Some capability checking progress

src/api/SConscript

@@ -3,7 +3,7 @@ Import('env')
 Import('symbols')
 
 # The set of source files associated with this SConscript file.
-src_local = ['kip.c', 'syscall.c', 'thread.c', 'ipc.c', 'map.c', 'mutex.c', 'capability.c', 'exregs.c']
+src_local = ['kip.c', 'syscall.c', 'thread.c', 'ipc.c', 'map.c', 'mutex.c', 'cap.c', 'exregs.c']
 
 obj = env.Object(src_local)
 

src/api/ipc.c

@@ -576,6 +576,10 @@ int sys_ipc(l4id_t to, l4id_t from, unsigned int flags)
 		goto error;
 	}
 
+	/* Everything in place, now check capability */
+	if ((err = cap_ipc_check(to, from, flags, ipc_type)) < 0)
+		return -ENOCAP;
+
 	/* Encode ipc type in task flags */
 	tcb_set_ipc_flags(current, flags);
 

src/api/map.c

@@ -10,22 +10,17 @@
 #include <l4/api/space.h>
 
 int sys_map(unsigned long phys, unsigned long virt, unsigned long npages,
-	    unsigned long flags, unsigned int tid)
+	    unsigned int flags, l4id_t tid)
 {
 	struct ktcb *target;
+	int err;
 
-	if (tid == current->tid) { /* The easiest case */
-		target = current;
-		goto found;
-	} else 	/* else search the tcb from its hash list */
-		if ((target = tcb_find(tid)))
-			goto found;
+	if ((err = cap_map_check(phys, virt, npages, flags, tid)) < 0)
+		return err;
 
-	BUG();
-	return -EINVAL;
+	if (!(target = tcb_find(tid)))
+		return -ESRCH;
 
-found:
-//	printk("%s (%d) Mapping from 0x%lx to 0x%lxp, %lu pages\n", __FUNCTION__, tid, phys, virt, npages);
 	add_mapping_pgd(phys, virt, npages << PAGE_BITS, flags, TASK_PGD(target));
 
 	return 0;

src/api/thread.c

@@ -464,6 +464,9 @@ int sys_thread_control(unsigned int flags, struct task_ids *ids)
 				MAP_USR_RW_FLAGS, 1)) < 0)
 		return err;
 
+	if ((err = cap_thread_check(flags, ids)) < 0)
+		return err;
+
 	switch (flags & THREAD_ACTION_MASK) {
 	case THREAD_CREATE:
 		ret = thread_create(ids, flags);