/*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
- *
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/*
* @OSF_COPYRIGHT@
*/
-/*
+/*
* Mach Operating System
* Copyright (c) 1991,1990,1989,1988,1987 Carnegie Mellon University
* All Rights Reserved.
- *
+ *
* Permission to use, copy, modify and distribute this software and its
* documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
- *
+ *
* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
* ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
- *
+ *
* Carnegie Mellon requests users of this software to return to
- *
+ *
* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
- *
+ *
* any improvements or extensions that they make and grant Carnegie Mellon
* the rights to redistribute these changes.
*/
+/*
+ * NOTICE: This file was modified by McAfee Research in 2004 to introduce
+ * support for mandatory and extensible security protections. This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ */
/*
*/
/*
* File: mach/port.h
*
- * Definition of a port
+ * Definition of a Mach port
+ *
+ * Mach ports are the endpoints to Mach-implemented communications
+ * channels (usually uni-directional message queues, but other types
+ * also exist).
+ *
+ * Unique collections of these endpoints are maintained for each
+ * Mach task. Each Mach port in the task's collection is given a
+ * [task-local] name to identify it - and the the various "rights"
+ * held by the task for that specific endpoint.
+ *
+ * This header defines the types used to identify these Mach ports
+ * and the various rights associated with them. For more info see:
+ *
+ * <mach/mach_port.h> - manipulation of port rights in a given space
+ * <mach/message.h> - message queue [and port right passing] mechanism
*
- * [The basic port_t type should probably be machine-dependent,
- * as it must be represented by a 32-bit integer.]
*/
-#ifndef _MACH_PORT_H_
+#ifndef _MACH_PORT_H_
#define _MACH_PORT_H_
+#include <sys/cdefs.h>
+#include <stdint.h>
#include <mach/boolean.h>
#include <mach/machine/vm_types.h>
/*
- * A port_name_t is a 32 bit value which represents a name of a
- * port right within some ipc space. This is a constant definition
- * everywhere.
+ * mach_port_name_t - the local identity for a Mach port
+ *
+ * The name is Mach port namespace specific. It is used to
+ * identify the rights held for that port by the task whose
+ * namespace is implied [or specifically provided].
+ *
+ * Use of this type usually implies just a name - no rights.
+ * See mach_port_t for a type that implies a "named right."
+ *
+ */
+
+typedef natural_t mach_port_name_t;
+typedef mach_port_name_t *mach_port_name_array_t;
+
+#ifdef KERNEL
+
+/*
+ * mach_port_t - a named port right
+ *
+ * In the kernel, "rights" are represented [named] by pointers to
+ * the ipc port object in question. There is no port namespace for the
+ * rights to be collected.
*
- * The type port_t represents a reference added or deleted to a
- * port right.
+ * Actually, there is namespace for the kernel task. But most kernel
+ * code - including, but not limited to, Mach IPC code - lives in the
+ * limbo between the current user-level task and the "next" task. Very
+ * little of the kernel code runs in full kernel task context. So very
+ * little of it gets to use the kernel task's port name space.
*
- * At user space, this is represented by returning the name of
- * the right(s) that got altered within the user's ipc space.
- * So a port_t is the same type as a port_name_t there.
+ * Because of this implementation approach, all in-kernel rights for
+ * a given port coalesce [have the same name/pointer]. The actual
+ * references are counted in the port itself. It is up to the kernel
+ * code in question to "just remember" how many [and what type of]
+ * rights it holds and handle them appropriately.
*
- * Since there is no right space for the kernel proper (all rights
- * are naked rights) these rights are represented by passing a
- * pointer to the specific ipc_object_t subclass (typically
- * ipc_port_t) that got altered/is to be altered.
*/
-typedef natural_t port_name_t;
-typedef port_name_t *port_name_array_t;
-#ifdef KERNEL_PRIVATE
+#ifndef MACH_KERNEL_PRIVATE
+/*
+ * For kernel code that resides outside of Mach proper, we opaque the
+ * port structure definition.
