]>
Commit | Line | Data |
---|---|---|
1c79356b | 1 | /* |
b0d623f7 | 2 | * Copyright (c) 2000-2009 Apple Inc. All rights reserved. |
1c79356b | 3 | * |
2d21ac55 | 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
0a7de745 | 5 | * |
2d21ac55 A |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
0a7de745 | 14 | * |
2d21ac55 A |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
0a7de745 | 17 | * |
2d21ac55 A |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
8f6c56a5 A |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
2d21ac55 A |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
0a7de745 | 25 | * |
2d21ac55 | 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
1c79356b A |
27 | */ |
28 | /* | |
29 | * @OSF_COPYRIGHT@ | |
30 | */ | |
0a7de745 | 31 | /* |
1c79356b A |
32 | * Mach Operating System |
33 | * Copyright (c) 1991,1990,1989,1988 Carnegie Mellon University | |
34 | * All Rights Reserved. | |
0a7de745 | 35 | * |
1c79356b A |
36 | * Permission to use, copy, modify and distribute this software and its |
37 | * documentation is hereby granted, provided that both the copyright | |
38 | * notice and this permission notice appear in all copies of the | |
39 | * software, derivative works or modified versions, and any portions | |
40 | * thereof, and that both notices appear in supporting documentation. | |
0a7de745 | 41 | * |
1c79356b A |
42 | * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" |
43 | * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR | |
44 | * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. | |
0a7de745 | 45 | * |
1c79356b | 46 | * Carnegie Mellon requests users of this software to return to |
0a7de745 | 47 | * |
1c79356b A |
48 | * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU |
49 | * School of Computer Science | |
50 | * Carnegie Mellon University | |
51 | * Pittsburgh PA 15213-3890 | |
0a7de745 | 52 | * |
1c79356b A |
53 | * any improvements or extensions that they make and grant Carnegie Mellon |
54 | * the rights to redistribute these changes. | |
55 | */ | |
56 | /* | |
57 | */ | |
58 | ||
59 | /* | |
60 | * kern/ipc_host.c | |
61 | * | |
62 | * Routines to implement host ports. | |
63 | */ | |
64 | #include <mach/message.h> | |
65 | #include <mach/mach_traps.h> | |
66 | #include <mach/mach_host_server.h> | |
91447636 | 67 | #include <mach/host_priv_server.h> |
1c79356b A |
68 | #include <kern/host.h> |
69 | #include <kern/processor.h> | |
70 | #include <kern/task.h> | |
71 | #include <kern/thread.h> | |
72 | #include <kern/ipc_host.h> | |
73 | #include <kern/ipc_kobject.h> | |
74 | #include <kern/misc_protos.h> | |
75 | #include <kern/spl.h> | |
76 | #include <ipc/ipc_port.h> | |
77 | #include <ipc/ipc_space.h> | |
78 | ||
3e170ce0 A |
79 | #if CONFIG_MACF |
80 | #include <security/mac_mach_internal.h> | |
81 | #endif | |
82 | ||
1c79356b A |
83 | /* |
84 | * Forward declarations | |
85 | */ | |
86 | ||
1c79356b A |
87 | boolean_t |
88 | ref_pset_port_locked( | |
89 | ipc_port_t port, boolean_t matchn, processor_set_t *ppset); | |
90 | ||
91 | /* | |
92 | * ipc_host_init: set up various things. | |
93 | */ | |
94 | ||
0a7de745 A |
95 | extern lck_grp_t host_notify_lock_grp; |
96 | extern lck_attr_t host_notify_lock_attr; | |
b0d623f7 | 97 | |
0a7de745 A |
98 | void |
99 | ipc_host_init(void) | |
1c79356b | 100 | { |
0a7de745 | 101 | ipc_port_t port; |
1c79356b A |
102 | int i; |
103 | ||
b0d623f7 | 104 | lck_mtx_init(&realhost.lock, &host_notify_lock_grp, &host_notify_lock_attr); |
0b4e3aa0 | 105 | |
1c79356b A |
106 | /* |
107 | * Allocate and set up the two host ports. | |
108 | */ | |
cb323159 A |
109 | port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST_SECURITY, |
