crashpad/util/mach/mach_message.h

209 lines
9.2 KiB
C
Raw Normal View History

// Copyright 2014 The Crashpad Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_
#define CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_
#include <mach/mach.h>
#include <stdint.h>
#include <sys/types.h>
#include "build/build_config.h"
namespace crashpad {
//! \brief A Mach message option specifying that an audit trailer should be
//! delivered during a receive operation.
//!
//! This constant is provided because the macros normally used to request this
//! behavior are cumbersome.
constexpr mach_msg_option_t kMachMessageReceiveAuditTrailer =
MACH_RCV_TRAILER_TYPE(MACH_MSG_TRAILER_FORMAT_0) |
MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_AUDIT);
//! \brief Special constants used as `mach_msg_timeout_t` values.
enum : mach_msg_timeout_t {
//! \brief When passed to MachMessageDeadlineFromTimeout(), that function will
//! return #kMachMessageDeadlineNonblocking.
kMachMessageTimeoutNonblocking = 0,
//! \brief When passed to MachMessageDeadlineFromTimeout(), that function will
//! return #kMachMessageDeadlineWaitIndefinitely.
kMachMessageTimeoutWaitIndefinitely = 0xffffffff,
};
//! \brief The time before which a MachMessageWithDeadline() call should
//! complete.
//!
//! A value of this type may be one of the special constants
//! #kMachMessageDeadlineNonblocking or #kMachMessageDeadlineWaitIndefinitely.
//! Any other values should be produced by calling
//! MachMessageDeadlineFromTimeout().
//!
//! Internally, these are currently specified on the same time base as
//! ClockMonotonicNanoseconds(), although this is an implementation detail.
using MachMessageDeadline = uint64_t;
doc: Fix all Doxygen warnings, cleaning up some generated documentation This makes Doxygen’s output more actionable by setting QUIET = YES to suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent warnings for undocumented classes and members from being generated. The latter is too noisy, producing 721 warnings in the current codebase. The remaining warnings produced by Doxygen were useful and actionable. They fell into two categories: abuses of Doxygen’s markup syntax, and missing (or misspelled) parameter documentation. In a small number of cases, pass-through parameters had intentionally been left undocumented. In these cases, they are now given blank \param descriptions. This is not optimal, but there doesn’t appear to be any other way to tell Doxygen to allow a single parameter to be undocumented. Some tricky Doxygen errors were resolved by asking it to not enter directiores that we do not provide documentation in (such as the “on-platform” compat directories, compat/mac and compat/win, as well as compat/non_cxx11_lib) while allowing it to enter the “off-platform” directories that we do document (compat/non_mac and compat/non_win). A Doxygen run (doc/support/generate_doxygen.sh) now produces no output at all. It would produce warnings if any were triggered. Not directly related, but still relevant to documentation, doc/support/generate.sh is updated to remove temporary removals of now-extinct files and directories. doc/appengine/README is updated so that a consistent path to “goapp” is used throughout the file. Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1 Reviewed-on: https://chromium-review.googlesource.com/408812 Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
//! \brief Special constants used as \ref crashpad::MachMessageDeadline
//! "MachMessageDeadline" values.
enum : MachMessageDeadline {
//! \brief MachMessageWithDeadline() should not block at all in its operation.
kMachMessageDeadlineNonblocking = 0,
//! \brief MachMessageWithDeadline() should wait indefinitely for the
//! requested operation to complete.
kMachMessageDeadlineWaitIndefinitely = 0xffffffffffffffff,
};
//! \brief Computes the deadline for a specified timeout value.
//!
//! While deadlines exist on an absolute time scale, timeouts are relative. This
//! function calculates the deadline as \a timeout_ms milliseconds after it
//! executes.
//!
//! If \a timeout_ms is #kMachMessageDeadlineNonblocking, this function will
//! return #kMachMessageDeadlineNonblocking. If \a timeout_ms is
//! #kMachMessageTimeoutWaitIndefinitely, this function will return
//! #kMachMessageDeadlineWaitIndefinitely.