+ */
+struct ipc_port;
+
+#endif /* MACH_KERNEL_PRIVATE */
+
+typedef struct ipc_port *ipc_port_t;
-#include <ipc/ipc_types.h>
-typedef ipc_port_t port_t;
+#define IPC_PORT_NULL ((ipc_port_t) NULL)
+#define IPC_PORT_DEAD ((ipc_port_t)~0UL)
+#define IPC_PORT_VALID(port) ipc_port_valid(port)
-#else /* ! KERNEL_PRIVATE */
+static inline boolean_t
+ipc_port_valid(ipc_port_t port)
+{
+ return port != IPC_PORT_DEAD && port;
+}
-typedef port_name_t port_t;
+typedef ipc_port_t mach_port_t;
-#endif /* KERNEL_PRIVATE */
+/*
+ * Since the 32-bit and 64-bit representations of ~0 are different,
+ * explicitly handle MACH_PORT_DEAD
+ */
+
+#define CAST_MACH_PORT_TO_NAME(x) ((mach_port_name_t)(uintptr_t)(x))
+#define CAST_MACH_NAME_TO_PORT(x) ((x) == MACH_PORT_DEAD ? (mach_port_t)IPC_PORT_DEAD : (mach_port_t)(uintptr_t)(x))
+
+#else /* KERNEL */
/*
- * PORT_NULL is a legal value that can be carried in messages.
+ * mach_port_t - a named port right
+ *
+ * In user-space, "rights" are represented by the name of the
+ * right in the Mach port namespace. Even so, this type is
+ * presented as a unique one to more clearly denote the presence
+ * of a right coming along with the name.
+ *
+ * Often, various rights for a port held in a single name space
+ * will coalesce and are, therefore, be identified by a single name
+ * [this is the case for send and receive rights]. But not
+ * always [send-once rights currently get a unique name for
+ * each right].
+ *
+ */
+
+#include <sys/_types.h>
+#include <sys/_types/_mach_port_t.h>
+
+#endif /* KERNEL */
+
+typedef mach_port_t *mach_port_array_t;
+
+/*
+ * MACH_PORT_NULL is a legal value that can be carried in messages.
* It indicates the absence of any port or port rights. (A port
* argument keeps the message from being "simple", even if the
- * value is PORT_NULL.) The value PORT_DEAD is also a legal
+ * value is MACH_PORT_NULL.) The value MACH_PORT_DEAD is also a legal
* value that can be carried in messages. It indicates
* that a port right was present, but it died.
*/
-#define PORT_NULL ((port_t) 0)
-#define PORT_DEAD ((port_t) ~0)
-#define PORT_VALID(name) \
- (((port_t)(name) != PORT_NULL) && \
- ((port_t)(name) != PORT_DEAD))
-/*
- * Mach 3.0 renamed everything to have mach_ in front of it.
- * Do that mapping here, so we have the types and macros in
- * both formats.
- */
-typedef port_t mach_port_t;
-typedef port_t *mach_port_array_t;
-typedef port_name_t mach_port_name_t;
-typedef mach_port_name_t *mach_port_name_array_t;
+#if defined(XNU_KERNEL_PRIVATE) && defined(__cplusplus)
+#define MACH_PORT_NULL NULL
+#else
+#define MACH_PORT_NULL 0 /* intentional loose typing */
+#endif
+#define MACH_PORT_DEAD ((mach_port_name_t) ~0)
+#define MACH_PORT_VALID(name) \
+ (((name) != MACH_PORT_NULL) && \
+ ((name) != MACH_PORT_DEAD))
-#define MACH_PORT_NULL 0 /* intentional loose typing */
-#define MACH_PORT_DEAD ((mach_port_name_t) ~0)
-#define MACH_PORT_VALID(name) \
- (((name) != MACH_PORT_NULL) && \
- ((name) != MACH_PORT_DEAD))
/*
- * mach_port_name_t must be an unsigned type. Port values
- * have two parts, a generation number and an index.