110 | IPC_KOBJECT_ALLOC_MAKE_SEND); | |
111 | kernel_set_special_port(&realhost, HOST_SECURITY_PORT, port); | |
1c79356b | 112 | |
cb323159 A |
113 | port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST, |
114 | IPC_KOBJECT_ALLOC_MAKE_SEND); | |
115 | kernel_set_special_port(&realhost, HOST_PORT, port); | |
1c79356b | 116 | |
cb323159 A |
117 | port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST_PRIV, |
118 | IPC_KOBJECT_ALLOC_MAKE_SEND); | |
119 | kernel_set_special_port(&realhost, HOST_PRIV_PORT, port); | |
1c79356b | 120 | |
55e303ae | 121 | /* the rest of the special ports will be set up later */ |
1c79356b | 122 | |
b226f5e5 | 123 | bzero(&realhost.exc_actions[0], sizeof(realhost.exc_actions[0])); |
1c79356b | 124 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { |
0a7de745 A |
125 | realhost.exc_actions[i].port = IP_NULL; |
126 | /* The mac framework is not yet initialized, so we defer | |
127 | * initializing the labels to later, when they are set | |
128 | * for the first time. */ | |
129 | realhost.exc_actions[i].label = NULL; | |
130 | /* initialize the entire exception action struct */ | |
131 | realhost.exc_actions[i].behavior = 0; | |
132 | realhost.exc_actions[i].flavor = 0; | |
133 | realhost.exc_actions[i].privileged = FALSE; | |
134 | } /* for */ | |
1c79356b A |
135 | |
136 | /* | |
137 | * Set up ipc for default processor set. | |
138 | */ | |
2d21ac55 A |
139 | ipc_pset_init(&pset0); |
140 | ipc_pset_enable(&pset0); | |
1c79356b A |
141 | |
142 | /* | |
143 | * And for master processor | |
144 | */ | |
145 | ipc_processor_init(master_processor); | |
146 | ipc_processor_enable(master_processor); | |
147 | } | |
148 | ||
149 | /* | |
150 | * Routine: host_self_trap [mach trap] | |
151 | * Purpose: | |
152 | * Give the caller send rights for his own host port. | |
153 | * Conditions: | |
154 | * Nothing locked. | |
155 | * Returns: | |
156 | * MACH_PORT_NULL if there are any resource failures | |
157 | * or other errors. | |
158 | */ | |
159 | ||
160 | mach_port_name_t | |
91447636 A |
161 | host_self_trap( |
162 | __unused struct host_self_trap_args *args) | |
1c79356b | 163 | { |
eee35659 | 164 | task_t self = current_task(); |
1c79356b | 165 | ipc_port_t sright; |
91447636 | 166 | mach_port_name_t name; |
1c79356b | 167 | |
eee35659 A |
168 | itk_lock(self); |
169 | sright = ipc_port_copy_send(self->itk_host); | |
170 | itk_unlock(self); | |
91447636 A |
171 | name = ipc_port_copyout_send(sright, current_space()); |
172 | return name; | |
1c79356b A |
173 | } |
174 | ||
175 | /* | |
176 | * ipc_processor_init: | |
177 | * | |
178 | * Initialize ipc access to processor by allocating port. | |
179 | */ | |
180 | ||
181 | void | |
182 | ipc_processor_init( | |
0a7de745 | 183 | processor_t processor) |
1c79356b | 184 | { |
0a7de745 | 185 | ipc_port_t port; |
1c79356b A |
186 | |
187 | port = ipc_port_alloc_kernel(); | |
0a7de745 | 188 | if (port == IP_NULL) { |
1c79356b | 189 | panic("ipc_processor_init"); |
0a7de745 | 190 | } |
1c79356b A |
191 | processor->processor_self = port; |
192 | } | |
193 | ||
194 | /* | |
195 | * ipc_processor_enable: | |
196 | * | |
197 | * Enable ipc control of processor by setting port object. | |
198 | */ | |
199 | void | |
200 | ipc_processor_enable( | |
0a7de745 | 201 | processor_t processor) |
1c79356b | 202 | { |
0a7de745 | 203 | ipc_port_t myport; |
1c79356b A |
204 | |
205 | myport = processor->processor_self; | |
206 | ipc_kobject_set(myport, (ipc_kobject_t) processor, IKOT_PROCESSOR); | |
207 | } | |
0a7de745 | 208 | |
1c79356b A |
209 | /* |
210 | * ipc_pset_init: | |
211 | * | |
