Changeset 719a208 in mainline for kernel/generic/src

Timestamp:

2017-05-30T05:59:09Z (8 years ago)

Author:

Jakub Jermar <jakub@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

f2460a50

Parents:

456c086

Message:

Rename SYS_CAP_GRANT/REVOKE to SYS_PERM_GRANT/REVOKE

Location:

kernel/generic/src

Files:

• ddi/ddi.c (modified) (7 diffs)
• ipc/sysipc.c (modified) (3 diffs)
• main/kinit.c (modified) (2 diffs)
• proc/program.c (modified) (2 diffs)
• proc/task.c (modified) (1 diff)
• security/perm.c (moved) (moved from kernel/generic/src/security/cap.c ) (10 diffs)
• syscall/syscall.c (modified) (2 diffs)

kernel/generic/src/ddi/ddi.c

@@ -42 +42 @@
 #include <ddi/ddi.h>
 #include <proc/task.h>
-#include <security/cap.h>
+#include <security/perm.h>
 #include <mm/frame.h>
 #include <mm/as.h>
@@ -96 +96 @@
  *
  * @return EOK on success.
- * @return EPERM if the caller lacks capabilities to use this syscall.
+ * @return EPERM if the caller lacks permissions to use this syscall.
  * @return EBADMEM if phys is not page aligned.
  * @return ENOENT if there is no task matching the specified ID or
@@ -116 +116 @@
          */
         bool priv =
-            ((cap_get(TASK) & CAP_MEM_MANAGER) == CAP_MEM_MANAGER);
+            ((perm_get(TASK) & PERM_MEM_MANAGER) == PERM_MEM_MANAGER);
         
         mem_backend_data_t backend_data;
@@ -260 +260 @@
  * @param size   Size of the enabled I/O space.
  *
- * @return 0 on success, EPERM if the caller lacks capabilities to use this
+ * @return 0 on success, EPERM if the caller lacks permissions to use this
  *           syscall, ENOENT if there is no task matching the specified ID.
  *
@@ -269 +269 @@
          * Make sure the caller is authorised to make this syscall.
          */
-        cap_t caps = cap_get(TASK);
-        if (!(caps & CAP_IO_MANAGER))
+        perm_t perms = perm_get(TASK);
+        if (!(perms & PERM_IO_MANAGER))
                 return EPERM;
         
@@ -301 +301 @@
  * @param size   Size of the enabled I/O space.
  *
- * @return 0 on success, EPERM if the caller lacks capabilities to use this
+ * @return 0 on success, EPERM if the caller lacks permissions to use this
  *           syscall, ENOENT if there is no task matching the specified ID.
  *
@@ -310 +310 @@
          * Make sure the caller is authorised to make this syscall.
          */
-        cap_t caps = cap_get(TASK);
-        if (!(caps & CAP_IO_MANAGER))
+        perm_t perms = perm_get(TASK);
+        if (!(perms & PERM_IO_MANAGER))
                 return EPERM;
         

kernel/generic/src/ipc/sysipc.c

@@ -48 +48 @@
 #include <arch/interrupt.h>
 #include <syscall/copy.h>
-#include <security/cap.h>
+#include <security/perm.h>
 #include <console/console.h>
 #include <print.h>
@@ -811 +811 @@
     irq_code_t *ucode)
 {
-        if (!(cap_get(TASK) & CAP_IRQ_REG))
+        if (!(perm_get(TASK) & PERM_IRQ_REG))
                 return EPERM;
         
@@ -827 +827 @@
 sysarg_t sys_ipc_irq_unsubscribe(inr_t inr, devno_t devno)
 {
-        if (!(cap_get(TASK) & CAP_IRQ_REG))
+        if (!(perm_get(TASK) & PERM_IRQ_REG))
                 return EPERM;
         

kernel/generic/src/main/kinit.c

@@ -64 +64 @@
 #include <interrupt.h>
 #include <console/kconsole.h>
-#include <security/cap.h>
+#include <security/perm.h>
 #include <lib/rd.h>
 #include <ipc/ipc.h>
@@ -259 +259 @@
                         if (programs[i].task != NULL) {
                                 /*
-                                 * Set capabilities to init userspace tasks.
+                                 * Set permissions to init userspace tasks.
                                  */
-                                cap_set(programs[i].task, CAP_CAP | CAP_MEM_MANAGER |
-                                    CAP_IO_MANAGER | CAP_IRQ_REG);
+                                perm_set(programs[i].task,
+                                    PERM_PERM | PERM_MEM_MANAGER |
+                                    PERM_IO_MANAGER | PERM_IRQ_REG);
                                 
