[kernel] Add capabilities to handles

This change finally adds capabilities to handles. Included changes: - j6_handle_t is now again 64 bits, with the highest 8 bits being a type code, and the next highest 24 bits being the capability mask, so that programs can check type/caps without calling the kernel. - The definitions grammar now includes a `capabilities [ ]` section on objects, to list what capabilities are relevant. - j6/caps.h is auto-generated from object capability lists - init_libj6 again sets __handle_self and __handle_sys, this is a bit of a hack. - A new syscall, j6_handle_list, will return the list of existing handles owned by the calling process. - syscall_verify.cpp.cog now actually checks that the needed capabilities exist on handles before allowing the call.
2025-12-09 16:04:32 -08:00 · 2022-01-28 01:49:26 -08:00
parent 9b75acf0b5
commit f1246f84e0
38 changed files with 290 additions and 177 deletions
--- a/definitions/objects/channel.def
+++ b/definitions/objects/channel.def
@@ -1,14 +1,20 @@
 object channel : kobject {
    uid 3ea38b96aa0e54c8

-    method create [constructor] 
-    method close [destructor]
+    capabilities [
+        send
+        receive
+        close
+    ]

-    method send {
+    method create [constructor] 
+    method close [destructor cap:close]
+
+    method send [cap:send] {
        param data buffer [inout]
    }

-    method receive {
+    method receive [cap:receive] {
        param data buffer [out]
    }
 }
--- a/definitions/objects/endpoint.def
+++ b/definitions/objects/endpoint.def
@@ -4,18 +4,23 @@
 object endpoint : kobject {
    uid c5882f24a4c03b7e

+    capabilities [
+        send
+        receive
+    ]
+
    method create [constructor]

    # Send a message on a channel. Blocks until the message
    # is received.
-    method send {
+    method send [cap:send] {
        param tag uint64
        param data buffer
    }

    # Receieve a message on a channel. Blocks until a message
    # is available.
-    method receive {
+    method receive [cap:receive] {
        param tag uint64 [out]
        param data buffer [out optional]
        param timeout uint64    # Receive timeout in nanoseconds
@@ -24,7 +29,7 @@ object endpoint : kobject {
    # Send a message on a channel and then await a new message.
    # Equivalent to calling send and then recieve, as a single
    # operation.
-    method sendrecv {
+    method sendrecv [cap:send cap:receive] {
        param tag uint64 [inout]
        param data buffer [inout]
        param timeout uint64      # Receive timeout in nanoseconds
--- a/definitions/objects/process.def
+++ b/definitions/objects/process.def
@@ -6,11 +6,16 @@ import "objects/kobject.def"
 object process : kobject {
    uid 0c69ee0b7502ba31

+    capabilities [
+        kill
+        create_thread
+    ]
+
    # Create a new empty process
    method create [constructor]

    # Stop all threads and exit the given process
-    method kill [destructor]
+    method kill [destructor cap:kill]

    # Stop all threads and exit the current process
    method exit [static] {
--- a/definitions/objects/system.def
+++ b/definitions/objects/system.def
@@ -6,21 +6,28 @@ import "objects/vma.def"
 object system : kobject {
    uid fa72506a2cf71a30

+    capabilities [
+        get_log
+        bind_irq
+        map_phys
+        change_iopl
+    ]
+
    # Get a log line from the kernel log
-    method get_log {
+    method get_log [cap:get_log] {
        param buffer buffer [out optional]   # Buffer for the log message data structure
    }

    # Ask the kernel to send this process messages whenever
    # the given IRQ fires
-    method bind_irq {
+    method bind_irq [cap:bind_irq] {
        param dest object endpoint  # Endpoint that will receive messages
        param irq uint              # IRQ number to bind
    }

    # Create a VMA and map an area of physical memory into it,
    # also mapping that VMA into the current process
-    method map_phys {
+    method map_phys [cap:map_phys] {
        param area object vma [out] # Receives a handle to the VMA created
        param phys address          # The physical address of the area
        param size size             # Size of the area, in pages
@@ -29,7 +36,7 @@ object system : kobject {

    # Request the kernel change the IOPL for this process. The only values
    # that make sense are 0 and 3.
-    method request_iopl {
+    method request_iopl [cap:change_iopl] {
        param iopl uint             # The IOPL to set for this process
    }
 }
--- a/definitions/objects/thread.def
+++ b/definitions/objects/thread.def
@@ -1,13 +1,17 @@
 object thread : kobject {
    uid 11f23e593d5761bd

+    capabilities [
+        kill
+    ]
+
    method create [constructor] {
-        param process object process
+        param process object process [cap:create_thread]
        param stack_top address
        param entrypoint address
    }

-    method kill [destructor]
+    method kill [destructor cap:kill]

    method exit [static] {
        param status int32
--- a/definitions/objects/vma.def
+++ b/definitions/objects/vma.def
@@ -4,27 +4,33 @@ object vma : kobject {
    uid d6a12b63b3ed3937
    cname vm_area

+    capabilities [
+        map
+        unmap
+        resize
+    ]
+
    method create [constructor] {
        param size size
        param flags uint32
    }

-    method create_map [constructor] {
+    method create_map [constructor cap:map] {
        param size size
        param address address
        param flags uint32
    }

-    method map {
+    method map [cap:map] {
        param process object process
        param address address
    }

-    method unmap {
+    method unmap [cap:unmap] {
        param process object process
    }

-    method resize {
+    method resize [cap:resize] {
        param size size [inout]
    }
 }