]> Zhao Yanbai Git Server - minix.git/commitdiff
Zhao YanBai
Repos / minix.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e21c21a)
pci: apply ACLs to device reservations
authorDavid van Moolenbroek <david@minix3.org>
Wed, 7 Mar 2012 22:45:55 +0000 (23:45 +0100)
committerDavid van Moolenbroek <david@minix3.org>
Thu, 8 Mar 2012 22:52:17 +0000 (23:52 +0100)
drivers/pci/main.c patch | blob | history
drivers/pci/pci.c patch | blob | history
drivers/pci/pci.h patch | blob | history

diff --git a/drivers/pci/main.c b/drivers/pci/main.c
index 65891eaf4bbfacaf17eb90a4effcff5da972d04c..7731d0c9d7b79d8c9a3b451bb7e47187df72e9b6 100644 (file)
--- a/drivers/pci/main.c
+++ b/drivers/pci/main.c
@@ -380,11 +380,14 @@ PRIVATE void do_del_acl(message *mp)
 
 PRIVATE void do_reserve(message *mp)
 {
+       struct rs_pci *aclp;
        int r, devind;
 
        devind= mp->m1_i1;
-       
-       mp->m_type= pci_reserve2(devind, mp->m_source);
+
+       aclp= find_acl(mp->m_source);
+
+       mp->m_type= pci_reserve_a(devind, mp->m_source, aclp);
        r= send(mp->m_source, mp);
        if (r != 0)
        {
diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
index bfad9b48a6d33bd778103202ed8562896247c119..0f9e727a89b5dc9ac59b25de13674ab46ad3bde6 100644 (file)
--- a/drivers/pci/pci.c
+++ b/drivers/pci/pci.c
@@ -358,11 +358,12 @@ PUBLIC int pci_next_dev_a(
 }
 
 /*===========================================================================*
- *                             pci_reserve                                *
+ *                             pci_reserve_a                                *
  *===========================================================================*/
-PUBLIC int pci_reserve2(devind, proc)
+PUBLIC int pci_reserve_a(devind, proc, aclp)
 int devind;
 endpoint_t proc;
+struct rs_pci *aclp;
 {
        int i, r;
        int ilr;
@@ -371,9 +372,16 @@ endpoint_t proc;
 
        if (devind < 0 || devind >= nr_pcidev)
        {
-               printf("pci:pci_reserve2: bad devind: %d\n", devind);
+               printf("pci_reserve_a: bad devind: %d\n", devind);
                return EINVAL;
        }
+       if (!visible(aclp, devind))
+       {
+               printf("pci_reserve_a: %u is not allowed to reserve %d\n",
+                       proc, devind);
+               return EPERM;
+       }
+
        if(pcidev[devind].pd_inuse && pcidev[devind].pd_proc != proc)
                return EBUSY;
        pcidev[devind].pd_inuse= 1;
@@ -383,7 +391,7 @@ endpoint_t proc;
        {
                if (pcidev[devind].pd_bar[i].pb_flags & PBF_INCOMPLETE)
                {
-                       printf("pci_reserve3: BAR %d is incomplete\n", i);
+                       printf("pci_reserve_a: BAR %d is incomplete\n", i);
                        continue;
                }
                if (pcidev[devind].pd_bar[i].pb_flags & PBF_IO)
@@ -394,7 +402,7 @@ endpoint_t proc;
 
                        if(debug) {
                           printf(
-               "pci_reserve3: for proc %d, adding I/O range [0x%x..0x%x]\n",
+               "pci_reserve_a: for proc %d, adding I/O range [0x%x..0x%x]\n",
                                proc, ior.ior_base, ior.ior_limit);
                        }
                        r= sys_privctl(proc, SYS_PRIV_ADD_IO, &ior);
@@ -421,7 +429,7 @@ endpoint_t proc;
        ilr= pcidev[devind].pd_ilr;
        if (ilr != PCI_ILR_UNKNOWN)
        {
-               if(debug) printf("pci_reserve3: adding IRQ %d\n", ilr);
+               if(debug) printf("pci_reserve_a: adding IRQ %d\n", ilr);
                r= sys_privctl(proc, SYS_PRIV_ADD_IRQ, &ilr);
                if (r != OK)
                {
@@ -2667,7 +2675,8 @@ int devind;
 
        if (!aclp)
                return TRUE;    /* Should be changed when ACLs become
-                                * mandatory.
+                                * mandatory. Do note that procfs relies
+                                * on being able to see all devices.
                                 */
        /* Check whether the caller is allowed to get this device. */
        for (i= 0; i<aclp->rsp_nr_device; i++)
diff --git a/drivers/pci/pci.h b/drivers/pci/pci.h
index af0a066534345636d5bd90846941014733104d19..7f9ed4f9e010044fc65bfddc1548ced75d3883f9 100644 (file)
--- a/drivers/pci/pci.h
+++ b/drivers/pci/pci.h
@@ -96,7 +96,8 @@ extern struct pci_pcibridge pci_pcibridge[];
 /* Function prototypes. */
 _PROTOTYPE( int sef_cb_init_fresh, (int type, sef_init_info_t *info)   );
 _PROTOTYPE( int map_service, (struct rprocpub *rpub)                   );
-_PROTOTYPE( int pci_reserve2, (int devind, endpoint_t proc)            );
+_PROTOTYPE( int pci_reserve_a, (int devind, endpoint_t proc,
+                                       struct rs_pci *aclp)            );
 _PROTOTYPE( void pci_release, (endpoint_t proc)                                );
 _PROTOTYPE( int pci_first_dev_a, (struct rs_pci *aclp, int *devindp,
                                        u16_t *vidp, u16_t *didp)       );
Unnamed repository; edit this file 'description' to name the repository.