]> git.saurik.com Git - apple/xnu.git/blame - osfmk/kern/ipc_mig.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-1486.2.11.tar.gz
[apple/xnu.git] / osfmk / kern / ipc_mig.c
CommitLineData
1c79356b 1/*
91447636 2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
1c79356b 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b 5 *
2d21ac55
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
8f6c56a5 14 *
2d21ac55
A		 15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A		 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A		 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
8f6c56a5 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A		 27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
31/*
32 * Mach Operating System
33 * Copyright (c) 1991,1990 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56/*
57 */
58
1c79356b
A		 59#include <mach/boolean.h>
60#include <mach/port.h>
0b4e3aa0 61#include <mach/mig.h>
1c79356b
A		 62#include <mach/mig_errors.h>
63#include <mach/mach_types.h>
64#include <mach/mach_traps.h>
0b4e3aa0 65
1c79356b
A		 66#include <kern/ipc_tt.h>
67#include <kern/ipc_mig.h>
91447636 68#include <kern/kalloc.h>
1c79356b
A		 69#include <kern/task.h>
70#include <kern/thread.h>
71#include <kern/ipc_kobject.h>
72#include <kern/misc_protos.h>
91447636 73
1c79356b
A		 74#include <ipc/port.h>
75#include <ipc/ipc_kmsg.h>
76#include <ipc/ipc_entry.h>
77#include <ipc/ipc_object.h>
78#include <ipc/ipc_mqueue.h>
79#include <ipc/ipc_space.h>
80#include <ipc/ipc_port.h>
81#include <ipc/ipc_pset.h>
0b4e3aa0 82#include <vm/vm_map.h>
1c79356b 83
b0d623f7
A		 84#include <libkern/OSAtomic.h>
85
1c79356b
A		 86/*
87 * Routine: mach_msg_send_from_kernel
88 * Purpose:
89 * Send a message from the kernel.
90 *
91 * This is used by the client side of KernelUser interfaces
92 * to implement SimpleRoutines. Currently, this includes
93 * memory_object messages.
94 * Conditions:
95 * Nothing locked.
96 * Returns:
97 * MACH_MSG_SUCCESS Sent the message.
1c79356b 98 * MACH_SEND_INVALID_DEST Bad destination port.
c910b4d9
A		 99 * MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
100 * or destination is above kernel limit
1c79356b
A		 101 */
102
b0d623f7
A		 103#if IKM_SUPPORT_LEGACY
104
105#undef mach_msg_send_from_kernel
106mach_msg_return_t mach_msg_send_from_kernel(
107 mach_msg_header_t *msg,
108 mach_msg_size_t send_size);
109
1c79356b
A		 110mach_msg_return_t
111mach_msg_send_from_kernel(
112 mach_msg_header_t *msg,
113 mach_msg_size_t send_size)
114{
115 ipc_kmsg_t kmsg;
116 mach_msg_return_t mr;
117
b0d623f7
A		 118 if (!MACH_PORT_VALID(CAST_MACH_PORT_TO_NAME(msg->msgh_remote_port)))
119 return MACH_SEND_INVALID_DEST;
120
121 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
122 if (mr != MACH_MSG_SUCCESS)
123 return mr;
124
125 ipc_kmsg_copyin_from_kernel_legacy(kmsg);
126
127 mr = ipc_kmsg_send_always(kmsg);
128 if (mr != MACH_MSG_SUCCESS) {
129 ipc_kmsg_destroy(kmsg);
130 }
131
132 return mr;
133}
134
135#endif /* IKM_SUPPORT_LEGACY */
136
137mach_msg_return_t
138mach_msg_send_from_kernel_proper(
139 mach_msg_header_t *msg,
140 mach_msg_size_t send_size)
141{
