[apple/xnu.git] / osfmk / kern / ipc_mig.c

/*
 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
/*
 * @OSF_COPYRIGHT@
 */
/* 
 * Mach Operating System
 * Copyright (c) 1991,1990 Carnegie Mellon University
 * All Rights Reserved.
 * 
 * Permission to use, copy, modify and distribute this software and its
 * documentation is hereby granted, provided that both the copyright
 * notice and this permission notice appear in all copies of the
 * software, derivative works or modified versions, and any portions
 * thereof, and that both notices appear in supporting documentation.
 * 
 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
 * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
 * 
 * Carnegie Mellon requests users of this software to return to
 * 
 *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
 *  School of Computer Science
 *  Carnegie Mellon University
 *  Pittsburgh PA 15213-3890
 * 
 * any improvements or extensions that they make and grant Carnegie Mellon
 * the rights to redistribute these changes.
 */
/*
 */

#include <mach/boolean.h>
#include <mach/port.h>
#include <mach/mig.h>
#include <mach/mig_errors.h>
#include <mach/mach_types.h>
#include <mach/mach_traps.h>

#include <kern/ipc_tt.h>
#include <kern/ipc_mig.h>
#include <kern/kalloc.h>
#include <kern/task.h>
#include <kern/thread.h>
#include <kern/ipc_kobject.h>
#include <kern/misc_protos.h>

#include <ipc/port.h>
#include <ipc/ipc_kmsg.h>
#include <ipc/ipc_entry.h>
#include <ipc/ipc_object.h>
#include <ipc/ipc_mqueue.h>
#include <ipc/ipc_space.h>
#include <ipc/ipc_port.h>
#include <ipc/ipc_pset.h>
#include <vm/vm_map.h>

/*
 *	Routine:	mach_msg_send_from_kernel
 *	Purpose:
 *		Send a message from the kernel.
 *
 *		This is used by the client side of KernelUser interfaces
 *		to implement SimpleRoutines.  Currently, this includes
 *		memory_object messages.
 *	Conditions:
 *		Nothing locked.
 *	Returns:
 *		MACH_MSG_SUCCESS	Sent the message.
 *		MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
 *		MACH_SEND_INVALID_DEST	Bad destination port.
 */

mach_msg_return_t
mach_msg_send_from_kernel(
	mach_msg_header_t	*msg,
	mach_msg_size_t		send_size)
{
	ipc_kmsg_t kmsg;
	mach_msg_return_t mr;

	if (!MACH_PORT_VALID((mach_port_name_t)msg->msgh_remote_port))
		return MACH_SEND_INVALID_DEST;

	mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
	if (mr != MACH_MSG_SUCCESS)
		return mr;

	ipc_kmsg_copyin_from_kernel(kmsg);
	ipc_kmsg_send_always(kmsg);

	return MACH_MSG_SUCCESS;
}

/*
 *	Routine:	mach_msg_rpc_from_kernel
 *	Purpose:
 *		Send a message from the kernel and receive a reply.
 *		Uses ith_rpc_reply for the reply port.
 *
 *		This is used by the client side of KernelUser interfaces
 *		to implement Routines.
 *	Conditions:
 *		Nothing locked.
 *	Returns:
 *		MACH_MSG_SUCCESS	Sent the message.
 *		MACH_RCV_PORT_DIED	The reply port was deallocated.
 */

mach_msg_return_t
mach_msg_rpc_from_kernel(
	mach_msg_header_t	*msg,
	mach_msg_size_t		send_size,
	mach_msg_size_t		rcv_size)
{
	thread_t self = current_thread();
	ipc_port_t reply;
	ipc_kmsg_t kmsg;
	mach_port_seqno_t seqno;
	mach_msg_return_t mr;

	assert(MACH_PORT_VALID((mach_port_name_t)msg->msgh_remote_port));
	assert(msg->msgh_local_port == MACH_PORT_NULL);

	mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
	if (mr != MACH_MSG_SUCCESS)
		return mr;

	reply = self->ith_rpc_reply;
	if (reply == IP_NULL) {
		reply = ipc_port_alloc_reply();
		if ((reply == IP_NULL) ||
		    (self->ith_rpc_reply != IP_NULL))
			panic("mach_msg_rpc_from_kernel");
		self->ith_rpc_reply = reply;
	}

	/* insert send-once right for the reply port */
	kmsg->ikm_header->msgh_local_port = reply;
	kmsg->ikm_header->msgh_bits |=
		MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);

	ipc_port_reference(reply);

	ipc_kmsg_copyin_from_kernel(kmsg);

	ipc_kmsg_send_always(kmsg);

	for (;;) {
		ipc_mqueue_t mqueue;

		ip_lock(reply);
		if ( !ip_active(reply)) {
			ip_unlock(reply);
			ipc_port_release(reply);
			return MACH_RCV_PORT_DIED;
		}
		if (!self->active) {
			ip_unlock(reply);
			ipc_port_release(reply);
			return MACH_RCV_INTERRUPTED;
		}

		assert(reply->ip_pset_count == 0);
		mqueue = &reply->ip_messages;
		ip_unlock(reply);

		self->ith_continuation = (void (*)(mach_msg_return_t))0;

		ipc_mqueue_receive(mqueue,
				   MACH_MSG_OPTION_NONE,
				   MACH_MSG_SIZE_MAX,
				   MACH_MSG_TIMEOUT_NONE,
				   THREAD_INTERRUPTIBLE);

		mr = self->ith_state;
		kmsg = self->ith_kmsg;
		seqno = self->ith_seqno;

		if (mr == MACH_MSG_SUCCESS)
		  {
			break;
		  }

		assert(mr == MACH_RCV_INTERRUPTED);

		if (self->handlers) {
			ipc_port_release(reply);
			return(mr);
		}
	}
	ipc_port_release(reply);

