]> git.saurik.com Git - apple/xnu.git/blob - osfmk/kern/ipc_mig.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-4570.1.46.tar.gz
[apple/xnu.git] / osfmk / kern / ipc_mig.c
1 /*
2 * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * @OSF_COPYRIGHT@
30 */
31 /*
32 * Mach Operating System
33 * Copyright (c) 1991,1990 Carnegie Mellon University
34 * All Rights Reserved.
35 *
36 * Permission to use, copy, modify and distribute this software and its
37 * documentation is hereby granted, provided that both the copyright
38 * notice and this permission notice appear in all copies of the
39 * software, derivative works or modified versions, and any portions
40 * thereof, and that both notices appear in supporting documentation.
41 *
42 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
43 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
44 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
45 *
46 * Carnegie Mellon requests users of this software to return to
47 *
48 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
49 * School of Computer Science
50 * Carnegie Mellon University
51 * Pittsburgh PA 15213-3890
52 *
53 * any improvements or extensions that they make and grant Carnegie Mellon
54 * the rights to redistribute these changes.
55 */
56 /*
57 */
58
59 #include <mach/boolean.h>
60 #include <mach/port.h>
61 #include <mach/mig.h>
62 #include <mach/mig_errors.h>
63 #include <mach/mach_types.h>
64 #include <mach/mach_traps.h>
65
66 #include <kern/ipc_tt.h>
67 #include <kern/ipc_mig.h>
68 #include <kern/kalloc.h>
69 #include <kern/task.h>
70 #include <kern/thread.h>
71 #include <kern/ipc_kobject.h>
72 #include <kern/misc_protos.h>
73
74 #include <ipc/port.h>
75 #include <ipc/ipc_kmsg.h>
76 #include <ipc/ipc_entry.h>
77 #include <ipc/ipc_object.h>
78 #include <ipc/ipc_mqueue.h>
79 #include <ipc/ipc_space.h>
80 #include <ipc/ipc_port.h>
81 #include <ipc/ipc_pset.h>
82 #include <ipc/ipc_notify.h>
83 #include <vm/vm_map.h>
84
85 #include <libkern/OSAtomic.h>
86
87 /*
88 * Routine: mach_msg_send_from_kernel
89 * Purpose:
90 * Send a message from the kernel.
91 *
92 * This is used by the client side of KernelUser interfaces
93 * to implement SimpleRoutines. Currently, this includes
94 * memory_object messages.
95 * Conditions:
96 * Nothing locked.
97 * Returns:
98 * MACH_MSG_SUCCESS Sent the message.
99 * MACH_SEND_INVALID_DEST Bad destination port.
100 * MACH_MSG_SEND_NO_BUFFER Destination port had inuse fixed bufer
101 * or destination is above kernel limit
102 */
103
104 #if IKM_SUPPORT_LEGACY
105
106 #undef mach_msg_send_from_kernel
107 mach_msg_return_t mach_msg_send_from_kernel(
108 mach_msg_header_t *msg,
109 mach_msg_size_t send_size);
110
111 mach_msg_return_t
112 mach_msg_send_from_kernel(
113 mach_msg_header_t *msg,
114 mach_msg_size_t send_size)
115 {
116 ipc_kmsg_t kmsg;
117 mach_msg_return_t mr;
118
119 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
120
121 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
122 if (mr != MACH_MSG_SUCCESS) {
123 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
124 return mr;
125 }
126
127 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
128 if (mr != MACH_MSG_SUCCESS) {
129 ipc_kmsg_free(kmsg);
130 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
131 return mr;
132 }
133
134 /*
135 * respect the thread's SEND_IMPORTANCE option to allow importance
136 * donation from the kernel-side of user threads
137 * (11938665 & 23925818)
138 */
139 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
140 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE)
141 option &= ~MACH_SEND_NOIMPORTANCE;
142
143 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
144 if (mr != MACH_MSG_SUCCESS) {
145 ipc_kmsg_destroy(kmsg);
146 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
147 }
148
149 return mr;
150 }
151
152 #endif /* IKM_SUPPORT_LEGACY */
153
154 mach_msg_return_t
155 mach_msg_send_from_kernel_proper(
156 mach_msg_header_t *msg,
157 mach_msg_size_t send_size)
