]> git.saurik.com Git - apple/xnu.git/blame_incremental - osfmk/ipc/mach_msg.c
projects / apple / xnu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
xnu-4570.1.46.tar.gz
[apple/xnu.git] / osfmk / ipc / mach_msg.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
31/*
32 * Mach Operating System
33 * Copyright (c) 1991,1990,1989 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56/*
57 * NOTICE: This file was modified by McAfee Research in 2004 to introduce
58 * support for mandatory and extensible security protections. This notice
59 * is included in support of clause 2.2 (b) of the Apple Public License,
60 * Version 2.0.
61 * Copyright (c) 2005 SPARTA, Inc.
62 */
63/*
64 */
65/*
66 * File: ipc/mach_msg.c
67 * Author: Rich Draves
68 * Date: 1989
69 *
70 * Exported message traps. See mach/message.h.
71 */
72
73#include <mach/mach_types.h>
74#include <mach/kern_return.h>
75#include <mach/port.h>
76#include <mach/message.h>
77#include <mach/mig_errors.h>
78#include <mach/mach_traps.h>
79
80#include <kern/kern_types.h>
81#include <kern/assert.h>
82#include <kern/counters.h>
83#include <kern/cpu_number.h>
84#include <kern/ipc_kobject.h>
85#include <kern/ipc_mig.h>
86#include <kern/task.h>
87#include <kern/thread.h>
88#include <kern/sched_prim.h>
89#include <kern/exception.h>
90#include <kern/misc_protos.h>
91#include <kern/kalloc.h>
92#include <kern/processor.h>
93#include <kern/syscall_subr.h>
94#include <kern/policy_internal.h>
95
96#include <vm/vm_map.h>
97
98#include <ipc/ipc_types.h>
99#include <ipc/ipc_kmsg.h>
100#include <ipc/ipc_mqueue.h>
101#include <ipc/ipc_object.h>
102#include <ipc/ipc_notify.h>
103#include <ipc/ipc_port.h>
104#include <ipc/ipc_pset.h>
105#include <ipc/ipc_space.h>
106#include <ipc/ipc_entry.h>
107#include <ipc/ipc_importance.h>
108#include <ipc/ipc_voucher.h>
109
110#include <machine/machine_routines.h>
111#include <security/mac_mach_internal.h>
112
113#include <sys/kdebug.h>
114
115#ifndef offsetof
116#define offsetof(type, member) ((size_t)(&((type *)0)->member))
117#endif /* offsetof */
118
119/*
120 * Forward declarations - kernel internal routines
121 */
122
123mach_msg_return_t mach_msg_send(
124 mach_msg_header_t *msg,
125 mach_msg_option_t option,
126 mach_msg_size_t send_size,
127 mach_msg_timeout_t send_timeout,
128 mach_port_name_t notify);
129
130mach_msg_return_t mach_msg_receive(
131 mach_msg_header_t *msg,
132 mach_msg_option_t option,
133 mach_msg_size_t rcv_size,
134 mach_port_name_t rcv_name,
135 mach_msg_timeout_t rcv_timeout,
136 void (*continuation)(mach_msg_return_t),
137 mach_msg_size_t slist_size);
138
139
140mach_msg_return_t msg_receive_error(
141 ipc_kmsg_t kmsg,
142 mach_msg_option_t option,
143 mach_vm_address_t rcv_addr,
144 mach_msg_size_t rcv_size,
145 mach_port_seqno_t seqno,
146 ipc_space_t space,
147 mach_msg_size_t *out_size);
148
149static mach_msg_return_t
150mach_msg_rcv_link_special_reply_port(
151 ipc_port_t special_reply_port,
152 mach_port_name_t dest_name_port);
153
154static void
155mach_msg_rcv_unlink_special_reply_port(void);
156
157security_token_t KERNEL_SECURITY_TOKEN = KERNEL_SECURITY_TOKEN_VALUE;
158audit_token_t KERNEL_AUDIT_TOKEN = KERNEL_AUDIT_TOKEN_VALUE;
159
160mach_msg_format_0_trailer_t trailer_template = {
161 /* mach_msg_trailer_type_t */ MACH_MSG_TRAILER_FORMAT_0,
162 /* mach_msg_trailer_size_t */ MACH_MSG_TRAILER_MINIMUM_SIZE,
163 /* mach_port_seqno_t */ 0,
164 /* security_token_t */ KERNEL_SECURITY_TOKEN_VALUE
165};
166
167/*
168 * Routine: mach_msg_send [Kernel Internal]
169 * Purpose:
170 * Routine for kernel-task threads to send a message.