	/*
	 * XXXXX  Set manually for now ...
	 *	No, why even bother, since the effort is wasted?
	 *
	{ mach_msg_format_0_trailer_t *trailer = (mach_msg_format_0_trailer_t *)
		((vm_offset_t)&kmsg->ikm_header + kmsg->ikm_header.msgh_size);
	trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
	trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
	}
	 *****/

	if (rcv_size < kmsg->ikm_header->msgh_size) {
		ipc_kmsg_copyout_dest(kmsg, ipc_space_reply);
		ipc_kmsg_put_to_kernel(msg, kmsg, kmsg->ikm_header->msgh_size);
		return MACH_RCV_TOO_LARGE;
	}

	/*
	 *	We want to preserve rights and memory in reply!
	 *	We don't have to put them anywhere; just leave them
	 *	as they are.
	 */

	ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
	ipc_kmsg_put_to_kernel(msg, kmsg, kmsg->ikm_header->msgh_size);
	return MACH_MSG_SUCCESS;
}


/************** These Calls are set up for kernel-loaded tasks/threads **************/

/*
 *	Routine:	mach_msg_overwrite
 *	Purpose:
 *		Like mach_msg_overwrite_trap except that message buffers
 *		live in kernel space.  Doesn't handle any options.
 *
 *		This is used by in-kernel server threads to make
 *		kernel calls, to receive request messages, and
 *		to send reply messages.
 *	Conditions:
 *		Nothing locked.
 *	Returns:
 */

mach_msg_return_t
mach_msg_overwrite(
	mach_msg_header_t		*msg,
	mach_msg_option_t		option,
	mach_msg_size_t		send_size,
	mach_msg_size_t		rcv_size,
	mach_port_name_t		rcv_name,
	__unused mach_msg_timeout_t	msg_timeout,
	__unused mach_port_name_t	notify,
	__unused mach_msg_header_t	*rcv_msg,
       __unused mach_msg_size_t	rcv_msg_size)
{
	ipc_space_t space = current_space();
	vm_map_t map = current_map();
	ipc_kmsg_t kmsg;
	mach_port_seqno_t seqno;
	mach_msg_return_t mr;
	mach_msg_format_0_trailer_t *trailer;

	if (option & MACH_SEND_MSG) {
		mach_msg_size_t	msg_and_trailer_size;
		mach_msg_max_trailer_t	*max_trailer;

		if ((send_size < sizeof(mach_msg_header_t)) || (send_size & 3))
			return MACH_SEND_MSG_TOO_SMALL;

		if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE)
			return MACH_SEND_TOO_LARGE;

		msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
		kmsg = ipc_kmsg_alloc(msg_and_trailer_size);

		if (kmsg == IKM_NULL)
			return MACH_SEND_NO_BUFFER;

		(void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);

		kmsg->ikm_header->msgh_size = send_size;

		/* 
		 * Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
		 * However, the internal size field of the trailer (msgh_trailer_size)
		 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
		 * the cases where no implicit data is requested.
		 */
		max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
		max_trailer->msgh_sender = current_thread()->task->sec_token;
		max_trailer->msgh_audit = current_thread()->task->audit_token;
		max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
		max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
	
		mr = ipc_kmsg_copyin(kmsg, space, map, MACH_PORT_NULL);
		if (mr != MACH_MSG_SUCCESS) {
			ipc_kmsg_free(kmsg);
			return mr;
		}

		do
			mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE,
					     MACH_MSG_TIMEOUT_NONE);
		while (mr == MACH_SEND_INTERRUPTED);
		assert(mr == MACH_MSG_SUCCESS);
	}

	if (option & MACH_RCV_MSG) {
		thread_t self = current_thread();

		do {
			ipc_object_t object;
			ipc_mqueue_t mqueue;

			mr = ipc_mqueue_copyin(space, rcv_name,
					       &mqueue, &object);
			if (mr != MACH_MSG_SUCCESS)
				return mr;
			/* hold ref for object */

			self->ith_continuation = (void (*)(mach_msg_return_t))0;
			ipc_mqueue_receive(mqueue,
					   MACH_MSG_OPTION_NONE,
					   MACH_MSG_SIZE_MAX,
					   MACH_MSG_TIMEOUT_NONE,
					   THREAD_ABORTSAFE);
			mr = self->ith_state;
			kmsg = self->ith_kmsg;
			seqno = self->ith_seqno;

			ipc_object_release(object);

		} while (mr == MACH_RCV_INTERRUPTED);
		if (mr != MACH_MSG_SUCCESS)
			return mr;

		trailer = (mach_msg_format_0_trailer_t *) 
		    ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
		if (option & MACH_RCV_TRAILER_MASK) {
			trailer->msgh_seqno = seqno;
			trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option);
		}

		if (rcv_size < (kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size)) {
			ipc_kmsg_copyout_dest(kmsg, space);
			(void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
			ipc_kmsg_free(kmsg);
			return MACH_RCV_TOO_LARGE;
		}

		mr = ipc_kmsg_copyout(kmsg, space, map, MACH_PORT_NULL,
				      MACH_MSG_BODY_NULL);
		if (mr != MACH_MSG_SUCCESS) {
			if ((mr &~ MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
				ipc_kmsg_put_to_kernel(msg, kmsg,
						kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
			} else {
				ipc_kmsg_copyout_dest(kmsg, space);
				(void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
				ipc_kmsg_free(kmsg);
			}

			return mr;
		}

		(void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
			      kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
		ipc_kmsg_free(kmsg);
	}

	return MACH_MSG_SUCCESS;
}

/*
 *	Routine:	mig_get_reply_port
 *	Purpose:
 *		Called by client side interfaces living in the kernel
 *		to get a reply port.
 */
mach_port_t
mig_get_reply_port(void)
{
	return (MACH_PORT_NULL);
}