                                 if (!ipc_phone_0) {

kernel/generic/src/proc/program.c

@@ -46 +46 @@
 #include <ipc/ipc.h>
 #include <ipc/ipcrsc.h>
-#include <security/cap.h>
+#include <security/perm.h>
 #include <lib/elf_load.h>
 #include <errno.h>
@@ -244 +244 @@
                 return rc;
         
-        // FIXME: control the capabilities
-        cap_set(prg.task, cap_get(TASK));
+        // FIXME: control the permissions 
+        perm_set(prg.task, perm_get(TASK));
         program_ready(&prg);
         

kernel/generic/src/proc/task.c

@@ -203 +203 @@
         
         task->container = CONTAINER;
-        task->capabilities = 0;
+        task->perms = 0;
         task->ucycles = 0;
         task->kcycles = 0;

kernel/generic/src/security/perm.c

@@ -32 +32 @@
 
 /**
- * @file cap.c
- * @brief Capabilities control.
- *
- * @see cap.h
- */
-
-#include <security/cap.h>
+ * @file perm.c
+ * @brief Task permissions control.
+ *
+ * @see perm.h
+ */
+
+#include <security/perm.h>
 #include <proc/task.h>
 #include <synch/spinlock.h>
@@ -45 +45 @@
 #include <errno.h>
 
-/** Set capabilities.
- *
- * @param task Task whose capabilities are to be changed.
- * @param caps New set of capabilities.
- *
- */
-void cap_set(task_t *task, cap_t caps)
+/** Set permissions.
+ *
+ * @param task  Task whose permissions are to be changed.
+ * @param perms New set of permissions.
+ *
+ */
+void perm_set(task_t *task, perm_t perms)
 {
         irq_spinlock_lock(&task->lock, true);
-        task->capabilities = caps;
+        task->perms = perms;
         irq_spinlock_unlock(&task->lock, true);
 }
 
-/** Get capabilities.
- *
- * @param task Task whose capabilities are to be returned.
- *
- * @return Task's capabilities.
- *
- */
-cap_t cap_get(task_t *task)
+/** Get permissions.
+ *
+ * @param task Task whose permissions are to be returned.
+ *
+ * @return Task's permissions.
+ *
+ */
+perm_t perm_get(task_t *task)
 {
         irq_spinlock_lock(&task->lock, true);
-        cap_t caps = task->capabilities;
+        perm_t perms = task->perms;
         irq_spinlock_unlock(&task->lock, true);
         
-        return caps;
-}
-
-/** Grant capabilities to a task.
- *
- * The calling task must have the CAP_CAP capability.
- *
- * @param taskid Destination task ID.
- * @param caps   Capabilities to grant.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-static sysarg_t cap_grant(task_id_t taskid, cap_t caps)
-{
-        if (!(cap_get(TASK) & CAP_CAP))
+        return perms;
+}
+
+/** Grant permissions to a task.
+ *
+ * The calling task must have the PERM_PERM permission.
+ *
+ * @param taskid Destination task ID.
+ * @param perms   Permissions to grant.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+static sysarg_t perm_grant(task_id_t taskid, perm_t perms)
+{
+        if (!(perm_get(TASK) & PERM_PERM))
                 return (sysarg_t) EPERM;
         
@@ -98 +98 @@
         
         irq_spinlock_lock(&task->lock, false);
-        task->capabilities |= caps;
+        task->perms |= perms;
         irq_spinlock_unlock(&task->lock, false);
         
@@ -105 +105 @@
 }
 
-/** Revoke capabilities from a task.
- *
- * The calling task must have the CAP_CAP capability or the caller must
- * attempt to revoke capabilities from itself.
- *
- * @param taskid Destination task ID.
- * @param caps   Capabilities to revoke.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-static sysarg_t cap_revoke(task_id_t taskid, cap_t caps)
+/** Revoke permissions from a task.
+ *
+ * The calling task must have the PERM_PERM permission or the caller must
+ * attempt to revoke permissions from itself.
+ *
+ * @param taskid Destination task ID.
+ * @param perms   Permissions to revoke.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+static sysarg_t perm_revoke(task_id_t taskid, perm_t perms)
 {
         irq_spinlock_lock(&tasks_lock, true);
@@ -127 +127 @@
         
         /*
-         * Revoking capabilities is different from granting them in that
-         * a task can revoke capabilities from itself even if it
-         * doesn't have CAP_CAP.
+         * Revoking permissions is different from granting them in that
+         * a task can revoke permissions from itself even if it
+         * doesn't have PERM_PERM.
          */
         irq_spinlock_unlock(&TASK->lock, false);
         
