Fork us on GitHub Follow us on Facebook Follow us on Twitter

Changeset 719a208 in mainline


Ignore:
Timestamp:
2017-05-30T05:59:09Z (5 years ago)
Author:
Jakub Jermar <jakub@…>
Branches:
lfn, master
Children:
f2460a50
Parents:
456c086
Message:

Rename SYS_CAP_GRANT/REVOKE to SYS_PERM_GRANT/REVOKE

Files:
11 edited
4 moved

Legend:

Unmodified
Added
Removed
  • abi/include/abi/syscall.h

    r456c086 r719a208  
    7878        SYS_IPC_EVENT_UNMASK,
    7979       
    80         SYS_CAP_GRANT,
    81         SYS_CAP_REVOKE,
     80        SYS_PERM_GRANT,
     81        SYS_PERM_REVOKE,
    8282       
    8383        SYS_DEVICE_ASSIGN_DEVNO,
  • kernel/Makefile

    r456c086 r719a208  
    286286        generic/src/ipc/irq.c \
    287287        generic/src/ipc/event.c \
    288         generic/src/security/cap.c \
     288        generic/src/security/perm.c \
    289289        generic/src/sysinfo/sysinfo.c \
    290290        generic/src/sysinfo/stats.c
  • kernel/generic/include/proc/task.h

    r456c086 r719a208  
    4848#include <adt/cht.h>
    4949#include <adt/list.h>
    50 #include <security/cap.h>
     50#include <security/perm.h>
    5151#include <arch/proc/task.h>
    5252#include <arch/proc/thread.h>
     
    9393        atomic_t lifecount;
    9494       
    95         /** Task capabilities. */
    96         cap_t capabilities;
     95        /** Task permissions. */
     96        perm_t perms;
    9797       
    9898        /* IPC stuff */
     
    159159extern void task_print_list(bool);
    160160
    161 extern void cap_set(task_t *, cap_t);
    162 extern cap_t cap_get(task_t *);
     161extern void perm_set(task_t *, perm_t);
     162extern perm_t perm_get(task_t *);
    163163
    164164#ifndef task_create_arch
  • kernel/generic/include/security/perm.h

    r456c086 r719a208  
    3535/**
    3636 * @file
    37  * @brief Capabilities definitions.
     37 * @brief Task permissions definitions.
    3838 *
    39  * Capabilities represent virtual rights that entitle their
     39 * Permissions represent virtual rights that entitle their
    4040 * holder to perform certain security sensitive tasks.
    4141 *
    42  * Each task can have arbitrary combination of the capabilities
     42 * Each task can have arbitrary combination of the permissions
    4343 * defined in this file. Therefore, they are required to be powers
    4444 * of two.
    4545 */
    4646
    47 #ifndef __CAP_H__
    48 #define __CAP_H__
     47#ifndef __PERM_H__
     48#define __PERM_H__
    4949
    5050#include <typedefs.h>
    5151
    5252/**
    53  * CAP_CAP allows its holder to grant/revoke arbitrary
    54  * privilege to/from other tasks.
     53 * PERM_PERM allows its holder to grant/revoke arbitrary permission to/from
     54 * other tasks.
    5555 */
    56 #define CAP_CAP  (1 << 0)
     56#define PERM_PERM        (1 << 0)
    5757
    5858/**
    59  * CAP_MEM_MANAGER allows its holder to map physical memory
    60  * to other tasks.
     59 * PERM_MEM_MANAGER allows its holder to map physical memory to other tasks.
    6160 */
    62 #define CAP_MEM_MANAGER (1 << 1)
     61#define PERM_MEM_MANAGER (1 << 1)
    6362
    6463/**
    65  * CAP_IO_MANAGER allows its holder to access I/O space
    66  * to other tasks.
     64 * PERM_IO_MANAGER allows its holder to access I/O space to other tasks.
    6765 */
    68 #define CAP_IO_MANAGER  (1 << 2)
     66#define PERM_IO_MANAGER  (1 << 2)
    6967
    7068/**
    71  * CAP_IRQ_REG entitles its holder to register IRQ handlers.
     69 * PERM_IRQ_REG entitles its holder to register IRQ handlers.
    7270 */
    73 #define CAP_IRQ_REG  (1 << 3)
     71#define PERM_IRQ_REG     (1 << 3)
    7472
    75 typedef uint32_t cap_t;
     73typedef uint32_t perm_t;
    7674
    7775#ifdef __32_BITS__
    7876
    79 extern sysarg_t sys_cap_grant(sysarg64_t *, cap_t);
    80 extern sysarg_t sys_cap_revoke(sysarg64_t *, cap_t);
     77extern sysarg_t sys_perm_grant(sysarg64_t *, perm_t);
     78extern sysarg_t sys_perm_revoke(sysarg64_t *, perm_t);
    8179
    8280#endif  /* __32_BITS__ */
     
