X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/d7e50217d7adf6e52786a38bcaa4cd698cb9a79e..2a1bd2d3eef5c7a7bb14f4bb9fdbca9a96ee4752:/osfmk/kern/exception.c diff --git a/osfmk/kern/exception.c b/osfmk/kern/exception.c index 682ba555d..91c688db5 100644 --- a/osfmk/kern/exception.c +++ b/osfmk/kern/exception.c @@ -1,17 +1,20 @@ /* - * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2020 Apple Computer, Inc. All rights reserved. + * + * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * - * @APPLE_LICENSE_HEADER_START@ - * - * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. - * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * + * compliance with the License. The rights granted to you under the License + * may not be used to create, or enable the creation or redistribution of, + * unlawful or unlicensed copies of an Apple operating system, or to + * circumvent, violate, or enable the circumvention or violation of, any + * terms of an Apple operating system software license agreement. + * + * Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this file. + * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, @@ -19,50 +22,52 @@ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. * Please see the License for the specific language governing rights and * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ + * + * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ */ /* * @OSF_COPYRIGHT@ */ -/* +/* * Mach Operating System * Copyright (c) 1991,1990,1989,1988,1987 Carnegie Mellon University * All Rights Reserved. - * + * * Permission to use, copy, modify and distribute this software and its * documentation is hereby granted, provided that both the copyright * notice and this permission notice appear in all copies of the * software, derivative works or modified versions, and any portions * thereof, and that both notices appear in supporting documentation. - * + * * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. - * + * * Carnegie Mellon requests users of this software to return to - * + * * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU * School of Computer Science * Carnegie Mellon University * Pittsburgh PA 15213-3890 - * + * * any improvements or extensions that they make and grant Carnegie Mellon * the rights to redistribute these changes. */ /* */ -#include - #include #include #include #include #include #include +#include #include #include +#include +#include + #include #include #include @@ -70,35 +75,26 @@ #include #include #include -#include + #include #include #include #include -#include #include #include #include #include #include -#include -#include +#include -#if MACH_KDB -#include -#endif /* MACH_KDB */ +#include -#if MACH_KDB +#include +#include -#include +#include -#if iPSC386 || iPSC860 -boolean_t debug_user_with_kdb = TRUE; -#else -boolean_t debug_user_with_kdb = FALSE; -#endif - -#endif /* MACH_KDB */ +bool panic_on_exception_triage = false; unsigned long c_thr_exc_raise = 0; unsigned long c_thr_exc_raise_state = 0; @@ -107,6 +103,54 @@ unsigned long c_tsk_exc_raise = 0; unsigned long c_tsk_exc_raise_state = 0; unsigned long c_tsk_exc_raise_state_id = 0; +/* forward declarations */ +kern_return_t exception_deliver( + thread_t thread, + exception_type_t exception, + mach_exception_data_t code, + mach_msg_type_number_t codeCnt, + struct exception_action *excp, + lck_mtx_t *mutex); + +static kern_return_t +check_exc_receiver_dependency( + exception_type_t exception, + struct exception_action *excp, + lck_mtx_t *mutex); + +#ifdef MACH_BSD +kern_return_t bsd_exception( + exception_type_t exception, + mach_exception_data_t code, + mach_msg_type_number_t codeCnt); +#endif /* MACH_BSD */ + +#if __has_feature(ptrauth_calls) +extern