From 6e86ce67f0fdc71e06992cab696aa1abeaf34e70 Mon Sep 17 00:00:00 2001
From: Drew Galbraith <dgalbraith33@gmail.com>
Date: Sat, 17 Jun 2023 01:24:07 -0700
Subject: [PATCH] [zion] Fix capability permission issues

---
 zion/include/zcall.h     | 2 +-
 zion/syscall/syscall.cpp | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/zion/include/zcall.h b/zion/include/zcall.h
index 7c7a759..1dc0454 100644
--- a/zion/include/zcall.h
+++ b/zion/include/zcall.h
@@ -15,7 +15,7 @@
 #define Z_PROCESS_START 0x03
 
 #define ZC_PROC_SPAWN_PROC 0x100
-#define ZC_PROC_SPAWN_THREAD 0x101
+#define ZC_PROC_SPAWN_THREAD 0x200
 
 // Thread Calls.
 #define Z_THREAD_CREATE 0x10
diff --git a/zion/syscall/syscall.cpp b/zion/syscall/syscall.cpp
index 7a651f7..f1eb479 100644
--- a/zion/syscall/syscall.cpp
+++ b/zion/syscall/syscall.cpp
@@ -57,7 +57,10 @@ z_err_t ValidateCap(const RefPtr<Capability>& cap, uint64_t permissions) {
   if (!cap) {
     return Z_ERR_CAP_NOT_FOUND;
   }
+  // FIXME: Check capability type before permissions, otherwise you can
+  // get a confusing error.
   if (!cap->HasPermissions(permissions)) {
+    dbgln("PERM, has %x needs %x", cap->permissions(), permissions);
     return Z_ERR_CAP_DENIED;
   }
   return Z_OK;
@@ -72,7 +75,7 @@ z_err_t ProcessSpawn(ZProcessSpawnReq* req, ZProcessSpawnResp* resp) {
   gProcMan->InsertProcess(proc);
 
   resp->proc_cap = curr_proc.AddNewCapability(
-      proc, ZC_PROC_SPAWN_PROC | ZC_PROC_SPAWN_PROC | ZC_WRITE);
+      proc, ZC_PROC_SPAWN_PROC | ZC_PROC_SPAWN_THREAD | ZC_WRITE);
   resp->vmas_cap = curr_proc.AddNewCapability(proc->vmas(), ZC_WRITE);
 
   if (req->bootstrap_cap != 0) {