[apple/xnu.git] / osfmk / kern / ux_handler.c

/*
 * Copyright (c) 2017 Apple Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 *
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */

#include <kern/ux_handler.h>
#include <sys/ux_exception.h>

#include <mach/exception.h>
#include <mach/kern_return.h>
#include <mach/port.h>
#include <mach/mach_port.h>
#include <mach/mig_errors.h>

#include <kern/thread.h>
#include <kern/task.h>
#include <kern/ipc_kobject.h>
#include <kern/ipc_tt.h>

#include <ipc/ipc_port.h>

#include <mach/host_priv.h>
#include <kern/host.h>

#include <mach/exc_server.h>
#include <mach/mach_exc_server.h>

#include <libkern/section_keywords.h>

/*
 * Mach kobject port to reflect Mach exceptions into Unix signals.
 *
 * This is the default Mach exception handler for initproc, which
 * then filters to all subprocesses as the host level exception handler for
 * most Mach exceptions.
 */

static const void                      *ux_handler_kobject    = NULL;
SECURITY_READ_ONLY_LATE(ipc_port_t)     ux_handler_port       = IP_NULL;

/*
 * init is called early in Mach initialization
 * when we can initialize read-only memory
 */
void
ux_handler_init(void)
{
	ux_handler_port = ipc_port_alloc_kernel();

	if (ux_handler_port == IP_NULL) {
		panic("can't allocate unix exception port");
	}

	ipc_kobject_set(ux_handler_port, (ipc_kobject_t)&ux_handler_kobject, IKOT_UX_HANDLER);
}

/*
 * setup is called late in BSD initialization from initproc's context
 * so the MAC hook goo inside host_set_exception_ports will be able to
 * set up labels without falling over.
 */
void
ux_handler_setup(void)
{
	ipc_port_t ux_handler_send_right = ipc_port_make_send(ux_handler_port);

	if (!IP_VALID(ux_handler_send_right)) {
		panic("Couldn't allocate send right for ux_handler_port!\n");
	}

	kern_return_t kr = KERN_SUCCESS;

	/*
	 * Consumes 1 send right.
	 *
	 * Instruments uses the RPC_ALERT port, so don't register for that.
	 */
	kr = host_set_exception_ports(host_priv_self(),
	    EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT),
	    ux_handler_send_right,
	    EXCEPTION_DEFAULT | MACH_EXCEPTION_CODES,
	    0);

	if (kr != KERN_SUCCESS) {
		panic("host_set_exception_ports failed to set ux_handler! %d", kr);
	}
}

/*
 * Is this port the ux_handler?
 * If so, it's safe to send an exception without checking labels.
 */
boolean_t
is_ux_handler_port(mach_port_t port)
{
	if (ux_handler_port == port) {
		return TRUE;
	} else {
		return FALSE;
	}
}

kern_return_t
catch_mach_exception_raise(
	mach_port_t                  exception_port,
	mach_port_t                  thread_port,
	mach_port_t                  task_port,
	exception_type_t             exception,
	mach_exception_data_t        code,
	__unused mach_msg_type_number_t       codeCnt)
{
	if (exception_port != ux_handler_port) {
		return KERN_FAILURE;
	}

	kern_return_t kr = KERN_SUCCESS;

	thread_t    target_thread   = THREAD_NULL;
	task_t      target_task     = TASK_NULL;

	if ((target_thread = convert_port_to_thread(thread_port)) == THREAD_NULL) {
		kr = KERN_INVALID_ARGUMENT;
		goto out;
	}

	if ((target_task = convert_port_to_task(task_port)) == TASK_NULL) {
		kr = KERN_INVALID_ARGUMENT;
		goto out;
	}

	kr = handle_ux_exception(target_thread, exception, code[0], code[1]);

out:
	if (kr == KERN_SUCCESS) {
		/*
		 * Following the MIG 'consume on success' protocol,
		 * consume references to the port arguments.
		 * (but NOT the exception_port, as the first argument is borrowed)
		 *
		 * If we return non-success, the kobject server will eat the port
		 * references for us.
		 */

		ipc_port_release_send(thread_port);
		ipc_port_release_send(task_port);
	}

	thread_deallocate(target_thread);
	task_deallocate(target_task);

	return kr;
}

kern_return_t
catch_exception_raise(
	mach_port_t               exception_port,
	mach_port_t               thread,
	mach_port_t               task,
	exception_type_t          exception,
	exception_data_t          code,
	mach_msg_type_number_t    codeCnt)
{
	if (exception_port != ux_handler_port) {
		return KERN_FAILURE;
	}

	mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
		[0] = code[0],
		[1] = code[1],
	};

	return catch_mach_exception_raise(exception_port,
	           thread,
	           task,
	           exception,
	           big_code,
	           codeCnt);
}

