userspace: restrict k_object_access_all_grant()

This is too powerful for user mode, the other access APIs require explicit permissions on the threads that are being granted access. The API is no longer exposed as a system call and hence will only be usable by supervisor threads. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2017-10-14 14:42:23 -07:00 · 2017-10-14 14:42:23 -07:00 · 41bab6e360
commit 41bab6e360
parent 04caa679c9
3 changed files with 3 additions and 14 deletions
--- a/include/kernel.h
+++ b/include/kernel.h
@ -212,7 +212,7 @@ static inline void _impl_k_object_access_revoke(void *object,
 	ARG_UNUSED(thread);
 }

-static inline void _impl_k_object_access_all_grant(void *object)
+static inline void k_object_access_all_grant(void *object)
 {
 	ARG_UNUSED(object);
 }
@ -259,7 +259,7 @@ __syscall void k_object_access_revoke(void *object, struct k_thread *thread);
 *
 * @param object Address of kernel object
 */
-__syscall void k_object_access_all_grant(void *object);
+void k_object_access_all_grant(void *object);

 /* timeouts */

--- a/kernel/userspace.c
+++ b/kernel/userspace.c
@ -211,7 +211,7 @@ void _impl_k_object_access_revoke(void *object, struct k_thread *thread)
 	}
 }

-void _impl_k_object_access_all_grant(void *object)
+void k_object_access_all_grant(void *object)
 {
 	struct _k_object *ko = _k_object_find(object);

--- a/kernel/userspace_handler.c
+++ b/kernel/userspace_handler.c
@ -58,14 +58,3 @@ _SYSCALL_HANDLER(k_object_access_revoke, object, thread)

 	return 0;
 }
-
-_SYSCALL_HANDLER(k_object_access_all_grant, object)
-{
-	struct _k_object *ko;
-
-	ko = validate_any_object((void *)object);
-	_SYSCALL_VERIFY_MSG(ko, "object %p access denied", (void *)object);
-	ko->flags |= K_OBJ_FLAG_PUBLIC;
-
-	return 0;
-}