![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to user_ldt.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / osfmk / i386|
Return to user_ldt.c CVS log | Up to [Apple XNU] / XNU / osfmk / i386 |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*
23: * @OSF_COPYRIGHT@
24: */
25: /*
26: * Mach Operating System
27: * Copyright (c) 1991 Carnegie Mellon University
28: * All Rights Reserved.
29: *
30: * Permission to use, copy, modify and distribute this software and its
31: * documentation is hereby granted, provided that both the copyright
32: * notice and this permission notice appear in all copies of the
33: * software, derivative works or modified versions, and any portions
34: * thereof, and that both notices appear in supporting documentation.
35: *
36: * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
37: * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
38: * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
39: *
40: * Carnegie Mellon requests users of this software to return to
41: *
42: * Software Distribution Coordinator or [email protected]
43: * School of Computer Science
44: * Carnegie Mellon University
45: * Pittsburgh PA 15213-3890
46: *
47: * any improvements or extensions that they make and grant Carnegie Mellon
48: * the rights to redistribute these changes.
49: */
50:
51: /*
52: */
53:
54: /*
55: * User LDT management.
56: * Each thread in a task may have its own LDT.
57: */
58:
59: #include <kern/kalloc.h>
60: #include <kern/thread.h>
61: #include <kern/misc_protos.h>
62:
63: #include <vm/vm_kern.h>
64:
65: #include <i386/seg.h>
66: #include <i386/thread.h>
67: #include <i386/user_ldt.h>
68:
69: char acc_type[8][3] = {
70: /* code stack data */
71: { 0, 0, 1 }, /* data */
72: { 0, 1, 1 }, /* data, writable */
73: { 0, 0, 1 }, /* data, expand-down */
74: { 0, 1, 1 }, /* data, writable, expand-down */
75: { 1, 0, 0 }, /* code */
76: { 1, 0, 1 }, /* code, readable */
77: { 1, 0, 0 }, /* code, conforming */
78: { 1, 0, 1 }, /* code, readable, conforming */
79: };
80:
81: extern struct fake_descriptor ldt[]; /* for system call gate */
82:
83: #if 0
84: /* Forward */
85:
86: extern boolean_t selector_check(
87: thread_t thread,
88: int sel,
89: int type);
90:
91: boolean_t
92: selector_check(
93: thread_t thread,
94: int sel,
95: int type)
96: {
97: struct user_ldt *ldt;
98: int access;
99:
100: ldt = thread->top_act->mact.pcb->ims.ldt;
101: if (ldt == 0) {
102: switch (type) {
103: case S_CODE:
104: return sel == USER_CS;
105: case S_STACK:
106: return sel == USER_DS;
107: case S_DATA:
108: return sel == 0 ||
109: sel == USER_CS ||
110: sel == USER_DS;
111: }
112: }
113:
114: if (type != S_DATA && sel == 0)
115: return FALSE;
116: if ((sel & (SEL_LDTS|SEL_PL)) != (SEL_LDTS|SEL_PL_U)
117: || sel > ldt->desc.limit_low)
118: return FALSE;
119:
120: access = ldt->ldt[sel_idx(sel)].access;
121:
122: if ((access & (ACC_P|ACC_PL|ACC_TYPE_USER))
123: != (ACC_P|ACC_PL_U|ACC_TYPE_USER))
124: return FALSE;
125: /* present, pl == pl.user, not system */
126:
127: return acc_type[(access & 0xe)>>1][type];
128: }
129:
130: /*
131: * Add the descriptors to the LDT, starting with
132: * the descriptor for 'first_selector'.
133: */
134:
135: kern_return_t
136: i386_set_ldt(
137: thread_act_t thr_act,
138: int first_selector,
139: descriptor_list_t desc_list,
140: mach_msg_type_number_t count)
141: {
142: user_ldt_t new_ldt, old_ldt, temp;
143: struct real_descriptor *dp;
144: int i;
145: int min_selector = 0;
146: pcb_t pcb;
147: vm_size_t ldt_size_needed;
148: int first_desc = sel_idx(first_selector);
149: vm_map_copy_t old_copy_object;
150: thread_t thread;
151:
152: if (first_desc < min_selector || first_desc > 8191)
153: return KERN_INVALID_ARGUMENT;
154: if (first_desc + count >= 8192)
155: return KERN_INVALID_ARGUMENT;
156: if (thr_act == THR_ACT_NULL)
157: return KERN_INVALID_ARGUMENT;
158: if ((thread = act_lock_thread(thr_act)) == THREAD_NULL) {
159: act_unlock_thread(thr_act);
160: return KERN_INVALID_ARGUMENT;
161: }
162: if (thread == current_thread())
163: min_selector = LDTSZ;
164: act_unlock_thread(thr_act);
165:
166: /*
167: * We must copy out desc_list to the kernel map, and wire
168: * it down (we touch it while the PCB is locked).