-        if ((!(TASK->capabilities & CAP_CAP)) || (task != TASK)) {
+        if ((!(TASK->perms & PERM_PERM)) || (task != TASK)) {
                 irq_spinlock_unlock(&TASK->lock, false);
                 irq_spinlock_unlock(&tasks_lock, true);
@@ -139 +139 @@
         }
         
-        task->capabilities &= ~caps;
+        task->perms &= ~perms;
         irq_spinlock_unlock(&TASK->lock, false);
         
@@ -148 +148 @@
 #ifdef __32_BITS__
 
-/** Grant capabilities to a task (32 bits)
- *
- * The calling task must have the CAP_CAP capability.
+/** Grant permissions to a task (32 bits)
+ *
+ * The calling task must have the PERM_PERM permission.
  *
  * @param uspace_taskid User-space pointer to destination task ID.
- * @param caps          Capabilities to grant.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-sysarg_t sys_cap_grant(sysarg64_t *uspace_taskid, cap_t caps)
+ * @param perms         Permissions to grant.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+sysarg_t sys_perm_grant(sysarg64_t *uspace_taskid, perm_t perms)
 {
         sysarg64_t taskid;
@@ -165 +165 @@
                 return (sysarg_t) rc;
         
-        return cap_grant((task_id_t) taskid, caps);
-}
-
-/** Revoke capabilities from a task (32 bits)
- *
- * The calling task must have the CAP_CAP capability or the caller must
- * attempt to revoke capabilities from itself.
+        return perm_grant((task_id_t) taskid, perms);
+}
+
+/** Revoke permissions from a task (32 bits)
+ *
+ * The calling task must have the PERM_PERM permission or the caller must
+ * attempt to revoke permissions from itself.
  *
  * @param uspace_taskid User-space pointer to destination task ID.
- * @param caps          Capabilities to revoke.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-sysarg_t sys_cap_revoke(sysarg64_t *uspace_taskid, cap_t caps)
+ * @param perms         Perms to revoke.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+sysarg_t sys_perm_revoke(sysarg64_t *uspace_taskid, perm_t perms)
 {
         sysarg64_t taskid;
@@ -186 +186 @@
                 return (sysarg_t) rc;
         
-        return cap_revoke((task_id_t) taskid, caps);
+        return perm_revoke((task_id_t) taskid, perms);
 }
 
@@ -193 +193 @@
 #ifdef __64_BITS__
 
-/** Grant capabilities to a task (64 bits)
- *
- * The calling task must have the CAP_CAP capability.
- *
- * @param taskid Destination task ID.
- * @param caps   Capabilities to grant.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-sysarg_t sys_cap_grant(sysarg_t taskid, cap_t caps)
-{
-        return cap_grant((task_id_t) taskid, caps);
-}
-
-/** Revoke capabilities from a task (64 bits)
- *
- * The calling task must have the CAP_CAP capability or the caller must
- * attempt to revoke capabilities from itself.
- *
- * @param taskid Destination task ID.
- * @param caps   Capabilities to revoke.
- *
- * @return Zero on success or an error code from @ref errno.h.
- *
- */
-sysarg_t sys_cap_revoke(sysarg_t taskid, cap_t caps)
-{
-        return cap_revoke((task_id_t) taskid, caps);
+/** Grant permissions to a task (64 bits)
+ *
+ * The calling task must have the PERM_PERM permission.
+ *
+ * @param taskid Destination task ID.
+ * @param perms  Permissions to grant.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+sysarg_t sys_perm_grant(sysarg_t taskid, perm_t perms)
+{
+        return perm_grant((task_id_t) taskid, perms);
+}
+
+/** Revoke permissions from a task (64 bits)
+ *
+ * The calling task must have the PERM_PERM permission or the caller must
+ * attempt to revoke permissions from itself.
+ *
+ * @param taskid Destination task ID.
+ * @param perms  Permissions to revoke.
+ *
+ * @return Zero on success or an error code from @ref errno.h.
+ *
+ */
+sysarg_t sys_perm_revoke(sysarg_t taskid, perm_t perms)
+{
+        return perm_revoke((task_id_t) taskid, perms);
 }
 

kernel/generic/src/syscall/syscall.c

@@ -53 +53 @@
 #include <ddi/ddi.h>
 #include <ipc/event.h>
-#include <security/cap.h>
+#include <security/perm.h>
 #include <sysinfo/sysinfo.h>
 #include <console/console.h>
@@ -171 +171 @@
         (syshandler_t) sys_ipc_event_unmask,
         
-        /* Capabilities related syscalls. */
-        (syshandler_t) sys_cap_grant,
-        (syshandler_t) sys_cap_revoke,
+        /* Permission related syscalls. */
+        (syshandler_t) sys_perm_grant,
+        (syshandler_t) sys_perm_revoke,
         
         /* DDI related syscalls. */