]> git.saurik.com Git - apple/xnu.git/blame - osfmk/kern/ipc_host.c
xnu-6153.11.26.tar.gz
[apple/xnu.git] / osfmk / kern / ipc_host.c
CommitLineData
1c79356b 1/*
b0d623f7 2 * Copyright (c) 2000-2009 Apple Inc. All rights reserved.
1c79356b 3 *
2d21ac55 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
0a7de745 5 *
2d21ac55
A
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
0a7de745 14 *
2d21ac55
A
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
0a7de745 17 *
2d21ac55
A
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5
A
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55
A
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
0a7de745 25 *
2d21ac55 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b
A
27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
0a7de745 31/*
1c79356b
A
32 * Mach Operating System
33 * Copyright (c) 1991,1990,1989,1988 Carnegie Mellon University
34 * All Rights Reserved.
0a7de745 35 *
1c79356b
A
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
0a7de745 41 *
1c79356b
A
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
0a7de745 45 *
1c79356b 46 * Carnegie Mellon requests users of this software to return to
0a7de745 47 *
1c79356b
A
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
0a7de745 52 *
1c79356b
A
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56/*
57 */
58
59/*
60 * kern/ipc_host.c
61 *
62 * Routines to implement host ports.
63 */
64#include <mach/message.h>
65#include <mach/mach_traps.h>
66#include <mach/mach_host_server.h>
91447636 67#include <mach/host_priv_server.h>
1c79356b
A
68#include <kern/host.h>
69#include <kern/processor.h>
70#include <kern/task.h>
71#include <kern/thread.h>
72#include <kern/ipc_host.h>
73#include <kern/ipc_kobject.h>
74#include <kern/misc_protos.h>
75#include <kern/spl.h>
76#include <ipc/ipc_port.h>
77#include <ipc/ipc_space.h>
78
3e170ce0
A
79#if CONFIG_MACF
80#include <security/mac_mach_internal.h>
81#endif
82
1c79356b
A
83/*
84 * Forward declarations
85 */
86
1c79356b
A
87boolean_t
88ref_pset_port_locked(
89 ipc_port_t port, boolean_t matchn, processor_set_t *ppset);
90
91/*
92 * ipc_host_init: set up various things.
93 */
94
0a7de745
A
95extern lck_grp_t host_notify_lock_grp;
96extern lck_attr_t host_notify_lock_attr;
b0d623f7 97
0a7de745
A
98void
99ipc_host_init(void)
1c79356b 100{
0a7de745 101 ipc_port_t port;
1c79356b
A
102 int i;
103
b0d623f7 104 lck_mtx_init(&realhost.lock, &host_notify_lock_grp, &host_notify_lock_attr);
0b4e3aa0 105
1c79356b
A
106 /*
107 * Allocate and set up the two host ports.
108 */
cb323159
A
109 port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST_SECURITY,
110 IPC_KOBJECT_ALLOC_MAKE_SEND);
111 kernel_set_special_port(&realhost, HOST_SECURITY_PORT, port);
1c79356b 112
cb323159
A
113 port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST,
114 IPC_KOBJECT_ALLOC_MAKE_SEND);
115 kernel_set_special_port(&realhost, HOST_PORT, port);
1c79356b 116
cb323159
A
117 port = ipc_kobject_alloc_port((ipc_kobject_t) &realhost, IKOT_HOST_PRIV,
118 IPC_KOBJECT_ALLOC_MAKE_SEND);
119 kernel_set_special_port(&realhost, HOST_PRIV_PORT, port);
1c79356b 120
55e303ae 121 /* the rest of the special ports will be set up later */
1c79356b 122
b226f5e5 123 bzero(&realhost.exc_actions[0], sizeof(realhost.exc_actions[0]));
1c79356b 124 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
0a7de745
A
125 realhost.exc_actions[i].port = IP_NULL;
126 /* The mac framework is not yet initialized, so we defer
127 * initializing the labels to later, when they are set
128 * for the first time. */
129 realhost.exc_actions[i].label = NULL;
130 /* initialize the entire exception action struct */
131 realhost.exc_actions[i].behavior = 0;
132 realhost.exc_actions[i].flavor = 0;
133 realhost.exc_actions[i].privileged = FALSE;
134 } /* for */
1c79356b
A
135
136 /*
137 * Set up ipc for default processor set.
