1/*
2 * Copyright (c) 2017 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29#include <kern/ux_handler.h>
30#include <sys/ux_exception.h>
31
32#include <mach/exception.h>
33#include <mach/kern_return.h>
34#include <mach/port.h>
35#include <mach/mach_port.h>
36#include <mach/mig_errors.h>
37
38#include <kern/thread.h>
39#include <kern/task.h>
40#include <kern/ipc_kobject.h>
41#include <kern/ipc_tt.h>
42
43#include <ipc/ipc_port.h>
44
45#include <mach/host_priv.h>
46#include <kern/host.h>
47
48#include <mach/exc_server.h>
49#include <mach/mach_exc_server.h>
50
51#include <libkern/section_keywords.h>
52
53/*
54 * Mach kobject port to reflect Mach exceptions into Unix signals.
55 *
56 * This is the default Mach exception handler for initproc, which
57 * then filters to all subprocesses as the host level exception handler for
58 * most Mach exceptions.
59 */
60
61static SECURITY_READ_ONLY_LATE(const void *) ux_handler_kobject = NULL;
62SECURITY_READ_ONLY_LATE(ipc_port_t) ux_handler_port = IP_NULL;
63
64IPC_KOBJECT_DEFINE(IKOT_UX_HANDLER,
65 .iko_op_stable = true,
66 .iko_op_permanent = true);
67
68/*
69 * init is called early in Mach initialization
70 * when we can initialize read-only memory
71 */
72void
73ux_handler_init(void)
74{
75 ux_handler_port = ipc_kobject_alloc_port(kobject: &ux_handler_kobject,
76 type: IKOT_UX_HANDLER, options: IPC_KOBJECT_ALLOC_MAKE_SEND);
77}
78
79/*
80 * setup is called late in BSD initialization from initproc's context
81 * so the MAC hook goo inside host_set_exception_ports will be able to
82 * set up labels without falling over.
83 */
84void
85ux_handler_setup(void)
86{
87 ipc_port_t ux_handler_send_right;
88 kern_return_t kr = KERN_SUCCESS;
89
90 ux_handler_send_right = ipc_kobject_make_send(port: ux_handler_port,
91 kobject: &ux_handler_kobject, kotype: IKOT_UX_HANDLER);
92
93 if (!IP_VALID(ux_handler_send_right)) {
94 panic("Couldn't allocate send right for ux_handler_port!");
95 }
96
97
98 /*
99 * Consumes 1 send right.
100 *
101 * Instruments uses the RPC_ALERT port, so don't register for that.
102 */
103 kr = host_set_exception_ports(host_priv: host_priv_self(),
104 EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT | EXC_MASK_GUARD),
105 new_port: ux_handler_send_right,
106 EXCEPTION_DEFAULT | MACH_EXCEPTION_CODES,
107 new_flavor: 0);
108
109 if (kr != KERN_SUCCESS) {
110 panic("host_set_exception_ports failed to set ux_handler! %d", kr);
111 }
112}
113
114/*
115 * Is this port the ux_handler?
116 * If so, it's safe to send an exception without checking labels.
117 */
118boolean_t
119is_ux_handler_port(mach_port_t port)
120{
121 if (ux_handler_port == port) {
122 return TRUE;
123 } else {
124 return FALSE;
125 }
126}
127
128kern_return_t
129catch_mach_exception_raise(
130 mach_port_t exception_port,
131 mach_port_t thread_port, /* control or read port */
132 mach_port_t task_port, /* control or read port */
133 exception_type_t exception,
134 mach_exception_data_t code,
135 __unused mach_msg_type_number_t codeCnt)
136{
137 kern_return_t kr;
138 thread_t target_thread;
139
140 if (exception_port != ux_handler_port) {
141 return KERN_FAILURE;
142 }
143
144 /* thread_port can be a read port if Developer Mode is off */
145 if ((target_thread = convert_port_to_thread_read(port: thread_port)) == THREAD_NULL) {
146 kr = KERN_INVALID_ARGUMENT;
147 goto out;
148 }
149
150 kr = handle_ux_exception(thread: target_thread, exception, code: code[0], subcode: code[1]);
151
152out:
153 if (kr == KERN_SUCCESS) {
154 /*
155 * Following the MIG 'consume on success' protocol,
156 * consume references to the port arguments.