158 {
159 ipc_kmsg_t kmsg;
160 mach_msg_return_t mr;
161
162 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
163
164 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
165 if (mr != MACH_MSG_SUCCESS) {
166 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
167 return mr;
168 }
169
170 mr = ipc_kmsg_copyin_from_kernel(kmsg);
171 if (mr != MACH_MSG_SUCCESS) {
172 ipc_kmsg_free(kmsg);
173 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
174 return mr;
175 }
176
177 /*
178 * respect the thread's SEND_IMPORTANCE option to force importance
179 * donation from the kernel-side of user threads
180 * (11938665 & 23925818)
181 */
182 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
183 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE)
184 option &= ~MACH_SEND_NOIMPORTANCE;
185
186 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
187 if (mr != MACH_MSG_SUCCESS) {
188 ipc_kmsg_destroy(kmsg);
189 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
190 }
191
192 return mr;
193 }
194
195 mach_msg_return_t
196 mach_msg_send_from_kernel_with_options(
197 mach_msg_header_t *msg,
198 mach_msg_size_t send_size,
199 mach_msg_option_t option,
200 mach_msg_timeout_t timeout_val)
201 {
202 ipc_kmsg_t kmsg;
203 mach_msg_return_t mr;
204
205 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
206
207 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
208 if (mr != MACH_MSG_SUCCESS) {
209 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
210 return mr;
211 }
212
213 mr = ipc_kmsg_copyin_from_kernel(kmsg);
214 if (mr != MACH_MSG_SUCCESS) {
215 ipc_kmsg_free(kmsg);
216 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
217 return mr;
218 }
219
220 /*
221 * Until we are sure of its effects, we are disabling
222 * importance donation from the kernel-side of user
223 * threads in importance-donating tasks - unless the
224 * option to force importance donation is passed in,
225 * or the thread's SEND_IMPORTANCE option has been set.
226 * (11938665 & 23925818)
227 */
228 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE)
229 option &= ~MACH_SEND_NOIMPORTANCE;
230 else if ((option & MACH_SEND_IMPORTANCE) == 0)
231 option |= MACH_SEND_NOIMPORTANCE;
232
233 mr = ipc_kmsg_send(kmsg, option, timeout_val);
234
235 if (mr != MACH_MSG_SUCCESS) {
236 ipc_kmsg_destroy(kmsg);
237 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
238 }
239
240 return mr;
241 }
242
243
244 #if IKM_SUPPORT_LEGACY
245
246 mach_msg_return_t
247 mach_msg_send_from_kernel_with_options_legacy(
248 mach_msg_header_t *msg,
249 mach_msg_size_t send_size,
250 mach_msg_option_t option,
251 mach_msg_timeout_t timeout_val)
252 {
253 ipc_kmsg_t kmsg;
254 mach_msg_return_t mr;
255
256 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
257
258 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
259 if (mr != MACH_MSG_SUCCESS) {
260 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
261 return mr;
262 }
263
264 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
265 if (mr != MACH_MSG_SUCCESS) {
266 ipc_kmsg_free(kmsg);
267 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
268 return mr;
269 }
270
271 /*
272 * Until we are sure of its effects, we are disabling
273 * importance donation from the kernel-side of user
274 * threads in importance-donating tasks.
275 * (11938665 & 23925818)
276 */
277 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE)
278 option &= ~MACH_SEND_NOIMPORTANCE;
279 else
280 option |= MACH_SEND_NOIMPORTANCE;
281
282 mr = ipc_kmsg_send(kmsg, option, timeout_val);
283
284 if (mr != MACH_MSG_SUCCESS) {
285 ipc_kmsg_destroy(kmsg);
286 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
287 }
288
289 return mr;
290 }
291
292 #endif /* IKM_SUPPORT_LEGACY */
293
294 /*
295 * Routine: mach_msg_rpc_from_kernel
296 * Purpose:
297 * Send a message from the kernel and receive a reply.
298 * Uses ith_rpc_reply for the reply port.
299 *
300 * This is used by the client side of KernelUser interfaces
301 * to implement Routines.