171 *
172 * Unlike mach_msg_send_from_kernel(), this routine
173 * looks port names up in the kernel's port namespace
174 * and copies in the kernel virtual memory (instead
175 * of taking a vm_map_copy_t pointer for OOL descriptors).
176 * Conditions:
177 * Nothing locked.
178 * Returns:
179 * MACH_MSG_SUCCESS Sent the message.
180 * MACH_SEND_MSG_TOO_SMALL Message smaller than a header.
181 * MACH_SEND_NO_BUFFER Couldn't allocate buffer.
182 * MACH_SEND_INVALID_DATA Couldn't copy message data.
183 * MACH_SEND_INVALID_HEADER
184 * Illegal value in the message header bits.
185 * MACH_SEND_INVALID_DEST The space is dead.
186 * MACH_SEND_INVALID_NOTIFY Bad notify port.
187 * MACH_SEND_INVALID_DEST Can't copyin destination port.
188 * MACH_SEND_INVALID_REPLY Can't copyin reply port.
189 * MACH_SEND_TIMED_OUT Timeout expired without delivery.
190 * MACH_SEND_INTERRUPTED Delivery interrupted.
191 */
192
193mach_msg_return_t
194mach_msg_send(
195 mach_msg_header_t *msg,
196 mach_msg_option_t option,
197 mach_msg_size_t send_size,
198 mach_msg_timeout_t send_timeout,
199 mach_msg_priority_t override)
200{
201 ipc_space_t space = current_space();
202 vm_map_t map = current_map();
203 ipc_kmsg_t kmsg;
204 mach_msg_return_t mr;
205 mach_msg_size_t msg_and_trailer_size;
206 mach_msg_max_trailer_t *trailer;
207
208 if ((send_size & 3) ||
209 send_size < sizeof(mach_msg_header_t) ||
210 (send_size < sizeof(mach_msg_base_t) && (msg->msgh_bits & MACH_MSGH_BITS_COMPLEX)))
211 return MACH_SEND_MSG_TOO_SMALL;
212
213 if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE)
214 return MACH_SEND_TOO_LARGE;
215
216 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
217
218 msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
219
220 kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
221
222 if (kmsg == IKM_NULL) {
223 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, MACH_SEND_NO_BUFFER);
224 return MACH_SEND_NO_BUFFER;
225 }
226
227 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_LINK) | DBG_FUNC_NONE,
228 (uintptr_t)0, /* this should only be called from the kernel! */
229 VM_KERNEL_ADDRPERM((uintptr_t)kmsg),
230 0, 0,
231 0);
232 (void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);
233
234 kmsg->ikm_header->msgh_size = send_size;
235
236 /*
237 * reserve for the trailer the largest space (MAX_TRAILER_SIZE)
238 * However, the internal size field of the trailer (msgh_trailer_size)
239 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
240 * the cases where no implicit data is requested.
