/*===========================================================================*
* do_privctl *
*===========================================================================*/
PUBLIC int do_privctl(struct proc * caller, message * m_ptr)
{
/* Handle sys_privctl(). Update a process' privileges. If the process is not
* yet a system process, make sure it gets its own privilege structure.
*/
struct proc *rp;
proc_nr_t proc_nr;
sys_id_t priv_id;
int ipc_to_m, kcalls;
int i, r;
struct io_range io_range;
struct mem_range mem_range;
struct priv priv;
int irq;
/* Check whether caller is allowed to make this call. Privileged proceses
* can only update the privileges of processes that are inhibited from
* running by the RTS_NO_PRIV flag. This flag is set when a privileged process
* forks.
*/
if (! (priv(caller)->s_flags & SYS_PROC)) return(EPERM);
if(m_ptr->CTL_ENDPT == SELF) proc_nr = _ENDPOINT_P(caller->p_endpoint);
else if(!isokendpt(m_ptr->CTL_ENDPT, &proc_nr)) return(EINVAL);
rp = proc_addr(proc_nr);
switch(m_ptr->CTL_REQUEST)
{
case SYS_PRIV_ALLOW:
/* Allow process to run. Make sure its privilege structure has already
* been set.
*/
if (!RTS_ISSET(rp, RTS_NO_PRIV) || priv(rp)->s_proc_nr == NONE) {
return(EPERM);
}
RTS_UNSET(rp, RTS_NO_PRIV);
return(OK);
case SYS_PRIV_YIELD:
/* Allow process to run and suspend the caller. */
if (!RTS_ISSET(rp, RTS_NO_PRIV) || priv(rp)->s_proc_nr == NONE) {
return(EPERM);
}
RTS_SET(caller, RTS_NO_PRIV);
RTS_UNSET(rp, RTS_NO_PRIV);
return(OK);
case SYS_PRIV_DISALLOW:
/* Disallow process from running. */
if (RTS_ISSET(rp, RTS_NO_PRIV)) return(EPERM);
RTS_SET(rp, RTS_NO_PRIV);
return(OK);
case SYS_PRIV_SET_SYS:
/* Set a privilege structure of a blocked system process. */
if (! RTS_ISSET(rp, RTS_NO_PRIV)) return(EPERM);
/* Check whether a static or dynamic privilege id must be allocated. */
priv_id = NULL_PRIV_ID;
if (m_ptr->CTL_ARG_PTR)
{
/* Copy privilege structure from caller */
if((r=data_copy(caller->p_endpoint, (vir_bytes) m_ptr->CTL_ARG_PTR,
KERNEL, (vir_bytes) &priv, sizeof(priv))) != OK)
return r;
/* See if the caller wants to assign a static privilege id. */
if(!(priv.s_flags & DYN_PRIV_ID)) {
priv_id = priv.s_id;
}
}
/* Make sure this process has its own privileges structure. This may
* fail, since there are only a limited number of system processes.
* Then copy privileges from the caller and restore some defaults.
