Index: kernel/generic/src/ddi/ddi.c =================================================================== --- kernel/generic/src/ddi/ddi.c (revision 77429d3ddfaa914b6e45b20d0e839aa7b9d4d505) +++ kernel/generic/src/ddi/ddi.c (revision 37cf3792b1b6950b2aeaeaadff78ffa6fe8c5fc9) @@ -104,13 +104,17 @@ { ASSERT(TASK); - ASSERT((pf % FRAME_SIZE) == 0); - ASSERT((vp % PAGE_SIZE) == 0); - - /* - * Make sure the caller is authorised to make this syscall. - */ - cap_t caps = cap_get(TASK); - if (!(caps & CAP_MEM_MANAGER)) - return EPERM; + + if ((pf % FRAME_SIZE) != 0) + return EBADMEM; + + if ((vp % PAGE_SIZE) != 0) + return EBADMEM; + + /* + * Unprivileged tasks are only allowed to map pareas + * which are explicitly marked as such. + */ + bool priv = + ((cap_get(TASK) & CAP_MEM_MANAGER) == CAP_MEM_MANAGER); mem_backend_data_t backend_data; @@ -123,14 +127,27 @@ if (znum == (size_t) -1) { - /* Frames not found in any zones - * -> assume it is hardware device and allow mapping + /* + * Frames not found in any zone + * -> assume it is a hardware device and allow mapping + * for privileged tasks. */ irq_spinlock_unlock(&zones.lock, true); + + if (!priv) + return EPERM; + goto map; } if (zones.info[znum].flags & ZONE_FIRMWARE) { - /* Frames are part of firmware */ + /* + * Frames are part of firmware + * -> allow mapping for privileged tasks. + */ irq_spinlock_unlock(&zones.lock, true); + + if (!priv) + return EPERM; + goto map; } @@ -138,6 +155,6 @@ if (zone_flags_available(zones.info[znum].flags)) { /* - * Frames are part of physical memory, check if the memory - * region is enabled for mapping. + * Frames are part of physical memory, check + * if the memory region is enabled for mapping. */ irq_spinlock_unlock(&zones.lock, true); @@ -150,5 +167,12 @@ if ((!parea) || (parea->frames < pages)) { mutex_unlock(&parea_lock); - goto err; + return ENOENT; + } + + if (!priv) { + if (!parea->unpriv) { + mutex_unlock(&parea_lock); + return EPERM; + } } @@ -158,6 +182,4 @@ irq_spinlock_unlock(&zones.lock, true); - -err: return ENOENT;