]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kern/ipc_mig.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-7195.60.75.tar.gz
[apple/xnu.git] / osfmk / kern / ipc_mig.c
1 /*
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * @OSF_COPYRIGHT@
30 */
31 /*
32 * Mach Operating System
33 * Copyright (c) 1991,1990 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56 /*
57 */
58
59 #include <mach/boolean.h>
60 #include <mach/port.h>
61 #include <mach/mig.h>
62 #include <mach/mig_errors.h>
63 #include <mach/mach_types.h>
64 #include <mach/mach_traps.h>
65
66 #include <kern/ipc_tt.h>
67 #include <kern/ipc_mig.h>
68 #include <kern/kalloc.h>
69 #include <kern/task.h>
70 #include <kern/thread.h>
71 #include <kern/ipc_kobject.h>
72 #include <kern/misc_protos.h>
73
74 #include <ipc/port.h>
75 #include <ipc/ipc_kmsg.h>
76 #include <ipc/ipc_entry.h>
77 #include <ipc/ipc_object.h>
78 #include <ipc/ipc_mqueue.h>
79 #include <ipc/ipc_space.h>
80 #include <ipc/ipc_port.h>
81 #include <ipc/ipc_pset.h>
82 #include <ipc/ipc_notify.h>
83 #include <vm/vm_map.h>
84
85 #include <libkern/OSAtomic.h>
86
87 void
88 mach_msg_receive_results_complete(ipc_object_t object);
89
90 /*
91 * Routine: mach_msg_send_from_kernel
92 * Purpose:
93 * Send a message from the kernel.
94 *
95 * This is used by the client side of KernelUser interfaces
96 * to implement SimpleRoutines. Currently, this includes
97 * memory_object messages.
98 * Conditions:
99 * Nothing locked.
100 * Returns:
101 * MACH_MSG_SUCCESS Sent the message.
102 * MACH_SEND_INVALID_DEST Bad destination port.
103 * MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
104 * or destination is above kernel limit
105 */
106
107 #if IKM_SUPPORT_LEGACY
108
109 #undef mach_msg_send_from_kernel
110 mach_msg_return_t mach_msg_send_from_kernel(
111 mach_msg_header_t *msg,
112 mach_msg_size_t send_size);
113
114 mach_msg_return_t
115 mach_msg_send_from_kernel(
116 mach_msg_header_t *msg,
117 mach_msg_size_t send_size)
118 {
119 ipc_kmsg_t kmsg;
120 mach_msg_return_t mr;
121
122 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
123
124 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
125 if (mr != MACH_MSG_SUCCESS) {
126 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
127 return mr;
128 }
129
130 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
131 if (mr != MACH_MSG_SUCCESS) {
132 ipc_kmsg_free(kmsg);
133 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
134 return mr;
135 }
136
137 /*
138 * respect the thread's SEND_IMPORTANCE option to allow importance
139 * donation from the kernel-side of user threads
140 * (11938665 & 23925818)
141 */
142 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
143 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
144 option &= ~MACH_SEND_NOIMPORTANCE;
145 }
146
147 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
148 if (mr != MACH_MSG_SUCCESS) {
149 ipc_kmsg_destroy(kmsg);
150 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
151 }
152
153 return mr;
154 }
155
156 #endif /* IKM_SUPPORT_LEGACY */
157
158 mach_msg_return_t
159 mach_msg_send_from_kernel_proper(
160 mach_msg_header_t *msg,
161 mach_msg_size_t send_size)
162 {
163 ipc_kmsg_t kmsg;
164 mach_msg_return_t mr;
165
166 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
167
168 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
169 if (mr != MACH_MSG_SUCCESS) {
170 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
171 return mr;
172 }
173
174 mr = ipc_kmsg_copyin_from_kernel(kmsg);
175 if (mr != MACH_MSG_SUCCESS) {
176 ipc_kmsg_free(kmsg);
177 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
178 return mr;
179 }
180
181 /*
182 * respect the thread's SEND_IMPORTANCE option to force importance
183 * donation from the kernel-side of user threads
184 * (11938665 & 23925818)
185 */
186 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
