source: mainline/kernel/generic/src/security/perm.c@ dbcaa2d

lfn serial ticket/834-toolchain-update topic/msim-upgrade topic/simplify-dev-export
Last change on this file since dbcaa2d was a35b458, checked in by Jiří Zárevúcky <zarevucky.jiri@…>, 7 years ago

style: Remove trailing whitespace on _all_ lines, including empty ones, for particular file types.

Command used: tools/srepl '\s\+$' '' -- *.c *.h *.py *.sh *.s *.S *.ag

Currently, whitespace on empty lines is very inconsistent.
There are two basic choices: Either remove the whitespace, or keep empty lines
indented to the level of surrounding code. The former is AFAICT more common,
and also much easier to do automatically.

Alternatively, we could write script for automatic indentation, and use that
instead. However, if such a script exists, it's possible to use the indented
style locally, by having the editor apply relevant conversions on load/save,
without affecting remote repository. IMO, it makes more sense to adopt
the simpler rule.
  • Property mode set to 100644
File size: 6.0 KB
Line 
1/*
2 * Copyright (c) 2006 Jakub Jermar
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * - Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * - Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * - The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/** @addtogroup generic
30 * @{
31 */
32
33/**
34 * @file perm.c
35 * @brief Task permissions control.
36 *
37 * @see perm.h
38 */
39
40#include <security/perm.h>
41#include <proc/task.h>
42#include <synch/spinlock.h>
43#include <syscall/copy.h>
44#include <arch.h>
45#include <errno.h>
46
47/** Set permissions.
48 *
49 * @param task Task whose permissions are to be changed.
50 * @param perms New set of permissions.
51 *
52 */
53void perm_set(task_t *task, perm_t perms)
54{
55 irq_spinlock_lock(&task->lock, true);
56 task->perms = perms;
57 irq_spinlock_unlock(&task->lock, true);
58}
59
60/** Get permissions.
61 *
62 * @param task Task whose permissions are to be returned.
63 *
64 * @return Task's permissions.
65 *
66 */
67perm_t perm_get(task_t *task)
68{
69 irq_spinlock_lock(&task->lock, true);
70 perm_t perms = task->perms;
71 irq_spinlock_unlock(&task->lock, true);
72
73 return perms;
74}
75
76/** Grant permissions to a task.
77 *
78 * The calling task must have the PERM_PERM permission.
79 *
80 * @param taskid Destination task ID.
81 * @param perms Permissions to grant.
82 *
83 * @return Zero on success or an error code from @ref errno.h.
84 *
85 */
86static errno_t perm_grant(task_id_t taskid, perm_t perms)
87{
88 if (!(perm_get(TASK) & PERM_PERM))
89 return EPERM;
90
91 irq_spinlock_lock(&tasks_lock, true);
92 task_t *task = task_find_by_id(taskid);
93
94 if ((!task) || (!container_check(CONTAINER, task->container))) {
95 irq_spinlock_unlock(&tasks_lock, true);
96 return ENOENT;
97 }
98
99 irq_spinlock_lock(&task->lock, false);
100 task->perms |= perms;
101 irq_spinlock_unlock(&task->lock, false);
102
103 irq_spinlock_unlock(&tasks_lock, true);
104 return EOK;
105}
106
107/** Revoke permissions from a task.
108 *
109 * The calling task must have the PERM_PERM permission or the caller must
110 * attempt to revoke permissions from itself.
111 *
112 * @param taskid Destination task ID.
113 * @param perms Permissions to revoke.
114 *
115 * @return Zero on success or an error code from @ref errno.h.
116 *
117 */
118static errno_t perm_revoke(task_id_t taskid, perm_t perms)
119{
120 irq_spinlock_lock(&tasks_lock, true);
121
122 task_t *task = task_find_by_id(taskid);
123 if ((!task) || (!container_check(CONTAINER, task->container))) {
124 irq_spinlock_unlock(&tasks_lock, true);
125 return ENOENT;
126 }
127
128 /*
129 * Revoking permissions is different from granting them in that
130 * a task can revoke permissions from itself even if it
131 * doesn't have PERM_PERM.
132 */
133 irq_spinlock_unlock(&TASK->lock, false);
134
135 if ((!(TASK->perms & PERM_PERM)) || (task != TASK)) {
136 irq_spinlock_unlock(&TASK->lock, false);
137 irq_spinlock_unlock(&tasks_lock, true);
138 return EPERM;
139 }
140
141 task->perms &= ~perms;
142 irq_spinlock_unlock(&TASK->lock, false);
143
144 irq_spinlock_unlock(&tasks_lock, true);
145 return EOK;
146}
147
148#ifdef __32_BITS__
149
150/** Grant permissions to a task (32 bits)
151 *
152 * The calling task must have the PERM_PERM permission.
153 *
154 * @param uspace_taskid User-space pointer to destination task ID.
155 * @param perms Permissions to grant.
156 *
157 * @return Zero on success or an error code from @ref errno.h.
158 *
159 */
160sys_errno_t sys_perm_grant(sysarg64_t *uspace_taskid, perm_t perms)
161{
162 sysarg64_t taskid;
163 errno_t rc = copy_from_uspace(&taskid, uspace_taskid, sizeof(sysarg64_t));
164 if (rc != EOK)
165 return (sys_errno_t) rc;
166
167 return perm_grant((task_id_t) taskid, perms);
168}
169
170/** Revoke permissions from a task (32 bits)
171 *
172 * The calling task must have the PERM_PERM permission or the caller must
173 * attempt to revoke permissions from itself.
174 *
175 * @param uspace_taskid User-space pointer to destination task ID.
176 * @param perms Perms to revoke.
177 *
178 * @return Zero on success or an error code from @ref errno.h.
179 *
180 */
181sys_errno_t sys_perm_revoke(sysarg64_t *uspace_taskid, perm_t perms)
182{
183 sysarg64_t taskid;
184 errno_t rc = copy_from_uspace(&taskid, uspace_taskid, sizeof(sysarg64_t));
185 if (rc != EOK)
186 return (sys_errno_t) rc;
187
188 return perm_revoke((task_id_t) taskid, perms);
189}
190
191#endif /* __32_BITS__ */
192
193#ifdef __64_BITS__
194
195/** Grant permissions to a task (64 bits)
196 *
197 * The calling task must have the PERM_PERM permission.
198 *
199 * @param taskid Destination task ID.
200 * @param perms Permissions to grant.
201 *
202 * @return Zero on success or an error code from @ref errno.h.
203 *
204 */
205sys_errno_t sys_perm_grant(sysarg_t taskid, perm_t perms)
206{
207 return perm_grant((task_id_t) taskid, perms);
208}
209
210/** Revoke permissions from a task (64 bits)
211 *
212 * The calling task must have the PERM_PERM permission or the caller must
213 * attempt to revoke permissions from itself.
214 *
215 * @param taskid Destination task ID.
216 * @param perms Permissions to revoke.
217 *
218 * @return Zero on success or an error code from @ref errno.h.
219 *
220 */
221sys_errno_t sys_perm_revoke(sysarg_t taskid, perm_t perms)
222{
223 return perm_revoke((task_id_t) taskid, perms);
224}
225
226#endif /* __64_BITS__ */
227
228/** @}
229 */
Note: See TracBrowser for help on using the repository browser.