302 * Conditions:
303 * Nothing locked.
304 * Returns:
305 * MACH_MSG_SUCCESS Sent the message.
306 * MACH_RCV_PORT_DIED The reply port was deallocated.
307 */
308
309 mach_msg_return_t mach_msg_rpc_from_kernel_body(mach_msg_header_t *msg,
310 mach_msg_size_t send_size, mach_msg_size_t rcv_size, boolean_t legacy);
311
312 #if IKM_SUPPORT_LEGACY
313
314 #undef mach_msg_rpc_from_kernel
315 mach_msg_return_t
316 mach_msg_rpc_from_kernel(
317 mach_msg_header_t *msg,
318 mach_msg_size_t send_size,
319 mach_msg_size_t rcv_size);
320
321 mach_msg_return_t
322 mach_msg_rpc_from_kernel(
323 mach_msg_header_t *msg,
324 mach_msg_size_t send_size,
325 mach_msg_size_t rcv_size)
326 {
327 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, TRUE);
328 }
329
330 #endif /* IKM_SUPPORT_LEGACY */
331
332 mach_msg_return_t
333 mach_msg_rpc_from_kernel_proper(
334 mach_msg_header_t *msg,
335 mach_msg_size_t send_size,
336 mach_msg_size_t rcv_size)
337 {
338 return mach_msg_rpc_from_kernel_body(msg, send_size, rcv_size, FALSE);
339 }
340
341 mach_msg_return_t
342 mach_msg_rpc_from_kernel_body(
343 mach_msg_header_t *msg,
344 mach_msg_size_t send_size,
345 mach_msg_size_t rcv_size,
346 #if !IKM_SUPPORT_LEGACY
347 __unused
348 #endif
349 boolean_t legacy)
350 {
351 thread_t self = current_thread();
352 ipc_port_t reply;
353 ipc_kmsg_t kmsg;
354 mach_port_seqno_t seqno;
355 mach_msg_return_t mr;
356
357 assert(msg->msgh_local_port == MACH_PORT_NULL);
358
359 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
360
361 mr = ipc_kmsg_get_from_kernel(msg, send_size, &kmsg);
362 if (mr != MACH_MSG_SUCCESS) {
363 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
364 return mr;
365 }
366
367 reply = self->ith_rpc_reply;
368 if (reply == IP_NULL) {
369 reply = ipc_port_alloc_reply();
370 if ((reply == IP_NULL) ||
371 (self->ith_rpc_reply != IP_NULL))
372 panic("mach_msg_rpc_from_kernel");
373 self->ith_rpc_reply = reply;
374 }
375
376 /* insert send-once right for the reply port */
377 kmsg->ikm_header->msgh_local_port = reply;
378 kmsg->ikm_header->msgh_bits |=
379 MACH_MSGH_BITS(0, MACH_MSG_TYPE_MAKE_SEND_ONCE);
380
381 #if IKM_SUPPORT_LEGACY
382 if(legacy)
383 mr = ipc_kmsg_copyin_from_kernel_legacy(kmsg);
384 else
385 mr = ipc_kmsg_copyin_from_kernel(kmsg);
386 #else
387 mr = ipc_kmsg_copyin_from_kernel(kmsg);
388 #endif
389 if (mr != MACH_MSG_SUCCESS) {
390 ipc_kmsg_free(kmsg);
391 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
392 return mr;
393 }
394
395 /*
396 * respect the thread's SEND_IMPORTANCE option to force importance
397 * donation from the kernel-side of user threads
398 * (11938665 & 23925818)
399 */
400 mach_msg_option_t option = MACH_SEND_KERNEL_DEFAULT;
401 if (current_thread()->options & TH_OPT_SEND_IMPORTANCE)
402 option &= ~MACH_SEND_NOIMPORTANCE;
403
404 mr = ipc_kmsg_send(kmsg, option, MACH_MSG_TIMEOUT_NONE);
405 if (mr != MACH_MSG_SUCCESS) {
406 ipc_kmsg_destroy(kmsg);