*/
if ((i=get_priv(rp, priv_id)) != OK)
{
printf("do_privctl: unable to allocate priv_id %d: %d\n",
priv_id, i);
return(i);
}
priv_id = priv(rp)->s_id; /* backup privilege id */
*priv(rp) = *priv(caller); /* copy from caller */
priv(rp)->s_id = priv_id; /* restore privilege id */
priv(rp)->s_proc_nr = proc_nr; /* reassociate process nr */
for (i=0; i< NR_SYS_CHUNKS; i++) /* remove pending: */
priv(rp)->s_notify_pending.chunk[i] = 0; /* - notifications */
priv(rp)->s_int_pending = 0; /* - interrupts */
(void) sigemptyset(&priv(rp)->s_sig_pending); /* - signals */
reset_timer(&priv(rp)->s_alarm_timer); /* - alarm */
priv(rp)->s_asyntab= -1; /* - asynsends */
priv(rp)->s_asynsize= 0;
/* Set defaults for privilege bitmaps. */
priv(rp)->s_flags= DSRV_F; /* privilege flags */
priv(rp)->s_trap_mask= DSRV_T; /* allowed traps */
ipc_to_m = DSRV_M; /* allowed targets */
fill_sendto_mask(rp, ipc_to_m);
kcalls = DSRV_KC; /* allowed kernel calls */
for(i = 0; i < SYS_CALL_MASK_SIZE; i++) {
priv(rp)->s_k_call_mask[i] = (kcalls == NO_C ? 0 : (~0));
}
/* Set the default signal managers. */
priv(rp)->s_sig_mgr = DSRV_SM;
priv(rp)->s_bak_sig_mgr = NONE;
/* Set defaults for resources: no I/O resources, no memory resources,
* no IRQs, no grant table
*/
priv(rp)->s_nr_io_range= 0;
priv(rp)->s_nr_mem_range= 0;
priv(rp)->s_nr_irq= 0;
priv(rp)->s_grant_table= 0;
priv(rp)->s_grant_entries= 0;
/* Override defaults if the caller has supplied a privilege structure. */
if (m_ptr->CTL_ARG_PTR)
{
if((r = update_priv(rp, &priv)) != OK) {
return r;
}
}
return(OK);
case SYS_PRIV_SET_USER:
/* Set a privilege structure of a blocked user process. */
if (!RTS_ISSET(rp, RTS_NO_PRIV)) return(EPERM);
/* Link the process to the privilege structure of the root user
* process all the user processes share.
*/
priv(rp) = priv_addr(USER_PRIV_ID);
return(OK);
case SYS_PRIV_ADD_IO:
if (RTS_ISSET(rp, RTS_NO_PRIV))
return(EPERM);
/* Only system processes get I/O resources? */
if (!(priv(rp)->s_flags & SYS_PROC))
return EPERM;
#if 0 /* XXX -- do we need a call for this? */
if (strcmp(rp->p_name, "fxp") == 0 ||
strcmp(rp->p_name, "rtl8139") == 0)
{
printf("setting ipc_stats_target to %d\n", rp->p_endpoint);
ipc_stats_target= rp->p_endpoint;
}
#endif
/* Get the I/O range */
data_copy(caller->p_endpoint, (vir_bytes) m_ptr->CTL_ARG_PTR,
KERNEL, (vir_bytes) &io_range, sizeof(io_range));
priv(rp)->s_flags |= CHECK_IO_PORT; /* Check I/O accesses */
i= priv(rp)->s_nr_io_range;
if (i >= NR_IO_RANGE) {
printf("do_privctl: %d already has %d i/o ranges.\n",
rp->p_endpoint, i);
return ENOMEM;
}
priv(rp)->s_io_tab[i].ior_base= io_range.ior_base;
priv(rp)->s_io_tab[i].ior_limit= io_range.ior_limit;
priv(rp)->s_nr_io_range++;
return OK;
case SYS_PRIV_ADD_MEM:
if (RTS_ISSET(rp, RTS_NO_PRIV))
return(EPERM);
/* Only system processes get memory resources? */
if (!(priv(rp)->s_flags & SYS_PROC))
return EPERM;
/* Get the memory range */
if((r=data_copy(caller->p_endpoint, (vir_bytes) m_ptr->CTL_ARG_PTR,
KERNEL, (vir_bytes) &mem_range, sizeof(mem_range))) != OK)
return r;
priv(rp)->s_flags |= CHECK_MEM; /* Check memory mappings */
i= priv(rp)->s_nr_mem_range;
if (i >= NR_MEM_RANGE) {
printf("do_privctl: %d already has %d mem ranges.\n",
rp->p_endpoint, i);
return ENOMEM;
}
priv(rp)->s_mem_tab[i].mr_base= mem_range.mr_base;
priv(rp)->s_mem_tab[i].mr_limit= mem_range.mr_limit;
priv(rp)->s_nr_mem_range++;
return OK;
case SYS_PRIV_ADD_IRQ:
if (RTS_ISSET(rp, RTS_NO_PRIV))
return(EPERM);
/* Only system processes get IRQs? */
if (!(priv(rp)->s_flags & SYS_PROC))
return EPERM;
data_copy(caller->p_endpoint, (vir_bytes) m_ptr->CTL_ARG_PTR,
KERNEL, (vir_bytes) &irq, sizeof(irq));
priv(rp)->s_flags |= CHECK_IRQ; /* Check IRQs */
i= priv(rp)->s_nr_irq;
if (i >= NR_IRQ) {
printf("do_privctl: %d already has %d irq's.\n",
rp->p_endpoint, i);
return ENOMEM;
}
priv(rp)->s_irq_tab[i]= irq;
priv(rp)->s_nr_irq++;
return OK;
case SYS_PRIV_QUERY_MEM:
{
phys_bytes addr, limit;
struct priv *sp;
/* See if a certain process is allowed to map in certain physical
* memory.
