Allow servers to run with fewer privileges:
- allow non-root processes to get their own endpoint - make alloc_contig() call sys_umap() only when requested
This commit is contained in:
David van Moolenbroek
parent
30a7fe5fa9
commit
f197bcb435
5 changed files with 11 additions and 7 deletions
|
|
@ -290,7 +290,6 @@ driver mfs
|
|||
SAFECOPYTO # 32
|
||||
GETINFO
|
||||
SETGRANT # 34
|
||||
UMAP # 14
|
||||
PROFBUF # 38
|
||||
SYSCTL
|
||||
;
|
||||
|
|
|
|||
|
|
@ -162,8 +162,7 @@ struct memory {
|
|||
|
||||
#define STATICINIT(v, n) \
|
||||
if(!(v)) { \
|
||||
phys_bytes myph; \
|
||||
if(!((v) = alloc_contig(sizeof(*(v)) * (n), 0, &myph))) { \
|
||||
if(!((v) = alloc_contig(sizeof(*(v)) * (n), 0, NULL))) { \
|
||||
panic(__FILE__, "allocating " #v " failed", n); \
|
||||
} \
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,8 +66,8 @@ void *alloc_contig(size_t len, int flags, phys_bytes *phys)
|
|||
buf += align - (buf % align);
|
||||
}
|
||||
|
||||
/* Get physical address. */
|
||||
if(sys_umap_data_fb(SELF, buf, len, phys) != OK)
|
||||
/* Get physical address, if requested. */
|
||||
if(phys != NULL && sys_umap_data_fb(SELF, buf, len, phys) != OK)
|
||||
panic("alloc_contig.c", "sys_umap_data_fb failed", NO_NUM);
|
||||
|
||||
return (void *) buf;
|
||||
|
|
|
|||
|
|
@ -82,10 +82,9 @@ int only_search; /* if NO_READ, don't read, else act normal */
|
|||
if ((bp = front) == NIL_BUF) panic(__FILE__,"all buffers in use", NR_BUFS);
|
||||
|
||||
if(bp->b_bytes < fs_block_size) {
|
||||
phys_bytes ph;
|
||||
ASSERT(!bp->bp);
|
||||
ASSERT(bp->b_bytes == 0);
|
||||
if(!(bp->bp = alloc_contig(fs_block_size, 0, &ph))) {
|
||||
if(!(bp->bp = alloc_contig(fs_block_size, 0, NULL))) {
|
||||
printf("MFS: couldn't allocate a new block.\n");
|
||||
for(bp = front;
|
||||
bp && bp->b_bytes < fs_block_size; bp = bp->b_next)
|
||||
|
|
|
|||
|
|
@ -314,6 +314,13 @@ PUBLIC int do_getprocnr()
|
|||
/* This call should be moved to DS. */
|
||||
if (mp->mp_effuid != 0)
|
||||
{
|
||||
/* For now, allow non-root processes to request their own endpoint. */
|
||||
if (m_in.pid < 0 && m_in.namelen == 0) {
|
||||
mp->mp_reply.PM_ENDPT = who_e;
|
||||
mp->mp_reply.PM_PENDPT = NONE;
|
||||
return OK;
|
||||
}
|
||||
|
||||
printf("PM: unauthorized call of do_getprocnr by proc %d\n",
|
||||
mp->mp_endpoint);
|
||||
sys_sysctl_stacktrace(mp->mp_endpoint);
|
||||
|
|
|
|||
Loading…
Reference in a new issue