1 /*
2 * Copyright (c) 2017 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 #include <kern/ux_handler.h>
30 #include <sys/ux_exception.h>
31
32 #include <mach/exception.h>
33 #include <mach/kern_return.h>
34 #include <mach/port.h>
35 #include <mach/mach_port.h>
36 #include <mach/mig_errors.h>
37
38 #include <kern/thread.h>
39 #include <kern/task.h>
40 #include <kern/ipc_kobject.h>
41 #include <kern/ipc_tt.h>
42
43 #include <ipc/ipc_port.h>
44
45 #include <mach/host_priv.h>
46 #include <kern/host.h>
47
48 #include <mach/exc_server.h>
49 #include <mach/mach_exc_server.h>
50
51 #include <libkern/section_keywords.h>
52
53 /*
54 * Mach kobject port to reflect Mach exceptions into Unix signals.
55 *
56 * This is the default Mach exception handler for initproc, which
57 * then filters to all subprocesses as the host level exception handler for
58 * most Mach exceptions.
59 */
60
61 static SECURITY_READ_ONLY_LATE(const void *) ux_handler_kobject = NULL;
62 SECURITY_READ_ONLY_LATE(ipc_port_t) ux_handler_port = IP_NULL;
63
64 IPC_KOBJECT_DEFINE(IKOT_UX_HANDLER,
65 .iko_op_movable_send = true,
66 .iko_op_stable = true,
67 .iko_op_permanent = true);
68
69 /*
70 * init is called early in Mach initialization
71 * when we can initialize read-only memory
72 */
73 void
ux_handler_init(void)74 ux_handler_init(void)
75 {
76 ux_handler_port = ipc_kobject_alloc_port(&ux_handler_kobject,
77 IKOT_UX_HANDLER, IPC_KOBJECT_ALLOC_MAKE_SEND);
78 }
79
80 /*
81 * setup is called late in BSD initialization from initproc's context
82 * so the MAC hook goo inside host_set_exception_ports will be able to
83 * set up labels without falling over.
84 */
85 void
ux_handler_setup(void)86 ux_handler_setup(void)
87 {
88 ipc_port_t ux_handler_send_right;
89 kern_return_t kr = KERN_SUCCESS;
90
91 ux_handler_send_right = ipc_kobject_make_send(ux_handler_port,
92 &ux_handler_kobject, IKOT_UX_HANDLER);
93
94 if (!IP_VALID(ux_handler_send_right)) {
95 panic("Couldn't allocate send right for ux_handler_port!");
96 }
97
98
99 /*
100 * Consumes 1 send right.
101 *
102 * Instruments uses the RPC_ALERT port, so don't register for that.
103 */
104 kr = host_set_exception_ports(host_priv_self(),
105 EXC_MASK_ALL & ~(EXC_MASK_RPC_ALERT | EXC_MASK_GUARD),
106 ux_handler_send_right,
107 EXCEPTION_DEFAULT | MACH_EXCEPTION_CODES,
108 0);
109
110 if (kr != KERN_SUCCESS) {
111 panic("host_set_exception_ports failed to set ux_handler! %d", kr);
112 }
113 }
114
115 /*
116 * Is this port the ux_handler?
117 * If so, it's safe to send an exception without checking labels.
118 */
119 boolean_t
is_ux_handler_port(mach_port_t port)120 is_ux_handler_port(mach_port_t port)
121 {
122 if (ux_handler_port == port) {
123 return TRUE;
124 } else {
125 return FALSE;
126 }
127 }
128
129 kern_return_t
catch_mach_exception_raise(mach_port_t exception_port,mach_port_t thread_port,mach_port_t task_port,exception_type_t exception,mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt)130 catch_mach_exception_raise(
131 mach_port_t exception_port,
132 mach_port_t thread_port, /* control or read port */
133 mach_port_t task_port, /* control or read port */
134 exception_type_t exception,
135 mach_exception_data_t code,
136 __unused mach_msg_type_number_t codeCnt)
137 {
138 kern_return_t kr;
139 thread_t target_thread;
140
141 if (exception_port != ux_handler_port) {
142 return KERN_FAILURE;
143 }
144
145 /* thread_port can be a read port if Developer Mode is off */
146 if ((target_thread = convert_port_to_thread_read(thread_port)) == THREAD_NULL) {
147 kr = KERN_INVALID_ARGUMENT;
148 goto out;
149 }
150
151 kr = handle_ux_exception(target_thread, exception, code[0], code[1]);
152
153 out:
154 if (kr == KERN_SUCCESS) {
155 /*
156 * Following the MIG 'consume on success' protocol,
157 * consume references to the port arguments.