kern_return_t
catch_exception_raise_state(
	__unused mach_port_t                 exception_port,
	__unused exception_type_t            exception,
	__unused const exception_data_t      code,
	__unused mach_msg_type_number_t      codeCnt,
	__unused int                        *flavor,
	__unused const thread_state_t        old_state,
	__unused mach_msg_type_number_t      old_stateCnt,
	__unused thread_state_t              new_state,
	__unused mach_msg_type_number_t     *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_mach_exception_raise_state(
	__unused mach_port_t                    exception_port,
	__unused exception_type_t               exception,
	__unused const mach_exception_data_t    code,
	__unused mach_msg_type_number_t         codeCnt,
	__unused int                           *flavor,
	__unused const thread_state_t           old_state,
	__unused mach_msg_type_number_t         old_stateCnt,
	__unused thread_state_t                 new_state,
	__unused mach_msg_type_number_t        *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_exception_raise_state_identity(
	__unused mach_port_t                exception_port,
	__unused mach_port_t                thread,
	__unused mach_port_t                task,
	__unused exception_type_t           exception,
	__unused exception_data_t           code,
	__unused mach_msg_type_number_t     codeCnt,
	__unused int                       *flavor,
	__unused thread_state_t             old_state,
	__unused mach_msg_type_number_t     old_stateCnt,
	__unused thread_state_t             new_state,
	__unused mach_msg_type_number_t    *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_mach_exception_raise_state_identity(
	__unused mach_port_t                   exception_port,
	__unused mach_port_t                   thread,
	__unused mach_port_t                   task,
	__unused exception_type_t              exception,
	__unused mach_exception_data_t         code,
	__unused mach_msg_type_number_t        codeCnt,
	__unused int                          *flavor,
	__unused thread_state_t                old_state,
	__unused mach_msg_type_number_t        old_stateCnt,
	__unused thread_state_t                new_state,
	__unused mach_msg_type_number_t       *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}
Commit	Line	Data
d9a64523 A	1	/*
	2	* Copyright (c) 2017 Apple Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29	#include <kern/ux_handler.h>
	30	#include <sys/ux_exception.h>
	31
	32	#include <mach/exception.h>
	33	#include <mach/kern_return.h>
	34	#include <mach/port.h>
	35	#include <mach/mach_port.h>
	36	#include <mach/mig_errors.h>
	37
	38	#include <kern/thread.h>
	39	#include <kern/task.h>
	40	#include <kern/ipc_kobject.h>
	41	#include <kern/ipc_tt.h>
	42
	43	#include <ipc/ipc_port.h>
	44
	45	#include <mach/host_priv.h>
	46	#include <kern/host.h>
	47
	48	#include <mach/exc_server.h>
	49	#include <mach/mach_exc_server.h>
	50
	51	#include <libkern/section_keywords.h>
	52
	53	/*
	54	* Mach kobject port to reflect Mach exceptions into Unix signals.
	55	*
	56	* This is the default Mach exception handler for initproc, which
	57	* then filters to all subprocesses as the host level exception handler for
	58	* most Mach exceptions.
	59	*/
	60
	61	static const void *ux_handler_kobject = NULL;
	62	SECURITY_READ_ONLY_LATE(ipc_port_t) ux_handler_port = IP_NULL;
	63
	64	/*
65	* init is called early in Mach initialization
66	* when we can initialize read-only memory
67	*/
68	void
69	ux_handler_init(void)
70	{
71	ux_handler_port = ipc_port_alloc_kernel();
72
0a7de745	73	if (ux_handler_port == IP_NULL) {
d9a64523	74	panic("can't allocate unix exception port");
0a7de745	75	}
d9a64523 A	76
	77	ipc_kobject_set(ux_handler_port, (ipc_kobject_t)&ux_handler_kobject, IKOT_UX_HANDLER);
	78	}
	79
	80	/*
	81	* setup is called late in BSD initialization from initproc's context
	82	* so the MAC hook goo inside host_set_exception_ports will be able to
	83	* set up labels without falling over.
	84	*/
	85	void
	86	ux_handler_setup(void)
	87	{
	88	ipc_port_t ux_handler_send_right = ipc_port_make_send(ux_handler_port);
	89
0a7de745	90	if (!IP_VALID(ux_handler_send_right)) {
d9a64523	91	panic("Couldn't allocate send right for ux_handler_port!\n");
0a7de745	92	}
d9a64523 A	93
	94	kern_return_t kr = KERN_SUCCESS;
	95
	96	/*
	97	* Consumes 1 send right.
	98	*
	99	* Instruments uses the RPC_ALERT port, so don't register for that.
	100	*/
	101	kr = host_set_exception_ports(host_priv_self(),
0a7de745 A	102	EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT),
	103	ux_handler_send_right,
	104	EXCEPTION_DEFAULT \| MACH_EXCEPTION_CODES,
	105	0);
d9a64523	106
0a7de745	107	if (kr != KERN_SUCCESS) {