187 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
188 option &= ~MACH_SEND_NOIMPORTANCE;
189 }
190
191 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
192 if (mr != MACH_MSG_SUCCESS) {
193 ipc_kmsg_destroy(kmsg);
194 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
195 }
196
197 return mr;
198 }
199
200 mach_msg_return_t
201 mach_msg_send_from_kernel_with_options(
202 mach_msg_header_t *msg,
203 mach_msg_size_t send_size,
204 mach_msg_option_t option,
205 mach_msg_timeout_t timeout_val)
206 {
207 return kernel_mach_msg_send(msg, send_size, option, timeout_val, NULL);
208 }
209
210 mach_msg_return_t
211 kernel_mach_msg_send(
212 mach_msg_header_t *msg,
213 mach_msg_size_t send_size,
214 mach_msg_option_t option,
215 mach_msg_timeout_t timeout_val,
216 boolean_t *message_moved)
217 {
218 ipc_kmsg_t kmsg;
219 mach_msg_return_t mr;
220
221 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
222
223 if (message_moved) {
224 *message_moved = FALSE;
225 }
226
227 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
228 if (mr != MACH_MSG_SUCCESS) {
229 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
230 return mr;
231 }
232
233 mr = ipc_kmsg_copyin_from_kernel(kmsg);
234 if (mr != MACH_MSG_SUCCESS) {
235 ipc_kmsg_free(kmsg);
236 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
237 return mr;
238 }
239
240 if (message_moved) {
241 *message_moved = TRUE;
242 }
243
244 /*
245 * Until we are sure of its effects, we are disabling
246 * importance donation from the kernel-side of user
247 * threads in importance-donating tasks - unless the
248 * option to force importance donation is passed in,
249 * or the thread's SEND_IMPORTANCE option has been set.
250 * (11938665 & 23925818)
251 */
252 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
253 option &= ~MACH_SEND_NOIMPORTANCE;
254 } else if ((option & MACH_SEND_IMPORTANCE) == 0) {
255 option |= MACH_SEND_NOIMPORTANCE;
256 }
257
258 mr = ipc_kmsg_send(kmsg, option, timeout_val);
259
260 if (mr != MACH_MSG_SUCCESS) {
261 ipc_kmsg_destroy(kmsg);
262 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
263 }
264
265 return mr;
266 }
267
268
269 #if IKM_SUPPORT_LEGACY
270
271 mach_msg_return_t
272 mach_msg_send_from_kernel_with_options_legacy(
273 mach_msg_header_t *msg,
274 mach_msg_size_t send_size,
275 mach_msg_option_t option,
276 mach_msg_timeout_t timeout_val)
277 {
278 ipc_kmsg_t kmsg;
279 mach_msg_return_t mr;
280
281 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
282
283 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
284 if (mr != MACH_MSG_SUCCESS) {
285 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
286 return mr;
287 }
288
289 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
290 if (mr != MACH_MSG_SUCCESS) {
291 ipc_kmsg_free(kmsg);
292 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
293 return mr;
294 }
295
296 /*
297 * Until we are sure of its effects, we are disabling
298 * importance donation from the kernel-side of user
299 * threads in importance-donating tasks.
300 * (11938665 & 23925818)
301 */
302 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
303 option &= ~MACH_SEND_NOIMPORTANCE;
304 } else {
305 option |= MACH_SEND_NOIMPORTANCE;
306 }
307
308 mr = ipc_kmsg_send(kmsg, option, timeout_val);
309
310 if (mr != MACH_MSG_SUCCESS) {
311 ipc_kmsg_destroy(kmsg);
312 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
313 }
314
315 return mr;
316 }
317
318 #endif /* IKM_SUPPORT_LEGACY */
319
320 /*
321 * Routine: mach_msg_rpc_from_kernel
322 * Purpose:
323 * Send a message from the kernel and receive a reply.
324 * Uses ith_rpc_reply for the reply port.
325 *
326 * This is used by the client side of KernelUser interfaces
327 * to implement Routines.
328 * Conditions:
329 * Nothing locked.
330 * Returns:
331 * MACH_MSG_SUCCESS Sent the message.
332 * MACH_RCV_PORT_DIED The reply port was deallocated.