- * These macros encapsulate all knowledge of how
- * a mach_port_name_t is laid out. They are made visible
- * to user tasks so that packages to map from a mach_port_name_t
- * to associated user data can discount the generation
- * nuber (if desired) in doing the mapping.
+ * For kernel-selected [assigned] port names, the name is
+ * comprised of two parts: a generation number and an index.
+ * This approach keeps the exact same name from being generated
+ * and reused too quickly [to catch right/reference counting bugs].
+ * The dividing line between the constituent parts is exposed so
+ * that efficient "mach_port_name_t to data structure pointer"
+ * conversion implementation can be made. But it is possible
+ * for user-level code to assign their own names to Mach ports.
+ * These are not required to participate in this algorithm. So
+ * care should be taken before "assuming" this model.
*
- * Within the kernel, ipc/ipc_entry.c implicitly assumes
- * when it uses the splay tree functions that the generation
- * number is in the low bits, so that names are ordered first
- * by index and then by generation. If the size of generation
- * numbers changes, be sure to update IE_BITS_GEN_MASK and
- * friends in ipc/ipc_entry.h.
*/
+
#ifndef NO_PORT_GEN
-#define MACH_PORT_INDEX(name) ((name) >> 8)
-#define MACH_PORT_GEN(name) (((name) & 0xff) << 24)
-#define MACH_PORT_MAKE(index, gen) \
- (((index) << 8) | (gen) >> 24)
-#else
-#define MACH_PORT_INDEX(name) (name)
-#define MACH_PORT_GEN(name) (0)
-#define MACH_PORT_MAKE(index, gen) (index)
-#endif /* !NO_PORT_GEN */
+
+#define MACH_PORT_INDEX(name) ((name) >> 8)
+#define MACH_PORT_GEN(name) (((name) & 0xff) << 24)
+#define MACH_PORT_MAKE(index, gen) \
+ (((index) << 8) | (gen) >> 24)
+
+#else /* NO_PORT_GEN */
+
+#define MACH_PORT_INDEX(name) (name)
+#define MACH_PORT_GEN(name) (0)
+#define MACH_PORT_MAKE(index, gen) (index)
+
+#endif /* NO_PORT_GEN */
+
/*
- * These are the different rights a task may have.
+ * These are the different rights a task may have for a port.
* The MACH_PORT_RIGHT_* definitions are used as arguments
* to mach_port_allocate, mach_port_get_refs, etc, to specify
* a particular right to act upon. The mach_port_names and
typedef natural_t mach_port_right_t;
-#define MACH_PORT_RIGHT_SEND ((mach_port_right_t) 0)
-#define MACH_PORT_RIGHT_RECEIVE ((mach_port_right_t) 1)
-#define MACH_PORT_RIGHT_SEND_ONCE ((mach_port_right_t) 2)
-#define MACH_PORT_RIGHT_PORT_SET ((mach_port_right_t) 3)
-#define MACH_PORT_RIGHT_DEAD_NAME ((mach_port_right_t) 4)
-#define MACH_PORT_RIGHT_NUMBER ((mach_port_right_t) 5)
+#define MACH_PORT_RIGHT_SEND ((mach_port_right_t) 0)
+#define MACH_PORT_RIGHT_RECEIVE ((mach_port_right_t) 1)
+#define MACH_PORT_RIGHT_SEND_ONCE ((mach_port_right_t) 2)
+#define MACH_PORT_RIGHT_PORT_SET ((mach_port_right_t) 3)
