sanchayanmaity/minix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Split off sys_umap_remote from sys_umap

Browse source 
sys_umap now supports only:
- looking up the physical address of a virtual address in the address space
  of the caller;
- looking up the physical address of a grant for which the caller is the
  grantee.

This is enough for nearly all umap users. The new sys_umap_remote supports
lookups in arbitrary address spaces and grants for arbitrary grantees.
This commit is contained in:
Erik van der Kouwe 2011-06-10 14:28:20 +00:00
parent 25d26d76fd
commit 6e0f3b3bda
14 changed files with 198 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
commands/service/service.c
View file

@ -1153,6 +1153,7 @@ struct
{ "UMAP", SYS_UMAP },
{ "VIRCOPY", SYS_VIRCOPY },
{ "PHYSCOPY", SYS_PHYSCOPY },
{ "UMAP_REMOTE", SYS_UMAP_REMOTE },
{ "IRQCTL", SYS_IRQCTL },
{ "INT86", SYS_INT86 },
{ "DEVIO", SYS_DEVIO },

1
common/include/minix/com.h
View file

@ -334,6 +334,7 @@
# define SYS_UMAP (KERNEL_CALL + 14) /* sys_umap() */
# define SYS_VIRCOPY (KERNEL_CALL + 15) /* sys_vircopy() */
# define SYS_PHYSCOPY (KERNEL_CALL + 16) /* sys_physcopy() */
# define SYS_UMAP_REMOTE (KERNEL_CALL + 17) /* sys_umap_remote() */
# define SYS_IRQCTL (KERNEL_CALL + 19) /* sys_irqctl() */
# define SYS_INT86 (KERNEL_CALL + 20) /* sys_int86() */

2
common/include/minix/syslib.h
View file

@ -175,6 +175,8 @@ _PROTOTYPE(int sys_umap, (endpoint_t proc_ep, int seg, vir_bytes vir_addr,
vir_bytes bytes, phys_bytes *phys_addr));
_PROTOTYPE(int sys_umap_data_fb, (endpoint_t proc_ep, vir_bytes vir_addr,
vir_bytes bytes, phys_bytes *phys_addr));
_PROTOTYPE(int sys_umap_remote, (endpoint_t proc_ep, endpoint_t grantee,
int seg, vir_bytes vir_addr, vir_bytes bytes, phys_bytes *phys_addr));
/* Shorthands for sys_getinfo() system call. */
#define sys_getkmessages(dst) sys_getinfo(GET_KMESSAGES, dst, 0,0,0)

4
drivers/amddev/amddev.c
View file

@ -357,7 +357,7 @@ static int do_add(message *m)
size, proc);
return EINVAL;
}
r= sys_umap(proc, VM_D, (vir_bytes)start, size, &busaddr);
r= sys_umap_remote(proc, SELF, VM_D, (vir_bytes)start, size, &busaddr);
if (r != OK)
{
printf("amddev`do_add: umap failed for 0x%x@0x%x, proc %d\n",
@ -405,7 +405,7 @@ static int do_add4pci(const message *m)
printf("amddev`do_add4pci: should check with PCI\n");
r= sys_umap(proc, VM_D, (vir_bytes)start, size, &busaddr);
r= sys_umap_remote(proc, SELF, VM_D, (vir_bytes)start, size, &busaddr);
if (r != OK)
{
printf(

2
etc/system.conf
View file

@ -513,7 +513,7 @@ service amddev
{
pci device 1022/1103;
system
UMAP # 14
UMAP_REMOTE # 17
;
uid 0;
};

1
kernel/config.h
View file

@ -37,6 +37,7 @@
#define USE_IRQCTL 1 /* set an interrupt policy */
#define USE_PRIVCTL 1 /* system privileges control */
#define USE_UMAP 1 /* map virtual to physical address */
#define USE_UMAP_REMOTE 1 /* sys_umap on behalf of another process */
#define USE_VIRCOPY 1 /* copy using virtual addressing */
#define USE_PHYSCOPY 1 /* copy using physical addressing */
#define USE_MEMSET 1 /* write char to a given memory area */

1
kernel/system.c
View file

@ -222,6 +222,7 @@ PUBLIC void system_init(void)
/* Copying. */
map(SYS_UMAP, do_umap); /* map virtual to physical address */
map(SYS_UMAP_REMOTE, do_umap_remote); /* do_umap for non-caller process */
map(SYS_VIRCOPY, do_vircopy); /* use pure virtual addressing */
map(SYS_PHYSCOPY, do_copy); /* use physical addressing */
map(SYS_SAFECOPYFROM, do_safecopy_from);/* copy with pre-granted permission */

