static kern_return_t
sendsig_set_thread_state32(arm_thread_state_t *regs,
user32_addr_t catcher, int infostyle, int sig, user32_addr_t p_sinfo,
user32_addr_t trampact, user32_addr_t sp, thread_t th_act)
{
assert(!proc_is64bit_data(current_proc()));
regs->r[0] = catcher;
regs->r[1] = infostyle;
regs->r[2] = sig;
regs->r[3] = p_sinfo;
if (trampact & 1) {
regs->pc = trampact & ~1;
#if defined(__arm64__)
regs->cpsr = PSR64_USER32_DEFAULT | PSR64_MODE_USER32_THUMB;
#elif defined(__arm__)
regs->cpsr = PSR_USERDFLT | PSR_TF;
#else
#error Unknown architeture.
#endif
} else {
regs->pc = trampact;
regs->cpsr = PSR_USERDFLT;
}
regs->sp = sp;
return thread_setstatus(th_act, ARM_THREAD_STATE, (void *)regs, ARM_THREAD_STATE_COUNT);
}
static
load_return_t
load_threadstate(
thread_t thread,
uint32_t *ts,
uint32_t total_size
)
{
kern_return_t ret;
uint32_t size;
int flavor;
uint32_t thread_size;
ret = thread_state_initialize( thread );
if (ret != KERN_SUCCESS) {
return(LOAD_FAILURE);
}
/*
* Set the new thread state; iterate through the state flavors in
* the mach-o file.
*/
while (total_size > 0) {
flavor = *ts++;
size = *ts++;
if (UINT32_MAX-2 < size ||
UINT32_MAX/sizeof(uint32_t) < size+2)
return (LOAD_BADMACHO);
thread_size = (size+2)*sizeof(uint32_t);
if (thread_size > total_size)
return(LOAD_BADMACHO);
total_size -= thread_size;
/*
* Third argument is a kernel space pointer; it gets cast
* to the appropriate type in machine_thread_set_state()
* based on the value of flavor.
*/
ret = thread_setstatus(thread, flavor, (thread_state_t)ts, size);
if (ret != KERN_SUCCESS) {
return(LOAD_FAILURE);
}
ts += size; /* ts is a (uint32_t *) */
}
return(LOAD_SUCCESS);
}
static kern_return_t
sendsig_set_thread_state64(arm_thread_state64_t *regs,
user64_addr_t catcher, int infostyle, int sig, user64_addr_t p_sinfo,
user64_addr_t p_uctx, user64_addr_t token, user64_addr_t trampact, user64_addr_t sp, thread_t th_act)
{
assert(proc_is64bit_data(current_proc()));
regs->x[0] = catcher;
regs->x[1] = infostyle;
regs->x[2] = sig;
regs->x[3] = p_sinfo;
regs->x[4] = p_uctx;
regs->x[5] = token;
regs->pc = trampact;
regs->cpsr = PSR64_USER64_DEFAULT;
regs->sp = sp;
return thread_setstatus(th_act, ARM_THREAD_STATE64, (void *)regs, ARM_THREAD_STATE64_COUNT);
}
/*
* Routine: exception_deliver
* Purpose:
* Make an upcall to the exception server provided.
* Conditions:
* Nothing locked and no resources held.
* Called from an exception context, so
* thread_exception_return and thread_kdb_return
* are possible.
* Returns:
* KERN_SUCCESS if the exception was handled
*/
kern_return_t
exception_deliver(
thread_t thread,
exception_type_t exception,
mach_exception_data_t code,
mach_msg_type_number_t codeCnt,
struct exception_action *excp,
lck_mtx_t *mutex)
{
ipc_port_t exc_port;
exception_data_type_t small_code[EXCEPTION_CODE_MAX];
int code64;
int behavior;
int flavor;
kern_return_t kr;
/*
* Save work if we are terminating.
* Just go back to our AST handler.
*/
if (!thread->active)
return KERN_SUCCESS;
/*
* Snapshot the exception action data under lock for consistency.
