userspace: allow thread IDs to be re-used
It's currently too easy to run out of thread IDs as they are never re-used on thread exit. Now the kernel maintains a bitfield of in-use thread IDs, updated on thread creation and termination. When a thread exits, the permission bitfield for all kernel objects is updated to revoke access for that retired thread ID, so that a new thread re-using that ID will not gain access to objects that it should not have. Because of these runtime updates, setting the permission bitmap for an object to all ones for a "public" object doesn't work properly any more; a flag is now set for this instead. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
Andrew Boie
Andrew Boie
parent
9bd5e76b47
commit
04caa679c9
7 changed files with 97 additions and 20 deletions
|
|
@ -180,6 +180,7 @@ struct _k_object {
|
|||
} __packed;
|
||||
|
||||
#define K_OBJ_FLAG_INITIALIZED BIT(0)
|
||||
#define K_OBJ_FLAG_PUBLIC BIT(1)
|
||||
|
||||
/**
|
||||
* Lookup a kernel object and init its metadata if it exists
|
||||
|
|
@ -253,6 +254,9 @@ __syscall void k_object_access_revoke(void *object, struct k_thread *thread);
|
|||
* as it is possible for such code to derive the addresses of kernel objects
|
||||
* and perform unwanted operations on them.
|
||||
*
|
||||
* It is not possible to revoke permissions on public objects; once public,
|
||||
* any thread may use it.
|
||||
*
|
||||
* @param object Address of kernel object
|
||||
*/
|
||||
__syscall void k_object_access_all_grant(void *object);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue