2014-11-25 14:29:46 -05:00
|
|
|
|
// Copyright 2014 The Crashpad Authors. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
2014-12-02 17:02:32 -05:00
|
|
|
|
#ifndef CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_
|
|
|
|
|
#define CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_
|
2014-11-25 14:29:46 -05:00
|
|
|
|
|
|
|
|
|
#include <mach/mach.h>
|
2014-12-02 17:09:08 -05:00
|
|
|
|
#include <stdint.h>
|
2015-03-12 14:00:38 -04:00
|
|
|
|
#include <sys/types.h>
|
2014-12-02 17:09:08 -05:00
|
|
|
|
|
2014-11-25 14:29:46 -05:00
|
|
|
|
namespace crashpad {
|
|
|
|
|
|
2015-03-12 14:00:38 -04:00
|
|
|
|
//! \brief A Mach message option specifying that an audit trailer should be
|
|
|
|
|
//! delivered during a receive operation.
|
|
|
|
|
//!
|
|
|
|
|
//! This constant is provided because the macros normally used to request this
|
|
|
|
|
//! behavior are cumbersome.
|
|
|
|
|
const mach_msg_option_t kMachMessageReceiveAuditTrailer =
|
|
|
|
|
MACH_RCV_TRAILER_TYPE(MACH_MSG_TRAILER_FORMAT_0) |
|
|
|
|
|
MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_AUDIT);
|
|
|
|
|
|
2014-12-10 11:11:21 -05:00
|
|
|
|
//! \brief Special constants used as `mach_msg_timeout_t` values.
|
|
|
|
|
enum : mach_msg_timeout_t {
|
|
|
|
|
//! \brief When passed to MachMessageDeadlineFromTimeout(), that function will
|
|
|
|
|
//! return #kMachMessageDeadlineNonblocking.
|
|
|
|
|
kMachMessageTimeoutNonblocking = 0,
|
|
|
|
|
|
|
|
|
|
//! \brief When passed to MachMessageDeadlineFromTimeout(), that function will
|
|
|
|
|
//! return #kMachMessageDeadlineWaitIndefinitely.
|
|
|
|
|
kMachMessageTimeoutWaitIndefinitely = 0xffffffff,
|
|
|
|
|
};
|
|
|
|
|
|
2014-12-02 17:09:08 -05:00
|
|
|
|
//! \brief The time before which a MachMessageWithDeadline() call should
|
|
|
|
|
//! complete.
|
|
|
|
|
//!
|
|
|
|
|
//! A value of this type may be one of the special constants
|
2014-12-10 11:11:21 -05:00
|
|
|
|
//! #kMachMessageDeadlineNonblocking or #kMachMessageDeadlineWaitIndefinitely.
|
|
|
|
|
//! Any other values should be produced by calling
|
|
|
|
|
//! MachMessageDeadlineFromTimeout().
|
2014-12-02 17:09:08 -05:00
|
|
|
|
//!
|
|
|
|
|
//! Internally, these are currently specified on the same time base as
|
|
|
|
|
//! ClockMonotonicNanoseconds(), although this is an implementation detail.
|
|
|
|
|
using MachMessageDeadline = uint64_t;
|
|
|
|
|
|
doc: Fix all Doxygen warnings, cleaning up some generated documentation
This makes Doxygen’s output more actionable by setting QUIET = YES to
suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent
warnings for undocumented classes and members from being generated. The
latter is too noisy, producing 721 warnings in the current codebase.
The remaining warnings produced by Doxygen were useful and actionable.
They fell into two categories: abuses of Doxygen’s markup syntax, and
missing (or misspelled) parameter documentation. In a small number of
cases, pass-through parameters had intentionally been left undocumented.
In these cases, they are now given blank \param descriptions. This is
not optimal, but there doesn’t appear to be any other way to tell
Doxygen to allow a single parameter to be undocumented.
Some tricky Doxygen errors were resolved by asking it to not enter
directiores that we do not provide documentation in (such as the
“on-platform” compat directories, compat/mac and compat/win, as well as
compat/non_cxx11_lib) while allowing it to enter the
“off-platform” directories that we do document (compat/non_mac and
compat/non_win).
A Doxygen run (doc/support/generate_doxygen.sh) now produces no output
at all. It would produce warnings if any were triggered.
