From a8ad5450557f7b86f600391d170a5aac1704df24 Mon Sep 17 00:00:00 2001 From: Gregory Nutt Date: Wed, 3 Sep 2014 13:49:35 -0600 Subject: Group creation logic must use new group flag when allocating resources so that the privileges on the resource are set correctly --- nuttx/sched/group/Make.defs | 8 +++ nuttx/sched/group/group.h | 19 +++++++ nuttx/sched/group/group_create.c | 14 ++++-- nuttx/sched/group/group_free.c | 103 +++++++++++++++++++++++++++++++++++++ nuttx/sched/group/group_malloc.c | 106 +++++++++++++++++++++++++++++++++++++++ nuttx/sched/group/group_zalloc.c | 95 +++++++++++++++++++++++++++++++++++ 6 files changed, 342 insertions(+), 3 deletions(-) create mode 100644 nuttx/sched/group/group_free.c create mode 100644 nuttx/sched/group/group_malloc.c create mode 100644 nuttx/sched/group/group_zalloc.c (limited to 'nuttx') diff --git a/nuttx/sched/group/Make.defs b/nuttx/sched/group/Make.defs index 5b90f50ef..f9c08f5e1 100644 --- a/nuttx/sched/group/Make.defs +++ b/nuttx/sched/group/Make.defs @@ -52,6 +52,14 @@ ifneq ($(CONFIG_DISABLE_SIGNALS),y) GRP_SRCS += group_signal.c endif +ifeq ($(CONFIG_BUILD_PROTECTED),y) +GRP_SRCS += group_malloc.c group_zalloc.c group_free.c +else +ifeq ($(CONFIG_BUILD_KERNEL),y) +GRP_SRCS += group_malloc.c group_zalloc.c group_free.c +endif +endif + # Include group build support DEPPATH += --dep-path group diff --git a/nuttx/sched/group/group.h b/nuttx/sched/group/group.h index 5323bba4a..4f74d4156 100644 --- a/nuttx/sched/group/group.h +++ b/nuttx/sched/group/group.h @@ -114,6 +114,25 @@ int group_foreachchild(FAR struct task_group_s *group, int group_killchildren(FAR struct task_tcb_s *tcb); #endif +/* Group memory management */ + +#if (defined(CONFIG_BUILD_PROTECTED) || defined(CONFIG_BUILD_KERNEL)) && \ + defined(CONFIG_MM_KERNEL_HEAP) + /* Functions to pick the correct allocator based on group privileges */ + +FAR void *group_malloc(FAR struct task_group_s *group, size_t nbytes); +FAR void *group_zalloc(FAR struct task_group_s *group, size_t nbytes); +void group_free(FAR struct task_group_s *group, FAR void *mem); + +#else + /* There is only one allocator */ + +# define group_malloc(g,n) kumm_malloc(size) +# define group_zalloc(g,n) kumm_zalloc(size) +# define group_free(g,m) kumm_free(size) + +#endif + #ifdef CONFIG_ARCH_ADDRENV /* Group address environment management */ diff --git a/nuttx/sched/group/group_create.c b/nuttx/sched/group/group_create.c index 2f41cab05..fce7beee8 100644 --- a/nuttx/sched/group/group_create.c +++ b/nuttx/sched/group/group_create.c @@ -157,7 +157,7 @@ static void group_assigngid(FAR struct task_group_s *group) * Description: * Create and a new task group structure for the specified TCB. This * function is called as part of the task creation sequence. The structure - * allocated and zered, but otherwise uninitialized. The full creation + * allocated and zeroed, but otherwise uninitialized. The full creation * of the group of a two step process: (1) First, this function allocates * group structure early in the task creation sequence in order to provide a * group container, then (2) group_initialize() is called to set up the @@ -192,6 +192,14 @@ int group_allocate(FAR struct task_tcb_s *tcb) #if CONFIG_NFILE_STREAMS > 0 && (defined(CONFIG_BUILD_PROTECTED) || \ defined(CONFIG_BUILD_KERNEL)) && defined(CONFIG_MM_KERNEL_HEAP) + /* If this group is being created for a privileged thread, then all elements + * of the group must be created for privileged access. + */ + + if ((tcb->cmn.flags & TCB_FLAG_TTYPE_MASK) == TCB_FLAG_TTYPE_KERNEL) + { + group->tg_flags |= GROUP_FLAG_PRIVILEGED; + } /* In a flat, single-heap build. The stream list is allocated with the * group structure. But in a kernel build with a kernel allocator, it @@ -199,7 +207,7 @@ int group_allocate(FAR struct task_tcb_s *tcb) */ group->tg_streamlist = (FAR struct streamlist *) - kumm_zalloc(sizeof(struct streamlist)); + group_zalloc(group, sizeof(struct streamlist)); if (!group->tg_streamlist) { @@ -228,7 +236,7 @@ int group_allocate(FAR struct task_tcb_s *tcb) { #if CONFIG_NFILE_STREAMS > 0 && (defined(CONFIG_BUILD_PROTECTED) || \ defined(CONFIG_BUILD_KERNEL)) && defined(CONFIG_MM_KERNEL_HEAP) - kumm_free(group->tg_streamlist); + group_free(group, group->tg_streamlist); #endif kmm_free(group); tcb->cmn.group = NULL; diff --git a/nuttx/sched/group/group_free.c b/nuttx/sched/group/group_free.c new file mode 100644 index 000000000..f71bebdcc --- /dev/null +++ b/nuttx/sched/group/group_free.c @@ -0,0 +1,103 @@ +/************************************************************************ + * sched/group/group_free.c + * + * Copyright (C) 2014 Gregory Nutt. All rights reserved. + * Author: Gregory Nutt + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * 3. Neither the name NuttX nor the names of its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + ************************************************************************/ + +/************************************************************************ + * Included Files + ************************************************************************/ + +#include + +#include +#include + +#include "group/group.h" + +#if (defined(CONFIG_BUILD_PROTECTED) || defined(CONFIG_BUILD_KERNEL)) && \ + defined(CONFIG_MM_KERNEL_HEAP) + +/************************************************************************ + * Pre-processor Definitions + ************************************************************************/ + +/************************************************************************ + * Private Type Declarations + ************************************************************************/ + +/************************************************************************ + * Global Variables + ************************************************************************/ + +/************************************************************************ + * Private Variables + ************************************************************************/ + +/************************************************************************ + * Private Function Prototypes + ************************************************************************/ + +/************************************************************************ + * Public Functions + ************************************************************************/ + +/************************************************************************ + * Name: group_free + * + * Description: + * Free memory appropriate previously allocated via group_malloc() using + * the appropriate memory manager. + * + ************************************************************************/ + +void group_free(FAR struct task_group_s *group, FAR void *mem) +{ + /* Check the group is privileged */ + + if ((group->tg_flags & GROUP_FLAG_PRIVILEGED) != 0) + { + /* It is a privileged group... use the kernel mode memory allocator */ + + return kmm_free(mem); + } + else + { + /* This is an unprivileged group... use the user mode memory + * allocator. + */ + + return kumm_free(mem); + } +} + +#endif /* CONFIG_BUILD_PROTECTED || CONFIG_BUILD_KERNEL) && CONFIG_MM_KERNEL_HEAP */ diff --git a/nuttx/sched/group/group_malloc.c b/nuttx/sched/group/group_malloc.c new file mode 100644 index 000000000..d00b5c2c0 --- /dev/null +++ b/nuttx/sched/group/group_malloc.c @@ -0,0 +1,106 @@ +/************************************************************************ + * sched/group/group_malloc.c + * + * Copyright (C) 2014 Gregory Nutt. All rights reserved. + * Author: Gregory Nutt + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * 3. Neither the name NuttX nor the names of its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + ************************************************************************/ + +/************************************************************************ + * Included Files + ************************************************************************/ + +#include + +#include +#include + +#include "group/group.h" + +#if (defined(CONFIG_BUILD_PROTECTED) || defined(CONFIG_BUILD_KERNEL)) && \ + defined(CONFIG_MM_KERNEL_HEAP) + +/************************************************************************ + * Pre-processor Definitions + ************************************************************************/ + +/************************************************************************ + * Private Type Declarations + ************************************************************************/ + +/************************************************************************ + * Global Variables + ************************************************************************/ + +/************************************************************************ + * Private Variables + ************************************************************************/ + +/************************************************************************ + * Private Function Prototypes + ************************************************************************/ + +/************************************************************************ + * Public Functions + ************************************************************************/ + +/************************************************************************ + * Name: group_malloc + * + * Description: + * Allocate memory appropriate for the group type. If the memory is + * part of a privileged, then it should be allocated so that it is + * only accessed by privileged code; Otherwise, it is a user mode + * group and must be allocated so that it accessible by unprivileged + * code. + * + ************************************************************************/ + +FAR void *group_malloc(FAR struct task_group_s *group, size_t nbytes) +{ + /* Check the group type */ + + if ((group->tg_flags & GROUP_FLAG_PRIVILEGED) != 0) + { + /* It is a privileged group... use the kernel mode memory allocator */ + + return kmm_malloc(nbytes); + } + else + { + /* This is an unprivileged group... use the user mode memory + * allocator. + */ + + return kumm_malloc(nbytes); + } +} + +#endif /* CONFIG_BUILD_PROTECTED || CONFIG_BUILD_KERNEL) && CONFIG_MM_KERNEL_HEAP */ diff --git a/nuttx/sched/group/group_zalloc.c b/nuttx/sched/group/group_zalloc.c new file mode 100644 index 000000000..2fcea0d5e --- /dev/null +++ b/nuttx/sched/group/group_zalloc.c @@ -0,0 +1,95 @@ +/************************************************************************ + * sched/group/group_zalloc.c + * + * Copyright (C) 2014 Gregory Nutt. All rights reserved. + * Author: Gregory Nutt + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * 3. Neither the name NuttX nor the names of its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + ************************************************************************/ + +/************************************************************************ + * Included Files + ************************************************************************/ + +#include + +#include + +#include "group/group.h" + +#if (defined(CONFIG_BUILD_PROTECTED) || defined(CONFIG_BUILD_KERNEL)) && \ + defined(CONFIG_MM_KERNEL_HEAP) + +/************************************************************************ + * Pre-processor Definitions + ************************************************************************/ + +/************************************************************************ + * Private Type Declarations + ************************************************************************/ + +/************************************************************************ + * Global Variables + ************************************************************************/ + +/************************************************************************ + * Private Variables + ************************************************************************/ + +/************************************************************************ + * Private Function Prototypes + ************************************************************************/ + +/************************************************************************ + * Public Functions + ************************************************************************/ + +/************************************************************************ + * Name: group_malloc + * + * Description: + * Allocate memory and clear appropriate for the group type. If the + * memory is part of a privileged, then it should be allocated so + * that it is only accessed by privileged code; Otherwise, it must be + * allocated so that it accessible by unprivileged code. + * + ************************************************************************/ + +FAR void *group_zalloc(FAR struct task_group_s *group, size_t nbytes) +{ + FAR void *mem = group_malloc(group, nbytes); + if (mem) + { + memset(mem, 0, nbytes); + } + + return mem; +} + +#endif /* CONFIG_BUILD_PROTECTED || CONFIG_BUILD_KERNEL) && CONFIG_MM_KERNEL_HEAP */ -- cgit v1.2.3