[apple/xnu.git] / osfmk / i386 / user_ldt.c

/*
 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
/*
 * @OSF_COPYRIGHT@
 */
/* 
 * Mach Operating System
 * Copyright (c) 1991 Carnegie Mellon University
 * All Rights Reserved.
 * 
 * Permission to use, copy, modify and distribute this software and its
 * documentation is hereby granted, provided that both the copyright
 * notice and this permission notice appear in all copies of the
 * software, derivative works or modified versions, and any portions
 * thereof, and that both notices appear in supporting documentation.
 * 
 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
 * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
 * 
 * Carnegie Mellon requests users of this software to return to
 * 
 *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
 *  School of Computer Science
 *  Carnegie Mellon University
 *  Pittsburgh PA 15213-3890
 * 
 * any improvements or extensions that they make and grant Carnegie Mellon 
 * the rights to redistribute these changes.
 */

/*
 */

/*
 * User LDT management.
 * Each thread in a task may have its own LDT.
 */

#include <kern/kalloc.h>
#include <kern/thread.h>
#include <kern/misc_protos.h>

#include <vm/vm_kern.h>

#include <i386/seg.h>
#include <i386/thread.h>
#include <i386/user_ldt.h>

char	acc_type[8][3] = {
    /*	code	stack	data */
    {	0,	0,	1	},	/* data */
    {	0,	1,	1	},	/* data, writable */
    {	0,	0,	1	},	/* data, expand-down */
    {	0,	1,	1	},	/* data, writable, expand-down */
    {	1,	0,	0	},	/* code */
    {	1,	0,	1	},	/* code, readable */
    {	1,	0,	0	},	/* code, conforming */
    {	1,	0,	1	},	/* code, readable, conforming */
};

#if 0
/* Forward */

extern boolean_t	selector_check(
				thread_t		thread,
				int			sel,
				int			type);

boolean_t
selector_check(
	thread_t		thread,
	int			sel,
	int			type)
{
	struct user_ldt	*ldt;
	int	access;

	ldt = thread->machine.pcb->ims.ldt;
	if (ldt == 0) {
	    switch (type) {
		case S_CODE:
		    return sel == USER_CS;
		case S_STACK:
		    return sel == USER_DS;
		case S_DATA:
		    return sel == 0 ||
			   sel == USER_CS ||
			   sel == USER_DS;
	    }
	}

	if (type != S_DATA && sel == 0)
	    return FALSE;
	if ((sel & (SEL_LDTS|SEL_PL)) != (SEL_LDTS|SEL_PL_U)
	  || sel > ldt->desc.limit_low)
		return FALSE;

	access = ldt->ldt[sel_idx(sel)].access;
	
	if ((access & (ACC_P|ACC_PL|ACC_TYPE_USER))
		!= (ACC_P|ACC_PL_U|ACC_TYPE_USER))
	    return FALSE;
		/* present, pl == pl.user, not system */

	return acc_type[(access & 0xe)>>1][type];
}

/*
 * Add the descriptors to the LDT, starting with
 * the descriptor for 'first_selector'.
 */

kern_return_t
i386_set_ldt(
	thread_t		thr_act,
	int			first_selector,
	descriptor_list_t	desc_list,
	mach_msg_type_number_t	count)
{
	user_ldt_t	new_ldt, old_ldt, temp;
	struct real_descriptor *dp;
	int		i;
	int		min_selector = 0;
	pcb_t		pcb;
	vm_size_t	ldt_size_needed;
	int		first_desc = sel_idx(first_selector);
	vm_map_copy_t	old_copy_object;
	thread_t		thread;

	if (first_desc < min_selector || first_desc > 8191)
	    return KERN_INVALID_ARGUMENT;
	if (first_desc + count >= 8192)
	    return KERN_INVALID_ARGUMENT;
	if (thr_act == THREAD_NULL)
	    return KERN_INVALID_ARGUMENT;
	if ((thread = act_lock_thread(thr_act)) == THREAD_NULL) {
		act_unlock_thread(thr_act);
	    return KERN_INVALID_ARGUMENT;
	}
	if (thread == current_thread())
		min_selector = LDTSZ;
	act_unlock_thread(thr_act);