int exit_with_pac_exception( + void *proc, + exception_type_t exception, + mach_exception_code_t code, + mach_exception_subcode_t subcode); + +extern bool proc_is_traced(void *p); +#endif /* __has_feature(ptrauth_calls) */ + +/* + * Routine: exception_init + * Purpose: + * Global initialization of state for exceptions. + * Conditions: + * None. + */ +void +exception_init(void) +{ + int tmp = 0; + + if (PE_parse_boot_argn("-panic_on_exception_triage", &tmp, sizeof(tmp))) { + panic_on_exception_triage = true; + } +} /* * Routine: exception_deliver @@ -118,28 +162,48 @@ unsigned long c_tsk_exc_raise_state_id = 0; * thread_exception_return and thread_kdb_return * are possible. * Returns: - * If the exception was not handled by this handler + * KERN_SUCCESS if the exception was handled */ -void +kern_return_t exception_deliver( - exception_type_t exception, - exception_data_t code, + thread_t thread, + exception_type_t exception, + mach_exception_data_t code, mach_msg_type_number_t codeCnt, struct exception_action *excp, - mutex_t *mutex) + lck_mtx_t *mutex) { - thread_act_t a_self = current_act(); - ipc_port_t exc_port; - int behavior; - int flavor; - kern_return_t kr; + ipc_port_t exc_port = IPC_PORT_NULL; + exception_data_type_t small_code[EXCEPTION_CODE_MAX]; + int code64; + int behavior; + int flavor; + kern_return_t kr; + task_t task; + ipc_port_t thread_port = IPC_PORT_NULL, task_port = IPC_PORT_NULL; /* * Save work if we are terminating. * Just go back to our AST handler. */ - if (!a_self->active) - thread_exception_return(); + if (!thread->active && !thread->inspection) { + return KERN_SUCCESS; + } + + /* + * If there are no exception actions defined for this entity, + * we can't deliver here. + */ + if (excp == NULL) { + return KERN_FAILURE; + } + + assert(exception < EXC_TYPES_COUNT); + if (exception >= EXC_TYPES_COUNT) { + return KERN_FAILURE; + } + + excp = &excp[exception]; /* * Snapshot the exception action data under lock for consistency. @@ -148,106 +212,232 @@ exception_deliver( * the port from disappearing between now and when * ipc_object_copyin_from_kernel is finally called. */ - mutex_lock(mutex); + lck_mtx_lock(mutex); exc_port = excp->port; if (!IP_VALID(exc_port)) { - mutex_unlock(mutex); - return; + lck_mtx_unlock(mutex); + return KERN_FAILURE; } ip_lock(exc_port); if (!ip_active(exc_port)) { ip_unlock(exc_port); - mutex_unlock(mutex); - return; + lck_mtx_unlock(mutex); + return KERN_FAILURE; } - ip_reference(exc_port); + ip_reference(exc_port); exc_port->ip_srights++; ip_unlock(exc_port); flavor = excp->flavor; behavior = excp->behavior; - mutex_unlock(mutex); + lck_mtx_unlock(mutex); + + code64 = (behavior & MACH_EXCEPTION_CODES); + behavior &= ~MACH_EXCEPTION_MASK; + + if (!code64) { + small_code[0] = CAST_DOWN_EXPLICIT(exception_data_type_t, code[0]); + small_code[1] = CAST_DOWN_EXPLICIT(exception_data_type_t, code[1]); + } + + task = thread->task; + +#if CONFIG_MACF + /* Now is a reasonably good time to check if the exception action is + * permitted for this process, because after this point we will send + * the message out almost certainly. + * As with other failures, exception_triage_thread will go on + * to the next level. + */ + + /* The global exception-to-signal translation port is safe to be an exception handler. */ + if (is_ux_handler_port(exc_port) == FALSE && + mac_exc_action_check_exception_send(task, excp) != 0) { + kr = KERN_FAILURE; + goto out_release_right; + } +#endif + + if (behavior != EXCEPTION_STATE) { + task_reference(task); + task_port = convert_task_to_port(task); + /* task ref consumed */ + thread_reference(thread); + thread_port = convert_thread_to_port(thread); + /* thread ref consumed */ + } switch (behavior) { case