407 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
408 return mr;
409 }
410
411 for (;;) {
412 ipc_mqueue_t mqueue;
413
414 assert(reply->ip_in_pset == 0);
415 assert(ip_active(reply));
416
417 /* JMM - why this check? */
418 if (!self->active && !self->inspection) {
419 ipc_port_dealloc_reply(reply);
420 self->ith_rpc_reply = IP_NULL;
421 return MACH_RCV_INTERRUPTED;
422 }
423
424 self->ith_continuation = (void (*)(mach_msg_return_t))0;
425
426 mqueue = &reply->ip_messages;
427 ipc_mqueue_receive(mqueue,
428 MACH_MSG_OPTION_NONE,
429 MACH_MSG_SIZE_MAX,
430 MACH_MSG_TIMEOUT_NONE,
431 THREAD_INTERRUPTIBLE);
432
433 mr = self->ith_state;
434 kmsg = self->ith_kmsg;
435 seqno = self->ith_seqno;
436
437 if (mr == MACH_MSG_SUCCESS)
438 {
439 break;
440 }
441
442 assert(mr == MACH_RCV_INTERRUPTED);
443
444 assert(reply == self->ith_rpc_reply);
445
446 if (self->ast & AST_APC) {
447 ipc_port_dealloc_reply(reply);
448 self->ith_rpc_reply = IP_NULL;
449 return(mr);
450 }
451 }
452
453 /*
454 * Check to see how much of the message/trailer can be received.
455 * We chose the maximum trailer that will fit, since we don't
456 * have options telling us which trailer elements the caller needed.
457 */
458 if (rcv_size >= kmsg->ikm_header->msgh_size) {
459 mach_msg_format_0_trailer_t *trailer = (mach_msg_format_0_trailer_t *)
460 ((vm_offset_t)kmsg->ikm_header + kmsg->ikm_header->msgh_size);
461
462 if (rcv_size >= kmsg->ikm_header->msgh_size + MAX_TRAILER_SIZE) {
463 /* Enough room for a maximum trailer */
464 trailer->msgh_trailer_size = MAX_TRAILER_SIZE;
465 }
466 else if (rcv_size < kmsg->ikm_header->msgh_size +
467 trailer->msgh_trailer_size) {
468 /* no room for even the basic (default) trailer */
469 trailer->msgh_trailer_size = 0;
470 }
471 assert(trailer->msgh_trailer_type == MACH_MSG_TRAILER_FORMAT_0);
472 rcv_size = kmsg->ikm_header->msgh_size + trailer->msgh_trailer_size;
473 mr = MACH_MSG_SUCCESS;
474 } else {
475 mr = MACH_RCV_TOO_LARGE;
476 }
477
478
479 /*
480 * We want to preserve rights and memory in reply!
481 * We don't have to put them anywhere; just leave them
482 * as they are.
483 */
484 #if IKM_SUPPORT_LEGACY
485 if(legacy)
486 ipc_kmsg_copyout_to_kernel_legacy(kmsg, ipc_space_reply);
487 else
488 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
489 #else
490 ipc_kmsg_copyout_to_kernel(kmsg, ipc_space_reply);
491 #endif
492 ipc_kmsg_put_to_kernel(msg, kmsg, rcv_size);
493 return mr;
494 }
495
496
497 /************** These Calls are set up for kernel-loaded tasks/threads **************/
498
499 /*
500 * Routine: mach_msg_overwrite
501 * Purpose:
502 * Like mach_msg_overwrite_trap except that message buffers
503 * live in kernel space. Doesn't handle any options.
504 *
505 * This is used by in-kernel server threads to make
506 * kernel calls, to receive request messages, and
507 * to send reply messages.
508 * Conditions:
509 * Nothing locked.