Not directly related, but still relevant to documentation,
doc/support/generate.sh is updated to remove temporary removals of
now-extinct files and directories. doc/appengine/README is updated so
that a consistent path to “goapp” is used throughout the file.
Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1
Reviewed-on: https://chromium-review.googlesource.com/408812
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
|
|
|
|
//! \brief Special constants used as \ref crashpad::MachMessageDeadline
|
|
|
|
|
//! "MachMessageDeadline" values.
|
2014-12-02 17:09:08 -05:00
|
|
|
|
enum : MachMessageDeadline {
|
|
|
|
|
//! \brief MachMessageWithDeadline() should not block at all in its operation.
|
2014-12-10 11:11:21 -05:00
|
|
|
|
kMachMessageDeadlineNonblocking = 0,
|
2014-12-02 17:09:08 -05:00
|
|
|
|
|
|
|
|
|
//! \brief MachMessageWithDeadline() should wait indefinitely for the
|
|
|
|
|
//! requested operation to complete.
|
2014-12-10 11:11:21 -05:00
|
|
|
|
kMachMessageDeadlineWaitIndefinitely = 0xffffffffffffffff,
|
2014-12-02 17:09:08 -05:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
//! \brief Computes the deadline for a specified timeout value.
|
|
|
|
|
//!
|
|
|
|
|
//! While deadlines exist on an absolute time scale, timeouts are relative. This
|
|
|
|
|
//! function calculates the deadline as \a timeout_ms milliseconds after it
|
|
|
|
|
//! executes.
|
|
|
|
|
//!
|
2014-12-10 11:11:21 -05:00
|
|
|
|
//! If \a timeout_ms is #kMachMessageDeadlineNonblocking, this function will
|
|
|
|
|
//! return #kMachMessageDeadlineNonblocking. If \a timeout_ms is
|
|
|
|
|
//! #kMachMessageTimeoutWaitIndefinitely, this function will return
|
|
|
|
|
//! #kMachMessageDeadlineWaitIndefinitely.
|
2014-12-02 17:09:08 -05:00
|
|
|
|
MachMessageDeadline MachMessageDeadlineFromTimeout(
|
|
|
|
|
mach_msg_timeout_t timeout_ms);
|
|
|
|
|
|
|
|
|
|
//! \brief Runs `mach_msg()` with a deadline, as opposed to a timeout.
|
|
|
|
|
//!
|
|
|
|
|
//! This function is similar to `mach_msg()`, with the following differences:
|
|
|
|
|
//! - The `timeout` parameter has been replaced by \a deadline. The deadline
|
|
|
|
|
//! applies uniformly to a call that is requested to both send and receive
|
|
|
|
|
//! a message.
|
|
|
|
|
//! - The `MACH_SEND_TIMEOUT` and `MACH_RCV_TIMEOUT` bits in \a options are
|
|
|
|
|
//! not used. Timeouts are specified by the \a deadline argument.
|
|
|
|
|
//! - The `send_size` parameter has been removed. Its value is implied by
|
|
|
|
|
//! \a message when \a options contains `MACH_SEND_MSG`.
|
|
|
|
|
//! - The \a run_even_if_expired parameter has been added.
|
|
|
|
|
//!
|
|
|
|
|
//! Like the `mach_msg()` wrapper in `libsyscall`, this function will retry
|
|
|
|
|
//! operations when experiencing `MACH_SEND_INTERRUPTED` and
|
|
|
|
|
//! `MACH_RCV_INTERRUPTED`, unless \a options contains `MACH_SEND_INTERRUPT` or
|
|
|
|
|
//! `MACH_RCV_INTERRUPT`. Unlike `mach_msg()`, which restarts the call with the
|
|
|
|
|
//! full timeout when this occurs, this function continues enforcing the
|
|
|
|
|
//! user-specified \a deadline.
|
|
|
|
|
//!
|
|
|
|
|
//! Except as noted, the parameters and return value are identical to those of
|
|
|
|
|
//! `mach_msg()`.
|
|
|
|
|
//!
|
doc: Fix all Doxygen warnings, cleaning up some generated documentation
This makes Doxygen’s output more actionable by setting QUIET = YES to
suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent
warnings for undocumented classes and members from being generated. The
latter is too noisy, producing 721 warnings in the current codebase.
