1/*
2 * Copyright (c) 2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 *
28 */
29
30#include <kern/assert.h>
31#include <kern/locks.h>
32#include <kern/task.h>
33#include <kern/thread.h>
34#include <kern/sfi.h>
35#include <libkern/libkern.h>
36#include <mach/mach_time.h>
37#include <pexpert/pexpert.h>
38#include <sys/proc.h>
39#include <sys/proc_info.h>
40#include <sys/sysproto.h>
41#include <sys/sfi.h>
42#include <sys/kdebug.h>
43#include <sys/priv.h>
44#include <kern/policy_internal.h>
45
46/*
47 * This file provides the syscall-based configuration facility
48 * for Selective Forced Idle (SFI). Input arguments have basic checking
49 * applied here, although more specific semantic checking is done in
50 * osfmk/kern/sfi.c. All copyin()/copyout() operations are performed
51 * in this source file.
52 */
53
54#define SFI_DEBUG 0
55
56#if SFI_DEBUG
57#define dprintf(...) printf(__VA_ARGS__)
58#else
59#define dprintf(...) do { } while(0)
60#endif
61
62static int proc_apply_sfi_managed(proc_t p, void * arg);
63
64int
65sfi_ctl(struct proc *p __unused, struct sfi_ctl_args *uap, int32_t *retval __unused)
66{
67 uint32_t operation = uap->operation;
68 int error = 0;
69 kern_return_t kret = KERN_SUCCESS;
70 uint64_t out_time = 0;
71
72 switch (operation) {
73 case SFI_CTL_OPERATION_SFI_SET_WINDOW:
74 if (uap->out_time != USER_ADDR_NULL) {
75 return EINVAL;
76 }
77 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
78 return EINVAL;
79 }
80
81 error = priv_check_cred(cred: kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, flags: 0);
82 if (error) {
83 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
84 return error;
85 } else {
86 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
87 }
88
89 if (uap->time == 0) {
90 /* actually a cancel */
91 kret = sfi_window_cancel();
92 } else {
93 kret = sfi_set_window(window_usecs: uap->time);
94 }
95
96 if (kret) {
97 error = EINVAL;
98 }
99
100 break;
101 case SFI_CTL_OPERATION_SFI_GET_WINDOW:
102 if (uap->time != 0) {
103 return EINVAL;
104 }
105 if (uap->sfi_class != SFI_CLASS_UNSPECIFIED) {
106 return EINVAL;
107 }
108
109 kret = sfi_get_window(window_usecs: &out_time);
110 if (kret == KERN_SUCCESS) {
111 error = copyout(&out_time, uap->out_time, sizeof(out_time));
112 } else {
113 error = EINVAL;
114 }
115
116 break;
117 case SFI_CTL_OPERATION_SET_CLASS_OFFTIME:
118 if (uap->out_time != USER_ADDR_NULL) {
119 return EINVAL;
120 }
121
122 error = priv_check_cred(cred: kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, flags: 0);
123 if (error) {
124 dprintf("%s failed privilege check for sfi_ctl: %d\n", p->p_comm, error);
125 return error;
126 } else {
127 dprintf("%s succeeded privilege check for sfi_ctl\n", p->p_comm);
128 }
129
130 if (uap->time == 0) {
131 /* actually a cancel */
132 kret = sfi_class_offtime_cancel(class_id: uap->sfi_class);
133 } else {
134 kret = sfi_set_class_offtime(class_id: uap->sfi_class, offtime_usecs: uap->time);
135 }
136
137 if (kret) {
138 error = EINVAL;
139 }
140
141 break;
142 case SFI_CTL_OPERATION_GET_CLASS_OFFTIME:
143 if (uap->time != 0) {
144 return EINVAL;
145 }
146
