]> git.saurik.com Git - apple/xnu.git/blame_incremental - osfmk/i386/user_ldt.c
projects / apple / xnu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
xnu-792.17.14.tar.gz
[apple/xnu.git] / osfmk / i386 / user_ldt.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * @OSF_COPYRIGHT@
30 */
31/*
32 * Mach Operating System
33 * Copyright (c) 1991 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56
57/*
58 */
59
60/*
61 * User LDT management.
62 * Each thread in a task may have its own LDT.
63 */
64
65#include <kern/kalloc.h>
66#include <kern/thread.h>
67#include <kern/misc_protos.h>
68
69#include <vm/vm_kern.h>
70
71#include <i386/seg.h>
72#include <i386/thread.h>
73#include <i386/user_ldt.h>
74
75char acc_type[8][3] = {
76 /* code stack data */
77 { 0, 0, 1 }, /* data */
78 { 0, 1, 1 }, /* data, writable */
79 { 0, 0, 1 }, /* data, expand-down */
80 { 0, 1, 1 }, /* data, writable, expand-down */
81 { 1, 0, 0 }, /* code */
82 { 1, 0, 1 }, /* code, readable */
83 { 1, 0, 0 }, /* code, conforming */
84 { 1, 0, 1 }, /* code, readable, conforming */
85};
86
87#if 0
88/* Forward */
89
90extern boolean_t selector_check(
91 thread_t thread,
92 int sel,
93 int type);
94
95boolean_t
96selector_check(
97 thread_t thread,
98 int sel,
99 int type)
100{
101 struct user_ldt *ldt;
102 int access;
103
104 ldt = thread->machine.pcb->ims.ldt;
105 if (ldt == 0) {
106 switch (type) {
107 case S_CODE:
108 return sel == USER_CS;
109 case S_STACK:
110 return sel == USER_DS;
111 case S_DATA:
112 return sel == 0 ||
113 sel == USER_CS ||
114 sel == USER_DS;
115 }
116 }
117
118 if (type != S_DATA && sel == 0)
119 return FALSE;
120 if ((sel & (SEL_LDTS|SEL_PL)) != (SEL_LDTS|SEL_PL_U)
121 || sel > ldt->desc.limit_low)
122 return FALSE;
123
124 access = ldt->ldt[sel_idx(sel)].access;
125
126 if ((access & (ACC_P|ACC_PL|ACC_TYPE_USER))
127 != (ACC_P|ACC_PL_U|ACC_TYPE_USER))
128 return FALSE;
129 /* present, pl == pl.user, not system */
130
131 return acc_type[(access & 0xe)>>1][type];
132}
133
134/*
135 * Add the descriptors to the LDT, starting with
136 * the descriptor for 'first_selector'.
137 */
138
139kern_return_t
140i386_set_ldt(
141 thread_t thr_act,
142 int first_selector,
143 descriptor_list_t desc_list,
144 mach_msg_type_number_t count)
145{
146 user_ldt_t new_ldt, old_ldt, temp;
147 struct real_descriptor *dp;
148 int i;
149 int min_selector = 0;
150 pcb_t pcb;
151 vm_size_t ldt_size_needed;
152 int first_desc = sel_idx(first_selector);
153 vm_map_copy_t old_copy_object;
154 thread_t thread;
155
156 if (first_desc < min_selector || first_desc > 8191)
157 return KERN_INVALID_ARGUMENT;
158 if (first_desc + count >= 8192)
159 return KERN_INVALID_ARGUMENT;
160 if (thr_act == THREAD_NULL)
161 return KERN_INVALID_ARGUMENT;
162 if ((thread = act_lock_thread(thr_act)) == THREAD_NULL) {
163 act_unlock_thread(thr_act);
164 return KERN_INVALID_ARGUMENT;
165 }
166 if (thread == current_thread())
167 min_selector = LDTSZ;
168 act_unlock_thread(thr_act);
169
170 /*
171 * We must copy out desc_list to the kernel map, and wire
172 * it down (we touch it while the PCB is locked).
173 *
174 * We make a copy of the copyin object, and clear
175 * out the old one, so that the MIG stub will have a
176 * a empty (but valid) copyin object to discard.