212 | * Initialize ipc control of a processor set by allocating its ports. | |
213 | */ | |
214 | ||
215 | void | |
216 | ipc_pset_init( | |
0a7de745 | 217 | processor_set_t pset) |
1c79356b | 218 | { |
0a7de745 | 219 | ipc_port_t port; |
1c79356b A |
220 | |
221 | port = ipc_port_alloc_kernel(); | |
0a7de745 | 222 | if (port == IP_NULL) { |
1c79356b | 223 | panic("ipc_pset_init"); |
0a7de745 | 224 | } |
1c79356b A |
225 | pset->pset_self = port; |
226 | ||
227 | port = ipc_port_alloc_kernel(); | |
0a7de745 | 228 | if (port == IP_NULL) { |
1c79356b | 229 | panic("ipc_pset_init"); |
0a7de745 | 230 | } |
1c79356b A |
231 | pset->pset_name_self = port; |
232 | } | |
233 | ||
234 | /* | |
235 | * ipc_pset_enable: | |
236 | * | |
237 | * Enable ipc access to a processor set. | |
238 | */ | |
239 | void | |
240 | ipc_pset_enable( | |
0a7de745 | 241 | processor_set_t pset) |
1c79356b | 242 | { |
2d21ac55 A |
243 | ipc_kobject_set(pset->pset_self, (ipc_kobject_t) pset, IKOT_PSET); |
244 | ipc_kobject_set(pset->pset_name_self, (ipc_kobject_t) pset, IKOT_PSET_NAME); | |
1c79356b A |
245 | } |
246 | ||
247 | /* | |
2d21ac55 | 248 | * processor_set_default: |
1c79356b | 249 | * |
2d21ac55 | 250 | * Return ports for manipulating default_processor set. |
1c79356b A |
251 | */ |
252 | kern_return_t | |
253 | processor_set_default( | |
0a7de745 A |
254 | host_t host, |
255 | processor_set_t *pset) | |
1c79356b | 256 | { |
0a7de745 A |
257 | if (host == HOST_NULL) { |
258 | return KERN_INVALID_ARGUMENT; | |
259 | } | |
1c79356b | 260 | |
2d21ac55 A |
261 | *pset = &pset0; |
262 | ||
0a7de745 | 263 | return KERN_SUCCESS; |
1c79356b A |
264 | } |
265 | ||
266 | /* | |
267 | * Routine: convert_port_to_host | |
268 | * Purpose: | |
269 | * Convert from a port to a host. | |
270 | * Doesn't consume the port ref; the host produced may be null. | |
271 | * Conditions: | |
272 | * Nothing locked. | |
273 | */ | |
274 | ||
275 | host_t | |
276 | convert_port_to_host( | |
0a7de745 | 277 | ipc_port_t port) |
1c79356b A |
278 | { |
279 | host_t host = HOST_NULL; | |
280 | ||
281 | if (IP_VALID(port)) { | |
39037602 A |
282 | if (ip_kotype(port) == IKOT_HOST || |
283 | ip_kotype(port) == IKOT_HOST_PRIV) { | |
1c79356b | 284 | host = (host_t) port->ip_kobject; |
cb323159 | 285 | require_ip_active(port); |
39037602 | 286 | } |
1c79356b | 287 | } |
1c79356b A |
288 | return host; |
289 | } | |
290 | ||
291 | /* | |
292 | * Routine: convert_port_to_host_priv | |
293 | * Purpose: | |
294 | * Convert from a port to a host. | |
295 | * Doesn't consume the port ref; the host produced may be null. | |
296 | * Conditions: | |
297 | * Nothing locked. | |
298 | */ | |
299 | ||
300 | host_t | |
301 | convert_port_to_host_priv( | |
0a7de745 | 302 | ipc_port_t port) |
1c79356b A |
303 | { |
304 | host_t host = HOST_NULL; | |
305 | ||
306 | if (IP_VALID(port)) { | |
307 | ip_lock(port); | |
308 | if (ip_active(port) && | |
0a7de745 | 309 | (ip_kotype(port) == IKOT_HOST_PRIV)) { |
1c79356b | 310 | host = (host_t) port->ip_kobject; |
0a7de745 | 311 | } |
1c79356b A |
312 | ip_unlock(port); |
313 | } | |
314 | ||
315 | return host; | |
316 | } | |
317 | ||
318 | /* | |
319 | * Routine: convert_port_to_processor | |
320 | * Purpose: | |
321 | * Convert from a port to a processor. | |
322 | * Doesn't consume the port ref; | |
323 | * the processor produced may be null. | |
324 | * Conditions: | |
325 | * Nothing locked. | |
326 | */ | |
327 | ||
328 | processor_t | |
329 | convert_port_to_processor( | |
0a7de745 | 330 | ipc_port_t port) |
1c79356b A |
331 | { |
332 | processor_t processor = PROCESSOR_NULL; | |
333 | ||
334 | if (IP_VALID(port)) { | |
335 | ip_lock(port); | |
