Loading...
iokit/Kernel/IOUserClient.cpp xnu-201.19.3 xnu-344.49
--- xnu/xnu-201.19.3/iokit/Kernel/IOUserClient.cpp
+++ xnu/xnu-344.49/iokit/Kernel/IOUserClient.cpp
@@ -3,19 +3,22 @@
  *
  * @APPLE_LICENSE_HEADER_START@
  * 
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License").  You may not use this file except in compliance with the
- * License.  Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
+ * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
  * 
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
- * License for the specific language governing rights and limitations
- * under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
  * 
  * @APPLE_LICENSE_HEADER_END@
  */
@@ -65,6 +68,11 @@
 
 extern ipc_port_t master_device_port;
 
+extern void iokit_retain_port( ipc_port_t port );
+extern void iokit_release_port( ipc_port_t port );
+
+extern kern_return_t iokit_switch_object_port( ipc_port_t port, io_object_t obj, ipc_kobject_type_t type );
+
 #include <vm/vm_map.h>
 
 } /* extern "C" */
@@ -80,9 +88,12 @@
 public:
     OSObject *	object;
     ipc_port_t	port;
+    UInt32      mscount;
 
     static IOMachPort * portForObject( OSObject * obj,
 				ipc_kobject_type_t type );
+    static bool noMoreSendersForObject( OSObject * obj,
+				ipc_kobject_type_t type, mach_port_mscount_t * mscount );
     static void releasePortForObject( OSObject * obj,
 				ipc_kobject_type_t type );
     static OSDictionary * dictForType( ipc_kobject_type_t type );
@@ -136,8 +147,11 @@
 	    continue;
 
         if( (inst = (IOMachPort *)
-                dict->getObject( (const OSSymbol *) obj )))
+                dict->getObject( (const OSSymbol *) obj ))) {
+	    inst->mscount++;
+	    inst->retain();
             continue;
+	}
 
         inst = new IOMachPort;
         if( inst && !inst->init()) {
@@ -149,7 +163,7 @@
         if( inst->port) {
 	    // retains obj
             dict->setObject( (const OSSymbol *) obj, inst );
-            inst->release();	// one more to free port => release obj
+	    inst->mscount++;
 
         } else {
             inst->release();
@@ -161,6 +175,34 @@
     IOUnlock( gIOObjectPortLock);
 
     return( inst );
+}
+
+bool IOMachPort::noMoreSendersForObject( OSObject * obj,
+				ipc_kobject_type_t type, mach_port_mscount_t * mscount )
+{
+    OSDictionary *	dict;
+    IOMachPort *	machPort;
+    bool		destroyed = true;
+
+    IOTakeLock( gIOObjectPortLock);
+
+    if( (dict = dictForType( type ))) {
+        obj->retain();
+
+	machPort = (IOMachPort *) dict->getObject( (const OSSymbol *) obj );
+	if( machPort) {
+	    destroyed = (machPort->mscount == *mscount);
+	    if( destroyed)
+		dict->removeObject( (const OSSymbol *) obj );
+	    else
+		*mscount = machPort->mscount;
+	}
+	obj->release();
+    }
+
+    IOUnlock( gIOObjectPortLock);
+
+    return( destroyed );
 }
 