+#define MACH_PORT_RIGHT_DEAD_NAME ((mach_port_right_t) 4)
+#define MACH_PORT_RIGHT_LABELH ((mach_port_right_t) 5) /* obsolete right */
+#define MACH_PORT_RIGHT_NUMBER ((mach_port_right_t) 6) /* right not implemented */
+
+#ifdef MACH_KERNEL_PRIVATE
+#define MACH_PORT_RIGHT_VALID_TRANSLATE(right) \
+ ((right) >= MACH_PORT_RIGHT_SEND && (right) <= MACH_PORT_RIGHT_DEAD_NAME)
+#endif
typedef natural_t mach_port_type_t;
typedef mach_port_type_t *mach_port_type_array_t;
-#define MACH_PORT_TYPE(right) \
- ((mach_port_type_t)(((mach_port_type_t) 1) \
- << ((right) + ((mach_port_right_t) 16))))
-#define MACH_PORT_TYPE_NONE ((mach_port_type_t) 0L)
-#define MACH_PORT_TYPE_SEND MACH_PORT_TYPE(MACH_PORT_RIGHT_SEND)
-#define MACH_PORT_TYPE_RECEIVE MACH_PORT_TYPE(MACH_PORT_RIGHT_RECEIVE)
+#define MACH_PORT_TYPE(right) \
+ ((mach_port_type_t)(((mach_port_type_t) 1) \
+ << ((right) + ((mach_port_right_t) 16))))
+#define MACH_PORT_TYPE_NONE ((mach_port_type_t) 0L)
+#define MACH_PORT_TYPE_SEND MACH_PORT_TYPE(MACH_PORT_RIGHT_SEND)
+#define MACH_PORT_TYPE_RECEIVE MACH_PORT_TYPE(MACH_PORT_RIGHT_RECEIVE)
#define MACH_PORT_TYPE_SEND_ONCE MACH_PORT_TYPE(MACH_PORT_RIGHT_SEND_ONCE)
-#define MACH_PORT_TYPE_PORT_SET MACH_PORT_TYPE(MACH_PORT_RIGHT_PORT_SET)
+#define MACH_PORT_TYPE_PORT_SET MACH_PORT_TYPE(MACH_PORT_RIGHT_PORT_SET)
#define MACH_PORT_TYPE_DEAD_NAME MACH_PORT_TYPE(MACH_PORT_RIGHT_DEAD_NAME)
+#define MACH_PORT_TYPE_LABELH MACH_PORT_TYPE(MACH_PORT_RIGHT_LABELH) /* obsolete */
+
+#ifdef MACH_KERNEL_PRIVATE
+/* Holder used to have a receive right - remembered to filter exceptions */
+#define MACH_PORT_TYPE_EX_RECEIVE MACH_PORT_TYPE_LABELH
+#endif
/* Convenient combinations. */
-#define MACH_PORT_TYPE_SEND_RECEIVE \
- (MACH_PORT_TYPE_SEND|MACH_PORT_TYPE_RECEIVE)
-#define MACH_PORT_TYPE_SEND_RIGHTS \
- (MACH_PORT_TYPE_SEND|MACH_PORT_TYPE_SEND_ONCE)
-#define MACH_PORT_TYPE_PORT_RIGHTS \
- (MACH_PORT_TYPE_SEND_RIGHTS|MACH_PORT_TYPE_RECEIVE)
-#define MACH_PORT_TYPE_PORT_OR_DEAD \
- (MACH_PORT_TYPE_PORT_RIGHTS|MACH_PORT_TYPE_DEAD_NAME)
-#define MACH_PORT_TYPE_ALL_RIGHTS \
- (MACH_PORT_TYPE_PORT_OR_DEAD|MACH_PORT_TYPE_PORT_SET)
+#define MACH_PORT_TYPE_SEND_RECEIVE \
+ (MACH_PORT_TYPE_SEND|MACH_PORT_TYPE_RECEIVE)
+#define MACH_PORT_TYPE_SEND_RIGHTS \
+ (MACH_PORT_TYPE_SEND|MACH_PORT_TYPE_SEND_ONCE)
+#define MACH_PORT_TYPE_PORT_RIGHTS \
+ (MACH_PORT_TYPE_SEND_RIGHTS|MACH_PORT_TYPE_RECEIVE)
+#define MACH_PORT_TYPE_PORT_OR_DEAD \
+ (MACH_PORT_TYPE_PORT_RIGHTS|MACH_PORT_TYPE_DEAD_NAME)
+#define MACH_PORT_TYPE_ALL_RIGHTS \
+ (MACH_PORT_TYPE_PORT_OR_DEAD|MACH_PORT_TYPE_PORT_SET)
/* Dummy type bits that mach_port_type/mach_port_names can return. */
-#define MACH_PORT_TYPE_DNREQUEST 0x80000000
+#define MACH_PORT_TYPE_DNREQUEST 0x80000000
+#define MACH_PORT_TYPE_SPREQUEST 0x40000000