138 */
2d21ac55
A
139 ipc_pset_init(&pset0);
140 ipc_pset_enable(&pset0);
1c79356b
A
141
142 /*
143 * And for master processor
144 */
145 ipc_processor_init(master_processor);
146 ipc_processor_enable(master_processor);
147}
148
149/*
150 * Routine: host_self_trap [mach trap]
151 * Purpose:
152 * Give the caller send rights for his own host port.
153 * Conditions:
154 * Nothing locked.
155 * Returns:
156 * MACH_PORT_NULL if there are any resource failures
157 * or other errors.
158 */
159
160mach_port_name_t
91447636
A
161host_self_trap(
162 __unused struct host_self_trap_args *args)
1c79356b 163{
eee35659 164 task_t self = current_task();
1c79356b 165 ipc_port_t sright;
91447636 166 mach_port_name_t name;
1c79356b 167
eee35659
A
168 itk_lock(self);
169 sright = ipc_port_copy_send(self->itk_host);
170 itk_unlock(self);
91447636
A
171 name = ipc_port_copyout_send(sright, current_space());
172 return name;
1c79356b
A
173}
174
175/*
176 * ipc_processor_init:
177 *
178 * Initialize ipc access to processor by allocating port.
179 */
180
181void
182ipc_processor_init(
0a7de745 183 processor_t processor)
1c79356b 184{
0a7de745 185 ipc_port_t port;
1c79356b
A
186
187 port = ipc_port_alloc_kernel();
0a7de745 188 if (port == IP_NULL) {
1c79356b 189 panic("ipc_processor_init");
0a7de745 190 }
1c79356b
A
191 processor->processor_self = port;
192}
193
194/*
195 * ipc_processor_enable:
196 *
197 * Enable ipc control of processor by setting port object.
198 */
199void
200ipc_processor_enable(
0a7de745 201 processor_t processor)
1c79356b 202{
0a7de745 203 ipc_port_t myport;
1c79356b
A
204
205 myport = processor->processor_self;
206 ipc_kobject_set(myport, (ipc_kobject_t) processor, IKOT_PROCESSOR);
207}
0a7de745 208
1c79356b
A
209/*
210 * ipc_pset_init:
211 *
212 * Initialize ipc control of a processor set by allocating its ports.
213 */
214
215void
216ipc_pset_init(
0a7de745 217 processor_set_t pset)
1c79356b 218{
0a7de745 219 ipc_port_t port;
1c79356b
A
220
221 port = ipc_port_alloc_kernel();
0a7de745 222 if (port == IP_NULL) {
1c79356b 223 panic("ipc_pset_init");
0a7de745 224 }
1c79356b
A
225 pset->pset_self = port;
226
227 port = ipc_port_alloc_kernel();
0a7de745 228 if (port == IP_NULL) {
1c79356b 229 panic("ipc_pset_init");
0a7de745 230 }
1c79356b
A
231 pset->pset_name_self = port;
232}
233
234/*
235 * ipc_pset_enable:
236 *
237 * Enable ipc access to a processor set.
238 */
239void
240ipc_pset_enable(
0a7de745 241 processor_set_t pset)
1c79356b 242{
2d21ac55
A
243 ipc_kobject_set(pset->pset_self, (ipc_kobject_t) pset, IKOT_PSET);
244 ipc_kobject_set(pset->pset_name_self, (ipc_kobject_t) pset, IKOT_PSET_NAME);
1c79356b
A
245}
246
247/*
2d21ac55 248 * processor_set_default:
1c79356b 249 *
2d21ac55 250 * Return ports for manipulating default_processor set.
1c79356b
A
251 */
252kern_return_t
253processor_set_default(
0a7de745
A
254 host_t host,
255 processor_set_t *pset)
1c79356b 256{
0a7de745
A
257 if (host == HOST_NULL) {
258 return KERN_INVALID_ARGUMENT;
259 }
1c79356b 260
2d21ac55
A
261 *pset = &pset0;
262
0a7de745 263 return KERN_SUCCESS;
1c79356b
A
264}
265
266/*
267 * Routine: convert_port_to_host
268 * Purpose:
269 * Convert from a port to a host.
270 * Doesn't consume the port ref; the host produced may be null.
271 * Conditions:
272 * Nothing locked.