* Hold a reference to the port over the exception_raise_* calls
* so it can't be destroyed. This seems like overkill, but keeps
* the port from disappearing between now and when
* ipc_object_copyin_from_kernel is finally called.
*/
lck_mtx_lock(mutex);
exc_port = excp->port;
if (!IP_VALID(exc_port)) {
lck_mtx_unlock(mutex);
return KERN_FAILURE;
}
ip_lock(exc_port);
if (!ip_active(exc_port)) {
ip_unlock(exc_port);
lck_mtx_unlock(mutex);
return KERN_FAILURE;
}
ip_reference(exc_port);
exc_port->ip_srights++;
ip_unlock(exc_port);
flavor = excp->flavor;
behavior = excp->behavior;
lck_mtx_unlock(mutex);
code64 = (behavior & MACH_EXCEPTION_CODES);
behavior &= ~MACH_EXCEPTION_CODES;
if (!code64) {
small_code[0] = CAST_DOWN_EXPLICIT(exception_data_type_t, code[0]);
small_code[1] = CAST_DOWN_EXPLICIT(exception_data_type_t, code[1]);
}
switch (behavior) {
case EXCEPTION_STATE: {
mach_msg_type_number_t state_cnt;
thread_state_data_t state;
c_thr_exc_raise_state++;
state_cnt = _MachineStateCount[flavor];
kr = thread_getstatus(thread, flavor,
(thread_state_t)state,
&state_cnt);
if (kr == KERN_SUCCESS) {
if (code64) {
kr = mach_exception_raise_state(exc_port,
exception,
code,
codeCnt,
&flavor,
state, state_cnt,
state, &state_cnt);
} else {
kr = exception_raise_state(exc_port, exception,
small_code,
codeCnt,
&flavor,
state, state_cnt,
state, &state_cnt);
}
if (kr == MACH_MSG_SUCCESS)
kr = thread_setstatus(thread, flavor,
(thread_state_t)state,
state_cnt);
}
return kr;
}
case EXCEPTION_DEFAULT:
c_thr_exc_raise++;
if (code64) {
kr = mach_exception_raise(exc_port,
retrieve_thread_self_fast(thread),
retrieve_task_self_fast(thread->task),
exception,
code,
codeCnt);
} else {
kr = exception_raise(exc_port,
retrieve_thread_self_fast(thread),
retrieve_task_self_fast(thread->task),
exception,
small_code,
codeCnt);
}
return kr;
case EXCEPTION_STATE_IDENTITY: {
mach_msg_type_number_t state_cnt;
thread_state_data_t state;
c_thr_exc_raise_state_id++;
state_cnt = _MachineStateCount[flavor];
kr = thread_getstatus(thread, flavor,
(thread_state_t)state,
&state_cnt);
if (kr == KERN_SUCCESS) {
if (code64) {
kr = mach_exception_raise_state_identity(
exc_port,
retrieve_thread_self_fast(thread),
retrieve_task_self_fast(thread->task),
exception,
code,
codeCnt,
&flavor,
state, state_cnt,
state, &state_cnt);
} else {
kr = exception_raise_state_identity(exc_port,
retrieve_thread_self_fast(thread),
retrieve_task_self_fast(thread->task),
exception,
small_code,
codeCnt,
&flavor,
state, state_cnt,
state, &state_cnt);
}
if (kr == MACH_MSG_SUCCESS)
kr = thread_setstatus(thread, flavor,
(thread_state_t)state,
state_cnt);
}
return kr;
}
default:
panic ("bad exception behavior!");
return KERN_FAILURE;
}/* switch */
}
void sendsig(struct proc *p, user_addr_t ua_catcher, int sig, int mask, __unused uint32_t code)
{
user_addr_t ua_sp;
user_addr_t ua_sip;
user_addr_t trampact;
user_addr_t ua_uctxp;
user_addr_t ua_mctxp;
user_siginfo_t sinfo32;
struct uthread *ut;
struct mcontext mctx32;
struct user_ucontext32 uctx32;
struct sigacts *ps = p->p_sigacts;
void *state;
arm_thread_state_t *tstate32;
mach_msg_type_number_t state_count;
int stack_size = 0;
int infostyle = UC_TRAD;
int oonstack, flavor, error;
proc_unlock(p);
thread_t thread = current_thread();
ut = get_bsdthread_info(thread);
/*
* Set up thread state info.