	/*
	 * We must copy out desc_list to the kernel map, and wire
	 * it down (we touch it while the PCB is locked).
	 *
	 * We make a copy of the copyin object, and clear
	 * out the old one, so that the MIG stub will have a
	 * a empty (but valid) copyin object to discard.
	 */
	{
	    kern_return_t	kr;
	    vm_map_offset_t	dst_addr;

	    old_copy_object = (vm_map_copy_t) desc_list;

	    kr = vm_map_copyout(ipc_kernel_map, &dst_addr,
				vm_map_copy_copy(old_copy_object));
	    if (kr != KERN_SUCCESS)
		return kr;

	    (void) vm_map_wire(ipc_kernel_map,
			vm_map_trunc_page(dst_addr),
			vm_map_round_page(dst_addr + 
				count * sizeof(struct real_descriptor)),
			VM_PROT_READ|VM_PROT_WRITE, FALSE);
	    desc_list = CAST_DOWN(descriptor_list_t, dst_addr);
	}

	for (i = 0, dp = (struct real_descriptor *) desc_list;
	     i < count;
	     i++, dp++)
	{
	    switch (dp->access & ~ACC_A) {
		case 0:
		case ACC_P:
		    /* valid empty descriptor */
		    break;
		case ACC_P | ACC_CALL_GATE:
		    /* Mach kernel call */
		    *dp = *(struct real_descriptor *)
				&ldt[sel_idx(USER_SCALL)];
		    break;
		case ACC_P | ACC_PL_U | ACC_DATA:
		case ACC_P | ACC_PL_U | ACC_DATA_W:
		case ACC_P | ACC_PL_U | ACC_DATA_E:
		case ACC_P | ACC_PL_U | ACC_DATA_EW:
		case ACC_P | ACC_PL_U | ACC_CODE:
		case ACC_P | ACC_PL_U | ACC_CODE_R:
		case ACC_P | ACC_PL_U | ACC_CODE_C:
		case ACC_P | ACC_PL_U | ACC_CODE_CR:
		case ACC_P | ACC_PL_U | ACC_CALL_GATE_16:
		case ACC_P | ACC_PL_U | ACC_CALL_GATE:
		    break;
		default:
		    (void) vm_map_remove(ipc_kernel_map, 
					 vm_map_trunc_page(desc_list),
					 vm_map_round_page(&desc_list[count]),
					 VM_MAP_REMOVE_KUNWIRE);
		    return KERN_INVALID_ARGUMENT;
	    }
	}
	ldt_size_needed = sizeof(struct real_descriptor)
			* (first_desc + count);

	pcb = thr_act->machine.pcb;
	new_ldt = 0;
    Retry:
	simple_lock(&pcb->lock);
	old_ldt = pcb->ims.ldt;
	if (old_ldt == 0 ||
	    old_ldt->desc.limit_low + 1 < ldt_size_needed)
	{
	    /*
	     * No old LDT, or not big enough
	     */
	    if (new_ldt == 0) {
		simple_unlock(&pcb->lock);

		new_ldt = (user_ldt_t) kalloc(ldt_size_needed
					      + sizeof(struct real_descriptor));
		new_ldt->desc.limit_low   = ldt_size_needed - 1;
		new_ldt->desc.limit_high  = 0;
		new_ldt->desc.base_low    = 
				((vm_offset_t)&new_ldt->ldt[0]) & 0xffff;
		new_ldt->desc.base_med    = 
				(((vm_offset_t)&new_ldt->ldt[0]) >> 16)
						 & 0xff;
		new_ldt->desc.base_high   = 
				((vm_offset_t)&new_ldt->ldt[0]) >> 24;
		new_ldt->desc.access      = ACC_P | ACC_LDT;
		new_ldt->desc.granularity = 0;

		goto Retry;
	    }

	    /*
	     * Have new LDT.  If there was a an old ldt, copy descriptors
	     * from old to new.  Otherwise copy the default ldt.
	     */
	    if (old_ldt) {
		bcopy((char *)&old_ldt->ldt[0],
		      (char *)&new_ldt->ldt[0],
		      old_ldt->desc.limit_low + 1);
	    }
	    else if (thr_act == current_thread()) {
		struct real_descriptor template = {0, 0, 0, ACC_P, 0, 0 ,0};

		for (dp = &new_ldt->ldt[0], i = 0; i < first_desc; i++, dp++) {
		    if (i < LDTSZ)
		    	*dp = *(struct real_descriptor *) &ldt[i];
		    else
			*dp = template;
		}
	    }