273 */
274
275host_t
276convert_port_to_host(
0a7de745 277 ipc_port_t port)
1c79356b
A
278{
279 host_t host = HOST_NULL;
280
281 if (IP_VALID(port)) {
39037602
A
282 if (ip_kotype(port) == IKOT_HOST ||
283 ip_kotype(port) == IKOT_HOST_PRIV) {
1c79356b 284 host = (host_t) port->ip_kobject;
cb323159 285 require_ip_active(port);
39037602 286 }
1c79356b 287 }
1c79356b
A
288 return host;
289}
290
291/*
292 * Routine: convert_port_to_host_priv
293 * Purpose:
294 * Convert from a port to a host.
295 * Doesn't consume the port ref; the host produced may be null.
296 * Conditions:
297 * Nothing locked.
298 */
299
300host_t
301convert_port_to_host_priv(
0a7de745 302 ipc_port_t port)
1c79356b
A
303{
304 host_t host = HOST_NULL;
305
306 if (IP_VALID(port)) {
307 ip_lock(port);
308 if (ip_active(port) &&
0a7de745 309 (ip_kotype(port) == IKOT_HOST_PRIV)) {
1c79356b 310 host = (host_t) port->ip_kobject;
0a7de745 311 }
1c79356b
A
312 ip_unlock(port);
313 }
314
315 return host;
316}
317
318/*
319 * Routine: convert_port_to_processor
320 * Purpose:
321 * Convert from a port to a processor.
322 * Doesn't consume the port ref;
323 * the processor produced may be null.
324 * Conditions:
325 * Nothing locked.
326 */
327
328processor_t
329convert_port_to_processor(
0a7de745 330 ipc_port_t port)
1c79356b
A
331{
332 processor_t processor = PROCESSOR_NULL;
333
334 if (IP_VALID(port)) {
335 ip_lock(port);
336 if (ip_active(port) &&
0a7de745 337 (ip_kotype(port) == IKOT_PROCESSOR)) {
1c79356b 338 processor = (processor_t) port->ip_kobject;
0a7de745 339 }
1c79356b
A
340 ip_unlock(port);
341 }
342
343 return processor;
344}
345
346/*
347 * Routine: convert_port_to_pset
348 * Purpose:
349 * Convert from a port to a pset.
350 * Doesn't consume the port ref; produces a pset ref,
351 * which may be null.
352 * Conditions:
353 * Nothing locked.
354 */
355
356processor_set_t
357convert_port_to_pset(
0a7de745 358 ipc_port_t port)
1c79356b
A
359{
360 boolean_t r;
361 processor_set_t pset = PROCESSOR_SET_NULL;
362
363 r = FALSE;
364 while (!r && IP_VALID(port)) {
365 ip_lock(port);
366 r = ref_pset_port_locked(port, FALSE, &pset);
367 /* port unlocked */
368 }
369 return pset;
370}
371
372/*
373 * Routine: convert_port_to_pset_name
374 * Purpose:
375 * Convert from a port to a pset.
376 * Doesn't consume the port ref; produces a pset ref,
377 * which may be null.
378 * Conditions:
379 * Nothing locked.
380 */
381
382processor_set_name_t
383convert_port_to_pset_name(
0a7de745 384 ipc_port_t port)
1c79356b
A
385{
386 boolean_t r;
387 processor_set_t pset = PROCESSOR_SET_NULL;
388
389 r = FALSE;
390 while (!r && IP_VALID(port)) {
391 ip_lock(port);
392 r = ref_pset_port_locked(port, TRUE, &pset);
393 /* port unlocked */
394 }
395 return pset;
396}
397
398boolean_t
399ref_pset_port_locked(ipc_port_t port, boolean_t matchn, processor_set_t *ppset)
400{
401 processor_set_t pset;
402
403 pset = PROCESSOR_SET_NULL;
404 if (ip_active(port) &&
0a7de745
A
405 ((ip_kotype(port) == IKOT_PSET) ||
406 (matchn && (ip_kotype(port) == IKOT_PSET_NAME)))) {
1c79356b 407 pset = (processor_set_t) port->ip_kobject;
1c79356b 408 }
2d21ac55 409
1c79356b
A
410 *ppset = pset;
411 ip_unlock(port);
2d21ac55 412
0a7de745 413 return TRUE;
1c79356b
A
414}
415
416/*
417 * Routine: convert_host_to_port
418 * Purpose:
419 * Convert from a host to a port.