169: *
170: * We make a copy of the copyin object, and clear
171: * out the old one, so that the MIG stub will have a
172: * a empty (but valid) copyin object to discard.
173: */
174: {
175: kern_return_t kr;
176: vm_offset_t dst_addr;
177:
178: old_copy_object = (vm_map_copy_t) desc_list;
179:
180: kr = vm_map_copyout(ipc_kernel_map, &dst_addr,
181: vm_map_copy_copy(old_copy_object));
182: if (kr != KERN_SUCCESS)
183: return kr;
184:
185: (void) vm_map_wire(ipc_kernel_map,
186: trunc_page(dst_addr),
187: round_page(dst_addr +
188: count * sizeof(struct real_descriptor)),
189: VM_PROT_READ|VM_PROT_WRITE, FALSE);
190: desc_list = (descriptor_list_t) dst_addr;
191: }
192:
193: for (i = 0, dp = (struct real_descriptor *) desc_list;
194: i < count;
195: i++, dp++)
196: {
197: switch (dp->access & ~ACC_A) {
198: case 0:
199: case ACC_P:
200: /* valid empty descriptor */
201: break;
202: case ACC_P | ACC_CALL_GATE:
203: /* Mach kernel call */
204: *dp = *(struct real_descriptor *)
205: &ldt[sel_idx(USER_SCALL)];
206: break;
207: case ACC_P | ACC_PL_U | ACC_DATA:
208: case ACC_P | ACC_PL_U | ACC_DATA_W:
209: case ACC_P | ACC_PL_U | ACC_DATA_E:
210: case ACC_P | ACC_PL_U | ACC_DATA_EW:
211: case ACC_P | ACC_PL_U | ACC_CODE:
212: case ACC_P | ACC_PL_U | ACC_CODE_R:
213: case ACC_P | ACC_PL_U | ACC_CODE_C:
214: case ACC_P | ACC_PL_U | ACC_CODE_CR:
215: case ACC_P | ACC_PL_U | ACC_CALL_GATE_16:
216: case ACC_P | ACC_PL_U | ACC_CALL_GATE:
217: break;
218: default:
219: (void) vm_map_remove(ipc_kernel_map,
220: (vm_offset_t) desc_list,
221: count * sizeof(struct real_descriptor),
222: VM_MAP_REMOVE_KUNWIRE);
223: return KERN_INVALID_ARGUMENT;
224: }
225: }
226: ldt_size_needed = sizeof(struct real_descriptor)
227: * (first_desc + count);
228:
229: pcb = thr_act->mact.pcb;
230: new_ldt = 0;
231: Retry:
232: simple_lock(&pcb->lock);
233: old_ldt = pcb->ims.ldt;
234: if (old_ldt == 0 ||
235: old_ldt->desc.limit_low + 1 < ldt_size_needed)
236: {
237: /*
238: * No old LDT, or not big enough
239: */
240: if (new_ldt == 0) {
241: simple_unlock(&pcb->lock);
242:
243: new_ldt = (user_ldt_t) kalloc(ldt_size_needed
244: + sizeof(struct real_descriptor));
245: new_ldt->desc.limit_low = ldt_size_needed - 1;
246: new_ldt->desc.limit_high = 0;
247: new_ldt->desc.base_low =
248: ((vm_offset_t)&new_ldt->ldt[0]) & 0xffff;
249: new_ldt->desc.base_med =
250: (((vm_offset_t)&new_ldt->ldt[0]) >> 16)
251: & 0xff;
252: new_ldt->desc.base_high =
253: ((vm_offset_t)&new_ldt->ldt[0]) >> 24;
254: new_ldt->desc.access = ACC_P | ACC_LDT;
255: new_ldt->desc.granularity = 0;
256:
257: goto Retry;
258: }
259:
260: /*
261: * Have new LDT. If there was a an old ldt, copy descriptors
262: * from old to new. Otherwise copy the default ldt.
263: */
264: if (old_ldt) {
265: bcopy((char *)&old_ldt->ldt[0],
266: (char *)&new_ldt->ldt[0],
267: old_ldt->desc.limit_low + 1);
268: }
269: else if (thr_act == current_act()) {
270: struct real_descriptor template = {0, 0, 0, ACC_P, 0, 0 ,0};
271:
272: for (dp = &new_ldt->ldt[0], i = 0; i < first_desc; i++, dp++) {
273: if (i < LDTSZ)
274: *dp = *(struct real_descriptor *) &ldt[i];
275: else
276: *dp = template;
277: }
278: }
279:
280: temp = old_ldt;
281: old_ldt = new_ldt; /* use new LDT from now on */
282: new_ldt = temp; /* discard old LDT */
283:
284: pcb->ims.ldt = old_ldt; /* new LDT for thread */
285: }
286:
287: /*
288: * Install new descriptors.