*/
flavor = ARM_THREAD_STATE;
state = (void *)&mctx32.ss;
state_count = ARM_THREAD_STATE_COUNT;
if (thread_getstatus(thread, flavor, (thread_state_t)state, &state_count) != KERN_SUCCESS)
goto bad;
flavor = ARM_EXCEPTION_STATE;
state = (void *)&mctx32.es;
state_count = ARM_EXCEPTION_STATE_COUNT;
if (thread_getstatus(thread, flavor, (thread_state_t)state, &state_count) != KERN_SUCCESS)
goto bad;
flavor = ARM_VFP_STATE;
state = (void *)&mctx32.fs;
state_count = ARM_VFP_STATE_COUNT;
if (thread_getstatus(thread, flavor, (thread_state_t)state, &state_count) != KERN_SUCCESS)
goto bad;
tstate32 = &mctx32.ss;
/*
* Set the signal style.
*/
if (p->p_sigacts->ps_siginfo & sigmask(sig))
infostyle = UC_FLAVOR;
/*
* Get the signal disposition.
*/
trampact = ps->ps_trampact[sig];
/*
* Figure out where our new stack lives.
*/
oonstack = ut->uu_sigstk.ss_flags & SA_ONSTACK;
if ((ut->uu_flag & UT_ALTSTACK) && !oonstack && (ps->ps_sigonstack & sigmask(sig))) {
ua_sp = ut->uu_sigstk.ss_sp;
ua_sp += ut->uu_sigstk.ss_size;
stack_size = ut->uu_sigstk.ss_size;
ut->uu_sigstk.ss_flags |= SA_ONSTACK;
} else {
ua_sp = tstate32->sp;
}
/*
* Set up the stack.
*/
ua_sp -= UC_FLAVOR_SIZE;
ua_mctxp = ua_sp;
ua_sp -= sizeof(struct user_ucontext32);
ua_uctxp = ua_sp;
ua_sp -= sizeof(siginfo_t);
ua_sip = ua_sp;
/*
* Align the stack pointer.
*/
ua_sp = TRUNC_DOWN32(ua_sp, C_32_STK_ALIGN);
/*
* Build the signal context to be used by sigreturn.
*/
uctx32.uc_onstack = oonstack;
uctx32.uc_sigmask = mask;
uctx32.uc_stack.ss_sp = ua_sp;
uctx32.uc_stack.ss_size = stack_size;
if (oonstack)
uctx32.uc_stack.ss_flags |= SS_ONSTACK;
uctx32.uc_link = 0;
uctx32.uc_mcsize = UC_FLAVOR_SIZE;
uctx32.uc_mcontext = ua_mctxp;
/*
* init siginfo
*/
bzero((caddr_t)&sinfo32, sizeof(user_siginfo_t));
sinfo32.si_signo = sig;
sinfo32.pad[0] = tstate32->sp;
sinfo32.si_addr = tstate32->lr;
switch (sig) {
case SIGILL:
sinfo32.si_code = ILL_NOOP;
break;
case SIGFPE:
sinfo32.si_code = FPE_NOOP;
break;
case SIGBUS:
sinfo32.si_code = BUS_ADRALN;
break;
case SIGSEGV:
sinfo32.si_code = SEGV_ACCERR;
break;
default:
{
int status_and_exitcode;
/*
* All other signals need to fill out a minimum set of
* information for the siginfo structure passed into
* the signal handler, if SA_SIGINFO was specified.
*
* p->si_status actually contains both the status and
* the exit code; we save it off in its own variable
* for later breakdown.
