source: mainline/generic/src/security/cap.c@ 2bb8648

lfn serial ticket/834-toolchain-update topic/msim-upgrade topic/simplify-dev-export
Last change on this file since 2bb8648 was 2bb8648, checked in by Jakub Jermar <jakub@…>, 19 years ago

Add SYS_CAP_GRANT and SYS_CAP_REVOKE syscalls.
Move SYS_PREEMPT_CONTROL to ddi.c.
Add some comments and fix some small issues.
  • Property mode set to 100644
File size: 4.4 KB
Line 
1/*
2 * Copyright (C) 2006 Jakub Jermar
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * - Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * - Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * - The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/**
30 * @file cap.c
31 * @brief Capabilities control.
32 *
33 * @see cap.h
34 */
35
36#include <security/cap.h>
37#include <proc/task.h>
38#include <synch/spinlock.h>
39#include <syscall/sysarg64.h>
40#include <syscall/copy.h>
41#include <arch.h>
42#include <typedefs.h>
43#include <errno.h>
44
45/** Set capabilities.
46 *
47 * @param t Task whose capabilities are to be changed.
48 * @param caps New set of capabilities.
49 */
50void cap_set(task_t *t, cap_t caps)
51{
52 ipl_t ipl;
53
54 ipl = interrupts_disable();
55 spinlock_lock(&t->lock);
56
57 t->capabilities = caps;
58
59 spinlock_unlock(&t->lock);
60 interrupts_restore(ipl);
61}
62
63/** Get capabilities.
64 *
65 * @param t Task whose capabilities are to be returned.
66 * @return Task's capabilities.
67 */
68cap_t cap_get(task_t *t)
69{
70 ipl_t ipl;
71 cap_t caps;
72
73 ipl = interrupts_disable();
74 spinlock_lock(&t->lock);
75
76 caps = t->capabilities;
77
78 spinlock_unlock(&t->lock);
79 interrupts_restore(ipl);
80
81 return caps;
82}
83
84/** Grant capabilities to a task.
85 *
86 * The calling task must have the CAP_CAP capability.
87 *
88 * @param uspace_taskid_arg Userspace structure holding destination task ID.
89 * @param caps Capabilities to grant.
90 *
91 * @return Zero on success or an error code from @ref errno.h.
92 */
93__native sys_cap_grant(sysarg64_t *uspace_taskid_arg, cap_t caps)
94{
95 sysarg64_t taskid_arg;
96 task_t *t;
97 ipl_t ipl;
98 int rc;
99
100 if (!(cap_get(TASK) & CAP_CAP))
101 return (__native) EPERM;
102
103 rc = copy_from_uspace(&taskid_arg, uspace_taskid_arg, sizeof(sysarg64_t));
104 if (rc != 0)
105 return (__native) rc;
106
107 ipl = interrupts_disable();
108 spinlock_lock(&tasks_lock);
109 t = task_find_by_id((task_id_t) taskid_arg.value);
110 if (!t) {
111 spinlock_unlock(&tasks_lock);
112 interrupts_restore(ipl);
113 return (__native) ENOENT;
114 }
115 spinlock_unlock(&tasks_lock);
116
117 cap_set(t, cap_get(t) | caps);
118
119 interrupts_restore(ipl);
120 return 0;
121}
122
123/** Revoke capabilities from a task.
124 *
125 * The calling task must have the CAP_CAP capability or the caller must
126 * attempt to revoke capabilities from itself.
127 *
128 * @param uspace_taskid_arg Userspace structure holding destination task ID.
129 * @param caps Capabilities to revoke.
130 *
131 * @return Zero on success or an error code from @ref errno.h.
132 */
133__native sys_cap_revoke(sysarg64_t *uspace_taskid_arg, cap_t caps)
134{
135 sysarg64_t taskid_arg;
136 task_t *t;
137 ipl_t ipl;
138 int rc;
139
140 rc = copy_from_uspace(&taskid_arg, uspace_taskid_arg, sizeof(sysarg64_t));
141 if (rc != 0)
142 return (__native) rc;
143
144 ipl = interrupts_disable();
145 spinlock_lock(&tasks_lock);
146 t = task_find_by_id((task_id_t) taskid_arg.value);
147 if (!t) {
148 spinlock_unlock(&tasks_lock);
149 interrupts_restore(ipl);
150 return (__native) ENOENT;
151 }
152 spinlock_unlock(&tasks_lock);
153
154 /*
155 * Revoking capabilities is different from granting them in that
156 * a task can revoke capabilities from itself even if it
157 * doesn't have CAP_CAP.
158 */
159 if (!(cap_get(TASK) & CAP_CAP) || !(t == TASK)) {
160 interrupts_restore(ipl);
161 return (__native) EPERM;
162 }
163
164 cap_set(t, cap_get(t) & ~caps);
165
166 interrupts_restore(ipl);
167 return 0;
168}
Note: See TracBrowser for help on using the repository browser.