[apple/xnu.git] / osfmk / kern / ux_handler.c

/*
 * Copyright (c) 2017 Apple Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 *
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */

#include <kern/ux_handler.h>
#include <sys/ux_exception.h>

#include <mach/exception.h>
#include <mach/kern_return.h>
#include <mach/port.h>
#include <mach/mach_port.h>
#include <mach/mig_errors.h>

#include <kern/thread.h>
#include <kern/task.h>
#include <kern/ipc_kobject.h>
#include <kern/ipc_tt.h>

#include <ipc/ipc_port.h>

#include <mach/host_priv.h>
#include <kern/host.h>

#include <mach/exc_server.h>
#include <mach/mach_exc_server.h>

#include <libkern/section_keywords.h>

/*
 * Mach kobject port to reflect Mach exceptions into Unix signals.
 *
 * This is the default Mach exception handler for initproc, which
 * then filters to all subprocesses as the host level exception handler for
 * most Mach exceptions.
 */

static const void                      *ux_handler_kobject    = NULL;
SECURITY_READ_ONLY_LATE(ipc_port_t)     ux_handler_port       = IP_NULL;

/*
 * init is called early in Mach initialization
 * when we can initialize read-only memory
 */
void
ux_handler_init(void)
{
	ux_handler_port = ipc_kobject_alloc_port((ipc_kobject_t)&ux_handler_kobject,
	    IKOT_UX_HANDLER, IPC_KOBJECT_ALLOC_NONE);
}

/*
 * setup is called late in BSD initialization from initproc's context
 * so the MAC hook goo inside host_set_exception_ports will be able to
 * set up labels without falling over.
 */
void
ux_handler_setup(void)
{
	ipc_port_t ux_handler_send_right = ipc_port_make_send(ux_handler_port);

	if (!IP_VALID(ux_handler_send_right)) {
		panic("Couldn't allocate send right for ux_handler_port!\n");
	}

	kern_return_t kr = KERN_SUCCESS;

	/*
	 * Consumes 1 send right.
	 *
	 * Instruments uses the RPC_ALERT port, so don't register for that.
	 */
	kr = host_set_exception_ports(host_priv_self(),
	    EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT),
	    ux_handler_send_right,
	    EXCEPTION_DEFAULT | MACH_EXCEPTION_CODES,
	    0);

	if (kr != KERN_SUCCESS) {
		panic("host_set_exception_ports failed to set ux_handler! %d", kr);
	}
}

/*
 * Is this port the ux_handler?
 * If so, it's safe to send an exception without checking labels.
 */
boolean_t
is_ux_handler_port(mach_port_t port)
{
	if (ux_handler_port == port) {
		return TRUE;
	} else {
		return FALSE;
	}
}

kern_return_t
catch_mach_exception_raise(
	mach_port_t                  exception_port,
	mach_port_t                  thread_port,
	mach_port_t                  task_port,
	exception_type_t             exception,
	mach_exception_data_t        code,
	__unused mach_msg_type_number_t       codeCnt)
{
	if (exception_port != ux_handler_port) {
		return KERN_FAILURE;
	}

	kern_return_t kr = KERN_SUCCESS;

	thread_t    target_thread   = THREAD_NULL;
	task_t      target_task     = TASK_NULL;

	if ((target_thread = convert_port_to_thread(thread_port)) == THREAD_NULL) {
		kr = KERN_INVALID_ARGUMENT;
		goto out;
	}

	if ((target_task = convert_port_to_task(task_port)) == TASK_NULL) {
		kr = KERN_INVALID_ARGUMENT;
		goto out;
	}

	kr = handle_ux_exception(target_thread, exception, code[0], code[1]);

out:
	if (kr == KERN_SUCCESS) {
		/*
		 * Following the MIG 'consume on success' protocol,
		 * consume references to the port arguments.
		 * (but NOT the exception_port, as the first argument is borrowed)
		 *
		 * If we return non-success, the kobject server will eat the port
		 * references for us.
		 */

		ipc_port_release_send(thread_port);
		ipc_port_release_send(task_port);
	}

	thread_deallocate(target_thread);
	task_deallocate(target_task);

	return kr;
}

kern_return_t
catch_exception_raise(
	mach_port_t               exception_port,
	mach_port_t               thread,
	mach_port_t               task,
	exception_type_t          exception,
	exception_data_t          code,
	mach_msg_type_number_t    codeCnt)
{
	if (exception_port != ux_handler_port) {
		return KERN_FAILURE;
	}

	mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
		[0] = code[0],
		[1] = code[1],
	};

	return catch_mach_exception_raise(exception_port,
	           thread,
	           task,
	           exception,
	           big_code,
	           codeCnt);
}

