X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/b0d623f7f2ae71ed96e60569f61f9a9a27016e80..bb59bff194111743b33cc36712410b5656329d3c:/osfmk/kern/exception.c

diff --git a/osfmk/kern/exception.c b/osfmk/kern/exception.c
index a3578e1a0..7d9cb9342 100644
--- a/osfmk/kern/exception.c
+++ b/osfmk/kern/exception.c
@@ -56,8 +56,6 @@
 /*
  */
 
-#include <mach_kdb.h>
-
 #include <mach/mach_types.h>
 #include <mach/boolean.h>
 #include <mach/kern_return.h>
@@ -86,22 +84,7 @@
 #include <kern/host.h>
 #include <kern/misc_protos.h>
 #include <string.h>
-
-#if	MACH_KDB
-#include <ddb/db_trap.h>
-#endif	/* MACH_KDB */
-
-#if	MACH_KDB
-
-#include <ddb/db_output.h>
-
-#if iPSC386 || iPSC860
-boolean_t debug_user_with_kdb = TRUE;
-#else
-boolean_t debug_user_with_kdb = FALSE;
-#endif
-
-#endif	/* MACH_KDB */
+#include <pexpert/pexpert.h>
 
 unsigned long c_thr_exc_raise = 0;
 unsigned long c_thr_exc_raise_state = 0;
@@ -119,6 +102,12 @@ kern_return_t exception_deliver(
 	struct exception_action *excp,
 	lck_mtx_t			*mutex);
 
+static kern_return_t
+check_exc_receiver_dependancy(
+	exception_type_t exception, 
+	struct exception_action *excp, 
+	lck_mtx_t *mutex);
+
 #ifdef MACH_BSD
 kern_return_t bsd_exception(
 	exception_type_t	exception,
@@ -161,6 +150,19 @@ exception_deliver(
 	if (!thread->active)
 		return KERN_SUCCESS;
 
+	/*
+	 * If there are no exception actions defined for this entity,
+	 * we can't deliver here.
+	 */
+	if (excp == NULL)
+		return KERN_FAILURE;
+
+	assert(exception < EXC_TYPES_COUNT);
+	if (exception >= EXC_TYPES_COUNT)
+		return KERN_FAILURE;
+
+	excp = &excp[exception];
+
 	/*
 	 * Snapshot the exception action data under lock for consistency.
 	 * Hold a reference to the port over the exception_raise_* calls
@@ -300,6 +302,42 @@ exception_deliver(
 	}/* switch */
 }
 
+/*
+ * Routine: check_exc_receiver_dependancy
+ * Purpose:
+ *      Verify that the port destined for receiving this exception is not
+ *      on the current task. This would cause hang in kernel for
+ *      EXC_CRASH primarily. Note: If port is transferred
+ *      between check and delivery then deadlock may happen.
+ *
+ * Conditions:
+ *		Nothing locked and no resources held.
+ *		Called from an exception context.
+ * Returns:
+ *      KERN_SUCCESS if its ok to send exception message.
+ */
+kern_return_t
+check_exc_receiver_dependancy(
+	exception_type_t exception,
+	struct exception_action *excp,
+	lck_mtx_t *mutex)
+{
+	kern_return_t retval = KERN_SUCCESS;
+
+	if (excp == NULL || exception != EXC_CRASH)
+		return retval;
+
+	task_t task = current_task();
+	lck_mtx_lock(mutex);
+	ipc_port_t xport = excp[exception].port;
+	if ( IP_VALID(xport)
+		     && ip_active(xport)
+		     && task->itk_space == xport->ip_receiver)
+		retval = KERN_FAILURE;
+	lck_mtx_unlock(mutex);
+	return retval;
+}
+
 /*
  *	Routine:	exception
  *	Purpose:
@@ -322,65 +360,58 @@ exception_triage(
 	thread_t		thread;
 	task_t			task;
 	host_priv_t		host_priv;
-	struct exception_action *excp;
-	lck_mtx_t			*mutex;
-	kern_return_t		kr;
+	lck_mtx_t		*mutex;
+	kern_return_t	kr;
 
 	assert(exception != EXC_RPC_ALERT);
 
-	if (exception == KERN_SUCCESS)
-		panic("exception");
+	thread = current_thread();
 
 	/*
 	 * Try to raise the exception at the activation level.
 	 */
-	thread = current_thread();
 	mutex = &thread->mutex;
-	excp = &thread->exc_actions[exception];
-	kr = exception_deliver(thread, exception, code, codeCnt, excp, mutex);
-	if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
-		goto out;
+	if (KERN_SUCCESS == check_exc_receiver_dependancy(exception, thread->exc_actions, mutex))
+	{
+		kr = exception_deliver(thread, exception, code, codeCnt, thread->exc_actions, mutex);
+		if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+			goto out;
+	}
 