420 * Produces a naked send right which may be invalid.
421 * Conditions:
422 * Nothing locked.
423 */
424
425ipc_port_t
426convert_host_to_port(
0a7de745 427 host_t host)
1c79356b
A
428{
429 ipc_port_t port;
430
55e303ae 431 host_get_host_port(host, &port);
1c79356b
A
432 return port;
433}
434
435/*
436 * Routine: convert_processor_to_port
437 * Purpose:
438 * Convert from a processor to a port.
439 * Produces a naked send right which may be invalid.
b0d623f7 440 * Processors are not reference counted, so nothing to release.
1c79356b
A
441 * Conditions:
442 * Nothing locked.
443 */
444
445ipc_port_t
446convert_processor_to_port(
0a7de745 447 processor_t processor)
1c79356b 448{
b0d623f7 449 ipc_port_t port = processor->processor_self;
1c79356b 450
0a7de745 451 if (port != IP_NULL) {
b0d623f7 452 port = ipc_port_make_send(port);
0a7de745 453 }
1c79356b
A
454 return port;
455}
456
457/*
458 * Routine: convert_pset_to_port
459 * Purpose:
460 * Convert from a pset to a port.
b0d623f7
A
461 * Produces a naked send right which may be invalid.
462 * Processor sets are not reference counted, so nothing to release.
1c79356b
A
463 * Conditions:
464 * Nothing locked.
465 */
466
467ipc_port_t
468convert_pset_to_port(
0a7de745 469 processor_set_t pset)
1c79356b 470{
2d21ac55 471 ipc_port_t port = pset->pset_self;
1c79356b 472
0a7de745 473 if (port != IP_NULL) {
2d21ac55 474 port = ipc_port_make_send(port);
0a7de745 475 }
1c79356b 476
1c79356b
A
477 return port;
478}
479
480/*
481 * Routine: convert_pset_name_to_port
482 * Purpose:
483 * Convert from a pset to a port.
b0d623f7
A
484 * Produces a naked send right which may be invalid.
485 * Processor sets are not reference counted, so nothing to release.
1c79356b
A
486 * Conditions:
487 * Nothing locked.
488 */
489
490ipc_port_t
491convert_pset_name_to_port(
0a7de745 492 processor_set_name_t pset)
1c79356b 493{
2d21ac55 494 ipc_port_t port = pset->pset_name_self;
1c79356b 495
0a7de745 496 if (port != IP_NULL) {
2d21ac55 497 port = ipc_port_make_send(port);
0a7de745 498 }
1c79356b 499
1c79356b
A
500 return port;
501}
502
503/*
504 * Routine: convert_port_to_host_security
505 * Purpose:
506 * Convert from a port to a host security.
507 * Doesn't consume the port ref; the port produced may be null.
508 * Conditions:
509 * Nothing locked.
510 */
511
512host_t
513convert_port_to_host_security(
514 ipc_port_t port)
515{
516 host_t host = HOST_NULL;
517
518 if (IP_VALID(port)) {
519 ip_lock(port);
520 if (ip_active(port) &&
0a7de745 521 (ip_kotype(port) == IKOT_HOST_SECURITY)) {
1c79356b 522 host = (host_t) port->ip_kobject;
0a7de745 523 }
1c79356b
A
524 ip_unlock(port);
525 }
526
527 return host;
528}
529
530/*
531 * Routine: host_set_exception_ports [kernel call]
532 * Purpose:
533 * Sets the host exception port, flavor and
534 * behavior for the exception types specified by the mask.
535 * There will be one send right per exception per valid
536 * port.
537 * Conditions:
538 * Nothing locked. If successful, consumes
539 * the supplied send right.
540 * Returns:
541 * KERN_SUCCESS Changed the special port.
542 * KERN_INVALID_ARGUMENT The host_priv is not valid,
543 * Illegal mask bit set.