/*
 *	Routine:	mig_dealloc_reply_port
 *	Purpose:
 *		Called by client side interfaces to get rid of a reply port.
 */

void
mig_dealloc_reply_port(
	__unused mach_port_t reply_port)
{
	panic("mig_dealloc_reply_port");
}

/*
 *	Routine:	mig_put_reply_port
 *	Purpose:
 *		Called by client side interfaces after each RPC to 
 *		let the client recycle the reply port if it wishes.
 */
void
mig_put_reply_port(
	__unused mach_port_t reply_port)
{
}

/*
 * mig_strncpy.c - by Joshua Block
 *
 * mig_strncp -- Bounded string copy.  Does what the library routine strncpy
 * OUGHT to do:  Copies the (null terminated) string in src into dest, a 
 * buffer of length len.  Assures that the copy is still null terminated
 * and doesn't overflow the buffer, truncating the copy if necessary.
 *
 * Parameters:
 * 
 *     dest - Pointer to destination buffer.
 * 
 *     src - Pointer to source string.
 * 
 *     len - Length of destination buffer.
 */
int 
mig_strncpy(
	char		*dest,
	const char	*src,
	int		len)
{
    int i = 0;

    if (len > 0)
	if (dest != NULL) {
	    if (src != NULL)
		   for (i=1; i<len; i++)
			if (! (*dest++ = *src++))
			    return i;
	        *dest = '\0';
	}
    return i;
}

char *
mig_user_allocate(
	vm_size_t	size)
{
	return (char *)kalloc(size);
}

void
mig_user_deallocate(
	char		*data,
	vm_size_t	size)
{
	kfree(data, size);
}

/*
 *	Routine:	mig_object_init
 *	Purpose:
 *		Initialize the base class portion of a MIG object.  We
 *		will lazy init the port, so just clear it for now.
 */
kern_return_t
mig_object_init(
	mig_object_t		mig_object,
	const IMIGObject	*interface)
{
	if (mig_object == MIG_OBJECT_NULL)
		return KERN_INVALID_ARGUMENT;
	mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
	mig_object->port = MACH_PORT_NULL;
	return KERN_SUCCESS;
}

/*
 *	Routine:	mig_object_destroy
 *	Purpose:
 *		The object is being freed.  This call lets us clean
 *		up any state we have have built up over the object's
 *		lifetime.
 *	Conditions:
 *		Since notifications and the port hold references on
 *		on the object, neither can exist when this is called.
 *		This is a good place to assert() that condition.
 */
void
mig_object_destroy(
	__assert_only mig_object_t	mig_object)
{
	assert(mig_object->port == MACH_PORT_NULL);
	return;
}

/*
 *	Routine:	mig_object_reference
 *	Purpose:
 *		Pure virtual helper to invoke the MIG object's AddRef
 *		method.
 *	Conditions:
 *		MIG object port may be locked.
 */
void
mig_object_reference(
	mig_object_t	mig_object)
{
	assert(mig_object != MIG_OBJECT_NULL);
	mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
}

/*
 *	Routine:	mig_object_deallocate
 *	Purpose:
 *		Pure virtual helper to invoke the MIG object's Release
 *		method.
 *	Conditions:
 *		Nothing locked.
 */
void
mig_object_deallocate(
	mig_object_t	mig_object)
{
	assert(mig_object != MIG_OBJECT_NULL);
	mig_object->pVtbl->Release((IMIGObject *)mig_object);
}

/*
 *	Routine:	convert_mig_object_to_port [interface]
 *	Purpose:
 *		Base implementation of MIG outtrans routine to convert from
 *		a mig object reference to a new send right on the object's
 *		port.  The object reference is consumed.
 *	Returns:
 *		IP_NULL - Null MIG object supplied
 *		Otherwise, a newly made send right for the port
 *	Conditions:
 *		Nothing locked.
 */
ipc_port_t
convert_mig_object_to_port(
	mig_object_t	mig_object)
{
	ipc_port_t	port;
	boolean_t	deallocate = TRUE;

	if (mig_object == MIG_OBJECT_NULL)
		return IP_NULL;

	port = mig_object->port;
	while ((port == IP_NULL) ||
	       ((port = ipc_port_make_send(port)) == IP_NULL)) {
		ipc_port_t	previous;

		/*
		 * Either the port was never set up, or it was just
		 * deallocated out from under us by the no-senders
		 * processing.  In either case, we must:
		 *	Attempt to make one
		 * 	Arrange for no senders
		 *	Try to atomically register it with the object
		 *		Destroy it if we are raced.
		 */
		port = ipc_port_alloc_kernel();
		ip_lock(port);
		ipc_kobject_set_atomically(port,
					   (ipc_kobject_t) mig_object,
					   IKOT_MIG);