241 */
242 trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
243 trailer->msgh_sender = current_thread()->task->sec_token;
244 trailer->msgh_audit = current_thread()->task->audit_token;
245 trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
246 trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
247
248 mr = ipc_kmsg_copyin(kmsg, space, map, override, &option);
249
250 if (mr != MACH_MSG_SUCCESS) {
251 ipc_kmsg_free(kmsg);
252 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
253 return mr;
254 }
255
256 mr = ipc_kmsg_send(kmsg, option, send_timeout);
257
258 if (mr != MACH_MSG_SUCCESS) {
259 mr |= ipc_kmsg_copyout_pseudo(kmsg, space, map, MACH_MSG_BODY_NULL);
260 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
261 kmsg->ikm_header->msgh_size);
262 ipc_kmsg_free(kmsg);
263 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
264 }
265
266 return mr;
267}
268
269/*
270 * message header as seen at user-space
271 * (for MACH_RCV_LARGE/IDENTITY updating)
272 */
273typedef struct
274{
275 mach_msg_bits_t msgh_bits;
276 mach_msg_size_t msgh_size;
277 mach_port_name_t msgh_remote_port;
278 mach_port_name_t msgh_local_port;
279 mach_msg_size_t msgh_reserved;
280 mach_msg_id_t msgh_id;
281} mach_msg_user_header_t;
282
283/*
284 * Routine: mach_msg_receive_results
285 * Purpose:
286 * Receive a message.
287 * Conditions:
288 * Nothing locked.
289 * Returns:
290 * MACH_MSG_SUCCESS Received a message.
291 * MACH_RCV_INVALID_NAME The name doesn't denote a right,
292 * or the denoted right is not receive or port set.
293 * MACH_RCV_IN_SET Receive right is a member of a set.
294 * MACH_RCV_TOO_LARGE Message wouldn't fit into buffer.
295 * MACH_RCV_TIMED_OUT Timeout expired without a message.
296 * MACH_RCV_INTERRUPTED Reception interrupted.
297 * MACH_RCV_PORT_DIED Port/set died while receiving.
298 * MACH_RCV_PORT_CHANGED Port moved into set while receiving.
299 * MACH_RCV_INVALID_DATA Couldn't copy to user buffer.
300 * MACH_RCV_INVALID_NOTIFY Bad notify port.
301 * MACH_RCV_HEADER_ERROR
302 */
303
304mach_msg_return_t
305mach_msg_receive_results(
306 mach_msg_size_t *sizep)
307{
308 thread_t self = current_thread();
309 ipc_space_t space = current_space();
310 vm_map_t map = current_map();
311
312 ipc_object_t object = self->ith_object;
313 mach_msg_return_t mr = self->ith_state;
314 mach_vm_address_t rcv_addr = self->ith_msg_addr;
315 mach_msg_size_t rcv_size = self->ith_rsize;
316 mach_msg_option_t option = self->ith_option;
317 ipc_kmsg_t kmsg = self->ith_kmsg;
318 mach_port_seqno_t seqno = self->ith_seqno;
319
320 mach_msg_trailer_size_t trailer_size;
321 mach_msg_size_t size = 0;
322
323 /* unlink the special_reply_port before releasing reference to object */
324 mach_msg_rcv_unlink_special_reply_port();
325 io_release(object);
326
327 if (mr != MACH_MSG_SUCCESS) {
328
329 if (mr == MACH_RCV_TOO_LARGE) {
330
331 /*
332 * If the receive operation occurs with MACH_RCV_LARGE set
333 * then no message was extracted from the queue, and the size
334 * and (optionally) receiver names were the only thing captured.
335 * Just copyout the size (and optional port name) in a fake
336 * header.
337 */
338 if (option & MACH_RCV_LARGE) {
339
340 if ((option & MACH_RCV_STACK) == 0 &&
341 rcv_size >= offsetof(mach_msg_user_header_t, msgh_reserved)) {
342
343 /*
344 * We need to inform the user-level code that it needs more
345 * space. The value for how much space was returned in the
346 * msize save area instead of the message (which was left on
347 * the queue).