*/
addr = (phys_bytes) m_ptr->CTL_PHYSSTART;
limit = addr + (phys_bytes) m_ptr->CTL_PHYSLEN - 1;
if(limit < addr)
return EPERM;
if(!(sp = priv(rp)))
return EPERM;
if (!(sp->s_flags & SYS_PROC))
return EPERM;
for(i = 0; i < sp->s_nr_mem_range; i++) {
if(addr >= sp->s_mem_tab[i].mr_base &&
limit <= sp->s_mem_tab[i].mr_limit)
return OK;
}
return EPERM;
}
case SYS_PRIV_UPDATE_SYS:
/* Update the privilege structure of a system process. */
if(!m_ptr->CTL_ARG_PTR) return EINVAL;
/* Copy privilege structure from caller */
if((r=data_copy(caller->p_endpoint, (vir_bytes) m_ptr->CTL_ARG_PTR,
KERNEL, (vir_bytes) &priv, sizeof(priv))) != OK)
return r;
/* Override settings in existing privilege structure. */
if((r = update_priv(rp, &priv)) != OK) {
return r;
}
return(OK);
default:
printf("do_privctl: bad request %d\n", m_ptr->CTL_REQUEST);
return EINVAL;
}
}
/*===========================================================================*
* do_fork *
*===========================================================================*/
int do_fork(struct proc * caller, message * m_ptr)
{
/* Handle sys_fork().
* m_lsys_krn_sys_fork.endpt has forked.
* The child is m_lsys_krn_sys_fork.slot.
*/
#if defined(__i386__)
char *old_fpu_save_area_p;
#endif
register struct proc *rpc; /* child process pointer */
struct proc *rpp; /* parent process pointer */
int gen;
int p_proc;
int namelen;
if(!isokendpt(m_ptr->m_lsys_krn_sys_fork.endpt, &p_proc))
return EINVAL;
rpp = proc_addr(p_proc);
rpc = proc_addr(m_ptr->m_lsys_krn_sys_fork.slot);
if (isemptyp(rpp) || ! isemptyp(rpc)) return(EINVAL);
assert(!(rpp->p_misc_flags & MF_DELIVERMSG));
/* needs to be receiving so we know where the message buffer is */
if(!RTS_ISSET(rpp, RTS_RECEIVING)) {
printf("kernel: fork not done synchronously?\n");
return EINVAL;
}
/* make sure that the FPU context is saved in parent before copy */
save_fpu(rpp);
/* Copy parent 'proc' struct to child. And reinitialize some fields. */
gen = _ENDPOINT_G(rpc->p_endpoint);
#if defined(__i386__)
old_fpu_save_area_p = rpc->p_seg.fpu_state;
#endif
*rpc = *rpp; /* copy 'proc' struct */
#if defined(__i386__)
rpc->p_seg.fpu_state = old_fpu_save_area_p;
if(proc_used_fpu(rpp))
memcpy(rpc->p_seg.fpu_state, rpp->p_seg.fpu_state, FPU_XFP_SIZE);
#endif
if(++gen >= _ENDPOINT_MAX_GENERATION) /* increase generation */
gen = 1; /* generation number wraparound */
rpc->p_nr = m_ptr->m_lsys_krn_sys_fork.slot; /* this was obliterated by copy */
rpc->p_endpoint = _ENDPOINT(gen, rpc->p_nr); /* new endpoint of slot */
rpc->p_reg.retreg = 0; /* child sees pid = 0 to know it is child */
rpc->p_user_time = 0; /* set all the accounting times to 0 */
rpc->p_sys_time = 0;
rpc->p_misc_flags &=
~(MF_VIRT_TIMER | MF_PROF_TIMER | MF_SC_TRACE | MF_SPROF_SEEN | MF_STEP);
rpc->p_virt_left = 0; /* disable, clear the process-virtual timers */
rpc->p_prof_left = 0;
/* Mark process name as being a forked copy */
namelen = strlen(rpc->p_name);
#define FORKSTR "*F"
if(namelen+strlen(FORKSTR) < sizeof(rpc->p_name))
strcat(rpc->p_name, FORKSTR);
/* the child process is not runnable until it's scheduled. */
RTS_SET(rpc, RTS_NO_QUANTUM);
reset_proc_accounting(rpc);
rpc->p_cpu_time_left = 0;
rpc->p_cycles = 0;
rpc->p_kcall_cycles = 0;
rpc->p_kipc_cycles = 0;
rpc->p_signal_received = 0;
/* If the parent is a privileged process, take away the privileges from the
* child process and inhibit it from running by setting the NO_PRIV flag.