EXCEPTION_STATE: { mach_msg_type_number_t state_cnt; - natural_t state[ THREAD_MACHINE_STATE_MAX ]; + thread_state_data_t state; c_thr_exc_raise_state++; - state_cnt = state_count[flavor]; - kr = thread_getstatus(a_self, flavor, - (thread_state_t)state, - &state_cnt); + state_cnt = _MachineStateCount[flavor]; + kr = thread_getstatus_to_user(thread, flavor, + (thread_state_t)state, + &state_cnt); if (kr == KERN_SUCCESS) { - kr = exception_raise_state(exc_port, exception, - code, codeCnt, - &flavor, - state, state_cnt, - state, &state_cnt); - if (kr == MACH_MSG_SUCCESS) - kr = thread_setstatus(a_self, flavor, - (thread_state_t)state, - state_cnt); + if (code64) { + kr = mach_exception_raise_state(exc_port, + exception, + code, + codeCnt, + &flavor, + state, state_cnt, + state, &state_cnt); + } else { + kr = exception_raise_state(exc_port, exception, + small_code, + codeCnt, + &flavor, + state, state_cnt, + state, &state_cnt); + } + if (kr == KERN_SUCCESS) { + if (exception != EXC_CORPSE_NOTIFY) { + kr = thread_setstatus_from_user(thread, flavor, + (thread_state_t)state, + state_cnt); + } + goto out_release_right; + } } - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - thread_exception_return(); - /*NOTREACHED*/ - return; + goto out_release_right; } case EXCEPTION_DEFAULT: c_thr_exc_raise++; - kr = exception_raise(exc_port, - retrieve_act_self_fast(a_self), - retrieve_task_self_fast(a_self->task), - exception, - code, codeCnt); + if (code64) { + kr = mach_exception_raise(exc_port, + thread_port, + task_port, + exception, + code, + codeCnt); + } else { + kr = exception_raise(exc_port, + thread_port, + task_port, + exception, + small_code, + codeCnt); + } - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - thread_exception_return(); - /*NOTREACHED*/ - return; + goto out_release_right; case EXCEPTION_STATE_IDENTITY: { mach_msg_type_number_t state_cnt; - natural_t state[ THREAD_MACHINE_STATE_MAX ]; + thread_state_data_t state; c_thr_exc_raise_state_id++; - state_cnt = state_count[flavor]; - kr = thread_getstatus(a_self, flavor, - (thread_state_t)state, - &state_cnt); + state_cnt = _MachineStateCount[flavor]; + kr = thread_getstatus_to_user(thread, flavor, + (thread_state_t)state, + &state_cnt); if (kr == KERN_SUCCESS) { - kr = exception_raise_state_identity(exc_port, - retrieve_act_self_fast(a_self), - retrieve_task_self_fast(a_self->task), - exception, - code, codeCnt, - &flavor, - state, state_cnt, - state, &state_cnt); - if (kr == MACH_MSG_SUCCESS) - kr = thread_setstatus(a_self, flavor, - (thread_state_t)state, - state_cnt); + if (code64) { + kr = mach_exception_raise_state_identity( + exc_port, + thread_port, + task_port, + exception, + code, + codeCnt, + &flavor, + state, state_cnt, + state, &state_cnt); + } else { + kr = exception_raise_state_identity(exc_port, + thread_port, + task_port, + exception, + small_code, + codeCnt, + &flavor, + state, state_cnt, + state, &state_cnt); + } + + if (kr == KERN_SUCCESS) { + if (exception != EXC_CORPSE_NOTIFY) { + kr = thread_setstatus_from_user(thread, flavor, + (thread_state_t)state, + state_cnt); + } + goto out_release_right; + } } - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - thread_exception_return(); - /*NOTREACHED*/ - return; + goto out_release_right; } - + default: - panic ("bad exception behavior!"); + panic("bad exception behavior!"); + return KERN_FAILURE; }/* switch */ + +out_release_right: + + if (task_port) { + ipc_port_release_send(task_port); + } + + if (thread_port) { + ipc_port_release_send(thread_port); + } + + if (exc_port) { + ipc_port_release_send(exc_port); + } + + return kr; +} + +/* + * Routine: check_exc_receiver_dependency + * Purpose: + * Verify that the port destined for receiving