142 ipc_kmsg_t kmsg;
143 mach_msg_return_t mr;
144
145 if (!MACH_PORT_VALID(CAST_MACH_PORT_TO_NAME(msg->msgh_remote_port)))
1c79356b
A		 146 return MACH_SEND_INVALID_DEST;
147
148 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
149 if (mr != MACH_MSG_SUCCESS)
150 return mr;
151
152 ipc_kmsg_copyin_from_kernel(kmsg);
1c79356b 153
c910b4d9
A		 154 mr = ipc_kmsg_send_always(kmsg);
155 if (mr != MACH_MSG_SUCCESS) {
156 ipc_kmsg_destroy(kmsg);
157 }
158
159 return mr;
1c79356b
A		 160}
161
b0d623f7
A		 162#if IKM_SUPPORT_LEGACY
163
2d21ac55
A		 164mach_msg_return_t
165mach_msg_send_from_kernel_with_options(
166 mach_msg_header_t *msg,
167 mach_msg_size_t send_size,
168 mach_msg_option_t option,
169 mach_msg_timeout_t timeout_val)
170{
171 ipc_kmsg_t kmsg;
172 mach_msg_return_t mr;
173
b0d623f7 174 if (!MACH_PORT_VALID(CAST_MACH_PORT_TO_NAME(msg->msgh_remote_port)))
2d21ac55
A		 175 return MACH_SEND_INVALID_DEST;
176
177 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
178 if (mr != MACH_MSG_SUCCESS)
179 return mr;
180
b0d623f7 181 ipc_kmsg_copyin_from_kernel_legacy(kmsg);
2d21ac55
A		 182 mr = ipc_kmsg_send(kmsg, option, timeout_val);
183 if (mr != MACH_MSG_SUCCESS) {
c910b4d9 184 ipc_kmsg_destroy(kmsg);
2d21ac55
A		 185 }
186
187 return mr;
188}
189
b0d623f7
A		 190#endif /* IKM_SUPPORT_LEGACY */
191
1c79356b
A		 192/*
193 * Routine: mach_msg_rpc_from_kernel
194 * Purpose:
195 * Send a message from the kernel and receive a reply.
196 * Uses ith_rpc_reply for the reply port.
197 *
198 * This is used by the client side of KernelUser interfaces
199 * to implement Routines.
200 * Conditions:
201 * Nothing locked.
202 * Returns:
203 * MACH_MSG_SUCCESS Sent the message.
204 * MACH_RCV_PORT_DIED The reply port was deallocated.
205 */
206
b0d623f7
A		 207mach_msg_return_t mach_msg_rpc_from_kernel_body(mach_msg_header_t *msg,
208 mach_msg_size_t send_size, mach_msg_size_t rcv_size, boolean_t legacy);
209
210#if IKM_SUPPORT_LEGACY
211
212#undef mach_msg_rpc_from_kernel
1c79356b
A		 213mach_msg_return_t
214mach_msg_rpc_from_kernel(
b0d623f7
A		 215 mach_msg_header_t *msg,
216 mach_msg_size_t send_size,
217 mach_msg_size_t rcv_size);
218
219mach_msg_return_t
220mach_msg_rpc_from_kernel(
221 mach_msg_header_t *msg,
222 mach_msg_size_t send_size,
223 mach_msg_size_t rcv_size)
224{
225 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, TRUE);
226}
227
228#endif /* IKM_SUPPORT_LEGACY */
229
230mach_msg_return_t
231mach_msg_rpc_from_kernel_proper(
1c79356b
A		 232 mach_msg_header_t *msg,
233 mach_msg_size_t send_size,
234 mach_msg_size_t rcv_size)
b0d623f7
A		 235{
236 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, FALSE);
237}
238
239mach_msg_return_t
240mach_msg_rpc_from_kernel_body(
241 mach_msg_header_t *msg,
242 mach_msg_size_t send_size,
243 mach_msg_size_t rcv_size,
244#if !IKM_SUPPORT_LEGACY
245 __unused
246#endif
247 boolean_t legacy)
1c79356b
A		 248{
249 thread_t self = current_thread();
250 ipc_port_t reply;
251 ipc_kmsg_t kmsg;
252 mach_port_seqno_t seqno;
253 mach_msg_return_t mr;
254
b0d623f7 255 assert(MACH_PORT_VALID(CAST_MACH_PORT_TO_NAME(msg->msgh_remote_port)));
1c79356b
