diff options
| author | Andreas Kling <awesomekling@gmail.com> | 2020-01-12 02:17:30 +0100 |
|---|---|---|
| committer | Andreas Kling <awesomekling@gmail.com> | 2020-01-12 02:18:30 +0100 |
| commit | 017b34e1adf23b698589035f97f4c9dcd6a83006 (patch) | |
| tree | 3dc29eae98d71375cca646f11d2bb982e4bfd05c | |
| parent | bb6b9d905912ca38ce64a4b77c7b003ed108db14 (diff) | |
| download | serenity-017b34e1adf23b698589035f97f4c9dcd6a83006.zip | |
Kernel: Add "video" pledge for accessing framebuffer devices
WindowServer becomes the only user.
| -rw-r--r-- | Kernel/Devices/BXVGADevice.cpp | 2 | ||||
| -rw-r--r-- | Kernel/Devices/MBVGADevice.cpp | 2 | ||||
| -rw-r--r-- | Kernel/Process.cpp | 21 | ||||
| -rw-r--r-- | Kernel/Process.h | 22 | ||||
| -rw-r--r-- | Servers/WindowServer/main.cpp | 4 |
5 files changed, 28 insertions, 23 deletions
diff --git a/Kernel/Devices/BXVGADevice.cpp b/Kernel/Devices/BXVGADevice.cpp index 5da0b771f7..bb353d2afe 100644 --- a/Kernel/Devices/BXVGADevice.cpp +++ b/Kernel/Devices/BXVGADevice.cpp @@ -86,6 +86,7 @@ u32 BXVGADevice::find_framebuffer_address() KResultOr<Region*> BXVGADevice::mmap(Process& process, FileDescription&, VirtualAddress preferred_vaddr, size_t offset, size_t size, int prot) { + REQUIRE_PROMISE(video); ASSERT(offset == 0); ASSERT(size == framebuffer_size_in_bytes()); auto vmobject = AnonymousVMObject::create_for_physical_range(m_framebuffer_address, framebuffer_size_in_bytes()); @@ -105,6 +106,7 @@ KResultOr<Region*> BXVGADevice::mmap(Process& process, FileDescription&, Virtual int BXVGADevice::ioctl(FileDescription&, unsigned request, unsigned arg) { + REQUIRE_PROMISE(video); switch (request) { case FB_IOCTL_GET_SIZE_IN_BYTES: { auto* out = (size_t*)arg; diff --git a/Kernel/Devices/MBVGADevice.cpp b/Kernel/Devices/MBVGADevice.cpp index 0c86eccbdd..39a16a8795 100644 --- a/Kernel/Devices/MBVGADevice.cpp +++ b/Kernel/Devices/MBVGADevice.cpp @@ -25,6 +25,7 @@ MBVGADevice::MBVGADevice(PhysicalAddress addr, int pitch, int width, int height) KResultOr<Region*> MBVGADevice::mmap(Process& process, FileDescription&, VirtualAddress preferred_vaddr, size_t offset, size_t size, int prot) { + REQUIRE_PROMISE(video); ASSERT(offset == 0); ASSERT(size == framebuffer_size_in_bytes()); auto vmobject = AnonymousVMObject::create_for_physical_range(m_framebuffer_address, framebuffer_size_in_bytes()); @@ -44,6 +45,7 @@ KResultOr<Region*> MBVGADevice::mmap(Process& process, FileDescription&, Virtual int MBVGADevice::ioctl(FileDescription&, unsigned request, unsigned arg) { + REQUIRE_PROMISE(video); switch (request) { case FB_IOCTL_GET_SIZE_IN_BYTES: { auto* out = (size_t*)arg; diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 0fd52f8271..44043f6b2e 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -53,26 +53,6 @@ //#define SIGNAL_DEBUG //#define SHARED_BUFFER_DEBUG -#define REQUIRE_NO_PROMISES \ - do { \ - if (has_promises()) { \ - dbg() << *current << " has made a promise"; \ - cli(); \ - crash(SIGABRT, 0); \ - ASSERT_NOT_REACHED(); \ - } \ - } while (0) - -#define REQUIRE_PROMISE(promise) \ - do { \ - if (has_promises() && !has_promised(Pledge::promise)) { \ - dbg() << *current << " has not pledged " << #promise; \ - cli(); \ - crash(SIGABRT, 0); \ - ASSERT_NOT_REACHED(); \ - } \ - } while (0) - static void create_signal_trampolines(); static void create_kernel_info_page(); @@ -233,7 +213,6 @@ Region* Process::region_containing(const Range& range) int Process::sys$set_mmap_name(const Syscall::SC_set_mmap_name_params* user_params) { REQUIRE_PROMISE(stdio); - if (!validate_read_typed(user_params)) return -EFAULT; diff --git a/Kernel/Process.h b/Kernel/Process.h index c096e27873..5eb0c61b27 100644 --- a/Kernel/Process.h +++ b/Kernel/Process.h @@ -46,6 +46,7 @@ extern VirtualAddress g_return_to_ring3_from_signal_trampoline; __ENUMERATE_PLEDGE_PROMISE(chown) \ __ENUMERATE_PLEDGE_PROMISE(chroot) \ __ENUMERATE_PLEDGE_PROMISE(thread) \ + __ENUMERATE_PLEDGE_PROMISE(video) \ __ENUMERATE_PLEDGE_PROMISE(shared_buffer) enum class Pledge : u32 { @@ -567,3 +568,24 @@ inline u32 Thread::effective_priority() const { return m_priority + m_process.priority_boost() + m_priority_boost + m_extra_priority; } + +#define REQUIRE_NO_PROMISES \ + do { \ + if (current->process().has_promises()) { \ + dbg() << *current << " has made a promise"; \ + cli(); \ + current->process().crash(SIGABRT, 0); \ + ASSERT_NOT_REACHED(); \ + } \ + } while (0) + +#define REQUIRE_PROMISE(promise) \ + do { \ + if (current->process().has_promises() \ + && !current->process().has_promised(Pledge::promise)) { \ + dbg() << *current << " has not pledged " << #promise; \ + cli(); \ + current->process().crash(SIGABRT, 0); \ + ASSERT_NOT_REACHED(); \ + } \ + } while (0) diff --git a/Servers/WindowServer/main.cpp b/Servers/WindowServer/main.cpp index aeab64d1e7..2ad0d05200 100644 --- a/Servers/WindowServer/main.cpp +++ b/Servers/WindowServer/main.cpp @@ -10,7 +10,7 @@ int main(int, char**) { - if (pledge("stdio shared_buffer rpath wpath cpath unix proc exec fattr", nullptr) < 0) { + if (pledge("stdio video shared_buffer rpath wpath cpath unix proc exec fattr", nullptr) < 0) { perror("pledge"); return 1; } @@ -35,7 +35,7 @@ int main(int, char**) WSEventLoop loop; - if (pledge("stdio shared_buffer rpath wpath cpath unix proc exec", nullptr) < 0) { + if (pledge("stdio video shared_buffer rpath wpath cpath unix proc exec", nullptr) < 0) { perror("pledge"); return 1; } |