*/
proc_lock(p);
sinfo32.si_pid = p->si_pid;
p->si_pid = 0;
status_and_exitcode = p->si_status;
p->si_status = 0;
sinfo32.si_uid = p->si_uid;
p->si_uid = 0;
sinfo32.si_code = p->si_code;
p->si_code = 0;
proc_unlock(p);
if (sinfo32.si_code == CLD_EXITED) {
if (WIFEXITED(status_and_exitcode))
sinfo32.si_code = CLD_EXITED;
else if (WIFSIGNALED(status_and_exitcode)) {
if (WCOREDUMP(status_and_exitcode)) {
sinfo32.si_code = CLD_DUMPED;
status_and_exitcode = W_EXITCODE(status_and_exitcode, status_and_exitcode);
} else {
sinfo32.si_code = CLD_KILLED;
status_and_exitcode = W_EXITCODE(status_and_exitcode, status_and_exitcode);
}
}
}
/*
* The recorded status contains the exit code and the
* signal information, but the information to be passed
* in the siginfo to the handler is supposed to only
* contain the status, so we have to shift it out.
*/
sinfo32.si_status = WEXITSTATUS(status_and_exitcode);
break;
}
}
/*
* Copy out context info.
*/
if (copyout((caddr_t)&uctx32, ua_uctxp, sizeof(struct user_ucontext32)) != KERN_SUCCESS)
goto bad;
if (copyout((caddr_t)&sinfo32, ua_sip, sizeof(user_siginfo_t)) != KERN_SUCCESS)
goto bad;
if (copyout((caddr_t)&mctx32, ua_mctxp, sizeof(struct mcontext)) != KERN_SUCCESS)
goto bad;
if (copyout((caddr_t)&ua_uctxp, ua_sp, sizeof(user_addr_t)) != KERN_SUCCESS)
goto bad;
/*
* Set up regsiters for the trampoline.
*/
tstate32->r[0] = ua_catcher;
tstate32->r[1] = infostyle;
tstate32->r[2] = sig;
tstate32->r[3] = ua_sip;
tstate32->sp = ua_sp;
if (trampact & 0x01) {
tstate32->lr = trampact;
tstate32->cpsr = 0x10; /* User mode */
} else {
trampact &= ~0x01;
tstate32->lr = trampact;
tstate32->cpsr = 0x10; /* User mode */
tstate32->cpsr |= (1 << 5); /* T-bit */
}
/*
* Call the trampoline.
*/
flavor = ARM_THREAD_STATE;
state_count = ARM_THREAD_STATE_COUNT;
state = (void *)tstate32;
if ((error = thread_setstatus(thread, flavor, (thread_state_t)state, state_count)) != KERN_SUCCESS)
panic("sendsig: thread_setstatus failed, ret = %08X\n", error);
proc_lock(p);
return;
bad:
proc_lock(p);
SIGACTION(p, SIGILL) = SIG_DFL;
sig = sigmask(SIGILL);
p->p_sigignore &= ~sig;
p->p_sigcatch &= ~sig;
ut->uu_sigmask &= ~sig;
/*
* sendsig is called with signal lock held
*/
proc_unlock(p);
psignal_locked(p, SIGILL);
proc_lock(p);
return;
}
int sigreturn(struct proc *p, struct sigreturn_args *uap, __unused int *retval)
{
void *state;
int onstack = 0;
int error, flavor;
thread_t thread;
struct uthread *ut;
struct mcontext mctx32;
struct user_ucontext32 uctx32;
mach_msg_type_number_t state_count;
thread = current_thread();
ut = get_bsdthread_info(thread);
/*
* Retrieve the user context that contains our machine context.
*/
if ((error = copyin(uap->uctx, (void *)&uctx32, sizeof(struct user_ucontext32))) != KERN_SUCCESS)
return (error);
/*
* Validate that our machine context is the right size.
*/
if (uctx32.uc_mcsize != UC_FLAVOR_SIZE)
return (EINVAL);
/*
* Populate our machine context info that we need to restore.