158 * (but NOT the exception_port, as the first argument is borrowed)
159 *
160 * If we return non-success, the kobject server will eat the port
161 * references for us.
162 */
163
164 ipc_port_release_send(thread_port);
165 ipc_port_release_send(task_port);
166 }
167
168 thread_deallocate(target_thread);
169 return kr;
170 }
171
172 kern_return_t
catch_exception_raise(mach_port_t exception_port,mach_port_t thread,mach_port_t task,exception_type_t exception,exception_data_t code,mach_msg_type_number_t codeCnt)173 catch_exception_raise(
174 mach_port_t exception_port,
175 mach_port_t thread,
176 mach_port_t task,
177 exception_type_t exception,
178 exception_data_t code,
179 mach_msg_type_number_t codeCnt)
180 {
181 if (exception_port != ux_handler_port) {
182 return KERN_FAILURE;
183 }
184
185 mach_exception_data_type_t big_code[EXCEPTION_CODE_MAX] = {
186 [0] = code[0],
187 [1] = code[1],
188 };
189
190 return catch_mach_exception_raise(exception_port,
191 thread,
192 task,
193 exception,
194 big_code,
195 codeCnt);
196 }
197
198 kern_return_t
catch_exception_raise_state(__unused mach_port_t exception_port,__unused exception_type_t exception,__unused const exception_data_t code,__unused mach_msg_type_number_t codeCnt,__unused int * flavor,__unused const thread_state_t old_state,__unused mach_msg_type_number_t old_stateCnt,__unused thread_state_t new_state,__unused mach_msg_type_number_t * new_stateCnt)199 catch_exception_raise_state(
200 __unused mach_port_t exception_port,
201 __unused exception_type_t exception,
202 __unused const exception_data_t code,
203 __unused mach_msg_type_number_t codeCnt,
204 __unused int *flavor,
205 __unused const thread_state_t old_state,
206 __unused mach_msg_type_number_t old_stateCnt,
207 __unused thread_state_t new_state,
208 __unused mach_msg_type_number_t *new_stateCnt)
209 {
210 return KERN_INVALID_ARGUMENT;
211 }
212
213 kern_return_t
catch_mach_exception_raise_state(__unused mach_port_t exception_port,__unused exception_type_t exception,__unused const mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt,__unused int * flavor,__unused const thread_state_t old_state,__unused mach_msg_type_number_t old_stateCnt,__unused thread_state_t new_state,__unused mach_msg_type_number_t * new_stateCnt)214 catch_mach_exception_raise_state(
215 __unused mach_port_t exception_port,
216 __unused exception_type_t exception,
217 __unused const mach_exception_data_t code,
218 __unused mach_msg_type_number_t codeCnt,
219 __unused int *flavor,
220 __unused const thread_state_t old_state,
221 __unused mach_msg_type_number_t old_stateCnt,
222 __unused thread_state_t new_state,
223 __unused mach_msg_type_number_t *new_stateCnt)
224 {
225 return KERN_INVALID_ARGUMENT;
226 }
227
228 kern_return_t
catch_exception_raise_state_identity(__unused mach_port_t exception_port,__unused mach_port_t thread,__unused mach_port_t task,__unused exception_type_t exception,__unused exception_data_t code,__unused mach_msg_type_number_t codeCnt,__unused int * flavor,__unused thread_state_t old_state,__unused mach_msg_type_number_t old_stateCnt,__unused thread_state_t new_state,__unused mach_msg_type_number_t * new_stateCnt)229 catch_exception_raise_state_identity(
230 __unused mach_port_t exception_port,
231 __unused mach_port_t thread,
232 __unused mach_port_t task,
233 __unused exception_type_t exception,
234 __unused exception_data_t code,
