1*19c3b8c2SApple OSS Distributions #include <stdio.h> 2*19c3b8c2SApple OSS Distributions #include <mach/message.h> 3*19c3b8c2SApple OSS Distributions #include <mach/mach_vm.h> 4*19c3b8c2SApple OSS Distributions #include <mach/mach_port.h> 5*19c3b8c2SApple OSS Distributions #include <mach/mach_error.h> 6*19c3b8c2SApple OSS Distributions #include <sys/sysctl.h> 7*19c3b8c2SApple OSS Distributions #include <sys/wait.h> 8*19c3b8c2SApple OSS Distributions #include <unistd.h> 9*19c3b8c2SApple OSS Distributions 10*19c3b8c2SApple OSS Distributions #include <darwintest.h> 11*19c3b8c2SApple OSS Distributions #include <darwintest_utils.h> 12*19c3b8c2SApple OSS Distributions 13*19c3b8c2SApple OSS Distributions #include <xpc/private.h> 14*19c3b8c2SApple OSS Distributions 15*19c3b8c2SApple OSS Distributions T_GLOBAL_META(T_META_RUN_CONCURRENTLY(true), 16*19c3b8c2SApple OSS Distributions T_META_RADAR_COMPONENT_NAME("xnu"), 17*19c3b8c2SApple OSS Distributions T_META_RADAR_COMPONENT_VERSION("IPC"), 18*19c3b8c2SApple OSS Distributions T_META_NAMESPACE("xnu.ipc")); 19*19c3b8c2SApple OSS Distributions 20*19c3b8c2SApple OSS Distributions struct test_msg { 21*19c3b8c2SApple OSS Distributions mach_msg_header_t header; 22*19c3b8c2SApple OSS Distributions mach_msg_trailer_t trailer; // subtract this when sending 23*19c3b8c2SApple OSS Distributions }; 24*19c3b8c2SApple OSS Distributions 25*19c3b8c2SApple OSS Distributions T_DECL(bootstrap_mig_always_filtered, 26*19c3b8c2SApple OSS Distributions "'MIG' messages to bootstrap ports from tasks with filtering should always be filtered", 27*19c3b8c2SApple OSS Distributions T_META_ASROOT(true), T_META_REQUIRES_SYSCTL_EQ("kern.development", 1)) 28*19c3b8c2SApple OSS Distributions { 29*19c3b8c2SApple OSS Distributions int new_filter_flag = 1; 30*19c3b8c2SApple OSS Distributions int rc = sysctlbyname("kern.task_set_filter_msg_flag", NULL, NULL, 31*19c3b8c2SApple OSS Distributions &new_filter_flag, sizeof(new_filter_flag)); 32*19c3b8c2SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(rc, "sysctlbyname"); 33*19c3b8c2SApple OSS Distributions 34*19c3b8c2SApple OSS Distributions struct mach_service_port_info mspi = { 35*19c3b8c2SApple OSS Distributions .mspi_domain_type = XPC_DOMAIN_PORT, 36*19c3b8c2SApple OSS Distributions }; 37*19c3b8c2SApple OSS Distributions strlcpy(mspi.mspi_string_name, "com.apple.xnu.test_bootstrap_msgfilter", 38*19c3b8c2SApple OSS Distributions sizeof(mspi.mspi_string_name)); 39*19c3b8c2SApple OSS Distributions 40*19c3b8c2SApple OSS Distributions mach_port_options_t port_opts = { 41*19c3b8c2SApple OSS Distributions .flags = MPO_SERVICE_PORT | 42*19c3b8c2SApple OSS Distributions MPO_INSERT_SEND_RIGHT | 43*19c3b8c2SApple OSS Distributions MPO_CONTEXT_AS_GUARD | 44*19c3b8c2SApple OSS Distributions MPO_STRICT, 45*19c3b8c2SApple OSS Distributions .service_port_info = &mspi, 46*19c3b8c2SApple OSS Distributions }; 47*19c3b8c2SApple OSS Distributions 