    8482#ifdef __64_BITS__
    8583
    86 extern sysarg_t sys_cap_grant(sysarg_t, cap_t);
    87 extern sysarg_t sys_cap_revoke(sysarg_t, cap_t);
     84extern sysarg_t sys_perm_grant(sysarg_t, perm_t);
     85extern sysarg_t sys_perm_revoke(sysarg_t, perm_t);
    8886
    8987#endif  /* __64_BITS__ */
  • kernel/generic/src/ddi/ddi.c

    r456c086 r719a208  
    4242#include <ddi/ddi.h>
    4343#include <proc/task.h>
    44 #include <security/cap.h>
     44#include <security/perm.h>
    4545#include <mm/frame.h>
    4646#include <mm/as.h>
     
    9696 *
    9797 * @return EOK on success.
    98  * @return EPERM if the caller lacks capabilities to use this syscall.
     98 * @return EPERM if the caller lacks permissions to use this syscall.
    9999 * @return EBADMEM if phys is not page aligned.
    100100 * @return ENOENT if there is no task matching the specified ID or
     
    116116         */
    117117        bool priv =
    118             ((cap_get(TASK) & CAP_MEM_MANAGER) == CAP_MEM_MANAGER);
     118            ((perm_get(TASK) & PERM_MEM_MANAGER) == PERM_MEM_MANAGER);
    119119       
    120120        mem_backend_data_t backend_data;
     
    260260 * @param size   Size of the enabled I/O space.
    261261 *
    262  * @return 0 on success, EPERM if the caller lacks capabilities to use this
     262 * @return 0 on success, EPERM if the caller lacks permissions to use this
    263263 *           syscall, ENOENT if there is no task matching the specified ID.
    264264 *
     
    269269         * Make sure the caller is authorised to make this syscall.
    270270         */
    271         cap_t caps = cap_get(TASK);
    272         if (!(caps & CAP_IO_MANAGER))
     271        perm_t perms = perm_get(TASK);
     272        if (!(perms & PERM_IO_MANAGER))
    273273                return EPERM;
    274274       
     
    301301 * @param size   Size of the enabled I/O space.
    302302 *
    303  * @return 0 on success, EPERM if the caller lacks capabilities to use this
     303 * @return 0 on success, EPERM if the caller lacks permissions to use this
    304304 *           syscall, ENOENT if there is no task matching the specified ID.
    305305 *
     
    310310         * Make sure the caller is authorised to make this syscall.
    311311         */
    312         cap_t caps = cap_get(TASK);
    313         if (!(caps & CAP_IO_MANAGER))
     312        perm_t perms = perm_get(TASK);
     313        if (!(perms & PERM_IO_MANAGER))
    314314                return EPERM;
    315315       
  • kernel/generic/src/ipc/sysipc.c

    r456c086 r719a208  
    4848#include <arch/interrupt.h>
    4949#include <syscall/copy.h>
    50 #include <security/cap.h>
     50#include <security/perm.h>
    5151#include <console/console.h>
    5252#include <print.h>
     
    811811    irq_code_t *ucode)
    812812{
    813         if (!(cap_get(TASK) & CAP_IRQ_REG))
     813        if (!(perm_get(TASK) & PERM_IRQ_REG))
    814814                return EPERM;
    815815       
     
    827827sysarg_t sys_ipc_irq_unsubscribe(inr_t inr, devno_t devno)
    828828{
    829         if (!(cap_get(TASK) & CAP_IRQ_REG))
     829        if (!(perm_get(TASK) & PERM_IRQ_REG))
    830830                return EPERM;
    831831       
  • kernel/generic/src/main/kinit.c

    r456c086 r719a208  
    6464#include <interrupt.h>
    6565#include <console/kconsole.h>
    66 #include <security/cap.h>
     66#include <security/perm.h>
    6767#include <lib/rd.h>
    6868#include <ipc/ipc.h>
     