 void IOMachPort::releasePortForObject( OSObject * obj,
@@ -182,7 +224,36 @@
 void IOUserClient::destroyUserReferences( OSObject * obj )
 {
     IOMachPort::releasePortForObject( obj, IKOT_IOKIT_OBJECT );
-    IOMachPort::releasePortForObject( obj, IKOT_IOKIT_CONNECT );
+
+    // panther, 3160200
+    // IOMachPort::releasePortForObject( obj, IKOT_IOKIT_CONNECT );
+
+    OSDictionary * dict;
+
+    IOTakeLock( gIOObjectPortLock);
+    obj->retain();
+
+    if( (dict = IOMachPort::dictForType( IKOT_IOKIT_CONNECT )))
+    {
+	IOMachPort * port;
+	port = (IOMachPort *) dict->getObject( (const OSSymbol *) obj );
+	if (port)
+	{
+	    IOUserClient * uc;
+	    if ((uc = OSDynamicCast(IOUserClient, obj)) && uc->mappings)
+	    {
+		dict->setObject((const OSSymbol *) uc->mappings, port);
+		iokit_switch_object_port(port->port, uc->mappings, IKOT_IOKIT_CONNECT);
+
+		uc->mappings->release();
+		uc->mappings = 0;
+	    }
+	    dict->removeObject( (const OSSymbol *) obj );
+	}
+    }
+    obj->release();
+    IOUnlock( gIOObjectPortLock);
+
 }
 
 mach_port_name_t IOMachPort::makeSendRightForTask( task_t task,
@@ -222,30 +293,39 @@
 iokit_port_for_object( io_object_t obj, ipc_kobject_type_t type )
 {
     IOMachPort * machPort;
-
-    if( (machPort = IOMachPort::portForObject( obj, type )))
-	return( machPort->port );
-    else
-	return( 0 );
+    ipc_port_t	 port;
+
+    if( (machPort = IOMachPort::portForObject( obj, type ))) {
+
+	port = machPort->port;
+	if( port)
+	    iokit_retain_port( port );
+
+	machPort->release();
+
+    } else
+	port = NULL;
+
+    return( port );
 }
 
 kern_return_t
 iokit_client_died( io_object_t obj, ipc_port_t /* port */,
-			ipc_kobject_type_t type )
+			ipc_kobject_type_t type, mach_port_mscount_t * mscount )
 {
     IOUserClient *	client;
     IOMemoryMap *	map;
+
+    if( !IOMachPort::noMoreSendersForObject( obj, type, mscount ))
+	return( kIOReturnNotReady );
 
     if( (IKOT_IOKIT_CONNECT == type)
      && (client = OSDynamicCast( IOUserClient, obj )))
 	client->clientDied();
-    else if( (IKOT_IOKIT_OBJECT == type)
-     && (map = OSDynamicCast( IOMemoryMap, obj )))
+    if( (map = OSDynamicCast( IOMemoryMap, obj )))
 	map->taskDied();
 
-    IOMachPort::releasePortForObject( obj, type );
-
-    return( kIOReturnSuccess);
+    return( kIOReturnSuccess );
 }
 
 };	/* extern "C" */
@@ -351,7 +431,7 @@
     pingMsg->msgHdr.msgh_remote_port	= port;
     pingMsg->msgHdr.msgh_bits 		= MACH_MSGH_BITS(
                                             MACH_MSG_TYPE_COPY_SEND,
-                                            MACH_MSG_TYPE_COPY_SEND );
+                                            MACH_MSG_TYPE_MAKE_SEND );
     pingMsg->msgHdr.msgh_size 		= msgSize;
     pingMsg->msgHdr.msgh_id		= kOSNotificationMessageID;
 
@@ -436,7 +516,7 @@
 {
     unsigned int	count;
     kern_return_t	kr;
-    IOMachPort *	machPort;
+    ipc_port_t		port = NULL;
     bool		sendPing = false;
 
     IOTakeLock( lock );
@@ -452,12 +532,16 @@
     IOUnlock( lock );
 
     if( sendPing) {
-        if( (0 == pingMsg->msgHdr.msgh_local_port)
-         && (machPort = IOMachPort::portForObject( this, IKOT_IOKIT_OBJECT ) ))
-            pingMsg->msgHdr.msgh_local_port = machPort->port;
+	if( (port = iokit_port_for_object( this, IKOT_IOKIT_OBJECT ) ))
+            pingMsg->msgHdr.msgh_local_port = port;
+	else
+            pingMsg->msgHdr.msgh_local_port = NULL;
 
