1 #include <darwintest.h>
2
3 #include <mach/host_priv.h>
4 #include <mach/mach.h>
5 #include <mach/mach_types.h>
6 #include <mach/mach_vm.h>
7 #include <mach_debug/ipc_info.h>
8 #include <mach/processor_set.h>
9 #include <mach/task.h>
10 #include <signal.h>
11 #include <sys/wait.h>
12 #include <sys/proc.h>
13 #include <sys/sysctl.h>
14 #include <unistd.h>
15 #include <TargetConditionals.h>
16
17 #define IKOT_THREAD_CONTROL 1
18 #define IKOT_THREAD_READ 47
19 #define IKOT_THREAD_INSPECT 46
20
21 #define IKOT_TASK_CONTROL 2
22 #define IKOT_TASK_READ 45
23 #define IKOT_TASK_INSPECT 44
24 #define IKOT_TASK_NAME 20
25
26
27 /*
28 * This test verifies various security properties for task and thread
29 * read/inspect interfaces. Specifically, it checks and makes sure:
30 *
31 * 1. Task/thread can't get higher priv'ed ports from lower ones through
32 * {task, thread}_get_special_port()
33 * 2. Correct level of thread ports are returned from task_threads() with
34 * a given task port flavor
35 * 3. Correct level of task ports are returned from processor_set_tasks()
36 * 4. MIG intrans conversion and enforcement for task/thread port does not break.
37 * 5. task_{, read, inspect, name}_for_pid() works for self and other process
38 * 6. The new mach_vm_remap_new interface behaves correctly
39 */
40
41 T_GLOBAL_META(
42 T_META_NAMESPACE("xnu.ipc"),
43 T_META_RADAR_COMPONENT_NAME("xnu"),
44 T_META_RADAR_COMPONENT_VERSION("IPC"),
45 T_META_RUN_CONCURRENTLY(TRUE),
46 T_META_TAG_VM_PREFERRED);
47
48 static void
RESULT_CHECK(kern_return_t kr,unsigned int flavor,unsigned int required,char * f_name)49 RESULT_CHECK(
50 kern_return_t kr,
51 unsigned int flavor, /* task_flavor_t or thread_flavor_t */
52 unsigned int required, /* task_flavor_t or thread_flavor_t */
53 char *f_name)
54 {
55 if (flavor <= required) {
56 T_EXPECT_EQ(kr, KERN_SUCCESS, "%s should succeed with task/thread flavor %d, kr: 0x%x", f_name, flavor, kr);
57 } else {
58 T_EXPECT_NE(kr, KERN_SUCCESS, "%s should fail with task/thread flavor %d, kr: 0x%x", f_name, flavor, kr);
59 }
60 }
61
62 static void
test_task_get_special_port(task_t tport,task_flavor_t flavor)63 test_task_get_special_port(
64 task_t tport,
65 task_flavor_t flavor)
66 {
67 kern_return_t kr;
68 mach_port_t special_port = MACH_PORT_NULL;
69 mach_port_t tfp_port = MACH_PORT_NULL;
70
71 T_LOG("Testing task_get_special_port() with task flavor %d", flavor);
72 /* gettable with at least control port */
73 kr = task_get_special_port(tport, TASK_KERNEL_PORT, &special_port);
74 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "task_get_special_port(TASK_KERNEL_PORT)");
75 mach_port_deallocate(mach_task_self(), special_port);
76 special_port = MACH_PORT_NULL;
77
78 kr = task_get_special_port(tport, TASK_BOOTSTRAP_PORT, &special_port);
79 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "task_get_special_port(TASK_BOOTSTRAP_PORT)");
80 mach_port_deallocate(mach_task_self(), special_port);
81 special_port = MACH_PORT_NULL;
82
83 kr = task_get_special_port(tport, TASK_HOST_PORT, &special_port);
84 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "task_get_special_port(TASK_HOST_PORT)");
85 mach_port_deallocate(mach_task_self(), special_port);
86 special_port = MACH_PORT_NULL;
87
88 /* gettable with at least read port */
89 kr = task_get_special_port(tport, TASK_READ_PORT, &special_port);
90 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "task_get_special_port(TASK_READ_PORT)");
