This patch makes RTDM service rtdm_context_get check the owner of a file
descriptor. This will prevent a process to close an RTDM file descriptor
belonging to another process.
Stats:
include/rtdm/rtdm.h | 2 +-
include/rtdm/rtdm_driver.h | 2 +-
ksrc/skins/posix/syscall.c | 5 +++--
ksrc/skins/rtdm/core.c | 15 +++++++++------
4 files changed, 14 insertions(+), 10 deletions(-)
--
Gilles Chanteperdrix.
diff -Naurdp -x '*~' trunk/include/rtdm/rtdm.h
rtdm_check_context/include/rtdm/rtdm.h
--- trunk/include/rtdm/rtdm.h 2008-01-25 21:20:40.000000000 +0100
+++ rtdm_check_context/include/rtdm/rtdm.h 2008-02-02 14:22:36.000000000
+0100
@@ -248,7 +248,7 @@ ssize_t __rt_dev_recvmsg(rtdm_user_info_
ssize_t __rt_dev_sendmsg(rtdm_user_info_t *user_info, int fd,
const struct msghdr *msg, int flags);
struct xnselector;
-int __rt_dev_select_bind(int fd,
+int __rt_dev_select_bind(rtdm_user_info_t *user_info, int fd,
struct xnselector *selector,
unsigned type, unsigned index);
#endif /* __KERNEL__ */
diff -Naurdp -x '*~' trunk/include/rtdm/rtdm_driver.h
rtdm_check_context/include/rtdm/rtdm_driver.h
--- trunk/include/rtdm/rtdm_driver.h 2008-01-25 21:33:13.000000000 +0100
+++ rtdm_check_context/include/rtdm/rtdm_driver.h 2008-02-02
14:16:18.000000000 +0100
@@ -461,7 +461,7 @@ int rtdm_dev_unregister(struct rtdm_devi
#define rtdm_getpeername rt_dev_getpeername
#define rtdm_shutdown rt_dev_shutdown
-struct rtdm_dev_context *rtdm_context_get(int fd);
+struct rtdm_dev_context *rtdm_context_get(rtdm_user_info_t *user_info, int fd);
#ifndef DOXYGEN_CPP /* Avoid static inline tags for RTDM in doxygen */
static inline void rtdm_context_lock(struct rtdm_dev_context *context)
diff -Naurdp -x '*~' trunk/ksrc/skins/posix/syscall.c
rtdm_check_context/ksrc/skins/posix/syscall.c
--- trunk/ksrc/skins/posix/syscall.c 2008-02-02 14:30:56.000000000 +0100
+++ rtdm_check_context/ksrc/skins/posix/syscall.c 2008-02-02
14:33:30.000000000 +0100
@@ -1898,7 +1898,7 @@ static int fd_valid_p(int fd)
if (fd >= rtdm_fd_start) {
struct rtdm_dev_context *ctx;
- ctx = rtdm_context_get(fd - rtdm_fd_start);
+ ctx = rtdm_context_get(current, fd - rtdm_fd_start);
if (ctx) {
rtdm_context_unlock(ctx);
return 1;
@@ -1930,7 +1930,8 @@ static int select_bind_one(struct xnsele
const int rtdm_fd_start = FD_SETSIZE - RTDM_FD_MAX;
if (fd >= rtdm_fd_start)
- return __rt_dev_select_bind(fd - rtdm_fd_start,
+ return __rt_dev_select_bind(current,
+ fd - rtdm_fd_start,
selector, type, fd);
#endif /* CONFIG_XENO_SKIN_RTDM */
diff -Naurdp -x '*~' trunk/ksrc/skins/rtdm/core.c
rtdm_check_context/ksrc/skins/rtdm/core.c
--- trunk/ksrc/skins/rtdm/core.c 2008-01-25 21:20:40.000000000 +0100
+++ rtdm_check_context/ksrc/skins/rtdm/core.c 2008-02-02 14:20:06.000000000
+0100
@@ -70,7 +70,7 @@ DEFINE_XNLOCK(rt_fildes_lock);
*
* Rescheduling: never.
*/
-struct rtdm_dev_context *rtdm_context_get(int fd)
+struct rtdm_dev_context *rtdm_context_get(rtdm_user_info_t *user_info, int fd)
{
struct rtdm_dev_context *context;
spl_t s;
@@ -82,7 +82,9 @@ struct rtdm_dev_context *rtdm_context_ge
context = fildes_table[fd].context;
if (unlikely(!context ||
- test_bit(RTDM_CLOSING, &context->context_flags))) {
+ test_bit(RTDM_CLOSING, &context->context_flags) ||
+ context->reserved.owner != (user_info
+ ? user_info->mm : NULL))) {
xnlock_put_irqrestore(&rt_fildes_lock, s);
return NULL;
}
@@ -294,7 +296,7 @@ err_out:
EXPORT_SYMBOL(__rt_dev_socket);
-int __rt_dev_select_bind(int fd,
+int __rt_dev_select_bind(rtdm_user_info_t *user_info, int fd,
struct xnselector *selector,
unsigned type, unsigned index)
{
@@ -302,7 +304,7 @@ int __rt_dev_select_bind(int fd,
struct rtdm_operations *ops;
int ret;
- context = rtdm_context_get(fd);
+ context = rtdm_context_get(user_info, fd);
ret = -EBADF;
if (unlikely(!context))
@@ -338,7 +340,8 @@ again:
context = fildes_table[fd].context;
- if (unlikely(!context)) {
+ if (unlikely(!context ||
+ (user_info && context->reserved.owner != user_info->mm))) {
xnlock_put_irqrestore(&rt_fildes_lock, s);
goto err_out; /* -EBADF */
}
@@ -434,7 +437,7 @@ do {
\
struct rtdm_operations *ops; \
int ret; \
\
- context = rtdm_context_get(fd); \
+ context = rtdm_context_get(user_info, fd); \
ret = -EBADF; \
if (unlikely(!context)) \
goto err_out; \
_______________________________________________
Xenomai-core mailing list
Xenomai-core@gna.org
https://mail.gna.org/listinfo/xenomai-core
