* [PATCH] Restrict access to PCI cfg io ports to one process
@ 2018-12-05 22:25 Samuel Thibault
2018-12-05 22:25 ` [PATCH] hurd: Fix linknamespace of spawni Samuel Thibault
2018-12-05 22:26 ` [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
0 siblings, 2 replies; 6+ messages in thread
From: Samuel Thibault @ 2018-12-05 22:25 UTC (permalink / raw)
To: libc-alpha; +Cc: Damien Zammit
From: Damien Zammit <damien@zamaudio.com>
---
i386/i386/io_perm.c | 27 ++++++++++++++++++++++-----
i386/i386/io_perm.h | 2 --
i386/include/mach/i386/mach_i386.defs | 2 --
3 files changed, 22 insertions(+), 9 deletions(-)
diff --git a/i386/i386/io_perm.c b/i386/i386/io_perm.c
index 3224fdd3..086d1d8f 100644
--- a/i386/i386/io_perm.c
+++ b/i386/i386/io_perm.c
@@ -67,10 +67,22 @@
#include "io_perm.h"
#include "gdt.h"
#include "pcb.h"
+
+#define PCI_CFG1_START 0xcf8
+#define PCI_CFG1_END 0xcff
+#define PCI_CFG2_START 0xc000
+#define PCI_CFG2_END 0xcfff
+
+#define IS_IN_PROTECTED_RANGE(from, to) \
+ ( ( ( from <= PCI_CFG1_END ) && ( to >= PCI_CFG1_START ) ) || \
+ ( ( from <= PCI_CFG2_END ) && ( to >= PCI_CFG2_START ) ) )
+
\f
/* Our device emulation ops. See below, at the bottom of this file. */
static struct device_emulation_ops io_perm_device_emulation_ops;
+/* Flag to hold PCI io cfg access lock */
+static boolean_t taken_pci_cfg = FALSE;
/* The outtran which allows MIG to convert an io_perm_t object to a port
representing it. */
@@ -107,17 +119,15 @@ convert_port_to_io_perm (ipc_port_t port)
return io_perm;
}
-#if TODO_REMOVE_ME
-/* TODO. Fix this comment. */
/* The destructor which is called when the last send right to a port
representing an io_perm_t object vanishes. */
void
io_perm_deallocate (io_perm_t io_perm)
{
- /* TODO. Is there anything to deallocate in here? I don't think so, as we
- don't allocate anything in `convert_port_to_io_perm'. */
+ /* We need to check if the io_perm was a PCI cfg one and release it */
+ if (IS_IN_PROTECTED_RANGE(io_perm->from, io_perm->to))
+ taken_pci_cfg = FALSE;
}
-#endif
/* Our ``no senders'' handling routine. Deallocate the object. */
static
@@ -185,6 +195,10 @@ i386_io_perm_create (const ipc_port_t master_port, io_port_t from, io_port_t to,
if (from > to)
return KERN_INVALID_ARGUMENT;
+ /* Only one process may take a range that includes PCI cfg registers */
+ if (taken_pci_cfg && IS_IN_PROTECTED_RANGE(from, to))
+ return KERN_PROTECTION_FAILURE;
+
io_perm_t io_perm;
io_perm = (io_perm_t) kalloc (sizeof *io_perm);
@@ -216,6 +230,9 @@ i386_io_perm_create (const ipc_port_t master_port, io_port_t from, io_port_t to,
*new = io_perm;
+ if (IS_IN_PROTECTED_RANGE(from, to))
+ taken_pci_cfg = TRUE;
+
return KERN_SUCCESS;
}
diff --git a/i386/i386/io_perm.h b/i386/i386/io_perm.h
index a7f1f6fe..b97cf973 100644
--- a/i386/i386/io_perm.h
+++ b/i386/i386/io_perm.h
@@ -58,8 +58,6 @@ typedef struct io_perm *io_perm_t;
extern io_perm_t convert_port_to_io_perm (ipc_port_t);
extern ipc_port_t convert_io_perm_to_port (io_perm_t);
-#if TODO_REMOVE_ME
extern void io_perm_deallocate (io_perm_t);
-#endif
#endif /* _I386_IO_PERM_H_ */
diff --git a/i386/include/mach/i386/mach_i386.defs b/i386/include/mach/i386/mach_i386.defs
index 0703d59a..a8cb91ce 100644
--- a/i386/include/mach/i386/mach_i386.defs
+++ b/i386/include/mach/i386/mach_i386.defs
@@ -51,9 +51,7 @@ type io_perm_t = mach_port_t
#if KERNEL_SERVER
intran: io_perm_t convert_port_to_io_perm(mach_port_t)
outtran: mach_port_t convert_io_perm_to_port(io_perm_t)
-#if TODO_REMOVE_ME
destructor: io_perm_deallocate(io_perm_t)
-#endif
#endif /* KERNEL_SERVER */
;
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] hurd: Fix linknamespace of spawni
2018-12-05 22:25 [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
@ 2018-12-05 22:25 ` Samuel Thibault
2018-12-05 22:26 ` [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
1 sibling, 0 replies; 6+ messages in thread
From: Samuel Thibault @ 2018-12-05 22:25 UTC (permalink / raw)
To: libc-alpha; +Cc: Samuel Thibault
* include/unistd.h (__confstr): Add prototype and hidden prototype.
