Skip to content

Commit

Permalink
Fixes cap_is_valid, which checks that the capability has a valid form
Browse files Browse the repository at this point in the history
  • Loading branch information
@HAKarlsson
HAKarlsson committed Nov 12, 2023
1 parent a831dc3 commit c2e8f37
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 18 deletions.
3 changes: 1 addition & 2 deletions kernel/inc/cap_util.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,5 @@ static inline uint64_t pmp_napot_encode(uint64_t base, uint64_t size)
return (base | (size / 2 - 1)) >> 2;
}

bool cap_is_valid(cap_t cap);
bool cap_is_derivable(cap_t parent, cap_t child);
bool cap_is_valid(const cap_t cap);
void cap_snprint(char *restrict buf, size_t size, cap_t cap);
16 changes: 0 additions & 16 deletions kernel/src/cap_ops.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,10 +188,6 @@ err_t cap_derive_time(cte_t src, cap_t cap, cte_t dst, cap_t new_cap)
{
if (new_cap.type != CAPTY_TIME)
return ERR_INVALID_DERIVATION;
if (new_cap.time.bgn != new_cap.time.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.time.bgn >= new_cap.time.end)
return ERR_INVALID_DERIVATION;
if (new_cap.time.hart != cap.time.hart)
return ERR_INVALID_DERIVATION;
if (new_cap.time.bgn != cap.time.mrk)
Expand Down Expand Up @@ -264,10 +260,6 @@ err_t cap_derive_memory(cte_t src, cap_t cap, cte_t dst, cap_t new_cap)
if (new_cap.type == CAPTY_MEMORY) {
if (cap.mem.tag != new_cap.mem.tag)
return ERR_INVALID_DERIVATION;
if (new_cap.mem.bgn != new_cap.mem.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.mem.bgn >= new_cap.mem.end)
return ERR_INVALID_DERIVATION;
if (cap.mem.tag != new_cap.mem.tag)
return ERR_INVALID_DERIVATION;
if (new_cap.mem.bgn < cap.mem.mrk)
Expand Down Expand Up @@ -375,10 +367,6 @@ err_t cap_derive_monitor(cte_t src, cap_t cap, cte_t dst, cap_t new_cap)
{
if (new_cap.type != CAPTY_MONITOR)
return ERR_INVALID_DERIVATION;
if (new_cap.mon.bgn != new_cap.mon.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.mon.bgn >= new_cap.mon.end)
return ERR_INVALID_DERIVATION;
if (new_cap.mon.bgn < cap.mon.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.mon.end >= cap.mon.end)
Expand Down Expand Up @@ -435,10 +423,6 @@ err_t cap_revoke_channel(cte_t parent, cap_t pcap)
err_t cap_derive_channel(cte_t src, cap_t cap, cte_t dst, cap_t new_cap)
{
if (new_cap.type == CAPTY_CHANNEL) {
if (new_cap.chan.bgn != new_cap.chan.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.chan.bgn >= new_cap.chan.end)
return ERR_INVALID_DERIVATION;
if (new_cap.chan.bgn < cap.chan.mrk)
return ERR_INVALID_DERIVATION;
if (new_cap.chan.end >= cap.chan.end)
Expand Down
22 changes: 22 additions & 0 deletions kernel/src/cap_util.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,3 +127,25 @@ void cap_snprint(char *restrict buf, size_t size, cap_t cap)
alt_snprintf(buf, size, "UNKNOWN{raw=0x%X}", cap.raw);
}
}

bool cap_is_valid(const cap_t cap)
{
switch (cap.type)
{
case CAPTY_TIME:
return cap.time.bgn < cap.time.end && cap.time.bgn == cap.time.mrk;
case CAPTY_MEMORY:
return cap.mem.lck == 0 && cap.mem.bgn < cap.mem.end &&
cap.mem.mrk == cap.mem.bgn;
case CAPTY_PMP:
return cap.pmp.used == 0 && cap.pmp.slot == 0;
case CAPTY_MONITOR:
return cap.mon.bgn < cap.mon.end && cap.mon.bgn == cap.mon.mrk;
case CAPTY_CHANNEL:
return cap.mem.bgn < cap.mem.end && cap.mem.bgn == cap.mem.mrk;
case CAPTY_SOCKET:
return (cap.sock.mode == IPC_YIELD) || (cap.sock.mode == IPC_NOYIELD);
default:
return false;
}
}

0 comments on commit c2e8f37

Please sign in to comment.