Improved access checks in system.c. Grant drivers and FS the rights they need.
This commit is contained in:
parent
c3c08d252c
commit
4ba5826ba6
2 changed files with 11 additions and 11 deletions
|
@ -83,20 +83,20 @@ PUBLIC void sys_task()
|
||||||
caller_ptr = proc_addr(who_p);
|
caller_ptr = proc_addr(who_p);
|
||||||
|
|
||||||
/* See if the caller made a valid request and try to handle it. */
|
/* See if the caller made a valid request and try to handle it. */
|
||||||
if (!GET_BIT(priv(caller_ptr)->s_k_call_mask, call_nr)) {
|
if (call_nr < 0 || call_nr >= NR_SYS_CALLS) { /* check call number */
|
||||||
#if DEBUG_ENABLE_IPC_WARNINGS
|
|
||||||
kprintf("SYSTEM: request %d from %d denied.\n",
|
|
||||||
call_nr,m.m_source);
|
|
||||||
#endif
|
|
||||||
result = ECALLDENIED; /* illegal message type */
|
|
||||||
} /* else */
|
|
||||||
if (call_nr >= NR_SYS_CALLS) { /* check call number */
|
|
||||||
#if DEBUG_ENABLE_IPC_WARNINGS
|
#if DEBUG_ENABLE_IPC_WARNINGS
|
||||||
kprintf("SYSTEM: illegal request %d from %d.\n",
|
kprintf("SYSTEM: illegal request %d from %d.\n",
|
||||||
call_nr,m.m_source);
|
call_nr,m.m_source);
|
||||||
#endif
|
#endif
|
||||||
result = EBADREQUEST; /* illegal message type */
|
result = EBADREQUEST; /* illegal message type */
|
||||||
}
|
}
|
||||||
|
else if (!GET_BIT(priv(caller_ptr)->s_k_call_mask, call_nr)) {
|
||||||
|
#if DEBUG_ENABLE_IPC_WARNINGS
|
||||||
|
kprintf("SYSTEM: request %d from %d denied.\n",
|
||||||
|
call_nr,m.m_source);
|
||||||
|
#endif
|
||||||
|
result = ECALLDENIED; /* illegal message type */
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
result = (*call_vec[call_nr])(&m); /* handle the system call */
|
result = (*call_vec[call_nr])(&m); /* handle the system call */
|
||||||
}
|
}
|
||||||
|
|
|
@ -82,9 +82,9 @@ PUBLIC char *t_stack[TOT_STACK_SPACE / sizeof(char *)];
|
||||||
*/
|
*/
|
||||||
#define FS_C SYS_KILL, SYS_VIRCOPY, SYS_SAFECOPYFROM, SYS_SAFECOPYTO, \
|
#define FS_C SYS_KILL, SYS_VIRCOPY, SYS_SAFECOPYFROM, SYS_SAFECOPYTO, \
|
||||||
SYS_VIRVCOPY, SYS_UMAP, SYS_GETINFO, SYS_EXIT, SYS_TIMES, SYS_SETALARM, \
|
SYS_VIRVCOPY, SYS_UMAP, SYS_GETINFO, SYS_EXIT, SYS_TIMES, SYS_SETALARM, \
|
||||||
SYS_PRIVCTL, SYS_TRACE
|
SYS_PRIVCTL, SYS_TRACE , SYS_SETGRANT
|
||||||
#define DRV_C FS_C, SYS_SEGCTL, SYS_IRQCTL, SYS_INT86, SYS_DEVIO, \
|
#define DRV_C FS_C, SYS_SEGCTL, SYS_IRQCTL, SYS_INT86, SYS_DEVIO, \
|
||||||
SYS_SDEVIO, SYS_VDEVIO
|
SYS_SDEVIO, SYS_VDEVIO, SYS_SETGRANT
|
||||||
|
|
||||||
PRIVATE int
|
PRIVATE int
|
||||||
fs_c[] = { FS_C },
|
fs_c[] = { FS_C },
|
||||||
|
@ -92,7 +92,7 @@ PRIVATE int
|
||||||
rs_c[] = { SYS_ALL_CALLS },
|
rs_c[] = { SYS_ALL_CALLS },
|
||||||
ds_c[] = { SYS_ALL_CALLS },
|
ds_c[] = { SYS_ALL_CALLS },
|
||||||
drv_c[] = { DRV_C },
|
drv_c[] = { DRV_C },
|
||||||
tty_c[] = { DRV_C, SYS_ABORT, SYS_VM_MAP, SYS_IOPENABLE },
|
tty_c[] = { DRV_C, SYS_ABORT, SYS_VM_MAP, SYS_IOPENABLE, SYS_READBIOS },
|
||||||
mem_c[] = { DRV_C, SYS_PHYSCOPY, SYS_PHYSVCOPY, SYS_VM_MAP, SYS_IOPENABLE };
|
mem_c[] = { DRV_C, SYS_PHYSCOPY, SYS_PHYSVCOPY, SYS_VM_MAP, SYS_IOPENABLE };
|
||||||
|
|
||||||
/* The system image table lists all programs that are part of the boot image.
|
/* The system image table lists all programs that are part of the boot image.
|
||||||
|
|
Loading…
Reference in a new issue