X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/ea3f04195ba4a5034c9c8e9b726d4f7ce96f1832..f427ee49d309d8fc33ebf3042c3a775f2f530ded:/osfmk/ipc/ipc_object.c

diff --git a/osfmk/ipc/ipc_object.c b/osfmk/ipc/ipc_object.c
index adeef2d72..5086568f6 100644
--- a/osfmk/ipc/ipc_object.c
+++ b/osfmk/ipc/ipc_object.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
@@ -94,7 +94,16 @@
 
 #include <security/mac_mach_internal.h>
 
-zone_t ipc_object_zones[IOT_NUMBER];
+SECURITY_READ_ONLY_LATE(zone_t) ipc_object_zones[IOT_NUMBER];
+
+ZONE_INIT(&ipc_object_zones[IOT_PORT], "ipc ports", sizeof(struct ipc_port),
+    ZC_NOENCRYPT | ZC_CACHING | ZC_ZFREE_CLEARMEM | ZC_NOSEQUESTER,
+    ZONE_ID_IPC_PORT, NULL);
+
+ZONE_INIT(&ipc_object_zones[IOT_PORT_SET], "ipc port sets",
+    sizeof(struct ipc_pset),
+    ZC_NOENCRYPT | ZC_ZFREE_CLEARMEM | ZC_NOSEQUESTER,
+    ZONE_ID_IPC_PORT_SET, NULL);
 
 /*
  *	Routine:	ipc_object_reference
@@ -495,8 +504,13 @@ void
 ipc_object_validate(
 	ipc_object_t    object)
 {
-	int otype = (io_otype(object) == IOT_PORT_SET) ? IOT_PORT_SET : IOT_PORT;
-	zone_require(object, ipc_object_zones[otype]);
+	if (io_otype(object) != IOT_PORT_SET) {
+		zone_id_require(ZONE_ID_IPC_PORT,
+		    sizeof(struct ipc_port), object);
+	} else {
+		zone_id_require(ZONE_ID_IPC_PORT_SET,
+		    sizeof(struct ipc_pset), object);
+	}
 }
 
 /*
@@ -974,22 +988,6 @@ ipc_object_copyout(
 			io_unlock(object);
 			ipc_entry_dealloc(space, name, entry);
 			is_write_unlock(space);
-
-			switch (msgt_name) {
-			case MACH_MSG_TYPE_PORT_SEND_ONCE:
-				ipc_port_release_sonce(ip_object_to_port(object));
-				break;
-			case MACH_MSG_TYPE_PORT_SEND:
-				ipc_port_release_send(ip_object_to_port(object));
-				break;
-			default:
-				/*
-				 * We don't allow labeling of "kobjects" with receive
-				 * rights at user-space or port-sets. So, if we get this far,
-				 * something went VERY wrong.
-				 */
-				panic("ipc_object_copyout: bad port label check failure");
-			}
 			return KERN_INVALID_CAPABILITY;
 		}
 
@@ -1094,17 +1092,6 @@ ipc_object_copyout_name(
 			io_unlock(object);
 			ipc_entry_dealloc(space, name, entry);
 			is_write_unlock(space);
-
-			switch (msgt_name) {
-			case MACH_MSG_TYPE_PORT_SEND_ONCE:
-				ipc_port_release_sonce(ip_object_to_port(object));
-				break;
-			case MACH_MSG_TYPE_PORT_SEND:
-				ipc_port_release_send(ip_object_to_port(object));
-				break;
-			default:
-				panic("ipc_object_copyout_name: bad port label check failure");
-			}
 			return KERN_INVALID_CAPABILITY;
 		}