 	/*
 	 * Maybe the task level will handle it.
 	 */
 	task = current_task();
 	mutex = &task->lock;
-	excp = &task->exc_actions[exception];
-	kr = exception_deliver(thread, exception, code, codeCnt, excp, mutex);
-	if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
-		goto out;
+	if (KERN_SUCCESS == check_exc_receiver_dependancy(exception, task->exc_actions, mutex))
+	{
+		kr = exception_deliver(thread, exception, code, codeCnt, task->exc_actions, mutex);
+		if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+			goto out;
+	}
 
 	/*
 	 * How about at the host level?
 	 */
 	host_priv = host_priv_self();
 	mutex = &host_priv->lock;
-	excp = &host_priv->exc_actions[exception];
-	kr = exception_deliver(thread, exception, code, codeCnt, excp, mutex);
-	if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
-		goto out;
+	
+	if (KERN_SUCCESS == check_exc_receiver_dependancy(exception, host_priv->exc_actions, mutex))
+	{
+		kr = exception_deliver(thread, exception, code, codeCnt, host_priv->exc_actions, mutex);
+		if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+			goto out;
+	}
 
 	/*
 	 * Nobody handled it, terminate the task.
 	 */
 
-#if	MACH_KDB
-	if (debug_user_with_kdb) {
-		/*
-		 *	Debug the exception with kdb.
-		 *	If kdb handles the exception,
-		 *	then thread_kdb_return won't return.
-		 */
-		db_printf("No exception server, calling kdb...\n");
-		thread_kdb_return();
-	}
-#endif	/* MACH_KDB */
-
 	(void) task_terminate(task);
 
 out:
-	if (exception != EXC_CRASH)
+	if ((exception != EXC_CRASH) && (exception != EXC_RESOURCE) &&
+	    (exception != EXC_GUARD))
 		thread_exception_return();
 	return;
 }
@@ -392,7 +423,6 @@ bsd_exception(
 	mach_msg_type_number_t  codeCnt)
 {
 	task_t			task;
-	struct exception_action *excp;
 	lck_mtx_t		*mutex;
 	thread_t		self = current_thread();
 	kern_return_t		kr;
@@ -402,9 +432,8 @@ bsd_exception(
 	 */
 	task = current_task();
 	mutex = &task->lock;
-	excp = &task->exc_actions[exception];
 
-	kr = exception_deliver(self, exception, code, codeCnt, excp, mutex);
+	kr = exception_deliver(self, exception, code, codeCnt, task->exc_actions, mutex);
 
 	if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
 		return(KERN_SUCCESS);
@@ -413,11 +442,11 @@ bsd_exception(
 
 
 /*
- * Raise an EXC_CRASH exception on the dying task.
+ * Raise an exception on a task.
  * This should tell launchd to launch Crash Reporter for this task.
  */
-kern_return_t abnormal_exit_notify(mach_exception_data_type_t exccode, 
-		mach_exception_data_type_t excsubcode)
+kern_return_t task_exception_notify(exception_type_t exception,
+	mach_exception_data_type_t exccode, mach_exception_data_type_t excsubcode)
 {
 	mach_exception_data_type_t	code[EXCEPTION_CODE_MAX];
 	wait_interrupt_t		wsave;
@@ -426,7 +455,7 @@ kern_return_t abnormal_exit_notify(mach_exception_data_type_t exccode,
 	code[1] = excsubcode;
 
 	wsave = thread_interrupt_level(THREAD_UNINT);
-	exception_triage(EXC_CRASH, code, EXCEPTION_CODE_MAX);
+	exception_triage(exception, code, EXCEPTION_CODE_MAX);
 	(void) thread_interrupt_level(wsave);
 	return (KERN_SUCCESS);
 }
@@ -438,9 +467,7 @@ kern_return_t abnormal_exit_notify(mach_exception_data_type_t exccode,
  */
 kern_return_t sys_perf_notify(thread_t thread, int pid) 
 {
-
 	host_priv_t		hostp;
-	struct exception_action *excp;
 	ipc_port_t		xport;
 	wait_interrupt_t	wsave;
 	kern_return_t		ret;
@@ -451,8 +478,7 @@ kern_return_t sys_perf_notify(thread_t thread, int pid)
 	code[1] = pid;		/* Pass out the pid */
 
 	struct task *task = thread->task;
-	excp = &hostp->exc_actions[EXC_RPC_ALERT];	
-	xport = excp->port;	
+	xport = hostp->exc_actions[EXC_RPC_ALERT].port;	
 
 	/* Make sure we're not catching our own exception */
 	if (!IP_VALID(xport) ||
@@ -468,7 +494,7 @@ kern_return_t sys_perf_notify(thread_t thread, int pid)
 			EXC_RPC_ALERT, 
 			code, 
 			2, 
-			excp,
+			hostp->exc_actions,
 			&hostp->lock);
 	(void)thread_interrupt_level(wsave);