A		 256 assert(msg->msgh_local_port == MACH_PORT_NULL);
257
258 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
259 if (mr != MACH_MSG_SUCCESS)
260 return mr;
261
1c79356b
A		 262 reply = self->ith_rpc_reply;
263 if (reply == IP_NULL) {
1c79356b 264 reply = ipc_port_alloc_reply();
1c79356b
A		 265 if ((reply == IP_NULL) ||
266 (self->ith_rpc_reply != IP_NULL))
267 panic("mach_msg_rpc_from_kernel");
268 self->ith_rpc_reply = reply;
269 }
270
271 /* insert send-once right for the reply port */
91447636
A		 272 kmsg->ikm_header->msgh_local_port = reply;
273 kmsg->ikm_header->msgh_bits |=
1c79356b
A		 274 MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);
275
276 ipc_port_reference(reply);
1c79356b 277
b0d623f7
A		 278#if IKM_SUPPORT_LEGACY
279 if(legacy)
280 ipc_kmsg_copyin_from_kernel_legacy(kmsg);
281 else
282 ipc_kmsg_copyin_from_kernel(kmsg);
283#else
284 ipc_kmsg_copyin_from_kernel(kmsg);
285#endif
1c79356b 286
c910b4d9
A		 287 mr = ipc_kmsg_send_always(kmsg);
288 if (mr != MACH_MSG_SUCCESS) {
289 ipc_kmsg_destroy(kmsg);
290 return mr;
291 }
1c79356b
A		 292
293 for (;;) {
294 ipc_mqueue_t mqueue;
295
296 ip_lock(reply);
297 if ( !ip_active(reply)) {
298 ip_unlock(reply);
299 ipc_port_release(reply);
300 return MACH_RCV_PORT_DIED;
301 }
91447636 302 if (!self->active) {
1c79356b
A		 303 ip_unlock(reply);
304 ipc_port_release(reply);
305 return MACH_RCV_INTERRUPTED;
306 }
307
308 assert(reply->ip_pset_count == 0);
309 mqueue = &reply->ip_messages;
310 ip_unlock(reply);
311
312 self->ith_continuation = (void (*)(mach_msg_return_t))0;
313
314 ipc_mqueue_receive(mqueue,
315 MACH_MSG_OPTION_NONE,
316 MACH_MSG_SIZE_MAX,
317 MACH_MSG_TIMEOUT_NONE,
318 THREAD_INTERRUPTIBLE);
319
320 mr = self->ith_state;
321 kmsg = self->ith_kmsg;
322 seqno = self->ith_seqno;
323
324 if (mr == MACH_MSG_SUCCESS)
325 {
326 break;
327 }
328
329 assert(mr == MACH_RCV_INTERRUPTED);
330
91447636 331 if (self->handlers) {
1c79356b
A		 332 ipc_port_release(reply);
333 return(mr);
334 }
335 }
336 ipc_port_release(reply);
337
2d21ac55
A		 338 /*
339 * Check to see how much of the message/trailer can be received.
340 * We chose the maximum trailer that will fit, since we don't
341 * have options telling us which trailer elements the caller needed.
342 */
343 if (rcv_size >= kmsg->ikm_header->msgh_size) {
344 mach_msg_format_0_trailer_t *trailer = (mach_msg_format_0_trailer_t *)
345 ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
346
347 if (rcv_size >= kmsg->ikm_header->msgh_size + MAX_TRAILER_SIZE) {
348 /* Enough room for a maximum trailer */
349 trailer->msgh_trailer_size = MAX_TRAILER_SIZE;
350 }
351 else if (rcv_size < kmsg->ikm_header->msgh_size +
352 trailer->msgh_trailer_size) {
353 /* no room for even the basic (default) trailer */
354 trailer->msgh_trailer_size = 0;
355 }
356 assert(trailer->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0);
357 rcv_size = kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size;
358 mr = MACH_MSG_SUCCESS;
359 } else {
360 mr = MACH_RCV_TOO_LARGE;
1c79356b 361 }
1c79356b 362
1c79356b
A		 363
364 /*
365 * We want to preserve rights and memory in reply!