+#define MACH_PORT_TYPE_SPREQUEST_DELAYED 0x20000000
/* User-references for capabilities. */
typedef natural_t mach_port_urefs_t;
-typedef integer_t mach_port_delta_t; /* change in urefs */
+typedef integer_t mach_port_delta_t; /* change in urefs */
/* Attributes of ports. (See mach_port_get_receive_status.) */
-typedef natural_t mach_port_seqno_t; /* sequence number */
-typedef natural_t mach_port_mscount_t; /* make-send count */
-typedef natural_t mach_port_msgcount_t; /* number of msgs */
-typedef natural_t mach_port_rights_t; /* number of rights */
+typedef natural_t mach_port_seqno_t; /* sequence number */
+typedef natural_t mach_port_mscount_t; /* make-send count */
+typedef natural_t mach_port_msgcount_t; /* number of msgs */
+typedef natural_t mach_port_rights_t; /* number of rights */
/*
- * A port may have NMS detection enabled, in which case
- * it tracks outstanding send rights. Otherwise, there
- * is no information available about outstanding srights.
- * The return values are deliberately chosen to match
- * the old boolean (0=FALSE=no srights, 1=TRUE=srights,
- * 2=xxx=no information available).
+ * Are there outstanding send rights for a given port?
*/
-#define MACH_PORT_SRIGHTS_NONE 0 /* NMS: no srights */
-#define MACH_PORT_SRIGHTS_PRESENT 1 /* NMS: srights */
-#define MACH_PORT_SRIGHTS_NO_INFO 2 /* no NMS */
-typedef unsigned int mach_port_srights_t; /* status of send rights */
+#define MACH_PORT_SRIGHTS_NONE 0 /* no srights */
+#define MACH_PORT_SRIGHTS_PRESENT 1 /* srights */
+typedef unsigned int mach_port_srights_t; /* status of send rights */
typedef struct mach_port_status {
- mach_port_name_t mps_pset; /* containing port set */
- mach_port_seqno_t mps_seqno; /* sequence number */
- mach_port_mscount_t mps_mscount; /* make-send count */
- mach_port_msgcount_t mps_qlimit; /* queue limit */
- mach_port_msgcount_t mps_msgcount; /* number in the queue */
- mach_port_rights_t mps_sorights; /* how many send-once rights */
- boolean_t mps_srights; /* do send rights exist? */
- boolean_t mps_pdrequest; /* port-deleted requested? */
- boolean_t mps_nsrequest; /* no-senders requested? */
- unsigned int mps_flags; /* port flags */
+ mach_port_rights_t mps_pset; /* count of containing port sets */
+ mach_port_seqno_t mps_seqno; /* sequence number */
+ mach_port_mscount_t mps_mscount; /* make-send count */
+ mach_port_msgcount_t mps_qlimit; /* queue limit */
+ mach_port_msgcount_t mps_msgcount; /* number in the queue */
+ mach_port_rights_t mps_sorights; /* how many send-once rights */
+ boolean_t mps_srights; /* do send rights exist? */
+ boolean_t mps_pdrequest; /* port-deleted requested? */
+ boolean_t mps_nsrequest; /* no-senders requested? */
+ natural_t mps_flags; /* port flags */
} mach_port_status_t;
-#define MACH_PORT_QLIMIT_DEFAULT ((mach_port_msgcount_t) 5)
