]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kern_sfi.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-6153.141.1.tar.gz
[apple/xnu.git] / bsd / kern / kern_sfi.c
1 /*
2 * Copyright (c) 2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 *
28 */
29
30 #include <kern/assert.h>
31 #include <kern/locks.h>
32 #include <kern/task.h>
33 #include <kern/thread.h>
34 #include <kern/sfi.h>
35 #include <libkern/libkern.h>
36 #include <mach/mach_time.h>
37 #include <pexpert/pexpert.h>
38 #include <sys/proc.h>
39 #include <sys/proc_info.h>
40 #include <sys/sysproto.h>
41 #include <sys/sfi.h>
42 #include <sys/kdebug.h>
43 #include <sys/priv.h>
44 #include <kern/policy_internal.h>
45
46 /*
47 * This file provides the syscall-based configuration facility
48 * for Selective Forced Idle (SFI). Input arguments have basic checking
49 * applied here, although more specific semantic checking is done in
50 * osfmk/kern/sfi.c. All copyin()/copyout() operations are performed
51 * in this source file.
52 */
53
54 #define SFI_DEBUG 0
55
56 #if SFI_DEBUG
57 #define dprintf(...) printf(__VA_ARGS__)
58 #else
59 #define dprintf(...) do { } while(0)
60 #endif
61
62 static int proc_apply_sfi_managed(proc_t p, void * arg);
63
64 int
65 sfi_ctl(struct proc *p __unused, struct sfi_ctl_args *uap, int32_t *retval __unused)
66 {
67 uint32_t operation = uap->operation;
68 int error = 0;
69 kern_return_t kret = KERN_SUCCESS;
70 uint64_t out_time = 0;
71
72 switch (operation) {
73 case SFI_CTL_OPERATION_SFI_SET_WINDOW:
74 if (uap->out_time != USER_ADDR_NULL) {
75 return EINVAL;
76 }
77 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
78 return EINVAL;
79 }
80
81 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
82 if (error) {
83 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
84 return error;
85 } else {
86 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
87 }
88
89 if (uap->time == 0) {
90 /* actually a cancel */
91 kret = sfi_window_cancel();
92 } else {
93 kret = sfi_set_window(uap->time);
94 }
95
96 if (kret) {
97 error = EINVAL;
98 }
99
100 break;
101 case SFI_CTL_OPERATION_SFI_GET_WINDOW:
102 if (uap->time != 0) {
103 return EINVAL;
104 }
105 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
106 return EINVAL;
107 }
108
109 kret = sfi_get_window(&out_time);
110 if (kret == KERN_SUCCESS) {
111 error = copyout(&out_time, uap->out_time, sizeof(out_time));
112 } else {
113 error = EINVAL;
114 }
115
116 break;
117 case SFI_CTL_OPERATION_SET_CLASS_OFFTIME:
118 if (uap->out_time != USER_ADDR_NULL) {
119 return EINVAL;
120 }
121
122 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
123 if (error) {
124 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
125 return error;
126 } else {
127 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
128 }
129
130 if (uap->time == 0) {
131 /* actually a cancel */
132 kret = sfi_class_offtime_cancel(uap->sfi_class);
133 } else {
134 kret = sfi_set_class_offtime(uap->sfi_class, uap->time);
135 }
136
137 if (kret) {
138 error = EINVAL;
139 }
140
141 break;
142 case SFI_CTL_OPERATION_GET_CLASS_OFFTIME:
143 if (uap->time != 0) {
144 return EINVAL;
145 }
146
147 kret = sfi_get_class_offtime(uap->sfi_class, &out_time);
148 if (kret == KERN_SUCCESS) {
149 error = copyout(&out_time, uap->out_time, sizeof(out_time));
150 } else {
151 error = EINVAL;
152 }
153
154 break;
155 default:
156 error = ENOTSUP;
157 break;
158 }
159
160 return error;
161 }
162
163 static int
164 proc_apply_sfi_managed(proc_t p, void * arg)
165 {
166 uint32_t flags = *(uint32_t *)arg;
167 pid_t pid = p->p_pid;
168 boolean_t managed_enabled = (flags == SFI_PROCESS_SET_MANAGED)? TRUE : FALSE;
169
170 if (pid == 0) { /* ignore setting on kernproc */
171 return PROC_RETURNED;
172 }
173
174 if (managed_enabled) {
175 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_SET_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
176 } else {
177 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_CLEAR_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
178 }
179
180 proc_set_task_policy(p->task,
181 TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED,
182 managed_enabled ? TASK_POLICY_ENABLE : TASK_POLICY_DISABLE);
183
184 return PROC_RETURNED;
185 }
186
187 int
188 sfi_pidctl(struct proc *p __unused, struct sfi_pidctl_args *uap, int32_t *retval __unused)
189 {
190 uint32_t operation = uap->operation;
191 pid_t pid = uap->pid;
192 int error = 0;
193 uint32_t out_flags = 0;
194 boolean_t managed_enabled;
195 proc_t targetp;
196
197 switch (operation) {
198 case SFI_PIDCTL_OPERATION_PID_SET_FLAGS:
199 if (uap->out_sfi_flags != USER_ADDR_NULL
200 || !(uap->sfi_flags & SFI_PROCESS_SET_MANAGED_MASK)
201 || uap->sfi_flags == SFI_PROCESS_SET_MANAGED_MASK) {
202 return EINVAL;
203 }
204
205 error = priv_check_cred(kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, 0);
206 if (error) {
207 dprintf("%s failed privilege check for sfi_pidctl: %d\n", p->p_comm, error);
208 return error;
209 } else {
210 dprintf("%s succeeded privilege check for sfi_pidctl\n", p->p_comm);
211 }
212
213 if (uap->pid == 0) {
214 /* only allow SFI_PROCESS_SET_UNMANAGED for pid 0 */
215 if (uap->sfi_flags != SFI_PROCESS_SET_UNMANAGED) {
216 return EINVAL;
217 }
218
219 proc_iterate(PROC_ALLPROCLIST, proc_apply_sfi_managed, (void *)&uap->sfi_flags, NULL, NULL);
220 break;
221 }
222
223 targetp = proc_find(pid);
224 if (!targetp) {
225 error = ESRCH;
226 break;
227 }
228
229 proc_apply_sfi_managed(targetp, (void *)&uap->sfi_flags);
230
231 proc_rele(targetp);
232
233 break;
234 case SFI_PIDCTL_OPERATION_PID_GET_FLAGS:
235 if (uap->sfi_flags != 0) {
236 return EINVAL;
237 }
238 if (uap->pid == 0) {
239 return EINVAL;
240 }
241
242 targetp = proc_find(pid);
243 if (!targetp) {
244 error = ESRCH;
245 break;
246 }
247
248 managed_enabled = proc_get_task_policy(targetp->task, TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED);
249
250 proc_rele(targetp);
251
252 out_flags = managed_enabled ? SFI_PROCESS_SET_MANAGED : SFI_PROCESS_SET_UNMANAGED;
253
254 error = copyout(&out_flags, uap->out_sfi_flags, sizeof(out_flags));
255
256 break;
257 default:
258 error = ENOTSUP;
259 break;
260 }
261
262 return error;
263 }
mirror of XNU