![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to PseudoKernel.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / osfmk / ppc|
Return to PseudoKernel.c CVS log | Up to [Apple XNU] / XNU / osfmk / ppc |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*
23: File: PseudoKernel.c
24:
25: Contains: BlueBox PseudoKernel calls
26:
27: Copyright: 1997 by Apple Computer, Inc., all rights reserved
28:
29: */
30:
31: #include <mach/mach_types.h>
32: #include <mach/kern_return.h>
33: #include <kern/host.h>
34: #include <kern/task.h>
35: #include <kern/thread.h>
36: #include <ppc/PseudoKernel.h>
37: #include <ppc/exception.h>
38: #include <vm/vm_kern.h>
39:
40: void bbSetRupt(ReturnHandler *rh, thread_act_t ct);
41: void DumpTheSave(struct savearea *save); /* (TEST/DEBUG) */
42:
43: /*
44: ** Function: NotifyInterruption
45: **
46: ** Inputs:
47: ** ppcInterrupHandler - interrupt handler to execute
48: ** interruptStatePtr - current interrupt state
49: **
50: ** Outputs:
51: **
52: ** Notes:
53: **
54: */
55: kern_return_t syscall_notify_interrupt (UInt32 ppcInterruptHandler) {
56:
57: UInt32 interruptState;
58: task_t task;
59: spl_t s;
60: thread_act_t act, fact;
61: thread_t thread;
62: bbRupt *bbr;
63: int i;
64:
65: task = current_task(); /* Figure out who our task is */
66:
67: task_lock(task); /* Lock our task */
68: mutex_lock(&task->act_list_lock); /* Lock the list so it can't change on us */
69:
70: fact = (thread_act_t)task->thr_acts.next; /* Get the first activation on task */
71: act = 0; /* Pretend we didn't find it yet */
72:
73: for(i = 0; i < task->thr_act_count; i++) { /* Scan the whole list */
74: if(fact->mact.bbDescAddr) { /* Is this the Blue thread? */
75: act = fact; /* Yeah... */
76: break; /* Bail the loop... */
77: }
78: fact = (thread_act_t)fact->thr_acts.next; /* Go to the next one */
79: }
80:
81: mutex_unlock(&task->act_list_lock);
82:
83: if(!act) { /* Couldn't find a bluebox */
84: task_unlock(task); /* Release task lock */
85: return KERN_FAILURE; /* No tickie, no shirtee... */
86: }
87:
88: act_lock_thread(act); /* Make sure this stays 'round */
89: task_unlock(task); /* Safe to release now */
90:
91: if(act->mact.bbPendRupt >= 16) { /* Have we hit the arbitrary maximum? */
92: act_unlock_thread(act); /* Unlock the activation */
93: return KERN_RESOURCE_SHORTAGE; /* Too many pending right now */
94: }
95:
96: if(!(bbr = (bbRupt *)kalloc(sizeof(bbRupt)))) { /* Get a return handler control block */
97: act_unlock_thread(act); /* Unlock the activation */
98: return KERN_RESOURCE_SHORTAGE; /* No storage... */
99: }
100:
101: act->mact.bbPendRupt++; /* Count this 'rupt */
102: bbr->rh.handler = bbSetRupt; /* Set interruption routine */
103: bbr->ruptRtn = ppcInterruptHandler; /* Set address to vector to */
104:
105: bbr->rh.next = act->handlers; /* Put our interrupt at the start of the list */
106: act->handlers = &bbr->rh;
107:
108: s = splsched(); /* No talking in class */
109: act_set_apc(act); /* Set an APC AST */
110: splx(s); /* Ok, you can talk now */
111:
112: act_unlock_thread(act); /* Unlock the activation */
113: return KERN_SUCCESS; /* We're done... */
114: }
115:
116: /*
117: * This guy is fired off asynchronously to actually do the 'rupt.