-#define MACH_PORT_QLIMIT_MAX ((mach_port_msgcount_t) 16)
+/* System-wide values for setting queue limits on a port */
+#define MACH_PORT_QLIMIT_ZERO (0)
+#define MACH_PORT_QLIMIT_BASIC (5)
+#define MACH_PORT_QLIMIT_SMALL (16)
+#define MACH_PORT_QLIMIT_LARGE (1024)
+#define MACH_PORT_QLIMIT_KERNEL (65534)
+#define MACH_PORT_QLIMIT_MIN MACH_PORT_QLIMIT_ZERO
+#define MACH_PORT_QLIMIT_DEFAULT MACH_PORT_QLIMIT_BASIC
+#define MACH_PORT_QLIMIT_MAX MACH_PORT_QLIMIT_LARGE
typedef struct mach_port_limits {
- mach_port_msgcount_t mpl_qlimit; /* number of msgs */
+ mach_port_msgcount_t mpl_qlimit; /* number of msgs */
} mach_port_limits_t;
-typedef integer_t *mach_port_info_t; /* varying array of natural_t */
+/* Possible values for mps_flags (part of mach_port_status_t) */
+#define MACH_PORT_STATUS_FLAG_TEMPOWNER 0x01
+#define MACH_PORT_STATUS_FLAG_GUARDED 0x02
+#define MACH_PORT_STATUS_FLAG_STRICT_GUARD 0x04
+#define MACH_PORT_STATUS_FLAG_IMP_DONATION 0x08
+#define MACH_PORT_STATUS_FLAG_REVIVE 0x10
+#define MACH_PORT_STATUS_FLAG_TASKPTR 0x20
+#define MACH_PORT_STATUS_FLAG_GUARD_IMMOVABLE_RECEIVE 0x40
+#define MACH_PORT_STATUS_FLAG_NO_GRANT 0x80
+
+typedef struct mach_port_info_ext {
+ mach_port_status_t mpie_status;
+ mach_port_msgcount_t mpie_boost_cnt;
+ uint32_t reserved[6];
+} mach_port_info_ext_t;
+
+typedef integer_t *mach_port_info_t; /* varying array of natural_t */
/* Flavors for mach_port_get/set_attributes() */
-typedef int mach_port_flavor_t;
-#define MACH_PORT_LIMITS_INFO 1 /* uses mach_port_status_t */
-#define MACH_PORT_RECEIVE_STATUS 2 /* uses mach_port_limits_t */
-#define MACH_PORT_DNREQUESTS_SIZE 3 /* info is int */
-
-#define MACH_PORT_LIMITS_INFO_COUNT \
- (sizeof(mach_port_limits_t)/sizeof(natural_t))
-#define MACH_PORT_RECEIVE_STATUS_COUNT \
- (sizeof(mach_port_status_t)/sizeof(natural_t))
+typedef int mach_port_flavor_t;
+#define MACH_PORT_LIMITS_INFO 1 /* uses mach_port_limits_t */
+#define MACH_PORT_RECEIVE_STATUS 2 /* uses mach_port_status_t */
+#define MACH_PORT_DNREQUESTS_SIZE 3 /* info is int */
+#define MACH_PORT_TEMPOWNER 4 /* indicates receive right will be reassigned to another task */
+#define MACH_PORT_IMPORTANCE_RECEIVER 5 /* indicates recieve right accepts priority donation */
+#define MACH_PORT_DENAP_RECEIVER 6 /* indicates receive right accepts de-nap donation */
+#define MACH_PORT_INFO_EXT 7 /* uses mach_port_info_ext_t */
+
+#define MACH_PORT_LIMITS_INFO_COUNT ((natural_t) \
+ (sizeof(mach_port_limits_t)/sizeof(natural_t)))
+#define MACH_PORT_RECEIVE_STATUS_COUNT ((natural_t) \
+ (sizeof(mach_port_status_t)/sizeof(natural_t)))
#define MACH_PORT_DNREQUESTS_SIZE_COUNT 1
-
+#define MACH_PORT_INFO_EXT_COUNT ((natural_t) \
+ (sizeof(mach_port_info_ext_t)/sizeof(natural_t)))
/*
* Structure used to pass information about port allocation requests.
