1 /*
2 * Copyright (c) 2000-2020 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
30 *
31 * HISTORY
32 *
33 * 29 June 2000 (debo)
34 * Created.
35 */
36
37 #include <mach/mach_types.h>
38 #include <mach/mach_traps.h>
39 #include <mach/mach_port_server.h>
40
41 #include <mach/mk_timer.h>
42
43 #include <ipc/port.h>
44 #include <ipc/ipc_space.h>
45
46 #include <kern/lock_group.h>
47 #include <kern/thread_call.h>
48 #include <ipc/ipc_kmsg.h>
49
50 struct mk_timer {
51 decl_simple_lock_data(, lock);
52 thread_call_data_t mkt_thread_call;
53 bool is_dead;
54 bool is_armed;
55 int active;
56 ipc_port_t XNU_PTRAUTH_SIGNED_PTR("mk_timer.port") port;
57 ipc_kmsg_t XNU_PTRAUTH_SIGNED_PTR("mk_timer.prealloc") prealloc;
58 };
59
60 static ZONE_DEFINE_TYPE(mk_timer_zone, "mk_timer",
61 struct mk_timer, ZC_ZFREE_CLEARMEM);
62
63 static void mk_timer_port_destroy(ipc_port_t);
64 static void mk_timer_expire(void *p0, void *p1);
65
66 IPC_KOBJECT_DEFINE(IKOT_TIMER,
67 .iko_op_destroy = mk_timer_port_destroy);
68
69 mach_port_name_t
mk_timer_create_trap(__unused struct mk_timer_create_trap_args * args)70 mk_timer_create_trap(
71 __unused struct mk_timer_create_trap_args *args)
72 {
73 struct mk_timer* timer;
74 ipc_space_t myspace = current_space();
75 mach_port_name_t name = MACH_PORT_NULL;
76 ipc_port_init_flags_t init_flags;
77 ipc_port_t port;
78 kern_return_t result;
79 ipc_kmsg_t kmsg;
80
81 /* Allocate and initialize local state of a timer object */
82 timer = zalloc_flags(mk_timer_zone, Z_ZERO | Z_WAITOK | Z_NOFAIL);
83 simple_lock_init(&timer->lock, 0);
84 thread_call_setup(&timer->mkt_thread_call, mk_timer_expire, timer);
85
86 /* Pre-allocate a kmsg for the timer messages */
87 kmsg = ipc_kmsg_alloc(sizeof(mk_timer_expire_msg_t), 0, 0,
88 IPC_KMSG_ALLOC_KERNEL | IPC_KMSG_ALLOC_ZERO |
89 IPC_KMSG_ALLOC_ALL_INLINE | IPC_KMSG_ALLOC_NOFAIL |
90 IPC_KMSG_ALLOC_USE_KEEP_ALIVE);
91 init_flags = IPC_PORT_INIT_MESSAGE_QUEUE;
92 result = ipc_port_alloc(myspace, init_flags, &name, &port);
93 if (result != KERN_SUCCESS) {
94 zfree(mk_timer_zone, timer);
95 ipc_kmsg_keep_alive_abandon(kmsg);
96 return MACH_PORT_NULL;
97 }
98
99 /* port locked, receive right at user-space */
100 port->ip_immovable_receive = true;
101 ipc_kobject_upgrade_mktimer_locked(port, (ipc_kobject_t)timer);
102
103 /* make a (naked) send right for the timer to keep */
104 timer->port = ipc_port_make_send_any_locked(port);
105
106 /* Associate the pre-allocated kmsg with the port */
107 timer->prealloc = kmsg;
108
109 ip_mq_unlock(port);
110
111 return name;
112 }
113
114 static void
mk_timer_unlock_and_destroy(struct mk_timer * timer,ipc_port_t port)115 mk_timer_unlock_and_destroy(struct mk_timer *timer, ipc_port_t port)
116 {
117 ipc_kmsg_t kmsg = timer->prealloc;
118
119 simple_unlock(&timer->lock);
120
121 zfree(mk_timer_zone, timer);
122 ipc_kmsg_keep_alive_abandon(kmsg);
123 ipc_port_release_send(port);
