From ac1f47d1946550a734222165148bebd1cb7ff205 Mon Sep 17 00:00:00 2001 From: John Hodge Date: Fri, 25 Sep 2009 21:14:20 +0800 Subject: [PATCH] Added SYS_GETACL system call and implemented it in userland --- Kernel/syscalls.c | 6 +++ Kernel/vfs/acls.c | 49 ++++++++++++++++++++-- Usermode/Applications/CLIShell_src/main.c | 40 ++++++++++-------- Usermode/Libraries/libacess.so_src/vfs.asm | 3 +- Usermode/include/acess/sys.h | 18 +++++++- 5 files changed, 92 insertions(+), 24 deletions(-) diff --git a/Kernel/syscalls.c b/Kernel/syscalls.c index f1e08904..2d52b7ee 100644 --- a/Kernel/syscalls.c +++ b/Kernel/syscalls.c @@ -17,6 +17,7 @@ extern int Proc_GetMessage(Uint *Err, Uint *Source, void *Buffer); extern int Proc_Execve(char *File, char **ArgV, char **EnvP); extern Uint Binary_Load(char *file, Uint *entryPoint); extern int VFS_FInfo(int FD, void *Dest, int MaxACLs); +extern int VFS_GetACL(int FD, void *Dest); extern int Threads_SetName(char *NewName); extern int Threads_GetPID(); extern int Threads_GetTID(); @@ -24,6 +25,7 @@ extern int Threads_GetUID(); extern int Threads_GetGID(); // === CODE === +// TODO: Do sanity checking on arguments, ATM the user can really fuck with the kernel void SyscallHandler(tSyscallRegs *Regs) { Uint64 ret = 0; @@ -144,6 +146,10 @@ void SyscallHandler(tSyscallRegs *Regs) ret = VFS_FInfo( Regs->Arg1, (void*)Regs->Arg2, Regs->Arg3 ); break; + case SYS_GETACL: + ret = VFS_GetACL( Regs->Arg1, (void*)Regs->Arg2 ); + break; + case SYS_READDIR: ret = VFS_ReadDir( Regs->Arg1, (void*)Regs->Arg2 ); break; diff --git a/Kernel/vfs/acls.c b/Kernel/vfs/acls.c index 5a112ded..9ef4676d 100644 --- a/Kernel/vfs/acls.c +++ b/Kernel/vfs/acls.c @@ -6,10 +6,10 @@ #include "vfs_int.h" // === GLOBALS === -tVFS_ACL gVFS_ACL_EveryoneRWX = { {0,-1}, {0,VFS_PERM_ALL} }; -tVFS_ACL gVFS_ACL_EveryoneRW = { {0,-1}, {0,VFS_PERM_ALL^VFS_PERM_EXECUTE} }; -tVFS_ACL gVFS_ACL_EveryoneRX = { {0,-1}, {0,VFS_PERM_READ|VFS_PERM_EXECUTE} }; -tVFS_ACL gVFS_ACL_EveryoneRO = { {0,-1}, {0,VFS_PERM_READ} }; +tVFS_ACL gVFS_ACL_EveryoneRWX = { {1,-1}, {0,VFS_PERM_ALL} }; +tVFS_ACL gVFS_ACL_EveryoneRW = { {1,-1}, {0,VFS_PERM_ALL^VFS_PERM_EXECUTE} }; +tVFS_ACL gVFS_ACL_EveryoneRX = { {1,-1}, {0,VFS_PERM_READ|VFS_PERM_EXECUTE} }; +tVFS_ACL gVFS_ACL_EveryoneRO = { {1,-1}, {0,VFS_PERM_READ} }; // === CODE === /** @@ -56,3 +56,44 @@ int VFS_CheckACL(tVFS_Node *Node, Uint Permissions) return 0; } +/** + * \fn int VFS_GetACL(int FD, tVFS_ACL *Dest) + */ +int VFS_GetACL(int FD, tVFS_ACL *Dest) +{ + int i; + tVFS_Handle *h = VFS_GetHandle(FD); + + // Error check + if(!h) return -1; + + // Root can do anything + if(Dest->Group == 0 && Dest->ID == 0) { + Dest->Inv = 0; + Dest->Perms = -1; + return 1; + } + + // Root only file?, fast return + if( h->Node->NumACLs == 0 ) { + Dest->Inv = 0; + Dest->Perms = 0; + return 0; + } + + // Check Deny Permissions + for(i=0;iNode->NumACLs;i++) + { + if(h->Node->ACLs[i].Group != Dest->Group) continue; + if(h->Node->ACLs[i].ID != Dest->ID) continue; + + Dest->Inv = h->Node->ACLs[i].Inv; + Dest->Perms = h->Node->ACLs[i].Perms; + return 1; + } + + + Dest->Inv = 0; + Dest->Perms = 0; + return 0; +} diff --git a/Usermode/Applications/CLIShell_src/main.c b/Usermode/Applications/CLIShell_src/main.c index 50cf372d..87862622 100644 --- a/Usermode/Applications/CLIShell_src/main.c +++ b/Usermode/Applications/CLIShell_src/main.c @@ -336,6 +336,7 @@ void Command_Dir(int argc, char **argv) char tmpPath[1024]; char *fileName; t_sysFInfo info; + t_sysACL acl; // Generate Directory Path if(argc > 1) @@ -398,26 +399,31 @@ void Command_Dir(int argc, char **argv) finfo(fp, &info, 0); close(fp); + //Print Mode + //#if 0 + acl.group = 0; acl.id = info.uid; + _SysGetACL(fp, &acl); + if(acl.perms & 1) modeStr[0] = 'r'; else modeStr[0] = '-'; + if(acl.perms & 2) modeStr[1] = 'w'; else modeStr[1] = '-'; + if(acl.perms & 8) modeStr[2] = 'x'; else modeStr[2] = '-'; + acl.group = 1; acl.id = info.gid; + _SysGetACL(fp, &acl); + if(acl.perms & 1) modeStr[3] = 'r'; else modeStr[3] = '-'; + if(acl.perms & 1) modeStr[4] = 'w'; else modeStr[4] = '-'; + if(acl.perms & 1) modeStr[5] = 'x'; else modeStr[5] = '-'; + acl.group = 1; acl.id = -1; + _SysGetACL(fp, &acl); + if(acl.perms & 1) modeStr[6] = 'r'; else modeStr[6] = '-'; + if(acl.perms & 1) modeStr[7] = 'w'; else modeStr[7] = '-'; + if(acl.perms & 1) modeStr[8] = 'x'; else modeStr[8] = '-'; + write(_stdout, 10, modeStr); + //#endif + // Colour Code if(info.flags & FILEFLAG_DIRECTORY) // Directory: Green write(_stdout, 6, "\x1B[32m"); else write(_stdout, 6, "\x1B[37m"); // Default: White - - //Print Mode - #if 0 - if(stats.st_mode & 0400) modeStr[0] = 'R'; else modeStr[0] = '-'; - if(stats.st_mode & 0200) modeStr[1] = 'W'; else modeStr[1] = '-'; - if(stats.st_mode & 0100) modeStr[2] = 'X'; else modeStr[2] = '-'; - if(stats.st_mode & 0040) modeStr[3] = 'R'; else modeStr[3] = '-'; - if(stats.st_mode & 0020) modeStr[4] = 'W'; else modeStr[4] = '-'; - if(stats.st_mode & 0010) modeStr[5] = 'X'; else modeStr[5] = '-'; - if(stats.st_mode & 0004) modeStr[6] = 'R'; else modeStr[6] = '-'; - if(stats.st_mode & 0002) modeStr[7] = 'W'; else modeStr[7] = '-'; - if(stats.st_mode & 0001) modeStr[8] = 'X'; else modeStr[8] = '-'; - write(_stdout, 10, modeStr); - #endif - // Print Name write(_stdout, strlen(fileName), fileName); // Print slash if applicable @@ -428,9 +434,9 @@ void Command_Dir(int argc, char **argv) write(_stdout, 6, "\x1B[37m"); // Put Size - printf(" Size: %i", info.size); + printf("\n", info.size); - write(_stdout, 1, "\n"); + //write(_stdout, 1, "\n"); } // Close Directory close(dp); diff --git a/Usermode/Libraries/libacess.so_src/vfs.asm b/Usermode/Libraries/libacess.so_src/vfs.asm index 53c66c97..4cd41539 100644 --- a/Usermode/Libraries/libacess.so_src/vfs.asm +++ b/Usermode/Libraries/libacess.so_src/vfs.asm @@ -14,4 +14,5 @@ SYSCALL4 read, SYS_READ ; int, int64_t, void* SYSCALL4 write, SYS_WRITE ; int, int64_t, void* SYSCALL4 seek, SYS_SEEK ; int, int64_t, int SYSCALL3 finfo, SYS_FINFO ; int, void*, int -SYSCALL2 readdir, SYS_READDIR +SYSCALL2 readdir, SYS_READDIR ; int, char* +SYSCALL2 _SysGetACL, SYS_GETACL ; int, void* diff --git a/Usermode/include/acess/sys.h b/Usermode/include/acess/sys.h index 05f717b1..62e145e7 100644 --- a/Usermode/include/acess/sys.h +++ b/Usermode/include/acess/sys.h @@ -20,8 +20,20 @@ // === TYPES === struct s_sysACL { - uint32_t object; - uint32_t perms; + union { + struct { + unsigned group: 1; + unsigned id: 31; + }; + uint32_t object; + } + union { + struct { + unsigned invert: 1; + unsigned perms: 31; + }; + uint32_t rawperms; + } }; struct s_sysFInfo { uint uid, gid; @@ -34,6 +46,7 @@ struct s_sysFInfo { struct s_sysACL acls[]; }; typedef struct s_sysFInfo t_sysFInfo; +typedef struct s_sysACL t_sysACL; // === FUNCTIONS === void _SysDebug(char *str, ...); @@ -53,6 +66,7 @@ uint64_t write(int fd, uint64_t length, void *buffer); int ioctl(int fd, int id, void *data); int finfo(int fd, t_sysFInfo *info, int maxacls); int readdir(int fd, char *dest); + int _SysGetACL(int fd, t_sysACL *dest); // --- MEMORY --- uint64_t _SysGetPhys(uint vaddr); -- 2.20.1