 bsd/dev/i386/unix_signal.c | 93: * to sigreturn routine below. After sigreturn
|
| 223: if (ut->uu_pending_sigreturn == 0) {
|
| 224: /* Generate random token value used to validate sigreturn arguments */
|
| 225: read_random(&ut->uu_sigreturn_token, sizeof(ut->uu_sigreturn_token));
|
| 227: ut->uu_pending_sigreturn++;
|
| 328: * Generate the validation token for sigreturn
|
| 333: token = (user64_addr_t)token_uctx ^ (user64_addr_t)ut->uu_sigreturn_token;
|
| 336: * Build the signal context to be used by sigreturn.
|
| 396: * Handler should call sigreturn to get out of it
|
| 470: * Generate the validation token for sigreturn
|
| 476: CAST_DOWN_EXPLICIT(user32_addr_t, ut->uu_sigreturn_token);
|
| 480: * Handler should call sigreturn to get out of it
|
| 495: * Build the signal context to be used by sigreturn.
|
| 745: assert(ut->uu_pending_sigreturn > 0);
|
| 746: ut->uu_pending_sigreturn--;
|
| 772:sigreturn(struct proc *p, struct sigreturn_args *uap, __unused int *retval)
definition |
| 797: uint32_t sigreturn_validation;
|
| 822: sigreturn_validation = atomic_load_explicit(
|
| 823: &ps->ps_sigreturn_validation, memory_order_relaxed);
|
| 860: token = (user64_addr_t)token_uctx ^ (user64_addr_t)ut->uu_sigreturn_token;
|
| 863: printf("process %s[%d] sigreturn token mismatch: received 0x%llx expected 0x%llx\n",
|
| 866: if (sigreturn_validation != PS_SIGRETURN_VALIDATION_DISABLED) {
|
| 894: CAST_DOWN_EXPLICIT(user32_addr_t, ut->uu_sigreturn_token);
|
| 897: printf("process %s[%d] sigreturn token mismatch: received 0x%x expected 0x%x\n",
|
| 900: if (sigreturn_validation != PS_SIGRETURN_VALIDATION_DISABLED) {
|
| 927: printf("process %s[%d] sigreturn thread_setstatus error %d\n",
|
| 933: /* Decrement the pending sigreturn count */
|
| 934: if (ut->uu_pending_sigreturn > 0) {
|
| 935: ut->uu_pending_sigreturn--;
|
| 943: printf("process %s[%d] sigreturn thread_setstatus error %d\n",
|
| bsd/dev/arm/unix_signal.c | 105:static TUNABLE(bool, pac_sigreturn_token, "pac_sigreturn_token", true);
|
| 132: thread_set_status_flags_t flags = TSSF_STASH_SIGRETURN_TOKEN;
|
| 133: if (pac_sigreturn_token || task_needs_user_signed_thread_state(current_task())) {
|
| 329: if (ut->uu_pending_sigreturn == 0) {
|
| 330: /* Generate random token value used to validate sigreturn arguments */
|
| 331: read_random(&ut->uu_sigreturn_token, sizeof(ut->uu_sigreturn_token));
|
| 334: read_random(&ut->uu_sigreturn_diversifier, sizeof(ut->uu_sigreturn_diversifier));
|
| 335: ut->uu_sigreturn_diversifier &=
|
| 337: } while (ut->uu_sigreturn_diversifier == 0);
|
| 339: ut->uu_pending_sigreturn++;
|
| 589: * Generate the validation token for sigreturn
|
| 594: token = (user64_addr_t)token_uctx ^ (user64_addr_t)ut->uu_sigreturn_token;
|
| 628: * Generate the validation token for sigreturn
|
| 633: token = (user32_addr_t)token_uctx ^ (user32_addr_t)ut->uu_sigreturn_token;
|
| 655: assert(ut->uu_pending_sigreturn > 0);
|
| 656: ut->uu_pending_sigreturn--;
|
| 678:sigreturn_copyin_ctx32(struct user_ucontext32 *uctx, mcontext32_t *mctx, user_addr_t uctx_addr)
definition |
| 707:sigreturn_set_state32(thread_t th_act, mcontext32_t *mctx)
definition |
| 732:sigreturn_copyin_ctx64(struct user_ucontext64 *uctx, mcontext64_t *mctx, user_addr_t uctx_addr)
definition |
| 761:sigreturn_set_state64(thread_t th_act, mcontext64_t *mctx, thread_set_status_flags_t tssf_flags)