91 if (KERN_SUCCESS == kr) {
92 kr = task_read_for_pid(mach_task_self(), getpid(), &tfp_port);
93 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_read_for_pid()");
94 T_QUIET; T_EXPECT_EQ(tfp_port, special_port, "task_read_for_pid() should match TASK_READ_PORT");
95 mach_port_deallocate(mach_task_self(), tfp_port);
96 }
97 mach_port_deallocate(mach_task_self(), special_port);
98 special_port = MACH_PORT_NULL;
99
100 /* gettable with at least inspect port */
101 kr = task_get_special_port(tport, TASK_INSPECT_PORT, &special_port);
102 RESULT_CHECK(kr, flavor, TASK_FLAVOR_INSPECT, "task_get_special_port(TASK_INSPECT_PORT)");
103 if (KERN_SUCCESS == kr) {
104 kr = task_inspect_for_pid(mach_task_self(), getpid(), &tfp_port);
105 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_inspect_for_pid()");
106 T_QUIET; T_EXPECT_EQ(tfp_port, special_port, "task_inspect_for_pid() should match TASK_INSPECT_PORT");
107 mach_port_deallocate(mach_task_self(), tfp_port);
108 }
109 mach_port_deallocate(mach_task_self(), special_port);
110 special_port = MACH_PORT_NULL;
111
112 /* gettable with at least name port */
113 kr = task_get_special_port(tport, TASK_NAME_PORT, &special_port);
114 RESULT_CHECK(kr, flavor, TASK_FLAVOR_INSPECT, "task_get_special_port(TASK_NAME_PORT)");
115 if (KERN_SUCCESS == kr) {
116 kr = task_name_for_pid(mach_task_self(), getpid(), &tfp_port);
117 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_name_for_pid()");
118 T_QUIET; T_EXPECT_EQ(tfp_port, special_port, "task_name_for_pid() should match TASK_NAME_PORT");
119 mach_port_deallocate(mach_task_self(), tfp_port);
120 }
121 mach_port_deallocate(mach_task_self(), special_port);
122 special_port = MACH_PORT_NULL;
123 }
124
125 static void
test_thread_get_special_port(thread_t tport,thread_flavor_t flavor)126 test_thread_get_special_port(
127 thread_t tport,
128 thread_flavor_t flavor)
129 {
130 kern_return_t kr;
131 mach_port_t special_port = MACH_PORT_NULL;
132
133 T_LOG("Testing thread_get_special_port() with thread flavor %d", flavor);
134 /* gettable with at least control port */
135 kr = thread_get_special_port(tport, THREAD_KERNEL_PORT, &special_port);
136 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_CONTROL, "thread_get_special_port(THREAD_KERNEL_PORT)");
137 mach_port_deallocate(mach_task_self(), special_port);
138 special_port = MACH_PORT_NULL;
139
140 /* gettable with at least read port */
141 kr = thread_get_special_port(tport, THREAD_READ_PORT, &special_port);
142 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_READ, "thread_get_special_port(THREAD_READ_PORT)");
143 mach_port_deallocate(mach_task_self(), special_port);
144 special_port = MACH_PORT_NULL;
145
146 /* gettable with at least inspect port */
147 kr = thread_get_special_port(tport, THREAD_INSPECT_PORT, &special_port);
148 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_INSPECT, "thread_get_special_port(THREAD_INSPECT_PORT)");
149 mach_port_deallocate(mach_task_self(), special_port);
150 special_port = MACH_PORT_NULL;
151 }
152
153 static void
test_task_threads(task_t tport,task_flavor_t flavor)154 test_task_threads(
155 task_t tport,
156 task_flavor_t flavor)
157 {
158 kern_return_t kr;
159 thread_array_t threadList;
160 mach_msg_type_number_t threadCount = 0;
161
162 unsigned int kotype;
163 unsigned int kaddr;
164
165 T_LOG("Testing task_threads() with task flavor %d", flavor);
166