333 */
334
335 #if IKM_SUPPORT_LEGACY
336
337 #undef mach_msg_rpc_from_kernel
338 mach_msg_return_t
339 mach_msg_rpc_from_kernel(
340 mach_msg_header_t *msg,
341 mach_msg_size_t send_size,
342 mach_msg_size_t rcv_size);
343
344 mach_msg_return_t
345 mach_msg_rpc_from_kernel(
346 mach_msg_header_t *msg,
347 mach_msg_size_t send_size,
348 mach_msg_size_t rcv_size)
349 {
350 return kernel_mach_msg_rpc(msg, send_size, rcv_size, TRUE, NULL);
351 }
352 #endif /* IKM_SUPPORT_LEGACY */
353
354 mach_msg_return_t
355 mach_msg_rpc_from_kernel_proper(
356 mach_msg_header_t *msg,
357 mach_msg_size_t send_size,
358 mach_msg_size_t rcv_size)
359 {
360 return kernel_mach_msg_rpc(msg, send_size, rcv_size, FALSE, NULL);
361 }
362
363 mach_msg_return_t
364 kernel_mach_msg_rpc(
365 mach_msg_header_t *msg,
366 mach_msg_size_t send_size,
367 mach_msg_size_t rcv_size,
368 #if !IKM_SUPPORT_LEGACY
369 __unused
370 #endif
371 boolean_t legacy,
372 boolean_t *message_moved)
373 {
374 thread_t self = current_thread();
375 ipc_port_t reply;
376 ipc_kmsg_t kmsg;
377 mach_port_seqno_t seqno;
378 mach_msg_return_t mr;
379
380 assert(msg->msgh_local_port == MACH_PORT_NULL);
381
382 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
383
384 if (message_moved) {
385 *message_moved = FALSE;
386 }
387
388 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
389 if (mr != MACH_MSG_SUCCESS) {
390 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
391 return mr;
392 }
393
394 reply = self->ith_rpc_reply;
395 if (reply == IP_NULL) {
396 reply = ipc_port_alloc_reply();
397 if ((reply == IP_NULL) ||
398 (self->ith_rpc_reply != IP_NULL)) {
399 panic("mach_msg_rpc_from_kernel");
400 }
401 self->ith_rpc_reply = reply;
402 }
403
404 /* insert send-once right for the reply port */
405 kmsg->ikm_header->msgh_local_port = reply;
406 kmsg->ikm_header->msgh_bits |=
407 MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);
408
409 #if IKM_SUPPORT_LEGACY
410 if (legacy) {
411 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
412 } else {
413 mr = ipc_kmsg_copyin_from_kernel(kmsg);
414 }
415 #else
416 mr = ipc_kmsg_copyin_from_kernel(kmsg);
417 #endif
418 if (mr != MACH_MSG_SUCCESS) {
419 ipc_kmsg_free(kmsg);
420 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
421 return mr;
422 }
423
424 if (message_moved) {
425 *message_moved = TRUE;
426 }
427
428 /*
429 * respect the thread's SEND_IMPORTANCE option to force importance
430 * donation from the kernel-side of user threads
431 * (11938665 & 23925818)
432 */
433 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
434 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE) {
435 option &= ~MACH_SEND_NOIMPORTANCE;
436 }
437
438 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
439 if (mr != MACH_MSG_SUCCESS) {
440 ipc_kmsg_destroy(kmsg);
441 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
442 return mr;
443 }
444
445 for (;;) {
446 ipc_mqueue_t mqueue;
447
448 assert(reply->ip_in_pset == 0);
449 require_ip_active(reply);
450
451 /* JMM - why this check? */
452 if (!self->active && !self->inspection) {
453 ipc_port_dealloc_reply(reply);
454 self->ith_rpc_reply = IP_NULL;
455 return MACH_RCV_INTERRUPTED;
456 }
457
458 self->ith_continuation = (void (*)(mach_msg_return_t))0;
459
460 mqueue = &reply->ip_messages;
461 ipc_mqueue_receive(mqueue,
462 MACH_MSG_OPTION_NONE,
463 MACH_MSG_SIZE_MAX,
464 MACH_MSG_TIMEOUT_NONE,
465 THREAD_INTERRUPTIBLE);
466
467 mr = self->ith_state;
468 kmsg = self->ith_kmsg;
469 seqno = self->ith_seqno;
470
471 mach_msg_receive_results_complete(ip_to_object(reply));
472
473 if (mr == MACH_MSG_SUCCESS) {
474 break;
475 }
476
477 assert(mr == MACH_RCV_INTERRUPTED);
478
479 assert(reply == self->ith_rpc_reply);
480
481 if (self->ast & AST_APC) {
482 ipc_port_dealloc_reply(reply);
483 self->ith_rpc_reply = IP_NULL;
484 return mr;
485 }
486 }
487
488 mach_msg_format_0_trailer_t *trailer = (mach_msg_format_0_trailer_t *)
489 ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
490
491 /* must be able to receive message proper */
492 if (rcv_size < kmsg->ikm_header->msgh_size) {
493 ipc_kmsg_destroy(kmsg);
494 return MACH_RCV_TOO_LARGE;
495 }
496
497 /*
498 * We want to preserve rights and memory in reply!
