update protected_payload.patch

1 files changed, 135 insertions, 35 deletions

diff --git a/debian/patches/protected_payload.patch b/debian/patches/protected_payload.patch
index c657ab0..50dd791 100644
--- a/debian/patches/protected_payload.patch
+++ b/debian/patches/protected_payload.patch
@@ -1,5 +1,5 @@
 diff --git a/doc/mach.texi b/doc/mach.texi
-index d089224..b3cc2ec 100644
+index d089224..6167b4b 100644
 --- a/doc/mach.texi
 +++ b/doc/mach.texi
 @@ -1330,6 +1330,15 @@ which is conventionally used as a reply port by the recipient of the
@@ -64,15 +64,15 @@ index d089224..b3cc2ec 100644
  Received messages are stamped with a sequence number, taken from the
  port from which the message was received.  (Messages received from a
  port set are stamped with a sequence number from the appropriate member
-@@ -2715,6 +2749,24 @@ In addition to the normal diagnostic return codes from the call's server
+@@ -2715,6 +2749,41 @@ In addition to the normal diagnostic return codes from the call's server
  (normally the kernel), the call may return @code{mach_msg} return codes.
  @end deftypefun
  
 +@deftypefun kern_return_t mach_port_set_protected_payload (@w{ipc_space_t @var{task}}, @w{mach_port_t @var{name}}, @w{unsigned long @var{payload}})
 +The function @code{mach_port_set_protected_payload} sets the protected
-+payload to @var{payload}.  If @var{payload} is non-zero, the
-+@code{msgh_protected_payload} field will be set to @var{payload} if a
-+message is delivered to @var{name}.
++payload associated with the right @var{name} to @var{payload}.
++Section @ref{Message Receive} describes how setting a protected
++payload affects the messages delivered to @var{name}.
 +
 +The function returns @code{KERN_SUCCESS} if the call succeeded,
 +@code{KERN_INVALID_TASK} if @var{task} was invalid,
@@ -86,22 +86,32 @@ index d089224..b3cc2ec 100644
 +the call's server (normally the kernel), the call may return
 +@code{mach_msg} return codes.
 +@end deftypefun
++
++@deftypefun kern_return_t mach_port_clear_protected_payload (@w{ipc_space_t @var{task}}, @w{mach_port_t @var{name}}, @w{unsigned long @var{payload}})
++The function @code{mach_port_clear_protected_payload} clears the
++protected payload associated with the right @var{name}.
++
++The function returns @code{KERN_SUCCESS} if the call succeeded,
++@code{KERN_INVALID_TASK} if @var{task} was invalid,
++@code{KERN_INVALID_NAME} if @var{name} did not denote a right and
++@code{KERN_INVALID_RIGHT} if @var{name} denoted a right, but not a
++receive right.
++
++The @code{mach_port_clear_protected_payload} call is actually an RPC
++to @var{task}, normally a send right for a task port, but potentially
++any send right.  In addition to the normal diagnostic return codes
++from the call's server (normally the kernel), the call may return
++@code{mach_msg} return codes.
++@end deftypefun
  
  @node Port Sets
  @subsection Port Sets
 diff --git a/include/mach/mach_port.defs b/include/mach/mach_port.defs
-index e1f45e3..96a5987 100644
+index 769d892..c7e8526 100644
 --- a/include/mach/mach_port.defs
 +++ b/include/mach/mach_port.defs
-@@ -342,5 +342,19 @@ routine mach_port_create_act(
- 		user_rbuf_size	: vm_size_t;
- 	out	new_act		: thread_t);
+@@ -349,3 +349,21 @@ skip; /* mach_port_create_act */
  
-+#else  /* MIGRATING_THREADS */
-+
-+skip; /* mach_port_set_rpcinfo */
-+skip; /* mach_port_create_act */
-+
  #endif /* MIGRATING_THREADS */
  