289: */
290: bcopy((char *)desc_list,
291: (char *)&old_ldt->ldt[first_desc],
292: count * sizeof(struct real_descriptor));
293:
294: simple_unlock(&pcb->lock);
295:
296: if (new_ldt)
297: kfree((vm_offset_t)new_ldt,
298: new_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
299:
300: /*
301: * Free the descriptor list.
302: */
303: (void) vm_map_remove(ipc_kernel_map, (vm_offset_t) desc_list,
304: count * sizeof(struct real_descriptor),
305: VM_MAP_REMOVE_KUNWIRE);
306: return KERN_SUCCESS;
307: }
308:
309: kern_return_t
310: i386_get_ldt(
311: thread_act_t thr_act,
312: int first_selector,
313: int selector_count, /* number wanted */
314: descriptor_list_t *desc_list, /* in/out */
315: mach_msg_type_number_t *count) /* in/out */
316: {
317: struct user_ldt *user_ldt;
318: pcb_t pcb = thr_act->mact.pcb;
319: int first_desc = sel_idx(first_selector);
320: unsigned int ldt_count;
321: vm_size_t ldt_size;
322: vm_size_t size, size_needed;
323: vm_offset_t addr;
324: thread_t thread;
325:
326: if (thr_act == THR_ACT_NULL || (thread = thr_act->thread)==THREAD_NULL)
327: return KERN_INVALID_ARGUMENT;
328:
329: if (first_desc < 0 || first_desc > 8191)
330: return KERN_INVALID_ARGUMENT;
331: if (first_desc + selector_count >= 8192)
332: return KERN_INVALID_ARGUMENT;
333:
334: addr = 0;
335: size = 0;
336:
337: for (;;) {
338: simple_lock(&pcb->lock);
339: user_ldt = pcb->ims.ldt;
340: if (user_ldt == 0) {
341: simple_unlock(&pcb->lock);
342: if (addr)
343: kmem_free(ipc_kernel_map, addr, size);
344: *count = 0;
345: return KERN_SUCCESS;
346: }
347:
348: /*
349: * Find how many descriptors we should return.
350: */
351: ldt_count = (user_ldt->desc.limit_low + 1) /
352: sizeof (struct real_descriptor);
353: ldt_count -= first_desc;
354: if (ldt_count > selector_count)
355: ldt_count = selector_count;
356:
357: ldt_size = ldt_count * sizeof(struct real_descriptor);
358:
359: /*
360: * Do we have the memory we need?
361: */
362: if (ldt_count <= *count)
363: break; /* fits in-line */
364:
365: size_needed = round_page(ldt_size);
366: if (size_needed <= size)
367: break;
368:
369: /*
370: * Unlock the pcb and allocate more memory
371: */
372: simple_unlock(&pcb->lock);
373:
374: if (size != 0)
375: kmem_free(ipc_kernel_map, addr, size);
376:
377: size = size_needed;
378:
379: if (kmem_alloc(ipc_kernel_map, &addr, size)
380: != KERN_SUCCESS)
381: return KERN_RESOURCE_SHORTAGE;
382: }
383:
384: /*
385: * copy out the descriptors
386: */
387: bcopy((char *)&user_ldt->ldt[first_desc],
388: (char *)addr,
389: ldt_size);
390: *count = ldt_count;
391: simple_unlock(&pcb->lock);
392:
393: if (addr) {
394: vm_size_t size_used, size_left;
395: vm_map_copy_t memory;
396:
397: /*
398: * Free any unused memory beyond the end of the last page used
399: */
400: size_used = round_page(ldt_size);
401: if (size_used != size)
402: kmem_free(ipc_kernel_map,
403: addr + size_used, size - size_used);
404:
405: /*
406: * Zero the remainder of the page being returned.
407: */
408: size_left = size_used - ldt_size;
409: if (size_left > 0)
410: bzero((char *)addr + ldt_size, size_left);
411:
412: /*
413: * Unwire the memory and make it into copyin form.
414: */
415: (void) vm_map_unwire(ipc_kernel_map, trunc_page(addr),
416: round_page(addr + size_used), FALSE);
417: (void) vm_map_copyin(ipc_kernel_map, addr, size_used,
418: TRUE, &memory);
419: *desc_list = (descriptor_list_t) memory;
420: }
421:
422: return KERN_SUCCESS;
423: }
424:
425: #endif
426: void
427: user_ldt_free(
428: user_ldt_t user_ldt)
429: {
430: kfree((vm_offset_t)user_ldt,
431: user_ldt->desc.limit_low+1+sizeof(struct real_descriptor));
432: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.