336 | if (ip_active(port) && | |
0a7de745 | 337 | (ip_kotype(port) == IKOT_PROCESSOR)) { |
1c79356b | 338 | processor = (processor_t) port->ip_kobject; |
0a7de745 | 339 | } |
1c79356b A |
340 | ip_unlock(port); |
341 | } | |
342 | ||
343 | return processor; | |
344 | } | |
345 | ||
346 | /* | |
347 | * Routine: convert_port_to_pset | |
348 | * Purpose: | |
349 | * Convert from a port to a pset. | |
350 | * Doesn't consume the port ref; produces a pset ref, | |
351 | * which may be null. | |
352 | * Conditions: | |
353 | * Nothing locked. | |
354 | */ | |
355 | ||
356 | processor_set_t | |
357 | convert_port_to_pset( | |
0a7de745 | 358 | ipc_port_t port) |
1c79356b A |
359 | { |
360 | boolean_t r; | |
361 | processor_set_t pset = PROCESSOR_SET_NULL; | |
362 | ||
363 | r = FALSE; | |
364 | while (!r && IP_VALID(port)) { | |
365 | ip_lock(port); | |
366 | r = ref_pset_port_locked(port, FALSE, &pset); | |
367 | /* port unlocked */ | |
368 | } | |
369 | return pset; | |
370 | } | |
371 | ||
372 | /* | |
373 | * Routine: convert_port_to_pset_name | |
374 | * Purpose: | |
375 | * Convert from a port to a pset. | |
376 | * Doesn't consume the port ref; produces a pset ref, | |
377 | * which may be null. | |
378 | * Conditions: | |
379 | * Nothing locked. | |
380 | */ | |
381 | ||
382 | processor_set_name_t | |
383 | convert_port_to_pset_name( | |
0a7de745 | 384 | ipc_port_t port) |
1c79356b A |
385 | { |
386 | boolean_t r; | |
387 | processor_set_t pset = PROCESSOR_SET_NULL; | |
388 | ||
389 | r = FALSE; | |
390 | while (!r && IP_VALID(port)) { | |
391 | ip_lock(port); | |
392 | r = ref_pset_port_locked(port, TRUE, &pset); | |
393 | /* port unlocked */ | |
394 | } | |
395 | return pset; | |
396 | } | |
397 | ||
398 | boolean_t | |
399 | ref_pset_port_locked(ipc_port_t port, boolean_t matchn, processor_set_t *ppset) | |
400 | { | |
401 | processor_set_t pset; | |
402 | ||
403 | pset = PROCESSOR_SET_NULL; | |
404 | if (ip_active(port) && | |
0a7de745 A |
405 | ((ip_kotype(port) == IKOT_PSET) || |
406 | (matchn && (ip_kotype(port) == IKOT_PSET_NAME)))) { | |
1c79356b | 407 | pset = (processor_set_t) port->ip_kobject; |
1c79356b | 408 | } |
2d21ac55 | 409 | |
1c79356b A |
410 | *ppset = pset; |
411 | ip_unlock(port); | |
2d21ac55 | 412 | |
0a7de745 | 413 | return TRUE; |
1c79356b A |
414 | } |
415 | ||
416 | /* | |
417 | * Routine: convert_host_to_port | |
418 | * Purpose: | |
419 | * Convert from a host to a port. | |
420 | * Produces a naked send right which may be invalid. | |
421 | * Conditions: | |
422 | * Nothing locked. | |
423 | */ | |
424 | ||
425 | ipc_port_t | |
426 | convert_host_to_port( | |
0a7de745 | 427 | host_t host) |
1c79356b A |
428 | { |
429 | ipc_port_t port; | |
430 | ||
55e303ae | 431 | host_get_host_port(host, &port); |
1c79356b A |
432 | return port; |
433 | } | |
434 | ||
435 | /* | |
436 | * Routine: convert_processor_to_port | |
437 | * Purpose: | |
438 | * Convert from a processor to a port. | |
439 | * Produces a naked send right which may be invalid. | |
b0d623f7 | 440 | * Processors are not reference counted, so nothing to release. |
1c79356b A |
441 | * Conditions: |
442 | * Nothing locked. | |
443 | */ | |
444 | ||
445 | ipc_port_t | |
446 | convert_processor_to_port( | |
0a7de745 | 447 | processor_t processor) |
1c79356b | 448 | { |
b0d623f7 | 449 | ipc_port_t port = processor->processor_self; |
1c79356b | 450 | |
0a7de745 | 451 | if (port != IP_NULL) { |
b0d623f7 | 452 | port = ipc_port_make_send(port); |
0a7de745 | 453 | } |
1c79356b A |
454 | return port; |
455 | } | |
456 | ||
457 | /* | |
458 | * Routine: convert_pset_to_port | |
459 | * Purpose: | |
460 | * Convert from a pset to a port. | |