MachMessageDeadline MachMessageDeadlineFromTimeout(
mach_msg_timeout_t timeout_ms);
//! \brief Runs `mach_msg()` with a deadline, as opposed to a timeout.
//!
//! This function is similar to `mach_msg()`, with the following differences:
//! - The `timeout` parameter has been replaced by \a deadline. The deadline
//! applies uniformly to a call that is requested to both send and receive
//! a message.
//! - The `MACH_SEND_TIMEOUT` and `MACH_RCV_TIMEOUT` bits in \a options are
//! not used. Timeouts are specified by the \a deadline argument.
//! - The `send_size` parameter has been removed. Its value is implied by
//! \a message when \a options contains `MACH_SEND_MSG`.
//! - The \a run_even_if_expired parameter has been added.
//!
//! Like the `mach_msg()` wrapper in `libsyscall`, this function will retry
//! operations when experiencing `MACH_SEND_INTERRUPTED` and
//! `MACH_RCV_INTERRUPTED`, unless \a options contains `MACH_SEND_INTERRUPT` or
//! `MACH_RCV_INTERRUPT`. Unlike `mach_msg()`, which restarts the call with the
//! full timeout when this occurs, this function continues enforcing the
//! user-specified \a deadline.
//!
//! Except as noted, the parameters and return value are identical to those of
//! `mach_msg()`.
//!
doc: Fix all Doxygen warnings, cleaning up some generated documentation This makes Doxygen’s output more actionable by setting QUIET = YES to suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent warnings for undocumented classes and members from being generated. The latter is too noisy, producing 721 warnings in the current codebase. The remaining warnings produced by Doxygen were useful and actionable. They fell into two categories: abuses of Doxygen’s markup syntax, and missing (or misspelled) parameter documentation. In a small number of cases, pass-through parameters had intentionally been left undocumented. In these cases, they are now given blank \param descriptions. This is not optimal, but there doesn’t appear to be any other way to tell Doxygen to allow a single parameter to be undocumented. Some tricky Doxygen errors were resolved by asking it to not enter directiores that we do not provide documentation in (such as the “on-platform” compat directories, compat/mac and compat/win, as well as compat/non_cxx11_lib) while allowing it to enter the “off-platform” directories that we do document (compat/non_mac and compat/non_win). A Doxygen run (doc/support/generate_doxygen.sh) now produces no output at all. It would produce warnings if any were triggered. Not directly related, but still relevant to documentation, doc/support/generate.sh is updated to remove temporary removals of now-extinct files and directories. doc/appengine/README is updated so that a consistent path to “goapp” is used throughout the file. Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1 Reviewed-on: https://chromium-review.googlesource.com/408812 Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
//! \param[in,out] message
//! \param[in] options
//! \param[in] receive_size
//! \param[in] receive_port
//! \param[in] deadline The time by which this call should complete. If the
//! deadline is exceeded, this call will return `MACH_SEND_TIMED_OUT` or
//! `MACH_RCV_TIMED_OUT`.
doc: Fix all Doxygen warnings, cleaning up some generated documentation This makes Doxygen’s output more actionable by setting QUIET = YES to suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent warnings for undocumented classes and members from being generated. The latter is too noisy, producing 721 warnings in the current codebase. The remaining warnings produced by Doxygen were useful and actionable. They fell into two categories: abuses of Doxygen’s markup syntax, and missing (or misspelled) parameter documentation. In a small number of cases, pass-through parameters had intentionally been left undocumented. In these cases, they are now given blank \param descriptions. This is not optimal, but there doesn’t appear to be any other way to tell Doxygen to allow a single parameter to be undocumented. Some tricky Doxygen errors were resolved by asking it to not enter directiores that we do not provide documentation in (such as the “on-platform” compat directories, compat/mac and compat/win, as well as compat/non_cxx11_lib) while allowing it to enter the “off-platform” directories that we do document (compat/non_mac and compat/non_win). A Doxygen run (doc/support/generate_doxygen.sh) now produces no output at all. It would produce warnings if any were triggered. Not directly related, but still relevant to documentation, doc/support/generate.sh is updated to remove temporary removals of now-extinct files and directories. doc/appengine/README is updated so that a consistent path to “goapp” is used throughout the file. Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1 Reviewed-on: https://chromium-review.googlesource.com/408812 Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
//! \param[in] notify_port
//! \param[in] run_even_if_expired If `true`, a deadline that is expired when
//! this function is called will be treated as though a deadline of
//! #kMachMessageDeadlineNonblocking had been specified. When `false`, an
//! expired deadline will result in a `MACH_SEND_TIMED_OUT` or
//! `MACH_RCV_TIMED_OUT` return value, even if the deadline is already
//! expired when the function is called.
doc: Fix all Doxygen warnings, cleaning up some generated documentation This makes Doxygen’s output more actionable by setting QUIET = YES to suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent warnings for undocumented classes and members from being generated. The latter is too noisy, producing 721 warnings in the current codebase. The remaining warnings produced by Doxygen were useful and actionable. They fell into two categories: abuses of Doxygen’s markup syntax, and missing (or misspelled) parameter documentation. In a small number of cases, pass-through parameters had intentionally been left undocumented. In these cases, they are now given blank \param descriptions. This is not optimal, but there doesn’t appear to be any other way to tell Doxygen to allow a single parameter to be undocumented. Some tricky Doxygen errors were resolved by asking it to not enter directiores that we do not provide documentation in (such as the “on-platform” compat directories, compat/mac and compat/win, as well as compat/non_cxx11_lib) while allowing it to enter the “off-platform” directories that we do document (compat/non_mac and compat/non_win). A Doxygen run (doc/support/generate_doxygen.sh) now produces no output at all. It would produce warnings if any were triggered. Not directly related, but still relevant to documentation, doc/support/generate.sh is updated to remove temporary removals of now-extinct files and directories. doc/appengine/README is updated so that a consistent path to “goapp” is used throughout the file. Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1 Reviewed-on: https://chromium-review.googlesource.com/408812 Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
//!
//! \return The return value of `mach_msg()`
mach_msg_return_t MachMessageWithDeadline(mach_msg_header_t* message,
mach_msg_option_t options,
mach_msg_size_t receive_size,
mach_port_name_t receive_port,
MachMessageDeadline deadline,
mach_port_name_t notify_port,
bool run_even_if_expired);
//! \brief Initializes a reply message for a MIG server routine based on its
//! corresponding request.
//!
//! If a request is handled by a server routine, it may be necessary to revise
//! some of the fields set by this function, such as `msgh_size` and any fields
//! defined in a routines reply structure type.
//!
//! \param[in] in_header The request message to base the reply on.
//! \param[out] out_header The reply message to initialize. \a out_header will
//! be treated as a `mig_reply_error_t*` and all of its fields will be set
//! except for `RetCode`, which must be set by SetMIGReplyError(). This
//! argument is accepted as a `mach_msg_header_t*` instead of a
//! `mig_reply_error_t*` because that is the type that callers are expected
//! to possess in the C API.
void PrepareMIGReplyFromRequest(const mach_msg_header_t* in_header,
mach_msg_header_t* out_header);
//! \brief Sets the error code in a reply message for a MIG server routine.
//!
