source: mainline/kernel/generic/src/security/cap.c@ c738d65

lfn serial ticket/834-toolchain-update topic/msim-upgrade topic/simplify-dev-export
Last change on this file since c738d65 was 06e1e95, checked in by Jakub Jermar <jakub@…>, 19 years ago

C99 compliant header guards (hopefully) everywhere in the kernel.
Formatting and indentation changes.
Small improvements in sparc64.
  • Property mode set to 100644
File size: 4.6 KB
Line 
1/*
2 * Copyright (C) 2006 Jakub Jermar
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * - Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * - Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * - The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/** @addtogroup generic
30 * @{
31 */
32
33/**
34 * @file cap.c
35 * @brief Capabilities control.
36 *
37 * @see cap.h
38 */
39
40#include <security/cap.h>
41#include <proc/task.h>
42#include <synch/spinlock.h>
43#include <syscall/sysarg64.h>
44#include <syscall/copy.h>
45#include <arch.h>
46#include <typedefs.h>
47#include <errno.h>
48
49/** Set capabilities.
50 *
51 * @param t Task whose capabilities are to be changed.
52 * @param caps New set of capabilities.
53 */
54void cap_set(task_t *t, cap_t caps)
55{
56 ipl_t ipl;
57
58 ipl = interrupts_disable();
59 spinlock_lock(&t->lock);
60
61 t->capabilities = caps;
62
63 spinlock_unlock(&t->lock);
64 interrupts_restore(ipl);
65}
66
67/** Get capabilities.
68 *
69 * @param t Task whose capabilities are to be returned.
70 * @return Task's capabilities.
71 */
72cap_t cap_get(task_t *t)
73{
74 ipl_t ipl;
75 cap_t caps;
76
77 ipl = interrupts_disable();
78 spinlock_lock(&t->lock);
79
80 caps = t->capabilities;
81
82 spinlock_unlock(&t->lock);
83 interrupts_restore(ipl);
84
85 return caps;
86}
87
88/** Grant capabilities to a task.
89 *
90 * The calling task must have the CAP_CAP capability.
91 *
92 * @param uspace_taskid_arg Userspace structure holding destination task ID.
93 * @param caps Capabilities to grant.
94 *
95 * @return Zero on success or an error code from @ref errno.h.
96 */
97unative_t sys_cap_grant(sysarg64_t *uspace_taskid_arg, cap_t caps)
98{
99 sysarg64_t taskid_arg;
100 task_t *t;
101 ipl_t ipl;
102 int rc;
103
104 if (!(cap_get(TASK) & CAP_CAP))
105 return (unative_t) EPERM;
106
107 rc = copy_from_uspace(&taskid_arg, uspace_taskid_arg, sizeof(sysarg64_t));
108 if (rc != 0)
109 return (unative_t) rc;
110
111 ipl = interrupts_disable();
112 spinlock_lock(&tasks_lock);
113 t = task_find_by_id((task_id_t) taskid_arg.value);
114 if ((!t) || (!context_check(CONTEXT, t->context))) {
115 spinlock_unlock(&tasks_lock);
116 interrupts_restore(ipl);
117 return (unative_t) ENOENT;
118 }
119
120 spinlock_lock(&t->lock);
121 cap_set(t, cap_get(t) | caps);
122 spinlock_unlock(&t->lock);
123
124 spinlock_unlock(&tasks_lock);
125 interrupts_restore(ipl);
126 return 0;
127}
128
129/** Revoke capabilities from a task.
130 *
131 * The calling task must have the CAP_CAP capability or the caller must
132 * attempt to revoke capabilities from itself.
133 *
134 * @param uspace_taskid_arg Userspace structure holding destination task ID.
135 * @param caps Capabilities to revoke.
136 *
137 * @return Zero on success or an error code from @ref errno.h.
138 */
139unative_t sys_cap_revoke(sysarg64_t *uspace_taskid_arg, cap_t caps)
140{
141 sysarg64_t taskid_arg;
142 task_t *t;
143 ipl_t ipl;
144 int rc;
145
146 rc = copy_from_uspace(&taskid_arg, uspace_taskid_arg, sizeof(sysarg64_t));
147 if (rc != 0)
148 return (unative_t) rc;
149
150 ipl = interrupts_disable();
151 spinlock_lock(&tasks_lock);
152 t = task_find_by_id((task_id_t) taskid_arg.value);
153 if ((!t) || (!context_check(CONTEXT, t->context))) {
154 spinlock_unlock(&tasks_lock);
155 interrupts_restore(ipl);
156 return (unative_t) ENOENT;
157 }
158
159 /*
160 * Revoking capabilities is different from granting them in that
161 * a task can revoke capabilities from itself even if it
162 * doesn't have CAP_CAP.
163 */
164 if (!(cap_get(TASK) & CAP_CAP) || !(t == TASK)) {
165 spinlock_unlock(&tasks_lock);
166 interrupts_restore(ipl);
167 return (unative_t) EPERM;
168 }
169
170 spinlock_lock(&t->lock);
171 cap_set(t, cap_get(t) & ~caps);
172 spinlock_unlock(&t->lock);
173
174 spinlock_unlock(&tasks_lock);
175
176 interrupts_restore(ipl);
177 return 0;
178}
179
180/** @}
181 */
182
Note: See TracBrowser for help on using the repository browser.