The remaining warnings produced by Doxygen were useful and actionable.
They fell into two categories: abuses of Doxygen’s markup syntax, and
missing (or misspelled) parameter documentation. In a small number of
cases, pass-through parameters had intentionally been left undocumented.
In these cases, they are now given blank \param descriptions. This is
not optimal, but there doesn’t appear to be any other way to tell
Doxygen to allow a single parameter to be undocumented.
Some tricky Doxygen errors were resolved by asking it to not enter
directiores that we do not provide documentation in (such as the
“on-platform” compat directories, compat/mac and compat/win, as well as
compat/non_cxx11_lib) while allowing it to enter the
“off-platform” directories that we do document (compat/non_mac and
compat/non_win).
A Doxygen run (doc/support/generate_doxygen.sh) now produces no output
at all. It would produce warnings if any were triggered.
Not directly related, but still relevant to documentation,
doc/support/generate.sh is updated to remove temporary removals of
now-extinct files and directories. doc/appengine/README is updated so
that a consistent path to “goapp” is used throughout the file.
Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1
Reviewed-on: https://chromium-review.googlesource.com/408812
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
|
|
|
|
//! \param[in,out] message
|
|
|
|
|
//! \param[in] options
|
|
|
|
|
//! \param[in] receive_size
|
|
|
|
|
//! \param[in] receive_port
|
2014-12-02 17:09:08 -05:00
|
|
|
|
//! \param[in] deadline The time by which this call should complete. If the
|
|
|
|
|
//! deadline is exceeded, this call will return `MACH_SEND_TIMED_OUT` or
|
|
|
|
|
//! `MACH_RCV_TIMED_OUT`.
|
doc: Fix all Doxygen warnings, cleaning up some generated documentation
This makes Doxygen’s output more actionable by setting QUIET = YES to
suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent
warnings for undocumented classes and members from being generated. The
latter is too noisy, producing 721 warnings in the current codebase.
The remaining warnings produced by Doxygen were useful and actionable.
They fell into two categories: abuses of Doxygen’s markup syntax, and
missing (or misspelled) parameter documentation. In a small number of
cases, pass-through parameters had intentionally been left undocumented.
In these cases, they are now given blank \param descriptions. This is
not optimal, but there doesn’t appear to be any other way to tell
Doxygen to allow a single parameter to be undocumented.
Some tricky Doxygen errors were resolved by asking it to not enter
directiores that we do not provide documentation in (such as the
“on-platform” compat directories, compat/mac and compat/win, as well as
compat/non_cxx11_lib) while allowing it to enter the
“off-platform” directories that we do document (compat/non_mac and
compat/non_win).
A Doxygen run (doc/support/generate_doxygen.sh) now produces no output
at all. It would produce warnings if any were triggered.
Not directly related, but still relevant to documentation,
doc/support/generate.sh is updated to remove temporary removals of
now-extinct files and directories. doc/appengine/README is updated so
that a consistent path to “goapp” is used throughout the file.
Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1
Reviewed-on: https://chromium-review.googlesource.com/408812
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
|
|
|
|
//! \param[in] notify_port
|
2014-12-02 17:09:08 -05:00
|
|
|
|
//! \param[in] run_even_if_expired If `true`, a deadline that is expired when
|
|
|
|
|
//! this function is called will be treated as though a deadline of
|
2014-12-10 11:11:21 -05:00
|
|
|
|
//! #kMachMessageDeadlineNonblocking had been specified. When `false`, an
|
|
|
|
|
//! expired deadline will result in a `MACH_SEND_TIMED_OUT` or
|
|
|
|
|
//! `MACH_RCV_TIMED_OUT` return value, even if the deadline is already
|
|
|
|
|
//! expired when the function is called.
|
doc: Fix all Doxygen warnings, cleaning up some generated documentation
This makes Doxygen’s output more actionable by setting QUIET = YES to
suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent
warnings for undocumented classes and members from being generated. The
latter is too noisy, producing 721 warnings in the current codebase.
The remaining warnings produced by Doxygen were useful and actionable.
They fell into two categories: abuses of Doxygen’s markup syntax, and
missing (or misspelled) parameter documentation. In a small number of
cases, pass-through parameters had intentionally been left undocumented.