b0d623f7 A |
461 | * Produces a naked send right which may be invalid. |
462 | * Processor sets are not reference counted, so nothing to release. | |
1c79356b A |
463 | * Conditions: |
464 | * Nothing locked. | |
465 | */ | |
466 | ||
467 | ipc_port_t | |
468 | convert_pset_to_port( | |
0a7de745 | 469 | processor_set_t pset) |
1c79356b | 470 | { |
2d21ac55 | 471 | ipc_port_t port = pset->pset_self; |
1c79356b | 472 | |
0a7de745 | 473 | if (port != IP_NULL) { |
2d21ac55 | 474 | port = ipc_port_make_send(port); |
0a7de745 | 475 | } |
1c79356b | 476 | |
1c79356b A |
477 | return port; |
478 | } | |
479 | ||
480 | /* | |
481 | * Routine: convert_pset_name_to_port | |
482 | * Purpose: | |
483 | * Convert from a pset to a port. | |
b0d623f7 A |
484 | * Produces a naked send right which may be invalid. |
485 | * Processor sets are not reference counted, so nothing to release. | |
1c79356b A |
486 | * Conditions: |
487 | * Nothing locked. | |
488 | */ | |
489 | ||
490 | ipc_port_t | |
491 | convert_pset_name_to_port( | |
0a7de745 | 492 | processor_set_name_t pset) |
1c79356b | 493 | { |
2d21ac55 | 494 | ipc_port_t port = pset->pset_name_self; |
1c79356b | 495 | |
0a7de745 | 496 | if (port != IP_NULL) { |
2d21ac55 | 497 | port = ipc_port_make_send(port); |
0a7de745 | 498 | } |
1c79356b | 499 | |
1c79356b A |
500 | return port; |
501 | } | |
502 | ||
503 | /* | |
504 | * Routine: convert_port_to_host_security | |
505 | * Purpose: | |
506 | * Convert from a port to a host security. | |
507 | * Doesn't consume the port ref; the port produced may be null. | |
508 | * Conditions: | |
509 | * Nothing locked. | |
510 | */ | |
511 | ||
512 | host_t | |
513 | convert_port_to_host_security( | |
514 | ipc_port_t port) | |
515 | { | |
516 | host_t host = HOST_NULL; | |
517 | ||
518 | if (IP_VALID(port)) { | |
519 | ip_lock(port); | |
520 | if (ip_active(port) && | |
0a7de745 | 521 | (ip_kotype(port) == IKOT_HOST_SECURITY)) { |
1c79356b | 522 | host = (host_t) port->ip_kobject; |
0a7de745 | 523 | } |
1c79356b A |
524 | ip_unlock(port); |
525 | } | |
526 | ||
527 | return host; | |
528 | } | |
529 | ||
530 | /* | |
531 | * Routine: host_set_exception_ports [kernel call] | |
532 | * Purpose: | |
533 | * Sets the host exception port, flavor and | |
534 | * behavior for the exception types specified by the mask. | |
535 | * There will be one send right per exception per valid | |
536 | * port. | |
537 | * Conditions: | |
538 | * Nothing locked. If successful, consumes | |
539 | * the supplied send right. | |
540 | * Returns: | |
541 | * KERN_SUCCESS Changed the special port. | |
542 | * KERN_INVALID_ARGUMENT The host_priv is not valid, | |
543 | * Illegal mask bit set. | |
544 | * Illegal exception behavior | |
545 | */ | |
546 | kern_return_t | |
547 | host_set_exception_ports( | |
0a7de745 A |
548 | host_priv_t host_priv, |
549 | exception_mask_t exception_mask, | |
550 | ipc_port_t new_port, | |
551 | exception_behavior_t new_behavior, | |
552 | thread_state_flavor_t new_flavor) | |
1c79356b | 553 | { |
0a7de745 A |
554 | int i; |
555 | ipc_port_t old_port[EXC_TYPES_COUNT]; | |
1c79356b | 556 | |
5ba3f43e A |
557 | #if CONFIG_MACF |
558 | struct label *deferred_labels[EXC_TYPES_COUNT]; | |
559 | struct label *new_label; | |
0a7de745 | 560 | #endif |
5ba3f43e | 561 | |
1c79356b A |
562 | if (host_priv == HOST_PRIV_NULL) { |
563 | return KERN_INVALID_ARGUMENT; | |
564 | } | |
565 | ||
b0d623f7 | 566 | if (exception_mask & ~EXC_MASK_VALID) { |
1c79356b A |
567 | return KERN_INVALID_ARGUMENT; |
568 | } | |
569 | ||
570 | if (IP_VALID(new_port)) { | |
cb323159 | 571 | switch (new_behavior & ~MACH_EXCEPTION_MASK) { |
1c79356b A |