* Must be padded to 64-bits total length.
*/
-
typedef struct mach_port_qos {
- boolean_t name:1; /* name given */
- boolean_t prealloc:1; /* prealloced message */
- boolean_t pad1:30;
- natural_t len;
+ unsigned int name:1; /* name given */
+ unsigned int prealloc:1; /* prealloced message */
+ boolean_t pad1:30;
+ natural_t len;
} mach_port_qos_t;
-#endif /* _MACH_PORT_H_ */
+/* Mach Port Guarding definitions */
+
+/*
+ * Flags for mach_port_options (used for
+ * invocation of mach_port_construct).
+ * Indicates attributes to be set for the newly
+ * allocated port.
+ */
+#define MPO_CONTEXT_AS_GUARD 0x01 /* Add guard to the port */
+#define MPO_QLIMIT 0x02 /* Set qlimit for the port msg queue */
+#define MPO_TEMPOWNER 0x04 /* Set the tempowner bit of the port */
+#define MPO_IMPORTANCE_RECEIVER 0x08 /* Mark the port as importance receiver */
+#define MPO_INSERT_SEND_RIGHT 0x10 /* Insert a send right for the port */
+#define MPO_STRICT 0x20 /* Apply strict guarding for port */
+#define MPO_DENAP_RECEIVER 0x40 /* Mark the port as App de-nap receiver */
+#define MPO_IMMOVABLE_RECEIVE 0x80 /* Mark the port as immovable; protected by the guard context */
+#define MPO_FILTER_MSG 0x100 /* Allow message filtering */
+#define MPO_TG_BLOCK_TRACKING 0x200 /* Track blocking relationship for thread group during sync IPC */
+
+/*
+ * Structure to define optional attributes for a newly
+ * constructed port.
+ */
+typedef struct mach_port_options {
+ uint32_t flags; /* Flags defining attributes for port */
+ mach_port_limits_t mpl; /* Message queue limit for port */
+ union {
+ uint64_t reserved[2]; /* Reserved */
+ mach_port_name_t work_interval_port; /* Work interval port */
+ };
+}mach_port_options_t;
+
+typedef mach_port_options_t *mach_port_options_ptr_t;
+
+/*
+ * EXC_GUARD represents a guard violation for both
+ * mach ports and file descriptors. GUARD_TYPE_ is used
+ * to differentiate among them.
