//kernel/trunk/generic/include/proc/task.h |
---|
34,6 → 34,7 |
#include <adt/btree.h> |
#include <adt/list.h> |
#include <ipc/ipc.h> |
#include <security/cap.h> |
/** Task structure. */ |
struct task { |
43,6 → 44,8 |
as_t *as; /**< Address space. */ |
task_id_t taskid; /**< Unique identity of task */ |
cap_t capabilities; /**< Task capabilities. */ |
/* IPC stuff */ |
answerbox_t answerbox; /**< Communication endpoint */ |
phone_t phones[IPC_MAX_PHONES]; |
//kernel/trunk/generic/include/security/cap.h |
---|
0,0 → 1,65 |
/* |
* Copyright (C) 2006 Jakub Jermar |
* All rights reserved. |
* |
* Redistribution and use in source and binary forms, with or without |
* modification, are permitted provided that the following conditions |
* are met: |
* |
* - Redistributions of source code must retain the above copyright |
* notice, this list of conditions and the following disclaimer. |
* - Redistributions in binary form must reproduce the above copyright |
* notice, this list of conditions and the following disclaimer in the |
* documentation and/or other materials provided with the distribution. |
* - The name of the author may not be used to endorse or promote products |
* derived from this software without specific prior written permission. |
* |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
/** |
* Capabilities definitions. |
* Each task can have arbitrary combination of the capabilities |
* defined in this file. Therefore, they are required to be powers |
* of two. |
*/ |
#ifndef __CAP_H__ |
#define __CAP_H__ |
#include <arch/types.h> |
#include <typedefs.h> |
/** |
* CAP_CAP allows its holder to grant/revoke arbitrary |
* privilege to/from other tasks. |
*/ |
#define CAP_CAP (1<<0) |
/** |
* CAP_MEM_MANAGER allows its holder to map physical memory |
* to other tasks. |
*/ |
#define CAP_MEM_MANAGER (1<<1) |
/** |
* CAP_IO_MANAGER allows its holder to access I/O space |
* to other tasks. |
*/ |
#define CAP_IO_MANAGER (1<<2) |
typedef __u32 cap_t; |
extern void cap_set(task_t *t, cap_t caps); |
extern cap_t cap_get(task_t *t); |
#endif |
//kernel/trunk/generic/src/main/kinit.c |
---|
45,6 → 45,7 |
#include <console/console.h> |
#include <interrupt.h> |
#include <console/kconsole.h> |
#include <security/cap.h> |
#ifdef CONFIG_SMP |
#include <arch/smp/mps.h> |
144,6 → 145,11 |
utask = task_run_program((void *) init.tasks[i].addr, "USPACE"); |
if (utask) { |
/* |
* Set capabilities to init userspace tasks. |
*/ |
cap_set(utask, CAP_CAP | CAP_MEM_MANAGER | CAP_IO_MANAGER); |
if (!ipc_phone_0) |
ipc_phone_0 = &utask->answerbox; |
} else |
//kernel/trunk/generic/src/proc/task.c |
---|
38,6 → 38,7 |
#include <adt/btree.h> |
#include <adt/list.h> |
#include <ipc/ipc.h> |
#include <security/cap.h> |
#include <memstr.h> |
#include <print.h> |
#include <elf.h> |
86,6 → 87,7 |
ta->as = as; |
ta->name = name; |
ta->capabilities = 0; |
ipc_answerbox_init(&ta->answerbox); |
for (i=0; i < IPC_MAX_PHONES;i++) |
//kernel/trunk/generic/src/security/cap.c |
---|
0,0 → 1,72 |
/* |
* Copyright (C) 2006 Jakub Jermar |
* All rights reserved. |
* |
* Redistribution and use in source and binary forms, with or without |
* modification, are permitted provided that the following conditions |
* are met: |
* |
* - Redistributions of source code must retain the above copyright |
* notice, this list of conditions and the following disclaimer. |
* - Redistributions in binary form must reproduce the above copyright |
* notice, this list of conditions and the following disclaimer in the |
* documentation and/or other materials provided with the distribution. |
* - The name of the author may not be used to endorse or promote products |
* derived from this software without specific prior written permission. |
* |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
#include <security/cap.h> |
#include <proc/task.h> |
#include <synch/spinlock.h> |
#include <arch.h> |
#include <typedefs.h> |
/** Set capabilities. |
* |
* @param t Task whose capabilities are to be changed. |
* @param caps New set of capabilities. |
*/ |
void cap_set(task_t *t, cap_t caps) |
{ |
ipl_t ipl; |
ipl = interrupts_disable(); |
spinlock_lock(&t->lock); |
t->capabilities = caps; |
spinlock_unlock(&t->lock); |
interrupts_restore(ipl); |
} |
/** Get capabilities. |
* |
* @param t Task whose capabilities are to be returned. |
* @return Task's capabilities. |
*/ |
cap_t cap_get(task_t *t) |
{ |
ipl_t ipl; |
cap_t caps; |
ipl = interrupts_disable(); |
spinlock_lock(&t->lock); |
caps = t->capabilities; |
spinlock_unlock(&t->lock); |
interrupts_restore(ipl); |
return caps; |
} |