235 __unused mach_msg_type_number_t codeCnt,
236 __unused int *flavor,
237 __unused thread_state_t old_state,
238 __unused mach_msg_type_number_t old_stateCnt,
239 __unused thread_state_t new_state,
240 __unused mach_msg_type_number_t *new_stateCnt)
241 {
242 return KERN_INVALID_ARGUMENT;
243 }
244
245 kern_return_t
catch_mach_exception_raise_state_identity(__unused mach_port_t exception_port,__unused mach_port_t thread,__unused mach_port_t task,__unused exception_type_t exception,__unused mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt,__unused int * flavor,__unused thread_state_t old_state,__unused mach_msg_type_number_t old_stateCnt,__unused thread_state_t new_state,__unused mach_msg_type_number_t * new_stateCnt)246 catch_mach_exception_raise_state_identity(
247 __unused mach_port_t exception_port,
248 __unused mach_port_t thread,
249 __unused mach_port_t task,
250 __unused exception_type_t exception,
251 __unused mach_exception_data_t code,
252 __unused mach_msg_type_number_t codeCnt,
253 __unused int *flavor,
254 __unused thread_state_t old_state,
255 __unused mach_msg_type_number_t old_stateCnt,
256 __unused thread_state_t new_state,
257 __unused mach_msg_type_number_t *new_stateCnt)
258 {
259 return KERN_INVALID_ARGUMENT;
260 }
261
262 kern_return_t
catch_mach_exception_raise_identity_protected(__unused mach_port_t exception_port,__unused uint64_t thread_id,__unused mach_port_t task_id_token,__unused exception_type_t exception,__unused mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt)263 catch_mach_exception_raise_identity_protected(
264 __unused mach_port_t exception_port,
265 __unused uint64_t thread_id,
266 __unused mach_port_t task_id_token,
267 __unused exception_type_t exception,
268 __unused mach_exception_data_t code,
269 __unused mach_msg_type_number_t codeCnt)
270 {
271 return KERN_INVALID_ARGUMENT;
272 }
273
274 kern_return_t
catch_mach_exception_raise_backtrace(__unused mach_port_t exception_port,__unused mach_port_t kcdata_object,__unused exception_type_t exception,__unused mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt)275 catch_mach_exception_raise_backtrace(
276 __unused mach_port_t exception_port,
277 __unused mach_port_t kcdata_object,
278 __unused exception_type_t exception,
279 __unused mach_exception_data_t code,
280 __unused mach_msg_type_number_t codeCnt)
281 {
282 return KERN_INVALID_ARGUMENT;
283 }
284
285 kern_return_t
catch_mach_exception_raise_state_identity_protected(__unused mach_port_t exception_port,__unused uint64_t thread_id,__unused mach_port_t task_id_token,__unused exception_type_t exception,__unused mach_exception_data_t code,__unused mach_msg_type_number_t codeCnt,__unused int * flavor,__unused thread_state_t old_state,__unused mach_msg_type_number_t old_stateCnt,__unused thread_state_t new_state,__unused mach_msg_type_number_t * new_stateCnt)286 catch_mach_exception_raise_state_identity_protected(
287 __unused mach_port_t exception_port,
288 __unused uint64_t thread_id,
289 __unused mach_port_t task_id_token,
290 __unused exception_type_t exception,
291 __unused mach_exception_data_t code,
292 __unused mach_msg_type_number_t codeCnt,
293 __unused int *flavor,
294 __unused thread_state_t old_state,
295 __unused mach_msg_type_number_t old_stateCnt,
296 __unused thread_state_t new_state,
297 __unused mach_msg_type_number_t *new_stateCnt)
298 {
299 return KERN_INVALID_ARGUMENT;
300 }
301