510 * Returns:
511 */
512
513 mach_msg_return_t
514 mach_msg_overwrite(
515 mach_msg_header_t *msg,
516 mach_msg_option_t option,
517 mach_msg_size_t send_size,
518 mach_msg_size_t rcv_size,
519 mach_port_name_t rcv_name,
520 __unused mach_msg_timeout_t msg_timeout,
521 mach_msg_priority_t override,
522 __unused mach_msg_header_t *rcv_msg,
523 __unused mach_msg_size_t rcv_msg_size)
524 {
525 ipc_space_t space = current_space();
526 vm_map_t map = current_map();
527 ipc_kmsg_t kmsg;
528 mach_port_seqno_t seqno;
529 mach_msg_return_t mr;
530 mach_msg_trailer_size_t trailer_size;
531
532 if (option & MACH_SEND_MSG) {
533 mach_msg_size_t msg_and_trailer_size;
534 mach_msg_max_trailer_t *max_trailer;
535
536 if ((send_size & 3) ||
537 send_size < sizeof(mach_msg_header_t) ||
538 (send_size < sizeof(mach_msg_body_t) && (msg->msgh_bits & MACH_MSGH_BITS_COMPLEX)))
539 return MACH_SEND_MSG_TOO_SMALL;
540
541 if (send_size > MACH_MSG_SIZE_MAX - MAX_TRAILER_SIZE)
542 return MACH_SEND_TOO_LARGE;
543
544 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_START);
545
546 msg_and_trailer_size = send_size + MAX_TRAILER_SIZE;
547 kmsg = ipc_kmsg_alloc(msg_and_trailer_size);
548
549 if (kmsg == IKM_NULL) {
550 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, MACH_SEND_NO_BUFFER);
551 return MACH_SEND_NO_BUFFER;
552 }
553
554 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_LINK) | DBG_FUNC_NONE,
555 (uintptr_t)0, /* this should only be called from the kernel! */
556 VM_KERNEL_ADDRPERM((uintptr_t)kmsg),
557 0, 0,
558 0);
559 (void) memcpy((void *) kmsg->ikm_header, (const void *) msg, send_size);
560
561 kmsg->ikm_header->msgh_size = send_size;
562
563 /*
564 * Reserve for the trailer the largest space (MAX_TRAILER_SIZE)
565 * However, the internal size field of the trailer (msgh_trailer_size)
566 * is initialized to the minimum (sizeof(mach_msg_trailer_t)), to optimize
567 * the cases where no implicit data is requested.
568 */
569 max_trailer = (mach_msg_max_trailer_t *) ((vm_offset_t)kmsg->ikm_header + send_size);
570 max_trailer->msgh_sender = current_thread()->task->sec_token;
571 max_trailer->msgh_audit = current_thread()->task->audit_token;
572 max_trailer->msgh_trailer_type = MACH_MSG_TRAILER_FORMAT_0;
573 max_trailer->msgh_trailer_size = MACH_MSG_TRAILER_MINIMUM_SIZE;
574
575 mr = ipc_kmsg_copyin(kmsg, space, map, override, &option);
576
577 if (mr != MACH_MSG_SUCCESS) {
578 ipc_kmsg_free(kmsg);
579 KDBG(MACHDBG_CODE(DBG_MACH_IPC,MACH_IPC_KMSG_INFO) | DBG_FUNC_END, mr);
580 return mr;
581 }
582
583 do {
584 mr = ipc_kmsg_send(kmsg, MACH_MSG_OPTION_NONE, MACH_MSG_TIMEOUT_NONE);
585 } while (mr == MACH_SEND_INTERRUPTED);
586
587 assert(mr == MACH_MSG_SUCCESS);
588 }
589
590 if (option & MACH_RCV_MSG) {
591 thread_t self = current_thread();
592
593 do {
594 ipc_object_t object;
595 ipc_mqueue_t mqueue;
596
597 mr = ipc_mqueue_copyin(space, rcv_name,
598 &mqueue, &object);
599 if (mr != MACH_MSG_SUCCESS)
600 return mr;
601 /* hold ref for object */
602
603 self->ith_continuation = (void (*)(mach_msg_return_t))0;
604 ipc_mqueue_receive(mqueue,
605 MACH_MSG_OPTION_NONE,
606 MACH_MSG_SIZE_MAX,
607 MACH_MSG_TIMEOUT_NONE,
608 THREAD_ABORTSAFE);
609 mr = self->ith_state;
610 kmsg = self->ith_kmsg;
611 seqno = self->ith_seqno;