		/* make a sonce right for the notification */
		port->ip_sorights++;
		ip_reference(port);

		ipc_port_nsrequest(port, 1, port, &previous);
		/* port unlocked */

		assert(previous == IP_NULL);

		if (hw_compare_and_store((uint32_t)IP_NULL, (uint32_t)port,
											(uint32_t *)&mig_object->port)) {
			deallocate = FALSE;
		} else {
			ipc_port_dealloc_kernel(port);
			port = mig_object->port;
		}
	}

	if (deallocate)
		mig_object->pVtbl->Release((IMIGObject *)mig_object);

	return (port);
}


/*
 *	Routine:	convert_port_to_mig_object [interface]
 *	Purpose:
 *		Base implementation of MIG intrans routine to convert from
 *		an incoming port reference to a new reference on the
 *		underlying object. A new reference must be created, because
 *		the port's reference could go away asynchronously.
 *	Returns:
 *		NULL - Not an active MIG object port or iid not supported
 *		Otherwise, a reference to the underlying MIG interface
 *	Conditions:
 *		Nothing locked.
 */
mig_object_t
convert_port_to_mig_object(
	ipc_port_t	port,
	const MIGIID	*iid)
{
	mig_object_t	mig_object;
	void 		*ppv;

	if (!IP_VALID(port))
		return NULL;

	ip_lock(port);
	if (!ip_active(port) || (ip_kotype(port) != IKOT_MIG)) {
		ip_unlock(port);
		return NULL;
	}

	/*
	 * Our port points to some MIG object interface.  Now
	 * query it to get a reference to the desired interface.
	 */
	ppv = NULL;
	mig_object = (mig_object_t)port->ip_kobject;
	mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
	ip_unlock(port);
	return (mig_object_t)ppv;
}

/*
 *	Routine:	mig_object_no_senders [interface]
 *	Purpose:
 *		Base implementation of a no-senders notification handler
 *		for MIG objects. If there truly are no more senders, must
 *		destroy the port and drop its reference on the object.
 *	Returns:
 *		TRUE  - port deallocate and reference dropped
 *		FALSE - more senders arrived, re-registered for notification
 *	Conditions:
 *		Nothing locked.
 */

boolean_t
mig_object_no_senders(
	ipc_port_t		port,
	mach_port_mscount_t	mscount)
{
	mig_object_t		mig_object;

	ip_lock(port);
	if (port->ip_mscount > mscount) {
		ipc_port_t 	previous;

		/*
		 * Somebody created new send rights while the
		 * notification was in-flight.  Just create a
		 * new send-once right and re-register with 
		 * the new (higher) mscount threshold.
		 */
		/* make a sonce right for the notification */
		port->ip_sorights++;
		ip_reference(port);
		ipc_port_nsrequest(port, mscount, port, &previous);
		/* port unlocked */

		assert(previous == IP_NULL);
		return (FALSE);
	}

	/*
	 * Clear the port pointer while we have it locked.
	 */
	mig_object = (mig_object_t)port->ip_kobject;
	mig_object->port = IP_NULL;

	/*
	 * Bring the sequence number and mscount in
	 * line with ipc_port_destroy assertion.
	 */
	port->ip_mscount = 0;
	port->ip_messages.imq_seqno = 0;
	ipc_port_destroy(port); /* releases lock */
	
	/*
	 * Release the port's reference on the object.
	 */
	mig_object->pVtbl->Release((IMIGObject *)mig_object);
	return (TRUE);
}	