177 */
178 {
179 kern_return_t kr;
180 vm_map_offset_t dst_addr;
181
182 old_copy_object = (vm_map_copy_t) desc_list;
183
184 kr = vm_map_copyout(ipc_kernel_map, &dst_addr,
185 vm_map_copy_copy(old_copy_object));
186 if (kr != KERN_SUCCESS)
187 return kr;
188
189 (void) vm_map_wire(ipc_kernel_map,
190 vm_map_trunc_page(dst_addr),
191 vm_map_round_page(dst_addr +
192 count * sizeof(struct real_descriptor)),
193 VM_PROT_READ|VM_PROT_WRITE, FALSE);
194 desc_list = CAST_DOWN(descriptor_list_t, dst_addr);
195 }
196
197 for (i = 0, dp = (struct real_descriptor *) desc_list;
198 i < count;
199 i++, dp++)
200 {
201 switch (dp->access & ~ACC_A) {
202 case 0:
203 case ACC_P:
204 /* valid empty descriptor */
205 break;
206 case ACC_P | ACC_CALL_GATE:
207 /* Mach kernel call */
208 *dp = *(struct real_descriptor *)
209 &ldt[sel_idx(USER_SCALL)];
210 break;
211 case ACC_P | ACC_PL_U | ACC_DATA:
212 case ACC_P | ACC_PL_U | ACC_DATA_W:
213 case ACC_P | ACC_PL_U | ACC_DATA_E:
214 case ACC_P | ACC_PL_U | ACC_DATA_EW:
215 case ACC_P | ACC_PL_U | ACC_CODE:
216 case ACC_P | ACC_PL_U | ACC_CODE_R:
217 case ACC_P | ACC_PL_U | ACC_CODE_C:
218 case ACC_P | ACC_PL_U | ACC_CODE_CR:
219 case ACC_P | ACC_PL_U | ACC_CALL_GATE_16:
220 case ACC_P | ACC_PL_U | ACC_CALL_GATE:
221 break;
222 default:
223 (void) vm_map_remove(ipc_kernel_map,
224 vm_map_trunc_page(desc_list),
225 vm_map_round_page(&desc_list[count]),
226 VM_MAP_REMOVE_KUNWIRE);
227 return KERN_INVALID_ARGUMENT;
228 }
229 }
230 ldt_size_needed = sizeof(struct real_descriptor)
231 * (first_desc + count);
232
233 pcb = thr_act->machine.pcb;
234 new_ldt = 0;
235 Retry:
236 simple_lock(&pcb->lock);
237 old_ldt = pcb->ims.ldt;
238 if (old_ldt == 0 ||
239 old_ldt->desc.limit_low + 1 < ldt_size_needed)
240 {
241 /*
242 * No old LDT, or not big enough
243 */
244 if (new_ldt == 0) {
245 simple_unlock(&pcb->lock);
246
247 new_ldt = (user_ldt_t) kalloc(ldt_size_needed
248 + sizeof(struct real_descriptor));
249 new_ldt->desc.limit_low = ldt_size_needed - 1;
250 new_ldt->desc.limit_high = 0;
251 new_ldt->desc.base_low =
252 ((vm_offset_t)&new_ldt->ldt[0]) & 0xffff;
253 new_ldt->desc.base_med =
254 (((vm_offset_t)&new_ldt->ldt[0]) >> 16)
255 & 0xff;
256 new_ldt->desc.base_high =
257 ((vm_offset_t)&new_ldt->ldt[0]) >> 24;
258 new_ldt->desc.access = ACC_P | ACC_LDT;
259 new_ldt->desc.granularity = 0;
260
261 goto Retry;
262 }
263
264 /*
265 * Have new LDT. If there was a an old ldt, copy descriptors
266 * from old to new. Otherwise copy the default ldt.
267 */
268 if (old_ldt) {
269 bcopy((char *)&old_ldt->ldt[0],
270 (char *)&new_ldt->ldt[0],
271 old_ldt->desc.limit_low + 1);
272 }
273 else if (thr_act == current_thread()) {
274 struct real_descriptor template = {0, 0, 0, ACC_P, 0, 0 ,0};
275
276 for (dp = &new_ldt->ldt[0], i = 0; i < first_desc; i++, dp++) {
277 if (i < LDTSZ)
278 *dp = *(struct real_descriptor *) &ldt[i];
279 else
280 *dp = template;
281 }
282 }
283
284 temp = old_ldt;
285 old_ldt = new_ldt; /* use new LDT from now on */
286 new_ldt = temp; /* discard old LDT */
287
288 pcb->ims.ldt = old_ldt; /* new LDT for thread */
289 }
290
291 /*
292 * Install new descriptors.