366 * We don't have to put them anywhere; just leave them
367 * as they are.
368 */
b0d623f7
A		 369#if IKM_SUPPORT_LEGACY
370 if(legacy)
371 ipc_kmsg_copyout_to_kernel_legacy(kmsg, ipc_space_reply);
372 else
373 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
374#else
375 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
376#endif
2d21ac55
A		 377 ipc_kmsg_put_to_kernel(msg, kmsg, rcv_size);
378 return mr;
1c79356b
A		 379}
380
381
91447636 382/************** These Calls are set up for kernel-loaded tasks/threads **************/
1c79356b
A		 383
384/*
91447636 385 * Routine: mach_msg_overwrite
1c79356b
A		 386 * Purpose:
387 * Like mach_msg_overwrite_trap except that message buffers
388 * live in kernel space. Doesn't handle any options.
389 *
390 * This is used by in-kernel server threads to make
391 * kernel calls, to receive request messages, and
392 * to send reply messages.
393 * Conditions:
394 * Nothing locked.
395 * Returns:
396 */
397
398mach_msg_return_t
399mach_msg_overwrite(
91447636
A		 400 mach_msg_header_t *msg,
401 mach_msg_option_t option,
1c79356b
A		 402 mach_msg_size_t send_size,
403 mach_msg_size_t rcv_size,
91447636
A		 404 mach_port_name_t rcv_name,
405 __unused mach_msg_timeout_t msg_timeout,
406 __unused mach_port_name_t notify,
407 __unused mach_msg_header_t *rcv_msg,
408 __unused mach_msg_size_t rcv_msg_size)
1c79356b
A		 409{
410 ipc_space_t space = current_space();
411 vm_map_t map = current_map();
412 ipc_kmsg_t kmsg;
413 mach_port_seqno_t seqno;
414 mach_msg_return_t mr;
b0d623f7 415 mach_msg_max_trailer_t *trailer;
1c79356b
A		 416
417 if (option & MACH_SEND_MSG) {
91447636
A		 418 mach_msg_size_t msg_and_trailer_size;
419 mach_msg_max_trailer_t *max_trailer;
420
421 if ((send_size < sizeof(mach_msg_header_t)) || (send_size & 3))
422 return MACH_SEND_MSG_TOO_SMALL;
423
8ad349bb
A		 424 if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE)
425 return MACH_SEND_TOO_LARGE;
91447636 426
8ad349bb 427 msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
91447636
A		 428 kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
429
430 if (kmsg == IKM_NULL)
431 return MACH_SEND_NO_BUFFER;
1c79356b 432
91447636
A		 433 (void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);
434
435 kmsg->ikm_header->msgh_size = send_size;
436
437 /*
438 * Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
439 * However, the internal size field of the trailer (msgh_trailer_size)
440 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
441 * the cases where no implicit data is requested.