this exception is not + * on the current task. This would cause hang in kernel for + * EXC_CRASH primarily. Note: If port is transferred + * between check and delivery then deadlock may happen. + * + * Conditions: + * Nothing locked and no resources held. + * Called from an exception context. + * Returns: + * KERN_SUCCESS if its ok to send exception message. + */ +kern_return_t +check_exc_receiver_dependency( + exception_type_t exception, + struct exception_action *excp, + lck_mtx_t *mutex) +{ + kern_return_t retval = KERN_SUCCESS; + + if (excp == NULL || exception != EXC_CRASH) { + return retval; + } + + task_t task = current_task(); + lck_mtx_lock(mutex); + ipc_port_t xport = excp[exception].port; + if (IP_VALID(xport) + && ip_active(xport) + && task->itk_space == xport->ip_receiver) { + retval = KERN_FAILURE; + } + lck_mtx_unlock(mutex); + return retval; } + /* - * Routine: exception + * Routine: exception_triage_thread * Purpose: - * The current thread caught an exception. + * The thread caught an exception. * We make an up-call to the thread's exception server. * Conditions: * Nothing locked and no resources held. @@ -255,201 +445,216 @@ exception_deliver( * thread_exception_return and thread_kdb_return * are possible. * Returns: - * Doesn't return. + * KERN_SUCCESS if exception is handled by any of the handlers. */ -void -exception( - exception_type_t exception, - exception_data_t code, - mach_msg_type_number_t codeCnt) +kern_return_t +exception_triage_thread( + exception_type_t exception, + mach_exception_data_t code, + mach_msg_type_number_t codeCnt, + thread_t thread) { - thread_act_t thr_act; - task_t task; - host_priv_t host_priv; - struct exception_action *excp; - mutex_t *mutex; + task_t task; + host_priv_t host_priv; + lck_mtx_t *mutex; + kern_return_t kr = KERN_FAILURE; + assert(exception != EXC_RPC_ALERT); - if (exception == KERN_SUCCESS) - panic("exception"); + /* + * If this behavior has been requested by the the kernel + * (due to the boot environment), we should panic if we + * enter this function. This is intended as a debugging + * aid; it should allow us to debug why we caught an + * exception in environments where debugging is especially + * difficult. + */ + if (panic_on_exception_triage) { + panic("called exception_triage when it was forbidden by the boot environment"); + } /* * Try to raise the exception at the activation level. */ - thr_act = current_act(); - mutex = mutex_addr(thr_act->lock); - excp = &thr_act->exc_actions[exception]; - exception_deliver(exception, code, codeCnt, excp, mutex); + mutex = &thread->mutex; + if (KERN_SUCCESS == check_exc_receiver_dependency(exception, thread->exc_actions, mutex)) { + kr = exception_deliver(thread, exception, code, codeCnt, thread->exc_actions, mutex); + if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) { + goto out; + } + } /* * Maybe the task level will handle it. */ - task = current_task(); - mutex = mutex_addr(task->lock); - excp = &task->exc_actions[exception]; - exception_deliver(exception, code, codeCnt, excp, mutex); + task = thread->task; + mutex = &task->itk_lock_data; + if (KERN_SUCCESS == check_exc_receiver_dependency(exception, task->exc_actions, mutex)) { + kr = exception_deliver(thread, exception, code, codeCnt, task->exc_actions, mutex); + if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) { + goto out; + } + } /* * How about at the host level? */ host_priv = host_priv_self(); - mutex = mutex_addr(host_priv->lock); - excp = &host_priv->exc_actions[exception]; - exception_deliver(exception, code, codeCnt, excp, mutex); + mutex = &host_priv->lock; + + if (KERN_SUCCESS == check_exc_receiver_dependency(exception, host_priv->exc_actions, mutex)) { + kr = exception_deliver(thread, exception, code, codeCnt, host_priv->exc_actions, mutex); + if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) { + goto out; + } + } +out: + if ((exception != EXC_CRASH) && (exception != EXC_RESOURCE) && + (exception != EXC_GUARD) && (exception != EXC_CORPSE_NOTIFY)) { + thread_exception_return(); + } + return kr; +} + +/* + * Routine: exception_triage + * Purpose: + * The current thread caught an exception. + * We make an up-call to the thread's exception server. + * Conditions: + * Nothing locked and no resources held. + * Called from an exception context, so + * thread_exception_return and thread_kdb_return + * are possible. + * Returns: + * KERN_SUCCESS if exception is handled by any of the handlers. + */ +int debug4k_panic_on_exception = 0; +kern_return_t +exception_triage( + exception_type_t exception, + mach_exception_data_t code, + mach_msg_type_number_t codeCnt) +{ + thread_t thread = current_thread(); + if (VM_MAP_PAGE_SIZE(thread->task->map) < PAGE_SIZE) { + DEBUG4K_EXC("thread %p task %p map %p exception %d codes 0x%llx 0x%llx \n", thread, thread->task, thread->task->map, exception, code[0], code[1]); + if (debug4k_panic_on_exception) { + panic("DEBUG4K %s:%d thread %p task %p map %p exception %d codes 0x%llx 0x%llx \n", __FUNCTION__, __LINE__, thread, thread->task, thread->task->map, exception, code[0], code[1]); + } + } +#if __has_feature(ptrauth_calls) /* - * Nobody handled it, terminate the task. + * If it is a ptrauth violation, then check if the task has the TF_PAC_EXC_FATAL + * flag set and isn't being ptraced. If so, terminate the task via exit_with_reason */ + if (exception & EXC_PTRAUTH_BIT) { + exception &= ~EXC_PTRAUTH_BIT; -#if MACH_KDB - if (debug_user_with_kdb) { - /* - * Debug the exception with kdb. - * If kdb handles the exception, - * then thread_kdb_return won't return. - */ - db_printf("No exception server, calling kdb...\n"); - thread_kdb_return(); - } -#endif /* MACH_KDB */ + boolean_t traced_flag = FALSE; + task_t task = thread->task; + void *proc = task->bsd_info; - (void) task_terminate(task); - thread_exception_return(); - /*NOTREACHED*/ + if (task->bsd_info) { + traced_flag = proc_is_traced(proc); + } + + if (task_is_pac_exception_fatal(current_task()) && !traced_flag) { + exit_with_pac_exception(proc, exception, code[0], code[1]); + thread_exception_return(); + /* NOT_REACHABLE */ + } + } +#endif /* __has_feature(ptrauth_calls) */ + return exception_triage_thread(exception, code, codeCnt, thread); } kern_return_t bsd_exception( - exception_type_t exception, - exception_data_t code, + exception_type_t exception, + mach_exception_data_t code, mach_msg_type_number_t codeCnt) { - task_t task; - host_priv_t host_priv; - struct exception_action *excp; - mutex_t *mutex; - thread_act_t a_self = current_act(); - ipc_port_t exc_port; - int behavior; - int flavor; - kern_return_t kr; + task_t task; + lck_mtx_t *mutex; + thread_t self = current_thread(); + kern_return_t kr; /* * Maybe the task level will handle it. */ task = current_task(); - mutex = mutex_addr(task->lock); - excp = &task->exc_actions[exception]; + mutex = &task->itk_lock_data; - /* - * Save work if we are terminating. - * Just go back to our AST handler. - */ - if (!a_self->active) { - return(KERN_FAILURE); - } + kr = exception_deliver(self, exception, code, codeCnt, task->exc_actions, mutex); - /* - * Snapshot the exception action data under lock for consistency. - * Hold a reference to the port over the exception_raise_* calls - * so it can't be destroyed. This seems like overkill, but keeps - * the port from disappearing between now and when - * ipc_object_copyin_from_kernel is finally called. - */ - mutex_lock(mutex); - exc_port = excp->port; - if (!IP_VALID(exc_port)) { - mutex_unlock(mutex); - return(KERN_FAILURE); - } - ip_lock(exc_port); - if (!ip_active(exc_port)) { - ip_unlock(exc_port); - mutex_unlock(mutex); - return(KERN_FAILURE); + if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) { + return KERN_SUCCESS; } - ip_reference(exc_port); - exc_port->ip_srights++; - ip_unlock(exc_port); - - flavor = excp->flavor; - behavior = excp->behavior; - mutex_unlock(mutex); - - switch (behavior) { - case EXCEPTION_STATE: { - mach_msg_type_number_t state_cnt; - natural_t state[ THREAD_MACHINE_STATE_MAX ]; - - c_thr_exc_raise_state++; - state_cnt = state_count[flavor]; - kr = thread_getstatus(a_self, flavor, - (thread_state_t)state, - &state_cnt); - if (kr == KERN_SUCCESS) { - kr = exception_raise_state(exc_port, exception, - code, codeCnt, - &flavor, - state, state_cnt, - state, &state_cnt); - if (kr == MACH_MSG_SUCCESS) - kr = thread_setstatus(a_self, flavor, - (thread_state_t)state, - state_cnt); - } - - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - return(KERN_SUCCESS); + return KERN_FAILURE; +} - return(KERN_FAILURE); - } - case EXCEPTION_DEFAULT: - c_thr_exc_raise++; - kr = exception_raise(exc_port, - retrieve_act_self_fast(a_self), - retrieve_task_self_fast(a_self->task), - exception, - code, codeCnt); +/* + * Raise an exception on a task. + * This should tell launchd to launch Crash Reporter for this task. + */ +kern_return_t +task_exception_notify(exception_type_t exception, + mach_exception_data_type_t exccode, mach_exception_data_type_t excsubcode) +{ + mach_exception_data_type_t code[EXCEPTION_CODE_MAX]; + wait_interrupt_t wsave; + kern_return_t kr = KERN_SUCCESS; - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - return(KERN_SUCCESS); - return(KERN_FAILURE); + code[0] = exccode; + code[1] = excsubcode; - case EXCEPTION_STATE_IDENTITY: { - mach_msg_type_number_t state_cnt; - natural_t state[ THREAD_MACHINE_STATE_MAX ]; + wsave = thread_interrupt_level(THREAD_UNINT); + kr = exception_triage(exception, code, EXCEPTION_CODE_MAX); + (void) thread_interrupt_level(wsave); + return kr; +} - c_thr_exc_raise_state_id++; - state_cnt = state_count[flavor]; - kr = thread_getstatus(a_self, flavor, - (thread_state_t)state, - &state_cnt); - if (kr == KERN_SUCCESS) { - kr = exception_raise_state_identity(exc_port, - retrieve_act_self_fast(a_self), - retrieve_task_self_fast(a_self->task), - exception, - code, codeCnt, - &flavor, - state, state_cnt, - state, &state_cnt); - if (kr == MACH_MSG_SUCCESS) - kr = thread_setstatus(a_self, flavor, - (thread_state_t)state, - state_cnt); - } - if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED) - return(KERN_SUCCESS); - return(KERN_FAILURE); +/* + * Handle interface for special performance monitoring + * This is a special case of the host exception handler + */ +kern_return_t +sys_perf_notify(thread_t thread, int pid) +{ + host_priv_t hostp; + ipc_port_t xport; + wait_interrupt_t wsave; + kern_return_t ret; + + hostp = host_priv_self(); /* Get the host privileged ports */ + mach_exception_data_type_t code[EXCEPTION_CODE_MAX]; + code[0] = 0xFF000001; /* Set terminate code */ + code[1] = pid; /* Pass out the pid */ + + struct task *task = thread->task; + xport = hostp->exc_actions[EXC_RPC_ALERT].port; + + /* Make sure we're not catching our own exception */ + if (!IP_VALID(xport) || + !ip_active(xport) || + task->itk_space == xport->data.receiver) { + return KERN_FAILURE; } - - default: - - return(KERN_FAILURE); - }/* switch */ - return(KERN_FAILURE); -} + wsave = thread_interrupt_level(THREAD_UNINT); + ret = exception_deliver( + thread, + EXC_RPC_ALERT, + code, + 2, + hostp->exc_actions, + &hostp->lock); + (void)thread_interrupt_level(wsave); + + return ret; +}