348 */
349 if (option & MACH_RCV_LARGE_IDENTITY) {
350 if (copyout((char *) &self->ith_receiver_name,
351 rcv_addr + offsetof(mach_msg_user_header_t, msgh_local_port),
352 sizeof(mach_port_name_t)))
353 mr = MACH_RCV_INVALID_DATA;
354 }
355 if (copyout((char *) &self->ith_msize,
356 rcv_addr + offsetof(mach_msg_user_header_t, msgh_size),
357 sizeof(mach_msg_size_t)))
358 mr = MACH_RCV_INVALID_DATA;
359 }
360 } else {
361
362 /* discard importance in message */
363 ipc_importance_clean(kmsg);
364
365 if (msg_receive_error(kmsg, option, rcv_addr, rcv_size, seqno, space, &size)
366 == MACH_RCV_INVALID_DATA)
367 mr = MACH_RCV_INVALID_DATA;
368 }
369 }
370
371 if (sizep)
372 *sizep = size;
373 return mr;
374 }
375
376 /* MACH_MSG_SUCCESS */
377
378#if IMPORTANCE_INHERITANCE
379
380 /* adopt/transform any importance attributes carried in the message */
381 ipc_importance_receive(kmsg, option);
382
383#endif /* IMPORTANCE_INHERITANCE */
384
385 /* auto redeem the voucher in the message */
386 ipc_voucher_receive_postprocessing(kmsg, option);
387
388 trailer_size = ipc_kmsg_add_trailer(kmsg, space, option, self, seqno, FALSE,
389 kmsg->ikm_header->msgh_remote_port->ip_context);
390
391 mr = ipc_kmsg_copyout(kmsg, space, map, MACH_MSG_BODY_NULL, option);
392
393 if (mr != MACH_MSG_SUCCESS) {
394
395 /* already received importance, so have to undo that here */
396 ipc_importance_unreceive(kmsg, option);
397
398 /* if we had a body error copyout what we have, otherwise a simple header/trailer */
399 if ((mr &~ MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
400 if (ipc_kmsg_put(kmsg, option, rcv_addr, rcv_size, trailer_size, &size) == MACH_RCV_INVALID_DATA)
401 mr = MACH_RCV_INVALID_DATA;
402 } else {
403 if (msg_receive_error(kmsg, option, rcv_addr, rcv_size, seqno, space, &size)
404 == MACH_RCV_INVALID_DATA)
405 mr = MACH_RCV_INVALID_DATA;
406 }
407 } else {
408 /* capture ksmg QoS values to the thread continuation state */
409 self->ith_qos = kmsg->ikm_qos;
410 self->ith_qos_override = kmsg->ikm_qos_override;
411 mr = ipc_kmsg_put(kmsg, option, rcv_addr, rcv_size, trailer_size, &size);
412 }
413
414 if (sizep)
415 *sizep = size;
416 return mr;
417}
418#ifndef _PTHREAD_PRIORITY_EVENT_MANAGER_FLAG
419#define _PTHREAD_PRIORITY_EVENT_MANAGER_FLAG 0x02000000 /* pthread event manager bit */
420#endif
421#ifndef _PTHREAD_PRIORITY_OVERCOMMIT_FLAG
422#define _PTHREAD_PRIORITY_OVERCOMMIT_FLAG 0x80000000 /* request overcommit threads */
423#endif
424#ifndef _PTHREAD_PRIORITY_QOS_CLASS_MASK
425#define _PTHREAD_PRIORITY_QOS_CLASS_MASK 0x003fff00 /* QoS class mask */
426#endif
427
428/* JMM - this needs to invoke a pthread function to compute this */
429mach_msg_priority_t
430mach_msg_priority_combine(mach_msg_priority_t msg_qos,
431 mach_msg_priority_t recv_qos)
432{
433 mach_msg_priority_t overcommit;
434 mach_msg_priority_t no_oc_qos;
435 mach_msg_priority_t res;
436
437 assert(msg_qos < _PTHREAD_PRIORITY_EVENT_MANAGER_FLAG);
438 overcommit = recv_qos & _PTHREAD_PRIORITY_OVERCOMMIT_FLAG;
439 no_oc_qos = recv_qos & ~overcommit;
440 res = (no_oc_qos > msg_qos) ? no_oc_qos : msg_qos;
441 res |= overcommit;
442
443 return res;
444}
445
446/*
447 * Routine: mach_msg_receive [Kernel Internal]
448 * Purpose:
449 * Routine for kernel-task threads to actively receive a message.