442 */
443 max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
444 max_trailer->msgh_sender = current_thread()->task->sec_token;
445 max_trailer->msgh_audit = current_thread()->task->audit_token;
446 max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
447 max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
448
1c79356b
A		 449 mr = ipc_kmsg_copyin(kmsg, space, map, MACH_PORT_NULL);
450 if (mr != MACH_MSG_SUCCESS) {
451 ipc_kmsg_free(kmsg);
452 return mr;
453 }
454
455 do
456 mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE,
457 MACH_MSG_TIMEOUT_NONE);
458 while (mr == MACH_SEND_INTERRUPTED);
459 assert(mr == MACH_MSG_SUCCESS);
460 }
461
462 if (option & MACH_RCV_MSG) {
463 thread_t self = current_thread();
464
465 do {
466 ipc_object_t object;
467 ipc_mqueue_t mqueue;
468
469 mr = ipc_mqueue_copyin(space, rcv_name,
470 &mqueue, &object);
471 if (mr != MACH_MSG_SUCCESS)
472 return mr;
473 /* hold ref for object */
474
475 self->ith_continuation = (void (*)(mach_msg_return_t))0;
476 ipc_mqueue_receive(mqueue,
477 MACH_MSG_OPTION_NONE,
478 MACH_MSG_SIZE_MAX,
479 MACH_MSG_TIMEOUT_NONE,
480 THREAD_ABORTSAFE);
481 mr = self->ith_state;
482 kmsg = self->ith_kmsg;
483 seqno = self->ith_seqno;
484
485 ipc_object_release(object);
486
487 } while (mr == MACH_RCV_INTERRUPTED);
488 if (mr != MACH_MSG_SUCCESS)
489 return mr;
490
b0d623f7 491 trailer = (mach_msg_max_trailer_t *)
91447636 492 ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
1c79356b
A		 493 if (option & MACH_RCV_TRAILER_MASK) {
494 trailer->msgh_seqno = seqno;
b0d623f7
A		 495 trailer->msgh_context =
496 kmsg->ikm_header->msgh_remote_port->ip_context;
1c79356b
A		 497 trailer->msgh_trailer_size = REQUESTED_TRAILER_SIZE(option);
498 }
499
91447636 500 if (rcv_size < (kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size)) {
1c79356b 501 ipc_kmsg_copyout_dest(kmsg, space);
91447636
A		 502 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
503 ipc_kmsg_free(kmsg);
1c79356b
A		 504 return MACH_RCV_TOO_LARGE;
505 }
506
507 mr = ipc_kmsg_copyout(kmsg, space, map, MACH_PORT_NULL,
508 MACH_MSG_BODY_NULL);
509 if (mr != MACH_MSG_SUCCESS) {
510 if ((mr &~ MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
511 ipc_kmsg_put_to_kernel(msg, kmsg,
91447636 512 kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
1c79356b
A		 513 } else {
514 ipc_kmsg_copyout_dest(kmsg, space);
91447636
A		 515 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
516 ipc_kmsg_free(kmsg);
1c79356b
A		 517 }
518
519 return mr;
520 }
521
91447636
A		 522 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
523 kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size);
524 ipc_kmsg_free(kmsg);
1c79356b
A		 525 }
526
527 return MACH_MSG_SUCCESS;
528}
529
530/*
531 * Routine: mig_get_reply_port
532 * Purpose:
533 * Called by client side interfaces living in the kernel
91447636 534 * to get a reply port.
1c79356b
A		 535 */
536mach_port_t
537mig_get_reply_port(void)
538{
91447636 539 return (MACH_PORT_NULL);
1c79356b
A		 540}
541
542/*
543 * Routine: mig_dealloc_reply_port
544 * Purpose:
545 * Called by client side interfaces to get rid of a reply port.
1c79356b
A		 546 */
547
548void
549mig_dealloc_reply_port(
91447636 550 __unused mach_port_t reply_port)
1c79356b 551{
1c79356b
A		 552}
553
554/*
555 * Routine: mig_put_reply_port
556 * Purpose:
557 * Called by client side interfaces after each RPC to
558 * let the client recycle the reply port if it wishes.
559 */
560void
561mig_put_reply_port(
91447636 562 __unused mach_port_t reply_port)
1c79356b
A		 563{
564}
565
566/*
567 * mig_strncpy.c - by Joshua Block
568 *
569 * mig_strncp -- Bounded string copy. Does what the library routine strncpy
570 * OUGHT to do: Copies the (null terminated) string in src into dest, a
571 * buffer of length len. Assures that the copy is still null terminated
572 * and doesn't overflow the buffer, truncating the copy if necessary.
573 *
574 * Parameters:
575 *
576 * dest - Pointer to destination buffer.
577 *
578 * src - Pointer to source string.
579 *
580 * len - Length of destination buffer.