167 kr = task_threads(tport, &threadList, &threadCount);
168 RESULT_CHECK(kr, flavor, TASK_FLAVOR_INSPECT, "task_threads");
169
170 if (kr) {
171 T_LOG("task_threads failed, skipping test_task_threads()");
172 return;
173 }
174
175 T_QUIET; T_ASSERT_GE(threadCount, 1, "threadCount should be at least 1");
176
177 /*
178 * TASK_FLAVOR_CONTROL -> THREAD_FLAVOR_CONTROL
179 * TASK_FLAVOR_READ -> THREAD_FLAVOR_READ
180 * TASK_FLAVOR_INSPECT -> THREAD_FLAVOR_INSPECT
181 * TASK_FLAOVR_NAME -> KERN_FAILURE
182 */
183 for (size_t i = 0; i < threadCount; i++) {
184 kr = mach_port_kernel_object(mach_task_self(), threadList[i], &kotype, &kaddr);
185 if (kr == KERN_INVALID_RIGHT || kr == KERN_INVALID_NAME) {
186 /* thread port is inactive */
187 T_LOG("thread port name 0x%x is inactive", threadList[i]);
188 continue;
189 } else if (kr) {
190 T_FAIL("mach_port_kernel_object() failed with kr: 0x%x", kr);
191 }
192 switch (flavor) {
193 case TASK_FLAVOR_CONTROL:
194 T_QUIET; T_EXPECT_EQ(kotype, IKOT_THREAD_CONTROL, "Task control port should yield thread control port");
195 break;
196 case TASK_FLAVOR_READ:
197 T_QUIET; T_EXPECT_EQ(kotype, IKOT_THREAD_READ, "Task read port should yield thread read port");
198 break;
199 case TASK_FLAVOR_INSPECT:
200 T_QUIET; T_EXPECT_EQ(kotype, IKOT_THREAD_INSPECT, "Task inspect port should yield thread inspect port");
201 break;
202 default:
203 T_FAIL("task_threads() returned thread ports with task name port??");
204 break;
205 }
206 }
207
208 for (size_t i = 0; i < threadCount; i++) {
209 mach_port_deallocate(mach_task_self(), threadList[i]);
210 }
211 vm_deallocate(mach_task_self(), (vm_address_t)threadList,
212 sizeof(threadList[0]) * threadCount);
213 }
214
215 static void
test_processor_set_tasks(task_flavor_t flavor)216 test_processor_set_tasks(
217 task_flavor_t flavor)
218 {
219 kern_return_t kr;
220 processor_set_name_array_t psets;
221 processor_set_t pset_priv;
222 task_array_t taskList;
223 mach_msg_type_number_t pcnt = 0, tcnt = 0;
224 mach_port_t host = mach_host_self();
225
226 unsigned int kotype;
227 unsigned int kaddr;
228
229 T_LOG("Testing processor_set_tasks() with task flavor %d", flavor);
230
231 kr = host_processor_sets(host, &psets, &pcnt);
232 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "host_processor_sets");
233 T_QUIET; T_ASSERT_GE(pcnt, 1, "should have at least 1 processor set");
234
235 kr = host_processor_set_priv(host, psets[0], &pset_priv);
236 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "host_processor_set_priv");
237 for (size_t i = 0; i < pcnt; i++) {
238 mach_port_deallocate(mach_task_self(), psets[i]);
239 }
240 mach_port_deallocate(mach_task_self(), host);
241
242 kr = processor_set_tasks_with_flavor(pset_priv, flavor, &taskList, &tcnt);
243 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "processor_set_tasks_with_flavor");
244 T_QUIET; T_ASSERT_GE(tcnt, 1, "should have at least 1 task");
245 mach_port_deallocate(mach_task_self(), pset_priv);
246
247 for (size_t i = 0; i < tcnt; i++) {
248 kr = mach_port_kernel_object(mach_task_self(), taskList[i], &kotype, &kaddr);
249 if (kr == KERN_INVALID_RIGHT || kr == KERN_INVALID_NAME) {
250 /* task port is inactive */
251 T_LOG("task port name 0x%x is inactive", taskList[i]);
252 continue;
253 } else if (kr) {
254 T_FAIL("mach_port_kernel_object() failed with kr: 0x%x", kr);
255 }
256 switch (flavor) {
257 case TASK_FLAVOR_CONTROL:
258 T_QUIET; T_EXPECT_EQ(kotype, IKOT_TASK_CONTROL, "TASK_FLAVOR_CONTROL should yield control ports");
259 break;
260 case TASK_FLAVOR_READ:
261 T_QUIET; T_EXPECT_EQ(kotype, IKOT_TASK_READ, "TASK_FLAVOR_READ should yield read ports");
262 break;
263 case TASK_FLAVOR_INSPECT:
264 T_QUIET; T_EXPECT_EQ(kotype, IKOT_TASK_INSPECT, "TASK_FLAVOR_INSPECT should yield inspect ports");
265 break;
266 case TASK_FLAVOR_NAME:
267 T_QUIET; T_EXPECT_EQ(kotype, IKOT_TASK_NAME, "TASK_FLAVOR_NAME should yield name ports");
268 break;
269 default:
270 T_FAIL("strange flavor");
271 break;
272 }
273 }
274
275 for (size_t i = 0; i < tcnt; i++) {
276 mach_port_deallocate(mach_task_self(), taskList[i]);
277 }
278 }
279
280 static void
test_task_port_mig_intrans(task_t tport,task_flavor_t flavor)281 test_task_port_mig_intrans(
282 task_t tport,
283 task_flavor_t flavor)
284 {
285 kern_return_t kr;
286
287 T_LOG("Testing various MIG/manual intrans task interfaces with task flavor %d", flavor);
288
289 {
290 /* 1. Test some control port interfaces */
291 int data = 0x41;
292 int new_value = 0x42;
293 kr = mach_vm_write(tport,
294 (mach_vm_address_t)&data,
295 (vm_offset_t)&new_value,
296 (mach_msg_type_number_t)sizeof(int));
297 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "mach_vm_write");
298
299 /* mach_vm_remap_new with max_protection VM_PROT_WRITE | VM_PROT_READ */
300 int *localAddress = 0;
301 mach_vm_address_t localMachVMAddress = 0;
302 vm_prot_t cur_protection = VM_PROT_WRITE | VM_PROT_READ;
303 vm_prot_t max_protection = VM_PROT_WRITE | VM_PROT_READ;
304 /* rdar://67706101 (mach_vm_remap flag that allows restricting protection of remapped region) */
305 kr = mach_vm_remap_new(mach_task_self(),
306 &localMachVMAddress,
307 sizeof(int),
308 0,
309 VM_FLAGS_ANYWHERE,
310 tport, /* remote task, use self task port */
311 (mach_vm_address_t)&data,
312 false,
313 &cur_protection,
314 &max_protection,
315 VM_INHERIT_NONE);
316 localAddress = (int *)(uintptr_t)localMachVMAddress;
317
318 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "mach_vm_remap_new - VM_PROT_WRITE");
319 if (KERN_SUCCESS == kr) {
320 T_QUIET; T_EXPECT_EQ(max_protection, VM_PROT_READ | VM_PROT_WRITE, NULL);
321 T_QUIET; T_EXPECT_EQ(cur_protection, VM_PROT_READ | VM_PROT_WRITE, NULL);
322 T_QUIET; T_EXPECT_EQ(*localAddress, data, NULL); /* read */
323 *localAddress = 0; /* write */
324 }
325
326 exception_mask_t masks[EXC_TYPES_COUNT] = {};
327 mach_msg_type_number_t nmasks = 0;
328 exception_port_t ports[EXC_TYPES_COUNT] = {};
329 exception_behavior_t behaviors[EXC_TYPES_COUNT] = {};
330 thread_state_flavor_t flavors[EXC_TYPES_COUNT] = {};
331 kr = task_get_exception_ports(tport, EXC_MASK_ALL,
332 masks, &nmasks, ports, behaviors, flavors);
333 RESULT_CHECK(kr, flavor, TASK_FLAVOR_CONTROL, "task_get_exception_ports");
334 for (size_t i = 0; i < EXC_TYPES_COUNT; i++) {
335 mach_port_deallocate(mach_task_self(), ports[i]);
336 }
337 }
338
339 {
340 /* 2. Test some read port interfaces */
341 vm_offset_t read_value = 0;
342 mach_msg_type_number_t read_cnt = 0;
343 int data = 0x41;
344 kr = mach_vm_read(tport,
345 (mach_vm_address_t)&data,
346 (mach_msg_type_number_t)sizeof(int),
347 &read_value,
348 &read_cnt);
349 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "mach_vm_read");
350
351 /* mach_vm_remap_new with max_protection VM_PROT_READ */
352 int *localAddress = 0;
353 mach_vm_address_t localMachVMAddress = 0;