544 * Illegal exception behavior
545 */
546kern_return_t
547host_set_exception_ports(
0a7de745
A
548 host_priv_t host_priv,
549 exception_mask_t exception_mask,
550 ipc_port_t new_port,
551 exception_behavior_t new_behavior,
552 thread_state_flavor_t new_flavor)
1c79356b 553{
0a7de745
A
554 int i;
555 ipc_port_t old_port[EXC_TYPES_COUNT];
1c79356b 556
5ba3f43e
A
557#if CONFIG_MACF
558 struct label *deferred_labels[EXC_TYPES_COUNT];
559 struct label *new_label;
0a7de745 560#endif
5ba3f43e 561
1c79356b
A
562 if (host_priv == HOST_PRIV_NULL) {
563 return KERN_INVALID_ARGUMENT;
564 }
565
b0d623f7 566 if (exception_mask & ~EXC_MASK_VALID) {
1c79356b
A
567 return KERN_INVALID_ARGUMENT;
568 }
569
570 if (IP_VALID(new_port)) {
cb323159 571 switch (new_behavior & ~MACH_EXCEPTION_MASK) {
1c79356b
A
572 case EXCEPTION_DEFAULT:
573 case EXCEPTION_STATE:
574 case EXCEPTION_STATE_IDENTITY:
575 break;
576 default:
577 return KERN_INVALID_ARGUMENT;
578 }
579 }
fe8ab488
A
580
581 /*
582 * Check the validity of the thread_state_flavor by calling the
583 * VALID_THREAD_STATE_FLAVOR architecture dependent macro defined in
584 * osfmk/mach/ARCHITECTURE/thread_status.h
1c79356b 585 */
0a7de745
A
586 if (new_flavor != 0 && !VALID_THREAD_STATE_FLAVOR(new_flavor)) {
587 return KERN_INVALID_ARGUMENT;
588 }
fe8ab488 589
3e170ce0 590#if CONFIG_MACF
0a7de745 591 if (mac_task_check_set_host_exception_ports(current_task(), exception_mask) != 0) {
3e170ce0 592 return KERN_NO_ACCESS;
0a7de745 593 }
5ba3f43e
A
594
595 new_label = mac_exc_create_label_for_current_proc();
596
597 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
598 if (host_priv->exc_actions[i].label == NULL) {
599 deferred_labels[i] = mac_exc_create_label();
600 } else {
601 deferred_labels[i] = NULL;
602 }
603 }
3e170ce0
A
604#endif
605
606 assert(host_priv == &realhost);
607
1c79356b
A
608 host_lock(host_priv);
609
610 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
39037602
A
611#if CONFIG_MACF
612 if (host_priv->exc_actions[i].label == NULL) {
613 // Lazy initialization (see ipc_port_init).
5ba3f43e
A
614 mac_exc_associate_action_label(&host_priv->exc_actions[i], deferred_labels[i]);
615 deferred_labels[i] = NULL; // Label is used, do not free.
39037602
A
616 }
617#endif
618
619 if ((exception_mask & (1 << i))
620#if CONFIG_MACF
0a7de745 621 && mac_exc_update_action_label(&host_priv->exc_actions[i], new_label) == 0
39037602 622#endif
0a7de745 623 ) {
1c79356b 624 old_port[i] = host_priv->exc_actions[i].port;
39037602 625
1c79356b 626 host_priv->exc_actions[i].port =
0a7de745 627 ipc_port_copy_send(new_port);
1c79356b
A
628 host_priv->exc_actions[i].behavior = new_behavior;
629 host_priv->exc_actions[i].flavor = new_flavor;
39037602 630 } else {
1c79356b 631 old_port[i] = IP_NULL;
39037602 632 }
1c79356b
A
633 }/* for */
634
635 /*
636 * Consume send rights without any lock held.
637 */
638 host_unlock(host_priv);
5ba3f43e
A
639
640#if CONFIG_MACF
641 mac_exc_free_label(new_label);
642#endif
0a7de745 643
5ba3f43e 644 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
0a7de745 645 if (IP_VALID(old_port[i])) {
1c79356b 646 ipc_port_release_send(old_port[i]);
0a7de745 647 }
5ba3f43e
A
648#if CONFIG_MACF
649 if (deferred_labels[i] != NULL) {
650 /* Deferred label went unused: Another thread has completed the lazy initialization. */
651 mac_exc_free_label(deferred_labels[i]);
652 }
653#endif
654 }
0a7de745 655 if (IP_VALID(new_port)) { /* consume send right */
1c79356b 656 ipc_port_release_send(new_port);
0a7de745 657 }
1c79356b 658
0a7de745 659 return KERN_SUCCESS;
1c79356b
A
660}
661
662/*
663 * Routine: host_get_exception_ports [kernel call]
664 * Purpose:
665 * Clones a send right for each of the host's exception
666 * ports specified in the mask and returns the behaviour
667 * and flavor of said port.