124 }
125
126 static void
mk_timer_port_destroy(ipc_port_t port)127 mk_timer_port_destroy(
128 ipc_port_t port)
129 {
130 struct mk_timer *timer = NULL;
131
132 timer = ipc_kobject_disable(port, IKOT_TIMER);
133
134 simple_lock(&timer->lock, LCK_GRP_NULL);
135
136 if (thread_call_cancel(&timer->mkt_thread_call)) {
137 timer->active--;
138 }
139 timer->is_armed = false;
140
141 timer->is_dead = true;
142 if (timer->active == 0) {
143 mk_timer_unlock_and_destroy(timer, port);
144 } else {
145 simple_unlock(&timer->lock);
146 }
147 }
148
149 static void
mk_timer_expire(void * p0,__unused void * p1)150 mk_timer_expire(
151 void *p0,
152 __unused void *p1)
153 {
154 struct mk_timer *timer = p0;
155 ipc_kmsg_t kmsg;
156 ipc_port_t port;
157
158 simple_lock(&timer->lock, LCK_GRP_NULL);
159
160 port = timer->port;
161 kmsg = timer->prealloc;
162 assert(port != IP_NULL);
163 assert(timer->active > 0);
164
165 while (timer->is_armed && timer->active == 1) {
166 timer->is_armed = false;
167 simple_unlock(&timer->lock);
168
169 if (ipc_kmsg_keep_alive_try_reusing(kmsg)) {
170 mk_timer_expire_msg_t *msg;
171
172 msg = __container_of(ikm_header(kmsg),
173 mk_timer_expire_msg_t, header);
174 bzero(msg, sizeof(mk_timer_expire_msg_t));
175 msg->header.msgh_bits =
176 MACH_MSGH_BITS_SET(MACH_MSG_TYPE_COPY_SEND, 0, 0, 0);
177 msg->header.msgh_size = sizeof(mk_timer_expire_msg_t);
178 msg->header.msgh_remote_port = port;
179
180 kernel_mach_msg_send_kmsg(kmsg);
181 }
182
183 simple_lock(&timer->lock, LCK_GRP_NULL);
184 }
185
186 timer->active -= 1;
187
188 if (timer->active == 0 && timer->is_dead) {
189 mk_timer_unlock_and_destroy(timer, port);
190 } else {
191 simple_unlock(&timer->lock);
192 }
193 }
194
195 /*
196 * mk_timer_destroy_trap: Destroy the Mach port associated with a timer
197 *
198 * Parameters: args User argument descriptor (see below)
199 *
200 * Indirect: args->name Mach port name
201 *
202 *
203 * Returns: 0 Success
204 * !0 Not success
205 *
206 */
207 kern_return_t
mk_timer_destroy_trap(struct mk_timer_destroy_trap_args * args)208 mk_timer_destroy_trap(
209 struct mk_timer_destroy_trap_args *args)
210 {
211 mach_port_name_t name = args->name;
212 ipc_space_t myspace = current_space();
213 ipc_port_t port;
214 kern_return_t kr;
215 ipc_entry_t entry;
216
217 kr = ipc_right_lookup_write(myspace, name, &entry);
218 if (kr != KERN_SUCCESS) {
219 return kr;
220 }
221
222 /* space is write-locked and active */
223
224 if ((IE_BITS_TYPE(entry->ie_bits) & MACH_PORT_TYPE_RECEIVE) == 0) {
225 is_write_unlock(myspace);
226 return KERN_INVALID_RIGHT;
227 }
228
229 port = ip_object_to_port(entry->ie_object);
230 if (ip_kotype(port) != IKOT_TIMER) {
231 is_write_unlock(myspace);
232 return KERN_INVALID_ARGUMENT;
233 }
234
235 /*
236 * This should have been a mach_mod_refs(RR, -1) but unfortunately,
237 * the fact this is a mach_port_destroy() is ABI now.
