]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kern_sfi.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3789.1.32.tar.gz
[apple/xnu.git] / bsd / kern / kern_sfi.c
1 /*
2 * Copyright (c) 2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 *
28 */
29
30 #include <kern/assert.h>
31 #include <kern/locks.h>
32 #include <kern/task.h>
33 #include <kern/thread.h>
34 #include <kern/sfi.h>
35 #include <libkern/libkern.h>
36 #include <mach/mach_time.h>
37 #include <pexpert/pexpert.h>
38 #include <sys/proc.h>
39 #include <sys/proc_info.h>
40 #include <sys/sysproto.h>
41 #include <sys/sfi.h>
42 #include <sys/kdebug.h>
43 #include <sys/priv.h>
44 #include <kern/policy_internal.h>
45
46 /*
47 * This file provides the syscall-based configuration facility
48 * for Selective Forced Idle (SFI). Input arguments have basic checking
49 * applied here, although more specific semantic checking is done in
50 * osfmk/kern/sfi.c. All copyin()/copyout() operations are performed
51 * in this source file.
52 */
53
54 #define SFI_DEBUG 0
55
56 #if SFI_DEBUG
57 #define dprintf(...) printf(__VA_ARGS__)
58 #else
59 #define dprintf(...) do { } while(0)
60 #endif
61
62 static int proc_apply_sfi_managed(proc_t p, void * arg);
63
64 int sfi_ctl(struct proc *p __unused, struct sfi_ctl_args *uap, int32_t *retval __unused)
65 {
66 uint32_t operation = uap->operation;
67 int error = 0;
68 kern_return_t kret = KERN_SUCCESS;
69 uint64_t out_time = 0;
70
71 switch (operation) {
72 case SFI_CTL_OPERATION_SFI_SET_WINDOW:
73 if (uap->out_time != USER_ADDR_NULL) {
74 return EINVAL;
75 }
76 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
77 return EINVAL;
78 }
79
80 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
81 if (error) {
82 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
83 return (error);
84 } else {
85 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
86 }
87
88 if (uap->time == 0) {
89 /* actually a cancel */
90 kret = sfi_window_cancel();
91 } else {
92 kret = sfi_set_window(uap->time);
93 }
94
95 if (kret) {
96 error = EINVAL;
97 }
98
99 break;
100 case SFI_CTL_OPERATION_SFI_GET_WINDOW:
101 if (uap->time != 0) {
102 return EINVAL;
103 }
104 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
105 return EINVAL;
106 }
107
108 kret = sfi_get_window(&out_time);
109 if (kret == KERN_SUCCESS) {
110 error = copyout(&out_time, uap->out_time, sizeof(out_time));
111 } else {
112 error = EINVAL;
113 }
114
115 break;
116 case SFI_CTL_OPERATION_SET_CLASS_OFFTIME:
117 if (uap->out_time != USER_ADDR_NULL) {
118 return EINVAL;
119 }
120
121 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
122 if (error) {
123 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
124 return (error);
125 } else {
126 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
127 }
128
129 if (uap->time == 0) {
130 /* actually a cancel */
131 kret = sfi_class_offtime_cancel(uap->sfi_class);
132 } else {
133 kret = sfi_set_class_offtime(uap->sfi_class, uap->time);
134 }
135
136 if (kret) {
137 error = EINVAL;
138 }
139
140 break;
141 case SFI_CTL_OPERATION_GET_CLASS_OFFTIME:
142 if (uap->time != 0) {
143 return EINVAL;
144 }
145
146 kret = sfi_get_class_offtime(uap->sfi_class, &out_time);
147 if (kret == KERN_SUCCESS) {
148 error = copyout(&out_time, uap->out_time, sizeof(out_time));
149 } else {
150 error = EINVAL;
151 }
152
153 break;
154 default:
155 error = ENOTSUP;
156 break;
157 }
158
159 return error;
160 }
161
162 static int proc_apply_sfi_managed(proc_t p, void * arg)
163 {
164 uint32_t flags = *(uint32_t *)arg;
165 pid_t pid = p->p_pid;
166 boolean_t managed_enabled = (flags == SFI_PROCESS_SET_MANAGED)? TRUE : FALSE;
167
168 if (pid == 0) { /* ignore setting on kernproc */
169 return PROC_RETURNED;
170 }
171
172 if (managed_enabled) {
173 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_SET_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
174 } else {
175 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_CLEAR_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
176 }
177
178 proc_set_task_policy(p->task,
179 TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED,
180 managed_enabled ? TASK_POLICY_ENABLE : TASK_POLICY_DISABLE);
181
182 return PROC_RETURNED;
183 }
184
185 int sfi_pidctl(struct proc *p __unused, struct sfi_pidctl_args *uap, int32_t *retval __unused)
186 {
187 uint32_t operation = uap->operation;
188 pid_t pid = uap->pid;
189 int error = 0;
190 uint32_t out_flags = 0;
191 boolean_t managed_enabled;
192 proc_t targetp;
193
194 switch (operation) {
195 case SFI_PIDCTL_OPERATION_PID_SET_FLAGS:
196 if (uap->out_sfi_flags != USER_ADDR_NULL
197 || !(uap->sfi_flags & SFI_PROCESS_SET_MANAGED_MASK)
198 || uap->sfi_flags == SFI_PROCESS_SET_MANAGED_MASK) {
199 return EINVAL;
200 }
201
202 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
203 if (error) {
204 dprintf("%s failed privilege check for sfi_pidctl: %d\n", p->p_comm, error);
205 return (error);
206 } else {
207 dprintf("%s succeeded privilege check for sfi_pidctl\n", p->p_comm);
208 }
209
210 if (uap->pid == 0) {
211 /* only allow SFI_PROCESS_SET_UNMANAGED for pid 0 */
212 if (uap->sfi_flags != SFI_PROCESS_SET_UNMANAGED) {
213 return EINVAL;
214 }
215
216 proc_iterate(PROC_ALLPROCLIST, proc_apply_sfi_managed, (void *)&uap->sfi_flags, NULL, NULL);
217 break;
218 }
219
220 targetp = proc_find(pid);
221 if (!targetp) {
222 error = ESRCH;
223 break;
224 }
225
226 proc_apply_sfi_managed(targetp, (void *)&uap->sfi_flags);
227
228 proc_rele(targetp);
229
230 break;
231 case SFI_PIDCTL_OPERATION_PID_GET_FLAGS:
232 if (uap->sfi_flags != 0) {
233 return EINVAL;
234 }
235 if (uap->pid == 0) {
236 return EINVAL;
237 }
238
239 targetp = proc_find(pid);
240 if (!targetp) {
241 error = ESRCH;
242 break;
243 }
244
245 managed_enabled = proc_get_task_policy(targetp->task, TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED);
246
247 proc_rele(targetp);
248
249 out_flags = managed_enabled ? SFI_PROCESS_SET_MANAGED : SFI_PROCESS_SET_UNMANAGED;
250
251 error = copyout(&out_flags, uap->out_sfi_flags, sizeof(out_flags));
252
253 break;
254 default:
255 error = ENOTSUP;
256 break;
257 }
258
259 return error;
260 }
mirror of XNU