499 * We don't have to put them anywhere; just leave them
500 * as they are.
501 */
502 #if IKM_SUPPORT_LEGACY
503 if (legacy) {
504 ipc_kmsg_copyout_to_kernel_legacy(kmsg, ipc_space_reply);
505 } else {
506 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
507 }
508 #else
509 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
510 #endif
511
512 /* Determine what trailer bits we can receive (as no option specified) */
513 if (rcv_size < kmsg->ikm_header->msgh_size + MACH_MSG_TRAILER_MINIMUM_SIZE) {
514 rcv_size = kmsg->ikm_header->msgh_size;
515 } else {
516 if (rcv_size >= kmsg->ikm_header->msgh_size + MAX_TRAILER_SIZE) {
517 /*
518 * Enough room for a maximum trailer.
519 * JMM - we really should set the expected receiver-set fields:
520 * (seqno, context, filterid, etc...) but nothing currently
521 * expects them anyway.
522 */
523 trailer->msgh_trailer_size = MAX_TRAILER_SIZE;
524 } else {
525 assert(trailer->msgh_trailer_size == MACH_MSG_TRAILER_MINIMUM_SIZE);
526 }
527 rcv_size = kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size;
528 }
529 assert(trailer->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0);
530 mr = MACH_MSG_SUCCESS;
531
532 ipc_kmsg_put_to_kernel(msg, kmsg, rcv_size);
533 return mr;
534 }
535
536 /*
537 * Routine: mach_msg_destroy_from_kernel_proper
538 * Purpose:
539 * mach_msg_destroy_from_kernel_proper is used to destroy
540 * an unwanted/unexpected reply message from a MIG
541 * kernel-specific user-side stub. It is like ipc_kmsg_destroy(),
542 * except we no longer have the kmsg - just the contents.
543 */
544 void
545 mach_msg_destroy_from_kernel_proper(mach_msg_header_t *msg)
546 {
547 mach_msg_bits_t mbits = msg->msgh_bits;
548 ipc_object_t object;
549
550 object = (ipc_object_t) msg->msgh_remote_port;
551 if (IO_VALID(object)) {
552 ipc_object_destroy(object, MACH_MSGH_BITS_REMOTE(mbits));
553 }
554
555 /*
556 * The destination (now in msg->msgh_local_port via
557 * ipc_kmsg_copyout_to_kernel) has been consumed with
558 * ipc_object_copyout_dest.
