Changeset d24e987 in mainline for kernel/generic/include/cap/cap.h

Timestamp:

2018-10-16T18:03:43Z (7 years ago)

Author:

Jakub Jermar <jakub@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

2d93763a, e344422

Parents:

c0cef6f9

git-author:

Jakub Jermar <jakub@…> (2018-10-16 17:55:57)

git-committer:

Jakub Jermar <jakub@…> (2018-10-16 18:03:43)

Message:

Make access via capabilities revokable

This commit makes it possible to revoke access to a kernel object from
all capabilities across all tasks. In order to support this, each kernel
object is equipped with a list of capabilities that point to it.

File:

• kernel/generic/include/cap/cap.h (modified) (3 diffs)

kernel/generic/include/cap/cap.h

@@ -69 +69 @@
 
 /*
- * Everything in kobject_t except for the atomic reference count is imutable.
+ * Everything in kobject_t except for the atomic reference count, the capability
+ * list and its lock is imutable.
  */
 typedef struct kobject {
         kobject_type_t type;
         atomic_t refcnt;
+
+        /** Mutex protecting caps_list */
+        mutex_t caps_list_lock;
+        /** List of published capabilities associated with the kobject */
+        list_t caps_list;
 
         kobject_ops_t *ops;
@@ -93 +99 @@
         struct task *task;
         cap_handle_t handle;
+
+        /** Link to the kobject's list of capabilities. */
+        link_t kobj_link;
 
         /* Link to the task's capabilities of the same kobject type. */
@@ -122 +131 @@
 extern void cap_publish(struct task *, cap_handle_t, kobject_t *);
 extern kobject_t *cap_unpublish(struct task *, cap_handle_t, kobject_type_t);
+extern void cap_revoke(kobject_t *);
 extern void cap_free(struct task *, cap_handle_t);