*/
if ((error = copyin(uctx32.uc_mcontext, (void *)&mctx32, UC_FLAVOR_SIZE)) != KERN_SUCCESS)
return (error);
/*
* Restore the signal mask.
*/
ut->uu_sigmask = uctx32.uc_sigmask & ~sigcantmask;
/*
* Restore other signal info.
*/
if ((uctx32.uc_onstack & 0x01))
ut->uu_sigstk.ss_flags |= SA_ONSTACK;
else
ut->uu_sigstk.ss_flags &= ~SA_ONSTACK;
if (ut->uu_siglist & ~ut->uu_sigmask)
signal_setast(thread);
/*
* Restore the states from our machine context.
* NOTE: we don't really need to check on infostyle since state restoring
* for UC_TRAD and UC_FLAVOR is identical on this architecture.
*/
flavor = ARM_THREAD_STATE;
state = (void *)&mctx32.ss;
state_count = ARM_THREAD_STATE_COUNT;
if (thread_setstatus(thread, flavor, (thread_state_t)state, state_count) != KERN_SUCCESS)
return (EINVAL);
flavor = ARM_VFP_STATE;
state = (void *)&mctx32.fs;
state_count = ARM_VFP_STATE_COUNT;
if (thread_setstatus(thread, flavor, (thread_state_t)state, state_count) != KERN_SUCCESS)
return (EINVAL);
return (EJUSTRETURN);
}
void sendsig(struct proc *p, user_addr_t ua_catcher, int sig, int mask, __unused uint32_t code)
{
struct mcontext mctx;
thread_t th_act;
struct uthread *ut;
void *tstate;
int flavor;
user_addr_t p_mctx = USER_ADDR_NULL; /* mcontext dest. */
int infostyle = UC_TRAD;
mach_msg_type_number_t state_count;
user_addr_t trampact;
int oonstack;
struct user_ucontext32 uctx;
user_addr_t sp;
user_addr_t p_uctx; /* user stack addr top copy ucontext */
user_siginfo_t sinfo;
user_addr_t p_sinfo; /* user stack addr top copy siginfo */
struct sigacts *ps = p->p_sigacts;
int stack_size = 0;
kern_return_t kretn;
th_act = current_thread();
kprintf("sendsig: Sending signal to thread %p, code %d.\n", th_act, sig);
return;
ut = get_bsdthread_info(th_act);
if (p->p_sigacts->ps_siginfo & sigmask(sig)) {
infostyle = UC_FLAVOR;
}
flavor = ARM_THREAD_STATE;
tstate = (void *) &mctx.ss;
state_count = ARM_THREAD_STATE_COUNT;
if (thread_getstatus(th_act, flavor, (thread_state_t) tstate, &state_count) != KERN_SUCCESS)
goto bad;
trampact = ps->ps_trampact[sig];
oonstack = ut->uu_sigstk.ss_flags & SA_ONSTACK;
/*
* figure out where our new stack lives
*/
if ((ut->uu_flag & UT_ALTSTACK) && !oonstack && (ps->ps_sigonstack & sigmask(sig))) {
sp = ut->uu_sigstk.ss_sp;
sp += ut->uu_sigstk.ss_size;
stack_size = ut->uu_sigstk.ss_size;
ut->uu_sigstk.ss_flags |= SA_ONSTACK;
} else {
sp = CAST_USER_ADDR_T(mctx.ss.sp);
}
/*
* context goes first on stack
*/
sp -= sizeof(struct ucontext);
p_uctx = sp;
/*
* this is where siginfo goes on stack
*/
sp -= sizeof(user32_siginfo_t);
p_sinfo = sp;
/*
* final stack pointer
*/
sp = TRUNC_DOWN32(sp, C_32_PARAMSAVE_LEN + C_32_LINKAGE_LEN, C_32_STK_ALIGN);
uctx.uc_mcsize = (size_t) ((ARM_THREAD_STATE_COUNT) * sizeof(int));
uctx.uc_onstack = oonstack;
uctx.uc_sigmask = mask;
uctx.uc_stack.ss_sp = sp;
uctx.uc_stack.ss_size = stack_size;
if (oonstack)
uctx.uc_stack.ss_flags |= SS_ONSTACK;
uctx.uc_link = 0;
/*
* setup siginfo
*/
bzero((caddr_t) & sinfo, sizeof(sinfo));
sinfo.si_signo = sig;
sinfo.si_addr = CAST_USER_ADDR_T(mctx.ss.pc);
sinfo.pad[0] = CAST_USER_ADDR_T(mctx.ss.sp);
switch (sig) {
case SIGILL:
sinfo.si_code = ILL_NOOP;
break;
case SIGFPE:
sinfo.si_code = FPE_NOOP;
break;
case SIGBUS:
sinfo.si_code = BUS_ADRALN;
break;
case SIGSEGV:
sinfo.si_code = SEGV_ACCERR;
break;
default:
{
int status_and_exitcode;
/*
* All other signals need to fill out a minimum set of
* information for the siginfo structure passed into
* the signal handler, if SA_SIGINFO was specified.