559 */
560
561 /* MIG kernel users don't receive vouchers */
562 assert(!MACH_MSGH_BITS_VOUCHER(mbits));
563
564 /* For simple messages, we're done */
565 if ((mbits & MACH_MSGH_BITS_COMPLEX) == 0) {
566 return;
567 }
568
569 /* Discard descriptor contents */
570 mach_msg_body_t *body = (mach_msg_body_t *)(msg + 1);
571 mach_msg_descriptor_t *daddr = (mach_msg_descriptor_t *)(body + 1);
572 mach_msg_size_t i;
573
574 for (i = 0; i < body->msgh_descriptor_count; i++, daddr++) {
575 switch (daddr->type.type) {
576 case MACH_MSG_PORT_DESCRIPTOR: {
577 mach_msg_port_descriptor_t *dsc = &daddr->port;
578 if (IO_VALID((ipc_object_t) dsc->name)) {
579 ipc_object_destroy((ipc_object_t) dsc->name, dsc->disposition);
580 }
581 break;
582 }
583 case MACH_MSG_OOL_VOLATILE_DESCRIPTOR:
584 case MACH_MSG_OOL_DESCRIPTOR: {
585 mach_msg_ool_descriptor_t *dsc =
586 (mach_msg_ool_descriptor_t *)&daddr->out_of_line;
587
588 if (dsc->size > 0) {
589 vm_map_copy_discard((vm_map_copy_t) dsc->address);
590 } else {
591 assert(dsc->address == (void *) 0);
592 }
593 break;
594 }
595 case MACH_MSG_OOL_PORTS_DESCRIPTOR: {
596 ipc_object_t *objects;
597 mach_msg_type_number_t j;
598 mach_msg_ool_ports_descriptor_t *dsc;
599
600 dsc = (mach_msg_ool_ports_descriptor_t *)&daddr->ool_ports;
601 objects = (ipc_object_t *) dsc->address;
602
603 if (dsc->count == 0) {
604 break;
605 }
606 assert(objects != 0);
607 for (j = 0; j < dsc->count; j++) {
608 object = objects[j];
609 if (IO_VALID(object)) {
610 ipc_object_destroy(object, dsc->disposition);
611 }
612 }
613 kfree(dsc->address, (vm_size_t) dsc->count * sizeof(mach_port_t));
614 break;
615 }
616 case MACH_MSG_GUARDED_PORT_DESCRIPTOR: {
617 mach_msg_guarded_port_descriptor_t *dsc = (mach_msg_guarded_port_descriptor_t *)&daddr->guarded_port;
618 if (IO_VALID((ipc_object_t) dsc->name)) {
619 ipc_object_destroy((ipc_object_t) dsc->name, dsc->disposition);
620 }
621 break;
622 }
623 default:
624 break;
625 }
626 }
627 }
628
629 /************** These Calls are set up for kernel-loaded tasks/threads **************/
630
631 /*
632 * Routine: mach_msg_overwrite
633 * Purpose:
634 * Like mach_msg_overwrite_trap except that message buffers
635 * live in kernel space. Doesn't handle any options.
636 *
637 * This is used by in-kernel server threads to make
638 * kernel calls, to receive request messages, and
639 * to send reply messages.
640 * Conditions:
641 * Nothing locked.
642 * Returns:
643 */
644
645 mach_msg_return_t
646 mach_msg_overwrite(
647 mach_msg_header_t *msg,
648 mach_msg_option_t option,
649 mach_msg_size_t send_size,
650 mach_msg_size_t rcv_size,
651 mach_port_name_t rcv_name,
652 __unused mach_msg_timeout_t msg_timeout,
653 mach_msg_priority_t priority,
654 __unused mach_msg_header_t *rcv_msg,
655 __unused mach_msg_size_t rcv_msg_size)
656 {
657 ipc_space_t space = current_space();
658 vm_map_t map = current_map();
659 ipc_kmsg_t kmsg;
660 mach_port_seqno_t seqno;
661 mach_msg_return_t mr;
662 mach_msg_trailer_size_t trailer_size;
663
664 if (option & MACH_SEND_MSG) {
665 mach_msg_size_t msg_and_trailer_size;
666 mach_msg_max_trailer_t *max_trailer;
667
668 if ((send_size & 3) ||
669 send_size < sizeof(mach_msg_header_t) ||
670 (send_size < sizeof(mach_msg_base_t) && (msg->msgh_bits & MACH_MSGH_BITS_COMPLEX))) {
671 return MACH_SEND_MSG_TOO_SMALL;
672 }
673
674 if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE) {
675 return MACH_SEND_TOO_LARGE;
676 }
677
678 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
679
680 msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
681 kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
682
683 if (kmsg == IKM_NULL) {
684 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, MACH_SEND_NO_BUFFER);
685 return MACH_SEND_NO_BUFFER;
686 }
687
688 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_LINK) | DBG_FUNC_NONE,
689 (uintptr_t)0, /* this should only be called from the kernel! */
690 VM_KERNEL_ADDRPERM((uintptr_t)kmsg),
691 0, 0,
692 0);
693 (void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);
694
695 kmsg->ikm_header->msgh_size = send_size;
696
697 /*
698 * Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
699 * However, the internal size field of the trailer (msgh_trailer_size)
700 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
701 * the cases where no implicit data is requested.