 +/*
@@ -113,6 +123,15 @@ index e1f45e3..96a5987 100644
 +		task		: ipc_space_t;
 +		name		: mach_port_name_t;
 +		payload		: natural_t);
++
++/*
++ *	Only valid for receive rights.
++ *	Clear the protected payload for this right.
++ */
++
++routine mach_port_clear_protected_payload(
++		task		: ipc_space_t;
++		name		: mach_port_name_t);
 diff --git a/include/mach/message.h b/include/mach/message.h
 index f78e978..0a7297e 100644
 --- a/include/mach/message.h
@@ -141,7 +160,7 @@ index f78e978..0a7297e 100644
  /*
   *  A dummy value.  Mostly used to indicate that the actual value
 diff --git a/ipc/ipc_kmsg.c b/ipc/ipc_kmsg.c
-index 0e43410..aa51100 100644
+index 0e43410..469aeb0 100644
 --- a/ipc/ipc_kmsg.c
 +++ b/ipc/ipc_kmsg.c
 @@ -1802,9 +1802,17 @@ ipc_kmsg_copyout_header(msg, space, notify)
@@ -151,7 +170,7 @@ index 0e43410..aa51100 100644
 -		msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 -				  MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND));
 -		msg->msgh_local_port = dest_name;
-+		if (dest->ip_protected_payload == 0) {
++		if (dest->ip_has_protected_payload) {
 +			msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 +				MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND));
 +			msg->msgh_local_port = dest_name;
@@ -173,7 +192,7 @@ index 0e43410..aa51100 100644
 -				  MACH_MSGH_BITS(MACH_MSG_TYPE_PORT_SEND_ONCE,
 -						 MACH_MSG_TYPE_PORT_SEND));
 -		msg->msgh_local_port = dest_name;
-+		if (dest->ip_protected_payload == 0) {
++		if (dest->ip_has_protected_payload) {
 +			msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 +				MACH_MSGH_BITS(MACH_MSG_TYPE_PORT_SEND_ONCE,
 +					       MACH_MSG_TYPE_PORT_SEND));
@@ -195,7 +214,7 @@ index 0e43410..aa51100 100644
 -		msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 -			MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND_ONCE));
 -		msg->msgh_local_port = dest_name;
-+		if (dest->ip_protected_payload == 0) {
++		if (dest->ip_has_protected_payload) {
 +			msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 +				MACH_MSGH_BITS(0,
 +					MACH_MSG_TYPE_PORT_SEND_ONCE));
@@ -217,7 +236,7 @@ index 0e43410..aa51100 100644
 -	msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 -			  MACH_MSGH_BITS(reply_type, dest_type));
 -	msg->msgh_local_port = dest_name;
-+	if (dest->ip_protected_payload == 0) {
++	if (dest->ip_has_protected_payload) {
 +		msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) |
 +				  MACH_MSGH_BITS(reply_type, dest_type));
 +		msg->msgh_local_port = dest_name;
@@ -231,22 +250,22 @@ index 0e43410..aa51100 100644
      }
  
 diff --git a/ipc/ipc_object.c b/ipc/ipc_object.c
-index 982bd4e..59f5a67 100644
+index 982bd4e..d9875d1 100644
 --- a/ipc/ipc_object.c
 +++ b/ipc/ipc_object.c
 @@ -481,6 +481,7 @@ ipc_object_copyin_from_kernel(
  
  		port->ip_receiver_name = MACH_PORT_NULL;
  		port->ip_destination = IP_NULL;
-+		port->ip_protected_payload = 0;
++		port->ip_has_protected_payload = FALSE;
  		ip_unlock(port);
  		break;
  	    }
 diff --git a/ipc/ipc_port.c b/ipc/ipc_port.c
-index d4ade8e..4051746 100644
+index d4ade8e..0789296 100644
 --- a/ipc/ipc_port.c
 +++ b/ipc/ipc_port.c
-@@ -425,6 +425,25 @@ ipc_port_set_seqno(port, seqno)
+@@ -425,6 +425,44 @@ ipc_port_set_seqno(port, seqno)
  }
  
  /*
@@ -264,6 +283,25 @@ index d4ade8e..4051746 100644
 +
 +	mqueue = ipc_port_lock_mqueue(port);
 +	port->ip_protected_payload = payload;
++	port->ip_has_protected_payload = TRUE;
++	imq_unlock(mqueue);
++}
++
++/*
++ *	Routine:	ipc_port_clear_protected_payload
++ *	Purpose:
++ *		Clear a port's protected payload.
++ *	Conditions:
++ *		The port is locked and active.
++ */
++
++void
++ipc_port_clear_protected_payload(ipc_port_t port)
++{
++	ipc_mqueue_t mqueue;
++
++	mqueue = ipc_port_lock_mqueue(port);
++	port->ip_has_protected_payload = FALSE;
 +	imq_unlock(mqueue);
 +}
 +
@@ -272,23 +310,35 @@ index d4ade8e..4051746 100644
   *	Routine:	ipc_port_clear_receiver
   *	Purpose:
   *		Prepares a receive right for transmission/destruction.
-@@ -493,6 +512,7 @@ ipc_port_init(
+@@ -493,6 +531,8 @@ ipc_port_init(
  	port->ip_seqno = 0;
  	port->ip_msgcount = 0;
  	port->ip_qlimit = MACH_PORT_QLIMIT_DEFAULT;
++	port->ip_has_protected_payload = FALSE;
 +	port->ip_protected_payload = 0;
  
  	ipc_mqueue_init(&port->ip_messages);
  	ipc_thread_queue_init(&port->ip_blocked);
-@@ -615,6 +635,7 @@ ipc_port_destroy(
+@@ -615,6 +655,7 @@ ipc_port_destroy(
  		/* make port be in limbo */
  		port->ip_receiver_name = MACH_PORT_NULL;
  		port->ip_destination = IP_NULL;
-+		port->ip_protected_payload = 0;
++		port->ip_has_protected_payload = FALSE;
  		ip_unlock(port);
  
  		if (!ipc_port_check_circularity(port, pdrequest)) {
-@@ -1240,6 +1261,8 @@ ipc_port_print(port)
+@@ -1218,6 +1259,10 @@ ipc_port_print(port)
+ 
+ 	indent += 2;
+ 
++	iprintf("flags ");
++	printf("has_protected_payload=%d", port->ip_has_protected_payload);
++	printf("\n");
++
+ 	ipc_object_print(&port->ip_object);
+ 	iprintf("receiver=0x%x", port->ip_receiver);
+ 	printf(", receiver_name=0x%x\n", port->ip_receiver_name);
+@@ -1240,6 +1285,8 @@ ipc_port_print(port)
  	printf(", sndrs=0x%x", port->ip_blocked.ithq_base);
  	printf(", kobj=0x%x\n", port->ip_kobject);
  
