diff options
| author | Justus Winter <justus@gnupg.org> | 2016-10-23 11:48:06 +0200 |
|---|---|---|
| committer | Justus Winter <justus@gnupg.org> | 2016-11-01 16:32:47 +0100 |
| commit | 8c0e65b6b2db9946153ed736e66d4e613875deb6 (patch) | |
| tree | 52b6beabd42f45f61c2f6775b6190559db1d1179 /boot/mig-mutate.h | |
| parent | 7ab8e74f1331b70dd52e604d0010a49fabf9e549 (diff) | |
| download | hurd-8c0e65b6b2db9946153ed736e66d4e613875deb6.tar.gz hurd-8c0e65b6b2db9946153ed736e66d4e613875deb6.tar.bz2 hurd-8c0e65b6b2db9946153ed736e66d4e613875deb6.zip | |
boot: Allow unprivileged users to boot Subhurds.
Previously, boot handed privileged kernel ports to Subhurds. This
made boot unusable for unprivileged users, and allowed Subhurds to
wreak havoc on the whole system. Fix this by handing out pseudo ports
instead of the privileged ports.
* NEWS: Update.
* boot/Makefile (MIGSTUBS): Build stubs for the new kernel interfaces.
(MIGSFLAGS): Include mutation file.
(HURDLIBS): Link against libihash.
* boot/boot.c (privileged, want_privileged): New variables.
(pseudo_privileged_host_port): New variable.
(pseudo_pset, pseudo_kernel): Likewise.
(task_notification_port): Likewise.
(dead_task_notification_port): Likewise.
(boot_demuxer): Handle new protocols.
(OPT_PRIVILEGED): New macro.
(options): Add flag '--privileged' to enable the old mode.
(parse_opt): Handle new flag.
(allocate_pseudo_ports): New function.
(main): Handle new flag. If not running privileged, allocate more
pseudo ports to hand out in place of privileged kernel ports, create a
task namespace, and a task that the Subhurd can frob instead of the
real kernel task.
(do_mach_notify_dead_name): Handle dying tasks.
(S_vm_set_default_memory_manager): New function.
(S_host_reboot): Likewise.
(S_host_processor_set_priv): Likewise.
(S_register_new_task_notification): Likewise.
(task_ihash_cleanup): Likewise.
(task_ihash): New variable.
(task_died): New function.
(S_mach_notify_new_task): Likewise.
(S_processor_set_tasks): Likewise.
* boot/mig-decls.h: New file.
* boot/mig-mutate.h: Likewise.
Diffstat (limited to 'boot/mig-mutate.h')
| -rw-r--r-- | boot/mig-mutate.h | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/boot/mig-mutate.h b/boot/mig-mutate.h new file mode 100644 index 00000000..ef90b734 --- /dev/null +++ b/boot/mig-mutate.h @@ -0,0 +1,25 @@ +/* + Copyright (C) 2014 Free Software Foundation, Inc. + Written by Justus Winter. + + This file is part of the GNU Hurd. + + The GNU Hurd is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2, or (at + your option) any later version. + + The GNU Hurd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with the GNU Hurd. If not, see <http://www.gnu.org/licenses/>. */ + +#define MACH_IMPORTS \ + import "mig-decls.h"; +#define MACH_HOST_IMPORTS \ + import "mig-decls.h"; +#define GNUMACH_IMPORTS \ + import "mig-decls.h"; |