* posix/confstr.c (confstr): Rename to __confstr.
(__confstr): Add hidden def.
(confstr): Add weak alias for __confstr.
* sysdeps/mach/hurd/spawni.c (__spawni): Call __confstr instead of
confstr.
---
ChangeLog | 9 +++++++++
include/unistd.h | 2 ++
posix/confstr.c | 4 +++-
sysdeps/mach/hurd/spawni.c | 4 ++--
4 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/include/unistd.h b/include/unistd.h
index a171b00326..a043431ecf 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -6,6 +6,8 @@
libc_hidden_proto (_exit, __noreturn__)
rtld_hidden_proto (_exit, __noreturn__)
libc_hidden_proto (alarm)
+extern size_t __confstr (int name, char *buf, size_t len);
+libc_hidden_proto (__confstr)
libc_hidden_proto (confstr)
libc_hidden_proto (execl)
libc_hidden_proto (execle)
diff --git a/posix/confstr.c b/posix/confstr.c
index de4cff76cc..73ebb2e254 100644
--- a/posix/confstr.c
+++ b/posix/confstr.c
@@ -29,7 +29,7 @@
of BUF with the value corresponding to NAME and zero-terminate BUF.
Return the number of bytes required to hold NAME's entire value. */
size_t
-confstr (int name, char *buf, size_t len)
+__confstr (int name, char *buf, size_t len)
{
const char *string = "";
size_t string_len = 1;
@@ -289,4 +289,6 @@ confstr (int name, char *buf, size_t len)
}
return string_len;
}
+libc_hidden_def (__confstr)
libc_hidden_def (confstr)
+weak_alias (__confstr, confstr)
diff --git a/sysdeps/mach/hurd/spawni.c b/sysdeps/mach/hurd/spawni.c
index b98e991d3b..ecc21d2a57 100644
--- a/sysdeps/mach/hurd/spawni.c
+++ b/sysdeps/mach/hurd/spawni.c
@@ -629,10 +629,10 @@ __spawni (pid_t *pid, const char *file,
/* There is no `PATH' in the environment.
The default search path is the current directory
followed by the path `confstr' returns for `_CS_PATH'. */
- len = confstr (_CS_PATH, (char *) NULL, 0);
+ len = __confstr (_CS_PATH, (char *) NULL, 0);
path = (char *) __alloca (1 + len);
path[0] = ':';
- (void) confstr (_CS_PATH, path + 1, len);
+ (void) __confstr (_CS_PATH, path + 1, len);
}
len = strlen (file) + 1;
--
2.15.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] Restrict access to PCI cfg io ports to one process
2018-12-05 22:25 [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
2018-12-05 22:25 ` [PATCH] hurd: Fix linknamespace of spawni Samuel Thibault
@ 2018-12-05 22:26 ` Samuel Thibault
1 sibling, 0 replies; 6+ messages in thread
From: Samuel Thibault @ 2018-12-05 22:26 UTC (permalink / raw)
To: libc-alpha; +Cc: Damien Zammit
Oops, sorry, that was a remnant in the same directory.
Samuel
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] hurd: Fix linknamespace of spawni
2018-12-06 14:34 ` Florian Weimer
@ 2018-12-07 20:09 ` Samuel Thibault
0 siblings, 0 replies; 6+ messages in thread
From: Samuel Thibault @ 2018-12-07 20:09 UTC (permalink / raw)
To: Florian Weimer; +Cc: libc-alpha
Florian Weimer, le jeu. 06 déc. 2018 15:34:26 +0100, a ecrit:
> * Samuel Thibault:
>
> > * include/unistd.h (__confstr): Add prototype and hidden prototype.
> > * posix/confstr.c (confstr): Rename to __confstr.
> > (__confstr): Add hidden def.
> > (confstr): Add weak alias for __confstr.
> > * sysdeps/mach/hurd/spawni.c (__spawni): Call __confstr instead of
> > confstr.