kern_return_t
catch_exception_raise_state(
	__unused mach_port_t                 exception_port,
	__unused exception_type_t            exception,
	__unused const exception_data_t      code,
	__unused mach_msg_type_number_t      codeCnt,
	__unused int                        *flavor,
	__unused const thread_state_t        old_state,
	__unused mach_msg_type_number_t      old_stateCnt,
	__unused thread_state_t              new_state,
	__unused mach_msg_type_number_t     *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_mach_exception_raise_state(
	__unused mach_port_t                    exception_port,
	__unused exception_type_t               exception,
	__unused const mach_exception_data_t    code,
	__unused mach_msg_type_number_t         codeCnt,
	__unused int                           *flavor,
	__unused const thread_state_t           old_state,
	__unused mach_msg_type_number_t         old_stateCnt,
	__unused thread_state_t                 new_state,
	__unused mach_msg_type_number_t        *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_exception_raise_state_identity(
	__unused mach_port_t                exception_port,
	__unused mach_port_t                thread,
	__unused mach_port_t                task,
	__unused exception_type_t           exception,
	__unused exception_data_t           code,
	__unused mach_msg_type_number_t     codeCnt,
	__unused int                       *flavor,
	__unused thread_state_t             old_state,
	__unused mach_msg_type_number_t     old_stateCnt,
	__unused thread_state_t             new_state,
	__unused mach_msg_type_number_t    *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}