612
613 io_release(object);
614
615 } while (mr == MACH_RCV_INTERRUPTED);
616
617 if (mr != MACH_MSG_SUCCESS)
618 return mr;
619
620 trailer_size = ipc_kmsg_add_trailer(kmsg, space, option, current_thread(), seqno, TRUE,
621 kmsg->ikm_header->msgh_remote_port->ip_context);
622
623 if (rcv_size < (kmsg->ikm_header->msgh_size + trailer_size)) {
624 ipc_kmsg_copyout_dest(kmsg, space);
625 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
626 ipc_kmsg_free(kmsg);
627 return MACH_RCV_TOO_LARGE;
628 }
629
630 mr = ipc_kmsg_copyout(kmsg, space, map, MACH_MSG_BODY_NULL, option);
631 if (mr != MACH_MSG_SUCCESS) {
632 if ((mr &~ MACH_MSG_MASK) == MACH_RCV_BODY_ERROR) {
633 ipc_kmsg_put_to_kernel(msg, kmsg,
634 kmsg->ikm_header->msgh_size + trailer_size);
635 } else {
636 ipc_kmsg_copyout_dest(kmsg, space);
637 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header, sizeof *msg);
638 ipc_kmsg_free(kmsg);
639 }
640
641 return mr;
642 }
643
644 (void) memcpy((void *) msg, (const void *) kmsg->ikm_header,
645 kmsg->ikm_header->msgh_size + trailer_size);
646 ipc_kmsg_free(kmsg);
647 }
648
649 return MACH_MSG_SUCCESS;
650 }
651
652 /*
653 * Routine: mig_get_reply_port
654 * Purpose:
655 * Called by client side interfaces living in the kernel
656 * to get a reply port.
657 */
658 mach_port_t
659 mig_get_reply_port(void)
660 {
661 return (MACH_PORT_NULL);
662 }
663
664 /*
665 * Routine: mig_dealloc_reply_port
666 * Purpose:
667 * Called by client side interfaces to get rid of a reply port.
668 */
669
670 void
671 mig_dealloc_reply_port(
672 __unused mach_port_t reply_port)
673 {
674 }
675
676 /*
677 * Routine: mig_put_reply_port
678 * Purpose:
679 * Called by client side interfaces after each RPC to
680 * let the client recycle the reply port if it wishes.
681 */
682 void
683 mig_put_reply_port(
684 __unused mach_port_t reply_port)
685 {
686 }
687
688 /*
689 * mig_strncpy.c - by Joshua Block
690 *
691 * mig_strncp -- Bounded string copy. Does what the library routine strncpy
692 * OUGHT to do: Copies the (null terminated) string in src into dest, a
693 * buffer of length len. Assures that the copy is still null terminated
694 * and doesn't overflow the buffer, truncating the copy if necessary.
695 *
696 * Parameters:
697 *
698 * dest - Pointer to destination buffer.
699 *
700 * src - Pointer to source string.
701 *
702 * len - Length of destination buffer.
703 */
704 int
705 mig_strncpy(
706 char *dest,
707 const char *src,
708 int len)
709 {
710 int i = 0;
711
712 if (len > 0)
713 if (dest != NULL) {
714 if (src != NULL)
715 for (i=1; i<len; i++)
716 if (! (*dest++ = *src++))
717 return i;
718 *dest = '\0';
719 }
720 return i;
721 }
722
723 /*
724 * mig_strncpy_zerofill -- Bounded string copy. Does what the
725 * library routine strncpy OUGHT to do: Copies the (null terminated)
726 * string in src into dest, a buffer of length len. Assures that
727 * the copy is still null terminated and doesn't overflow the buffer,
728 * truncating the copy if necessary. If the string in src is smaller
729 * than given length len, it will zero fill the remaining bytes in dest.
730 *
731 * Parameters:
732 *
733 * dest - Pointer to destination buffer.
734 *
735 * src - Pointer to source string.
736 *
737 * len - Length of destination buffer.