    259259                        if (programs[i].task != NULL) {
    260260                                /*
    261                                  * Set capabilities to init userspace tasks.
     261                                 * Set permissions to init userspace tasks.
    262262                                 */
    263                                 cap_set(programs[i].task, CAP_CAP | CAP_MEM_MANAGER |
    264                                     CAP_IO_MANAGER | CAP_IRQ_REG);
     263                                perm_set(programs[i].task,
     264                                    PERM_PERM | PERM_MEM_MANAGER |
     265                                    PERM_IO_MANAGER | PERM_IRQ_REG);
    265266                               
    266267                                if (!ipc_phone_0) {
  • kernel/generic/src/proc/program.c

    r456c086 r719a208  
    4646#include <ipc/ipc.h>
    4747#include <ipc/ipcrsc.h>
    48 #include <security/cap.h>
     48#include <security/perm.h>
    4949#include <lib/elf_load.h>
    5050#include <errno.h>
     
    244244                return rc;
    245245       
    246         // FIXME: control the capabilities
    247         cap_set(prg.task, cap_get(TASK));
     246        // FIXME: control the permissions
     247        perm_set(prg.task, perm_get(TASK));
    248248        program_ready(&prg);
    249249       
  • kernel/generic/src/proc/task.c

    r456c086 r719a208  
    203203       
    204204        task->container = CONTAINER;
    205         task->capabilities = 0;
     205        task->perms = 0;
    206206        task->ucycles = 0;
    207207        task->kcycles = 0;
  • kernel/generic/src/security/perm.c

    r456c086 r719a208  
    3232
    3333/**
    34  * @file cap.c
    35  * @brief Capabilities control.
    36  *
    37  * @see cap.h
    38  */
    39 
    40 #include <security/cap.h>
     34 * @file perm.c
     35 * @brief Task permissions control.
     36 *
     37 * @see perm.h
     38 */
     39
     40#include <security/perm.h>
    4141#include <proc/task.h>
    4242#include <synch/spinlock.h>
     
    4545#include <errno.h>
    4646
    47 /** Set capabilities.
    48  *
    49  * @param task Task whose capabilities are to be changed.
    50  * @param caps New set of capabilities.
    51  *
    52  */
    53 void cap_set(task_t *task, cap_t caps)
     47/** Set permissions.
     48 *
     49 * @param task  Task whose permissions are to be changed.
     50 * @param perms New set of permissions.
     51 *
     52 */
     53void perm_set(task_t *task, perm_t perms)
    5454{
    5555        irq_spinlock_lock(&task->lock, true);
    56         task->capabilities = caps;
     56        task->perms = perms;
    5757        irq_spinlock_unlock(&task->lock, true);
    5858}
    5959
    60 /** Get capabilities.
    61  *
    62  * @param task Task whose capabilities are to be returned.
    63  *
    64  * @return Task's capabilities.
    65  *
    66  */
    67 cap_t cap_get(task_t *task)
     60/** Get permissions.
     61 *
     62 * @param task Task whose permissions are to be returned.
     63 *
     64 * @return Task's permissions.
     65 *
     66 */
     67perm_t perm_get(task_t *task)
    6868{
    6969        irq_spinlock_lock(&task->lock, true);
    70         cap_t caps = task->capabilities;
     70        perm_t perms = task->perms;
    7171        irq_spinlock_unlock(&task->lock, true);
    7272       
    73         return caps;
    74 }
    75 
    76 /** Grant capabilities to a task.
    77  *
    78  * The calling task must have the CAP_CAP capability.
    79  *
    80  * @param taskid Destination task ID.
    81  * @param caps   Capabilities to grant.
    82  *
    83  * @return Zero on success or an error code from @ref errno.h.
    84  *
    85  */
    86 static sysarg_t cap_grant(task_id_t taskid, cap_t caps)
    87 {
    88         if (!(cap_get(TASK) & CAP_CAP))
     73        return perms;
     74}
     75
     76/** Grant permissions to a task.
     77 *
     78 * The calling task must have the PERM_PERM permission.
     79 *
     80 * @param taskid Destination task ID.
     81 * @param perms   Permissions to grant.
     82 *
     83 * @return Zero on success or an error code from @ref errno.h.
     84 *
     85 */
     86static sysarg_t perm_grant(task_id_t taskid, perm_t perms)
     87{
     88        if (!(perm_get(TASK) & PERM_PERM))
    8989                return (sysarg_t) EPERM;
    9090       
     