	    temp = old_ldt;
	    old_ldt = new_ldt;	/* use new LDT from now on */
	    new_ldt = temp;	/* discard old LDT */

	    pcb->ims.ldt = old_ldt;	/* new LDT for thread */
	}

	/*
	 * Install new descriptors.
	 */
	bcopy((char *)desc_list,
	      (char *)&old_ldt->ldt[first_desc],
	      count * sizeof(struct real_descriptor));

	simple_unlock(&pcb->lock);

	if (new_ldt)
	    kfree((vm_offset_t)new_ldt,
		  new_ldt->desc.limit_low+1+sizeof(struct real_descriptor));

	/*
	 * Free the descriptor list.
	 */
	(void) vm_map_remove(ipc_kernel_map, vm_map_trunc_page(desc_list),
			     vm_map_round_page(&desc_list[count]),
			     VM_MAP_REMOVE_KUNWIRE);
	return KERN_SUCCESS;
}

kern_return_t
i386_get_ldt(
	thread_t		thr_act,
	int			first_selector,
	int			selector_count,	/* number wanted */
	descriptor_list_t	*desc_list,	/* in/out */
	mach_msg_type_number_t	*count)		/* in/out */
{
	struct user_ldt *user_ldt;
	pcb_t		pcb = thr_act->machine.pcb;
	int		first_desc = sel_idx(first_selector);
	unsigned int	ldt_count;
	vm_size_t	ldt_size;
	vm_size_t	size, size_needed;
	vm_offset_t	addr;
	thread_t		thread;

	if (thr_act == THREAD_NULL)
	    return KERN_INVALID_ARGUMENT;

	if (first_desc < 0 || first_desc > 8191)
	    return KERN_INVALID_ARGUMENT;
	if (first_desc + selector_count >= 8192)
	    return KERN_INVALID_ARGUMENT;

	addr = 0;
	size = 0;

	for (;;) {
	    simple_lock(&pcb->lock);
	    user_ldt = pcb->ims.ldt;
	    if (user_ldt == 0) {
		simple_unlock(&pcb->lock);
		if (addr)
		    kmem_free(ipc_kernel_map, addr, size);
		*count = 0;
		return KERN_SUCCESS;
	    }

	    /*
	     * Find how many descriptors we should return.
	     */
	    ldt_count = (user_ldt->desc.limit_low + 1) /
			sizeof (struct real_descriptor);
	    ldt_count -= first_desc;
	    if (ldt_count > selector_count)
		ldt_count = selector_count;

	    ldt_size = ldt_count * sizeof(struct real_descriptor);

	    /*
	     * Do we have the memory we need?
	     */
	    if (ldt_count <= *count)
		break;		/* fits in-line */

	    size_needed = round_page(ldt_size);
	    if (size_needed <= size)
		break;

	    /*
	     * Unlock the pcb and allocate more memory
	     */
	    simple_unlock(&pcb->lock);

	    if (size != 0)
		kmem_free(ipc_kernel_map, addr, size);

	    size = size_needed;

	    if (kmem_alloc(ipc_kernel_map, &addr, size)
			!= KERN_SUCCESS)
		return KERN_RESOURCE_SHORTAGE;
	}

	/*
	 * copy out the descriptors
	 */
	bcopy((char *)&user_ldt->ldt[first_desc],
	      (char *)addr,
	      ldt_size);
	*count = ldt_count;
	simple_unlock(&pcb->lock);

	if (addr) {
	    vm_size_t		size_used, size_left;
	    vm_map_copy_t	memory;

	    /*
	     * Free any unused memory beyond the end of the last page used
	     */
	    size_used = round_page(ldt_size);
	    if (size_used != size)
		kmem_free(ipc_kernel_map,
			addr + size_used, size - size_used);

	    /*
	     * Zero the remainder of the page being returned.
	     */
	    size_left = size_used - ldt_size;
	    if (size_left > 0)
		bzero((char *)addr + ldt_size, size_left);