definition |
| 783:sigreturn(
definition |
| 785: struct sigreturn_args * uap,
|
| 806: uint32_t sigreturn_validation;
|
| 830: error = sigreturn_copyin_ctx64(&uctx.uc64, &mctx.mc64, uap->uctx);
|
| 841: error = sigreturn_copyin_ctx32(&uctx.uc32, &mctx.mc32, uap->uctx);
|
| 861: sigreturn_validation = atomic_load_explicit(
|
| 862: &ps->ps_sigreturn_validation, memory_order_relaxed);
|
| 870: token = (user64_addr_t)token_uctx ^ (user64_addr_t)ut->uu_sigreturn_token;
|
| 875: printf("process %s[%d] sigreturn token mismatch: received 0x%llx expected 0x%llx\n",
|
| 878: if (sigreturn_validation != PS_SIGRETURN_VALIDATION_DISABLED) {
|
| 883: if (sigreturn_validation != PS_SIGRETURN_VALIDATION_DISABLED) {
|
| 884: tssf_flags |= TSSF_CHECK_SIGRETURN_TOKEN;
|
| 886: if (pac_sigreturn_token || task_needs_user_signed_thread_state(current_task())) {
|
| 890: error = sigreturn_set_state64(th_act, &mctx.mc64, tssf_flags);
|
| 893: printf("process %s[%d] sigreturn set_state64 error %d\n",
|
| 903: token = (user32_addr_t)token_uctx ^ (user32_addr_t)ut->uu_sigreturn_token;
|
| 906: printf("process %s[%d] sigreturn token mismatch: received 0x%x expected 0x%x\n",
|
| 909: if (sigreturn_validation != PS_SIGRETURN_VALIDATION_DISABLED) {
|
| 913: error = sigreturn_set_state32(th_act, &mctx.mc32);
|
| 916: printf("process %s[%d] sigreturn sigreturn_set_state32 error %d\n",
|
| 923: /* Decrement the pending sigreturn count */
|
| 924: if (ut->uu_pending_sigreturn > 0) {
|
| 925: ut->uu_pending_sigreturn--;
|
| bsd/kern/kern_sig.c | 444: uint32_t sigreturn_validation = PS_SIGRETURN_VALIDATION_DEFAULT;
|
| 466: sigreturn_validation = (__vec.sa_flags & SA_VALIDATE_SIGRETURN_FROM_SIGTRAMP) ?
|
| 467: PS_SIGRETURN_VALIDATION_ENABLED : PS_SIGRETURN_VALIDATION_DISABLED;
|
| 520: uint32_t old_sigreturn_validation = atomic_load_explicit(
|
| 521: &ps->ps_sigreturn_validation, memory_order_relaxed);
|
| 522: if (old_sigreturn_validation == PS_SIGRETURN_VALIDATION_DEFAULT) {
|
| 523: atomic_compare_exchange_strong_explicit(&ps->ps_sigreturn_validation,
|
| 524: &old_sigreturn_validation, sigreturn_validation,
|
| 764: atomic_store_explicit(&ps->ps_sigreturn_validation,
|
| 765: PS_SIGRETURN_VALIDATION_DEFAULT, memory_order_relaxed);
|
| bsd/kern/kern_fork.c | 1383: uth->uu_pending_sigreturn = 0;
|
| 1564:thread_get_sigreturn_token(thread_t thread)
|
| 1567: return ut->uu_sigreturn_token;
|
| 1571:thread_get_sigreturn_diversifier(thread_t thread)
|
| 1574: return ut->uu_sigreturn_diversifier;
|
| bsd/bsm/audit_kevents.h | 801:#define AUE_SIGRETURN AUE_NULL
|
| bsd/sys/signalvar.h | 86:/* Values for ps_sigreturn_validation */
|
| 87:#define PS_SIGRETURN_VALIDATION_DEFAULT 0x0u
|
| 88:#define PS_SIGRETURN_VALIDATION_ENABLED 0x1u
|
| 89:#define PS_SIGRETURN_VALIDATION_DISABLED 0x2u
|
| bsd/sys/signal.h | 477:#define SA_VALIDATE_SIGRETURN_FROM_SIGTRAMP 0x0400 /* use token to validate sigreturn was called from matching sigtramp */
|
| bsd/sys/proc_internal.h | 242: _Atomic uint32_t ps_sigreturn_validation; /* sigreturn argument validation state */
|
| bsd/sys/user.h | 219: user_addr_t uu_sigreturn_token; /* random token used to validate sigreturn arguments */
|
| 220: uint32_t uu_sigreturn_diversifier; /* random diversifier used to validate user signed sigreturn pc/lr */
|
| 221: int uu_pending_sigreturn; /* Pending sigreturn count */