/*
 * Kernel implementation of the notification chain for MIG object
 * is kept separate from the actual objects, since there are expected
 * to be much fewer of them than actual objects.
 *
 * The implementation of this part of MIG objects is coming
 * "Real Soon Now"(TM).
 */
Commit	Line	Data
1c79356b	1	/*
91447636	2	* Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
1c79356b	3	*
8f6c56a5	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b	5	*
8f6c56a5 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
8ad349bb	24	* limitations under the License.
8f6c56a5 A	25	*
8f6c56a5 A	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b A	27	*/
	28	/*
	29	* @OSF_COPYRIGHT@
	30	*/
	31	/*
	32	* Mach Operating System
	33	* Copyright (c) 1991,1990 Carnegie Mellon University
	34	* All Rights Reserved.
	35	*
	36	* Permission to use, copy, modify and distribute this software and its
	37	* documentation is hereby granted, provided that both the copyright
	38	* notice and this permission notice appear in all copies of the
	39	* software, derivative works or modified versions, and any portions
	40	* thereof, and that both notices appear in supporting documentation.
	41	*
	42	* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
	43	* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
	44	* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
	45	*
	46	* Carnegie Mellon requests users of this software to return to
	47	*
	48	* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
	49	* School of Computer Science
	50	* Carnegie Mellon University
	51	* Pittsburgh PA 15213-3890
	52	*
	53	* any improvements or extensions that they make and grant Carnegie Mellon
	54	* the rights to redistribute these changes.
	55	*/
	56	/*
	57	*/
	58
1c79356b A	59	#include <mach/boolean.h>
1c79356b A	60	#include <mach/port.h>
0b4e3aa0	61	#include <mach/mig.h>
1c79356b A	62	#include <mach/mig_errors.h>
	63	#include <mach/mach_types.h>
	64	#include <mach/mach_traps.h>
0b4e3aa0	65
1c79356b A	66	#include <kern/ipc_tt.h>
1c79356b A	67	#include <kern/ipc_mig.h>
91447636	68	#include <kern/kalloc.h>
1c79356b A	69	#include <kern/task.h>
	70	#include <kern/thread.h>
	71	#include <kern/ipc_kobject.h>
	72	#include <kern/misc_protos.h>
91447636	73
1c79356b A	74	#include <ipc/port.h>
	75	#include <ipc/ipc_kmsg.h>
	76	#include <ipc/ipc_entry.h>
	77	#include <ipc/ipc_object.h>
	78	#include <ipc/ipc_mqueue.h>
	79	#include <ipc/ipc_space.h>
	80	#include <ipc/ipc_port.h>
	81	#include <ipc/ipc_pset.h>
0b4e3aa0	82	#include <vm/vm_map.h>
1c79356b A	83
	84	/*
	85	* Routine: mach_msg_send_from_kernel
	86	* Purpose:
	87	* Send a message from the kernel.
	88	*
	89	* This is used by the client side of KernelUser interfaces
	90	* to implement SimpleRoutines. Currently, this includes
	91	* memory_object messages.
	92	* Conditions:
	93	* Nothing locked.
	94	* Returns:
	95	* MACH_MSG_SUCCESS Sent the message.
	96	* MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
	97	* MACH_SEND_INVALID_DEST Bad destination port.
	98	*/
	99
	100	mach_msg_return_t
	101	mach_msg_send_from_kernel(
	102	mach_msg_header_t *msg,
	103	mach_msg_size_t send_size)
	104	{
	105	ipc_kmsg_t kmsg;
	106	mach_msg_return_t mr;
	107
	108	if (!MACH_PORT_VALID((mach_port_name_t)msg->msgh_remote_port))
	109	return MACH_SEND_INVALID_DEST;
	110
	111	mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
	112	if (mr != MACH_MSG_SUCCESS)
	113	return mr;
	114
	115	ipc_kmsg_copyin_from_kernel(kmsg);
	116	ipc_kmsg_send_always(kmsg);
	117
	118	return MACH_MSG_SUCCESS;
	119	}
	120
	121	/*
	122	* Routine: mach_msg_rpc_from_kernel
	123	* Purpose:
	124	* Send a message from the kernel and receive a reply.
	125	* Uses ith_rpc_reply for the reply port.
	126	*
	127	* This is used by the client side of KernelUser interfaces
	128	* to implement Routines.
	129	* Conditions:
	130	* Nothing locked.
	131	* Returns:
	132	* MACH_MSG_SUCCESS Sent the message.
	133	* MACH_RCV_PORT_DIED The reply port was deallocated.
	134	*/
	135
	136	mach_msg_return_t
	137	mach_msg_rpc_from_kernel(
	138	mach_msg_header_t *msg,
	139	mach_msg_size_t send_size,
	140	mach_msg_size_t rcv_size)
	141	{
	142	thread_t self = current_thread();
	143	ipc_port_t reply;
	144	ipc_kmsg_t kmsg;
	145	mach_port_seqno_t seqno;
	146	mach_msg_return_t mr;
147
148	assert(MACH_PORT_VALID((mach_port_name_t)msg->msgh_remote_port));
149	assert(msg->msgh_local_port == MACH_PORT_NULL);
150
151	mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
152	if (mr != MACH_MSG_SUCCESS)
153	return mr;
154
1c79356b A	155	reply = self->ith_rpc_reply;
1c79356b A	156	if (reply == IP_NULL) {
1c79356b	157	reply = ipc_port_alloc_reply();
1c79356b A	158	if ((reply == IP_NULL) \|\|
	159	(self->ith_rpc_reply != IP_NULL))
	160	panic("mach_msg_rpc_from_kernel");
	161	self->ith_rpc_reply = reply;
	162	}
	163
	164	/* insert send-once right for the reply port */
91447636 A	165	kmsg->ikm_header->msgh_local_port = reply;
91447636 A	166	kmsg->ikm_header->msgh_bits \|=
1c79356b A	167	MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);
	168
	169	ipc_port_reference(reply);
1c79356b A	170
	171	ipc_kmsg_copyin_from_kernel(kmsg);
	172
	173	ipc_kmsg_send_always(kmsg);
	174
	175	for (;;) {
	176	ipc_mqueue_t mqueue;
	177
	178	ip_lock(reply);