738 */
739 int
740 mig_strncpy_zerofill(
741 char *dest,
742 const char *src,
743 int len)
744 {
745 int i = 0;
746 boolean_t terminated = FALSE;
747 int retval = 0;
748
749 if (len <= 0 || dest == NULL) {
750 return 0;
751 }
752
753 if (src == NULL) {
754 terminated = TRUE;
755 }
756
757 for (i = 1; i < len; i++) {
758 if (!terminated) {
759 if (!(*dest++ = *src++)) {
760 retval = i;
761 terminated = TRUE;
762 }
763 } else {
764 *dest++ = '\0';
765 }
766 }
767
768 *dest = '\0';
769 if (!terminated) {
770 retval = i;
771 }
772
773 return retval;
774 }
775
776 void *
777 mig_user_allocate(
778 vm_size_t size)
779 {
780 return (char *)kalloc(size);
781 }
782
783 void
784 mig_user_deallocate(
785 char *data,
786 vm_size_t size)
787 {
788 kfree(data, size);
789 }
790
791 /*
792 * Routine: mig_object_init
793 * Purpose:
794 * Initialize the base class portion of a MIG object. We
795 * will lazy init the port, so just clear it for now.
796 */
797 kern_return_t
798 mig_object_init(
799 mig_object_t mig_object,
800 const IMIGObject *interface)
801 {
802 if (mig_object == MIG_OBJECT_NULL)
803 return KERN_INVALID_ARGUMENT;
804 mig_object->pVtbl = (const IMIGObjectVtbl *)interface;
805 mig_object->port = MACH_PORT_NULL;
806 return KERN_SUCCESS;
807 }
808
809 /*
810 * Routine: mig_object_destroy
811 * Purpose:
812 * The object is being freed. This call lets us clean
813 * up any state we have have built up over the object's
814 * lifetime.
815 * Conditions:
816 * Since notifications and the port hold references on
817 * on the object, neither can exist when this is called.
818 * This is a good place to assert() that condition.
819 */
820 void
821 mig_object_destroy(
822 __assert_only mig_object_t mig_object)
823 {
824 assert(mig_object->port == MACH_PORT_NULL);
825 return;
826 }
827
828 /*
829 * Routine: mig_object_reference
830 * Purpose:
831 * Pure virtual helper to invoke the MIG object's AddRef
832 * method.
833 * Conditions:
834 * MIG object port may be locked.
835 */
836 void
837 mig_object_reference(
838 mig_object_t mig_object)
839 {
840 assert(mig_object != MIG_OBJECT_NULL);
841 mig_object->pVtbl->AddRef((IMIGObject *)mig_object);
842 }
843
844 /*
845 * Routine: mig_object_deallocate
846 * Purpose:
847 * Pure virtual helper to invoke the MIG object's Release
848 * method.
849 * Conditions:
850 * Nothing locked.
851 */
852 void
853 mig_object_deallocate(
854 mig_object_t mig_object)
855 {
856 assert(mig_object != MIG_OBJECT_NULL);
857 mig_object->pVtbl->Release((IMIGObject *)mig_object);
858 }
859
860 /*
861 * Routine: convert_mig_object_to_port [interface]
862 * Purpose:
863 * Base implementation of MIG outtrans routine to convert from
864 * a mig object reference to a new send right on the object's
865 * port. The object reference is consumed.
866 * Returns:
867 * IP_NULL - Null MIG object supplied
868 * Otherwise, a newly made send right for the port
869 * Conditions:
870 * Nothing locked.
871 */
872 ipc_port_t
873 convert_mig_object_to_port(
874 mig_object_t mig_object)
875 {
876 ipc_port_t port;
877 boolean_t deallocate = TRUE;
878
879 if (mig_object == MIG_OBJECT_NULL)
880 return IP_NULL;
881
882 port = mig_object->port;
883 while ((port == IP_NULL) ||
884 ((port = ipc_port_make_send(port)) == IP_NULL)) {
885 ipc_port_t previous;
886
887 /*
888 * Either the port was never set up, or it was just
889 * deallocated out from under us by the no-senders
890 * processing. In either case, we must:
891 * Attempt to make one
892 * Arrange for no senders
893 * Try to atomically register it with the object
894 * Destroy it if we are raced.
