1 #include <darwintest.h>
2 #include <TargetConditionals.h>
3 #include <mach/mach.h>
4 #include <stdlib.h>
5 #include <sys/sysctl.h>
6 #include <unistd.h>
7 #include <darwintest_multiprocess.h>
8 #include <spawn.h>
9 #include <spawn_private.h>
10 #include <libproc_internal.h>
11 #include <signal.h>
12 #include <string.h>
13
14 #include <err.h>
15 #include <stdio.h>
16 #include <sysexits.h>
17 #include <stdbool.h>
18
19 #include "rnServer.h" // generated by MIG from rnserver.defs
20
21 #include <dispatch/dispatch.h>
22 #include <dispatch/private.h> // dispatch_mig_server()
23 #include <servers/bootstrap.h>
24 #include <libproc_internal.h> // proc*cpumon*()
25
26 T_GLOBAL_META(
27 T_META_NAMESPACE("xnu.ipc"),
28 T_META_RUN_CONCURRENTLY(TRUE),
29 T_META_RADAR_COMPONENT_NAME("xnu"),
30 T_META_RADAR_COMPONENT_VERSION("IPC"),
31 T_META_TAG_VM_PREFERRED);
32
33 #define MAX_ARGV 5
34
35 extern char **environ;
36 static mach_port_t resource_notify_port = MACH_PORT_NULL;
37
38 T_DECL(test_port_table_setting_limits,
39 "Allocate ports upto hard limit",
40 T_META_IGNORECRASHES(".*port_table_limits_client.*"),
41 T_META_CHECK_LEAKS(false))
42 {
43 char *test_prog_name = "./port_table_limits_client";
44 char *child_args[MAX_ARGV];
45 int child_pid;
46 posix_spawnattr_t attrs;
47 int err;
48
49 #if TARGET_OS_BRIDGE
50 T_SKIP("Not running on target platforms");
51 #endif
52
53 /* Initialize posix_spawn attributes */
54 posix_spawnattr_init(&attrs);
55
56 err = posix_spawnattr_set_portlimits_ext(&attrs, 3000, 5000);
57 T_EXPECT_POSIX_SUCCESS(err, "posix_spawnattr_set_portlimits_ext");
58
59 child_args[0] = test_prog_name;
60 child_args[1] = "3000"; //soft limit
61 child_args[2] = "5000"; //hard limit
62 child_args[3] = "1"; //test num
63 child_args[4] = NULL;
64
65 err = posix_spawn(&child_pid, child_args[0], NULL, &attrs, child_args, environ);
66 T_EXPECT_POSIX_SUCCESS(err, "posix_spawn port_table_limits_client");
67
68 int child_status;
69 /* Wait for child and check for exception */
70
71 if (-1 == waitpid(child_pid, &child_status, 0)) {
72 T_FAIL("waitpid: child mia");
73 }
74
75 T_ASSERT_EQ(WIFEXITED(child_status), 0, "Child did not exit normally");
76
77 if (WIFSIGNALED(child_status)) {
78 T_ASSERT_EQ(child_status, 9, "Child exited with status = %x", child_status);
79 }
80 }
81
82 typedef struct {
83 mach_msg_header_t header;
84 mach_msg_body_t body;
85 mach_msg_port_descriptor_t port_descriptor;
86 mach_msg_trailer_t trailer; // subtract this when sending
87 } ipc_complex_message;
88
89 struct args {
90 const char *progname;
91 int verbose;
92 int voucher;
93 int num_msgs;
94 const char *server_port_name;
95 mach_port_t server_port;
96 mach_port_t reply_port;
97 int request_msg_size;
98 void *request_msg;
99 int reply_msg_size;
100 void *reply_msg;
101 uint32_t persona_id;
102 long client_pid;