572 | case EXCEPTION_DEFAULT: |
573 | case EXCEPTION_STATE: | |
574 | case EXCEPTION_STATE_IDENTITY: | |
575 | break; | |
576 | default: | |
577 | return KERN_INVALID_ARGUMENT; | |
578 | } | |
579 | } | |
fe8ab488 A |
580 | |
581 | /* | |
582 | * Check the validity of the thread_state_flavor by calling the | |
583 | * VALID_THREAD_STATE_FLAVOR architecture dependent macro defined in | |
584 | * osfmk/mach/ARCHITECTURE/thread_status.h | |
1c79356b | 585 | */ |
0a7de745 A |
586 | if (new_flavor != 0 && !VALID_THREAD_STATE_FLAVOR(new_flavor)) { |
587 | return KERN_INVALID_ARGUMENT; | |
588 | } | |
fe8ab488 | 589 | |
3e170ce0 | 590 | #if CONFIG_MACF |
0a7de745 | 591 | if (mac_task_check_set_host_exception_ports(current_task(), exception_mask) != 0) { |
3e170ce0 | 592 | return KERN_NO_ACCESS; |
0a7de745 | 593 | } |
5ba3f43e A |
594 | |
595 | new_label = mac_exc_create_label_for_current_proc(); | |
596 | ||
597 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { | |
598 | if (host_priv->exc_actions[i].label == NULL) { | |
599 | deferred_labels[i] = mac_exc_create_label(); | |
600 | } else { | |
601 | deferred_labels[i] = NULL; | |
602 | } | |
603 | } | |
3e170ce0 A |
604 | #endif |
605 | ||
606 | assert(host_priv == &realhost); | |
607 | ||
1c79356b A |
608 | host_lock(host_priv); |
609 | ||
610 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { | |
39037602 A |
611 | #if CONFIG_MACF |
612 | if (host_priv->exc_actions[i].label == NULL) { | |
613 | // Lazy initialization (see ipc_port_init). | |
5ba3f43e A |
614 | mac_exc_associate_action_label(&host_priv->exc_actions[i], deferred_labels[i]); |
615 | deferred_labels[i] = NULL; // Label is used, do not free. | |
39037602 A |
616 | } |
617 | #endif | |
618 | ||
619 | if ((exception_mask & (1 << i)) | |
620 | #if CONFIG_MACF | |
0a7de745 | 621 | && mac_exc_update_action_label(&host_priv->exc_actions[i], new_label) == 0 |
39037602 | 622 | #endif |
0a7de745 | 623 | ) { |
1c79356b | 624 | old_port[i] = host_priv->exc_actions[i].port; |
39037602 | 625 | |
1c79356b | 626 | host_priv->exc_actions[i].port = |
0a7de745 | 627 | ipc_port_copy_send(new_port); |
1c79356b A |
628 | host_priv->exc_actions[i].behavior = new_behavior; |
629 | host_priv->exc_actions[i].flavor = new_flavor; | |
39037602 | 630 | } else { |
1c79356b | 631 | old_port[i] = IP_NULL; |
39037602 | 632 | } |
1c79356b A |
633 | }/* for */ |
634 | ||
635 | /* | |
636 | * Consume send rights without any lock held. | |
637 | */ | |
638 | host_unlock(host_priv); | |
5ba3f43e A |
639 | |
640 | #if CONFIG_MACF | |
641 | mac_exc_free_label(new_label); | |
642 | #endif | |
0a7de745 | 643 | |
5ba3f43e | 644 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { |
0a7de745 | 645 | if (IP_VALID(old_port[i])) { |
1c79356b | 646 | ipc_port_release_send(old_port[i]); |
0a7de745 | 647 | } |
5ba3f43e A |
648 | #if CONFIG_MACF |
649 | if (deferred_labels[i] != NULL) { | |
650 | /* Deferred label went unused: Another thread has completed the lazy initialization. */ | |
651 | mac_exc_free_label(deferred_labels[i]); | |
652 | } | |
653 | #endif | |
654 | } | |
0a7de745 | 655 | if (IP_VALID(new_port)) { /* consume send right */ |
1c79356b | 656 | ipc_port_release_send(new_port); |
0a7de745 | 657 | } |
1c79356b | 658 | |
0a7de745 | 659 | return KERN_SUCCESS; |
1c79356b A |
660 | } |
661 | ||
662 | /* | |
663 | * Routine: host_get_exception_ports [kernel call] | |
664 | * Purpose: | |
665 | * Clones a send right for each of the host's exception | |
666 | * ports specified in the mask and returns the behaviour | |
667 | * and flavor of said port. | |
668 | * | |
669 | * Returns upto [in} CountCnt elements. | |
670 | * | |
671 | * Conditions: | |
