| [1077d91] | 1 | /*
|
|---|
| 2 | * Copyright (C) 2006 Jakub Jermar
|
|---|
| 3 | * All rights reserved.
|
|---|
| 4 | *
|
|---|
| 5 | * Redistribution and use in source and binary forms, with or without
|
|---|
| 6 | * modification, are permitted provided that the following conditions
|
|---|
| 7 | * are met:
|
|---|
| 8 | *
|
|---|
| 9 | * - Redistributions of source code must retain the above copyright
|
|---|
| 10 | * notice, this list of conditions and the following disclaimer.
|
|---|
| 11 | * - Redistributions in binary form must reproduce the above copyright
|
|---|
| 12 | * notice, this list of conditions and the following disclaimer in the
|
|---|
| 13 | * documentation and/or other materials provided with the distribution.
|
|---|
| 14 | * - The name of the author may not be used to endorse or promote products
|
|---|
| 15 | * derived from this software without specific prior written permission.
|
|---|
| 16 | *
|
|---|
| 17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|---|
| 18 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|---|
| 19 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|---|
| 20 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|---|
| 21 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|---|
| 22 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|---|
| 23 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|---|
| 24 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|---|
| 25 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|---|
| 26 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|---|
| 27 | */
|
|---|
| 28 |
|
|---|
| 29 | /**
|
|---|
| [cf26ba9] | 30 | * @file cap.h
|
|---|
| 31 | * @brief Capabilities definitions.
|
|---|
| 32 | *
|
|---|
| 33 | * Capabilities represent virtual rights that entitle their
|
|---|
| 34 | * holder to perform certain security sensitive tasks.
|
|---|
| 35 | *
|
|---|
| [1077d91] | 36 | * Each task can have arbitrary combination of the capabilities
|
|---|
| 37 | * defined in this file. Therefore, they are required to be powers
|
|---|
| 38 | * of two.
|
|---|
| 39 | */
|
|---|
| 40 |
|
|---|
| 41 | #ifndef __CAP_H__
|
|---|
| 42 | #define __CAP_H__
|
|---|
| 43 |
|
|---|
| [2bb8648] | 44 | #include <syscall/sysarg64.h>
|
|---|
| [1077d91] | 45 | #include <arch/types.h>
|
|---|
| 46 | #include <typedefs.h>
|
|---|
| 47 |
|
|---|
| 48 | /**
|
|---|
| 49 | * CAP_CAP allows its holder to grant/revoke arbitrary
|
|---|
| 50 | * privilege to/from other tasks.
|
|---|
| 51 | */
|
|---|
| 52 | #define CAP_CAP (1<<0)
|
|---|
| 53 |
|
|---|
| 54 | /**
|
|---|
| 55 | * CAP_MEM_MANAGER allows its holder to map physical memory
|
|---|
| 56 | * to other tasks.
|
|---|
| 57 | */
|
|---|
| 58 | #define CAP_MEM_MANAGER (1<<1)
|
|---|
| 59 |
|
|---|
| 60 | /**
|
|---|
| 61 | * CAP_IO_MANAGER allows its holder to access I/O space
|
|---|
| 62 | * to other tasks.
|
|---|
| 63 | */
|
|---|
| 64 | #define CAP_IO_MANAGER (1<<2)
|
|---|
| 65 |
|
|---|
| [c7c0b89b] | 66 | /**
|
|---|
| [2bb8648] | 67 | * CAP_PREEMPT_CONTROL allows its holder to disable/enable preemption.
|
|---|
| [c7c0b89b] | 68 | */
|
|---|
| [2bb8648] | 69 | #define CAP_PREEMPT_CONTROL (1<<3)
|
|---|
| 70 |
|
|---|
| 71 | /**
|
|---|
| 72 | * CAP_IRQ_REG entitles its holder to register IRQ handlers.
|
|---|
| 73 | */
|
|---|
| 74 | #define CAP_IRQ_REG (1<<4)
|
|---|
| [c7c0b89b] | 75 |
|
|---|
| [1077d91] | 76 | typedef __u32 cap_t;
|
|---|
| 77 |
|
|---|
| 78 | extern void cap_set(task_t *t, cap_t caps);
|
|---|
| 79 | extern cap_t cap_get(task_t *t);
|
|---|
| 80 |
|
|---|
| [2bb8648] | 81 | extern __native sys_cap_grant(sysarg64_t *uspace_taskid_arg, cap_t caps);
|
|---|
| 82 | extern __native sys_cap_revoke(sysarg64_t *uspace_taskid_arg, cap_t caps);
|
|---|
| 83 |
|
|---|
| [1077d91] | 84 | #endif
|
|---|