702 */
703 max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
704 bzero(max_trailer, sizeof(*max_trailer));
705 max_trailer->msgh_sender = current_thread()->task->sec_token;
706 max_trailer->msgh_audit = current_thread()->task->audit_token;
707 max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
708 max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
709
710 mr = ipc_kmsg_copyin(kmsg, space, map, priority, &option);
711
712 if (mr != MACH_MSG_SUCCESS) {
713 ipc_kmsg_free(kmsg);
714 KDBG(MACHDBG_CODE(DBG_MACH_IPC, MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
715 return mr;
716 }
717
718 do {
719 mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE, MACH_MSG_TIMEOUT_NONE);
720 } while (mr == MACH_SEND_INTERRUPTED);
721
722 assert(mr == MACH_MSG_SUCCESS);
723 }
724
725 if (option & MACH_RCV_MSG) {
726 thread_t self = current_thread();
727 mach_vm_address_t context;
728
729 do {
730 ipc_object_t object;
731 ipc_mqueue_t mqueue;
732
733 mr = ipc_mqueue_copyin(space, rcv_name,
734 &mqueue, &object);
735 if (mr != MACH_MSG_SUCCESS) {
736 return mr;
737 }
738
739 /* hold ref for object */
740
741 self->ith_continuation = (void (*)(mach_msg_return_t))0;
742 ipc_mqueue_receive(mqueue,
743 MACH_MSG_OPTION_NONE,
744 MACH_MSG_SIZE_MAX,
745 MACH_MSG_TIMEOUT_NONE,
746 THREAD_ABORTSAFE);
747 mr = self->ith_state;
748 kmsg = self->ith_kmsg;
749 seqno = self->ith_seqno;
750
751 mach_msg_receive_results_complete(object);
752 io_release(object);
753 } while (mr == MACH_RCV_INTERRUPTED);
754
755 if (mr != MACH_MSG_SUCCESS) {
756 return mr;
757 }
758
759 trailer_size = ipc_kmsg_trailer_size(option, self);
760
761 if (rcv_size < (kmsg->ikm_header->msgh_size + trailer_size)) {
762 ipc_kmsg_copyout_dest(kmsg, space);
763 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
764 ipc_kmsg_free(kmsg);
765 return MACH_RCV_TOO_LARGE;
766 }
767
768 /* Save destination port context for the trailer before copyout */
769 context = kmsg->ikm_header->msgh_remote_port->ip_context;
770
771 mr = ipc_kmsg_copyout(kmsg, space, map, MACH_MSG_BODY_NULL, option);
772
773 if (mr != MACH_MSG_SUCCESS) {
774 if ((mr & ~MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
775 ipc_kmsg_add_trailer(kmsg, space, option, self, seqno, TRUE, context);
776 ipc_kmsg_put_to_kernel(msg, kmsg,
777 kmsg->ikm_header->msgh_size + trailer_size);
778 } else {
779 ipc_kmsg_copyout_dest(kmsg, space);
780 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
781 ipc_kmsg_free(kmsg);
782 }
783
784 return mr;
785 }
786 ipc_kmsg_add_trailer(kmsg, space, option, self, seqno, TRUE, context);
787 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
788 kmsg->ikm_header->msgh_size + trailer_size);
789 ipc_kmsg_free(kmsg);
790 }
791
792 return MACH_MSG_SUCCESS;
793 }
794
795 /*
796 * Routine: mig_get_reply_port
797 * Purpose:
798 * Called by client side interfaces living in the kernel
799 * to get a reply port.
800 */
801 mach_port_t
802 mig_get_reply_port(void)
803 {
804 return MACH_PORT_NULL;
805 }
806
807 /*
808 * Routine: mig_dealloc_reply_port
809 * Purpose:
810 * Called by client side interfaces to get rid of a reply port.
811 */
812
813 void
814 mig_dealloc_reply_port(
815 __unused mach_port_t reply_port)
816 {
817 }
818
819 /*
820 * Routine: mig_put_reply_port
821 * Purpose:
822 * Called by client side interfaces after each RPC to
823 * let the client recycle the reply port if it wishes.