*
* p->si_status actually contains both the status and
* the exit code; we save it off in its own variable
* for later breakdown.
*/
proc_lock(p);
sinfo.si_pid = p->si_pid;
p->si_pid = 0;
status_and_exitcode = p->si_status;
p->si_status = 0;
sinfo.si_uid = p->si_uid;
p->si_uid = 0;
sinfo.si_code = p->si_code;
p->si_code = 0;
proc_unlock(p);
if (sinfo.si_code == CLD_EXITED) {
if (WIFEXITED(status_and_exitcode))
sinfo.si_code = CLD_EXITED;
else if (WIFSIGNALED(status_and_exitcode)) {
if (WCOREDUMP(status_and_exitcode)) {
sinfo.si_code = CLD_DUMPED;
status_and_exitcode = W_EXITCODE(status_and_exitcode, status_and_exitcode);
} else {
sinfo.si_code = CLD_KILLED;
status_and_exitcode = W_EXITCODE(status_and_exitcode, status_and_exitcode);
}
}
}
/*
* The recorded status contains the exit code and the
* signal information, but the information to be passed
* in the siginfo to the handler is supposed to only
* contain the status, so we have to shift it out.
*/
sinfo.si_status = WEXITSTATUS(status_and_exitcode);
break;
}
}
if (copyout(&uctx, p_uctx, sizeof(struct user_ucontext32)))
goto bad;
if (copyout(&sinfo, p_sinfo, sizeof(sinfo)))
goto bad;
/*
* set signal registers, these are probably wrong..
*/
{
mctx.ss.r[0] = CAST_DOWN(uint32_t, ua_catcher);
mctx.ss.r[1] = (uint32_t) infostyle;
mctx.ss.r[2] = (uint32_t) sig;
mctx.ss.r[3] = CAST_DOWN(uint32_t, p_sinfo);
mctx.ss.r[4] = CAST_DOWN(uint32_t, p_uctx);
mctx.ss.pc = CAST_DOWN(uint32_t, trampact);
mctx.ss.sp = CAST_DOWN(uint32_t, sp);
state_count = ARM_THREAD_STATE_COUNT;
printf("sendsig: Sending signal to thread %p, code %d, new pc 0x%08x\n", th_act, sig, trampact);
if ((kretn = thread_setstatus(th_act, ARM_THREAD_STATE, (void *) &mctx.ss, state_count)) != KERN_SUCCESS) {
panic("sendsig: thread_setstatus failed, ret = %08X\n", kretn);
}
}
proc_lock(p);
return;
bad:
proc_lock(p);
SIGACTION(p, SIGILL) = SIG_DFL;
sig = sigmask(SIGILL);
p->p_sigignore &= ~sig;
p->p_sigcatch &= ~sig;
ut->uu_sigmask &= ~sig;
/*
* sendsig is called with signal lock held
*/
proc_unlock(p);
psignal_locked(p, SIGILL);
proc_lock(p);
return;
}