5
kernel/system.h
View file

@ -87,6 +87,11 @@ _PROTOTYPE( int do_umap, (struct proc * caller, message *m_ptr) );
#define do_umap NULL
#endif
_PROTOTYPE( int do_umap_remote, (struct proc * caller, message *m_ptr) );
#if ! USE_UMAP_REMOTE
#define do_umap_remote NULL
#endif
_PROTOTYPE( int do_memset, (struct proc * caller, message *m_ptr) );
#if ! USE_MEMSET
#define do_memset NULL

1
kernel/system/Makefile.inc
View file

@ -20,6 +20,7 @@ SRCS+= \
do_vdevio.c \
do_copy.c \
do_umap.c \
do_umap_remote.c \
do_memset.c \
do_setgrant.c \
do_privctl.c \

105
kernel/system/do_umap.c Normal file → Executable file
View file

@ -2,11 +2,11 @@
* m_type: SYS_UMAP
*
* The parameters for this kernel call are:
* m5_i1: CP_SRC_PROC_NR (process number)
* m5_i1: CP_SRC_PROC_NR (process number)
* m5_s1: CP_SRC_SPACE (segment where address is: T, D, or S)
* m5_l1: CP_SRC_ADDR (virtual address)
* m5_l2: CP_DST_ADDR (returns physical address)
* m5_l3: CP_NR_BYTES (size of datastructure)
* m5_l1: CP_SRC_ADDR (virtual address)
* m5_l2: CP_DST_ADDR (returns physical address)
* m5_l3: CP_NR_BYTES (size of datastructure)
*/
#include "kernel/system.h"
@ -15,100 +15,25 @@
#if USE_UMAP
#if ! USE_UMAP_REMOTE
#undef do_umap_remote
#endif
/*==========================================================================*
* do_umap *
*==========================================================================*/
PUBLIC int do_umap(struct proc * caller, message * m_ptr)
{
/* Map virtual address to physical, for non-kernel processes. */
int seg_type = m_ptr->CP_SRC_SPACE & SEGMENT_TYPE;
int seg_index = m_ptr->CP_SRC_SPACE & SEGMENT_INDEX;
vir_bytes offset = m_ptr->CP_SRC_ADDR;
int count = m_ptr->CP_NR_BYTES;
int endpt = (int) m_ptr->CP_SRC_ENDPT;
int proc_nr, r;
int naughty = 0;
phys_bytes phys_addr = 0, lin_addr = 0;
struct proc *targetpr;
/* Verify process number. */
if (endpt == SELF)
proc_nr = _ENDPOINT_P(caller->p_endpoint);
else
if (! isokendpt(endpt, &proc_nr))
return(EINVAL);
targetpr = proc_addr(proc_nr);
/* See which mapping should be made. */
switch(seg_type) {
case LOCAL_SEG:
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
if(!lin_addr) return EFAULT;
naughty = 1;
break;
case LOCAL_VM_SEG:
if(seg_index == MEM_GRANT) {
vir_bytes newoffset;
endpoint_t newep;
int new_proc_nr;
cp_grant_id_t grant = (cp_grant_id_t) offset;
if(verify_grant(targetpr->p_endpoint, caller->p_endpoint, grant, count,
0, 0, &newoffset, &newep) != OK) {
printf("SYSTEM: do_umap: verify_grant in %s, grant %d, bytes 0x%lx, failed, caller %s\n", targetpr->p_name, offset, count, caller->p_name);
proc_stacktrace(caller);
return EFAULT;
}
if(!isokendpt(newep, &new_proc_nr)) {
printf("SYSTEM: do_umap: isokendpt failed\n");
return EFAULT;
}
/* New lookup. */
offset = newoffset;
targetpr = proc_addr(new_proc_nr);
seg_index = D;
}
if(seg_index == T || seg_index == D || seg_index == S) {
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
} else {
printf("SYSTEM: bogus seg type 0x%lx\n", seg_index);
return EFAULT;
}
if(!lin_addr) {
printf("SYSTEM:do_umap: umap_local failed\n");
return EFAULT;
}
if(vm_lookup(targetpr, lin_addr, &phys_addr, NULL) != OK) {
printf("SYSTEM:do_umap: vm_lookup failed\n");
return EFAULT;
}
if(phys_addr == 0)
panic("vm_lookup returned zero physical address");
break;
default:
if((r=arch_umap(targetpr, offset, count, seg_type, &lin_addr))
!= OK)
return r;
phys_addr = lin_addr;
}
if(vm_running && !vm_contiguous(targetpr, lin_addr, count)) {
printf("SYSTEM:do_umap: not contiguous\n");
return EFAULT;
}
m_ptr->CP_DST_ADDR = phys_addr;
if(naughty || phys_addr == 0) {
printf("kernel: umap 0x%x done by %d / %s, pc 0x%lx, 0x%lx -> 0x%lx\n",
seg_type, caller->p_endpoint, caller->p_name,
caller->p_reg.pc, offset, phys_addr);
printf("caller stack: ");
proc_stacktrace(caller);
}
return (phys_addr == 0) ? EFAULT: OK;
/* This call is a subset of umap_remote, it allows mapping virtual addresses
* in the caller's address space and grants where the caller is specified as
* grantee; after the security check we simply invoke do_umap_remote
*/
if (seg_index != MEM_GRANT && endpt != SELF) return EPERM;
m_ptr->CP_DST_ENDPT = SELF;
return do_umap_remote(caller, m_ptr);
}
#endif /* USE_UMAP */

