/*==========================================================================* * do_umap_remote * *==========================================================================*/ int do_umap_remote(struct proc * caller, message * m_ptr) { /* Map virtual address to physical, for non-kernel processes. */ int seg_type = m_ptr->CP_SRC_SPACE & SEGMENT_TYPE; int seg_index = m_ptr->CP_SRC_SPACE & SEGMENT_INDEX; vir_bytes offset = m_ptr->CP_SRC_ADDR; int count = m_ptr->CP_NR_BYTES; int endpt = (int) m_ptr->CP_SRC_ENDPT; endpoint_t grantee = (endpoint_t) m_ptr->CP_DST_ENDPT; int proc_nr, proc_nr_grantee; int naughty = 0; phys_bytes phys_addr = 0, lin_addr = 0; struct proc *targetpr; /* Verify process number. */ if (endpt == SELF) proc_nr = _ENDPOINT_P(caller->p_endpoint); else if (! isokendpt(endpt, &proc_nr)) return(EINVAL); targetpr = proc_addr(proc_nr); /* Verify grantee endpoint */ if (grantee == SELF) { grantee = caller->p_endpoint; } else if (grantee == NONE || grantee == ANY || seg_index != MEM_GRANT || !isokendpt(grantee, &proc_nr_grantee)) { return EINVAL; } /* See which mapping should be made. */ switch(seg_type) { case LOCAL_SEG: phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count); if(!lin_addr) return EFAULT; naughty = 1; break; case LOCAL_VM_SEG: if(seg_index == MEM_GRANT) { vir_bytes newoffset; endpoint_t newep; int new_proc_nr; cp_grant_id_t grant = (cp_grant_id_t) offset; if(verify_grant(targetpr->p_endpoint, grantee, grant, count, 0, 0, &newoffset, &newep) != OK) { printf("SYSTEM: do_umap: verify_grant in %s, grant %d, bytes 0x%lx, failed, caller %s\n", targetpr->p_name, offset, count, caller->p_name); proc_stacktrace(caller); return EFAULT; } if(!isokendpt(newep, &new_proc_nr)) { printf("SYSTEM: do_umap: isokendpt failed\n"); return EFAULT; } /* New lookup. */ offset = newoffset; targetpr = proc_addr(new_proc_nr); seg_index = D; } if(seg_index == T || seg_index == D || seg_index == S) { phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count); } else { printf("SYSTEM: bogus seg type 0x%lx\n", seg_index); return EFAULT; } if(!lin_addr) { printf("SYSTEM:do_umap: umap_local failed\n"); return EFAULT; } if(vm_lookup(targetpr, lin_addr, &phys_addr, NULL) != OK) { printf("SYSTEM:do_umap: vm_lookup failed\n"); return EFAULT; } if(phys_addr == 0) panic("vm_lookup returned zero physical address"); break; default: printf("umap: peculiar type\n"); return EINVAL; } if(vm_running && vm_lookup_range(targetpr, lin_addr, NULL, count) != count) { printf("SYSTEM:do_umap: not contiguous\n"); return EFAULT; } m_ptr->CP_DST_ADDR = phys_addr; if(naughty || phys_addr == 0) { printf("kernel: umap 0x%x done by %d / %s, pc 0x%lx, 0x%lx -> 0x%lx\n", seg_type, caller->p_endpoint, caller->p_name, caller->p_reg.pc, offset, phys_addr); printf("caller stack: "); proc_stacktrace(caller); } return (phys_addr == 0) ? EFAULT: OK; }