157 * (but NOT the exception_port, as the first argument is borrowed)
158 *
159 * If we return non-success, the kobject server will eat the port
160 * references for us.
161 */
162
163 ipc_port_release_send(port: thread_port);
164 ipc_port_release_send(port: task_port);
165 }
166
167 thread_deallocate(thread: target_thread);
168 return kr;
169}
170
171kern_return_t
172catch_exception_raise(
173 mach_port_t exception_port,
174 mach_port_t thread,
175 mach_port_t task,
176 exception_type_t exception,
177 exception_data_t code,
178 mach_msg_type_number_t codeCnt)
179{
180 if (exception_port != ux_handler_port) {
181 return KERN_FAILURE;
182 }
183
184 mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
185 [0] = code[0],
186 [1] = code[1],
187 };
188
189 return catch_mach_exception_raise(exception_port,
190 thread_port: thread,
191 task_port: task,
192 exception,
193 code: big_code,
194 codeCnt);
195}
196
197kern_return_t
198catch_exception_raise_state(
199 __unused mach_port_t exception_port,
200 __unused exception_type_t exception,
201 __unused const exception_data_t code,
202 __unused mach_msg_type_number_t codeCnt,
203 __unused int *flavor,
204 __unused const thread_state_t old_state,
205 __unused mach_msg_type_number_t old_stateCnt,
206 __unused thread_state_t new_state,
207 __unused mach_msg_type_number_t *new_stateCnt)
208{
209 return KERN_INVALID_ARGUMENT;
210}
211
212kern_return_t
213catch_mach_exception_raise_state(
214 __unused mach_port_t exception_port,
215 __unused exception_type_t exception,
216 __unused const mach_exception_data_t code,
217 __unused mach_msg_type_number_t codeCnt,
218 __unused int *flavor,
219 __unused const thread_state_t old_state,
220 __unused mach_msg_type_number_t old_stateCnt,
221 __unused thread_state_t new_state,
222 __unused mach_msg_type_number_t *new_stateCnt)
223{
224 return KERN_INVALID_ARGUMENT;
225}
226
227kern_return_t
228catch_exception_raise_state_identity(
229 __unused mach_port_t exception_port,
230 __unused mach_port_t thread,
231 __unused mach_port_t task,
232 __unused exception_type_t exception,
233 __unused exception_data_t code,
234 __unused mach_msg_type_number_t codeCnt,
235 __unused int *flavor,
236 __unused thread_state_t old_state,
237 __unused mach_msg_type_number_t old_stateCnt,
238 __unused thread_state_t new_state,
239 __unused mach_msg_type_number_t *new_stateCnt)
240{
241 return KERN_INVALID_ARGUMENT;
242}
243
244kern_return_t
245catch_mach_exception_raise_state_identity(
246 __unused mach_port_t exception_port,
247 __unused mach_port_t thread,
248 __unused mach_port_t task,
249 __unused exception_type_t exception,
250 __unused mach_exception_data_t code,
251 __unused mach_msg_type_number_t codeCnt,
252 __unused int *flavor,
253 __unused thread_state_t old_state,
254 __unused mach_msg_type_number_t old_stateCnt,
255 __unused thread_state_t new_state,
256 __unused mach_msg_type_number_t *new_stateCnt)
257{
258 return KERN_INVALID_ARGUMENT;
259}
260
261kern_return_t
262catch_mach_exception_raise_identity_protected(
263 __unused mach_port_t exception_port,
264 __unused uint64_t thread_id,
265 __unused mach_port_t task_id_token,
266 __unused exception_type_t exception,
267 __unused mach_exception_data_t code,
268 __unused mach_msg_type_number_t codeCnt)
269{
270 return KERN_INVALID_ARGUMENT;
271}
272
273kern_return_t
274catch_mach_exception_raise_backtrace(
275 __unused mach_port_t exception_port,
276 __unused mach_port_t kcdata_object,
277 __unused exception_type_t exception,
278 __unused mach_exception_data_t code,
279 __unused mach_msg_type_number_t codeCnt)
280{
281 return KERN_INVALID_ARGUMENT;
282}
283