668 *
669 * Returns upto [in} CountCnt elements.
670 *
671 * Conditions:
672 * Nothing locked.
673 * Returns:
674 * KERN_SUCCESS Extracted a send right.
675 * KERN_INVALID_ARGUMENT Invalid host_priv specified,
676 * Invalid special port,
677 * Illegal mask bit set.
678 * KERN_FAILURE The thread is dead.
679 */
680kern_return_t
681host_get_exception_ports(
0a7de745 682 host_priv_t host_priv,
1c79356b 683 exception_mask_t exception_mask,
0a7de745
A
684 exception_mask_array_t masks,
685 mach_msg_type_number_t * CountCnt,
686 exception_port_array_t ports,
1c79356b 687 exception_behavior_array_t behaviors,
0a7de745 688 thread_state_flavor_array_t flavors )
1c79356b 689{
0a7de745 690 unsigned int i, j, count;
1c79356b 691
0a7de745 692 if (host_priv == HOST_PRIV_NULL) {
1c79356b 693 return KERN_INVALID_ARGUMENT;
0a7de745 694 }
1c79356b 695
b0d623f7 696 if (exception_mask & ~EXC_MASK_VALID) {
1c79356b
A
697 return KERN_INVALID_ARGUMENT;
698 }
699
0a7de745 700 assert(host_priv == &realhost);
1c79356b
A
701
702 host_lock(host_priv);
703
704 count = 0;
705
706 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
707 if (exception_mask & (1 << i)) {
708 for (j = 0; j < count; j++) {
709/*
710 * search for an identical entry, if found
711 * set corresponding mask for this exception.
712 */
713 if (host_priv->exc_actions[i].port == ports[j] &&
0a7de745
A
714 host_priv->exc_actions[i].behavior == behaviors[j]
715 && host_priv->exc_actions[i].flavor == flavors[j]) {
1c79356b
A
716 masks[j] |= (1 << i);
717 break;
718 }
719 }/* for */
720 if (j == count) {
721 masks[j] = (1 << i);
722 ports[j] =
0a7de745 723 ipc_port_copy_send(host_priv->exc_actions[i].port);
1c79356b
A
724 behaviors[j] = host_priv->exc_actions[i].behavior;
725 flavors[j] = host_priv->exc_actions[i].flavor;
726 count++;
727 if (count > *CountCnt) {
728 break;
729 }
730 }
731 }
732 }/* for */
733 host_unlock(host_priv);
734
735 *CountCnt = count;
736 return KERN_SUCCESS;
737}
738
739kern_return_t
740host_swap_exception_ports(
0a7de745
A
741 host_priv_t host_priv,
742 exception_mask_t exception_mask,
743 ipc_port_t new_port,
744 exception_behavior_t new_behavior,
745 thread_state_flavor_t new_flavor,
746 exception_mask_array_t masks,
747 mach_msg_type_number_t * CountCnt,
748 exception_port_array_t ports,
1c79356b 749 exception_behavior_array_t behaviors,
0a7de745 750 thread_state_flavor_array_t flavors )
1c79356b 751{
0a7de745
A
752 unsigned int i,
753 j,
754 count;
755 ipc_port_t old_port[EXC_TYPES_COUNT];
1c79356b 756
5ba3f43e
A
757#if CONFIG_MACF
758 struct label *deferred_labels[EXC_TYPES_COUNT];
759 struct label *new_label;
0a7de745 760#endif
5ba3f43e 761
0a7de745 762 if (host_priv == HOST_PRIV_NULL) {
1c79356b 763 return KERN_INVALID_ARGUMENT;
0a7de745 764 }
1c79356b 765
b0d623f7 766 if (exception_mask & ~EXC_MASK_VALID) {
1c79356b
A
767 return KERN_INVALID_ARGUMENT;
768 }
769
770 if (IP_VALID(new_port)) {
771 switch (new_behavior) {
772 case EXCEPTION_DEFAULT:
773 case EXCEPTION_STATE:
774 case EXCEPTION_STATE_IDENTITY:
775 break;
776 default:
777 return KERN_INVALID_ARGUMENT;
778 }