48*19c3b8c2SApple OSS Distributions int ctxobj = 0; 49*19c3b8c2SApple OSS Distributions 50*19c3b8c2SApple OSS Distributions mach_port_t test_bootstrap_port; 51*19c3b8c2SApple OSS Distributions kern_return_t kr = mach_port_construct(mach_task_self(), &port_opts, 52*19c3b8c2SApple OSS Distributions (uintptr_t)&ctxobj, &test_bootstrap_port); 53*19c3b8c2SApple OSS Distributions T_ASSERT_MACH_SUCCESS(kr, "mach_port_construct"); 54*19c3b8c2SApple OSS Distributions 55*19c3b8c2SApple OSS Distributions // sending a valid 'XPC' msgid should succeed 56*19c3b8c2SApple OSS Distributions 57*19c3b8c2SApple OSS Distributions mach_msg_id_t permitted_xpc_msgid = 0x01000042; 58*19c3b8c2SApple OSS Distributions 59*19c3b8c2SApple OSS Distributions struct test_msg msg = { 60*19c3b8c2SApple OSS Distributions .header = { 61*19c3b8c2SApple OSS Distributions .msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_COPY_SEND, 0), 62*19c3b8c2SApple OSS Distributions .msgh_size = offsetof(struct test_msg, trailer), 63*19c3b8c2SApple OSS Distributions .msgh_remote_port = test_bootstrap_port, 64*19c3b8c2SApple OSS Distributions .msgh_id = permitted_xpc_msgid, 65*19c3b8c2SApple OSS Distributions }, 66*19c3b8c2SApple OSS Distributions }; 67*19c3b8c2SApple OSS Distributions 68*19c3b8c2SApple OSS Distributions mach_msg_option_t msg_opts = MACH_SEND_MSG | MACH_RCV_MSG; 69*19c3b8c2SApple OSS Distributions kr = mach_msg(&msg.header, msg_opts, msg.header.msgh_size, sizeof(msg), 70*19c3b8c2SApple OSS Distributions test_bootstrap_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL); 71*19c3b8c2SApple OSS Distributions T_ASSERT_MACH_SUCCESS(kr, "send message with valid (XPC) message ID"); 72*19c3b8c2SApple OSS Distributions 73*19c3b8c2SApple OSS Distributions // sending a 'MIG' msgid (0x00xxxxxx) should fail, non-fatally 74*19c3b8c2SApple OSS Distributions 75*19c3b8c2SApple OSS Distributions mach_msg_id_t disallowed_mig_msgid = 0x00000042; 76*19c3b8c2SApple OSS Distributions msg_opts |= MACH_SEND_FILTER_NONFATAL; 77*19c3b8c2SApple OSS Distributions 78*19c3b8c2SApple OSS Distributions msg = (struct test_msg){ 79*19c3b8c2SApple OSS Distributions .header = { 80*19c3b8c2SApple OSS Distributions .msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_COPY_SEND, 0), 81*19c3b8c2SApple OSS Distributions .msgh_size = offsetof(struct test_msg, trailer), 82*19c3b8c2SApple OSS Distributions .msgh_remote_port = test_bootstrap_port, 83*19c3b8c2SApple OSS Distributions .msgh_id = disallowed_mig_msgid, 84*19c3b8c2SApple OSS Distributions }, 85*19c3b8c2SApple OSS Distributions }; 86*19c3b8c2SApple OSS Distributions kr = mach_msg(&msg.header, msg_opts, msg.header.msgh_size, sizeof(msg), 87*19c3b8c2SApple OSS Distributions test_bootstrap_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL); 88*19c3b8c2SApple OSS Distributions T_ASSERT_EQ(kr, MACH_SEND_MSG_FILTERED, "message should be filtered"); 89*19c3b8c2SApple OSS Distributions } 90