In these cases, they are now given blank \param descriptions. This is
not optimal, but there doesn’t appear to be any other way to tell
Doxygen to allow a single parameter to be undocumented.
Some tricky Doxygen errors were resolved by asking it to not enter
directiores that we do not provide documentation in (such as the
“on-platform” compat directories, compat/mac and compat/win, as well as
compat/non_cxx11_lib) while allowing it to enter the
“off-platform” directories that we do document (compat/non_mac and
compat/non_win).
A Doxygen run (doc/support/generate_doxygen.sh) now produces no output
at all. It would produce warnings if any were triggered.
Not directly related, but still relevant to documentation,
doc/support/generate.sh is updated to remove temporary removals of
now-extinct files and directories. doc/appengine/README is updated so
that a consistent path to “goapp” is used throughout the file.
Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1
Reviewed-on: https://chromium-review.googlesource.com/408812
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
|
|
|
|
//!
|
|
|
|
|
//! \return The return value of `mach_msg()`
|
2014-12-02 17:09:08 -05:00
|
|
|
|
mach_msg_return_t MachMessageWithDeadline(mach_msg_header_t* message,
|
|
|
|
|
mach_msg_option_t options,
|
|
|
|
|
mach_msg_size_t receive_size,
|
|
|
|
|
mach_port_name_t receive_port,
|
|
|
|
|
MachMessageDeadline deadline,
|
|
|
|
|
mach_port_name_t notify_port,
|
|
|
|
|
bool run_even_if_expired);
|
|
|
|
|
|
2014-11-25 14:29:46 -05:00
|
|
|
|
//! \brief Initializes a reply message for a MIG server routine based on its
|
|
|
|
|
//! corresponding request.
|
|
|
|
|
//!
|
|
|
|
|
//! If a request is handled by a server routine, it may be necessary to revise
|
|
|
|
|
//! some of the fields set by this function, such as `msgh_size` and any fields
|
|
|
|
|
//! defined in a routine’s reply structure type.
|
|
|
|
|
//!
|
|
|
|
|
//! \param[in] in_header The request message to base the reply on.
|
|
|
|
|
//! \param[out] out_header The reply message to initialize. \a out_header will
|
|
|
|
|
//! be treated as a `mig_reply_error_t*` and all of its fields will be set
|
|
|
|
|
//! except for `RetCode`, which must be set by SetMIGReplyError(). This
|
|
|
|
|
//! argument is accepted as a `mach_msg_header_t*` instead of a
|
|
|
|
|
//! `mig_reply_error_t*` because that is the type that callers are expected
|
|
|
|
|
//! to possess in the C API.
|
|
|
|
|
void PrepareMIGReplyFromRequest(const mach_msg_header_t* in_header,
|
|
|
|
|
mach_msg_header_t* out_header);
|
|
|
|
|
|
|
|
|
|
//! \brief Sets the error code in a reply message for a MIG server routine.
|
|
|
|
|
//!
|
doc: Fix all Doxygen warnings, cleaning up some generated documentation
This makes Doxygen’s output more actionable by setting QUIET = YES to
suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent
warnings for undocumented classes and members from being generated. The
latter is too noisy, producing 721 warnings in the current codebase.
The remaining warnings produced by Doxygen were useful and actionable.
They fell into two categories: abuses of Doxygen’s markup syntax, and
missing (or misspelled) parameter documentation. In a small number of
cases, pass-through parameters had intentionally been left undocumented.
In these cases, they are now given blank \param descriptions. This is
not optimal, but there doesn’t appear to be any other way to tell
Doxygen to allow a single parameter to be undocumented.
Some tricky Doxygen errors were resolved by asking it to not enter
directiores that we do not provide documentation in (such as the
“on-platform” compat directories, compat/mac and compat/win, as well as
compat/non_cxx11_lib) while allowing it to enter the
“off-platform” directories that we do document (compat/non_mac and
compat/non_win).
A Doxygen run (doc/support/generate_doxygen.sh) now produces no output
at all. It would produce warnings if any were triggered.
Not directly related, but still relevant to documentation,
doc/support/generate.sh is updated to remove temporary removals of
now-extinct files and directories. doc/appengine/README is updated so
that a consistent path to “goapp” is used throughout the file.
Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1
Reviewed-on: https://chromium-review.googlesource.com/408812
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
|
|
|
|
//! \param[in,out] out_header The reply message to operate on. \a out_header
|
|
|
|
|
//! will be treated as a `mig_reply_error_t*` and its `RetCode` field will
|
|
|
|
|
//! be set. This argument is accepted as a `mach_msg_header_t*` instead of a
|
2014-11-25 14:29:46 -05:00
|
|
|
|
//! `mig_reply_error_t*` because that is the type that callers are expected
|
|
|
|
|
//! to possess in the C API.
|
|
|
|
|
//! \param[in] error The error code to store in \a out_header.
|
|
|
|
|
//!
|
|
|
|
|
//! \sa PrepareMIGReplyFromRequest()
|
|
|
|
|
void SetMIGReplyError(mach_msg_header_t* out_header, kern_return_t error);
|
|
|
|
|
|
2014-12-01 16:06:56 -05:00
|
|
|
|
//! \brief Returns a Mach message trailer for a message that has been received.
|
|
|
|
|
//!
|
|
|
|
|
//! This function must only be called on Mach messages that have been received
|
|
|
|
|
//! via the Mach messaging interface, such as `mach_msg()`. Messages constructed
|
|
|
|
|
//! for sending do not contain trailers.
|
|
|
|
|
//!
|
|
|
|
|
//! \param[in] header A pointer to a received Mach message.
|
|
|
|
|
//!
|
|
|
|
|
//! \return A pointer to the trailer following the received Mach message’s body.
|
|
|
|
|
//! The contents of the trailer depend on the options provided to
|
|
|
|
|
//! `mach_msg()` or a similar function when the message was received.
|
|
|
|
|
const mach_msg_trailer_t* MachMessageTrailerFromHeader(
|
|
|
|
|
const mach_msg_header_t* header);
|
|
|
|
|
|
2015-03-12 14:00:38 -04:00
|
|
|
|
//! \brief Returns the process ID of a Mach message’s sender from its audit
|
|
|
|
|
//! trailer.
|
|
|
|
|
//!
|
|
|
|
|
//! For the audit trailer to be present, the message must have been received
|
|
|
|
|
//! with #kMachMessageReceiveAuditTrailer or its macro equivalent specified in
|
|
|
|
|
//! the receive options.
|
|
|
|
|
//!
|
|
|
|
|
//! If the kernel is the message’s sender, a process ID of `0` will be returned.
|
|
|
|
|
//!
|
|
|
|
|
//! \param[in] trailer The trailer received with a Mach message.
|
|
|
|
|
//!
|
|
|
|
|
//! \return The process ID of the message’s sender, or `-1` on failure with a
|
|
|
|
|
//! message logged. It is considered a failure for \a trailer to not contain
|
|
|
|
|
//! audit information.
|
|
|
|
|
pid_t AuditPIDFromMachMessageTrailer(const mach_msg_trailer_t* trailer);
|
|
|
|
|
|
2015-10-29 14:14:15 -04:00
|
|
|
|
//! \brief Destroys or deallocates a Mach port received in a Mach message.
|
|
|
|
|
//!
|
|
|
|
|
//! This function disposes of port rights received in a Mach message. Receive
|
|
|
|
|
//! rights will be destroyed with `mach_port_mod_refs()`. Send and send-once
|
|
|
|
|
//! rights will be deallocated with `mach_port_deallocate()`.
|
|
|
|
|
//!
|
|
|
|
|
//! \param[in] port The port to destroy or deallocate.
|
|
|
|
|
//! \param[in] port_right_type The right type held for \a port:
|
|
|
|
|
//! `MACH_MSG_TYPE_PORT_RECEIVE`, `MACH_MSG_TYPE_PORT_SEND`, or
|
|
|
|
|
//! `MACH_MSG_TYPE_PORT_SEND_ONCE`.
|
|
|
|
|
//!
|
|
|
|
|
//! \return `true` on success, or `false` on failure with a message logged.
|
|
|
|
|
bool MachMessageDestroyReceivedPort(mach_port_t port,
|
|
|
|
|
mach_msg_type_name_t port_right_type);
|
|
|
|
|
|
2014-11-25 14:29:46 -05:00
|
|
|
|
} // namespace crashpad
|
|
|
|
|
|
2014-12-02 17:02:32 -05:00
|
|
|
|
#endif // CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_
|