From: Philip Homburg Date: Fri, 20 Oct 2006 14:46:55 +0000 (+0000) Subject: Access control in do_sdevio and do_vdevio X-Git-Tag: v3.1.3~166 X-Git-Url: http://zhaoyanbai.com/repos/dnssec-signzone.html?a=commitdiff_plain;h=fd448c332b6735a065a4a3a2120bbc5e0e49be3c;p=minix.git Access control in do_sdevio and do_vdevio --- diff --git a/kernel/system/do_sdevio.c b/kernel/system/do_sdevio.c index 4d8c9d3d3..be39dd036 100644 --- a/kernel/system/do_sdevio.c +++ b/kernel/system/do_sdevio.c @@ -26,7 +26,10 @@ register message *m_ptr; /* pointer to request message */ int count = m_ptr->DIO_VEC_SIZE; long port = m_ptr->DIO_PORT; phys_bytes phys_buf; - int req_type, req_dir; + int i, req_type, req_dir, io_type, size, nr_io_range; + struct proc *rp; + struct priv *privp; + struct io_range *iorp; /* Allow safe copies and accesses to SELF */ if ((m_ptr->DIO_REQUEST & _DIO_SAFEMASK) != _DIO_SAFE && @@ -73,6 +76,32 @@ register message *m_ptr; /* pointer to request message */ return(EFAULT); } + rp= proc_addr(who_p); + if (privp && privp->s_flags & CHECK_IO_PORT) + { + switch (io_type) + { + case _DIO_BYTE: size= 1; break; + case _DIO_WORD: size= 2; break; + case _DIO_LONG: size= 4; break; + default: size= 4; break; /* Be conservative */ + } + port= m_ptr->DIO_PORT; + nr_io_range= privp->s_nr_io_range; + for (i= 0, iorp= privp->s_io_tab; i= iorp->ior_base && port+size-1 <= iorp->ior_limit) + break; + } + if (i >= nr_io_range) + { + kprintf( + "do_sdevio: I/O port check failed for proc %d, port 0x%x\n", + m_ptr->m_source, port); + return EPERM; + } + } + /* Perform device I/O for bytes and words. Longs are not supported. */ if (req_dir == _DIO_INPUT) { switch (req_type) { diff --git a/kernel/system/do_vdevio.c b/kernel/system/do_vdevio.c index ae3cb78c5..ff417718a 100644 --- a/kernel/system/do_vdevio.c +++ b/kernel/system/do_vdevio.c @@ -37,8 +37,12 @@ register message *m_ptr; /* pointer to request message */ size_t bytes; /* # bytes to be copied */ vir_bytes caller_vir; /* virtual address at caller */ phys_bytes caller_phys; /* physical address at caller */ - int i; + port_t port; + int i, j, io_size, nr_io_range; int io_dir, io_type; + struct proc *rp; + struct priv *privp; + struct io_range *iorp; /* Get the request, size of the request vector, and check the values. */ io_dir = m_ptr->DIO_REQUEST & _DIO_DIRMASK; @@ -48,9 +52,18 @@ register message *m_ptr; /* pointer to request message */ else return(EINVAL); if ((vec_size = m_ptr->DIO_VEC_SIZE) <= 0) return(EINVAL); switch (io_type) { - case _DIO_BYTE: bytes = vec_size * sizeof(pvb_pair_t); break; - case _DIO_WORD: bytes = vec_size * sizeof(pvw_pair_t); break; - case _DIO_LONG: bytes = vec_size * sizeof(pvl_pair_t); break; + case _DIO_BYTE: + bytes = vec_size * sizeof(pvb_pair_t); + io_size= sizeof(u8_t); + break; + case _DIO_WORD: + bytes = vec_size * sizeof(pvw_pair_t); + io_size= sizeof(u16_t); + break; + case _DIO_LONG: + bytes = vec_size * sizeof(pvl_pair_t); + io_size= sizeof(u32_t); + break; default: return(EINVAL); /* check type once and for all */ } if (bytes > sizeof(vdevio_buf)) return(E2BIG); @@ -61,6 +74,37 @@ register message *m_ptr; /* pointer to request message */ if (0 == caller_phys) return(EFAULT); phys_copy(caller_phys, vir2phys(vdevio_buf), (phys_bytes) bytes); + rp= proc_addr(who_p); + privp= priv(rp); + if (privp && (privp->s_flags & CHECK_IO_PORT)) + { + /* Check whether the I/O is allowed */ + nr_io_range= privp->s_nr_io_range; + for (i=0; is_io_tab; j= iorp->ior_base && + port+io_size-1 <= iorp->ior_limit) + { + break; + } + } + if (j >= nr_io_range) + { + kprintf( + "do_vdevio: I/O port check failed for proc %d, port 0x%x\n", + m_ptr->m_source, port); + return EPERM; + } + } + } + /* Perform actual device I/O for byte, word, and long values. Note that * the entire switch is wrapped in lock() and unlock() to prevent the I/O * batch from being interrupted.