450 *
451 * Unlike being dispatched to by ipc_kobject_server() or the
452 * reply part of mach_msg_rpc_from_kernel(), this routine
453 * looks up the receive port name in the kernel's port
454 * namespace and copies out received port rights to that namespace
455 * as well. Out-of-line memory is copied out the kernel's
456 * address space (rather than just providing the vm_map_copy_t).
457 * Conditions:
458 * Nothing locked.
459 * Returns:
460 * MACH_MSG_SUCCESS Received a message.
461 * See <mach/message.h> for list of MACH_RCV_XXX errors.
462 */
463mach_msg_return_t
464mach_msg_receive(
465 mach_msg_header_t *msg,
466 mach_msg_option_t option,
467 mach_msg_size_t rcv_size,
468 mach_port_name_t rcv_name,
469 mach_msg_timeout_t rcv_timeout,
470 void (*continuation)(mach_msg_return_t),
471 __unused mach_msg_size_t slist_size)
472{
473 thread_t self = current_thread();
474 ipc_space_t space = current_space();
475 ipc_object_t object;
476 ipc_mqueue_t mqueue;
477 mach_msg_return_t mr;
478
479 mr = ipc_mqueue_copyin(space, rcv_name, &mqueue, &object);
480 if (mr != MACH_MSG_SUCCESS) {
481 return mr;
482 }
483 /* hold ref for object */
484
485 self->ith_msg_addr = CAST_DOWN(mach_vm_address_t, msg);
486 self->ith_object = object;
487 self->ith_rsize = rcv_size;
488 self->ith_msize = 0;
489 self->ith_option = option;
490 self->ith_continuation = continuation;
491 self->ith_knote = ITH_KNOTE_NULL;
492
493 ipc_mqueue_receive(mqueue, option, rcv_size, rcv_timeout, THREAD_ABORTSAFE);
494 if ((option & MACH_RCV_TIMEOUT) && rcv_timeout == 0)
495 thread_poll_yield(self);
496 return mach_msg_receive_results(NULL);
497}
498
499void
500mach_msg_receive_continue(void)
501{
502 mach_msg_return_t mr;
503 thread_t self = current_thread();
504
505 if (self->ith_state == MACH_PEEK_READY)
506 mr = MACH_PEEK_READY;
507 else
508 mr = mach_msg_receive_results(NULL);
509 (*self->ith_continuation)(mr);
510}
511
512
513/*
514 * Routine: mach_msg_overwrite_trap [mach trap]
515 * Purpose:
516 * Possibly send a message; possibly receive a message.
517 * Conditions:
518 * Nothing locked.
519 * Returns:
520 * All of mach_msg_send and mach_msg_receive error codes.
521 */
522
523mach_msg_return_t
524mach_msg_overwrite_trap(
525 struct mach_msg_overwrite_trap_args *args)
526{
527 mach_vm_address_t msg_addr = args->msg;
528 mach_msg_option_t option = args->option;
529 mach_msg_size_t send_size = args->send_size;
530 mach_msg_size_t rcv_size = args->rcv_size;
531 mach_port_name_t rcv_name = args->rcv_name;
532 mach_msg_timeout_t msg_timeout = args->timeout;
533 mach_msg_priority_t override = args->override;
534 mach_vm_address_t rcv_msg_addr = args->rcv_msg;
535 __unused mach_port_seqno_t temp_seqno = 0;
536
537 mach_msg_return_t mr = MACH_MSG_SUCCESS;
538 vm_map_t map = current_map();
539
540 /* Only accept options allowed by the user */
541 option &= MACH_MSG_OPTION_USER;
542
543 if (option & MACH_SEND_MSG) {
544 ipc_space_t space = current_space();
545 ipc_kmsg_t kmsg;
546
547 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
548
549 mr = ipc_kmsg_get(msg_addr, send_size, &kmsg);
550
551 if (mr != MACH_MSG_SUCCESS) {