    9898       
    9999        irq_spinlock_lock(&task->lock, false);
    100         task->capabilities |= caps;
     100        task->perms |= perms;
    101101        irq_spinlock_unlock(&task->lock, false);
    102102       
     
    105105}
    106106
    107 /** Revoke capabilities from a task.
    108  *
    109  * The calling task must have the CAP_CAP capability or the caller must
    110  * attempt to revoke capabilities from itself.
    111  *
    112  * @param taskid Destination task ID.
    113  * @param caps   Capabilities to revoke.
    114  *
    115  * @return Zero on success or an error code from @ref errno.h.
    116  *
    117  */
    118 static sysarg_t cap_revoke(task_id_t taskid, cap_t caps)
     107/** Revoke permissions from a task.
     108 *
     109 * The calling task must have the PERM_PERM permission or the caller must
     110 * attempt to revoke permissions from itself.
     111 *
     112 * @param taskid Destination task ID.
     113 * @param perms   Permissions to revoke.
     114 *
     115 * @return Zero on success or an error code from @ref errno.h.
     116 *
     117 */
     118static sysarg_t perm_revoke(task_id_t taskid, perm_t perms)
    119119{
    120120        irq_spinlock_lock(&tasks_lock, true);
     
    127127       
    128128        /*
    129          * Revoking capabilities is different from granting them in that
    130          * a task can revoke capabilities from itself even if it
    131          * doesn't have CAP_CAP.
     129         * Revoking permissions is different from granting them in that
     130         * a task can revoke permissions from itself even if it
     131         * doesn't have PERM_PERM.
    132132         */
    133133        irq_spinlock_unlock(&TASK->lock, false);
    134134       
    135         if ((!(TASK->capabilities & CAP_CAP)) || (task != TASK)) {
     135        if ((!(TASK->perms & PERM_PERM)) || (task != TASK)) {
    136136                irq_spinlock_unlock(&TASK->lock, false);
    137137                irq_spinlock_unlock(&tasks_lock, true);
     
    139139        }
    140140       
    141         task->capabilities &= ~caps;
     141        task->perms &= ~perms;
    142142        irq_spinlock_unlock(&TASK->lock, false);
    143143       
     
    148148#ifdef __32_BITS__
    149149
    150 /** Grant capabilities to a task (32 bits)
    151  *
    152  * The calling task must have the CAP_CAP capability.
     150/** Grant permissions to a task (32 bits)
     151 *
     152 * The calling task must have the PERM_PERM permission.
    153153 *
    154154 * @param uspace_taskid User-space pointer to destination task ID.
    155  * @param caps          Capabilities to grant.
    156  *
    157  * @return Zero on success or an error code from @ref errno.h.
    158  *
    159  */
    160 sysarg_t sys_cap_grant(sysarg64_t *uspace_taskid, cap_t caps)
     155 * @param perms         Permissions to grant.
     156 *
     157 * @return Zero on success or an error code from @ref errno.h.
     158 *
     159 */
     160sysarg_t sys_perm_grant(sysarg64_t *uspace_taskid, perm_t perms)
    161161{
    162162        sysarg64_t taskid;
     
    165165                return (sysarg_t) rc;
    166166       
    167         return cap_grant((task_id_t) taskid, caps);
    168 }
    169 
    170 /** Revoke capabilities from a task (32 bits)
    171  *
    172  * The calling task must have the CAP_CAP capability or the caller must
    173  * attempt to revoke capabilities from itself.
     167        return perm_grant((task_id_t) taskid, perms);
     168}
     169
     170/** Revoke permissions from a task (32 bits)
     171 *
     172 * The calling task must have the PERM_PERM permission or the caller must
     173 * attempt to revoke permissions from itself.
    174174 *
    175175 * @param uspace_taskid User-space pointer to destination task ID.
    176  * @param caps          Capabilities to revoke.
    177  *
    178  * @return Zero on success or an error code from @ref errno.h.
    179  *
    180  */
    181 sysarg_t sys_cap_revoke(sysarg64_t *uspace_taskid, cap_t caps)
     176 * @param perms         Perms to revoke.
     177 *
     178 * @return Zero on success or an error code from @ref errno.h.
     179 *
     180 */
     181sysarg_t sys_perm_revoke(sysarg64_t *uspace_taskid, perm_t perms)
    182182{
    183183        sysarg64_t taskid;
     