kern_return_t
catch_mach_exception_raise_state_identity(
	__unused mach_port_t                   exception_port,
	__unused mach_port_t                   thread,
	__unused mach_port_t                   task,
	__unused exception_type_t              exception,
	__unused mach_exception_data_t         code,
	__unused mach_msg_type_number_t        codeCnt,
	__unused int                          *flavor,
	__unused thread_state_t                old_state,
	__unused mach_msg_type_number_t        old_stateCnt,
	__unused thread_state_t                new_state,
	__unused mach_msg_type_number_t       *new_stateCnt)
{
	return KERN_INVALID_ARGUMENT;
}
Commit	Line	Data
d9a64523 A	1	/*
	2	* Copyright (c) 2017 Apple Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29	#include <kern/ux_handler.h>
	30	#include <sys/ux_exception.h>
	31
	32	#include <mach/exception.h>
	33	#include <mach/kern_return.h>
	34	#include <mach/port.h>
	35	#include <mach/mach_port.h>
	36	#include <mach/mig_errors.h>
	37
	38	#include <kern/thread.h>
	39	#include <kern/task.h>
	40	#include <kern/ipc_kobject.h>
	41	#include <kern/ipc_tt.h>
	42
	43	#include <ipc/ipc_port.h>
	44
	45	#include <mach/host_priv.h>
	46	#include <kern/host.h>
	47
	48	#include <mach/exc_server.h>
	49	#include <mach/mach_exc_server.h>
	50
	51	#include <libkern/section_keywords.h>
	52
	53	/*
	54	* Mach kobject port to reflect Mach exceptions into Unix signals.
	55	*
	56	* This is the default Mach exception handler for initproc, which
	57	* then filters to all subprocesses as the host level exception handler for
	58	* most Mach exceptions.
	59	*/
	60
	61	static const void *ux_handler_kobject = NULL;
	62	SECURITY_READ_ONLY_LATE(ipc_port_t) ux_handler_port = IP_NULL;
	63
	64	/*
65	* init is called early in Mach initialization
66	* when we can initialize read-only memory
67	*/
68	void
69	ux_handler_init(void)
70	{
cb323159 A	71	ux_handler_port = ipc_kobject_alloc_port((ipc_kobject_t)&ux_handler_kobject,
cb323159 A	72	IKOT_UX_HANDLER, IPC_KOBJECT_ALLOC_NONE);
d9a64523 A	73	}
	74
	75	/*
	76	* setup is called late in BSD initialization from initproc's context
	77	* so the MAC hook goo inside host_set_exception_ports will be able to
	78	* set up labels without falling over.
	79	*/
	80	void
	81	ux_handler_setup(void)
	82	{
	83	ipc_port_t ux_handler_send_right = ipc_port_make_send(ux_handler_port);
	84
0a7de745	85	if (!IP_VALID(ux_handler_send_right)) {
d9a64523	86	panic("Couldn't allocate send right for ux_handler_port!\n");
0a7de745	87	}
d9a64523 A	88
	89	kern_return_t kr = KERN_SUCCESS;
	90
	91	/*
	92	* Consumes 1 send right.
	93	*
	94	* Instruments uses the RPC_ALERT port, so don't register for that.
	95	*/
	96	kr = host_set_exception_ports(host_priv_self(),
0a7de745 A	97	EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT),
	98	ux_handler_send_right,
	99	EXCEPTION_DEFAULT \| MACH_EXCEPTION_CODES,
	100	0);
d9a64523	101
0a7de745	102	if (kr != KERN_SUCCESS) {
d9a64523	103	panic("host_set_exception_ports failed to set ux_handler! %d", kr);
0a7de745	104	}
d9a64523 A	105	}
	106
	107	/*
	108	* Is this port the ux_handler?
	109	* If so, it's safe to send an exception without checking labels.
	110	*/
	111	boolean_t
	112	is_ux_handler_port(mach_port_t port)
	113	{
0a7de745	114	if (ux_handler_port == port) {
d9a64523	115	return TRUE;
0a7de745	116	} else {
d9a64523	117	return FALSE;
0a7de745	118	}
d9a64523 A	119	}
	120
	121	kern_return_t
	122	catch_mach_exception_raise(
0a7de745 A	123	mach_port_t exception_port,
	124	mach_port_t thread_port,
	125	mach_port_t task_port,
	126	exception_type_t exception,
	127	mach_exception_data_t code,
	128	__unused mach_msg_type_number_t codeCnt)
d9a64523	129	{
0a7de745	130	if (exception_port != ux_handler_port) {
d9a64523	131	return KERN_FAILURE;
0a7de745	132	}
d9a64523 A	133
	134	kern_return_t kr = KERN_SUCCESS;
	135
	136	thread_t target_thread = THREAD_NULL;
	137	task_t target_task = TASK_NULL;
	138
	139	if ((target_thread = convert_port_to_thread(thread_port)) == THREAD_NULL) {
	140	kr = KERN_INVALID_ARGUMENT;
	141	goto out;
	142	}
	143
	144	if ((target_task = convert_port_to_task(task_port)) == TASK_NULL) {
	145	kr = KERN_INVALID_ARGUMENT;
	146	goto out;
	147	}
	148
	149	kr = handle_ux_exception(target_thread, exception, code[0], code[1]);
	150
	151	out:
	152	if (kr == KERN_SUCCESS) {
	153	/*
	154	* Following the MIG 'consume on success' protocol,
	155	* consume references to the port arguments.
	156	* (but NOT the exception_port, as the first argument is borrowed)
	157	*
	158	* If we return non-success, the kobject server will eat the port
	159	* references for us.
	160	*/
	161
	162	ipc_port_release_send(thread_port);
	163	ipc_port_release_send(task_port);
	164	}
	165
	166	thread_deallocate(target_thread);
	167	task_deallocate(target_task);
	168
	169	return kr;
	170	}
	171
	172	kern_return_t
	173	catch_exception_raise(
0a7de745 A	174	mach_port_t exception_port,
	175	mach_port_t thread,
	176	mach_port_t task,
	177	exception_type_t exception,
	178	exception_data_t code,
	179	mach_msg_type_number_t codeCnt)
d9a64523	180	{
0a7de745	181	if (exception_port != ux_handler_port) {
d9a64523	182	return KERN_FAILURE;
0a7de745	183	}
d9a64523 A	184
	185	mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
	186	[0] = code[0],
	187	[1] = code[1],
	188	};
	189
	190	return catch_mach_exception_raise(exception_port,
0a7de745 A	191	thread,
	192	task,
	193	exception,
	194	big_code,
	195	codeCnt);
d9a64523 A	196	}
	197
	198	kern_return_t
	199	catch_exception_raise_state(
0a7de745 A	200	__unused mach_port_t exception_port,
	201	__unused exception_type_t exception,
	202	__unused const exception_data_t code,
	203	__unused mach_msg_type_number_t codeCnt,
	204	__unused int *flavor,
	205	__unused const thread_state_t old_state,
	206	__unused mach_msg_type_number_t old_stateCnt,
	207	__unused thread_state_t new_state,
	208	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	209	{
0a7de745	210	return KERN_INVALID_ARGUMENT;
d9a64523 A	211	}
	212
	213	kern_return_t
	214	catch_mach_exception_raise_state(
0a7de745 A	215	__unused mach_port_t exception_port,
	216	__unused exception_type_t exception,
	217	__unused const mach_exception_data_t code,
	218	__unused mach_msg_type_number_t codeCnt,
	219	__unused int *flavor,
	220	__unused const thread_state_t old_state,
	221	__unused mach_msg_type_number_t old_stateCnt,
	222	__unused thread_state_t new_state,
	223	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	224	{
0a7de745	225	return KERN_INVALID_ARGUMENT;
d9a64523 A	226	}
	227
	228	kern_return_t
	229	catch_exception_raise_state_identity(
0a7de745 A	230	__unused mach_port_t exception_port,
	231	__unused mach_port_t thread,
	232	__unused mach_port_t task,
	233	__unused exception_type_t exception,
	234	__unused exception_data_t code,
	235	__unused mach_msg_type_number_t codeCnt,
	236	__unused int *flavor,
	237	__unused thread_state_t old_state,
	238	__unused mach_msg_type_number_t old_stateCnt,
	239	__unused thread_state_t new_state,
	240	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	241	{
0a7de745	242	return KERN_INVALID_ARGUMENT;
d9a64523 A	243	}
	244
	245	kern_return_t
	246	catch_mach_exception_raise_state_identity(
0a7de745 A	247	__unused mach_port_t exception_port,
	248	__unused mach_port_t thread,
	249	__unused mach_port_t task,
	250	__unused exception_type_t exception,
	251	__unused mach_exception_data_t code,
	252	__unused mach_msg_type_number_t codeCnt,
	253	__unused int *flavor,
	254	__unused thread_state_t old_state,
	255	__unused mach_msg_type_number_t old_stateCnt,
	256	__unused thread_state_t new_state,
	257	__unused mach_msg_type_number_t *new_stateCnt)
d9a64523	258	{
0a7de745	259	return KERN_INVALID_ARGUMENT;
d9a64523	260	}