Subversion Repositories HelenOS-historic

Compare Revisions

Ignore whitespace Rev 1173 → Rev 1174

/kernel/trunk/generic/include/proc/task.h
34,6 → 34,7
#include <adt/btree.h>
#include <adt/list.h>
#include <ipc/ipc.h>
#include <security/cap.h>
 
/** Task structure. */
struct task {
43,6 → 44,8
as_t *as; /**< Address space. */
task_id_t taskid; /**< Unique identity of task */
 
cap_t capabilities; /**< Task capabilities. */
 
/* IPC stuff */
answerbox_t answerbox; /**< Communication endpoint */
phone_t phones[IPC_MAX_PHONES];
/kernel/trunk/generic/include/security/cap.h
0,0 → 1,65
/*
* Copyright (C) 2006 Jakub Jermar
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* - The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
 
/**
* Capabilities definitions.
* Each task can have arbitrary combination of the capabilities
* defined in this file. Therefore, they are required to be powers
* of two.
*/
 
#ifndef __CAP_H__
#define __CAP_H__
 
#include <arch/types.h>
#include <typedefs.h>
 
/**
* CAP_CAP allows its holder to grant/revoke arbitrary
* privilege to/from other tasks.
*/
#define CAP_CAP (1<<0)
 
/**
* CAP_MEM_MANAGER allows its holder to map physical memory
* to other tasks.
*/
#define CAP_MEM_MANAGER (1<<1)
 
/**
* CAP_IO_MANAGER allows its holder to access I/O space
* to other tasks.
*/
#define CAP_IO_MANAGER (1<<2)
 
typedef __u32 cap_t;
 
extern void cap_set(task_t *t, cap_t caps);
extern cap_t cap_get(task_t *t);
 
#endif
/kernel/trunk/generic/src/main/kinit.c
45,6 → 45,7
#include <console/console.h>
#include <interrupt.h>
#include <console/kconsole.h>
#include <security/cap.h>
 
#ifdef CONFIG_SMP
#include <arch/smp/mps.h>
144,6 → 145,11
 
utask = task_run_program((void *) init.tasks[i].addr, "USPACE");
if (utask) {
/*
* Set capabilities to init userspace tasks.
*/
cap_set(utask, CAP_CAP | CAP_MEM_MANAGER | CAP_IO_MANAGER);
if (!ipc_phone_0)
ipc_phone_0 = &utask->answerbox;
} else
/kernel/trunk/generic/src/proc/task.c
38,6 → 38,7
#include <adt/btree.h>
#include <adt/list.h>
#include <ipc/ipc.h>
#include <security/cap.h>
#include <memstr.h>
#include <print.h>
#include <elf.h>
86,6 → 87,7
ta->as = as;
ta->name = name;
 
ta->capabilities = 0;
ipc_answerbox_init(&ta->answerbox);
for (i=0; i < IPC_MAX_PHONES;i++)
/kernel/trunk/generic/src/security/cap.c
0,0 → 1,72
/*
* Copyright (C) 2006 Jakub Jermar
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* - The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
 
#include <security/cap.h>
#include <proc/task.h>
#include <synch/spinlock.h>
#include <arch.h>
#include <typedefs.h>
 
/** Set capabilities.
*
* @param t Task whose capabilities are to be changed.
* @param caps New set of capabilities.
*/
void cap_set(task_t *t, cap_t caps)
{
ipl_t ipl;
ipl = interrupts_disable();
spinlock_lock(&t->lock);
t->capabilities = caps;
spinlock_unlock(&t->lock);
interrupts_restore(ipl);
}
 
/** Get capabilities.
*
* @param t Task whose capabilities are to be returned.
* @return Task's capabilities.
*/
cap_t cap_get(task_t *t)
{
ipl_t ipl;
cap_t caps;
ipl = interrupts_disable();
spinlock_lock(&t->lock);
caps = t->capabilities;
spinlock_unlock(&t->lock);
interrupts_restore(ipl);
return caps;
}
/kernel/trunk/Makefile
144,7 → 144,8
generic/src/smp/ipi.c \
generic/src/ipc/ipc.c \
generic/src/ipc/sysipc.c \
generic/src/ipc/ipcrsc.c
generic/src/ipc/ipcrsc.c \
generic/src/security/cap.c
 
## Test sources
#