X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/c0fea4742e91338fffdcf79f86a7c1d5e2b97eb1..008676633c2ad2c325837c2b64915f7ded690a8f:/osfmk/i386/user_ldt.c diff --git a/osfmk/i386/user_ldt.c b/osfmk/i386/user_ldt.c index 1c735f0d0..8b5791455 100644 --- a/osfmk/i386/user_ldt.c +++ b/osfmk/i386/user_ldt.c @@ -1,23 +1,29 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2009 Apple Inc. All rights reserved. * - * @APPLE_LICENSE_HEADER_START@ + * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. The rights granted to you under the License + * may not be used to create, or enable the creation or redistribution of, + * unlawful or unlicensed copies of an Apple operating system, or to + * circumvent, violate, or enable the circumvention or violation of, any + * terms of an Apple operating system software license agreement. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * - * @APPLE_LICENSE_HEADER_END@ + * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ */ /* * @OSF_COPYRIGHT@ @@ -62,14 +68,14 @@ #include -#include -#include -#include -#include -#include #include +#include #include #include +#include +#include +#include +#include #include @@ -82,7 +88,7 @@ static void user_ldt_set_action(void *); int i386_set_ldt( - int *retval, + uint32_t *retval, uint32_t start_sel, uint32_t descs, /* out */ uint32_t num_sels) @@ -100,7 +106,7 @@ i386_set_ldt( && (start_sel < min_selector || start_sel >= LDTSZ)) return EINVAL; if (start_sel != LDT_AUTO_ALLOC - && start_sel + num_sels > LDTSZ) + && (uint64_t)start_sel + (uint64_t)num_sels > LDTSZ) /* cast to uint64_t to detect wrap-around */ return EINVAL; task_lock(task); @@ -146,7 +152,7 @@ i386_set_ldt( start_sel = LDTSZ_MIN; } - if (start_sel + num_sels > LDTSZ) { + if ((uint64_t)start_sel + (uint64_t)num_sels > LDTSZ) { task_unlock(task); return ENOMEM; } @@ -170,7 +176,7 @@ i386_set_ldt( } ldt_count = end_sel - begin_sel; - + /* XXX allocation under task lock */ new_ldt = (user_ldt_t)kalloc(sizeof(struct user_ldt) + (ldt_count * sizeof(struct real_descriptor))); if (new_ldt == NULL) { task_unlock(task); @@ -206,6 +212,7 @@ i386_set_ldt( * Install new descriptors. */ if (descs != 0) { + /* XXX copyin under task lock */ err = copyin(descs, (char *)&new_ldt->ldt[start_sel - begin_sel], num_sels * sizeof(struct real_descriptor)); if (err != 0) @@ -220,7 +227,7 @@ i386_set_ldt( /* * Validate descriptors. - * Only allow descriptors with user priviledges. + * Only allow descriptors with user privileges. */ for (i = 0, dp = (struct real_descriptor *) &new_ldt->ldt[start_sel - begin_sel]; i < num_sels; @@ -229,7 +236,8 @@ i386_set_ldt( switch (dp->access & ~ACC_A) { case 0: case ACC_P: - /* valid empty descriptor */ + /* valid empty descriptor, clear Present preemptively */ + dp->access &= (~ACC_P & 0xff); break; case ACC_P | ACC_PL_U | ACC_DATA: case ACC_P | ACC_PL_U | ACC_DATA_W: @@ -239,8 +247,6 @@ i386_set_ldt( case ACC_P | ACC_PL_U | ACC_CODE_R: case ACC_P | ACC_PL_U | ACC_CODE_C: case ACC_P | ACC_PL_U | ACC_CODE_CR: - case ACC_P | ACC_PL_U | ACC_CALL_GATE_16: - case ACC_P | ACC_PL_U | ACC_CALL_GATE: break; default: task_unlock(task); @@ -258,7 +264,7 @@ i386_set_ldt( * and we need to make sure the new LDT is in place * throughout the task before returning to the user. */ - mp_rendezvous_no_intrs(user_ldt_set_action, task); + mp_broadcast(user_ldt_set_action, task); task_unlock(task); @@ -276,7 +282,7 @@ i386_set_ldt( int i386_get_ldt( - int *retval, + uint32_t *retval, uint32_t start_sel, uint32_t descs, /* out */ uint32_t num_sels) @@ -288,7 +294,7 @@ i386_get_ldt( if (start_sel >= 8192) return EINVAL; - if (start_sel + num_sels > 8192) + if ((uint64_t)start_sel + (uint64_t)num_sels > 8192) return EINVAL; if (descs == 0) return EINVAL; @@ -383,7 +389,7 @@ user_ldt_set( bcopy(user_ldt->ldt, &ldtp[user_ldt->start], sizeof(struct real_descriptor) * (user_ldt->count)); - gdt_desc_p(USER_LDT)->limit_low = (sizeof(struct real_descriptor) * (user_ldt->start + user_ldt->count)) - 1; + gdt_desc_p(USER_LDT)->limit_low = (uint16_t)((sizeof(struct real_descriptor) * (user_ldt->start + user_ldt->count)) - 1); ml_cpu_set_ldt(USER_LDT); } else {