int count = m_ptr->DIO_VEC_SIZE;
long port = m_ptr->DIO_PORT;
phys_bytes phys_buf;
- int req_type, req_dir;
+ int i, req_type, req_dir, io_type, size, nr_io_range;
+ struct proc *rp;
+ struct priv *privp;
+ struct io_range *iorp;
/* Allow safe copies and accesses to SELF */
if ((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) != _DIO_SAFE &&
return(EFAULT);
}
+ rp= proc_addr(who_p);
+ if (privp && privp->s_flags & CHECK_IO_PORT)
+ {
+ switch (io_type)
+ {
+ case _DIO_BYTE: size= 1; break;
+ case _DIO_WORD: size= 2; break;
+ case _DIO_LONG: size= 4; break;
+ default: size= 4; break; /* Be conservative */
+ }
+ port= m_ptr->DIO_PORT;
+ nr_io_range= privp->s_nr_io_range;
+ for (i= 0, iorp= privp->s_io_tab; i<nr_io_range; i++, iorp++)
+ {
+ if (port >= iorp->ior_base && port+size-1 <= iorp->ior_limit)
+ break;
+ }
+ if (i >= nr_io_range)
+ {
+ kprintf(
+ "do_sdevio: I/O port check failed for proc %d, port 0x%x\n",
+ m_ptr->m_source, port);
+ return EPERM;
+ }
+ }
+
/* Perform device I/O for bytes and words. Longs are not supported. */
if (req_dir == _DIO_INPUT) {
switch (req_type) {
size_t bytes; /* # bytes to be copied */
vir_bytes caller_vir; /* virtual address at caller */
phys_bytes caller_phys; /* physical address at caller */
- int i;
+ port_t port;
+ int i, j, io_size, nr_io_range;
int io_dir, io_type;
+ struct proc *rp;
+ struct priv *privp;
+ struct io_range *iorp;
/* Get the request, size of the request vector, and check the values. */
io_dir = m_ptr->DIO_REQUEST & _DIO_DIRMASK;
else return(EINVAL);
if ((vec_size = m_ptr->DIO_VEC_SIZE) <= 0) return(EINVAL);
switch (io_type) {
- case _DIO_BYTE: bytes = vec_size * sizeof(pvb_pair_t); break;
- case _DIO_WORD: bytes = vec_size * sizeof(pvw_pair_t); break;
- case _DIO_LONG: bytes = vec_size * sizeof(pvl_pair_t); break;
+ case _DIO_BYTE:
+ bytes = vec_size * sizeof(pvb_pair_t);
+ io_size= sizeof(u8_t);
+ break;
+ case _DIO_WORD:
+ bytes = vec_size * sizeof(pvw_pair_t);
+ io_size= sizeof(u16_t);
+ break;
+ case _DIO_LONG:
+ bytes = vec_size * sizeof(pvl_pair_t);
+ io_size= sizeof(u32_t);
+ break;
default: return(EINVAL); /* check type once and for all */
}
if (bytes > sizeof(vdevio_buf)) return(E2BIG);
if (0 == caller_phys) return(EFAULT);
phys_copy(caller_phys, vir2phys(vdevio_buf), (phys_bytes) bytes);
+ rp= proc_addr(who_p);
+ privp= priv(rp);
+ if (privp && (privp->s_flags & CHECK_IO_PORT))
+ {
+ /* Check whether the I/O is allowed */
+ nr_io_range= privp->s_nr_io_range;
+ for (i=0; i<vec_size; i++)
+ {
+ switch (io_type) {
+ case _DIO_BYTE: port= pvb[i].port; break;
+ case _DIO_WORD: port= pvw[i].port; break;
+ default: port= pvl[i].port; break;
+ }
+ for (j= 0, iorp= privp->s_io_tab; j<nr_io_range; j++, iorp++)
+ {
+ if (port >= iorp->ior_base &&
+ port+io_size-1 <= iorp->ior_limit)
+ {
+ break;
+ }
+ }
+ if (j >= nr_io_range)
+ {
+ kprintf(
+ "do_vdevio: I/O port check failed for proc %d, port 0x%x\n",
+ m_ptr->m_source, port);
+ return EPERM;
+ }
+ }
+ }
+
/* Perform actual device I/O for byte, word, and long values. Note that
* the entire switch is wrapped in lock() and unlock() to prevent the I/O
* batch from being interrupted.