	179	if ( !ip_active(reply)) {
	180	ip_unlock(reply);
	181	ipc_port_release(reply);
	182	return MACH_RCV_PORT_DIED;
	183	}
91447636	184	if (!self->active) {
1c79356b A	185	ip_unlock(reply);
	186	ipc_port_release(reply);
	187	return MACH_RCV_INTERRUPTED;
	188	}
	189
	190	assert(reply->ip_pset_count == 0);
	191	mqueue = &reply->ip_messages;
	192	ip_unlock(reply);
	193
	194	self->ith_continuation = (void (*)(mach_msg_return_t))0;
	195
	196	ipc_mqueue_receive(mqueue,
	197	MACH_MSG_OPTION_NONE,
	198	MACH_MSG_SIZE_MAX,
	199	MACH_MSG_TIMEOUT_NONE,
	200	THREAD_INTERRUPTIBLE);
	201
	202	mr = self->ith_state;
	203	kmsg = self->ith_kmsg;
	204	seqno = self->ith_seqno;
	205
	206	if (mr == MACH_MSG_SUCCESS)
	207	{
	208	break;
	209	}
	210
	211	assert(mr == MACH_RCV_INTERRUPTED);
	212
91447636	213	if (self->handlers) {
1c79356b A	214	ipc_port_release(reply);
	215	return(mr);
	216	}
	217	}
	218	ipc_port_release(reply);
	219
	220	/*
	221	* XXXXX Set manually for now ...
	222	* No, why even bother, since the effort is wasted?
	223	*
	224	{ mach_msg_format_0_trailer_t trailer = (mach_msg_format_0_trailer_t )
	225	((vm_offset_t)&kmsg->ikm_header + kmsg->ikm_header.msgh_size);
	226	trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
	227	trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
	228	}
	229	*****/
	230
91447636	231	if (rcv_size < kmsg->ikm_header->msgh_size) {
1c79356b	232	ipc_kmsg_copyout_dest(kmsg, ipc_space_reply);
91447636	233	ipc_kmsg_put_to_kernel(msg, kmsg, kmsg->ikm_header->msgh_size);
1c79356b A	234	return MACH_RCV_TOO_LARGE;
	235	}
	236
	237	/*
	238	* We want to preserve rights and memory in reply!
	239	* We don't have to put them anywhere; just leave them
	240	* as they are.
	241	*/
	242
	243	ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
91447636	244	ipc_kmsg_put_to_kernel(msg, kmsg, kmsg->ikm_header->msgh_size);
1c79356b A	245	return MACH_MSG_SUCCESS;
	246	}
	247
	248
91447636	249	/************ These Calls are set up for kernel-loaded tasks/threads ************/
1c79356b A	250
1c79356b A	251	/*
91447636	252	* Routine: mach_msg_overwrite
1c79356b A	253	* Purpose:
	254	* Like mach_msg_overwrite_trap except that message buffers
	255	* live in kernel space. Doesn't handle any options.
	256	*
	257	* This is used by in-kernel server threads to make
	258	* kernel calls, to receive request messages, and
	259	* to send reply messages.
	260	* Conditions:
	261	* Nothing locked.
	262	* Returns:
	263	*/
	264
	265	mach_msg_return_t
	266	mach_msg_overwrite(
91447636 A	267	mach_msg_header_t *msg,
91447636 A	268	mach_msg_option_t option,
1c79356b A	269	mach_msg_size_t send_size,
1c79356b A	270	mach_msg_size_t rcv_size,
91447636 A	271	mach_port_name_t rcv_name,
	272	__unused mach_msg_timeout_t msg_timeout,
	273	__unused mach_port_name_t notify,
	274	__unused mach_msg_header_t *rcv_msg,
	275	__unused mach_msg_size_t rcv_msg_size)
1c79356b A	276	{
	277	ipc_space_t space = current_space();
	278	vm_map_t map = current_map();
	279	ipc_kmsg_t kmsg;
	280	mach_port_seqno_t seqno;
	281	mach_msg_return_t mr;
	282	mach_msg_format_0_trailer_t *trailer;
	283
	284	if (option & MACH_SEND_MSG) {
91447636 A	285	mach_msg_size_t msg_and_trailer_size;
	286	mach_msg_max_trailer_t *max_trailer;
	287
	288	if ((send_size < sizeof(mach_msg_header_t)) \|\| (send_size & 3))
	289	return MACH_SEND_MSG_TOO_SMALL;
	290
8ad349bb A	291	if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE)
8ad349bb A	292	return MACH_SEND_TOO_LARGE;
91447636	293
8ad349bb	294	msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
91447636 A	295	kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
	296
	297	if (kmsg == IKM_NULL)
	298	return MACH_SEND_NO_BUFFER;
1c79356b	299
91447636 A	300	(void) memcpy((void ) kmsg->ikm_header, (const void ) msg, send_size);
	301
	302	kmsg->ikm_header->msgh_size = send_size;
	303
	304	/*
	305	* Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
	306	* However, the internal size field of the trailer (msgh_trailer_size)
	307	* is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
	308	* the cases where no implicit data is requested.
	309	*/
	310	max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
	311	max_trailer->msgh_sender = current_thread()->task->sec_token;
	312	max_trailer->msgh_audit = current_thread()->task->audit_token;
	313	max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
	314	max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
	315
1c79356b A	316	mr = ipc_kmsg_copyin(kmsg, space, map, MACH_PORT_NULL);
	317	if (mr != MACH_MSG_SUCCESS) {
	318	ipc_kmsg_free(kmsg);
	319	return mr;
	320	}
	321
	322	do
	323	mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE,
	324	MACH_MSG_TIMEOUT_NONE);
	325	while (mr == MACH_SEND_INTERRUPTED);
	326	assert(mr == MACH_MSG_SUCCESS);
	327	}
	328
	329	if (option & MACH_RCV_MSG) {
	330	thread_t self = current_thread();
	331
	332	do {
	333	ipc_object_t object;
	334	ipc_mqueue_t mqueue;
	335
	336	mr = ipc_mqueue_copyin(space, rcv_name,
	337	&mqueue, &object);
	338	if (mr != MACH_MSG_SUCCESS)
	339	return mr;
	340	/* hold ref for object */
	341
	342	self->ith_continuation = (void (*)(mach_msg_return_t))0;
	343	ipc_mqueue_receive(mqueue,
	344	MACH_MSG_OPTION_NONE,
	345	MACH_MSG_SIZE_MAX,
	346	MACH_MSG_TIMEOUT_NONE,