293 */
294 bcopy((char *)desc_list,
295 (char *)&old_ldt->ldt[first_desc],
296 count * sizeof(struct real_descriptor));
297
298 simple_unlock(&pcb->lock);
299
300 if (new_ldt)
301 kfree((vm_offset_t)new_ldt,
302 new_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
303
304 /*
305 * Free the descriptor list.
306 */
307 (void) vm_map_remove(ipc_kernel_map, vm_map_trunc_page(desc_list),
308 vm_map_round_page(&desc_list[count]),
309 VM_MAP_REMOVE_KUNWIRE);
310 return KERN_SUCCESS;
311}
312
313kern_return_t
314i386_get_ldt(
315 thread_t thr_act,
316 int first_selector,
317 int selector_count, /* number wanted */
318 descriptor_list_t *desc_list, /* in/out */
319 mach_msg_type_number_t *count) /* in/out */
320{
321 struct user_ldt *user_ldt;
322 pcb_t pcb = thr_act->machine.pcb;
323 int first_desc = sel_idx(first_selector);
324 unsigned int ldt_count;
325 vm_size_t ldt_size;
326 vm_size_t size, size_needed;
327 vm_offset_t addr;
328 thread_t thread;
329
330 if (thr_act == THREAD_NULL)
331 return KERN_INVALID_ARGUMENT;
332
333 if (first_desc < 0 || first_desc > 8191)
334 return KERN_INVALID_ARGUMENT;
335 if (first_desc + selector_count >= 8192)
336 return KERN_INVALID_ARGUMENT;
337
338 addr = 0;
339 size = 0;
340
341 for (;;) {
342 simple_lock(&pcb->lock);
343 user_ldt = pcb->ims.ldt;
344 if (user_ldt == 0) {
345 simple_unlock(&pcb->lock);
346 if (addr)
347 kmem_free(ipc_kernel_map, addr, size);
348 *count = 0;
349 return KERN_SUCCESS;
350 }
351
352 /*
353 * Find how many descriptors we should return.
354 */
355 ldt_count = (user_ldt->desc.limit_low + 1) /
356 sizeof (struct real_descriptor);
357 ldt_count -= first_desc;
358 if (ldt_count > selector_count)
359 ldt_count = selector_count;
360
361 ldt_size = ldt_count * sizeof(struct real_descriptor);
362
363 /*
364 * Do we have the memory we need?
365 */
366 if (ldt_count <= *count)
367 break; /* fits in-line */
368
369 size_needed = round_page(ldt_size);
370 if (size_needed <= size)
371 break;
372
373 /*
374 * Unlock the pcb and allocate more memory
375 */
376 simple_unlock(&pcb->lock);
377
378 if (size != 0)
379 kmem_free(ipc_kernel_map, addr, size);
380
381 size = size_needed;
382
383 if (kmem_alloc(ipc_kernel_map, &addr, size)
384 != KERN_SUCCESS)
385 return KERN_RESOURCE_SHORTAGE;
386 }
387
388 /*
389 * copy out the descriptors
390 */
391 bcopy((char *)&user_ldt->ldt[first_desc],
392 (char *)addr,
393 ldt_size);
394 *count = ldt_count;
395 simple_unlock(&pcb->lock);
396
397 if (addr) {
398 vm_size_t size_used, size_left;
399 vm_map_copy_t memory;
400
401 /*
402 * Free any unused memory beyond the end of the last page used
403 */
404 size_used = round_page(ldt_size);
405 if (size_used != size)
406 kmem_free(ipc_kernel_map,
407 addr + size_used, size - size_used);
408
409 /*
410 * Zero the remainder of the page being returned.
411 */
412 size_left = size_used - ldt_size;
413 if (size_left > 0)
414 bzero((char *)addr + ldt_size, size_left);
415
416 /*
417 * Unwire the memory and make it into copyin form.
418 */
419 (void) vm_map_unwire(ipc_kernel_map, vm_map_trunc_page(addr),
420 vm_map_round_page(addr + size_used), FALSE);
421 (void) vm_map_copyin(ipc_kernel_map, (vm_map_address_t)addr,
422 (vm_map_size_t)size_used, TRUE, &memory);
423 *desc_list = (descriptor_list_t) memory;
424 }
425
426 return KERN_SUCCESS;
427}
428
429#endif
430void
431user_ldt_free(
432 user_ldt_t user_ldt)
433{
434 kfree(user_ldt,
435 user_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
436}
mirror of XNU