doc: Fix all Doxygen warnings, cleaning up some generated documentation This makes Doxygen’s output more actionable by setting QUIET = YES to suppress verbose progress spew, and WARN_IF_UNDOCUMENTED = NO to prevent warnings for undocumented classes and members from being generated. The latter is too noisy, producing 721 warnings in the current codebase. The remaining warnings produced by Doxygen were useful and actionable. They fell into two categories: abuses of Doxygen’s markup syntax, and missing (or misspelled) parameter documentation. In a small number of cases, pass-through parameters had intentionally been left undocumented. In these cases, they are now given blank \param descriptions. This is not optimal, but there doesn’t appear to be any other way to tell Doxygen to allow a single parameter to be undocumented. Some tricky Doxygen errors were resolved by asking it to not enter directiores that we do not provide documentation in (such as the “on-platform” compat directories, compat/mac and compat/win, as well as compat/non_cxx11_lib) while allowing it to enter the “off-platform” directories that we do document (compat/non_mac and compat/non_win). A Doxygen run (doc/support/generate_doxygen.sh) now produces no output at all. It would produce warnings if any were triggered. Not directly related, but still relevant to documentation, doc/support/generate.sh is updated to remove temporary removals of now-extinct files and directories. doc/appengine/README is updated so that a consistent path to “goapp” is used throughout the file. Change-Id: I300730c04de4d3340551ea3086ca70cc5ff862d1 Reviewed-on: https://chromium-review.googlesource.com/408812 Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-08 14:23:09 -05:00
//! \param[in,out] out_header The reply message to operate on. \a out_header
//! will be treated as a `mig_reply_error_t*` and its `RetCode` field will
//! be set. This argument is accepted as a `mach_msg_header_t*` instead of a
//! `mig_reply_error_t*` because that is the type that callers are expected
//! to possess in the C API.
//! \param[in] error The error code to store in \a out_header.
//!
//! \sa PrepareMIGReplyFromRequest()
void SetMIGReplyError(mach_msg_header_t* out_header, kern_return_t error);
//! \brief Returns a Mach message trailer for a message that has been received.
//!
//! This function must only be called on Mach messages that have been received
//! via the Mach messaging interface, such as `mach_msg()`. Messages constructed
//! for sending do not contain trailers.
//!
//! \param[in] header A pointer to a received Mach message.
//!
//! \return A pointer to the trailer following the received Mach messages body.
//! The contents of the trailer depend on the options provided to
//! `mach_msg()` or a similar function when the message was received.
const mach_msg_trailer_t* MachMessageTrailerFromHeader(
const mach_msg_header_t* header);
//! \brief Destroys or deallocates a Mach port received in a Mach message.
//!
//! This function disposes of port rights received in a Mach message. Receive
//! rights will be destroyed with `mach_port_mod_refs()`. Send and send-once
//! rights will be deallocated with `mach_port_deallocate()`.
//!
//! \param[in] port The port to destroy or deallocate.
//! \param[in] port_right_type The right type held for \a port:
//! `MACH_MSG_TYPE_PORT_RECEIVE`, `MACH_MSG_TYPE_PORT_SEND`, or
//! `MACH_MSG_TYPE_PORT_SEND_ONCE`.
//!
//! \return `true` on success, or `false` on failure with a message logged.
bool MachMessageDestroyReceivedPort(mach_port_t port,
mach_msg_type_name_t port_right_type);
Use BUILDFLAG for OS checking Use BUILDFLAG(IS_*) instead of defined(OS_*). This was generated mostly mechnically by performing the following steps: - sed -i '' -E -e 's/defined\(OS_/BUILDFLAG(IS_/g' \ -e 's%([ !])OS_([A-Z]+)%\1BUILDFLAG(IS_\2)%g' \ $(git grep -l 'OS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - sed -i '' -e 's/#ifdef BUILDFLAG(/#if BUILDFLAG(/' \ $(git grep -l '#ifdef BUILDFLAG(' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - gsed -i -z -E -e \ 's%(.*)#include "%\1#include "build/buildflag.h"\n#include "%' \ $(git grep -l 'BUILDFLAG(IS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - Spot checks to move #include "build/buildflag.h" to the correct parts of files. - sed -i '' -E -e \ 's%^(#include "build/buildflag.h")$%#include "build/build_config.h"\n\1%' \ $(grep -L '^#include "build/build_config.h"$' $(git grep -l 'BUILDFLAG(IS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm')) - Add “clang-format off” around tool usage messages. - git cl format - Update mini_chromium to 85ba51f98278 (intermediate step). TESTING ONLY). - for f in $(git grep -l '^#include "build/buildflag.h"$' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm'); do \ grep -v '^#include "build/buildflag.h"$' "${f}" > /tmp/z; \ cp /tmp/z "${f}"; done - git cl format - Update mini_chromium to 735143774c5f (intermediate step). - Update mini_chromium to f41420eb45fa (as checked in). - Update mini_chromium to 6e2f204b4ae1 (as checked in). For ease of review and inspection, each of these steps is uploaded as a new patch set in a review series. This includes an update of mini_chromium to 6e2f204b4ae1: f41420eb45fa Use BUILDFLAG for OS checking 6e2f204b4ae1 Include what you use: string_util.h uses build_config.h Bug: chromium:1234043 Change-Id: Ieef86186f094c64e59b853729737e36982f8cf69 Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3400258 Reviewed-by: Joshua Peraza <jperaza@chromium.org> Commit-Queue: Mark Mentovai <mark@chromium.org>
2022-01-19 15:00:24 -05:00
#if BUILDFLAG(IS_MAC) || DOXYGEN
//! \brief Returns the process ID of a Mach messages sender from its audit
//! trailer.