581 */
582int
583mig_strncpy(
9bccf70c
A		 584 char *dest,
585 const char *src,
586 int len)
1c79356b
A		 587{
588 int i = 0;
589
590 if (len > 0)
591 if (dest != NULL) {
592 if (src != NULL)
593 for (i=1; i<len; i++)
594 if (! (*dest++ = *src++))
595 return i;
596 *dest = '\0';
597 }
598 return i;
599}
600
601char *
602mig_user_allocate(
603 vm_size_t size)
604{
605 return (char *)kalloc(size);
606}
607
608void
609mig_user_deallocate(
610 char *data,
611 vm_size_t size)
612{
91447636 613 kfree(data, size);
1c79356b
A		 614}
615
0b4e3aa0
A		 616/*
617 * Routine: mig_object_init
618 * Purpose:
619 * Initialize the base class portion of a MIG object. We
620 * will lazy init the port, so just clear it for now.
621 */
622kern_return_t
623mig_object_init(
624 mig_object_t mig_object,
625 const IMIGObject *interface)
626{
91447636
A		 627 if (mig_object == MIG_OBJECT_NULL)
628 return KERN_INVALID_ARGUMENT;
629 mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
0b4e3aa0 630 mig_object->port = MACH_PORT_NULL;
91447636 631 return KERN_SUCCESS;
0b4e3aa0
A		 632}
633
634/*
635 * Routine: mig_object_destroy
636 * Purpose:
637 * The object is being freed. This call lets us clean
638 * up any state we have have built up over the object's
639 * lifetime.
640 * Conditions:
641 * Since notifications and the port hold references on
642 * on the object, neither can exist when this is called.
643 * This is a good place to assert() that condition.
644 */
645void
646mig_object_destroy(
91447636 647 __assert_only mig_object_t mig_object)
0b4e3aa0
A		 648{
649 assert(mig_object->port == MACH_PORT_NULL);
650 return;
651}
652
653/*
654 * Routine: mig_object_reference
655 * Purpose:
656 * Pure virtual helper to invoke the MIG object's AddRef
657 * method.
658 * Conditions:
659 * MIG object port may be locked.
660 */
661void
662mig_object_reference(
663 mig_object_t mig_object)
664{
665 assert(mig_object != MIG_OBJECT_NULL);
666 mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
667}
668
669/*
670 * Routine: mig_object_deallocate
671 * Purpose:
672 * Pure virtual helper to invoke the MIG object's Release
673 * method.
674 * Conditions:
675 * Nothing locked.
676 */
677void
678mig_object_deallocate(
679 mig_object_t mig_object)
680{
681 assert(mig_object != MIG_OBJECT_NULL);
682 mig_object->pVtbl->Release((IMIGObject *)mig_object);
683}
684
685/*
686 * Routine: convert_mig_object_to_port [interface]
687 * Purpose:
688 * Base implementation of MIG outtrans routine to convert from
689 * a mig object reference to a new send right on the object's
690 * port. The object reference is consumed.
691 * Returns:
692 * IP_NULL - Null MIG object supplied
693 * Otherwise, a newly made send right for the port
694 * Conditions:
695 * Nothing locked.
696 */
697ipc_port_t
698convert_mig_object_to_port(
699 mig_object_t mig_object)
700{
701 ipc_port_t port;
702 boolean_t deallocate = TRUE;
703
704 if (mig_object == MIG_OBJECT_NULL)
705 return IP_NULL;
706
707 port = mig_object->port;
708 while ((port == IP_NULL) ||
709 ((port = ipc_port_make_send(port)) == IP_NULL)) {
710 ipc_port_t previous;
711
712 /*
713 * Either the port was never set up, or it was just
714 * deallocated out from under us by the no-senders
715 * processing. In either case, we must:
716 * Attempt to make one
717 * Arrange for no senders
718 * Try to atomically register it with the object
719 * Destroy it if we are raced.