>
> Looks reasonable to me, and it should fix the linknamespace failure.
Applied, thanks!
Samuel
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] hurd: Fix linknamespace of spawni
2018-12-05 22:25 [PATCH] hurd: Fix linknamespace of spawni Samuel Thibault
@ 2018-12-06 14:34 ` Florian Weimer
2018-12-07 20:09 ` Samuel Thibault
0 siblings, 1 reply; 6+ messages in thread
From: Florian Weimer @ 2018-12-06 14:34 UTC (permalink / raw)
To: Samuel Thibault; +Cc: libc-alpha
* Samuel Thibault:
> * include/unistd.h (__confstr): Add prototype and hidden prototype.
> * posix/confstr.c (confstr): Rename to __confstr.
> (__confstr): Add hidden def.
> (confstr): Add weak alias for __confstr.
> * sysdeps/mach/hurd/spawni.c (__spawni): Call __confstr instead of
> confstr.
Looks reasonable to me, and it should fix the linknamespace failure.
Thanks,
Florian
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] hurd: Fix linknamespace of spawni
@ 2018-12-05 22:25 Samuel Thibault
2018-12-06 14:34 ` Florian Weimer
0 siblings, 1 reply; 6+ messages in thread
From: Samuel Thibault @ 2018-12-05 22:25 UTC (permalink / raw)
To: libc-alpha; +Cc: Samuel Thibault
* include/unistd.h (__confstr): Add prototype and hidden prototype.
* posix/confstr.c (confstr): Rename to __confstr.
(__confstr): Add hidden def.
(confstr): Add weak alias for __confstr.
* sysdeps/mach/hurd/spawni.c (__spawni): Call __confstr instead of
confstr.
---
ChangeLog | 9 +++++++++
include/unistd.h | 2 ++
posix/confstr.c | 4 +++-
sysdeps/mach/hurd/spawni.c | 4 ++--
4 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/include/unistd.h b/include/unistd.h
index a171b00326..a043431ecf 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -6,6 +6,8 @@
libc_hidden_proto (_exit, __noreturn__)
rtld_hidden_proto (_exit, __noreturn__)
libc_hidden_proto (alarm)
+extern size_t __confstr (int name, char *buf, size_t len);
+libc_hidden_proto (__confstr)
libc_hidden_proto (confstr)
libc_hidden_proto (execl)
libc_hidden_proto (execle)
diff --git a/posix/confstr.c b/posix/confstr.c
index de4cff76cc..73ebb2e254 100644
--- a/posix/confstr.c
+++ b/posix/confstr.c
@@ -29,7 +29,7 @@
of BUF with the value corresponding to NAME and zero-terminate BUF.
Return the number of bytes required to hold NAME's entire value. */
size_t
-confstr (int name, char *buf, size_t len)
+__confstr (int name, char *buf, size_t len)
{
const char *string = "";
size_t string_len = 1;
@@ -289,4 +289,6 @@ confstr (int name, char *buf, size_t len)
}
return string_len;
}
+libc_hidden_def (__confstr)
libc_hidden_def (confstr)
+weak_alias (__confstr, confstr)
diff --git a/sysdeps/mach/hurd/spawni.c b/sysdeps/mach/hurd/spawni.c
index b98e991d3b..ecc21d2a57 100644
--- a/sysdeps/mach/hurd/spawni.c
+++ b/sysdeps/mach/hurd/spawni.c
@@ -629,10 +629,10 @@ __spawni (pid_t *pid, const char *file,
/* There is no `PATH' in the environment.
The default search path is the current directory
followed by the path `confstr' returns for `_CS_PATH'. */
- len = confstr (_CS_PATH, (char *) NULL, 0);
+ len = __confstr (_CS_PATH, (char *) NULL, 0);
path = (char *) __alloca (1 + len);
path[0] = ':';
- (void) confstr (_CS_PATH, path + 1, len);
+ (void) __confstr (_CS_PATH, path + 1, len);
}
len = strlen (file) + 1;
--
2.15.1
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-12-07 19:23 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-05 22:25 [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
2018-12-05 22:25 ` [PATCH] hurd: Fix linknamespace of spawni Samuel Thibault
2018-12-05 22:26 ` [PATCH] Restrict access to PCI cfg io ports to one process Samuel Thibault
-- strict thread matches above, loose matches on Subject: below --
2018-12-05 22:25 [PATCH] hurd: Fix linknamespace of spawni Samuel Thibault
2018-12-06 14:34 ` Florian Weimer
2018-12-07 20:09 ` Samuel Thibault
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).