         kr = mach_msg_send_from_kernel( &pingMsg->msgHdr,
                                         pingMsg->msgHdr.msgh_size);
+	if( port)
+	    iokit_release_port( port );
+
         if( KERN_SUCCESS != kr)
             IOLog("%s: mach_msg_send_from_kernel {%x}\n", __FILE__, kr );
     }
@@ -522,7 +606,7 @@
                                     void * messageArgument, vm_size_t argSize )
 {
     kern_return_t		kr;
-    IOMachPort *		machPort;
+    ipc_port_t 			port;
     IOServiceInterestContent * 	data = (IOServiceInterestContent *)
                                        pingMsg->notifyHeader.content;
 
@@ -540,13 +624,17 @@
         - sizeof( data->messageArgument)
         + argSize;
 
-    if( (machPort = IOMachPort::portForObject( provider, IKOT_IOKIT_OBJECT ) ))
-        pingMsg->msgHdr.msgh_local_port = machPort->port;
+    if( (port = iokit_port_for_object( provider, IKOT_IOKIT_OBJECT ) ))
+	pingMsg->msgHdr.msgh_local_port = port;
     else
-        pingMsg->msgHdr.msgh_local_port = MACH_PORT_NULL;
+	pingMsg->msgHdr.msgh_local_port = NULL;
     
     kr = mach_msg_send_from_kernel( &pingMsg->msgHdr,
                                     pingMsg->msgHdr.msgh_size);
+
+    if( port)
+	iokit_release_port( port );
+
     if( KERN_SUCCESS != kr)
         IOLog("%s: mach_msg_send_from_kernel {%x}\n", __FILE__, kr );
 
@@ -675,8 +763,8 @@
 IOMemoryMap * IOUserClient::mapClientMemory( 
 	IOOptionBits		type,
 	task_t			task,
-	IOOptionBits		mapFlags = kIOMapAnywhere,
-	IOVirtualAddress	atAddress = 0 )
+	IOOptionBits		mapFlags,
+	IOVirtualAddress	atAddress )
 {
     IOReturn		err;
     IOOptionBits	options = 0;
@@ -1311,14 +1399,7 @@
 
     CHECK( IORegistryEntry, registry_entry, entry );
 
-#if 0
-    // need virtual
     obj = entry->copyProperty(property_name);
-#else
-    obj = entry->getProperty(property_name);
-    if( obj)
-        obj->retain();
-#endif
     if( !obj)
         return( kIOReturnNoResources );
 
@@ -1374,14 +1455,7 @@
 
     CHECK( IORegistryEntry, registry_entry, entry );
 
-#if 0
-    // need virtual
     obj = entry->copyProperty(property_name);
-#else
-    obj = entry->getProperty(property_name);
-    if( obj)
-        obj->retain();
-#endif
     if( !obj)
         return( kIOReturnNotFound );
 
@@ -1421,15 +1495,8 @@
 
     CHECK( IORegistryEntry, registry_entry, entry );
 
-#if 0
     obj = entry->copyProperty( property_name,
                                IORegistryEntry::getPlane( plane ), options);
-#else
-    obj = entry->getProperty( property_name,
-                               IORegistryEntry::getPlane( plane ), options);
-    if( obj)
-        obj->retain();
-#endif
     if( !obj)
         return( kIOReturnNotFound );
 
@@ -1608,6 +1675,10 @@
 kern_return_t is_io_service_close(
 	io_object_t connection )
 {
+    OSSet * mappings;
+    if ((mappings = OSDynamicCast(OSSet, connection)))
+	return( kIOReturnSuccess );
+
     CHECK( IOUserClient, connection, client );
 
     client->clientClose();
@@ -2467,6 +2538,8 @@
         case kIOCatalogRemoveKernelLinker: {
                 if (gIOCatalogue->removeKernelLinker() != KERN_SUCCESS) {
                     kr = kIOReturnError;
+                } else {
+                    kr = kIOReturnSuccess;
                 }
             }
             break;