354 vm_prot_t cur_protection = VM_PROT_READ;
355 vm_prot_t max_protection = VM_PROT_READ;
356 /* rdar://67706101 (mach_vm_remap flag that allows restricting protection of remapped region) */
357 kr = mach_vm_remap_new(mach_task_self(),
358 &localMachVMAddress,
359 sizeof(int),
360 0,
361 VM_FLAGS_ANYWHERE,
362 tport, /* remote task, use self task port */
363 (mach_vm_address_t)&data,
364 false,
365 &cur_protection,
366 &max_protection,
367 VM_INHERIT_NONE);
368 localAddress = (int *)(uintptr_t)localMachVMAddress;
369
370 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "mach_vm_remap_new - VM_PROT_READ");
371 if (KERN_SUCCESS == kr) {
372 T_QUIET; T_EXPECT_EQ(max_protection, VM_PROT_READ, NULL);
373 T_QUIET; T_EXPECT_EQ(cur_protection, VM_PROT_READ, NULL);
374 T_QUIET; T_EXPECT_EQ(*localAddress, data, NULL); /* read */
375 }
376
377 /* mach_vm_remap_new with copy == TRUE */
378 int data2 = 0x42;
379 localAddress = 0;
380 localMachVMAddress = 0;
381 cur_protection = VM_PROT_WRITE | VM_PROT_READ;
382 max_protection = VM_PROT_WRITE | VM_PROT_READ;
383
384 kr = mach_vm_remap_new(mach_task_self(),
385 &localMachVMAddress,
386 sizeof(int),
387 0,
388 VM_FLAGS_ANYWHERE,
389 tport, /* remote task, use self task port */
390 (mach_vm_address_t)&data2,
391 true,
392 &cur_protection,
393 &max_protection,
394 VM_INHERIT_NONE);
395 localAddress = (int *)(uintptr_t)localMachVMAddress;
396
397 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "mach_vm_remap_new - copy==TRUE");
398 if (KERN_SUCCESS == kr) {
399 T_QUIET; T_EXPECT_EQ(max_protection, VM_PROT_READ | VM_PROT_WRITE, NULL);
400 T_QUIET; T_EXPECT_EQ(cur_protection, VM_PROT_READ | VM_PROT_WRITE, NULL);
401 /* Following is causing bus error tracked by rdar://71616700 (Unexpected BUS ERROR in mach_vm_remap_new()) */
402 // T_QUIET; T_EXPECT_EQ(*localAddress, data2, NULL); /* read */
403 // *localAddress = 0; /* write */
404 }
405
406 /* */
407 mach_port_t voucher = MACH_PORT_NULL;
408 kr = task_get_mach_voucher(tport, 0, &voucher);
409 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "task_get_mach_voucher");
410 mach_port_deallocate(mach_task_self(), voucher);
411
412 /* */
413 ipc_info_space_t space_info;
414 ipc_info_name_array_t table;
415 mach_msg_type_number_t tableCount;
416 ipc_info_tree_name_array_t tree; /* unused */
417 mach_msg_type_number_t treeCount; /* unused */
418 kr = mach_port_space_info(tport, &space_info, &table, &tableCount, &tree, &treeCount);
419 RESULT_CHECK(kr, flavor, TASK_FLAVOR_READ, "mach_port_space_info");
420 }
421
422 {
423 /* 3. Test some inspect port interfaces */
424 task_exc_guard_behavior_t exc_behavior;
425 kr = task_get_exc_guard_behavior(tport, &exc_behavior);
426 RESULT_CHECK(kr, flavor, TASK_FLAVOR_INSPECT, "task_get_exc_guard_behavior");
427 }
428
429 {
430 /* 4. Test some name port interfaces */
431 struct task_basic_info info;
432 mach_msg_type_number_t size = sizeof(info);
433 kr = task_info(tport,
434 TASK_BASIC_INFO,
435 (task_info_t)&info,
436 &size);
437 RESULT_CHECK(kr, flavor, TASK_FLAVOR_NAME, "task_info");
438 }
439 }
440
441 static void
test_thread_port_mig_intrans(thread_t tport,thread_flavor_t flavor)442 test_thread_port_mig_intrans(
443 thread_t tport,
444 thread_flavor_t flavor)
445 {
446 kern_return_t kr;
447
448 T_LOG("Testing various MIG/manual intrans thread interfaces with thread flavor %d", flavor);
449
450 {
451 /* 1. Test some control port interfaces */