@@ -298,10 +348,21 @@ index d4ade8e..4051746 100644
  }
  
 diff --git a/ipc/ipc_port.h b/ipc/ipc_port.h
-index 27d2e49..a1a0943 100644
+index 27d2e49..4c7c742 100644
 --- a/ipc/ipc_port.h
 +++ b/ipc/ipc_port.h
-@@ -96,6 +96,7 @@ struct ipc_port {
+@@ -71,6 +71,10 @@ typedef unsigned int ipc_port_timestamp_t;
+ struct ipc_port {
+ 	struct ipc_target ip_target;
+ 
++	/* Flags.  */
++	unsigned int	ip_has_protected_payload:1;	/* A pp has
++							   been set.  */
++
+ 	/* This points to the ip_target above if this port isn't on a port set;
+ 	   otherwise it points to the port set's ips_target.  */
+ 	struct ipc_target *ip_cur_target;
+@@ -96,6 +100,7 @@ struct ipc_port {
  	mach_port_msgcount_t ip_msgcount;
  	mach_port_msgcount_t ip_qlimit;
  	struct ipc_thread_queue ip_blocked;
@@ -309,18 +370,21 @@ index 27d2e49..a1a0943 100644
  };
  
  #define ip_object		ip_target.ipt_object
-@@ -262,6 +263,9 @@ extern void
+@@ -262,6 +267,12 @@ extern void
  ipc_port_set_seqno(ipc_port_t, mach_port_seqno_t);
  
  extern void
 +ipc_port_set_protected_payload(ipc_port_t, unsigned long);
 +
 +extern void
++ipc_port_clear_protected_payload(ipc_port_t);
++
++extern void
  ipc_port_clear_receiver(ipc_port_t);
  
  extern void
 diff --git a/ipc/ipc_right.c b/ipc/ipc_right.c
-index 41fe3de..1edbb47 100644
+index 41fe3de..6b6b590 100644
 --- a/ipc/ipc_right.c
 +++ b/ipc/ipc_right.c
 @@ -1432,6 +1432,12 @@ ipc_right_copyin(
@@ -332,7 +396,7 @@ index 41fe3de..1edbb47 100644
 +		 *	Clear the protected payload field to retain
 +		 *	the behavior of mach_msg.
 +		 */
-+		port->ip_protected_payload = 0;
++		port->ip_has_protected_payload = FALSE;
  		ip_unlock(port);
  
  		*objectp = (ipc_object_t) port;
@@ -344,16 +408,16 @@ index 41fe3de..1edbb47 100644
 +		 *	Clear the protected payload field to retain
 +		 *	the behavior of mach_msg.
 +		 */
-+		port->ip_protected_payload = 0;
++		port->ip_has_protected_payload = FALSE;
 +
  		assert((bits & MACH_PORT_TYPE_RECEIVE) == 0);
  
  		if (bits & MACH_PORT_TYPE_SEND) {
 diff --git a/ipc/mach_port.c b/ipc/mach_port.c
-index 13572a1..14c3653 100644
+index 13572a1..057278b 100644
 --- a/ipc/mach_port.c
 +++ b/ipc/mach_port.c
-@@ -1564,3 +1564,40 @@ mach_port_set_syscall_right(task, name)
+@@ -1564,3 +1564,76 @@ mach_port_set_syscall_right(task, name)
  }
  #endif
  #endif /* MIGRATING_THREADS */
@@ -394,3 +458,39 @@ index 13572a1..14c3653 100644
 +	ip_unlock(port);
 +	return KERN_SUCCESS;
 +}
++
++/*
++ *	Routine:	mach_port_clear_protected_payload [kernel call]
++ *	Purpose:
++ *		Clears a receive right's protected payload.
++ *	Conditions:
++ *		Nothing locked.
++ *	Returns:
++ *		KERN_SUCCESS		Clear protected payload.
++ *		KERN_INVALID_TASK	The space is null.
++ *		KERN_INVALID_TASK	The space is dead.
++ *		KERN_INVALID_NAME	The name doesn't denote a right.
++ *		KERN_INVALID_RIGHT	Name doesn't denote receive rights.
++ */
++
++kern_return_t
++mach_port_clear_protected_payload(
++	ipc_space_t		space,
++	mach_port_t		name)
++{
++	ipc_port_t port;
++	kern_return_t kr;
++
++	if (space == IS_NULL)
++		return KERN_INVALID_TASK;
++
++	kr = ipc_port_translate_receive(space, name, &port);
++	if (kr != KERN_SUCCESS)
++		return kr;
++	/* port is locked and active */
++
++	ipc_port_clear_protected_payload(port);
++
++	ip_unlock(port);
++	return KERN_SUCCESS;
++}