	    /*
	     * Unwire the memory and make it into copyin form.
	     */
	    (void) vm_map_unwire(ipc_kernel_map, vm_map_trunc_page(addr),
				 vm_map_round_page(addr + size_used), FALSE);
	    (void) vm_map_copyin(ipc_kernel_map, (vm_map_address_t)addr, 
				 (vm_map_size_t)size_used, TRUE, &memory);
	    *desc_list = (descriptor_list_t) memory;
	}

	return KERN_SUCCESS;
}

#endif 
void
user_ldt_free(
	user_ldt_t	user_ldt)
{
	kfree(user_ldt,
		user_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
}
Commit	Line	Data
1c79356b	1	/*
91447636	2	* Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
1c79356b	3	*
8f6c56a5	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b	5	*
8f6c56a5 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
8ad349bb	24	* limitations under the License.
8f6c56a5 A	25	*
8f6c56a5 A	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b A	27	*/
	28	/*
	29	* @OSF_COPYRIGHT@
	30	*/
	31	/*
	32	* Mach Operating System
	33	* Copyright (c) 1991 Carnegie Mellon University
	34	* All Rights Reserved.
	35	*
	36	* Permission to use, copy, modify and distribute this software and its
	37	* documentation is hereby granted, provided that both the copyright
	38	* notice and this permission notice appear in all copies of the
	39	* software, derivative works or modified versions, and any portions
	40	* thereof, and that both notices appear in supporting documentation.
	41	*
	42	* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
	43	* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
	44	* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
	45	*
	46	* Carnegie Mellon requests users of this software to return to
	47	*
	48	* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
	49	* School of Computer Science
	50	* Carnegie Mellon University
	51	* Pittsburgh PA 15213-3890
	52	*
	53	* any improvements or extensions that they make and grant Carnegie Mellon
	54	* the rights to redistribute these changes.
	55	*/
	56
	57	/*
	58	*/
	59
	60	/*
	61	* User LDT management.
8f6c56a5	62	* Each thread in a task may have its own LDT.
1c79356b A	63	*/
	64
	65	#include <kern/kalloc.h>
	66	#include <kern/thread.h>
	67	#include <kern/misc_protos.h>
	68
	69	#include <vm/vm_kern.h>
	70
	71	#include <i386/seg.h>
	72	#include <i386/thread.h>
	73	#include <i386/user_ldt.h>
	74
8f6c56a5 A	75	char acc_type[8][3] = {
	76	/* code stack data */
	77	{ 0, 0, 1 }, /* data */
	78	{ 0, 1, 1 }, /* data, writable */
	79	{ 0, 0, 1 }, /* data, expand-down */
	80	{ 0, 1, 1 }, /* data, writable, expand-down */
	81	{ 1, 0, 0 }, /* code */
	82	{ 1, 0, 1 }, /* code, readable */
	83	{ 1, 0, 0 }, /* code, conforming */
	84	{ 1, 0, 1 }, /* code, readable, conforming */
	85	};
	86
	87	#if 0
	88	/* Forward */
	89
	90	extern boolean_t selector_check(
	91	thread_t thread,
	92	int sel,
	93	int type);
	94
	95	boolean_t
	96	selector_check(
	97	thread_t thread,
	98	int sel,
	99	int type)
	100	{
	101	struct user_ldt *ldt;
	102	int access;
	103
	104	ldt = thread->machine.pcb->ims.ldt;
	105	if (ldt == 0) {
	106	switch (type) {
	107	case S_CODE:
	108	return sel == USER_CS;
	109	case S_STACK:
	110	return sel == USER_DS;
	111	case S_DATA:
	112	return sel == 0 \|\|
	113	sel == USER_CS \|\|
