1 #include <darwintest.h>
2 #include <TargetConditionals.h>
3 #include <mach/mach.h>
4 #include <stdlib.h>
5 #include <sys/sysctl.h>
6 #include <unistd.h>
7 #include <darwintest_multiprocess.h>
8 #include <spawn.h>
9 #include <spawn_private.h>
10 #include <libproc_internal.h>
11 #include <signal.h>
12 #include <string.h>
13
14 #include <err.h>
15 #include <stdio.h>
16 #include <sysexits.h>
17 #include <stdbool.h>
18
19 #include "rnServer.h" // generated by MIG from rnserver.defs
20
21 #include <dispatch/dispatch.h>
22 #include <dispatch/private.h> // dispatch_mig_server()
23 #include <servers/bootstrap.h>
24 #include <libproc_internal.h> // proc*cpumon*()
25
26 T_GLOBAL_META(
27 T_META_NAMESPACE("xnu.ipc"),
28 T_META_RUN_CONCURRENTLY(TRUE),
29 T_META_RADAR_COMPONENT_NAME("xnu"),
30 T_META_RADAR_COMPONENT_VERSION("IPC"));
31
32 #define MAX_ARGV 5
33
34 extern char **environ;
35 static mach_port_t resource_notify_port = MACH_PORT_NULL;
36
37 T_DECL(test_port_table_setting_limits,
38 "Allocate ports upto hard limit",
39 T_META_IGNORECRASHES(".*port_table_limits_client.*"),
40 T_META_CHECK_LEAKS(false))
41 {
42 char *test_prog_name = "./port_table_limits_client";
43 char *child_args[MAX_ARGV];
44 int child_pid;
45 posix_spawnattr_t attrs;
46 int err;
47
48 #if TARGET_OS_BRIDGE
49 T_SKIP("Not running on target platforms");
50 #endif
51
52 /* Initialize posix_spawn attributes */
53 posix_spawnattr_init(&attrs);
54
55 err = posix_spawnattr_set_portlimits_ext(&attrs, 3000, 5000);
56 T_EXPECT_POSIX_SUCCESS(err, "posix_spawnattr_set_portlimits_ext");
57
58 child_args[0] = test_prog_name;
59 child_args[1] = "3000"; //soft limit
60 child_args[2] = "5000"; //hard limit
61 child_args[3] = "1"; //test num
62 child_args[4] = NULL;
63
64 err = posix_spawn(&child_pid, child_args[0], NULL, &attrs, child_args, environ);
65 T_EXPECT_POSIX_SUCCESS(err, "posix_spawn port_table_limits_client");
66
67 int child_status;
68 /* Wait for child and check for exception */
69
70 if (-1 == waitpid(child_pid, &child_status, 0)) {
71 T_FAIL("waitpid: child mia");
72 }
73
74 T_ASSERT_EQ(WIFEXITED(child_status), 0, "Child did not exit normally");
75
76 if (WIFSIGNALED(child_status)) {
77 T_ASSERT_EQ(child_status, 9, "Child exited with status = %x", child_status);
78 }
79 }
80
81 typedef struct {
82 mach_msg_header_t header;
83 mach_msg_body_t body;
84 mach_msg_port_descriptor_t port_descriptor;
85 mach_msg_trailer_t trailer; // subtract this when sending
86 } ipc_complex_message;
87
88 struct args {
89 const char *progname;
90 int verbose;
91 int voucher;
92 int num_msgs;
93 const char *server_port_name;
94 mach_port_t server_port;
95 mach_port_t reply_port;
96 int request_msg_size;
97 void *request_msg;
98 int reply_msg_size;
99 void *reply_msg;
100 uint32_t persona_id;
101 long client_pid;