* The caller should explicitly set the new privileges before executing.
*/
if (priv(rpp)->s_flags & SYS_PROC) {
rpc->p_priv = priv_addr(USER_PRIV_ID);
rpc->p_rts_flags |= RTS_NO_PRIV;
}
/* Calculate endpoint identifier, so caller knows what it is. */
m_ptr->m_krn_lsys_sys_fork.endpt = rpc->p_endpoint;
m_ptr->m_krn_lsys_sys_fork.msgaddr = rpp->p_delivermsg_vir;
/* Don't schedule process in VM mode until it has a new pagetable. */
if(m_ptr->m_lsys_krn_sys_fork.flags & PFF_VMINHIBIT) {
RTS_SET(rpc, RTS_VMINHIBIT);
}
/*
* Only one in group should have RTS_SIGNALED, child doesn't inherit tracing.
*/
RTS_UNSET(rpc, (RTS_SIGNALED | RTS_SIG_PENDING | RTS_P_STOP));
(void) sigemptyset(&rpc->p_pending);
#if defined(__i386__)
rpc->p_seg.p_cr3 = 0;
rpc->p_seg.p_cr3_v = NULL;
#elif defined(__arm__)
rpc->p_seg.p_ttbr = 0;
rpc->p_seg.p_ttbr_v = NULL;
#endif
return OK;
}
/*===========================================================================*
* do_getinfo *
*===========================================================================*/
int do_getinfo(struct proc * caller, message * m_ptr)
{
/* Request system information to be copied to caller's address space. This
* call simply copies entire data structures to the caller.
*/
size_t length;
vir_bytes src_vir;
int nr_e, nr, r;
int wipe_rnd_bin = -1;
struct proc *p;
/* Set source address and length based on request type. */
switch (m_ptr->I_REQUEST) {
case GET_MACHINE: {
length = sizeof(struct machine);
src_vir = (vir_bytes) &machine;
break;
}
case GET_KINFO: {
length = sizeof(struct kinfo);
src_vir = (vir_bytes) &kinfo;
break;
}
case GET_LOADINFO: {
length = sizeof(struct loadinfo);
src_vir = (vir_bytes) &kloadinfo;
break;
}
case GET_CPUINFO: {
length = sizeof(cpu_info);
src_vir = (vir_bytes) &cpu_info;
break;
}
case GET_HZ: {
length = sizeof(system_hz);
src_vir = (vir_bytes) &system_hz;
break;
}
case GET_IMAGE: {
length = sizeof(struct boot_image) * NR_BOOT_PROCS;
src_vir = (vir_bytes) image;
break;
}
case GET_IRQHOOKS: {
length = sizeof(struct irq_hook) * NR_IRQ_HOOKS;
src_vir = (vir_bytes) irq_hooks;
break;
}
case GET_PROCTAB: {
update_idle_time();
length = sizeof(struct proc) * (NR_PROCS + NR_TASKS);
src_vir = (vir_bytes) proc;
break;
}
case GET_PRIVTAB: {
length = sizeof(struct priv) * (NR_SYS_PROCS);
src_vir = (vir_bytes) priv;
break;
}
case GET_PROC: {
nr_e = (m_ptr->I_VAL_LEN2_E == SELF) ?