	114	sel == USER_DS;
	115	}
	116	}
8ad349bb	117
8f6c56a5 A	118	if (type != S_DATA && sel == 0)
	119	return FALSE;
	120	if ((sel & (SEL_LDTS\|SEL_PL)) != (SEL_LDTS\|SEL_PL_U)
	121	\|\| sel > ldt->desc.limit_low)
	122	return FALSE;
	123
	124	access = ldt->ldt[sel_idx(sel)].access;
	125
	126	if ((access & (ACC_P\|ACC_PL\|ACC_TYPE_USER))
	127	!= (ACC_P\|ACC_PL_U\|ACC_TYPE_USER))
	128	return FALSE;
	129	/* present, pl == pl.user, not system */
	130
	131	return acc_type[(access & 0xe)>>1][type];
	132	}
1c79356b A	133
	134	/*
	135	* Add the descriptors to the LDT, starting with
	136	* the descriptor for 'first_selector'.
	137	*/
	138
8f6c56a5	139	kern_return_t
1c79356b	140	i386_set_ldt(
8f6c56a5 A	141	thread_t thr_act,
	142	int first_selector,
	143	descriptor_list_t desc_list,
	144	mach_msg_type_number_t count)
1c79356b	145	{
8f6c56a5	146	user_ldt_t new_ldt, old_ldt, temp;
1c79356b	147	struct real_descriptor *dp;
8f6c56a5 A	148	int i;
	149	int min_selector = 0;
	150	pcb_t pcb;
	151	vm_size_t ldt_size_needed;
	152	int first_desc = sel_idx(first_selector);
	153	vm_map_copy_t old_copy_object;
	154	thread_t thread;
	155
	156	if (first_desc < min_selector \|\| first_desc > 8191)
	157	return KERN_INVALID_ARGUMENT;
	158	if (first_desc + count >= 8192)
	159	return KERN_INVALID_ARGUMENT;
	160	if (thr_act == THREAD_NULL)
	161	return KERN_INVALID_ARGUMENT;
	162	if ((thread = act_lock_thread(thr_act)) == THREAD_NULL) {
	163	act_unlock_thread(thr_act);
	164	return KERN_INVALID_ARGUMENT;
	165	}
	166	if (thread == current_thread())
	167	min_selector = LDTSZ;
	168	act_unlock_thread(thr_act);
5d5c5d0d	169
8f6c56a5 A	170	/*
	171	* We must copy out desc_list to the kernel map, and wire
	172	* it down (we touch it while the PCB is locked).
	173	*
	174	* We make a copy of the copyin object, and clear
	175	* out the old one, so that the MIG stub will have a
	176	* a empty (but valid) copyin object to discard.
	177	*/
	178	{
	179	kern_return_t kr;
	180	vm_map_offset_t dst_addr;
	181
	182	old_copy_object = (vm_map_copy_t) desc_list;
	183
	184	kr = vm_map_copyout(ipc_kernel_map, &dst_addr,
	185	vm_map_copy_copy(old_copy_object));
	186	if (kr != KERN_SUCCESS)
	187	return kr;
	188
	189	(void) vm_map_wire(ipc_kernel_map,
	190	vm_map_trunc_page(dst_addr),
	191	vm_map_round_page(dst_addr +
	192	count * sizeof(struct real_descriptor)),
	193	VM_PROT_READ\|VM_PROT_WRITE, FALSE);
	194	desc_list = CAST_DOWN(descriptor_list_t, dst_addr);
	195	}
5d5c5d0d	196
8f6c56a5 A	197	for (i = 0, dp = (struct real_descriptor *) desc_list;
	198	i < count;
	199	i++, dp++)
	200	{
	201	switch (dp->access & ~ACC_A) {
	202	case 0:
	203	case ACC_P:
	204	/* valid empty descriptor */
	205	break;
	206	case ACC_P \| ACC_CALL_GATE:
	207	/* Mach kernel call */
	208	dp = (struct real_descriptor *)
	209	&ldt[sel_idx(USER_SCALL)];
	210	break;
	211	case ACC_P \| ACC_PL_U \| ACC_DATA:
	212	case ACC_P \| ACC_PL_U \| ACC_DATA_W:
	213	case ACC_P \| ACC_PL_U \| ACC_DATA_E:
	214	case ACC_P \| ACC_PL_U \| ACC_DATA_EW:
	215	case ACC_P \| ACC_PL_U \| ACC_CODE:
	216	case ACC_P \| ACC_PL_U \| ACC_CODE_R:
	217	case ACC_P \| ACC_PL_U \| ACC_CODE_C:
	218	case ACC_P \| ACC_PL_U \| ACC_CODE_CR:
	219	case ACC_P \| ACC_PL_U \| ACC_CALL_GATE_16:
	220	case ACC_P \| ACC_PL_U \| ACC_CALL_GATE:
	221	break;
	222	default:
	223	(void) vm_map_remove(ipc_kernel_map,
	224	vm_map_trunc_page(desc_list),
	225	vm_map_round_page(&desc_list[count]),
	226	VM_MAP_REMOVE_KUNWIRE);
	227	return KERN_INVALID_ARGUMENT;
1c79356b A	228	}
1c79356b A	229	}
8f6c56a5 A	230	ldt_size_needed = sizeof(struct real_descriptor)
	231	* (first_desc + count);
	232
	233	pcb = thr_act->machine.pcb;
	234	new_ldt = 0;
	235	Retry:
	236	simple_lock(&pcb->lock);
	237	old_ldt = pcb->ims.ldt;
	238	if (old_ldt == 0 \|\|
	239	old_ldt->desc.limit_low + 1 < ldt_size_needed)
	240	{
1c79356b	241	/*
8f6c56a5	242	* No old LDT, or not big enough
1c79356b	243	*/
8f6c56a5 A	244	if (new_ldt == 0) {
	245	simple_unlock(&pcb->lock);
	246
	247	new_ldt = (user_ldt_t) kalloc(ldt_size_needed
	248	+ sizeof(struct real_descriptor));
	249	new_ldt->desc.limit_low = ldt_size_needed - 1;
	250	new_ldt->desc.limit_high = 0;
	251	new_ldt->desc.base_low =
	252	((vm_offset_t)&new_ldt->ldt[0]) & 0xffff;
	253	new_ldt->desc.base_med =
	254	(((vm_offset_t)&new_ldt->ldt[0]) >> 16)
	255	& 0xff;
	256	new_ldt->desc.base_high =
	257	((vm_offset_t)&new_ldt->ldt[0]) >> 24;
	258	new_ldt->desc.access = ACC_P \| ACC_LDT;
	259	new_ldt->desc.granularity = 0;
	260
	261	goto Retry;
5d5c5d0d A	262	}
5d5c5d0d A	263
1c79356b A	264	/*
1c79356b A	265	* Have new LDT. If there was a an old ldt, copy descriptors
8f6c56a5	266	* from old to new. Otherwise copy the default ldt.
1c79356b A	267	*/
1c79356b A	268	if (old_ldt) {
8f6c56a5 A	269	bcopy((char *)&old_ldt->ldt[0],
	270	(char *)&new_ldt->ldt[0],
	271	old_ldt->desc.limit_low + 1);
1c79356b	272	}
8f6c56a5 A	273	else if (thr_act == current_thread()) {
	274	struct real_descriptor template = {0, 0, 0, ACC_P, 0, 0 ,0};
	275
	276	for (dp = &new_ldt->ldt[0], i = 0; i < first_desc; i++, dp++) {
	277	if (i < LDTSZ)
	278	dp = (struct real_descriptor *) &ldt[i];
	279	else
	280	*dp = template;
1c79356b A	281	}
	282	}
	283
8f6c56a5 A	284	temp = old_ldt;
	285	old_ldt = new_ldt; /* use new LDT from now on */
	286	new_ldt = temp; /* discard old LDT */
c0fea474	287
8f6c56a5 A	288	pcb->ims.ldt = old_ldt; /* new LDT for thread */
8f6c56a5 A	289	}
5d5c5d0d	290
1c79356b	291	/*
8f6c56a5	292	* Install new descriptors.
1c79356b	293	*/
8f6c56a5 A	294	bcopy((char *)desc_list,
	295	(char *)&old_ldt->ldt[first_desc],
	296	count * sizeof(struct real_descriptor));
1c79356b	297
8f6c56a5	298	simple_unlock(&pcb->lock);
5d5c5d0d	299
8f6c56a5 A	300	if (new_ldt)
	301	kfree((vm_offset_t)new_ldt,
	302	new_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
5d5c5d0d	303
8f6c56a5 A	304	/*
	305	* Free the descriptor list.
	306	*/
	307	(void) vm_map_remove(ipc_kernel_map, vm_map_trunc_page(desc_list),
	308	vm_map_round_page(&desc_list[count]),
	309	VM_MAP_REMOVE_KUNWIRE);
	310	return KERN_SUCCESS;
1c79356b A	311	}
1c79356b A	312
8f6c56a5	313	kern_return_t
1c79356b	314	i386_get_ldt(
8f6c56a5 A	315	thread_t thr_act,
	316	int first_selector,
	317	int selector_count, /* number wanted */
	318	descriptor_list_t desc_list, / in/out */
	319	mach_msg_type_number_t count) / in/out */
1c79356b	320	{
8f6c56a5 A	321	struct user_ldt *user_ldt;
	322	pcb_t pcb = thr_act->machine.pcb;