895 */
896 port = ipc_port_alloc_kernel();
897 ip_lock(port);
898 ipc_kobject_set_atomically(port,
899 (ipc_kobject_t) mig_object,
900 IKOT_MIG);
901
902 /* make a sonce right for the notification */
903 port->ip_sorights++;
904 ip_reference(port);
905
906 ipc_port_nsrequest(port, 1, port, &previous);
907 /* port unlocked */
908
909 assert(previous == IP_NULL);
910
911 if (OSCompareAndSwapPtr((void *)IP_NULL, (void *)port,
912 (void * volatile *)&mig_object->port)) {
913 deallocate = FALSE;
914 } else {
915 ipc_port_dealloc_kernel(port);
916 port = mig_object->port;
917 }
918 }
919
920 if (deallocate)
921 mig_object->pVtbl->Release((IMIGObject *)mig_object);
922
923 return (port);
924 }
925
926
927 /*
928 * Routine: convert_port_to_mig_object [interface]
929 * Purpose:
930 * Base implementation of MIG intrans routine to convert from
931 * an incoming port reference to a new reference on the
932 * underlying object. A new reference must be created, because
933 * the port's reference could go away asynchronously.
934 * Returns:
935 * NULL - Not an active MIG object port or iid not supported
936 * Otherwise, a reference to the underlying MIG interface
937 * Conditions:
938 * Nothing locked.
939 */
940 mig_object_t
941 convert_port_to_mig_object(
942 ipc_port_t port,
943 const MIGIID *iid)
944 {
945 mig_object_t mig_object;
946 void *ppv;
947
948 if (!IP_VALID(port))
949 return NULL;
950
951 ip_lock(port);
952 if (!ip_active(port) || (ip_kotype(port) != IKOT_MIG)) {
953 ip_unlock(port);
954 return NULL;
955 }
956
957 /*
958 * Our port points to some MIG object interface. Now
959 * query it to get a reference to the desired interface.
960 */
961 ppv = NULL;
962 mig_object = (mig_object_t)port->ip_kobject;
963 mig_object->pVtbl->QueryInterface((IMIGObject *)mig_object, iid, &ppv);
964 ip_unlock(port);
965 return (mig_object_t)ppv;
966 }
967
968 /*
969 * Routine: mig_object_no_senders [interface]
970 * Purpose:
971 * Base implementation of a no-senders notification handler
972 * for MIG objects. If there truly are no more senders, must
973 * destroy the port and drop its reference on the object.
974 * Returns:
975 * TRUE - port deallocate and reference dropped
976 * FALSE - more senders arrived, re-registered for notification
977 * Conditions:
978 * Nothing locked.
979 */
980
981 boolean_t
982 mig_object_no_senders(
983 ipc_port_t port,
984 mach_port_mscount_t mscount)
985 {
986 mig_object_t mig_object;
987
988 ip_lock(port);
989 if (port->ip_mscount > mscount) {
990 ipc_port_t previous;
991
992 /*
993 * Somebody created new send rights while the
994 * notification was in-flight. Just create a
995 * new send-once right and re-register with
996 * the new (higher) mscount threshold.
997 */
998 /* make a sonce right for the notification */
999 port->ip_sorights++;
1000 ip_reference(port);
1001 ipc_port_nsrequest(port, mscount, port, &previous);
1002 /* port unlocked */
1003
1004 assert(previous == IP_NULL);
1005 return (FALSE);
1006 }
1007
1008 /*
1009 * Clear the port pointer while we have it locked.
1010 */
1011 mig_object = (mig_object_t)port->ip_kobject;
1012 mig_object->port = IP_NULL;
1013
1014 /*
1015 * Bring the sequence number and mscount in
1016 * line with ipc_port_destroy assertion.
1017 */
1018 port->ip_mscount = 0;
1019 port->ip_messages.imq_seqno = 0;
1020 ipc_port_destroy(port); /* releases lock */
1021
1022 /*
1023 * Release the port's reference on the object.
1024 */
1025 mig_object->pVtbl->Release((IMIGObject *)mig_object);
1026 return (TRUE);
1027 }
1028
1029 /*
1030 * Kernel implementation of the notification chain for MIG object
1031 * is kept separate from the actual objects, since there are expected
1032 * to be much fewer of them than actual objects.
1033 *
1034 * The implementation of this part of MIG objects is coming
1035 * "Real Soon Now"(TM).
1036 */
mirror of XNU