130
kernel/system/do_umap_remote.c Normal file
View file

@ -0,0 +1,130 @@
/* The kernel call implemented in this file:
* m_type: SYS_UMAP_REMOTE
*
* The parameters for this kernel call are:
* m5_i1: CP_SRC_PROC_NR (process number)
* m5_s1: CP_SRC_SPACE (segment where address is: T, D, or S)
* m5_l1: CP_SRC_ADDR (virtual address)
* m5_i2: CP_DST_ENDPT (process number of grantee to check access for)
* m5_l2: CP_DST_ADDR (returns physical address)
* m5_l3: CP_NR_BYTES (size of datastructure)
*/
#include "kernel/system.h"
#include <minix/endpoint.h>
#if USE_UMAP || USE_UMAP_REMOTE
#if ! USE_UMAP_REMOTE
#undef do_umap_remote
#endif
/*==========================================================================*
* do_umap_remote *
*==========================================================================*/
PUBLIC int do_umap_remote(struct proc * caller, message * m_ptr)
{
/* Map virtual address to physical, for non-kernel processes. */
int seg_type = m_ptr->CP_SRC_SPACE & SEGMENT_TYPE;
int seg_index = m_ptr->CP_SRC_SPACE & SEGMENT_INDEX;
vir_bytes offset = m_ptr->CP_SRC_ADDR;
int count = m_ptr->CP_NR_BYTES;
int endpt = (int) m_ptr->CP_SRC_ENDPT;
endpoint_t grantee = (endpoint_t) m_ptr->CP_DST_ENDPT;
int proc_nr, proc_nr_grantee, r;
int naughty = 0;
phys_bytes phys_addr = 0, lin_addr = 0;
struct proc *targetpr;
/* Verify process number. */
if (endpt == SELF)
proc_nr = _ENDPOINT_P(caller->p_endpoint);
else
if (! isokendpt(endpt, &proc_nr))
return(EINVAL);
targetpr = proc_addr(proc_nr);
/* Verify grantee endpoint */
if (grantee == SELF) {
grantee = caller->p_endpoint;
} else if (grantee == NONE ||
grantee == ANY ||
seg_index != MEM_GRANT ||
!isokendpt(grantee, &proc_nr_grantee)) {
return EINVAL;
}
/* See which mapping should be made. */
switch(seg_type) {
case LOCAL_SEG:
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
if(!lin_addr) return EFAULT;
naughty = 1;
break;
case LOCAL_VM_SEG:
if(seg_index == MEM_GRANT) {
vir_bytes newoffset;
endpoint_t newep;
int new_proc_nr;
cp_grant_id_t grant = (cp_grant_id_t) offset;
if(verify_grant(targetpr->p_endpoint, grantee, grant, count,
0, 0, &newoffset, &newep) != OK) {
printf("SYSTEM: do_umap: verify_grant in %s, grant %d, bytes 0x%lx, failed, caller %s\n", targetpr->p_name, offset, count, caller->p_name);
proc_stacktrace(caller);
return EFAULT;
}
if(!isokendpt(newep, &new_proc_nr)) {
printf("SYSTEM: do_umap: isokendpt failed\n");
return EFAULT;
}
/* New lookup. */
offset = newoffset;
targetpr = proc_addr(new_proc_nr);
seg_index = D;
}
if(seg_index == T || seg_index == D || seg_index == S) {
phys_addr = lin_addr = umap_local(targetpr, seg_index, offset, count);
} else {
printf("SYSTEM: bogus seg type 0x%lx\n", seg_index);
return EFAULT;
}
if(!lin_addr) {
printf("SYSTEM:do_umap: umap_local failed\n");
return EFAULT;
}
if(vm_lookup(targetpr, lin_addr, &phys_addr, NULL) != OK) {
printf("SYSTEM:do_umap: vm_lookup failed\n");
return EFAULT;
}
if(phys_addr == 0)
panic("vm_lookup returned zero physical address");
break;
default:
if((r=arch_umap(targetpr, offset, count, seg_type, &lin_addr))
!= OK)
return r;
phys_addr = lin_addr;
}
if(vm_running && !vm_contiguous(targetpr, lin_addr, count)) {
printf("SYSTEM:do_umap: not contiguous\n");
return EFAULT;
}
m_ptr->CP_DST_ADDR = phys_addr;
if(naughty || phys_addr == 0) {
printf("kernel: umap 0x%x done by %d / %s, pc 0x%lx, 0x%lx -> 0x%lx\n",
seg_type, caller->p_endpoint, caller->p_name,
caller->p_reg.pc, offset, phys_addr);
printf("caller stack: ");
proc_stacktrace(caller);
}
return (phys_addr == 0) ? EFAULT: OK;
}
#endif /* USE_UMAP || USE_UMAP_REMOTE */

