104 * Somebody created new send rights while the
1105 * notification was in-flight. Just create a
0a7de745 1106 * new send-once right and re-register with
0b4e3aa0
A		 1107 * the new (higher) mscount threshold.
1108 */
1109 /* make a sonce right for the notification */
1110 port->ip_sorights++;
1111 ip_reference(port);
1112 ipc_port_nsrequest(port, mscount, port, &previous);
1113 /* port unlocked */
1114
1115 assert(previous == IP_NULL);
0a7de745 1116 return FALSE;
0b4e3aa0
A		 1117 }
1118
1119 /*
1120 * Clear the port pointer while we have it locked.
1121 */
1122 mig_object = (mig_object_t)port->ip_kobject;
1123 mig_object->port = IP_NULL;
1124
1125 /*
1126 * Bring the sequence number and mscount in
1127 * line with ipc_port_destroy assertion.
1128 */
1129 port->ip_mscount = 0;
1130 port->ip_messages.imq_seqno = 0;
1131 ipc_port_destroy(port); /* releases lock */
0a7de745 1132
0b4e3aa0
A		 1133 /*
1134 * Release the port's reference on the object.
1135 */
1136 mig_object->pVtbl->Release((IMIGObject *)mig_object);
0a7de745
A		 1137 return TRUE;
1138}
0b4e3aa0
A		 1139
1140/*
1141 * Kernel implementation of the notification chain for MIG object
1142 * is kept separate from the actual objects, since there are expected
1143 * to be much fewer of them than actual objects.
1144 *
1145 * The implementation of this part of MIG objects is coming
1146 * "Real Soon Now"(TM).
1147 */
mirror of XNU