    186186                return (sysarg_t) rc;
    187187       
    188         return cap_revoke((task_id_t) taskid, caps);
     188        return perm_revoke((task_id_t) taskid, perms);
    189189}
    190190
     
    193193#ifdef __64_BITS__
    194194
    195 /** Grant capabilities to a task (64 bits)
    196  *
    197  * The calling task must have the CAP_CAP capability.
    198  *
    199  * @param taskid Destination task ID.
    200  * @param caps   Capabilities to grant.
    201  *
    202  * @return Zero on success or an error code from @ref errno.h.
    203  *
    204  */
    205 sysarg_t sys_cap_grant(sysarg_t taskid, cap_t caps)
    206 {
    207         return cap_grant((task_id_t) taskid, caps);
    208 }
    209 
    210 /** Revoke capabilities from a task (64 bits)
    211  *
    212  * The calling task must have the CAP_CAP capability or the caller must
    213  * attempt to revoke capabilities from itself.
    214  *
    215  * @param taskid Destination task ID.
    216  * @param caps   Capabilities to revoke.
    217  *
    218  * @return Zero on success or an error code from @ref errno.h.
    219  *
    220  */
    221 sysarg_t sys_cap_revoke(sysarg_t taskid, cap_t caps)
    222 {
    223         return cap_revoke((task_id_t) taskid, caps);
     195/** Grant permissions to a task (64 bits)
     196 *
     197 * The calling task must have the PERM_PERM permission.
     198 *
     199 * @param taskid Destination task ID.
     200 * @param perms  Permissions to grant.
     201 *
     202 * @return Zero on success or an error code from @ref errno.h.
     203 *
     204 */
     205sysarg_t sys_perm_grant(sysarg_t taskid, perm_t perms)
     206{
     207        return perm_grant((task_id_t) taskid, perms);
     208}
     209
     210/** Revoke permissions from a task (64 bits)
     211 *
     212 * The calling task must have the PERM_PERM permission or the caller must
     213 * attempt to revoke permissions from itself.
     214 *
     215 * @param taskid Destination task ID.
     216 * @param perms  Permissions to revoke.
     217 *
     218 * @return Zero on success or an error code from @ref errno.h.
     219 *
     220 */
     221sysarg_t sys_perm_revoke(sysarg_t taskid, perm_t perms)
     222{
     223        return perm_revoke((task_id_t) taskid, perms);
    224224}
    225225
  • kernel/generic/src/syscall/syscall.c

    r456c086 r719a208  
    5353#include <ddi/ddi.h>
    5454#include <ipc/event.h>
    55 #include <security/cap.h>
     55#include <security/perm.h>
    5656#include <sysinfo/sysinfo.h>
    5757#include <console/console.h>
     
    171171        (syshandler_t) sys_ipc_event_unmask,
    172172       
    173         /* Capabilities related syscalls. */
    174         (syshandler_t) sys_cap_grant,
    175         (syshandler_t) sys_cap_revoke,
     173        /* Permission related syscalls. */
     174        (syshandler_t) sys_perm_grant,
     175        (syshandler_t) sys_perm_revoke,
    176176       
    177177        /* DDI related syscalls. */
  • uspace/app/trace/syscalls.c

    r456c086 r719a208  
    6868    [SYS_IPC_EVENT_UNMASK] = { "ipc_event_unmask",      1,      V_ERRNO },
    6969
    70     [SYS_CAP_GRANT] = { "cap_grant",                    2,      V_ERRNO },
    71     [SYS_CAP_REVOKE] = { "cap_revoke",                  2,      V_ERRNO },
     70    [SYS_PERM_GRANT] = { "perm_grant",                  2,      V_ERRNO },
     71    [SYS_PERM_REVOKE] = { "perm_revoke",                2,      V_ERRNO },
    7272    [SYS_PHYSMEM_MAP] = { "physmem_map",                4,      V_ERRNO },
    7373    [SYS_IOSPACE_ENABLE] = { "iospace_enable",          1,      V_ERRNO },
  • uspace/lib/c/Makefile

