Replaced kread and kmem_control syscalls with capability_control and container_control respectively.

2026-02-05 06:23:15 +01:00 · 2009-08-06 16:22:55 +03:00
parent f7ade97906
commit 961b255257
9 changed files with 88 additions and 116 deletions
--- a/src/api/SConscript
+++ b/src/api/SConscript
@@ -3,7 +3,7 @@ Import('env')
 Import('config_symbols')

 # The set of source files associated with this SConscript file.
-src_local = ['kip.c', 'syscall.c', 'thread.c', 'ipc.c', 'space.c', 'mutex.c']
+src_local = ['kip.c', 'syscall.c', 'thread.c', 'ipc.c', 'space.c', 'mutex.c', 'capability.c']

 obj = env.Object(src_local)

--- a/src/api/capability.c
+++ b/src/api/capability.c
@@ -0,0 +1,57 @@
+/*
+ * Capability manipulation syscall.
+ *
+ * The heart of Codezero security
+ * mechanisms lay here.
+ *
+ * Copyright (C) 2009 Bahadir Balban
+ */
+
+#include <l4/api/capability.h>
+#include <l4/generic/tcb.h>
+#include <l4/generic/physmem.h>
+#include <l4/generic/space.h>
+#include <l4/api/errno.h>
+#include INC_API(syscall.h)
+
+
+
+/* Error-checked kernel data request call */
+int __sys_capability_control(unsigned int req, unsigned int flags, void *userbuf)
+{
+	int err = 0;
+#if 0
+	switch(req) {
+	case KDATA_PAGE_MAP:
+		// printk("Handling KDATA_PAGE_MAP request.\n");
+		if (check_access(vaddr, sizeof(page_map), MAP_USR_RW_FLAGS, 1) < 0)
+			return -EINVAL;
+		memcpy(dest, &page_map, sizeof(page_map));
+		break;
+	case KDATA_BOOTDESC:
+		// printk("Handling KDATA_BOOTDESC request.\n");
+		if (check_access(vaddr, bootdesc->desc_size, MAP_USR_RW_FLAGS, 1) < 0)
+			return -EINVAL;
+		memcpy(dest, bootdesc, bootdesc->desc_size);
+		break;
+	case KDATA_BOOTDESC_SIZE:
+		// printk("Handling KDATA_BOOTDESC_SIZE request.\n");
+		if (check_access(vaddr, sizeof(unsigned int), MAP_USR_RW_FLAGS, 1) < 0)
+			return -EINVAL;
+		*(unsigned int *)dest = bootdesc->desc_size;
+		break;
+
+	default:
+		printk("Unsupported kernel data request.\n");
+		err = -1;
+	}
+#endif
+	return err;
+
+}
+
+int sys_capability_control(unsigned int req, unsigned int flags, void *userbuf)
+{
+	return __sys_capability_control(req, flags, userbuf);
+}
+
--- a/src/api/kip.c
+++ b/src/api/kip.c
@@ -1,67 +1,9 @@
 /*
- * Kernel Interface Page and sys_kdata_read()
+ * Kernel Interface Page
 *
 * Copyright (C) 2007, 2008 Bahadir Balban
 */
-#include <l4/generic/tcb.h>
-#include <l4/generic/physmem.h>
-#include <l4/generic/space.h>
-#include <l4/api/errno.h>
 #include INC_API(kip.h)
-#include INC_API(syscall.h)
-#include INC_GLUE(memlayout.h)
-#include INC_ARCH(bootdesc.h)

-__attribute__ ((section(".data.kip"))) struct kip kip;
-
-/* Error-checked kernel data request call */
-int __sys_kread(int rd, void *dest)
-{
-	int err = 0;
-	unsigned long vaddr = (unsigned long)dest;
-
-	switch(rd) {
-	case KDATA_PAGE_MAP:
-		// printk("Handling KDATA_PAGE_MAP request.\n");
-		if (check_access(vaddr, sizeof(page_map), MAP_USR_RW_FLAGS, 1) < 0)
-			return -EINVAL;
-		memcpy(dest, &page_map, sizeof(page_map));
-		break;
-	case KDATA_BOOTDESC:
-		// printk("Handling KDATA_BOOTDESC request.\n");
-		if (check_access(vaddr, bootdesc->desc_size, MAP_USR_RW_FLAGS, 1) < 0)
-			return -EINVAL;
-		memcpy(dest, bootdesc, bootdesc->desc_size);
-		break;
-	case KDATA_BOOTDESC_SIZE:
-		// printk("Handling KDATA_BOOTDESC_SIZE request.\n");
-		if (check_access(vaddr, sizeof(unsigned int), MAP_USR_RW_FLAGS, 1) < 0)
-			return -EINVAL;
-		*(unsigned int *)dest = bootdesc->desc_size;
-		break;
-
-	default:
-		printk("Unsupported kernel data request.\n");
-		err = -1;
-	}
-	return err;
-
-}
-
-/*
- * Privilaged tasks use this call to request data about the system during their
- * initialisation. This read-like call is only available during system startup.
- * It is much more flexible to use this method rather than advertise a customly
- * forged KIP to all tasks throughout the system lifetime. Note, this does not
- * support file positions, any such features aren't supported since this is call
- * is discarded after startup.
- */
-int sys_kread(int rd, void *addr)
-{
-	/* Error checking */
-	if (rd < 0)
-		return -EINVAL;
-
-	return __sys_kread(rd, addr);
-}
+SECTION(".data.kip") struct kip kip;

--- a/src/api/syscall.c
+++ b/src/api/syscall.c
@@ -170,42 +170,8 @@ int sys_getid(struct task_ids *ids)
 	return 0;
 }

-/*
- * Granted pages *must* be outside of the pages that are already owned and used
- * by the kernel, otherwise a hostile/buggy pager can attack kernel addresses by
- * fooling it to use them as freshly granted pages. Kernel owned pages are
- * defined as, "any page that has been used by the kernel prior to all free
- * physical memory is taken by a pager, and any other page that has been granted
- * so far by any such pager."
- */
-int validate_granted_pages(unsigned long pfn, int npages)
+int sys_container_control(unsigned int req, unsigned int flags, void *userbuf)
 {
-	/* FIXME: Fill this in */
-	return 0;
-}
-
-/*
- * Used by a pager to grant memory to kernel for its own use. Generally
- * this memory is used for thread creation and memory mapping, (e.g. new
- * page tables, page middle directories, per-task kernel stack etc.)
- */
-int sys_kmem_control(unsigned long pfn, int npages, int grant)
-{
-	/* Pager is granting us pages */
-	if (grant) {
-		/*
-		 * Check if given set of pages are outside the pages already
-		 * owned by the kernel.
-		 */
-		if (validate_granted_pages(pfn, npages) < 0)
-			return -EINVAL;
-
-		/* Add the granted pages to the allocator */
-	//	if (pgalloc_add_new_grant(pfn, npages))
-			BUG();
-	} else /* Reclaim not implemented yet */
-		BUG();
-
 	return 0;
 }