+ */
+#define GUARD_TYPE_MACH_PORT 0x1
+
+/* Reasons for exception for a guarded mach port */
+enum mach_port_guard_exception_codes {
+ kGUARD_EXC_DESTROY = 1u << 0,
+ kGUARD_EXC_MOD_REFS = 1u << 1,
+ kGUARD_EXC_SET_CONTEXT = 1u << 2,
+ kGUARD_EXC_UNGUARDED = 1u << 3,
+ kGUARD_EXC_INCORRECT_GUARD = 1u << 4,
+ kGUARD_EXC_IMMOVABLE = 1u << 5,
+ kGUARD_EXC_STRICT_REPLY = 1u << 6,
+ kGUARD_EXC_MSG_FILTERED = 1u << 7,
+ /* start of [optionally] non-fatal guards */
+ kGUARD_EXC_INVALID_RIGHT = 1u << 8,
+ kGUARD_EXC_INVALID_NAME = 1u << 9,
+ kGUARD_EXC_INVALID_VALUE = 1u << 10,
+ kGUARD_EXC_INVALID_ARGUMENT = 1u << 11,
+ kGUARD_EXC_RIGHT_EXISTS = 1u << 12,
+ kGUARD_EXC_KERN_NO_SPACE = 1u << 13,
+ kGUARD_EXC_KERN_FAILURE = 1u << 14,
+ kGUARD_EXC_KERN_RESOURCE = 1u << 15,
+ kGUARD_EXC_SEND_INVALID_REPLY = 1u << 16,
+ kGUARD_EXC_SEND_INVALID_VOUCHER = 1u << 17,
+ kGUARD_EXC_SEND_INVALID_RIGHT = 1u << 18,
+ kGUARD_EXC_RCV_INVALID_NAME = 1u << 19,
+ kGUARD_EXC_RCV_GUARDED_DESC = 1u << 20, /* should never be fatal; for development only */
+ kGUARD_EXC_MOD_REFS_NON_FATAL = 1u << 21,
+ kGUARD_EXC_IMMOVABLE_NON_FATAL = 1u << 22,
+};
+
+#define MAX_FATAL_kGUARD_EXC_CODE (1u << 7)
+
+/*
+ * Mach port guard flags.
+ */
+#define MPG_FLAGS_NONE (0x00ull)
+
+/*
+ * These flags are used as bits in the subcode of kGUARD_EXC_STRICT_REPLY exceptions.
+ */
+#define MPG_FLAGS_STRICT_REPLY_INVALID_REPLY_DISP (0x01ull << 56)
+#define MPG_FLAGS_STRICT_REPLY_INVALID_REPLY_PORT (0x02ull << 56)
+#define MPG_FLAGS_STRICT_REPLY_INVALID_VOUCHER (0x04ull << 56)
+#define MPG_FLAGS_STRICT_REPLY_NO_BANK_ATTR (0x08ull << 56)
+#define MPG_FLAGS_STRICT_REPLY_MISMATCHED_PERSONA (0x10ull << 56)
+#define MPG_FLAGS_STRICT_REPLY_MASK (0xffull << 56)
+
+/*
+ * These flags are used as bits in the subcode of kGUARD_EXC_MOD_REFS exceptions.
+ */
+#define MPG_FLAGS_MOD_REFS_PINNED_DEALLOC (0x01ull << 56)
+
+/*
+ * These flags are used as bits in the subcode of kGUARD_EXC_IMMOVABLE exceptions.
+ */
+#define MPG_FLAGS_IMMOVABLE_PINNED (0x01ull << 56)
+
+/*
+ * Flags for mach_port_guard_with_flags. These flags extend
+ * the attributes associated with a guarded port.
+ */
+#define MPG_STRICT 0x01 /* Apply strict guarding for a port */
+#define MPG_IMMOVABLE_RECEIVE 0x02 /* Receive right cannot be moved out of the space */
+
+#if !__DARWIN_UNIX03 && !defined(_NO_PORT_T_FROM_MACH)
+/*
+ * Mach 3.0 renamed everything to have mach_ in front of it.
+ * These types and macros are provided for backward compatibility
+ * but are deprecated.
+ */
+typedef mach_port_t port_t;
+typedef mach_port_name_t port_name_t;
+typedef mach_port_name_t *port_name_array_t;
+
+#define PORT_NULL ((port_t) 0)
+#define PORT_DEAD ((port_t) ~0)
+#define PORT_VALID(name) \
+ ((port_t)(name) != PORT_NULL && (port_t)(name) != PORT_DEAD)
+
+#endif /* !__DARWIN_UNIX03 && !_NO_PORT_T_FROM_MACH */
+
+#endif /* _MACH_PORT_H_ */