118: * We will find the user state savearea and modify it. If we can't,
119: * we just leave after releasing our work area
120: */
121:
122: void bbSetRupt(ReturnHandler *rh, thread_act_t act) {
123:
124: savearea *sv;
125: BDA_t *bda;
126: bbRupt *bbr;
127: UInt32 interruptState;
128:
129: bbr = (bbRupt *)rh; /* Make our area convenient */
130:
131: if(!(bda = (BDA_t *)act->mact.bbDescAddr)) { /* Is BlueBox still enabled? */
132: kfree((vm_offset_t)bbr, sizeof(bbRupt)); /* No, release the control block */
133: return;
134: }
135:
136: act->mact.bbPendRupt--; /* Uncount this 'rupt */
137:
138: if(!(sv = (savearea *)find_user_regs(act))) { /* Find the user state registers */
139: kfree((vm_offset_t)bbr, sizeof(bbRupt)); /* Couldn't find 'em, release the control block */
140: return;
141: }
142:
143: interruptState = (bda->InterruptControlWord & kInterruptStateMask) >> kInterruptStateShift;
144:
145: switch (interruptState) {
146:
147: case kInUninitialized:
148: break;
149:
150: case kInPseudoKernel:
151: case kOutsideBlue:
152: bda->InterruptControlWord = bda->InterruptControlWord |
153: ((bda->postIntMask >> kCR2ToBackupShift) & kBackupCR2Mask);
154: break;
155:
156: case kInSystemContext:
157: sv->save_cr |= bda->postIntMask;
158: break;
159:
160: case kInAlternateContext:
161: bda->InterruptControlWord = bda->InterruptControlWord |
162: ((bda->postIntMask >> kCR2ToBackupShift) & kBackupCR2Mask);
163: bda->InterruptControlWord = (bda->InterruptControlWord & ~kInterruptStateMask) |
164: (kInPseudoKernel << kInterruptStateShift);
165:
166: bda->ihs_pc = sv->save_srr0; /* Save the current PC */
167: sv->save_srr0 = bbr->ruptRtn; /* Set the new one */
168: bda->ihs_gpr2 = sv->save_r2; /* Save the original R2 */
169: break;
170:
171: case kInExceptionHandler:
172: bda->InterruptControlWord = bda->InterruptControlWord |
173: ((bda->postIntMask >> kCR2ToBackupShift) & kBackupCR2Mask);
174: break;
175:
176: default:
177: break;
178: }
179:
180: kfree((vm_offset_t)bbr, sizeof(bbRupt)); /* Release the control block */
181: return;
182:
183: }
184:
185: kern_return_t enable_bluebox(
186: host_t host,
187: void *TWI_TableStart, /* Start of TWI table */
188: char *Desc_TableStart /* Start of descriptor table */
189: ) {
190:
191: thread_t th;
192: vm_offset_t kerndescaddr, physdescaddr;
193: kern_return_t ret;
194: int i;
195:
196: th = current_thread(); /* Get our thread */
197:
198: if (host == HOST_NULL) return KERN_INVALID_HOST;
199:
200: if(!is_suser()) return KERN_FAILURE; /* We will only do this for the superuser */
201: if(th->top_act->mact.bbDescAddr) return KERN_FAILURE; /* Bail if already authorized... */
202: if((unsigned int) Desc_TableStart & (PAGE_SIZE - 1)) /* Is the descriptor page aligned? */
203: return KERN_FAILURE; /* No, kick 'em out... */
204:
205: ret = vm_map_wire(th->top_act->map, /* Kernel wire the descriptor in the user's map */
206: (vm_offset_t)Desc_TableStart,
207: (vm_offset_t)Desc_TableStart + PAGE_SIZE,
208: VM_PROT_READ | VM_PROT_WRITE,
209: FALSE);
210:
211: if(ret != KERN_SUCCESS) { /* Couldn't wire it, spit on 'em... */
212: return KERN_FAILURE;
213: }
214:
215: physdescaddr = /* Get the physical address of the page */
216: pmap_extract(th->top_act->map->pmap, (vm_offset_t) Desc_TableStart);
217:
218: ret = kmem_alloc_pageable(kernel_map, &kerndescaddr, PAGE_SIZE); /* Find a virtual address to use */
219: if(ret != KERN_SUCCESS) { /* Could we get an address? */
220: (void) vm_map_unwire(th->top_act->map, /* No, unwire the descriptor */
221: (vm_offset_t)Desc_TableStart,
222: (vm_offset_t)Desc_TableStart + PAGE_SIZE,
223: TRUE);
224: return KERN_FAILURE; /* Split... */
225: }
226:
227: (void) pmap_enter(kernel_pmap, /* Map this into the kernel */
228: kerndescaddr, physdescaddr, VM_PROT_READ|VM_PROT_WRITE,
229: TRUE);
230:
231: th->top_act->mact.bbDescAddr = (unsigned int)kerndescaddr; /* Set kernel address of the table */
232: th->top_act->mact.bbUserDA = (unsigned int)Desc_TableStart; /* Set user address of the table */
233: th->top_act->mact.bbTableStart = (unsigned int)TWI_TableStart; /* Set address of the trap table */
234: th->top_act->mact.bbPendRupt = 0; /* Clean pending 'rupt count */
235:
236: return KERN_SUCCESS;
237:
238: }
239:
240: kern_return_t disable_bluebox( host_t host ) {
241:
242: thread_act_t act;
243:
244: act = current_act(); /* Get our thread */
245:
246: if (host == HOST_NULL) return KERN_INVALID_HOST;
247:
248: if(!is_suser()) return KERN_FAILURE; /* We will only do this for the superuser */
249: if(!act->mact.bbDescAddr) return KERN_FAILURE; /* Bail if not authorized... */
250:
251: (void) vm_map_unwire(act->map, /* Unwire the descriptor in user's address space */
252: (vm_offset_t)act->mact.bbUserDA,
253: (vm_offset_t)act->mact.bbUserDA + PAGE_SIZE,
254: FALSE);
255:
256: kmem_free(kernel_map, (vm_offset_t)act->mact.bbDescAddr, PAGE_SIZE); /* Release the page */
257:
258: act->mact.bbDescAddr = 0; /* Clear kernel pointer to it */
259: act->mact.bbUserDA = 0; /* Clear user pointer to it */
260: act->mact.bbTableStart = 0; /* Clear start of table address */
261: act->mact.bbPendRupt = 0; /* Clean pending 'rupt count */
262: return KERN_SUCCESS;
263: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.