caller->p_endpoint : m_ptr->I_VAL_LEN2_E;
if(!isokendpt(nr_e, &nr)) return EINVAL; /* validate request */
length = sizeof(struct proc);
src_vir = (vir_bytes) proc_addr(nr);
break;
}
case GET_PRIV: {
nr_e = (m_ptr->I_VAL_LEN2_E == SELF) ?
caller->p_endpoint : m_ptr->I_VAL_LEN2_E;
if(!isokendpt(nr_e, &nr)) return EINVAL; /* validate request */
length = sizeof(struct priv);
src_vir = (vir_bytes) priv_addr(nr_to_id(nr));
break;
}
case GET_REGS: {
nr_e = (m_ptr->I_VAL_LEN2_E == SELF) ?
caller->p_endpoint : m_ptr->I_VAL_LEN2_E;
if(!isokendpt(nr_e, &nr)) return EINVAL; /* validate request */
p = proc_addr(nr);
length = sizeof(p->p_reg);
src_vir = (vir_bytes) &p->p_reg;
break;
}
case GET_WHOAMI: {
int len;
/* GET_WHOAMI uses m3 and only uses the message contents for info. */
m_ptr->GIWHO_EP = caller->p_endpoint;
len = MIN(sizeof(m_ptr->GIWHO_NAME), sizeof(caller->p_name))-1;
strncpy(m_ptr->GIWHO_NAME, caller->p_name, len);
m_ptr->GIWHO_NAME[len] = '\0';
m_ptr->GIWHO_PRIVFLAGS = priv(caller)->s_flags;
return OK;
}
case GET_MONPARAMS: {
src_vir = (vir_bytes) params_buffer;
length = sizeof(params_buffer);
break;
}
case GET_RANDOMNESS: {
static struct k_randomness copy; /* copy to keep counters */
int i;
copy = krandom;
for (i= 0; i<RANDOM_SOURCES; i++) {
krandom.bin[i].r_size = 0; /* invalidate random data */
krandom.bin[i].r_next = 0;
}
length = sizeof(copy);
src_vir = (vir_bytes) ©
break;
}
case GET_RANDOMNESS_BIN: {
int bin = m_ptr->I_VAL_LEN2_E;
if(bin < 0 || bin >= RANDOM_SOURCES) {
printf("SYSTEM: GET_RANDOMNESS_BIN: %d out of range\n", bin);
return EINVAL;
}
if(krandom.bin[bin].r_size < RANDOM_ELEMENTS)
return ENOENT;
length = sizeof(krandom.bin[bin]);
src_vir = (vir_bytes) &krandom.bin[bin];
wipe_rnd_bin = bin;
break;
}
case GET_KMESSAGES: {
length = sizeof(struct kmessages);
src_vir = (vir_bytes) &kmess;
break;
}
case GET_IRQACTIDS: {
length = sizeof(irq_actids);
src_vir = (vir_bytes) irq_actids;
break;
}
case GET_IDLETSC: {
struct proc * idl;
update_idle_time();
idl = proc_addr(IDLE);
length = sizeof(idl->p_cycles);
src_vir = (vir_bytes) &idl->p_cycles;
break;
}
default:
printf("do_getinfo: invalid request %d\n", m_ptr->I_REQUEST);
return(EINVAL);
}
/* Try to make the actual copy for the requested data. */
if (m_ptr->I_VAL_LEN > 0 && length > m_ptr->I_VAL_LEN) return (E2BIG);
r = data_copy_vmcheck(caller, KERNEL, src_vir, caller->p_endpoint,
(vir_bytes) m_ptr->I_VAL_PTR, length);
if(r != OK) return r;
if(wipe_rnd_bin >= 0 && wipe_rnd_bin < RANDOM_SOURCES) {
krandom.bin[wipe_rnd_bin].r_size = 0;
krandom.bin[wipe_rnd_bin].r_next = 0;
}
return(OK);
}
