zircon/kernel/include/kernel/restricted.h - fuchsia - Git at Google

 // Copyright 2021 The Fuchsia Authors
 //
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file or at
 // https://opensource.org/licenses/MIT

 #ifndef ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_
 #define ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_

 #include <lib/user_copy/user_ptr.h>

 #include <arch/exception.h>
 #include <arch/regs.h>
 #include <kernel/restricted_state.h>

 // Routines to support restricted mode.

 // Enter restricted mode on the current thread.
 zx_status_t RestrictedEnter(uint32_t options, uintptr_t vector_table_ptr, uintptr_t context);

 // Called as part of a synchronous exception that is to be handled by the
 // normal mode in-thread exception handler.
 //
 // Specifically this function will:
 //   1. Copy the thread state out of the exception context and into the
 //      restricted state VMO.
 //   2. Update the exception `iframe_t` on the stack such that the thread
 //      will return from this exception to normal mode instead of restricted
 //      mode. The restricted `reason code` will be set to
 //      `ZX_RESTRICTED_REASON_EXCEPTION`.
 //
 // The caller must ensure that this is only called on a thread that is in
 // restricted mode.
 void RedirectRestrictedExceptionToNormalMode(RestrictedState* rs);

 // Leave restricted mode on the current thread and return to normal mode.
 //
 // There are two variants of this function, one for each way a thread may have entered kernel mode
 // (interrupt or syscall).
 //
 // These routines do not return normally and instead enter userspace in normal mode. They also
 // cannot fail and require that interrupts be disabled before calling them.
 [[noreturn]] void RestrictedLeaveIframe(const iframe_t* iframe, zx_restricted_reason_t reason);
 [[noreturn]] void RestrictedLeaveSyscall(const syscall_regs_t* regs, zx_restricted_reason_t reason);

 // Dispatched directly from arch-specific syscall handler. Called after saving state
 // on the stack, but before trying to dispatch as a zircon syscall.
 extern "C" [[noreturn]] void syscall_from_restricted(const syscall_regs_t* regs);

 #endif  // ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_
	// Copyright 2021 The Fuchsia Authors
	//
	// Use of this source code is governed by a MIT-style
	// license that can be found in the LICENSE file or at
	// https://opensource.org/licenses/MIT

	#ifndef ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_
	#define ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_

	#include <lib/user_copy/user_ptr.h>

	#include <arch/exception.h>
	#include <arch/regs.h>
	#include <kernel/restricted_state.h>

	// Routines to support restricted mode.

	// Enter restricted mode on the current thread.
	zx_status_t RestrictedEnter(uint32_t options, uintptr_t vector_table_ptr, uintptr_t context);

	// Called as part of a synchronous exception that is to be handled by the
	// normal mode in-thread exception handler.
	//
	// Specifically this function will:
	// 1. Copy the thread state out of the exception context and into the
	// restricted state VMO.
	// 2. Update the exception `iframe_t` on the stack such that the thread
	// will return from this exception to normal mode instead of restricted
	// mode. The restricted `reason code` will be set to
	// `ZX_RESTRICTED_REASON_EXCEPTION`.
	//
	// The caller must ensure that this is only called on a thread that is in
	// restricted mode.
	void RedirectRestrictedExceptionToNormalMode(RestrictedState* rs);

	// Leave restricted mode on the current thread and return to normal mode.
	//
	// There are two variants of this function, one for each way a thread may have entered kernel mode
	// (interrupt or syscall).
	//
	// These routines do not return normally and instead enter userspace in normal mode. They also
	// cannot fail and require that interrupts be disabled before calling them.
	[[noreturn]] void RestrictedLeaveIframe(const iframe_t* iframe, zx_restricted_reason_t reason);
	[[noreturn]] void RestrictedLeaveSyscall(const syscall_regs_t* regs, zx_restricted_reason_t reason);

	// Dispatched directly from arch-specific syscall handler. Called after saving state
	// on the stack, but before trying to dispatch as a zircon syscall.
	extern "C" [[noreturn]] void syscall_from_restricted(const syscall_regs_t* regs);

	#endif // ZIRCON_KERNEL_INCLUDE_KERNEL_RESTRICTED_H_