Capability checking added as compiling code.

Capability checking for thread_control, exregs, mutex, cap_control, ipc, and map system calls. The visualised model is implemented in code that compiles, but actual functionality hasn't been tested. Need to add: - Dynamic assignment of initial resources matching with what's defined in the configuration. - A paged-thread-group, since that would be a logical group of seperation from a capability point-of-view. - Resource ids for various tasks. E.g. - Memory capabilities don't have target resources. - Thread capability assumes current container for THREAD_CREATE. - Mutex syscall assumes current thread (this one may not need any changing) - cap_control syscall assumes current thread. It may happen to be that another thread's capability list is manipulated. Last but not least: - A simple and easy-to-use userspace library for dynamic expansion of resource domains as new resources are created such as threads.
2026-01-15 12:23:15 +01:00 · 2009-10-25 23:57:17 +02:00
parent 83ce4280b0
commit 88e3706474
18 changed files with 511 additions and 320 deletions
--- a/include/l4/api/capability.h
+++ b/include/l4/api/capability.h
@@ -10,6 +10,8 @@
 #define CAP_CONTROL_NCAPS		0x00
 #define CAP_CONTROL_READ		0x01
 #define CAP_CONTROL_SHARE		0x02
+#define CAP_CONTROL_GRANT		0x03
+#define CAP_CONTROL_MODIFY		0x05

 #define CAP_SHARE_MASK			0x1F
 #define CAP_SHARE_SPACE			0x01
--- a/include/l4/api/exregs.h
+++ b/include/l4/api/exregs.h
@@ -13,6 +13,27 @@

 #define EXREGS_SET_PAGER		1
 #define	EXREGS_SET_UTCB			2
+#define EXREGS_VALID_REGULAR_REGS 			\
+	(FIELD_TO_BIT(exregs_context_t, r0) |		\
+	 FIELD_TO_BIT(exregs_context_t, r1) |		\
+	 FIELD_TO_BIT(exregs_context_t, r2) |		\
+	 FIELD_TO_BIT(exregs_context_t, r3) |		\
+	 FIELD_TO_BIT(exregs_context_t, r4) |		\
+	 FIELD_TO_BIT(exregs_context_t, r5) |		\
+	 FIELD_TO_BIT(exregs_context_t, r6) |		\
+	 FIELD_TO_BIT(exregs_context_t, r7) |		\
+	 FIELD_TO_BIT(exregs_context_t, r8) |		\
+	 FIELD_TO_BIT(exregs_context_t, r9) |		\
+	 FIELD_TO_BIT(exregs_context_t, r10) |		\
+	 FIELD_TO_BIT(exregs_context_t, r11) |		\
+	 FIELD_TO_BIT(exregs_context_t, r12) |		\
+	 FIELD_TO_BIT(exregs_context_t, lr))		\
+
+#define EXREGS_VALID_SP 				\
+	FIELD_TO_BIT(exregs_context_t, sp)		\
+
+#define EXREGS_VALID_PC 				\
+	FIELD_TO_BIT(exregs_context_t, pc)		\

 /* Structure passed by userspace pagers for exchanging registers */
 struct exregs_data {
--- a/include/l4/api/ipc.h
+++ b/include/l4/api/ipc.h
@@ -12,6 +12,17 @@

 #if defined (__KERNEL__)

+/*
+ * ipc syscall uses an ipc_type variable and send/recv
+ * details are embedded in this variable.
+ */
+enum IPC_TYPE {
+	IPC_INVALID = 0,
+	IPC_SEND = 1,
+	IPC_RECV = 2,
+	IPC_SENDRECV = 3,
+};
+
 /* These are for internally created ipc paths. */
 int ipc_send(l4id_t to, unsigned int flags);
 int ipc_sendrecv(l4id_t to, l4id_t from, unsigned int flags);
--- a/include/l4/api/syscall.h
+++ b/include/l4/api/syscall.h
@@ -40,7 +40,7 @@ int sys_unmap(unsigned long virtual, unsigned long npages, unsigned int tid);
 int sys_space_control(void);
 int sys_ipc_control(void);
 int sys_map(unsigned long phys, unsigned long virt, unsigned long npages,
-	    unsigned long flags, unsigned int tid);
+	    unsigned int flags, l4id_t tid);
 int sys_getid(struct task_ids *ids);
 int sys_capability_control(unsigned int req, unsigned int flags, void *addr);
 int sys_container_control(unsigned int req, unsigned int flags, void *addr);