f33c7c73bd
This patch eliminates the thread ID portion of the 'Native_capability' type. The access to entrypoints is now exclusively handled by passing socket descripts over Unix domain sockets and by inheriting the socket descriptor of the parent entrypoint at process-creation time. Each entrypoint creates a socket pair. The server-side socket is bound to a unique name defined by the server. The client-side socket is then connected to the same name. Whereas the server-side socket is meant to be exclusively used by the server to wait for incoming requests, the client-side socket can be delegated to other processes as payload of RPC messages (via SCM rights). Anyone who receives a capability over RPC receives the client-side socket of the entrypoint to which the capability refers. Given this socket descriptor, the unique name (as defined by the server) can be requested using 'getpeername'. Using this name, it is possible to compare socket descriptors, which is important to avoid duplicates from polluting the limited socket-descriptor name space. Wheras this patch introduces capability-based delegation of access rights to entrypoints, it does not cover the protection of the integrity of RPC objects. RPC objects are still referenced by a global ID passed as normal message payload.
61 lines
1.4 KiB
C++
61 lines
1.4 KiB
C++
/*
|
|
* \brief Linux-specific debug utilities
|
|
* \author Norman Feske
|
|
* \date 2009-05-16
|
|
*/
|
|
|
|
/*
|
|
* Copyright (C) 2009-2012 Genode Labs GmbH
|
|
*
|
|
* This file is part of the Genode OS framework, which is distributed
|
|
* under the terms of the GNU General Public License version 2.
|
|
*/
|
|
|
|
/*
|
|
* With the enabled 'DEBUG' flag, status information can be printed directly
|
|
* via a Linux system call by using the 'raw_write_str' function. This output
|
|
* bypasses the Genode 'LOG' mechanism, which is useful for debugging low-level
|
|
* code such as a libC back-end.
|
|
*/
|
|
#define DEBUG 1
|
|
|
|
|
|
#if DEBUG
|
|
#include <linux_syscalls.h>
|
|
#endif /* DEBUG */
|
|
|
|
|
|
/**
|
|
* Write function targeting directly the Linux system call layer and bypassing
|
|
* any Genode code.
|
|
*/
|
|
extern "C" int raw_write_str(const char *str)
|
|
{
|
|
#if DEBUG
|
|
unsigned len = 0;
|
|
for (; str[len] != 0; len++);
|
|
lx_syscall(SYS_write, (int)1, str, len);
|
|
return len;
|
|
#endif /* DEBUG */
|
|
}
|
|
|
|
|
|
/**
|
|
* Debug function waiting until the user presses return
|
|
*
|
|
* This function is there to delay the execution of a back-end function such
|
|
* that we have time to attack the GNU debugger to the running process. Once
|
|
* attached, we can continue execution and use 'gdb' for debugging. In the
|
|
* normal mode of operation, this function is never used.
|
|
*/
|
|
extern "C" void wait_for_continue(void)
|
|
{
|
|
#if DEBUG
|
|
char buf[16];
|
|
lx_syscall(SYS_read, (int)0, buf, sizeof(buf));
|
|
#endif /* DEBUG */
|
|
}
|
|
|
|
|
|
extern "C" int get_pid() { return lx_getpid(); }
|