103 };
104
105 void parse_args(struct args *args);
106 void server_setup(struct args* args);
107 void* exception_server_thread(void *arg);
108 mach_port_t create_exception_port(void);
109 static mach_port_t create_resource_notify_port(void);
110 void server_run(struct args *args);
111 static ipc_complex_message icm_request = {};
112 static ipc_complex_message icm_reply = {};
113
114 #define TEST_TIMEOUT 10
115
116 void
parse_args(struct args * args)117 parse_args(struct args *args)
118 {
119 args->server_port_name = "TEST_PORT_TABLE_LIMITS";
120 args->server_port = MACH_PORT_NULL;
121 args->reply_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
122 args->request_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
123 args->reply_msg_size = sizeof(ipc_complex_message) - sizeof(mach_msg_trailer_t);
124 args->request_msg = &icm_request;
125 args->reply_msg = &icm_reply;
126 }
127
128 /* Create a mach IPC listener which will respond to the client's message */
129 void
server_setup(struct args * args)130 server_setup(struct args *args)
131 {
132 kern_return_t ret;
133 mach_port_t bsport;
134
135 ret = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE,
136 &args->server_port);
137 T_ASSERT_MACH_SUCCESS(ret, "server: mach_port_allocate()");
138
139 ret = mach_port_insert_right(mach_task_self(), args->server_port, args->server_port,
140 MACH_MSG_TYPE_MAKE_SEND);
141 T_ASSERT_MACH_SUCCESS(ret, "server: mach_port_insert_right()");
142
143 ret = task_get_bootstrap_port(mach_task_self(), &bsport);
144 T_ASSERT_MACH_SUCCESS(ret, "server: task_get_bootstrap_port()");
145
146 ret = bootstrap_register(bsport, (const char *)args->server_port_name, args->server_port);
147 T_ASSERT_MACH_SUCCESS(ret, "server: bootstrap_register()");
148
149 T_LOG("server: waiting for IPC messages from client on port '%s'.\n",
150 args->server_port_name);
151 }
152
153 void
server_run(struct args * args)154 server_run(struct args *args)
155 {
156 mach_msg_header_t *request;
157 mach_msg_option_t rcvoption;
158 kern_return_t ret;
159 mach_port_t dummy_port;
160 mach_port_t client_task_port;
161
162 request = (mach_msg_header_t *)args->request_msg;
163
164 rcvoption = MACH_RCV_MSG | MACH_RCV_INTERRUPT;
165
166 T_LOG("server: Awaiting message");
167 ret = mach_msg(request,
168 rcvoption,
169 0,
170 sizeof(ipc_complex_message),
171 args->server_port,
172 MACH_MSG_TIMEOUT_NONE,
173 MACH_PORT_NULL);
174
175 T_ASSERT_MACH_SUCCESS(ret, "server: mach_msg receive");
176
177 int err = task_for_pid(mach_task_self(), (int)args->client_pid, &client_task_port);
178 T_ASSERT_MACH_SUCCESS(err, "server: task_for_pid");
179 ret = task_set_special_port(client_task_port, TASK_RESOURCE_NOTIFY_PORT, resource_notify_port);
180 T_ASSERT_MACH_SUCCESS(ret, "server: task_set_special_port");
181
182 //Sending reply message.