552 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
553 return mr;
554 }
555
556 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_LINK) | DBG_FUNC_NONE,
557 (uintptr_t)msg_addr,
558 VM_KERNEL_ADDRPERM((uintptr_t)kmsg),
559 0, 0,
560 0);
561
562 mr = ipc_kmsg_copyin(kmsg, space, map, override, &option);
563
564 if (mr != MACH_MSG_SUCCESS) {
565 ipc_kmsg_free(kmsg);
566 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
567 return mr;
568 }
569
570 mr = ipc_kmsg_send(kmsg, option, msg_timeout);
571
572 if (mr != MACH_MSG_SUCCESS) {
573 mr |= ipc_kmsg_copyout_pseudo(kmsg, space, map, MACH_MSG_BODY_NULL);
574 (void) ipc_kmsg_put(kmsg, option, msg_addr, send_size, 0, NULL);
575 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
576 return mr;
577 }
578
579 }
580
581 if (option & MACH_RCV_MSG) {
582 thread_t self = current_thread();
583 ipc_space_t space = current_space();
584 ipc_object_t object;
585 ipc_mqueue_t mqueue;
586
587 mr = ipc_mqueue_copyin(space, rcv_name, &mqueue, &object);
588 if (mr != MACH_MSG_SUCCESS) {
589 return mr;
590 }
591 /* hold ref for object */
592
593 if ((option & MACH_RCV_SYNC_WAIT) && !(option & MACH_SEND_SYNC_OVERRIDE)) {
594 ipc_port_t special_reply_port;
595 __IGNORE_WCASTALIGN(special_reply_port = (ipc_port_t) object);
596 /* link the special reply port to the destination */
597 mr = mach_msg_rcv_link_special_reply_port(special_reply_port,
598 (mach_port_name_t)override);
599 if (mr != MACH_MSG_SUCCESS) {
600 io_release(object);
601 return mr;
602 }
603 }
604
605 if (rcv_msg_addr != (mach_vm_address_t)0)
606 self->ith_msg_addr = rcv_msg_addr;
607 else
608 self->ith_msg_addr = msg_addr;
609 self->ith_object = object;
610 self->ith_rsize = rcv_size;
611 self->ith_msize = 0;
612 self->ith_option = option;
613 self->ith_receiver_name = MACH_PORT_NULL;
614 self->ith_continuation = thread_syscall_return;
615 self->ith_knote = ITH_KNOTE_NULL;
616
617 ipc_mqueue_receive(mqueue, option, rcv_size, msg_timeout, THREAD_ABORTSAFE);
618 if ((option & MACH_RCV_TIMEOUT) && msg_timeout == 0)
619 thread_poll_yield(self);
620 return mach_msg_receive_results(NULL);
621 }
622
623 return MACH_MSG_SUCCESS;
624}
625
626/*
627 * Routine: mach_msg_rcv_link_special_reply_port
628 * Purpose:
629 * Link the special reply port(rcv right) to the
630 * other end of the sync ipc channel.
631 * Conditions:
632 * Nothing locked.
633 * Returns:
634 * None.
635 */
636static mach_msg_return_t
637mach_msg_rcv_link_special_reply_port(
638 ipc_port_t special_reply_port,
639 mach_port_name_t dest_name_port)
640{
641 ipc_port_t dest_port = IP_NULL;
642 kern_return_t kr;
643 int qos;
644
645 if (current_thread()->ith_special_reply_port != special_reply_port) {
646 return MACH_RCV_INVALID_NOTIFY;
647 }
648
649 /* Copyin the destination port */
650 if (!MACH_PORT_VALID(dest_name_port)) {
651 return MACH_RCV_INVALID_NOTIFY;
652 }
653
654 kr = ipc_object_copyin(current_space(),
655 dest_name_port, MACH_MSG_TYPE_COPY_SEND,
656 (ipc_object_t *) &dest_port);
657
658 /*
659 * The receive right of dest port might have gone away,
660 * do not fail the receive in that case.
