1 | /* |
2 | * Copyright (c) 2017 Apple Inc. All rights reserved. |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
5 | * |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License |
8 | * Version 2.0 (the 'License'). You may not use this file except in |
9 | * compliance with the License. The rights granted to you under the License |
10 | * may not be used to create, or enable the creation or redistribution of, |
11 | * unlawful or unlicensed copies of an Apple operating system, or to |
12 | * circumvent, violate, or enable the circumvention or violation of, any |
13 | * terms of an Apple operating system software license agreement. |
14 | * |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
17 | * |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and |
24 | * limitations under the License. |
25 | * |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
27 | */ |
28 | |
29 | #include <kern/ux_handler.h> |
30 | #include <sys/ux_exception.h> |
31 | |
32 | #include <mach/exception.h> |
33 | #include <mach/kern_return.h> |
34 | #include <mach/port.h> |
35 | #include <mach/mach_port.h> |
36 | #include <mach/mig_errors.h> |
37 | |
38 | #include <kern/thread.h> |
39 | #include <kern/task.h> |
40 | #include <kern/ipc_kobject.h> |
41 | #include <kern/ipc_tt.h> |
42 | |
43 | #include <ipc/ipc_port.h> |
44 | |
45 | #include <mach/host_priv.h> |
46 | #include <kern/host.h> |
47 | |
48 | #include <mach/exc_server.h> |
49 | #include <mach/mach_exc_server.h> |
50 | |
51 | #include <libkern/section_keywords.h> |
52 | |
53 | /* |
54 | * Mach kobject port to reflect Mach exceptions into Unix signals. |
55 | * |
56 | * This is the default Mach exception handler for initproc, which |
57 | * then filters to all subprocesses as the host level exception handler for |
58 | * most Mach exceptions. |
59 | */ |
60 | |
61 | static SECURITY_READ_ONLY_LATE(const void *) ux_handler_kobject = NULL; |
62 | SECURITY_READ_ONLY_LATE(ipc_port_t) ux_handler_port = IP_NULL; |
63 | |
64 | IPC_KOBJECT_DEFINE(IKOT_UX_HANDLER, |
65 | .iko_op_stable = true, |
66 | .iko_op_permanent = true); |
67 | |
68 | /* |
69 | * init is called early in Mach initialization |
70 | * when we can initialize read-only memory |
71 | */ |
72 | void |
73 | ux_handler_init(void) |
74 | { |
75 | ux_handler_port = ipc_kobject_alloc_port(kobject: &ux_handler_kobject, |
76 | type: IKOT_UX_HANDLER, options: IPC_KOBJECT_ALLOC_MAKE_SEND); |
77 | } |
78 | |
79 | /* |
80 | * setup is called late in BSD initialization from initproc's context |
81 | * so the MAC hook goo inside host_set_exception_ports will be able to |
82 | * set up labels without falling over. |
83 | */ |
84 | void |
85 | ux_handler_setup(void) |
86 | { |
87 | ipc_port_t ux_handler_send_right; |
88 | kern_return_t kr = KERN_SUCCESS; |
89 | |
90 | ux_handler_send_right = ipc_kobject_make_send(port: ux_handler_port, |
91 | kobject: &ux_handler_kobject, kotype: IKOT_UX_HANDLER); |
92 | |
93 | if (!IP_VALID(ux_handler_send_right)) { |
94 | panic("Couldn't allocate send right for ux_handler_port!" ); |
95 | } |
96 | |
97 | |
98 | /* |
99 | * Consumes 1 send right. |
100 | * |
101 | * Instruments uses the RPC_ALERT port, so don't register for that. |
102 | */ |
103 | kr = host_set_exception_ports(host_priv: host_priv_self(), |
104 | EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT | EXC_MASK_GUARD), |
105 | new_port: ux_handler_send_right, |
106 | EXCEPTION_DEFAULT | MACH_EXCEPTION_CODES, |
107 | new_flavor: 0); |
108 | |
109 | if (kr != KERN_SUCCESS) { |
110 | panic("host_set_exception_ports failed to set ux_handler! %d" , kr); |
111 | } |
112 | } |
113 | |
114 | /* |
115 | * Is this port the ux_handler? |
116 | * If so, it's safe to send an exception without checking labels. |
117 | */ |
118 | boolean_t |
119 | is_ux_handler_port(mach_port_t port) |
120 | { |
121 | if (ux_handler_port == port) { |
122 | return TRUE; |
123 | } else { |
124 | return FALSE; |
125 | } |
126 | } |
127 | |
128 | kern_return_t |
129 | catch_mach_exception_raise( |
130 | mach_port_t exception_port, |
131 | mach_port_t thread_port, /* control or read port */ |
132 | mach_port_t task_port, /* control or read port */ |
133 | exception_type_t exception, |
134 | mach_exception_data_t code, |
135 | __unused mach_msg_type_number_t codeCnt) |
136 | { |
137 | kern_return_t kr; |
138 | thread_t target_thread; |
139 | |
140 | if (exception_port != ux_handler_port) { |
141 | return KERN_FAILURE; |
142 | } |
143 | |
144 | /* thread_port can be a read port if Developer Mode is off */ |