//!
//! For the audit trailer to be present, the message must have been received
//! with #kMachMessageReceiveAuditTrailer or its macro equivalent specified in
//! the receive options.
//!
//! If the kernel is the messages sender, a process ID of `0` will be returned.
//!
//! \param[in] trailer The trailer received with a Mach message.
//!
//! \return The process ID of the messages sender, or `-1` on failure with a
//! message logged. It is considered a failure for \a trailer to not contain
//! audit information.
pid_t AuditPIDFromMachMessageTrailer(const mach_msg_trailer_t* trailer);
Use BUILDFLAG for OS checking Use BUILDFLAG(IS_*) instead of defined(OS_*). This was generated mostly mechnically by performing the following steps: - sed -i '' -E -e 's/defined\(OS_/BUILDFLAG(IS_/g' \ -e 's%([ !])OS_([A-Z]+)%\1BUILDFLAG(IS_\2)%g' \ $(git grep -l 'OS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - sed -i '' -e 's/#ifdef BUILDFLAG(/#if BUILDFLAG(/' \ $(git grep -l '#ifdef BUILDFLAG(' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - gsed -i -z -E -e \ 's%(.*)#include "%\1#include "build/buildflag.h"\n#include "%' \ $(git grep -l 'BUILDFLAG(IS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm') - Spot checks to move #include "build/buildflag.h" to the correct parts of files. - sed -i '' -E -e \ 's%^(#include "build/buildflag.h")$%#include "build/build_config.h"\n\1%' \ $(grep -L '^#include "build/build_config.h"$' $(git grep -l 'BUILDFLAG(IS_' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm')) - Add “clang-format off” around tool usage messages. - git cl format - Update mini_chromium to 85ba51f98278 (intermediate step). TESTING ONLY). - for f in $(git grep -l '^#include "build/buildflag.h"$' '**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm'); do \ grep -v '^#include "build/buildflag.h"$' "${f}" > /tmp/z; \ cp /tmp/z "${f}"; done - git cl format - Update mini_chromium to 735143774c5f (intermediate step). - Update mini_chromium to f41420eb45fa (as checked in). - Update mini_chromium to 6e2f204b4ae1 (as checked in). For ease of review and inspection, each of these steps is uploaded as a new patch set in a review series. This includes an update of mini_chromium to 6e2f204b4ae1: f41420eb45fa Use BUILDFLAG for OS checking 6e2f204b4ae1 Include what you use: string_util.h uses build_config.h Bug: chromium:1234043 Change-Id: Ieef86186f094c64e59b853729737e36982f8cf69 Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3400258 Reviewed-by: Joshua Peraza <jperaza@chromium.org> Commit-Queue: Mark Mentovai <mark@chromium.org>
2022-01-19 15:00:24 -05:00
#endif // BUILDFLAG(IS_MAC)
} // namespace crashpad
#endif // CRASHPAD_UTIL_MACH_MACH_MESSAGE_H_