    r456c086 r719a208  
    6363        generic/bd.c \
    6464        generic/bd_srv.c \
    65         generic/cap.c \
     65        generic/perm.c \
    6666        generic/clipboard.c \
    6767        generic/config.c \
  • uspace/lib/c/generic/perm.c

    r456c086 r719a208  
    3131 */
    3232/**
    33  * @file  cap.c
    34  * @brief Functions to grant/revoke capabilities to/from a task.
     33 * @file  perm.c
     34 * @brief Functions to grant/revoke permissions to/from a task.
    3535 */
    3636
    37 #include <cap.h>
     37#include <perm.h>
    3838#include <task.h>
    3939#include <libc.h>
    4040#include <libarch/types.h>
    4141
    42 /** Grant capabilities to a task.
     42/** Grant permissions to a task.
    4343 *
    44  * @param id   Destination task ID.
    45  * @param caps Capabilities to grant.
     44 * @param id    Destination task ID.
     45 * @param perms Permissions to grant.
    4646 *
    4747 * @return Zero on success or a value from @ref errno.h on failure.
    4848 *
    4949 */
    50 int cap_grant(task_id_t id, unsigned int caps)
     50int perm_grant(task_id_t id, unsigned int perms)
    5151{
    5252#ifdef __32_BITS__
    5353        sysarg64_t arg = (sysarg64_t) id;
    54         return __SYSCALL2(SYS_CAP_GRANT, (sysarg_t) &arg, (sysarg_t) caps);
     54        return __SYSCALL2(SYS_PERM_GRANT, (sysarg_t) &arg, (sysarg_t) perms);
    5555#endif
    5656       
    5757#ifdef __64_BITS__
    58         return __SYSCALL2(SYS_CAP_GRANT, (sysarg_t) id, (sysarg_t) caps);
     58        return __SYSCALL2(SYS_PERM_GRANT, (sysarg_t) id, (sysarg_t) perms);
    5959#endif
    6060}
    6161
    62 /** Revoke capabilities from a task.
     62/** Revoke permissions from a task.
    6363 *
    64  * @param id   Destination task ID.
    65  * @param caps Capabilities to revoke.
     64 * @param id    Destination task ID.
     65 * @param perms Permissions to revoke.
    6666 *
    6767 * @return Zero on success or a value from @ref errno.h on failure.
    6868 *
    6969 */
    70 int cap_revoke(task_id_t id, unsigned int caps)
     70int perm_revoke(task_id_t id, unsigned int perms)
    7171{
    7272#ifdef __32_BITS__
    7373        sysarg64_t arg = (sysarg64_t) id;
    74         return __SYSCALL2(SYS_CAP_REVOKE, (sysarg_t) &arg, (sysarg_t) caps);
     74        return __SYSCALL2(SYS_PERM_REVOKE, (sysarg_t) &arg, (sysarg_t) perms);
    7575#endif
    7676       
    7777#ifdef __64_BITS__
    78         return __SYSCALL2(SYS_CAP_REVOKE, (sysarg_t) id, (sysarg_t) caps);
     78        return __SYSCALL2(SYS_PERM_REVOKE, (sysarg_t) id, (sysarg_t) perms);
    7979#endif
    8080}
  • uspace/lib/c/include/perm.h

    r456c086 r719a208  
    3333 */
    3434
    35 #ifndef LIB_CAP_H_
    36 #define LIB_CAP_H_
     35#ifndef LIB_PERM_H_
     36#define LIB_PERM_H_
    3737
    3838#include <task.h>
    3939
    40 extern int cap_grant(task_id_t id, unsigned int caps);
    41 extern int cap_revoke(task_id_t id, unsigned int caps);
     40extern int perm_grant(task_id_t, unsigned int);
     41extern int perm_revoke(task_id_t, unsigned int);
    4242
    4343#endif
Note: See TracChangeset for help on using the changeset viewer.