102 };
103
104 void parse_args(struct args *args);
105 void server_setup(struct args* args);
106 void* exception_server_thread(void *arg);
107 mach_port_t create_exception_port(void);
108 static mach_port_t create_resource_notify_port(void);
109 void server_run(struct args *args);
110 static ipc_complex_message icm_request = {};
111 static ipc_complex_message icm_reply = {};
112
113 #define TEST_TIMEOUT 10
114
115 void
parse_args(struct args * args)116 parse_args(struct args *args)
117 {
118 args->server_port_name = "TEST_PORT_TABLE_LIMITS";
119 args->server_port = MACH_PORT_NULL;
120 args->reply_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
121 args->request_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
122 args->reply_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
123 args->request_msg = &icm_request;
124 args->reply_msg = &icm_reply;
125 }
126
127 /* Create a mach IPC listener which will respond to the client's message */
128 void
server_setup(struct args * args)129 server_setup(struct args *args)
130 {
131 kern_return_t ret;
132 mach_port_t bsport;
133
134 ret = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE,
135 &args->server_port);
136 T_ASSERT_MACH_SUCCESS(ret, "server: mach_port_allocate()");
137
138 ret = mach_port_insert_right(mach_task_self(), args->server_port, args->server_port,
139 MACH_MSG_TYPE_MAKE_SEND);
140 T_ASSERT_MACH_SUCCESS(ret, "server: mach_port_insert_right()");
141
142 ret = task_get_bootstrap_port(mach_task_self(), &bsport);
143 T_ASSERT_MACH_SUCCESS(ret, "server: task_get_bootstrap_port()");
144
145 ret = bootstrap_register(bsport, (const char *)args->server_port_name, args->server_port);
146 T_ASSERT_MACH_SUCCESS(ret, "server: bootstrap_register()");
147
148 T_LOG("server: waiting for IPC messages from client on port '%s'.\n",
149 args->server_port_name);
150 }
151
152 void
server_run(struct args * args)153 server_run(struct args *args)
154 {
155 mach_msg_header_t *request;
156 mach_msg_option_t rcvoption;
157 kern_return_t ret;
158 mach_port_t dummy_port;
159 mach_port_t client_task_port;
160
161 request = (mach_msg_header_t *)args->request_msg;
162
163 rcvoption = MACH_RCV_MSG | MACH_RCV_INTERRUPT;
164
165 T_LOG("server: Awaiting message");
166 ret = mach_msg(request,
167 rcvoption,
168 0,
169 sizeof(ipc_complex_message),
170 args->server_port,
171 MACH_MSG_TIMEOUT_NONE,
172 MACH_PORT_NULL);
173
174 T_ASSERT_MACH_SUCCESS(ret, "server: mach_msg receive");
175
176 int err = task_for_pid(mach_task_self(), (int)args->client_pid, &client_task_port);
177 T_ASSERT_MACH_SUCCESS(err, "server: task_for_pid");
178 ret = task_set_special_port(client_task_port, TASK_RESOURCE_NOTIFY_PORT, resource_notify_port);
179 T_ASSERT_MACH_SUCCESS(ret, "server: task_set_special_port");
180
181 //Sending reply message.