145 | if ((target_thread = convert_port_to_thread_read(port: thread_port)) == THREAD_NULL) { |
146 | kr = KERN_INVALID_ARGUMENT; |
147 | goto out; |
148 | } |
149 | |
150 | kr = handle_ux_exception(thread: target_thread, exception, code: code[0], subcode: code[1]); |
151 | |
152 | out: |
153 | if (kr == KERN_SUCCESS) { |
154 | /* |
155 | * Following the MIG 'consume on success' protocol, |
156 | * consume references to the port arguments. |
157 | * (but NOT the exception_port, as the first argument is borrowed) |
158 | * |
159 | * If we return non-success, the kobject server will eat the port |
160 | * references for us. |
161 | */ |
162 | |
163 | ipc_port_release_send(port: thread_port); |
164 | ipc_port_release_send(port: task_port); |
165 | } |
166 | |
167 | thread_deallocate(thread: target_thread); |
168 | return kr; |
169 | } |
170 | |
171 | kern_return_t |
172 | catch_exception_raise( |
173 | mach_port_t exception_port, |
174 | mach_port_t thread, |
175 | mach_port_t task, |
176 | exception_type_t exception, |
177 | exception_data_t code, |
178 | mach_msg_type_number_t codeCnt) |
179 | { |
180 | if (exception_port != ux_handler_port) { |
181 | return KERN_FAILURE; |
182 | } |
183 | |
184 | mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = { |
185 | [0] = code[0], |
186 | [1] = code[1], |
187 | }; |
188 | |
189 | return catch_mach_exception_raise(exception_port, |
190 | thread_port: thread, |
191 | task_port: task, |
192 | exception, |
193 | code: big_code, |
194 | codeCnt); |
195 | } |
196 | |
197 | kern_return_t |
198 | catch_exception_raise_state( |
199 | __unused mach_port_t exception_port, |
200 | __unused exception_type_t exception, |
201 | __unused const exception_data_t code, |
202 | __unused mach_msg_type_number_t codeCnt, |
203 | __unused int *flavor, |
204 | __unused const thread_state_t old_state, |
205 | __unused mach_msg_type_number_t old_stateCnt, |
206 | __unused thread_state_t new_state, |
207 | __unused mach_msg_type_number_t *new_stateCnt) |
208 | { |
209 | return KERN_INVALID_ARGUMENT; |
210 | } |
211 | |
212 | kern_return_t |
213 | catch_mach_exception_raise_state( |
214 | __unused mach_port_t exception_port, |
215 | __unused exception_type_t exception, |
216 | __unused const mach_exception_data_t code, |
217 | __unused mach_msg_type_number_t codeCnt, |
218 | __unused int *flavor, |
219 | __unused const thread_state_t old_state, |
220 | __unused mach_msg_type_number_t old_stateCnt, |
221 | __unused thread_state_t new_state, |
222 | __unused mach_msg_type_number_t *new_stateCnt) |
223 | { |
224 | return KERN_INVALID_ARGUMENT; |
225 | } |
226 | |
227 | kern_return_t |
228 | catch_exception_raise_state_identity( |
229 | __unused mach_port_t exception_port, |
230 | __unused mach_port_t thread, |
231 | __unused mach_port_t task, |
232 | __unused exception_type_t exception, |
233 | __unused exception_data_t code, |
234 | __unused mach_msg_type_number_t codeCnt, |
235 | __unused int *flavor, |
236 | __unused thread_state_t old_state, |
237 | __unused mach_msg_type_number_t old_stateCnt, |
238 | __unused thread_state_t new_state, |
239 | __unused mach_msg_type_number_t *new_stateCnt) |
240 | { |
241 | return KERN_INVALID_ARGUMENT; |
242 | } |
243 | |
244 | kern_return_t |
245 | catch_mach_exception_raise_state_identity( |
246 | __unused mach_port_t exception_port, |
247 | __unused mach_port_t thread, |
248 | __unused mach_port_t task, |
249 | __unused exception_type_t exception, |
250 | __unused mach_exception_data_t code, |
251 | __unused mach_msg_type_number_t codeCnt, |
252 | __unused int *flavor, |
253 | __unused thread_state_t old_state, |
254 | __unused mach_msg_type_number_t old_stateCnt, |
255 | __unused thread_state_t new_state, |
256 | __unused mach_msg_type_number_t *new_stateCnt) |
257 | { |
258 | return KERN_INVALID_ARGUMENT; |
259 | } |
260 | |
261 | kern_return_t |
262 | catch_mach_exception_raise_identity_protected( |
263 | __unused mach_port_t exception_port, |
264 | __unused uint64_t thread_id, |
265 | __unused mach_port_t task_id_token, |
266 | __unused exception_type_t exception, |
267 | __unused mach_exception_data_t code, |
268 | __unused mach_msg_type_number_t codeCnt) |
269 | { |
270 | return KERN_INVALID_ARGUMENT; |
271 | } |
272 | |
273 | kern_return_t |
274 | catch_mach_exception_raise_backtrace( |
275 | __unused mach_port_t exception_port, |
276 | __unused mach_port_t kcdata_object, |
277 | __unused exception_type_t exception, |
278 | __unused mach_exception_data_t code, |
279 | __unused mach_msg_type_number_t codeCnt) |
280 | { |
281 | return KERN_INVALID_ARGUMENT; |
282 | } |
283 | |