pci: apply ACLs to device reservations
This commit is contained in:
David van Moolenbroek
parent
e21c21a31a
commit
457d3884a2
3 changed files with 23 additions and 10 deletions
|
|
@ -380,11 +380,14 @@ PRIVATE void do_del_acl(message *mp)
|
|||
|
||||
PRIVATE void do_reserve(message *mp)
|
||||
{
|
||||
struct rs_pci *aclp;
|
||||
int r, devind;
|
||||
|
||||
devind= mp->m1_i1;
|
||||
|
||||
mp->m_type= pci_reserve2(devind, mp->m_source);
|
||||
|
||||
aclp= find_acl(mp->m_source);
|
||||
|
||||
mp->m_type= pci_reserve_a(devind, mp->m_source, aclp);
|
||||
r= send(mp->m_source, mp);
|
||||
if (r != 0)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -358,11 +358,12 @@ PUBLIC int pci_next_dev_a(
|
|||
}
|
||||
|
||||
/*===========================================================================*
|
||||
* pci_reserve2 *
|
||||
* pci_reserve_a *
|
||||
*===========================================================================*/
|
||||
PUBLIC int pci_reserve2(devind, proc)
|
||||
PUBLIC int pci_reserve_a(devind, proc, aclp)
|
||||
int devind;
|
||||
endpoint_t proc;
|
||||
struct rs_pci *aclp;
|
||||
{
|
||||
int i, r;
|
||||
int ilr;
|
||||
|
|
@ -371,9 +372,16 @@ endpoint_t proc;
|
|||
|
||||
if (devind < 0 || devind >= nr_pcidev)
|
||||
{
|
||||
printf("pci:pci_reserve2: bad devind: %d\n", devind);
|
||||
printf("pci_reserve_a: bad devind: %d\n", devind);
|
||||
return EINVAL;
|
||||
}
|
||||
if (!visible(aclp, devind))
|
||||
{
|
||||
printf("pci_reserve_a: %u is not allowed to reserve %d\n",
|
||||
proc, devind);
|
||||
return EPERM;
|
||||
}
|
||||
|
||||
if(pcidev[devind].pd_inuse && pcidev[devind].pd_proc != proc)
|
||||
return EBUSY;
|
||||
pcidev[devind].pd_inuse= 1;
|
||||
|
|
@ -383,7 +391,7 @@ endpoint_t proc;
|
|||
{
|
||||
if (pcidev[devind].pd_bar[i].pb_flags & PBF_INCOMPLETE)
|
||||
{
|
||||
printf("pci_reserve3: BAR %d is incomplete\n", i);
|
||||
printf("pci_reserve_a: BAR %d is incomplete\n", i);
|
||||
continue;
|
||||
}
|
||||
if (pcidev[devind].pd_bar[i].pb_flags & PBF_IO)
|
||||
|
|
@ -394,7 +402,7 @@ endpoint_t proc;
|
|||
|
||||
if(debug) {
|
||||
printf(
|
||||
"pci_reserve3: for proc %d, adding I/O range [0x%x..0x%x]\n",
|
||||
"pci_reserve_a: for proc %d, adding I/O range [0x%x..0x%x]\n",
|
||||
proc, ior.ior_base, ior.ior_limit);
|
||||
}
|
||||
r= sys_privctl(proc, SYS_PRIV_ADD_IO, &ior);
|
||||
|
|
@ -421,7 +429,7 @@ endpoint_t proc;
|
|||
ilr= pcidev[devind].pd_ilr;
|
||||
if (ilr != PCI_ILR_UNKNOWN)
|
||||
{
|
||||
if(debug) printf("pci_reserve3: adding IRQ %d\n", ilr);
|
||||
if(debug) printf("pci_reserve_a: adding IRQ %d\n", ilr);
|
||||
r= sys_privctl(proc, SYS_PRIV_ADD_IRQ, &ilr);
|
||||
if (r != OK)
|
||||
{
|
||||
|
|
@ -2667,7 +2675,8 @@ int devind;
|
|||
|
||||
if (!aclp)
|
||||
return TRUE; /* Should be changed when ACLs become
|
||||
* mandatory.
|
||||
* mandatory. Do note that procfs relies
|
||||
* on being able to see all devices.
|
||||
*/
|
||||
/* Check whether the caller is allowed to get this device. */
|
||||
for (i= 0; i<aclp->rsp_nr_device; i++)
|
||||
|
|
|
|||
|
|
@ -96,7 +96,8 @@ extern struct pci_pcibridge pci_pcibridge[];
|
|||
/* Function prototypes. */
|
||||
_PROTOTYPE( int sef_cb_init_fresh, (int type, sef_init_info_t *info) );
|
||||
_PROTOTYPE( int map_service, (struct rprocpub *rpub) );
|
||||
_PROTOTYPE( int pci_reserve2, (int devind, endpoint_t proc) );
|
||||
_PROTOTYPE( int pci_reserve_a, (int devind, endpoint_t proc,
|
||||
struct rs_pci *aclp) );
|
||||
_PROTOTYPE( void pci_release, (endpoint_t proc) );
|
||||
_PROTOTYPE( int pci_first_dev_a, (struct rs_pci *aclp, int *devindp,
|
||||
u16_t *vidp, u16_t *didp) );
|
||||
|
|
|
|||
Loading…
Reference in a new issue