824 */
825 void
826 mig_put_reply_port(
827 __unused mach_port_t reply_port)
828 {
829 }
830
831 /*
832 * mig_strncpy.c - by Joshua Block
833 *
834 * mig_strncp -- Bounded string copy. Does what the library routine strncpy
835 * OUGHT to do: Copies the (null terminated) string in src into dest, a
836 * buffer of length len. Assures that the copy is still null terminated
837 * and doesn't overflow the buffer, truncating the copy if necessary.
838 *
839 * Parameters:
840 *
841 * dest - Pointer to destination buffer.
842 *
843 * src - Pointer to source string.
844 *
845 * len - Length of destination buffer.
846 */
847 int
848 mig_strncpy(
849 char *dest,
850 const char *src,
851 int len)
852 {
853 int i = 0;
854
855 if (len > 0) {
856 if (dest != NULL) {
857 if (src != NULL) {
858 for (i = 1; i < len; i++) {
859 if (!(*dest++ = *src++)) {
860 return i;
861 }
862 }
863 }
864 *dest = '\0';
865 }
866 }
867 return i;
868 }
869
870 /*
871 * mig_strncpy_zerofill -- Bounded string copy. Does what the
872 * library routine strncpy OUGHT to do: Copies the (null terminated)
873 * string in src into dest, a buffer of length len. Assures that
874 * the copy is still null terminated and doesn't overflow the buffer,
875 * truncating the copy if necessary. If the string in src is smaller
876 * than given length len, it will zero fill the remaining bytes in dest.
877 *
878 * Parameters:
879 *
880 * dest - Pointer to destination buffer.
881 *
882 * src - Pointer to source string.
883 *
884 * len - Length of destination buffer.
885 */
886 int
887 mig_strncpy_zerofill(
888 char *dest,
889 const char *src,
890 int len)
891 {
892 int i = 0;
893 boolean_t terminated = FALSE;
894 int retval = 0;
895
896 if (len <= 0 || dest == NULL) {
897 return 0;
898 }
899
900 if (src == NULL) {
901 terminated = TRUE;
902 }
903
904 for (i = 1; i < len; i++) {
905 if (!terminated) {
906 if (!(*dest++ = *src++)) {
907 retval = i;
908 terminated = TRUE;
909 }
910 } else {
911 *dest++ = '\0';
912 }
913 }
914
915 *dest = '\0';
916 if (!terminated) {
917 retval = i;
918 }
919
920 return retval;
921 }
922
923 void *
924 mig_user_allocate(
925 vm_size_t size)
926 {
927 return (char *)kalloc(size);
928 }
929
930 void
931 mig_user_deallocate(
932 char *data,
933 vm_size_t size)
934 {
935 kfree(data, size);
936 }
937
938 /*
939 * Routine: mig_object_init
940 * Purpose:
941 * Initialize the base class portion of a MIG object. We
942 * will lazy init the port, so just clear it for now.
943 */
944 kern_return_t
945 mig_object_init(
946 mig_object_t mig_object,
947 const IMIGObject *interface)
948 {
949 if (mig_object == MIG_OBJECT_NULL) {
950 return KERN_INVALID_ARGUMENT;
951 }
952 mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
953 mig_object->port = MACH_PORT_NULL;
954 return KERN_SUCCESS;
955 }
956
957 /*
958 * Routine: mig_object_destroy
959 * Purpose:
960 * The object is being freed. This call lets us clean
961 * up any state we have have built up over the object's
962 * lifetime.
963 * Conditions:
964 * Since notifications and the port hold references on
965 * on the object, neither can exist when this is called.
966 * This is a good place to assert() that condition.
967 */
968 void
969 mig_object_destroy(
970 __assert_only mig_object_t mig_object)
971 {
972 assert(mig_object->port == MACH_PORT_NULL);
973 return;
974 }
975
976 /*
977 * Routine: mig_object_reference
978 * Purpose:
979 * Pure virtual helper to invoke the MIG object's AddRef
980 * method.
981 * Conditions:
982 * MIG object port may be locked.