183 T_LOG("server: Allocate dummy port\n");
184 ret = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &dummy_port);
185 T_ASSERT_MACH_SUCCESS(ret, "server: allocate dummy port");
186
187 //Listen for the reply on the reply port
188 T_LOG("server: Sending Reply\n");
189 /* Construct the message */
190 mach_msg_header_t *reply = (mach_msg_header_t *)args->reply_msg;
191 reply->msgh_bits = MACH_MSGH_BITS_SET(MACH_MSG_TYPE_COPY_SEND, 0,
192 0, 0) | MACH_MSGH_BITS_COMPLEX;
193 reply->msgh_size = (mach_msg_size_t)args->reply_msg_size;
194 reply->msgh_remote_port = request->msgh_remote_port;
195 reply->msgh_local_port = 0;
196 reply->msgh_id = 2;
197
198 ipc_complex_message *complexmsg = (ipc_complex_message *)reply;
199 complexmsg->body.msgh_descriptor_count = 1;
200 complexmsg->port_descriptor.name = dummy_port;
201 complexmsg->port_descriptor.disposition = MACH_MSG_TYPE_MOVE_RECEIVE;
202 complexmsg->port_descriptor.type = MACH_MSG_PORT_DESCRIPTOR;
203
204 mach_msg_option_t option = MACH_SEND_MSG;
205
206 ret = mach_msg(reply,
207 option,
208 (mach_msg_size_t)args->reply_msg_size,
209 0,
210 MACH_PORT_NULL,
211 MACH_MSG_TIMEOUT_NONE,
212 MACH_PORT_NULL);
213 T_ASSERT_MACH_SUCCESS(ret, "server: mach_msg reply sent");
214 }
215
216 static mach_port_t
create_resource_notify_port()217 create_resource_notify_port()
218 {
219 kern_return_t kret;
220 mach_port_t rn_port = MACH_PORT_NULL;
221 mach_port_t task = mach_task_self();
222
223 kret = mach_port_allocate(task, MACH_PORT_RIGHT_RECEIVE, &rn_port);
224 T_EXPECT_MACH_SUCCESS(kret, "mach_port_allocate resource_notify_port");
225
226 kret = mach_port_insert_right(task, rn_port, rn_port, MACH_MSG_TYPE_MAKE_SEND);
227 T_EXPECT_MACH_SUCCESS(kret, "mach_port_insert_right resource_notify_port");
228
229 return rn_port;
230 }
231
232 T_DECL(test_port_table_hard_limit_with_resource_notify_port,
233 "Allocate ports upto hard limit and trigger notification",
234 T_META_IGNORECRASHES(".*port_table_limits_client.*"),
235 T_META_CHECK_LEAKS(false))
236 {
237 char *test_prog_name = "./port_table_limits_client";
238 char *child_args[MAX_ARGV];
239 int child_pid;
240 posix_spawnattr_t attrs;
241 int err;
242 kern_return_t kr;
243 struct args* server_args = (struct args*)malloc(sizeof(struct args));
244
245 #if TARGET_OS_BRIDGE
246 T_SKIP("Not running on target platforms");
247 #endif
248
249 /* Create the bootstrap port */
250 parse_args(server_args);
251 server_setup(server_args);
252
253 /* Create the resource notify port for the server */
254 mach_port_t rn_port = create_resource_notify_port();
255 T_ASSERT_NE(rn_port, 0, "Create a new resource notify port");
256 resource_notify_port = rn_port;
257
258 /* Initialize posix_spawn attributes */
259 posix_spawnattr_init(&attrs);
260 err = posix_spawnattr_set_portlimits_ext(&attrs, 0, 7000);
261 T_ASSERT_POSIX_SUCCESS(err, "posix_spawnattr_set_portlimits_ext");
262
263 child_args[0] = test_prog_name;
264 child_args[1] = "0"; // soft limit
265 child_args[2] = "7000"; // hard limit
266 child_args[3] = "2"; // test num
267 child_args[4] = NULL;
268
269 err = posix_spawn(&child_pid, child_args[0], NULL, &attrs, &child_args[0], environ);
270 T_ASSERT_POSIX_SUCCESS(err, "posix_spawn port_table_limits_client");
271
272 server_args->client_pid = child_pid;
273 server_run(server_args);
274
275 T_LOG("server: Let's see if we can catch some port leak");
276 /*
277 * Recover the service port because the port must have been destroyed and sent the notification by now
278 */
279 kr = mach_msg_server_once(resource_notify_server, 4096, resource_notify_port, 0);
280 T_ASSERT_MACH_SUCCESS(kr, "mach_msg_server_once resource_notify_port");
281 }
282
283 // MIG's resource_notify_server() expects receive_cpu_usage_trigger()