/*===========================================================================* * do_sdevio * *===========================================================================*/ PUBLIC int do_sdevio(struct proc * caller, message *m_ptr) { vir_bytes newoffset; endpoint_t newep; int proc_nr; endpoint_t proc_nr_e = m_ptr->DIO_VEC_ENDPT; vir_bytes count = m_ptr->DIO_VEC_SIZE; long port = m_ptr->DIO_PORT; phys_bytes phys_buf; int i, req_type, req_dir, size, nr_io_range; struct priv *privp; struct io_range *iorp; struct proc *destproc; int retval; /* Allow safe copies and accesses to SELF */ if ((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) != _DIO_SAFE && proc_nr_e != SELF) { static int first= 1; if (first) { first= 0; printf("do_sdevio: for %d, req %d\n", m_ptr->m_source, m_ptr->DIO_REQUEST); } } /* Check if process endpoint is OK. * A driver may directly provide a pointer to a buffer at the user-process * that initiated the device I/O. Kernel processes, of course, are denied. */ if (proc_nr_e == SELF) proc_nr = _ENDPOINT_P(caller->p_endpoint); else if(!isokendpt(proc_nr_e, &proc_nr)) return(EINVAL); if (iskerneln(proc_nr)) return(EPERM); /* Extract direction (in or out) and type (size). */ req_dir = m_ptr->DIO_REQUEST & _DIO_DIRMASK; req_type = m_ptr->DIO_REQUEST & _DIO_TYPEMASK; /* Check for 'safe' variants. */ if((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) == _DIO_SAFE) { /* Map grant address to physical address. */ if(verify_grant(proc_nr_e, caller->p_endpoint, (cp_grant_id_t) m_ptr->DIO_VEC_ADDR, count, req_dir == _DIO_INPUT ? CPF_WRITE : CPF_READ, (vir_bytes) m_ptr->DIO_OFFSET, &newoffset, &newep) != OK) { printf("do_sdevio: verify_grant failed\n"); return EPERM; } if(!isokendpt(newep, &proc_nr)) return(EINVAL); destproc = proc_addr(proc_nr); if ((phys_buf = umap_local(destproc, D, (vir_bytes) newoffset, count)) == 0) { printf("do_sdevio: umap_local failed\n"); return(EFAULT); } } else { if(proc_nr != _ENDPOINT_P(caller->p_endpoint)) { printf("do_sdevio: unsafe sdevio by %d in %d denied\n", caller->p_endpoint, proc_nr_e); return EPERM; } /* Get and check physical address. */ if ((phys_buf = umap_local(proc_addr(proc_nr), D, (vir_bytes) m_ptr->DIO_VEC_ADDR, count)) == 0) return(EFAULT); destproc = proc_addr(proc_nr); } /* current process must be target for phys_* to be OK */ switch_address_space(destproc); switch (req_type) { case _DIO_BYTE: size= 1; break; case _DIO_WORD: size= 2; break; case _DIO_LONG: size= 4; break; default: size= 4; break; /* Be conservative */ } privp= priv(caller); if (privp && privp->s_flags & CHECK_IO_PORT) { port= m_ptr->DIO_PORT; nr_io_range= privp->s_nr_io_range; for (i= 0, iorp= privp->s_io_tab; i<nr_io_range; i++, iorp++) { if (port >= iorp->ior_base && port+size-1 <= iorp->ior_limit) break; } if (i >= nr_io_range) { printf( "do_sdevio: I/O port check failed for proc %d, port 0x%x\n", m_ptr->m_source, port); retval = EPERM; goto return_error; } } if (port & (size-1)) { printf("do_devio: unaligned port 0x%x (size %d)\n", port, size); retval = EPERM; goto return_error; } /* Perform device I/O for bytes and words. Longs are not supported. */ if (req_dir == _DIO_INPUT) { switch (req_type) { case _DIO_BYTE: phys_insb(port, phys_buf, count); break; case _DIO_WORD: phys_insw(port, phys_buf, count); break; default: retval = EINVAL; goto return_error; } } else if (req_dir == _DIO_OUTPUT) { switch (req_type) { case _DIO_BYTE: phys_outsb(port, phys_buf, count); break; case _DIO_WORD: phys_outsw(port, phys_buf, count); break; default: retval = EINVAL; goto return_error; } } else { retval = EINVAL; goto return_error; } retval = OK; return_error: /* switch back to the address of the process which made the call */ switch_address_space(caller); return retval; }