779 }
39236c6e 780
0a7de745
A
781 if (new_flavor != 0 && !VALID_THREAD_STATE_FLAVOR(new_flavor)) {
782 return KERN_INVALID_ARGUMENT;
783 }
1c79356b 784
3e170ce0 785#if CONFIG_MACF
0a7de745 786 if (mac_task_check_set_host_exception_ports(current_task(), exception_mask) != 0) {
3e170ce0 787 return KERN_NO_ACCESS;
0a7de745 788 }
5ba3f43e
A
789
790 new_label = mac_exc_create_label_for_current_proc();
0a7de745 791
5ba3f43e
A
792 for (i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT; i++) {
793 if (host_priv->exc_actions[i].label == NULL) {
794 deferred_labels[i] = mac_exc_create_label();
795 } else {
796 deferred_labels[i] = NULL;
797 }
798 }
3e170ce0
A
799#endif /* CONFIG_MACF */
800
1c79356b
A
801 host_lock(host_priv);
802
39236c6e 803 assert(EXC_TYPES_COUNT > FIRST_EXCEPTION);
0a7de745 804 for (count = 0, i = FIRST_EXCEPTION; i < EXC_TYPES_COUNT && count < *CountCnt; i++) {
39037602
A
805#if CONFIG_MACF
806 if (host_priv->exc_actions[i].label == NULL) {
807 // Lazy initialization (see ipc_port_init).
5ba3f43e
A
808 mac_exc_associate_action_label(&host_priv->exc_actions[i], deferred_labels[i]);
809 deferred_labels[i] = NULL; // Label is used, do not free.
39037602
A
810 }
811#endif
812
813 if ((exception_mask & (1 << i))
814#if CONFIG_MACF
0a7de745 815 && mac_exc_update_action_label(&host_priv->exc_actions[i], new_label) == 0
39037602 816#endif
0a7de745 817 ) {
1c79356b
A
818 for (j = 0; j < count; j++) {
819/*
820 * search for an identical entry, if found
821 * set corresponding mask for this exception.
822 */
823 if (host_priv->exc_actions[i].port == ports[j] &&
0a7de745
A
824 host_priv->exc_actions[i].behavior == behaviors[j]
825 && host_priv->exc_actions[i].flavor == flavors[j]) {
1c79356b
A
826 masks[j] |= (1 << i);
827 break;
828 }
829 }/* for */
830 if (j == count) {
831 masks[j] = (1 << i);
832 ports[j] =
0a7de745 833 ipc_port_copy_send(host_priv->exc_actions[i].port);
1c79356b
A
834 behaviors[j] = host_priv->exc_actions[i].behavior;
835 flavors[j] = host_priv->exc_actions[i].flavor;
836 count++;
837 }
838 old_port[i] = host_priv->exc_actions[i].port;
839 host_priv->exc_actions[i].port =
0a7de745 840 ipc_port_copy_send(new_port);
1c79356b
A
841 host_priv->exc_actions[i].behavior = new_behavior;
842 host_priv->exc_actions[i].flavor = new_flavor;
5ba3f43e 843 } else {
1c79356b 844 old_port[i] = IP_NULL;
5ba3f43e 845 }
1c79356b
A
846 }/* for */
847 host_unlock(host_priv);
848
5ba3f43e
A
849#if CONFIG_MACF
850 mac_exc_free_label(new_label);
851#endif
0a7de745 852
1c79356b
A
853 /*
854 * Consume send rights without any lock held.
855 */
39236c6e 856 while (--i >= FIRST_EXCEPTION) {
0a7de745 857 if (IP_VALID(old_port[i])) {
1c79356b 858 ipc_port_release_send(old_port[i]);
0a7de745 859 }
5ba3f43e
A
860#if CONFIG_MACF
861 if (deferred_labels[i] != NULL) {
862 mac_exc_free_label(deferred_labels[i]); // Label unused.
863 }
864#endif
39236c6e
A
865 }
866
0a7de745 867 if (IP_VALID(new_port)) { /* consume send right */
1c79356b 868 ipc_port_release_send(new_port);
0a7de745 869 }
1c79356b
A
870 *CountCnt = count;
871
872 return KERN_SUCCESS;
873}