|
| osfmk/mach/arm/_structs.h | 118:#define __DARWIN_ARM_THREAD_STATE64_SIGRETURN_PC_MASK 0x000f0000
|
| 119:#define __DARWIN_ARM_THREAD_STATE64_SIGRETURN_LR_MASK 0x00f00000
|
| 121:#define __DARWIN_ARM_THREAD_STATE64_SET_SIGRETURN_TOKEN(ts, token, mask) \
|
| 124:#define __DARWIN_ARM_THREAD_STATE64_CHECK_SIGRETURN_TOKEN(ts, token, mask) \
|
| osfmk/arm64/status.c | 62:user_addr_t thread_get_sigreturn_token(thread_t thread);
|
| 63:uint32_t thread_get_sigreturn_diversifier(thread_t thread);
|
| 306:thread_generate_sigreturn_token(
|
| 311: token ^= (user64_addr_t)thread_get_sigreturn_token(thread);
|
| 335: bool stash_sigreturn_token = !!(tssf_flags & TSSF_STASH_SIGRETURN_TOKEN);
|
| 417: userland_diversifier = thread_get_sigreturn_diversifier(thread) &
|
| 465: /* Stash the sigreturn token */
|
| 466: if (stash_sigreturn_token) {
|
| 468: uint32_t token = thread_generate_sigreturn_token((void *)ts64->pc, thread);
|
| 469: __DARWIN_ARM_THREAD_STATE64_SET_SIGRETURN_TOKEN(ts64, token,
|
| 470: __DARWIN_ARM_THREAD_STATE64_SIGRETURN_PC_MASK);
|
| 474: uint32_t token = thread_generate_sigreturn_token((void *)ts64->lr, thread);
|
| 475: __DARWIN_ARM_THREAD_STATE64_SET_SIGRETURN_TOKEN(ts64, token,
|
| 476: __DARWIN_ARM_THREAD_STATE64_SIGRETURN_LR_MASK);
|
| 522:CA_EVENT(pac_thread_state_sigreturn_event,
|
| 526:machine_thread_state_check_sigreturn_token(
|
| 538: /* Compute the sigreturn token */
|
| 539: uint32_t token = thread_generate_sigreturn_token((void *)ts64->pc, thread);
|
| 540: if (!__DARWIN_ARM_THREAD_STATE64_CHECK_SIGRETURN_TOKEN(ts64, token,
|
| 541: __DARWIN_ARM_THREAD_STATE64_SIGRETURN_PC_MASK)) {
|
| 547: /* Compute the sigreturn token */
|
| 548: uint32_t token = thread_generate_sigreturn_token((void *)ts64->lr, thread);
|
| 549: if (!__DARWIN_ARM_THREAD_STATE64_CHECK_SIGRETURN_TOKEN(ts64, token,
|
| 550: __DARWIN_ARM_THREAD_STATE64_SIGRETURN_LR_MASK)) {
|
| 560: ca_event_t ca_event = CA_EVENT_ALLOCATE(pac_thread_state_sigreturn_event);
|
| 561: CA_EVENT_TYPE(pac_thread_state_sigreturn_event) * psig_event = ca_event->data;
|
| 711: /* Validate sigreturn token */
|
| 712: if (tssf_flags & TSSF_CHECK_SIGRETURN_TOKEN) {
|
| 713: bool token_matched = machine_thread_state_check_sigreturn_token(ts64, thread);
|
| 725: userland_diversifier = (void *)(long)(thread_get_sigreturn_diversifier(thread) &
|
| osfmk/kern/restartable.c | 68: * sigreturn also forcefully sets the AST and will go through the logic
|
| osfmk/kern/thread.h | 237: /* Stash sigreturn token */
|
| 238: TSSF_STASH_SIGRETURN_TOKEN = 0x20,
|
| 240: /* Check sigreturn token */
|
| 241: TSSF_CHECK_SIGRETURN_TOKEN = 0x40,
|
| 243: /* Allow only matching sigreturn token */
|
| 1602:extern user_addr_t thread_get_sigreturn_token(thread_t thread);
|
| 1603:extern uint32_t thread_get_sigreturn_diversifier(thread_t thread);
|
| osfmk/i386/fpu.c | 741: * (such as sendsig & sigreturn) manipulate TS directly.
|
| tests/ldt.c | 542: * When we return here, the sigreturn processing code will try to copy a FULL
|
| tests/avx.c | 419: T_ASSERT_FAIL("sigreturn failed to stick");
|
| 944: T_ASSERT_FAIL("sigreturn failed to stick");
|
| libsyscall/custom/__sigreturn.s | 33:__SYSCALL(___sigreturn, sigreturn, 3)
|
| 37:__SYSCALL_INT(___sigreturn, sigreturn, 3)
|
| 41:__SYSCALL(___sigreturn, sigreturn, 3)
|
| 45:__SYSCALL(___sigreturn, sigreturn, 3)
|