acadia/zion/capability/capability.h

#pragma once

#include <stdint.h>

#include "lib/ref_ptr.h"
#include "object/kernel_object.h"

class Process;
class Thread;

class Capability : public RefCounted<Capability> {
 public:
  Capability(const RefPtr<KernelObject>& obj, uint64_t permissions)
      : obj_(obj), permissions_(permissions) {}

  template <typename T>
  Capability(const RefPtr<T>& obj, uint64_t permissions)
      : Capability(StaticCastRefPtr<KernelObject>(obj), permissions) {}

  template <typename T>
  RefPtr<T> obj();

  RefPtr<KernelObject> raw_obj() { return obj_; }

  uint64_t permissions() { return permissions_; }
  bool HasPermissions(uint64_t requested) {
    return (permissions_ & requested) == requested;
  }

 private:
  RefPtr<KernelObject> obj_;
  uint64_t permissions_;
};

template <typename T>
RefPtr<T> Capability::obj() {
  if (obj_->TypeTag() != KernelObjectTag<T>::type) {
    return nullptr;
  }
  return StaticCastRefPtr<T>(obj_);
}

template <typename T>
z_err_t ValidateCapability(const RefPtr<Capability>& cap,
                           uint64_t permissions) {
  if (!cap) {
    return Z_ERR_CAP_NOT_FOUND;
  }

  if (cap->raw_obj()->TypeTag() != KernelObjectTag<T>::type) {
    return Z_ERR_CAP_TYPE;
  }

  if (!cap->HasPermissions(permissions)) {
    return Z_ERR_CAP_DENIED;
  }

  return Z_OK;
}

#define RET_IF_NULL(expr)    \
  {                          \
    if (!expr) {             \
      return Z_ERR_CAP_TYPE; \
    }                        \
  }
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00			`#pragma once`

			`#include <stdint.h>`

Make a KernelObject base class for all Capabilities. 2023-06-06 20:13:07 -07:00			`#include "lib/ref_ptr.h"`
			`#include "object/kernel_object.h"`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00
			`class Process;`
Add a threading syscall API. 2023-06-06 16:24:03 -07:00			`class Thread;`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00
Make Capability RefCounted 2023-06-07 06:21:36 -07:00			`class Capability : public RefCounted<Capability> {`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00			`public:`
[zion] Store capability ids on the CapabilityTable. This is preferable to storing it in the capability itself since the id is really just an index for the containing process. 2023-06-16 15:27:09 -07:00			`Capability(const RefPtr<KernelObject>& obj, uint64_t permissions)`
			`: obj_(obj), permissions_(permissions) {}`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00
Make a KernelObject base class for all Capabilities. 2023-06-06 20:13:07 -07:00			`template <typename T>`
[zion] Store capability ids on the CapabilityTable. This is preferable to storing it in the capability itself since the id is really just an index for the containing process. 2023-06-16 15:27:09 -07:00			`Capability(const RefPtr<T>& obj, uint64_t permissions)`
			`: Capability(StaticCastRefPtr<KernelObject>(obj), permissions) {}`
Make a KernelObject base class for all Capabilities. 2023-06-06 20:13:07 -07:00
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00			`template <typename T>`
Spawn Processes using memory primitives rather than and elf loader. This allows us to remove the temporary syscall for that style of process spawn. 2023-06-07 00:04:53 -07:00			`RefPtr<T> obj();`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00
[zion] Move capability validation to capability.h 2023-06-20 15:50:49 -07:00			`RefPtr<KernelObject> raw_obj() { return obj_; }`

Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00			`uint64_t permissions() { return permissions_; }`
			`bool HasPermissions(uint64_t requested) {`
			`return (permissions_ & requested) == requested;`
			`}`

			`private:`
Make a KernelObject base class for all Capabilities. 2023-06-06 20:13:07 -07:00			`RefPtr<KernelObject> obj_;`
Add a skeleton framework for capabilities. Use the first capability to spawn a child process. 2023-05-30 23:55:42 -07:00			`uint64_t permissions_;`
			`};`
[zion] Dynamically check Capability type. Instead of passing an enum with the capability when creating it, relying on polymorphism and a template struct tag to determine the object type at runtime. This is cleaner and avoids errors where we pass the wrong capability type with the cap and do a bad cast at runtime. 2023-06-16 14:53:57 -07:00
			`template <typename T>`
			`RefPtr<T> Capability::obj() {`
			`if (obj_->TypeTag() != KernelObjectTag<T>::type) {`
			`return nullptr;`
			`}`
			`return StaticCastRefPtr<T>(obj_);`
			`}`
[zion] Move capability validation to capability.h 2023-06-20 15:50:49 -07:00
			`template <typename T>`
			`z_err_t ValidateCapability(const RefPtr<Capability>& cap,`
			`uint64_t permissions) {`
			`if (!cap) {`
			`return Z_ERR_CAP_NOT_FOUND;`
			`}`

			`if (cap->raw_obj()->TypeTag() != KernelObjectTag<T>::type) {`
			`return Z_ERR_CAP_TYPE;`
			`}`

			`if (!cap->HasPermissions(permissions)) {`
			`return Z_ERR_CAP_DENIED;`
			`}`

			`return Z_OK;`
			`}`

			`#define RET_IF_NULL(expr) \`
			`{ \`
			`if (!expr) { \`
			`return Z_ERR_CAP_TYPE; \`
			`} \`
			`}`