| 1 | /*
|
|---|
| 2 | * Copyright (C) 2006 Jakub Jermar
|
|---|
| 3 | * All rights reserved.
|
|---|
| 4 | *
|
|---|
| 5 | * Redistribution and use in source and binary forms, with or without
|
|---|
| 6 | * modification, are permitted provided that the following conditions
|
|---|
| 7 | * are met:
|
|---|
| 8 | *
|
|---|
| 9 | * - Redistributions of source code must retain the above copyright
|
|---|
| 10 | * notice, this list of conditions and the following disclaimer.
|
|---|
| 11 | * - Redistributions in binary form must reproduce the above copyright
|
|---|
| 12 | * notice, this list of conditions and the following disclaimer in the
|
|---|
| 13 | * documentation and/or other materials provided with the distribution.
|
|---|
| 14 | * - The name of the author may not be used to endorse or promote products
|
|---|
| 15 | * derived from this software without specific prior written permission.
|
|---|
| 16 | *
|
|---|
| 17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|---|
| 18 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|---|
| 19 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|---|
| 20 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|---|
| 21 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|---|
| 22 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|---|
| 23 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|---|
| 24 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|---|
| 25 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|---|
| 26 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|---|
| 27 | */
|
|---|
| 28 |
|
|---|
| 29 | /** @addtogroup generic
|
|---|
| 30 | * @{
|
|---|
| 31 | */
|
|---|
| 32 | /** @file
|
|---|
| 33 | */
|
|---|
| 34 |
|
|---|
| 35 | /**
|
|---|
| 36 | * @file
|
|---|
| 37 | * @brief Capabilities definitions.
|
|---|
| 38 | *
|
|---|
| 39 | * Capabilities represent virtual rights that entitle their
|
|---|
| 40 | * holder to perform certain security sensitive tasks.
|
|---|
| 41 | *
|
|---|
| 42 | * Each task can have arbitrary combination of the capabilities
|
|---|
| 43 | * defined in this file. Therefore, they are required to be powers
|
|---|
| 44 | * of two.
|
|---|
| 45 | */
|
|---|
| 46 |
|
|---|
| 47 | #ifndef __CAP_H__
|
|---|
| 48 | #define __CAP_H__
|
|---|
| 49 |
|
|---|
| 50 | #include <syscall/sysarg64.h>
|
|---|
| 51 | #include <arch/types.h>
|
|---|
| 52 | #include <typedefs.h>
|
|---|
| 53 |
|
|---|
| 54 | /**
|
|---|
| 55 | * CAP_CAP allows its holder to grant/revoke arbitrary
|
|---|
| 56 | * privilege to/from other tasks.
|
|---|
| 57 | */
|
|---|
| 58 | #define CAP_CAP (1<<0)
|
|---|
| 59 |
|
|---|
| 60 | /**
|
|---|
| 61 | * CAP_MEM_MANAGER allows its holder to map physical memory
|
|---|
| 62 | * to other tasks.
|
|---|
| 63 | */
|
|---|
| 64 | #define CAP_MEM_MANAGER (1<<1)
|
|---|
| 65 |
|
|---|
| 66 | /**
|
|---|
| 67 | * CAP_IO_MANAGER allows its holder to access I/O space
|
|---|
| 68 | * to other tasks.
|
|---|
| 69 | */
|
|---|
| 70 | #define CAP_IO_MANAGER (1<<2)
|
|---|
| 71 |
|
|---|
| 72 | /**
|
|---|
| 73 | * CAP_PREEMPT_CONTROL allows its holder to disable/enable preemption.
|
|---|
| 74 | */
|
|---|
| 75 | #define CAP_PREEMPT_CONTROL (1<<3)
|
|---|
| 76 |
|
|---|
| 77 | /**
|
|---|
| 78 | * CAP_IRQ_REG entitles its holder to register IRQ handlers.
|
|---|
| 79 | */
|
|---|
| 80 | #define CAP_IRQ_REG (1<<4)
|
|---|
| 81 |
|
|---|
| 82 | typedef uint32_t cap_t;
|
|---|
| 83 |
|
|---|
| 84 | extern void cap_set(task_t *t, cap_t caps);
|
|---|
| 85 | extern cap_t cap_get(task_t *t);
|
|---|
| 86 |
|
|---|
| 87 | extern unative_t sys_cap_grant(sysarg64_t *uspace_taskid_arg, cap_t caps);
|
|---|
| 88 | extern unative_t sys_cap_revoke(sysarg64_t *uspace_taskid_arg, cap_t caps);
|
|---|
| 89 |
|
|---|
| 90 | #endif
|
|---|
| 91 |
|
|---|
| 92 | /** @}
|
|---|
| 93 | */
|
|---|