672 | * Nothing locked. | |
673 | * Returns: | |
674 | * KERN_SUCCESS Extracted a send right. | |
675 | * KERN_INVALID_ARGUMENT Invalid host_priv specified, | |
676 | * Invalid special port, | |
677 | * Illegal mask bit set. | |
678 | * KERN_FAILURE The thread is dead. | |
679 | */ | |
680 | kern_return_t | |
681 | host_get_exception_ports( | |
0a7de745 | 682 | host_priv_t host_priv, |
1c79356b | 683 | exception_mask_t exception_mask, |
0a7de745 A |
684 | exception_mask_array_t masks, |
685 | mach_msg_type_number_t * CountCnt, | |
686 | exception_port_array_t ports, | |
1c79356b | 687 | exception_behavior_array_t behaviors, |
0a7de745 | 688 | thread_state_flavor_array_t flavors ) |
1c79356b | 689 | { |
0a7de745 | 690 | unsigned int i, j, count; |
1c79356b | 691 | |
0a7de745 | 692 | if (host_priv == HOST_PRIV_NULL) { |
1c79356b | 693 | return KERN_INVALID_ARGUMENT; |
0a7de745 | 694 | } |
1c79356b | 695 | |
b0d623f7 | 696 | if (exception_mask & ~EXC_MASK_VALID) { |
1c79356b A |
697 | return KERN_INVALID_ARGUMENT; |
698 | } | |
699 | ||
0a7de745 | 700 | assert(host_priv == &realhost); |
1c79356b A |
701 | |
702 | host_lock(host_priv); | |
703 | ||
704 | count = 0; | |
705 | ||
706 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { | |
707 | if (exception_mask & (1 << i)) { | |
708 | for (j = 0; j < count; j++) { | |
709 | /* | |
710 | * search for an identical entry, if found | |
711 | * set corresponding mask for this exception. | |
712 | */ | |
713 | if (host_priv->exc_actions[i].port == ports[j] && | |
0a7de745 A |
714 | host_priv->exc_actions[i].behavior == behaviors[j] |
715 | && host_priv->exc_actions[i].flavor == flavors[j]) { | |
1c79356b A |
716 | masks[j] |= (1 << i); |
717 | break; | |
718 | } | |
719 | }/* for */ | |
720 | if (j == count) { | |
721 | masks[j] = (1 << i); | |
722 | ports[j] = | |
0a7de745 | 723 | ipc_port_copy_send(host_priv->exc_actions[i].port); |
1c79356b A |
724 | behaviors[j] = host_priv->exc_actions[i].behavior; |
725 | flavors[j] = host_priv->exc_actions[i].flavor; | |
726 | count++; | |
727 | if (count > *CountCnt) { | |
728 | break; | |
729 | } | |
730 | } | |
731 | } | |
732 | }/* for */ | |
733 | host_unlock(host_priv); | |
734 | ||
735 | *CountCnt = count; | |
736 | return KERN_SUCCESS; | |
737 | } | |
738 | ||
739 | kern_return_t | |
740 | host_swap_exception_ports( | |
0a7de745 A |
741 | host_priv_t host_priv, |
742 | exception_mask_t exception_mask, | |
743 | ipc_port_t new_port, | |
744 | exception_behavior_t new_behavior, | |
745 | thread_state_flavor_t new_flavor, | |
746 | exception_mask_array_t masks, | |
747 | mach_msg_type_number_t * CountCnt, | |
748 | exception_port_array_t ports, | |
1c79356b | 749 | exception_behavior_array_t behaviors, |
0a7de745 | 750 | thread_state_flavor_array_t flavors ) |
1c79356b | 751 | { |
0a7de745 A |
752 | unsigned int i, |
753 | j, | |
754 | count; | |
755 | ipc_port_t old_port[EXC_TYPES_COUNT]; | |
1c79356b | 756 | |
5ba3f43e A |
757 | #if CONFIG_MACF |
758 | struct label *deferred_labels[EXC_TYPES_COUNT]; | |
759 | struct label *new_label; | |
0a7de745 | 760 | #endif |
5ba3f43e | 761 | |
0a7de745 | 762 | if (host_priv == HOST_PRIV_NULL) { |
1c79356b | 763 | return KERN_INVALID_ARGUMENT; |
0a7de745 | 764 | } |
1c79356b | 765 | |
b0d623f7 | 766 | if (exception_mask & ~EXC_MASK_VALID) { |
1c79356b A |
767 | return KERN_INVALID_ARGUMENT; |
768 | } | |
769 | ||
770 | if (IP_VALID(new_port)) { | |
771 | switch (new_behavior) { | |
772 | case EXCEPTION_DEFAULT: | |
773 | case EXCEPTION_STATE: | |
774 | case EXCEPTION_STATE_IDENTITY: | |
775 | break; | |
776 | default: | |
777 | return KERN_INVALID_ARGUMENT; | |
778 | } | |