452 exception_mask_t masks[EXC_TYPES_COUNT] = {};
453 mach_msg_type_number_t nmasks = 0;
454 exception_port_t ports[EXC_TYPES_COUNT] = {};
455 exception_behavior_t behaviors[EXC_TYPES_COUNT] = {};;
456 thread_state_flavor_t flavors[EXC_TYPES_COUNT] = {};;
457 kr = thread_get_exception_ports(tport, EXC_MASK_ALL,
458 masks, &nmasks, ports, behaviors, flavors);
459 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_CONTROL, "thread_get_exception_ports");
460 for (size_t i = 0; i < EXC_TYPES_COUNT; i++) {
461 mach_port_deallocate(mach_task_self(), ports[i]);
462 }
463 }
464
465 {
466 /* 2. Test some read port interfaces */
467 mach_voucher_t voucher = MACH_PORT_NULL;
468 kr = thread_get_mach_voucher(tport, 0, &voucher);
469 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_READ, "thread_get_mach_voucher");
470 mach_port_deallocate(mach_task_self(), voucher);
471 }
472
473 {
474 /* 3. Test some inspect port interfaces */
475 thread_qos_policy_t info;
476 mach_msg_type_number_t count = THREAD_QOS_POLICY_COUNT;
477 boolean_t get_default = FALSE;
478
479 processor_set_name_t name = MACH_PORT_NULL;
480 kr = thread_policy_get(tport, THREAD_QOS_POLICY,
481 (thread_policy_t)&info, &count, &get_default);
482 RESULT_CHECK(kr, flavor, THREAD_FLAVOR_INSPECT, "thread_policy_get");
483 }
484 }
485
486 static void
test_get_child_task_port(void)487 test_get_child_task_port(void)
488 {
489 pid_t child_pid;
490 kern_return_t kr;
491 mach_port_name_t tr, ti, tp, tn;
492
493 child_pid = fork();
494
495 T_LOG("Testing get child task ports");
496
497 if (child_pid < 0) {
498 T_FAIL("fork failed in test_get_child_port.");
499 }
500
501 if (child_pid == 0) {
502 /* hang the child */
503 while (1) {
504 sleep(10);
505 }
506 }
507
508 kr = task_for_pid(mach_task_self(), child_pid, &tp);
509 T_QUIET; T_EXPECT_MACH_SUCCESS(kr, "task_for_pid for child %u", child_pid);
510
511 kr = task_read_for_pid(mach_task_self(), child_pid, &tr);
512 T_QUIET; T_EXPECT_MACH_SUCCESS(kr, "task_read_for_pid for child %u", child_pid);
513
514 kr = task_inspect_for_pid(mach_task_self(), child_pid, &ti);
515 T_QUIET; T_EXPECT_MACH_SUCCESS(kr, "task_inspect_for_pid for child %u", child_pid);
516
517 kr = task_name_for_pid(mach_task_self(), child_pid, &tn);
518 T_QUIET; T_EXPECT_MACH_SUCCESS(kr, "task_name_for_pid for child %u", child_pid);
519
520 mach_port_deallocate(mach_task_self(), tp);
521 mach_port_deallocate(mach_task_self(), tr);
522 mach_port_deallocate(mach_task_self(), ti);
523 mach_port_deallocate(mach_task_self(), tn);
524
525 kill(child_pid, SIGKILL);
526 int status;
527 wait(&status);
528 }
529
530 T_DECL(read_inspect, "Test critical read and inspect port interfaces")
531 {
532 mach_port_t control_port, movable_port, read_port, inspect_port, name_port;
533 mach_port_t th_control_port, th_movable_port, th_read_port, th_inspect_port;
534 #define TASK_PORT_COUNT 5
535 #define THREAD_PORT_COUNT 4
536 mach_port_t task_ports[TASK_PORT_COUNT];
537 task_flavor_t task_flavors[TASK_PORT_COUNT];
538 mach_port_t thread_ports[THREAD_PORT_COUNT];
539 thread_flavor_t thread_flavors[THREAD_PORT_COUNT];
540 kern_return_t kr;
541
542 /* first, try getting all flavors of task port for self */
543 kr = task_for_pid(mach_task_self(), getpid(), &control_port);
544 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_for_pid()");
545 task_ports[0] = control_port;
546 task_flavors[0] = TASK_FLAVOR_CONTROL;
547
