From dac167f036465e9d7cca10c52d8345773d2e6c3f Mon Sep 17 00:00:00 2001 From: Flavio Cruz Date: Sun, 19 Feb 2023 18:06:51 -0500 Subject: Support alignment requirements for a 64 bit kernel. We introduce both a user alignment and a kernel alignment. These are separate requirements since for 64 bit with a 32 bit kernel we need to ensure the kernel can consume messages that are 8-byte aligned. This change removes any possibility of undefined behavior and also allows the kernel to support 64 bit RPCs for the userland. A lot of the code that performs alignment was simplified under the assumption that the message headers are well aligned. To enforce that going forward, a few static assertions were added. Message-Id: --- include/mach/message.h | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/mach/message.h b/include/mach/message.h index eb3b34c0..22a17b03 100644 --- a/include/mach/message.h +++ b/include/mach/message.h @@ -334,19 +334,33 @@ typedef integer_t mach_msg_option_t; #define MACH_SEND_ALWAYS 0x00010000 /* internal use only */ -/* This is the alignment of msg descriptors and the actual data. +#ifdef KERNEL +/* This is the alignment of msg descriptors and the actual data + * for both in kernel messages and user land messages. * - * On x86 it is made equal to the default structure alignment on - * 32-bit, so we can easily maintain compatibility with 32-bit user - * space on a 64-bit kernel. Other architectures might have different - * needs, so this value might change in the future for differents - * architectures. + * We have two types of alignment because for specific configurations + * (in particular a 64 bit kernel with 32 bit userland) we transform + * 4-byte aligned user messages into 8-byte aligned messages (and vice-versa) + * so that kernel messages are correctly aligned. */ -#define MACH_MSG_ALIGNMENT 4 +#define MACH_MSG_KERNEL_ALIGNMENT sizeof(uintptr_t) +#ifdef __x86_64__ +#ifdef USER32 +#define MACH_MSG_USER_ALIGNMENT 4 +#else +#define MACH_MSG_USER_ALIGNMENT 8 +#endif +#else +#define MACH_MSG_USER_ALIGNMENT 4 +#endif -#define mach_msg_is_misaligned(x) ( ((vm_offset_t)(x)) & (MACH_MSG_ALIGNMENT-1) ) -#define mach_msg_align(x) \ - ( ( ((vm_offset_t)(x)) + (MACH_MSG_ALIGNMENT-1) ) & ~(MACH_MSG_ALIGNMENT-1) ) +#define mach_msg_align(x, alignment) \ + ( ( ((vm_offset_t)(x)) + ((alignment)-1) ) & ~((alignment)-1) ) +#define mach_msg_user_align(x) mach_msg_align(x, MACH_MSG_USER_ALIGNMENT) +#define mach_msg_kernel_align(x) mach_msg_align(x, MACH_MSG_KERNEL_ALIGNMENT) +#define mach_msg_user_is_misaligned(x) ((x) & ((MACH_MSG_USER_ALIGNMENT)-1)) +#define mach_msg_kernel_is_misaligned(x) ((x) & ((MACH_MSG_KERNEL_ALIGNMENT)-1)) +#endif /* KERNEL */ /* * Much code assumes that mach_msg_return_t == kern_return_t. -- cgit v1.2.3