147 kret = sfi_get_class_offtime(class_id: uap->sfi_class, offtime_usecs: &out_time);
148 if (kret == KERN_SUCCESS) {
149 error = copyout(&out_time, uap->out_time, sizeof(out_time));
150 } else {
151 error = EINVAL;
152 }
153
154 break;
155 default:
156 error = ENOTSUP;
157 break;
158 }
159
160 return error;
161}
162
163static int
164proc_apply_sfi_managed(proc_t p, void * arg)
165{
166 uint32_t flags = *(uint32_t *)arg;
167 pid_t pid = proc_getpid(p);
168 boolean_t managed_enabled = (flags == SFI_PROCESS_SET_MANAGED)? TRUE : FALSE;
169
170 if (pid == 0) { /* ignore setting on kernproc */
171 return PROC_RETURNED;
172 }
173
174 if (managed_enabled) {
175 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_SET_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
176 } else {
177 KERNEL_DEBUG_CONSTANT(MACHDBG_CODE(DBG_MACH_SFI, SFI_PID_CLEAR_MANAGED) | DBG_FUNC_NONE, pid, 0, 0, 0, 0);
178 }
179
180 proc_set_task_policy(task: proc_task(p),
181 TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED,
182 value: managed_enabled ? TASK_POLICY_ENABLE : TASK_POLICY_DISABLE);
183
184 return PROC_RETURNED;
185}
186
187int
188sfi_pidctl(struct proc *p __unused, struct sfi_pidctl_args *uap, int32_t *retval __unused)
189{
190 uint32_t operation = uap->operation;
191 pid_t pid = uap->pid;
192 int error = 0;
193 uint32_t out_flags = 0;
194 boolean_t managed_enabled;
195 proc_t targetp;
196
197 switch (operation) {
198 case SFI_PIDCTL_OPERATION_PID_SET_FLAGS:
199 if (uap->out_sfi_flags != USER_ADDR_NULL
200 || !(uap->sfi_flags & SFI_PROCESS_SET_MANAGED_MASK)
201 || uap->sfi_flags == SFI_PROCESS_SET_MANAGED_MASK) {
202 return EINVAL;
203 }
204
205 error = priv_check_cred(cred: kauth_cred_get(), PRIV_SELECTIVE_FORCED_IDLE, flags: 0);
206 if (error) {
207 dprintf("%s failed privilege check for sfi_pidctl: %d\n", p->p_comm, error);
208 return error;
209 } else {
210 dprintf("%s succeeded privilege check for sfi_pidctl\n", p->p_comm);
211 }
212
213 if (uap->pid == 0) {
214 /* only allow SFI_PROCESS_SET_UNMANAGED for pid 0 */
215 if (uap->sfi_flags != SFI_PROCESS_SET_UNMANAGED) {
216 return EINVAL;
217 }
218
219 proc_iterate(PROC_ALLPROCLIST, callout: proc_apply_sfi_managed, arg: (void *)&uap->sfi_flags, NULL, NULL);
220 break;
221 }
222
223 targetp = proc_find(pid);
224 if (!targetp) {
225 error = ESRCH;
226 break;
227 }
228
229 proc_apply_sfi_managed(p: targetp, arg: (void *)&uap->sfi_flags);
230
231 proc_rele(p: targetp);
232
233 break;
234 case SFI_PIDCTL_OPERATION_PID_GET_FLAGS:
235 if (uap->sfi_flags != 0) {
236 return EINVAL;
237 }
238 if (uap->pid == 0) {
239 return EINVAL;
240 }
241
242 targetp = proc_find(pid);
243 if (!targetp) {
244 error = ESRCH;
245 break;
246 }
247
248 managed_enabled = proc_get_task_policy(task: proc_task(targetp), TASK_POLICY_ATTRIBUTE, TASK_POLICY_SFI_MANAGED);
249
250 proc_rele(p: targetp);
251
252 out_flags = managed_enabled ? SFI_PROCESS_SET_MANAGED : SFI_PROCESS_SET_UNMANAGED;
253
254 error = copyout(&out_flags, uap->out_sfi_flags, sizeof(out_flags));
255
256 break;
257 default:
258 error = ENOTSUP;
259 break;
260 }
261
262 return error;
263}
264