justin/jsix_import
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

[kernel] Make capabilities/handles global

Browse Source 
Instead of handles / capabilities having numeric ids that are only valid
for the owning process, they are now global in a system capabilities
table. This will allow for specifying capabilities in IPC that doesn't
need to be kernel-controlled.

Processes will still need to be granted access to given capabilities,
but that can become a simpler system call than the current method of
sending them through mailbox messages (and worse, having to translate
every one into a new capability like was the case before). In order to
track which handles a process has access to, a new node_set based on
node_map allows for an efficient storage and lookup of handles.
This commit is contained in:
Justin C. Miller
2022-10-10 21:19:25 -07:00
parent 41bb97b179
commit 9ac4e51224
27 changed files with 337 additions and 383 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
src/kernel/syscalls/mailbox.cpp
View File

@@ -31,30 +31,20 @@ j6_status_t
prep_send(
mailbox::message *msg,
uint64_t tag,
uint64_t badge,
const void *data,
size_t data_len,
uint64_t subtag,
const j6_handle_t *handles,
size_t handle_count)
{
if (!msg ||
data_len > mailbox::max_data_length ||
handle_count > mailbox::max_handle_count)
return j6_err_invalid_arg;
msg->tag = tag;
msg->badge = badge;
msg->subtag = subtag;
msg->handle_count = handle_count;
for (unsigned i = 0; i < handle_count; ++i) {
handle const *h = get_handle<kobject>(handles[i]);
if (!h)
return j6_err_invalid_arg;
msg->handles[i] = *h;
}
memcpy(msg->handles, handles, sizeof(j6_handle_t) * handle_count);
msg->data_len = data_len;
memcpy(msg->data, data, data_len);
return j6_status_ok;
}
@@ -62,43 +52,35 @@ void
prep_receive(
mailbox::message *msg,
uint64_t *tag,
uint64_t *badge,
uint64_t *subtag,
uint16_t *reply_tag,
void *data,
size_t *data_len,
j6_handle_t *handles,
size_t *handle_count)
{
if (tag) *tag = msg->tag;
if (badge) *badge = msg->badge;
if (subtag) *subtag = msg->subtag;
if (reply_tag) *reply_tag = msg->reply_tag;
*data_len = msg->data_len;
memcpy(data, msg->data, msg->data_len);
*handle_count = msg->handle_count;
process &proc = process::current();
for (size_t i = 0; i < msg->handle_count; ++i) {
handles[i] = proc.add_handle(msg->handles[i]);
msg->handles[i] = {};
proc.add_handle(msg->handles[i]);
handles[i] = msg->handles[i];
}
}
j6_status_t
mailbox_send(
handle *self_handle,
mailbox *self,
uint64_t tag,
const void * data,
size_t data_len,
uint64_t subtag,
j6_handle_t * handles,
size_t handle_count)
{
mailbox *self = self_handle->as<mailbox>();
mailbox::message *msg = new mailbox::message;
j6_status_t s = prep_send(msg,
tag, self_handle->badge,
data, data_len,
tag, subtag,
handles, handle_count);
if (s != j6_status_ok) {
@@ -114,17 +96,14 @@ mailbox_send(
j6_status_t
mailbox_receive(
mailbox *self,
uint64_t * tag,
void * data,
size_t * data_len,
j6_handle_t * handles,
size_t * handle_count,
uint16_t * reply_tag,
uint64_t * badge,
uint64_t *tag,
uint64_t *subtag,
j6_handle_t *handles,
size_t *handle_count,
uint16_t *reply_tag,
uint64_t flags)
{
if (*data_len < mailbox::max_data_length ||
*handle_count < mailbox::max_handle_count)
if (*handle_count < mailbox::max_handle_count)
return j6_err_insufficient;
mailbox::message *msg = nullptr;
@@ -138,8 +117,7 @@ mailbox_receive(
}
prep_receive(msg,
tag, badge, reply_tag,
data, data_len,
tag, subtag, reply_tag,
handles, handle_count);
if (*reply_tag == 0)
@@ -150,19 +128,16 @@ mailbox_receive(
j6_status_t
mailbox_call(
handle *self_handle,
uint64_t * tag,
void * data,
size_t * data_len,
j6_handle_t * handles,
size_t * handle_count)
mailbox *self,
uint64_t *tag,
uint64_t *subtag,
j6_handle_t *handles,
size_t *handle_count)
{
mailbox *self = self_handle->as<mailbox>();
mailbox::message *msg = new mailbox::message;
j6_status_t s = prep_send(msg,
*tag, self_handle->badge,
data, *data_len,
*tag, *subtag,
handles, *handle_count);
if (s != j6_status_ok) {
@@ -177,8 +152,7 @@ mailbox_call(
}
prep_receive(msg,
tag, nullptr, nullptr,
data, data_len,
tag, subtag, 0,
handles, handle_count);
delete msg;
@@ -190,8 +164,7 @@ j6_status_t
mailbox_respond(
mailbox *self,
uint64_t tag,
const void * data,
size_t data_len,
uint64_t subtag,
j6_handle_t * handles,
size_t handle_count,
uint16_t reply_tag)
@@ -200,8 +173,7 @@ mailbox_respond(
if (!reply.valid())
return j6_err_invalid_arg;
j6_status_t s = prep_send(reply.msg, tag, 0,
data, data_len,
j6_status_t s = prep_send(reply.msg, tag, subtag,
handles, handle_count);
if (s != j6_status_ok) {
@@ -216,22 +188,19 @@ mailbox_respond(
j6_status_t
mailbox_respond_receive(
mailbox *self,
uint64_t * tag,
void * data,
size_t * data_len,
size_t data_in,
j6_handle_t * handles,
size_t * handle_count,
uint64_t *tag,
uint64_t *subtag,
j6_handle_t *handles,
size_t *handle_count,
size_t handles_in,
uint16_t * reply_tag,
uint64_t * badge,
uint16_t *reply_tag,
uint64_t flags)
{
j6_status_t s = mailbox_respond(self, *tag, data, data_in, handles, handles_in, *reply_tag);
j6_status_t s = mailbox_respond(self, *tag, *subtag, handles, handles_in, *reply_tag);
if (s != j6_status_ok)
return s;
s = mailbox_receive(self, tag, data, data_len, handles, handle_count, reply_tag, badge, flags);
s = mailbox_receive(self, tag, subtag, handles, handle_count, reply_tag, flags);
if (s != j6_status_ok)
return s;