From: David van Moolenbroek Date: Tue, 7 Dec 2010 10:32:42 +0000 (+0000) Subject: Kernel/RS: fix permission computation with 32+ system processes X-Git-Tag: v3.2.0~725 X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/zlib_tech.html?a=commitdiff_plain;h=a7285dfabc180cec8e2a67d598c94ae51308474c;p=minix.git Kernel/RS: fix permission computation with 32+ system processes --- diff --git a/include/minix/priv.h b/include/minix/priv.h index 07fe1a5e8..03c0665c8 100644 --- a/include/minix/priv.h +++ b/include/minix/priv.h @@ -20,6 +20,10 @@ */ #define NULL_PRIV_ID (-1) +/* Allowed targets. */ +#define NO_M (-1) /* no targets allowed */ +#define ALL_M (-2) /* all targets allowed */ + /* Allowed calls. */ #define NO_C (-1) /* no calls allowed */ #define ALL_C (-2) /* all calls allowed */ @@ -53,10 +57,10 @@ #define USR_T (1 << SENDREC) /* user processes */ /* allowed targets */ -#define TSK_M 0 /* all kernel tasks */ -#define SRV_M (~0) /* system services */ -#define DSRV_M (~0) /* dynamic system services */ -#define USR_M (~0) /* user processes */ +#define TSK_M NO_M /* all kernel tasks */ +#define SRV_M ALL_M /* system services */ +#define DSRV_M ALL_M /* dynamic system services */ +#define USR_M ALL_M /* user processes */ /* allowed kernel calls */ #define TSK_KC NO_C /* all kernel tasks */ diff --git a/kernel/const.h b/kernel/const.h index 55ddc2743..f5b7edbcb 100644 --- a/kernel/const.h +++ b/kernel/const.h @@ -17,13 +17,13 @@ #define _DST_ 1 #define get_sys_bit(map,bit) \ - ( MAP_CHUNK(map.chunk,bit) & (1 << CHUNK_OFFSET(bit) )) + ( MAP_CHUNK((map).chunk,bit) & (1 << CHUNK_OFFSET(bit) )) #define get_sys_bits(map,bit) \ - ( MAP_CHUNK(map.chunk,bit) ) + ( MAP_CHUNK((map).chunk,bit) ) #define set_sys_bit(map,bit) \ - ( MAP_CHUNK(map.chunk,bit) |= (1 << CHUNK_OFFSET(bit) )) + ( MAP_CHUNK((map).chunk,bit) |= (1 << CHUNK_OFFSET(bit) )) #define unset_sys_bit(map,bit) \ - ( MAP_CHUNK(map.chunk,bit) &= ~(1 << CHUNK_OFFSET(bit) )) + ( MAP_CHUNK((map).chunk,bit) &= ~(1 << CHUNK_OFFSET(bit) )) /* args to intr_init() */ #define INTS_ORIG 0 /* restore interrupts */ diff --git a/kernel/main.c b/kernel/main.c index 108ef99eb..7a3770b2b 100644 --- a/kernel/main.c +++ b/kernel/main.c @@ -156,6 +156,7 @@ PUBLIC int main(void) int schedulable_proc; proc_nr_t proc_nr; int ipc_to_m, kcalls; + sys_map_t map; ip = &image[i]; /* process' attributes */ DEBUGEXTRA(("initializing %s... ", ip->proc_name)); @@ -205,7 +206,14 @@ PUBLIC int main(void) } /* Fill in target mask. */ - fill_sendto_mask(rp, ipc_to_m); + memset(&map, 0, sizeof(map)); + + if (ipc_to_m == ALL_M) { + for(j = 0; j < NR_SYS_PROCS; j++) + set_sys_bit(map, j); + } + + fill_sendto_mask(rp, &map); /* Fill in kernel call mask. */ for(j = 0; j < SYS_CALL_MASK_SIZE; j++) { diff --git a/kernel/proto.h b/kernel/proto.h index 0a628ab04..844467d90 100644 --- a/kernel/proto.h +++ b/kernel/proto.h @@ -73,7 +73,8 @@ _PROTOTYPE( char *env_get, (const char *key)); _PROTOTYPE( int get_priv, (register struct proc *rc, int proc_type) ); _PROTOTYPE( void set_sendto_bit, (const struct proc *rc, int id) ); _PROTOTYPE( void unset_sendto_bit, (const struct proc *rc, int id) ); -_PROTOTYPE( void fill_sendto_mask, (const struct proc *rc, int mask) ); +_PROTOTYPE( void fill_sendto_mask, (const struct proc *rc, + sys_map_t *map) ); _PROTOTYPE( void send_sig, (endpoint_t proc_nr, int sig_nr) ); _PROTOTYPE( void cause_sig, (proc_nr_t proc_nr, int sig_nr) ); _PROTOTYPE( void sig_delay_done, (struct proc *rp) ); diff --git a/kernel/system.c b/kernel/system.c index 434abf1b6..e5e370875 100644 --- a/kernel/system.c +++ b/kernel/system.c @@ -339,12 +339,12 @@ PUBLIC void unset_sendto_bit(const struct proc *rp, int id) /*===========================================================================* * fill_sendto_mask * *===========================================================================*/ -PUBLIC void fill_sendto_mask(const struct proc *rp, int mask) +PUBLIC void fill_sendto_mask(const struct proc *rp, sys_map_t *map) { int i; for (i=0; i < NR_SYS_PROCS; i++) { - if (mask & (1 << i)) + if (get_sys_bit(*map, i)) set_sendto_bit(rp, i); else unset_sendto_bit(rp, i); diff --git a/kernel/system/do_privctl.c b/kernel/system/do_privctl.c index 485b21eab..d8703063e 