548 kr = task_get_special_port(mach_task_self(), TASK_KERNEL_PORT, &movable_port);
549 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_get_special_port(..TASK_KERNEL_PORT..)");
550 task_ports[1] = movable_port;
551 task_flavors[1] = TASK_FLAVOR_CONTROL;
552
553 kr = task_read_for_pid(mach_task_self(), getpid(), &read_port);
554 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_read_for_pid()");
555 task_ports[2] = read_port;
556 task_flavors[2] = TASK_FLAVOR_READ;
557
558 kr = task_inspect_for_pid(mach_task_self(), getpid(), &inspect_port);
559 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_inspect_for_pid()");
560 task_ports[3] = inspect_port;
561 task_flavors[3] = TASK_FLAVOR_INSPECT;
562
563 kr = task_name_for_pid(mach_task_self(), getpid(), &name_port);
564 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "task_name_for_pid()");
565 task_ports[4] = name_port;
566 task_flavors[4] = TASK_FLAVOR_NAME;
567
568
569 for (size_t i = 0; i < TASK_PORT_COUNT; i++) {
570 /*
571 * 1. Make sure can't get higher priv'ed ports from lower ones through
572 * task_get_special_port()
573 */
574 test_task_get_special_port(task_ports[i], task_flavors[i]);
575
576 /*
577 * 2. Make sure correct level of thread ports are returned from task_threads
578 */
579 test_task_threads(task_ports[i], task_flavors[i]);
580
581 /*
582 * 3. Make sure correct level of task ports are returned from processor_set_tasks
583 */
584 if (i >= 1) {
585 test_processor_set_tasks(task_flavors[i]);
586 }
587
588 /*
589 * 4. Make sure our MIG intrans enforcement for tasks does not break.
590 */
591 test_task_port_mig_intrans(task_ports[i], task_flavors[i]);
592 }
593
594
595 for (size_t i = 0; i < TASK_PORT_COUNT; i++) {
596 mach_port_deallocate(mach_task_self(), task_ports[i]);
597 }
598
599 /* 4. Try spawning a child an get its task ports */
600 test_get_child_task_port();
601
602 /* Now, test thread read/inspect ports */
603 th_control_port = mach_thread_self();
604 thread_ports[0] = th_control_port;
605 thread_flavors[0] = THREAD_FLAVOR_CONTROL;
606
607 kr = thread_get_special_port(th_control_port, THREAD_KERNEL_PORT, &th_movable_port);
608 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "thread_get_special_port(..THREAD_KERNEL_PORT..)");
609 thread_ports[1] = th_movable_port;
610 thread_flavors[1] = THREAD_FLAVOR_CONTROL;
611
612 kr = thread_get_special_port(th_control_port, THREAD_READ_PORT, &th_read_port);
613 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "thread_get_special_port(..THREAD_READ_PORT..)");
614 thread_ports[2] = th_read_port;
615 thread_flavors[2] = THREAD_FLAVOR_READ;
616
617 kr = thread_get_special_port(th_control_port, THREAD_INSPECT_PORT, &th_inspect_port);
618 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "thread_get_special_port(..THREAD_INSPECT_PORT..)");
619 thread_ports[3] = th_inspect_port;
620 thread_flavors[3] = THREAD_FLAVOR_INSPECT;
621
622
623 for (size_t i = 0; i < THREAD_PORT_COUNT; i++) {
624 /*
625 * 1. Make sure can't get higher priv'ed ports from lower ones through
626 * thread_get_special_port()
627 */
628 test_thread_get_special_port(thread_ports[i], thread_flavors[i]);
629
630 /*
631 * 2. Make sure our MIG intrans enforcement for threads does not break.
632 */
633 test_thread_port_mig_intrans(thread_ports[i], thread_flavors[i]);
634 }
635
636 for (size_t i = 0; i < THREAD_PORT_COUNT; i++) {
637 mach_port_deallocate(mach_task_self(), thread_ports[i]);
638 }
639 }
640