182 T_LOG("server: Allocate dummy port\n");
183 ret = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &dummy_port);
184 T_ASSERT_MACH_SUCCESS(ret, "server: allocate dummy port");
185
186 //Listen for the reply on the reply port
187 T_LOG("server: Sending Reply\n");
188 /* Construct the message */
189 mach_msg_header_t *reply = (mach_msg_header_t *)args->reply_msg;
190 reply->msgh_bits = MACH_MSGH_BITS_SET(MACH_MSG_TYPE_COPY_SEND, 0,
191 0, 0) | MACH_MSGH_BITS_COMPLEX;
192 reply->msgh_size = (mach_msg_size_t)args->reply_msg_size;
193 reply->msgh_remote_port = request->msgh_remote_port;
194 reply->msgh_local_port = 0;
195 reply->msgh_id = 2;
196
197 ipc_complex_message *complexmsg = (ipc_complex_message *)reply;
198 complexmsg->body.msgh_descriptor_count = 1;
199 complexmsg->port_descriptor.name = dummy_port;
200 complexmsg->port_descriptor.disposition = MACH_MSG_TYPE_MOVE_RECEIVE;
201 complexmsg->port_descriptor.type = MACH_MSG_PORT_DESCRIPTOR;
202
203 mach_msg_option_t option = MACH_SEND_MSG;
204
205 ret = mach_msg(reply,
206 option,
207 (mach_msg_size_t)args->reply_msg_size,
208 0,
209 MACH_PORT_NULL,
210 MACH_MSG_TIMEOUT_NONE,
211 MACH_PORT_NULL);
212 T_ASSERT_MACH_SUCCESS(ret, "server: mach_msg reply sent");
213 }
214
215 static mach_port_t
create_resource_notify_port()216 create_resource_notify_port()
217 {
218 kern_return_t kret;
219 mach_port_t rn_port = MACH_PORT_NULL;
220 mach_port_t task = mach_task_self();
221
222 kret = mach_port_allocate(task, MACH_PORT_RIGHT_RECEIVE, &rn_port);
223 T_EXPECT_MACH_SUCCESS(kret, "mach_port_allocate resource_notify_port");
224
225 kret = mach_port_insert_right(task, rn_port, rn_port, MACH_MSG_TYPE_MAKE_SEND);
226 T_EXPECT_MACH_SUCCESS(kret, "mach_port_insert_right resource_notify_port");
227
228 return rn_port;
229 }
230
231 T_DECL(test_port_table_hard_limit_with_resource_notify_port,
232 "Allocate ports upto hard limit and trigger notification",
233 T_META_IGNORECRASHES(".*port_table_limits_client.*"),
234 T_META_CHECK_LEAKS(false))
235 {
236 char *test_prog_name = "./port_table_limits_client";
237 char *child_args[MAX_ARGV];
238 int child_pid;
239 posix_spawnattr_t attrs;
240 int err;
241 kern_return_t kr;
242 struct args* server_args = (struct args*)malloc(sizeof(struct args));
243
244 #if TARGET_OS_BRIDGE
245 T_SKIP("Not running on target platforms");
246 #endif
247
248 /* Create the bootstrap port */
249 parse_args(server_args);
250 server_setup(server_args);
251
252 /* Create the resource notify port for the server */
253 mach_port_t rn_port = create_resource_notify_port();
254 T_ASSERT_NE(rn_port, 0, "Create a new resource notify port");
255 resource_notify_port = rn_port;
256
257 /* Initialize posix_spawn attributes */
258 posix_spawnattr_init(&attrs);
259 err = posix_spawnattr_set_portlimits_ext(&attrs, 0, 7000);
260 T_ASSERT_POSIX_SUCCESS(err, "posix_spawnattr_set_portlimits_ext");
261
262 child_args[0] = test_prog_name;
263 child_args[1] = "0"; // soft limit
264 child_args[2] = "7000"; // hard limit
265 child_args[3] = "2"; // test num
266 child_args[4] = NULL;
267
268 err = posix_spawn(&child_pid, child_args[0], NULL, &attrs, &child_args[0], environ);
269 T_ASSERT_POSIX_SUCCESS(err, "posix_spawn port_table_limits_client");
270
271 server_args->client_pid = child_pid;
272 server_run(server_args);
273
274 T_LOG("server: Let's see if we can catch some port leak");
275 /*
276 * Recover the service port because the port must have been destroyed and sent the notification by now
277 */
278 kr = mach_msg_server_once(resource_notify_server, 4096, resource_notify_port, 0);
279 T_ASSERT_MACH_SUCCESS(kr, "mach_msg_server_once resource_notify_port");
280 }
281