100644 --- a/kernel/system/do_privctl.c +++ b/kernel/system/do_privctl.c @@ -30,6 +30,7 @@ PUBLIC int do_privctl(struct proc * caller, message * m_ptr) struct proc *rp; proc_nr_t proc_nr; sys_id_t priv_id; + sys_map_t map; int ipc_to_m, kcalls; int i, r; struct io_range io_range; @@ -119,8 +120,13 @@ PUBLIC int do_privctl(struct proc * caller, message * m_ptr) /* Set defaults for privilege bitmaps. */ priv(rp)->s_flags= DSRV_F; /* privilege flags */ priv(rp)->s_trap_mask= DSRV_T; /* allowed traps */ + memset(&map, 0, sizeof(map)); ipc_to_m = DSRV_M; /* allowed targets */ - fill_sendto_mask(rp, ipc_to_m); + if (ipc_to_m == ALL_M) { + for (i = 0; i < NR_SYS_PROCS; i++) + set_sys_bit(map, i); + } + fill_sendto_mask(rp, &map); kcalls = DSRV_KC; /* allowed kernel calls */ for(i = 0; i < SYS_CALL_MASK_SIZE; i++) { priv(rp)->s_k_call_mask[i] = (kcalls == NO_C ? 0 : (~0)); @@ -294,7 +300,7 @@ PRIVATE int update_priv(struct proc *rp, struct priv *priv) { /* Update the privilege structure of a given process. */ - int ipc_to_m, i; + int i; /* Copy s_flags and signal managers. */ priv(rp)->s_flags = priv->s_flags; @@ -362,8 +368,7 @@ PRIVATE int update_priv(struct proc *rp, struct priv *priv) printf("\n"); #endif - memcpy(&ipc_to_m, &priv->s_ipc_to, sizeof(ipc_to_m)); - fill_sendto_mask(rp, ipc_to_m); + fill_sendto_mask(rp, &priv->s_ipc_to); #if PRIV_DEBUG printf("do_privctl: Set ipc target mask for %d:"); diff --git a/servers/rs/main.c b/servers/rs/main.c index 21bdedf83..607063076 100644 --- a/servers/rs/main.c +++ b/servers/rs/main.c @@ -165,7 +165,7 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) { /* Initialize the reincarnation server. */ struct boot_image *ip; - int s,i,j; + int s,i; int nr_image_srvs, nr_image_priv_srvs, nr_uncaught_init_srvs; struct rproc *rp; struct rproc *replica_rp; @@ -272,7 +272,7 @@ PRIVATE int sef_cb_init_fresh(int type, sef_init_info_t *info) rp->r_priv.s_flags = boot_image_priv->flags; /* priv flags */ rp->r_priv.s_trap_mask= SRV_OR_USR(rp, SRV_T, USR_T); /* traps */ ipc_to = SRV_OR_USR(rp, SRV_M, USR_M); /* targets */ - memcpy(&rp->r_priv.s_ipc_to, &ipc_to, sizeof(rp->r_priv.s_ipc_to)); + fill_send_mask(&rp->r_priv.s_ipc_to, ipc_to == ALL_M); rp->r_priv.s_sig_mgr= SRV_OR_USR(rp, SRV_SM, USR_SM); /* sig mgr */ rp->r_priv.s_bak_sig_mgr = NONE; /* backup sig mgr */ diff --git a/servers/rs/manager.c b/servers/rs/manager.c index 9dfe41476..2419de384 100644 --- a/servers/rs/manager.c +++ b/servers/rs/manager.c @@ -1988,7 +1988,7 @@ struct priv *privp; int is_ipc_all, is_ipc_all_sys; /* Clear s_ipc_to */ - memset(&privp->s_ipc_to, '\0', sizeof(privp->s_ipc_to)); + fill_send_mask(&privp->s_ipc_to, FALSE); is_ipc_all = !strcmp(rp->r_ipc_list, RSS_IPC_ALL); is_ipc_all_sys = !strcmp(rp->r_ipc_list, RSS_IPC_ALL_SYS); diff --git a/servers/rs/proto.h b/servers/rs/proto.h index ccadb4724..0dc45b56a 100644 --- a/servers/rs/proto.h +++ b/servers/rs/proto.h @@ -90,6 +90,7 @@ _PROTOTYPE( void end_update, (int result, int reply_flag) ); /* utility.c */ _PROTOTYPE( int init_service, (struct rproc *rp, int type)); +_PROTOTYPE( void fill_send_mask, (sys_map_t *send_mask, int set_bits)); _PROTOTYPE(void fill_call_mask, ( int *calls, int tot_nr_calls, bitchunk_t *call_mask, int call_base, int is_init)); _PROTOTYPE( char* srv_to_string, (struct rproc *rp)); diff --git a/servers/rs/utility.c b/servers/rs/utility.c index c32ecbd22..eba9ae3ba 100644 --- a/servers/rs/utility.c +++ b/servers/rs/utility.c @@ -51,6 +51,24 @@ int type; /* type of initialization */ return r; } +/*===========================================================================* + * fill_send_mask * + *===========================================================================*/ +PUBLIC void fill_send_mask(send_mask, set_bits) +sys_map_t *send_mask; /* the send mask to fill in */ +int set_bits; /* TRUE sets all bits, FALSE clears all bits */ +{ +/* Fill in a send mask. */ + int i; + + for (i = 0; i < NR_SYS_PROCS; i++) { + if (set_bits) + set_sys_bit(*send_mask, i); + else + unset_sys_bit(*send_mask, i); + } +} + /*===========================================================================* * fill_call_mask * *===========================================================================*/