	347	THREAD_ABORTSAFE);
	348	mr = self->ith_state;
	349	kmsg = self->ith_kmsg;
	350	seqno = self->ith_seqno;
	351
	352	ipc_object_release(object);
	353
	354	} while (mr == MACH_RCV_INTERRUPTED);
	355	if (mr != MACH_MSG_SUCCESS)
	356	return mr;
	357
	358	trailer = (mach_msg_format_0_trailer_t *)
91447636	359	((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
1c79356b A	360	if (option & MACH_RCV_TRAILER_MASK) {
	361	trailer->msgh_seqno = seqno;
	362	trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option);
	363	}
	364
91447636	365	if (rcv_size < (kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size)) {
1c79356b	366	ipc_kmsg_copyout_dest(kmsg, space);
91447636 A	367	(void) memcpy((void ) msg, (const void ) kmsg->ikm_header, sizeof *msg);
91447636 A	368	ipc_kmsg_free(kmsg);
1c79356b A	369	return MACH_RCV_TOO_LARGE;
	370	}
	371
	372	mr = ipc_kmsg_copyout(kmsg, space, map, MACH_PORT_NULL,
	373	MACH_MSG_BODY_NULL);
	374	if (mr != MACH_MSG_SUCCESS) {
	375	if ((mr &~ MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
	376	ipc_kmsg_put_to_kernel(msg, kmsg,
91447636	377	kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
1c79356b A	378	} else {
1c79356b A	379	ipc_kmsg_copyout_dest(kmsg, space);
91447636 A	380	(void) memcpy((void ) msg, (const void ) kmsg->ikm_header, sizeof *msg);
91447636 A	381	ipc_kmsg_free(kmsg);
1c79356b A	382	}
	383
	384	return mr;
	385	}
	386
91447636 A	387	(void) memcpy((void ) msg, (const void ) kmsg->ikm_header,
	388	kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
	389	ipc_kmsg_free(kmsg);
1c79356b A	390	}
	391
	392	return MACH_MSG_SUCCESS;
	393	}
	394
	395	/*
	396	* Routine: mig_get_reply_port
	397	* Purpose:
	398	* Called by client side interfaces living in the kernel
91447636	399	* to get a reply port.
1c79356b A	400	*/
	401	mach_port_t
	402	mig_get_reply_port(void)
	403	{
91447636	404	return (MACH_PORT_NULL);
1c79356b A	405	}
	406
	407	/*
	408	* Routine: mig_dealloc_reply_port
	409	* Purpose:
	410	* Called by client side interfaces to get rid of a reply port.
1c79356b A	411	*/
	412
	413	void
	414	mig_dealloc_reply_port(
91447636	415	__unused mach_port_t reply_port)
1c79356b A	416	{
	417	panic("mig_dealloc_reply_port");
	418	}
	419
	420	/*
	421	* Routine: mig_put_reply_port
	422	* Purpose:
	423	* Called by client side interfaces after each RPC to
	424	* let the client recycle the reply port if it wishes.
	425	*/
	426	void
	427	mig_put_reply_port(
91447636	428	__unused mach_port_t reply_port)
1c79356b A	429	{
	430	}
	431
	432	/*
	433	* mig_strncpy.c - by Joshua Block
	434	*
	435	* mig_strncp -- Bounded string copy. Does what the library routine strncpy
	436	* OUGHT to do: Copies the (null terminated) string in src into dest, a
	437	* buffer of length len. Assures that the copy is still null terminated
	438	* and doesn't overflow the buffer, truncating the copy if necessary.
	439	*
	440	* Parameters:
	441	*
	442	* dest - Pointer to destination buffer.
	443	*
	444	* src - Pointer to source string.
	445	*
	446	* len - Length of destination buffer.
	447	*/
	448	int
	449	mig_strncpy(
9bccf70c A	450	char *dest,
	451	const char *src,
	452	int len)
1c79356b A	453	{
	454	int i = 0;
	455
	456	if (len > 0)
	457	if (dest != NULL) {
	458	if (src != NULL)
	459	for (i=1; i<len; i++)
	460	if (! (dest++ = src++))
	461	return i;
	462	*dest = '\0';
	463	}
	464	return i;
	465	}
	466
	467	char *
	468	mig_user_allocate(
	469	vm_size_t size)
	470	{
	471	return (char *)kalloc(size);
	472	}
	473
	474	void
	475	mig_user_deallocate(
	476	char *data,
	477	vm_size_t size)
	478	{
91447636	479	kfree(data, size);
1c79356b A	480	}
1c79356b A	481
0b4e3aa0 A	482	/*
	483	* Routine: mig_object_init
	484	* Purpose:
	485	* Initialize the base class portion of a MIG object. We
	486	* will lazy init the port, so just clear it for now.
	487	*/
	488	kern_return_t
	489	mig_object_init(
	490	mig_object_t mig_object,
	491	const IMIGObject *interface)
	492	{
91447636 A	493	if (mig_object == MIG_OBJECT_NULL)
	494	return KERN_INVALID_ARGUMENT;
	495	mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
0b4e3aa0	496	mig_object->port = MACH_PORT_NULL;
91447636	497	return KERN_SUCCESS;
0b4e3aa0 A	498	}
	499
	500	/*
	501	* Routine: mig_object_destroy
	502	* Purpose:
	503	* The object is being freed. This call lets us clean
	504	* up any state we have have built up over the object's
	505	* lifetime.
	506	* Conditions:
	507	* Since notifications and the port hold references on
	508	* on the object, neither can exist when this is called.
	509	* This is a good place to assert() that condition.
	510	*/
	511	void
	512	mig_object_destroy(
91447636	513	__assert_only mig_object_t mig_object)
0b4e3aa0 A	514	{
	515	assert(mig_object->port == MACH_PORT_NULL);
	516	return;
	517	}
	518
	519	/*
	520	* Routine: mig_object_reference
	521	* Purpose:
	522	* Pure virtual helper to invoke the MIG object's AddRef
	523	* method.
	524	* Conditions:
	525	* MIG object port may be locked.
	526	*/
	527	void
	528	mig_object_reference(
	529	mig_object_t mig_object)
	530	{
	531	assert(mig_object != MIG_OBJECT_NULL);
	532	mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
	533	}
	534
	535	/*
	536	* Routine: mig_object_deallocate
	537	* Purpose:
	538	* Pure virtual helper to invoke the MIG object's Release