284 // This must match the definition in xnu's resource_notify.defs
285 kern_return_t
receive_cpu_usage_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_cpu_nsecs,__unused int64_t observation_nsecs,__unused int64_t cpu_nsecs_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)286 receive_cpu_usage_violation(__unused mach_port_t receiver,
287 __unused proc_name_t procname,
288 __unused pid_t pid,
289 __unused posix_path_t killed_proc_path,
290 __unused mach_timespec_t timestamp,
291 __unused int64_t observed_cpu_nsecs,
292 __unused int64_t observation_nsecs,
293 __unused int64_t cpu_nsecs_allowed,
294 __unused int64_t limit_window_nsecs,
295 __unused resource_notify_flags_t flags)
296 {
297 T_LOG("Inside receive_cpu_usage_violation");
298 return KERN_SUCCESS;
299 }
300
301 kern_return_t
receive_cpu_wakes_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_cpu_wakes,__unused int64_t observation_nsecs,__unused int64_t cpu_wakes_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)302 receive_cpu_wakes_violation(__unused mach_port_t receiver,
303 __unused proc_name_t procname,
304 __unused pid_t pid,
305 __unused posix_path_t killed_proc_path,
306 __unused mach_timespec_t timestamp,
307 __unused int64_t observed_cpu_wakes,
308 __unused int64_t observation_nsecs,
309 __unused int64_t cpu_wakes_allowed,
310 __unused int64_t limit_window_nsecs,
311 __unused resource_notify_flags_t flags)
312 {
313 T_LOG("Inside receive_cpu_wakes_violation");
314 return KERN_SUCCESS;
315 }
316
317 kern_return_t
receive_disk_writes_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused posix_path_t killed_proc_path,__unused mach_timespec_t timestamp,__unused int64_t observed_bytes_dirtied,__unused int64_t observation_nsecs,__unused int64_t bytes_dirtied_allowed,__unused int64_t limit_window_nsecs,__unused resource_notify_flags_t flags)318 receive_disk_writes_violation(__unused mach_port_t receiver,
319 __unused proc_name_t procname,
320 __unused pid_t pid,
321 __unused posix_path_t killed_proc_path,
322 __unused mach_timespec_t timestamp,
323 __unused int64_t observed_bytes_dirtied,
324 __unused int64_t observation_nsecs,
325 __unused int64_t bytes_dirtied_allowed,
326 __unused int64_t limit_window_nsecs,
327 __unused resource_notify_flags_t flags)
328 {
329 return KERN_SUCCESS;
330 }
331
332 kern_return_t
receive_port_space_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused mach_timespec_t timestamp,int64_t observed_ports,int64_t ports_allowed,__unused mach_port_t fatal_port,__unused resource_notify_flags_t flags)333 receive_port_space_violation(__unused mach_port_t receiver,
334 __unused proc_name_t procname,
335 __unused pid_t pid,
336 __unused mach_timespec_t timestamp,
337 int64_t observed_ports,
338 int64_t ports_allowed,
339 __unused mach_port_t fatal_port,
340 __unused resource_notify_flags_t flags)
341 {
342 T_LOG("Received a notification on the resource notify port");
343 T_LOG("Ports_allowed = %lld, observed_ports = %lld", ports_allowed, observed_ports);
344 if (fatal_port) {
345 mach_port_deallocate(mach_task_self(), fatal_port);
346 }
347 return KERN_SUCCESS;
348 }
349
350 kern_return_t
receive_file_descriptors_violation(__unused mach_port_t receiver,__unused proc_name_t procname,__unused pid_t pid,__unused mach_timespec_t timestamp,__unused int64_t observed_filedesc,__unused int64_t filedesc_allowed,__unused mach_port_t fatal_port,__unused resource_notify_flags_t flags)351 receive_file_descriptors_violation(__unused mach_port_t receiver,
352 __unused proc_name_t procname,
353 __unused pid_t pid,
354 __unused mach_timespec_t timestamp,
355 __unused int64_t observed_filedesc,
356 __unused int64_t filedesc_allowed,
357 __unused mach_port_t fatal_port,
358 __unused resource_notify_flags_t flags)
359 {
360 return KERN_SUCCESS;
361 }
362