	323	int first_desc = sel_idx(first_selector);
1c79356b	324	unsigned int ldt_count;
8f6c56a5 A	325	vm_size_t ldt_size;
	326	vm_size_t size, size_needed;
	327	vm_offset_t addr;
	328	thread_t thread;
	329
	330	if (thr_act == THREAD_NULL)
	331	return KERN_INVALID_ARGUMENT;
	332
	333	if (first_desc < 0 \|\| first_desc > 8191)
	334	return KERN_INVALID_ARGUMENT;
	335	if (first_desc + selector_count >= 8192)
	336	return KERN_INVALID_ARGUMENT;
	337
	338	addr = 0;
	339	size = 0;
	340
	341	for (;;) {
	342	simple_lock(&pcb->lock);
	343	user_ldt = pcb->ims.ldt;
	344	if (user_ldt == 0) {
	345	simple_unlock(&pcb->lock);
	346	if (addr)
	347	kmem_free(ipc_kernel_map, addr, size);
	348	*count = 0;
	349	return KERN_SUCCESS;
	350	}
1c79356b	351
8f6c56a5 A	352	/*
	353	* Find how many descriptors we should return.
	354	*/
	355	ldt_count = (user_ldt->desc.limit_low + 1) /
	356	sizeof (struct real_descriptor);
	357	ldt_count -= first_desc;
	358	if (ldt_count > selector_count)
	359	ldt_count = selector_count;
1c79356b	360
8f6c56a5	361	ldt_size = ldt_count * sizeof(struct real_descriptor);
c0fea474	362
8f6c56a5 A	363	/*
	364	* Do we have the memory we need?
	365	*/
	366	if (ldt_count <= *count)
	367	break; /* fits in-line */
5d5c5d0d	368
8f6c56a5 A	369	size_needed = round_page(ldt_size);
	370	if (size_needed <= size)
	371	break;
1c79356b	372
8f6c56a5 A	373	/*
	374	* Unlock the pcb and allocate more memory
	375	*/
	376	simple_unlock(&pcb->lock);
1c79356b	377
8f6c56a5 A	378	if (size != 0)
8f6c56a5 A	379	kmem_free(ipc_kernel_map, addr, size);
1c79356b	380
8f6c56a5	381	size = size_needed;
1c79356b	382
8f6c56a5 A	383	if (kmem_alloc(ipc_kernel_map, &addr, size)
	384	!= KERN_SUCCESS)
	385	return KERN_RESOURCE_SHORTAGE;
1c79356b A	386	}
1c79356b A	387
8f6c56a5 A	388	/*
	389	* copy out the descriptors
	390	*/
	391	bcopy((char *)&user_ldt->ldt[first_desc],
	392	(char *)addr,
	393	ldt_size);
	394	*count = ldt_count;
	395	simple_unlock(&pcb->lock);
1c79356b	396
8f6c56a5 A	397	if (addr) {
	398	vm_size_t size_used, size_left;
	399	vm_map_copy_t memory;
1c79356b	400
8f6c56a5 A	401	/*
	402	* Free any unused memory beyond the end of the last page used
	403	*/
	404	size_used = round_page(ldt_size);
	405	if (size_used != size)
	406	kmem_free(ipc_kernel_map,
	407	addr + size_used, size - size_used);
1c79356b	408
8f6c56a5 A	409	/*
	410	* Zero the remainder of the page being returned.
	411	*/
	412	size_left = size_used - ldt_size;
	413	if (size_left > 0)
	414	bzero((char *)addr + ldt_size, size_left);
1c79356b	415
8f6c56a5 A	416	/*
	417	* Unwire the memory and make it into copyin form.
	418	*/
	419	(void) vm_map_unwire(ipc_kernel_map, vm_map_trunc_page(addr),
	420	vm_map_round_page(addr + size_used), FALSE);
	421	(void) vm_map_copyin(ipc_kernel_map, (vm_map_address_t)addr,
	422	(vm_map_size_t)size_used, TRUE, &memory);
	423	*desc_list = (descriptor_list_t) memory;
1c79356b	424	}
5d5c5d0d	425
8f6c56a5	426	return KERN_SUCCESS;
1c79356b A	427	}
1c79356b A	428
8f6c56a5	429	#endif
1c79356b	430	void
8f6c56a5 A	431	user_ldt_free(
8f6c56a5 A	432	user_ldt_t user_ldt)
1c79356b	433	{
8f6c56a5 A	434	kfree(user_ldt,
8f6c56a5 A	435	user_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
1c79356b	436	}