1
lib/libsys/Makefile
View file

@ -97,6 +97,7 @@ SRCS= \
sys_times.c \
sys_trace.c \
sys_umap.c \
sys_umap_remote.c \
sys_update.c \
sys_vinb.c \
sys_vinl.c \

35
lib/libsys/sys_umap_remote.c Executable file
View file

@ -0,0 +1,35 @@
#include "syslib.h"
/*===========================================================================*
* sys_umap_remote *
*===========================================================================*/
PUBLIC int sys_umap_remote(proc_ep, grantee, seg, vir_addr, bytes, phys_addr)
endpoint_t proc_ep; /* process number to do umap for */
endpoint_t grantee; /* process nr to check as grantee */
int seg; /* T, D, or S segment */
vir_bytes vir_addr; /* address in bytes with segment*/
vir_bytes bytes; /* number of bytes to be copied */
phys_bytes *phys_addr; /* placeholder for result */
{
message m;
int result;
/* Note about the grantee parameter:
* - Is ignored for non-grant umap calls, but should be SELF to
* pass the sanity check in that case;
* - May be SELF to get the same behaviour as sys_umap, namely that the
* caller must be the grantee;
* - In all other cases, should be a valid endpoint (neither ANY nor NONE).
*/
m.CP_SRC_ENDPT = proc_ep;
m.CP_DST_ENDPT = grantee;
m.CP_SRC_SPACE = seg;
m.CP_SRC_ADDR = vir_addr;
m.CP_NR_BYTES = bytes;
result = _kernel_call(SYS_UMAP_REMOTE, &m);
*phys_addr = m.CP_DST_ADDR;
return(result);
}

4
servers/pm/profile.c
View file

@ -97,13 +97,13 @@ int info_size;
phys_bytes p;
/* Check if supplied pointers point into user process. */
if ((r = sys_umap(who_e, VM_D, (vir_bytes) m_in.PROF_CTL_PTR,
if ((r = sys_umap_remote(who_e, SELF, VM_D, (vir_bytes) m_in.PROF_CTL_PTR,
1, &p)) != OK) {
printf("PM: PROFILE: umap failed for process %d\n", who_e);
return r;
}
if ((r =sys_umap(who_e, VM_D, (vir_bytes) m_in.PROF_MEM_PTR,
if ((r =sys_umap_remote(who_e, SELF, VM_D, (vir_bytes) m_in.PROF_MEM_PTR,
1, &p)) != OK) {
printf("PM: PROFILE: umap failed for process %d\n", who_e);
return r;