661 */
662 if (kr == KERN_SUCCESS && IP_VALID(dest_port)) {
663
664 /* Get the effective qos of the thread */
665 qos = proc_get_effective_thread_policy(current_thread(), TASK_POLICY_QOS);
666
667 ipc_port_link_special_reply_port_with_qos(special_reply_port,
668 dest_port, qos);
669
670 /* release the send right */
671 ipc_port_release_send(dest_port);
672 }
673 return MACH_MSG_SUCCESS;
674}
675
676/*
677 * Routine: mach_msg_rcv_unlink_special_reply_port
678 * Purpose:
679 * Unlink the special reply port to the other end
680 * of the sync ipc channel.
681 * Condition:
682 * Nothing locked.
683 * Returns:
684 * None.
685 */
686static void
687mach_msg_rcv_unlink_special_reply_port(void)
688{
689 thread_t self = current_thread();
690 ipc_port_t special_reply_port = self->ith_special_reply_port;
691 mach_msg_option_t option = self->ith_option;
692
693 if ((special_reply_port == IP_NULL) ||
694 !(option & MACH_RCV_SYNC_WAIT)) {
695 return;
696 }
697
698 ipc_port_unlink_special_reply_port(special_reply_port,
699 IPC_PORT_UNLINK_SR_ALLOW_SYNC_QOS_LINKAGE);
700}
701
702/*
703 * Routine: mach_msg_trap [mach trap]
704 * Purpose:
705 * Possibly send a message; possibly receive a message.
706 * Conditions:
707 * Nothing locked.
708 * Returns:
709 * All of mach_msg_send and mach_msg_receive error codes.
710 */
711
712mach_msg_return_t
713mach_msg_trap(
714 struct mach_msg_overwrite_trap_args *args)
715{
716 kern_return_t kr;
717 args->rcv_msg = (mach_vm_address_t)0;
718
719 kr = mach_msg_overwrite_trap(args);
720 return kr;
721}
722
723
724/*
725 * Routine: msg_receive_error [internal]
726 * Purpose:
727 * Builds a minimal header/trailer and copies it to
728 * the user message buffer. Invoked when in the case of a
729 * MACH_RCV_TOO_LARGE or MACH_RCV_BODY_ERROR error.
730 * Conditions:
731 * Nothing locked.
732 * size - maximum buffer size on input,
733 * actual copied-out size on output
734 * Returns:
735 * MACH_MSG_SUCCESS minimal header/trailer copied
736 * MACH_RCV_INVALID_DATA copyout to user buffer failed
737 */
738
739mach_msg_return_t
740msg_receive_error(
741 ipc_kmsg_t kmsg,
742 mach_msg_option_t option,
743 mach_vm_address_t rcv_addr,
744 mach_msg_size_t rcv_size,
745 mach_port_seqno_t seqno,
746 ipc_space_t space,
747 mach_msg_size_t *sizep)
748{
749 mach_vm_address_t context;
750 mach_msg_trailer_size_t trailer_size;
751 mach_msg_max_trailer_t *trailer;
752
753 context = kmsg->ikm_header->msgh_remote_port->ip_context;
754
755 /*
756 * Copy out the destination port in the message.
757 * Destroy all other rights and memory in the message.
758 */
759 ipc_kmsg_copyout_dest(kmsg, space);
760
761 /*
762 * Build a minimal message with the requested trailer.
763 */
764 trailer = (mach_msg_max_trailer_t *)
765 ((vm_offset_t)kmsg->ikm_header +
766 round_msg(sizeof(mach_msg_header_t)));
767 kmsg->ikm_header->msgh_size = sizeof(mach_msg_header_t);
768 bcopy( (char *)&trailer_template,
769 (char *)trailer,
770 sizeof(trailer_template));
771
772 trailer_size = ipc_kmsg_add_trailer(kmsg, space,
773 option, current_thread(), seqno,
774 TRUE, context);
775
776 /*
777 * Copy the message to user space and return the size
778 * (note that ipc_kmsg_put may also adjust the actual
779 * size copied out to user-space).
780 */
781 if (ipc_kmsg_put(kmsg, option, rcv_addr, rcv_size, trailer_size, sizep) == MACH_RCV_INVALID_DATA)
782 return(MACH_RCV_INVALID_DATA);
783 else
784 return(MACH_MSG_SUCCESS);
785}
mirror of XNU