d9a64523	108	panic("host_set_exception_ports failed to set ux_handler! %d", kr);
0a7de745	109	}
d9a64523 A	110	}
	111
	112	/*
	113	* Is this port the ux_handler?
	114	* If so, it's safe to send an exception without checking labels.
	115	*/
	116	boolean_t
	117	is_ux_handler_port(mach_port_t port)
	118	{
0a7de745	119	if (ux_handler_port == port) {
d9a64523	120	return TRUE;
0a7de745	121	} else {
d9a64523	122	return FALSE;
0a7de745	123	}
d9a64523 A	124	}
	125
	126	kern_return_t
	127	catch_mach_exception_raise(
0a7de745 A	128	mach_port_t exception_port,
	129	mach_port_t thread_port,
	130	mach_port_t task_port,
	131	exception_type_t exception,
	132	mach_exception_data_t code,
	133	__unused mach_msg_type_number_t codeCnt)
d9a64523	134	{
0a7de745	135	if (exception_port != ux_handler_port) {
d9a64523	136	return KERN_FAILURE;
0a7de745	137	}
d9a64523 A	138
	139	kern_return_t kr = KERN_SUCCESS;
	140
	141	thread_t target_thread = THREAD_NULL;
	142	task_t target_task = TASK_NULL;
	143
	144	if ((target_thread = convert_port_to_thread(thread_port)) == THREAD_NULL) {
	145	kr = KERN_INVALID_ARGUMENT;
	146	goto out;
	147	}
	148
	149	if ((target_task = convert_port_to_task(task_port)) == TASK_NULL) {
	150	kr = KERN_INVALID_ARGUMENT;
	151	goto out;
	152	}
	153
	154	kr = handle_ux_exception(target_thread, exception, code[0], code[1]);
	155
	156	out:
	157	if (kr == KERN_SUCCESS) {
	158	/*
	159	* Following the MIG 'consume on success' protocol,
	160	* consume references to the port arguments.
	161	* (but NOT the exception_port, as the first argument is borrowed)
	162	*
	163	* If we return non-success, the kobject server will eat the port
	164	* references for us.
	165	*/
	166
	167	ipc_port_release_send(thread_port);
	168	ipc_port_release_send(task_port);
	169	}
	170
	171	thread_deallocate(target_thread);
	172	task_deallocate(target_task);
	173
	174	return kr;
	175	}
	176
	177	kern_return_t
	178	catch_exception_raise(
0a7de745 A	179	mach_port_t exception_port,
	180	mach_port_t thread,
	181	mach_port_t task,
	182	exception_type_t exception,
	183	exception_data_t code,
	184	mach_msg_type_number_t codeCnt)
d9a64523	185	{
0a7de745	186	if (exception_port != ux_handler_port) {
d9a64523	187	return KERN_FAILURE;
0a7de745	188	}
d9a64523 A	189
	190	mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
	191	[0] = code[0],
	192	[1] = code[1],
	193	};
	194
	195	return catch_mach_exception_raise(exception_port,
0a7de745 A	196	thread,
	197	task,
	198	exception,
	199	big_code,
	200	codeCnt);
d9a64523 A	201	}
	202
	203	kern_return_t
	204	catch_exception_raise_state(
0a7de745 A	205	__unused mach_port_t exception_port,
	206	__unused exception_type_t exception,
	207	__unused const exception_data_t code,
	208	__unused mach_msg_type_number_t codeCnt,
	209	__unused int *flavor,
	210	__unused const thread_state_t old_state,
	211	__unused mach_msg_type_number_t old_stateCnt,
	212	__unused thread_state_t new_state,
	213	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	214	{
0a7de745	215	return KERN_INVALID_ARGUMENT;
d9a64523 A	216	}
	217
	218	kern_return_t
	219	catch_mach_exception_raise_state(
0a7de745 A	220	__unused mach_port_t exception_port,
	221	__unused exception_type_t exception,
	222	__unused const mach_exception_data_t code,
	223	__unused mach_msg_type_number_t codeCnt,
	224	__unused int *flavor,
	225	__unused const thread_state_t old_state,
	226	__unused mach_msg_type_number_t old_stateCnt,
	227	__unused thread_state_t new_state,
	228	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	229	{
0a7de745	230	return KERN_INVALID_ARGUMENT;
d9a64523 A	231	}
	232
	233	kern_return_t
	234	catch_exception_raise_state_identity(
0a7de745 A	235	__unused mach_port_t exception_port,
	236	__unused mach_port_t thread,
	237	__unused mach_port_t task,
	238	__unused exception_type_t exception,
	239	__unused exception_data_t code,
	240	__unused mach_msg_type_number_t codeCnt,
	241	__unused int *flavor,
	242	__unused thread_state_t old_state,
	243	__unused mach_msg_type_number_t old_stateCnt,
	244	__unused thread_state_t new_state,
	245	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	246	{
0a7de745	247	return KERN_INVALID_ARGUMENT;
d9a64523 A	248	}
	249
	250	kern_return_t
	251	catch_mach_exception_raise_state_identity(
0a7de745 A	252	__unused mach_port_t exception_port,
	253	__unused mach_port_t thread,
	254	__unused mach_port_t task,
	255	__unused exception_type_t exception,
	256	__unused mach_exception_data_t code,
	257	__unused mach_msg_type_number_t codeCnt,
	258	__unused int *flavor,
	259	__unused thread_state_t old_state,
	260	__unused mach_msg_type_number_t old_stateCnt,
	261	__unused thread_state_t new_state,
	262	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	263	{
0a7de745	264	return KERN_INVALID_ARGUMENT;
d9a64523	265	}