	539	* method.
	540	* Conditions:
	541	* Nothing locked.
	542	*/
	543	void
	544	mig_object_deallocate(
	545	mig_object_t mig_object)
	546	{
	547	assert(mig_object != MIG_OBJECT_NULL);
	548	mig_object->pVtbl->Release((IMIGObject *)mig_object);
	549	}
	550
	551	/*
	552	* Routine: convert_mig_object_to_port [interface]
	553	* Purpose:
	554	* Base implementation of MIG outtrans routine to convert from
	555	* a mig object reference to a new send right on the object's
	556	* port. The object reference is consumed.
	557	* Returns:
	558	* IP_NULL - Null MIG object supplied
	559	* Otherwise, a newly made send right for the port
	560	* Conditions:
	561	* Nothing locked.
	562	*/
	563	ipc_port_t
	564	convert_mig_object_to_port(
	565	mig_object_t mig_object)
	566	{
	567	ipc_port_t port;
	568	boolean_t deallocate = TRUE;
	569
	570	if (mig_object == MIG_OBJECT_NULL)
	571	return IP_NULL;
	572
	573	port = mig_object->port;
	574	while ((port == IP_NULL) \|\|
	575	((port = ipc_port_make_send(port)) == IP_NULL)) {
	576	ipc_port_t previous;
	577
578	/*
579	* Either the port was never set up, or it was just
580	* deallocated out from under us by the no-senders
581	* processing. In either case, we must:
582	* Attempt to make one
583	* Arrange for no senders
584	* Try to atomically register it with the object
585	* Destroy it if we are raced.
586	*/
587	port = ipc_port_alloc_kernel();
588	ip_lock(port);
589	ipc_kobject_set_atomically(port,
590	(ipc_kobject_t) mig_object,
591	IKOT_MIG);
592
593	/* make a sonce right for the notification */
594	port->ip_sorights++;
595	ip_reference(port);
596
597	ipc_port_nsrequest(port, 1, port, &previous);
598	/* port unlocked */
599
600	assert(previous == IP_NULL);
601
9bccf70c A	602	if (hw_compare_and_store((uint32_t)IP_NULL, (uint32_t)port,
9bccf70c A	603	(uint32_t *)&mig_object->port)) {
0b4e3aa0 A	604	deallocate = FALSE;
	605	} else {
	606	ipc_port_dealloc_kernel(port);
	607	port = mig_object->port;
	608	}
	609	}
	610
	611	if (deallocate)
	612	mig_object->pVtbl->Release((IMIGObject *)mig_object);
	613
	614	return (port);
	615	}
	616
	617
	618	/*
	619	* Routine: convert_port_to_mig_object [interface]
	620	* Purpose:
	621	* Base implementation of MIG intrans routine to convert from
	622	* an incoming port reference to a new reference on the
	623	* underlying object. A new reference must be created, because
	624	* the port's reference could go away asynchronously.
	625	* Returns:
	626	* NULL - Not an active MIG object port or iid not supported
	627	* Otherwise, a reference to the underlying MIG interface
	628	* Conditions:
	629	* Nothing locked.
	630	*/
	631	mig_object_t
	632	convert_port_to_mig_object(
	633	ipc_port_t port,
	634	const MIGIID *iid)
	635	{
	636	mig_object_t mig_object;
	637	void *ppv;
	638
	639	if (!IP_VALID(port))
	640	return NULL;
	641
	642	ip_lock(port);
	643	if (!ip_active(port) \|\| (ip_kotype(port) != IKOT_MIG)) {
	644	ip_unlock(port);
	645	return NULL;
	646	}
	647
	648	/*
	649	* Our port points to some MIG object interface. Now
	650	* query it to get a reference to the desired interface.
	651	*/
	652	ppv = NULL;
	653	mig_object = (mig_object_t)port->ip_kobject;
	654	mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
	655	ip_unlock(port);
	656	return (mig_object_t)ppv;
	657	}
	658
	659	/*
	660	* Routine: mig_object_no_senders [interface]
	661	* Purpose:
	662	* Base implementation of a no-senders notification handler
	663	* for MIG objects. If there truly are no more senders, must
	664	* destroy the port and drop its reference on the object.
	665	* Returns:
	666	* TRUE - port deallocate and reference dropped
	667	* FALSE - more senders arrived, re-registered for notification
668	* Conditions:
669	* Nothing locked.
670	*/
671
672	boolean_t
673	mig_object_no_senders(
674	ipc_port_t port,
675	mach_port_mscount_t mscount)
676	{
677	mig_object_t mig_object;
678
679	ip_lock(port);
680	if (port->ip_mscount > mscount) {
681	ipc_port_t previous;
682
683	/*
684	* Somebody created new send rights while the
685	* notification was in-flight. Just create a
686	* new send-once right and re-register with
687	* the new (higher) mscount threshold.
688	*/
689	/* make a sonce right for the notification */
690	port->ip_sorights++;
691	ip_reference(port);
692	ipc_port_nsrequest(port, mscount, port, &previous);
693	/* port unlocked */
694
695	assert(previous == IP_NULL);
696	return (FALSE);
697	}
698
699	/*
700	* Clear the port pointer while we have it locked.
701	*/
702	mig_object = (mig_object_t)port->ip_kobject;
703	mig_object->port = IP_NULL;
704
705	/*
706	* Bring the sequence number and mscount in
707	* line with ipc_port_destroy assertion.
708	*/
709	port->ip_mscount = 0;
710	port->ip_messages.imq_seqno = 0;
711	ipc_port_destroy(port); /* releases lock */
712
713	/*
714	* Release the port's reference on the object.
715	*/
716	mig_object->pVtbl->Release((IMIGObject *)mig_object);
717	return (TRUE);
718	}
719
720	/*
721	* Kernel implementation of the notification chain for MIG object
722	* is kept separate from the actual objects, since there are expected
723	* to be much fewer of them than actual objects.
724	*
725	* The implementation of this part of MIG objects is coming
726	* "Real Soon Now"(TM).
727	*/