983 */
984 void
985 mig_object_reference(
986 mig_object_t mig_object)
987 {
988 assert(mig_object != MIG_OBJECT_NULL);
989 mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
990 }
991
992 /*
993 * Routine: mig_object_deallocate
994 * Purpose:
995 * Pure virtual helper to invoke the MIG object's Release
996 * method.
997 * Conditions:
998 * Nothing locked.
999 */
1000 void
1001 mig_object_deallocate(
1002 mig_object_t mig_object)
1003 {
1004 assert(mig_object != MIG_OBJECT_NULL);
1005 ipc_port_t port = mig_object->port;
1006 if (mig_object->pVtbl->Release((IMIGObject *)mig_object) == 0) {
1007 if (IP_VALID(port)) {
1008 assert(!port->ip_srights);
1009 ipc_port_dealloc_kernel(port);
1010 }
1011 }
1012 }
1013
1014 /*
1015 * Routine: convert_mig_object_to_port [interface]
1016 * Purpose:
1017 * Base implementation of MIG outtrans routine to convert from
1018 * a mig object reference to a new send right on the object's
1019 * port. The object reference is consumed.
1020 * Returns:
1021 * IP_NULL - Null MIG object supplied
1022 * Otherwise, a newly made send right for the port
1023 * Conditions:
1024 * Nothing locked.
1025 */
1026 ipc_port_t
1027 convert_mig_object_to_port(
1028 mig_object_t mig_object)
1029 {
1030 if (mig_object == MIG_OBJECT_NULL) {
1031 return IP_NULL;
1032 }
1033
1034 /*
1035 * make a send right and donate our reference for mig_object_no_senders
1036 * if this is the first send right
1037 */
1038 if (!ipc_kobject_make_send_lazy_alloc_port(&mig_object->port,
1039 (ipc_kobject_t) mig_object, IKOT_MIG, false, 0)) {
1040 mig_object_deallocate(mig_object);
1041 }
1042
1043 return mig_object->port;
1044 }
1045
1046
1047 /*
1048 * Routine: convert_port_to_mig_object [interface]
1049 * Purpose:
1050 * Base implementation of MIG intrans routine to convert from
1051 * an incoming port reference to a new reference on the
1052 * underlying object. A new reference must be created, because
1053 * the port's reference could go away asynchronously.
1054 * Returns:
1055 * NULL - Not an active MIG object port or iid not supported
1056 * Otherwise, a reference to the underlying MIG interface
1057 * Conditions:
1058 * Nothing locked.
1059 */
1060 mig_object_t
1061 convert_port_to_mig_object(
1062 ipc_port_t port,
1063 const MIGIID *iid)
1064 {
1065 mig_object_t mig_object;
1066 void *ppv;
1067
1068 if (!IP_VALID(port)) {
1069 return NULL;
1070 }
1071
1072 ip_lock(port);
1073 if (!ip_active(port) || (ip_kotype(port) != IKOT_MIG)) {
1074 ip_unlock(port);
1075 return NULL;
1076 }
1077
1078 /*
1079 * Our port points to some MIG object interface. Now
1080 * query it to get a reference to the desired interface.
1081 */
1082 ppv = NULL;
1083 mig_object = (mig_object_t) ip_get_kobject(port);
1084 mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
1085 ip_unlock(port);
1086 return (mig_object_t)ppv;
1087 }
1088
1089 /*
1090 * Routine: mig_object_no_senders [interface]
1091 * Purpose:
1092 * Base implementation of a no-senders notification handler
1093 * for MIG objects. If there truly are no more senders, must
1094 * destroy the port and drop its reference on the object.
1095 * Conditions:
1096 * Nothing locked.
1097 */
1098 void
1099 mig_object_no_senders(
1100 ipc_port_t port)
1101 {
1102 require_ip_active(port);
1103 assert(IKOT_MIG == ip_kotype(port));
1104
1105 /* consume the reference donated by convert_mig_object_to_port */
1106 mig_object_deallocate((mig_object_t) ip_get_kobject(port));
1107 }
1108
1109 /*
1110 * Kernel implementation of the notification chain for MIG object
1111 * is kept separate from the actual objects, since there are expected
1112 * to be much fewer of them than actual objects.
1113 *
1114 * The implementation of this part of MIG objects is coming
1115 * "Real Soon Now"(TM).
1116 */
mirror of XNU