779 | } | |
39236c6e | 780 | |
0a7de745 A |
781 | if (new_flavor != 0 && !VALID_THREAD_STATE_FLAVOR(new_flavor)) { |
782 | return KERN_INVALID_ARGUMENT; | |
783 | } | |
1c79356b | 784 | |
3e170ce0 | 785 | #if CONFIG_MACF |
0a7de745 | 786 | if (mac_task_check_set_host_exception_ports(current_task(), exception_mask) != 0) { |
3e170ce0 | 787 | return KERN_NO_ACCESS; |
0a7de745 | 788 | } |
5ba3f43e A |
789 | |
790 | new_label = mac_exc_create_label_for_current_proc(); | |
0a7de745 | 791 | |
5ba3f43e A |
792 | for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) { |
793 | if (host_priv->exc_actions[i].label == NULL) { | |
794 | deferred_labels[i] = mac_exc_create_label(); | |
795 | } else { | |
796 | deferred_labels[i] = NULL; | |
797 | } | |
798 | } | |
3e170ce0 A |
799 | #endif /* CONFIG_MACF */ |
800 | ||
1c79356b A |
801 | host_lock(host_priv); |
802 | ||
39236c6e | 803 | assert(EXC_TYPES_COUNT > FIRST_EXCEPTION); |
0a7de745 | 804 | for (count = 0, i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT && count < *CountCnt; i++) { |
39037602 A |
805 | #if CONFIG_MACF |
806 | if (host_priv->exc_actions[i].label == NULL) { | |
807 | // Lazy initialization (see ipc_port_init). | |
5ba3f43e A |
808 | mac_exc_associate_action_label(&host_priv->exc_actions[i], deferred_labels[i]); |
809 | deferred_labels[i] = NULL; // Label is used, do not free. | |
39037602 A |
810 | } |
811 | #endif | |
812 | ||
813 | if ((exception_mask & (1 << i)) | |
814 | #if CONFIG_MACF | |
0a7de745 | 815 | && mac_exc_update_action_label(&host_priv->exc_actions[i], new_label) == 0 |
39037602 | 816 | #endif |
0a7de745 | 817 | ) { |
1c79356b A |
818 | for (j = 0; j < count; j++) { |
819 | /* | |
820 | * search for an identical entry, if found | |
821 | * set corresponding mask for this exception. | |
822 | */ | |
823 | if (host_priv->exc_actions[i].port == ports[j] && | |
0a7de745 A |
824 | host_priv->exc_actions[i].behavior == behaviors[j] |
825 | && host_priv->exc_actions[i].flavor == flavors[j]) { | |
1c79356b A |
826 | masks[j] |= (1 << i); |
827 | break; | |
828 | } | |
829 | }/* for */ | |
830 | if (j == count) { | |
831 | masks[j] = (1 << i); | |
832 | ports[j] = | |
0a7de745 | 833 | ipc_port_copy_send(host_priv->exc_actions[i].port); |
1c79356b A |
834 | behaviors[j] = host_priv->exc_actions[i].behavior; |
835 | flavors[j] = host_priv->exc_actions[i].flavor; | |
836 | count++; | |
837 | } | |
838 | old_port[i] = host_priv->exc_actions[i].port; | |
839 | host_priv->exc_actions[i].port = | |
0a7de745 | 840 | ipc_port_copy_send(new_port); |
1c79356b A |
841 | host_priv->exc_actions[i].behavior = new_behavior; |
842 | host_priv->exc_actions[i].flavor = new_flavor; | |
5ba3f43e | 843 | } else { |
1c79356b | 844 | old_port[i] = IP_NULL; |
5ba3f43e | 845 | } |
1c79356b A |
846 | }/* for */ |
847 | host_unlock(host_priv); | |
848 | ||
5ba3f43e A |
849 | #if CONFIG_MACF |
850 | mac_exc_free_label(new_label); | |
851 | #endif | |
0a7de745 | 852 | |
1c79356b A |
853 | /* |
854 | * Consume send rights without any lock held. | |
855 | */ | |
39236c6e | 856 | while (--i >= FIRST_EXCEPTION) { |
0a7de745 | 857 | if (IP_VALID(old_port[i])) { |
1c79356b | 858 | ipc_port_release_send(old_port[i]); |
0a7de745 | 859 | } |
5ba3f43e A |
860 | #if CONFIG_MACF |
861 | if (deferred_labels[i] != NULL) { | |
862 | mac_exc_free_label(deferred_labels[i]); // Label unused. | |
863 | } | |
864 | #endif | |
39236c6e A |
865 | } |
866 | ||
0a7de745 | 867 | if (IP_VALID(new_port)) { /* consume send right */ |
1c79356b | 868 | ipc_port_release_send(new_port); |
0a7de745 | 869 | } |
1c79356b A |
870 | *CountCnt = count; |
871 | ||
872 | return KERN_SUCCESS; | |
873 | } |