238 */
239 return ipc_right_destroy(myspace, name, entry, TRUE, 0); /* unlocks space */
240 }
241
242 /*
243 * mk_timer_arm_trap: Start (arm) a timer
244 *
245 * Parameters: args User argument descriptor (see below)
246 *
247 * Indirect: args->name Mach port name
248 * args->expire_time Time when timer expires
249 *
250 *
251 * Returns: 0 Success
252 * !0 Not success
253 *
254 */
255
256 static kern_return_t
mk_timer_arm_trap_internal(mach_port_name_t name,uint64_t expire_time,uint64_t mk_leeway,uint64_t mk_timer_flags)257 mk_timer_arm_trap_internal(mach_port_name_t name, uint64_t expire_time, uint64_t mk_leeway, uint64_t mk_timer_flags)
258 {
259 struct mk_timer* timer;
260 ipc_space_t myspace = current_space();
261 ipc_port_t port;
262 kern_return_t result;
263
264 result = ipc_port_translate_receive(myspace, name, &port);
265 if (result != KERN_SUCCESS) {
266 return result;
267 }
268
269 timer = ipc_kobject_get_locked(port, IKOT_TIMER);
270
271 if (timer) {
272
273 simple_lock(&timer->lock, LCK_GRP_NULL);
274 assert(timer->port == port);
275 ip_mq_unlock(port);
276
277 if (!timer->is_dead) {
278 timer->is_armed = true;
279
280 if (expire_time > mach_absolute_time()) {
281 uint32_t tcflags = THREAD_CALL_DELAY_USER_NORMAL;
282
283 if (mk_timer_flags & MK_TIMER_CRITICAL) {
284 tcflags = THREAD_CALL_DELAY_USER_CRITICAL;
285 }
286
287 if (mk_leeway != 0) {
288 tcflags |= THREAD_CALL_DELAY_LEEWAY;
289 }
290
291 if (!thread_call_enter_delayed_with_leeway(
292 &timer->mkt_thread_call, NULL,
293 expire_time, mk_leeway, tcflags)) {
294 timer->active++;
295 }
296 } else {
297 if (!thread_call_enter1(&timer->mkt_thread_call, NULL)) {
298 timer->active++;
299 }
300 }
301 }
302
303 simple_unlock(&timer->lock);
304 } else {
305 ip_mq_unlock(port);
306 result = KERN_INVALID_ARGUMENT;
307 }
308 return result;
309 }
310
311 kern_return_t
mk_timer_arm_trap(struct mk_timer_arm_trap_args * args)312 mk_timer_arm_trap(struct mk_timer_arm_trap_args *args)
313 {
314 return mk_timer_arm_trap_internal(args->name, args->expire_time, 0, MK_TIMER_NORMAL);
315 }
316
317 kern_return_t
mk_timer_arm_leeway_trap(struct mk_timer_arm_leeway_trap_args * args)318 mk_timer_arm_leeway_trap(struct mk_timer_arm_leeway_trap_args *args)
319 {
320 return mk_timer_arm_trap_internal(args->name, args->expire_time, args->mk_leeway, args->mk_timer_flags);
321 }
322
323 /*
324 * mk_timer_cancel_trap: Cancel a timer
325 *
326 * Parameters: args User argument descriptor (see below)
327 *
328 * Indirect: args->name Mach port name
329 * args->result_time The armed time of the cancelled timer (return value)
330 *
331 *
332 * Returns: 0 Success
333 * !0 Not success
334 *
335 */
336 kern_return_t
mk_timer_cancel_trap(struct mk_timer_cancel_trap_args * args)337 mk_timer_cancel_trap(
338 struct mk_timer_cancel_trap_args *args)
339 {
340 mach_port_name_t name = args->name;
341 mach_vm_address_t result_time_addr = args->result_time;
342 uint64_t armed_time = 0;
343 struct mk_timer* timer;
344 ipc_space_t myspace = current_space();
345 ipc_port_t port;
346 kern_return_t result;
347
348 result = ipc_port_translate_receive(myspace, name, &port);
349 if (result != KERN_SUCCESS) {
350 return result;
351 }
352
353 timer = ipc_kobject_get_locked(port, IKOT_TIMER);
354 if (timer != NULL) {
355 simple_lock(&timer->lock, LCK_GRP_NULL);
356 assert(timer->port == port);
357 ip_mq_unlock(port);
358
359 if (timer->is_armed) {
360 armed_time = thread_call_get_armed_deadline(&timer->mkt_thread_call);
361 if (thread_call_cancel(&timer->mkt_thread_call)) {
362 timer->active--;
363 }
364 timer->is_armed = false;
365 }
366
367 simple_unlock(&timer->lock);
368 } else {
369 ip_mq_unlock(port);
370 result = KERN_INVALID_ARGUMENT;
371 }
372
373 if (result == KERN_SUCCESS && result_time_addr != 0) {
374 if (copyout((void *)&armed_time, result_time_addr, sizeof(armed_time)) != 0) {
375 result = KERN_FAILURE;
376 }
377 }
378
379 return result;
380 }
381