282 // MIG's resource_notify_server() expects receive_cpu_usage_trigger()
283 // This must match the definition in xnu's resource_notify.defs
284 kern_return_t
receive_cpu_usage_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_cpu_nsecs,__unused int64_t observation_nsecs,__unused int64_t cpu_nsecs_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)285 receive_cpu_usage_violation(__unused mach_port_t receiver,
286 __unused proc_name_t procname,
287 __unused pid_t pid,
288 __unused posix_path_t killed_proc_path,
289 __unused mach_timespec_t timestamp,
290 __unused int64_t observed_cpu_nsecs,
291 __unused int64_t observation_nsecs,
292 __unused int64_t cpu_nsecs_allowed,
293 __unused int64_t limit_window_nsecs,
294 __unused resource_notify_flags_t flags)
295 {
296 T_LOG("Inside receive_cpu_usage_violation");
297 return KERN_SUCCESS;
298 }
299
300 kern_return_t
receive_cpu_wakes_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_cpu_wakes,__unused int64_t observation_nsecs,__unused int64_t cpu_wakes_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)301 receive_cpu_wakes_violation(__unused mach_port_t receiver,
302 __unused proc_name_t procname,
303 __unused pid_t pid,
304 __unused posix_path_t killed_proc_path,
305 __unused mach_timespec_t timestamp,
306 __unused int64_t observed_cpu_wakes,
307 __unused int64_t observation_nsecs,
308 __unused int64_t cpu_wakes_allowed,
309 __unused int64_t limit_window_nsecs,
310 __unused resource_notify_flags_t flags)
311 {
312 T_LOG("Inside receive_cpu_wakes_violation");
313 return KERN_SUCCESS;
314 }
315
316 kern_return_t
receive_disk_writes_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_bytes_dirtied,__unused int64_t observation_nsecs,__unused int64_t bytes_dirtied_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)317 receive_disk_writes_violation(__unused mach_port_t receiver,
318 __unused proc_name_t procname,
319 __unused pid_t pid,
320 __unused posix_path_t killed_proc_path,
321 __unused mach_timespec_t timestamp,
322 __unused int64_t observed_bytes_dirtied,
323 __unused int64_t observation_nsecs,
324 __unused int64_t bytes_dirtied_allowed,
325 __unused int64_t limit_window_nsecs,
326 __unused resource_notify_flags_t flags)
327 {
328 return KERN_SUCCESS;
329 }
330
331 kern_return_t
receive_port_space_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused mach_timespec_t timestamp,int64_t observed_ports,int64_t ports_allowed,__unused mach_port_t fatal_port,__unused resource_notify_flags_t flags)332 receive_port_space_violation(__unused mach_port_t receiver,
333 __unused proc_name_t procname,
334 __unused pid_t pid,
335 __unused mach_timespec_t timestamp,
336 int64_t observed_ports,
337 int64_t ports_allowed,
338 __unused mach_port_t fatal_port,
339 __unused resource_notify_flags_t flags)
340 {
341 T_LOG("Received a notification on the resource notify port");
342 T_LOG("Ports_allowed = %lld, observed_ports = %lld", ports_allowed, observed_ports);
343 if (fatal_port) {
344 mach_port_deallocate(mach_task_self(), fatal_port);
345 }
346 return KERN_SUCCESS;
347 }
348
349 kern_return_t
receive_file_descriptors_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused mach_timespec_t timestamp,__unused int64_t observed_filedesc,__unused int64_t filedesc_allowed,__unused mach_port_t fatal_port,__unused resource_notify_flags_t flags)350 receive_file_descriptors_violation(__unused mach_port_t receiver,
351 __unused proc_name_t procname,
352 __unused pid_t pid,
353 __unused mach_timespec_t timestamp,
354 __unused int64_t observed_filedesc,
355 __unused int64_t filedesc_allowed,
356 __unused mach_port_t fatal_port,
357 __unused resource_notify_flags_t flags)
358 {
359 return KERN_SUCCESS;
360 }
361