720 */
721 port = ipc_port_alloc_kernel();
722 ip_lock(port);
723 ipc_kobject_set_atomically(port,
724 (ipc_kobject_t) mig_object,
725 IKOT_MIG);
726
727 /* make a sonce right for the notification */
728 port->ip_sorights++;
729 ip_reference(port);
730
731 ipc_port_nsrequest(port, 1, port, &previous);
732 /* port unlocked */
733
734 assert(previous == IP_NULL);
735
b0d623f7
A		 736 if (OSCompareAndSwapPtr((void *)IP_NULL, (void *)port,
737 (void * volatile *)&mig_object->port)) {
0b4e3aa0
A		 738 deallocate = FALSE;
739 } else {
740 ipc_port_dealloc_kernel(port);
741 port = mig_object->port;
742 }
743 }
744
745 if (deallocate)
746 mig_object->pVtbl->Release((IMIGObject *)mig_object);
747
748 return (port);
749}
750
751
752/*
753 * Routine: convert_port_to_mig_object [interface]
754 * Purpose:
755 * Base implementation of MIG intrans routine to convert from
756 * an incoming port reference to a new reference on the
757 * underlying object. A new reference must be created, because
758 * the port's reference could go away asynchronously.
759 * Returns:
760 * NULL - Not an active MIG object port or iid not supported
761 * Otherwise, a reference to the underlying MIG interface
762 * Conditions:
763 * Nothing locked.
764 */
765mig_object_t
766convert_port_to_mig_object(
767 ipc_port_t port,
768 const MIGIID *iid)
769{
770 mig_object_t mig_object;
771 void *ppv;
772
773 if (!IP_VALID(port))
774 return NULL;
775
776 ip_lock(port);
777 if (!ip_active(port) || (ip_kotype(port) != IKOT_MIG)) {
778 ip_unlock(port);
779 return NULL;
780 }
781
782 /*
783 * Our port points to some MIG object interface. Now
784 * query it to get a reference to the desired interface.
785 */
786 ppv = NULL;
787 mig_object = (mig_object_t)port->ip_kobject;
788 mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
789 ip_unlock(port);
790 return (mig_object_t)ppv;
791}
792
793/*
794 * Routine: mig_object_no_senders [interface]
795 * Purpose:
796 * Base implementation of a no-senders notification handler
797 * for MIG objects. If there truly are no more senders, must
798 * destroy the port and drop its reference on the object.
799 * Returns:
800 * TRUE - port deallocate and reference dropped
801 * FALSE - more senders arrived, re-registered for notification
802 * Conditions:
803 * Nothing locked.
804 */
805
806boolean_t
807mig_object_no_senders(
808 ipc_port_t port,
809 mach_port_mscount_t mscount)
810{
811 mig_object_t mig_object;
812
813 ip_lock(port);
814 if (port->ip_mscount > mscount) {
815 ipc_port_t previous;
816
817 /*
818 * Somebody created new send rights while the
819 * notification was in-flight. Just create a
820 * new send-once right and re-register with
821 * the new (higher) mscount threshold.
822 */
823 /* make a sonce right for the notification */
824 port->ip_sorights++;
825 ip_reference(port);
826 ipc_port_nsrequest(port, mscount, port, &previous);
827 /* port unlocked */
828
829 assert(previous == IP_NULL);
830 return (FALSE);
831 }
832
833 /*
834 * Clear the port pointer while we have it locked.
835 */
836 mig_object = (mig_object_t)port->ip_kobject;
837 mig_object->port = IP_NULL;
838
839 /*
840 * Bring the sequence number and mscount in
841 * line with ipc_port_destroy assertion.
842 */
843 port->ip_mscount = 0;
844 port->ip_messages.imq_seqno = 0;
845 ipc_port_destroy(port); /* releases lock */
846
847 /*
848 * Release the port's reference on the object.
849 */
850 mig_object->pVtbl->Release((IMIGObject *)mig_object);
851 return (TRUE);
852}
853
854/*
855 * Kernel implementation of the notification chain for MIG object
856 * is kept separate from the actual objects, since there are expected
857 * to be much fewer of them than actual objects.
858 *
859 * The implementation of this part of MIG objects is coming
860 * "Real Soon Now"(TM).
861 */
mirror of XNU