syscall: Z_SYSCALL_VERIFY_MSG -> K_SYSCALL_VERIFY_MSG
Rename macros and do not use Z_ for internal APIs. Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This commit is contained in:
Anas Nashif
Carles Cufí
parent
4d5d04169d
commit
684b8fcdd0
@ -309,7 +309,7 @@ Several macros exist to validate arguments:
|
||||
:c:macro:`Z_SYSCALL_MEMORY_ARRAY_READ()` but the calling thread must
|
||||
additionally have write permissions.
|
||||
|
||||
* :c:macro:`Z_SYSCALL_VERIFY_MSG()` does a runtime check of some boolean
|
||||
* :c:macro:`K_SYSCALL_VERIFY_MSG()` does a runtime check of some boolean
|
||||
expression which must evaluate to true otherwise the check will fail.
|
||||
A variant :c:macro:`Z_SYSCALL_VERIFY` exists which does not take
|
||||
a message parameter, instead printing the expression tested if it
|
||||
@ -640,7 +640,7 @@ Helper macros for creating system call verification functions are provided in
|
||||
* :c:macro:`Z_SYSCALL_MEMORY_WRITE()`
|
||||
* :c:macro:`Z_SYSCALL_MEMORY_ARRAY_READ()`
|
||||
* :c:macro:`Z_SYSCALL_MEMORY_ARRAY_WRITE()`
|
||||
* :c:macro:`Z_SYSCALL_VERIFY_MSG()`
|
||||
* :c:macro:`K_SYSCALL_VERIFY_MSG()`
|
||||
* :c:macro:`Z_SYSCALL_VERIFY`
|
||||
|
||||
Functions for invoking system calls are defined in
|
||||
|
||||
@ -56,11 +56,11 @@ static inline int z_vrfy_adc_read(const struct device *dev,
|
||||
struct adc_sequence_options options;
|
||||
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_ADC(dev, read));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(copy_sequence(&sequence, &options,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(copy_sequence(&sequence, &options,
|
||||
(struct adc_sequence *)user_sequence),
|
||||
"invalid ADC sequence"));
|
||||
if (sequence.options != NULL) {
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(sequence.options->callback == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(sequence.options->callback == NULL,
|
||||
"ADC sequence callbacks forbidden from user mode"));
|
||||
}
|
||||
|
||||
@ -77,11 +77,11 @@ static inline int z_vrfy_adc_read_async(const struct device *dev,
|
||||
struct adc_sequence_options options;
|
||||
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_ADC(dev, read_async));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(copy_sequence(&sequence, &options,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(copy_sequence(&sequence, &options,
|
||||
(struct adc_sequence *)user_sequence),
|
||||
"invalid ADC sequence"));
|
||||
if (sequence.options != NULL) {
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(sequence.options->callback == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(sequence.options->callback == NULL,
|
||||
"ADC sequence callbacks forbidden from user mode"));
|
||||
}
|
||||
Z_OOPS(Z_SYSCALL_OBJ(async, K_OBJ_POLL_SIGNAL));
|
||||
|
||||
@ -189,7 +189,7 @@ static inline int z_vrfy_can_send(const struct device *dev,
|
||||
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_CAN(dev, send));
|
||||
Z_OOPS(z_user_from_copy(&frame_copy, frame, sizeof(frame_copy)));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(callback == NULL, "callbacks may not be set from user mode"));
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(callback == NULL, "callbacks may not be set from user mode"));
|
||||
|
||||
return z_impl_can_send(dev, &frame_copy, timeout, callback, user_data);
|
||||
}
|
||||
|
||||
@ -90,7 +90,7 @@ static inline int z_vrfy_counter_set_channel_alarm(const struct device *dev,
|
||||
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_COUNTER(dev, set_alarm));
|
||||
Z_OOPS(z_user_from_copy(&cfg_copy, alarm_cfg, sizeof(cfg_copy)));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(cfg_copy.callback == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(cfg_copy.callback == NULL,
|
||||
"callbacks may not be set from user mode"));
|
||||
return z_impl_counter_set_channel_alarm((const struct device *)dev,
|
||||
(uint8_t)chan_id,
|
||||
@ -116,7 +116,7 @@ static inline int z_vrfy_counter_set_top_value(const struct device *dev,
|
||||
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_COUNTER(dev, set_top_value));
|
||||
Z_OOPS(z_user_from_copy(&cfg_copy, cfg, sizeof(cfg_copy)));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(cfg_copy.callback == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(cfg_copy.callback == NULL,
|
||||
"callbacks may not be set from user mode"));
|
||||
return z_impl_counter_set_top_value((const struct device *)dev,
|
||||
(const struct counter_top_cfg *)
|
||||
|
||||
@ -11,7 +11,7 @@ static inline int z_vrfy_kscan_config(const struct device *dev,
|
||||
kscan_callback_t callback_isr)
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_KSCAN(dev, config));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(callback_isr == 0,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(callback_isr == 0,
|
||||
"callback cannot be set from user mode"));
|
||||
return z_impl_kscan_config((const struct device *)dev, callback_isr);
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@ static inline int z_vrfy_ps2_config(const struct device *dev,
|
||||
ps2_callback_t callback_isr)
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_PS2(dev, config));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(callback_isr == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(callback_isr == NULL,
|
||||
"callback not be set from user mode"));
|
||||
return z_impl_ps2_config(dev, callback_isr);
|
||||
}
|
||||
|
||||
@ -18,7 +18,7 @@ static inline int z_vrfy_bc12_set_result_cb(const struct device *dev, bc12_callb
|
||||
void *user_data)
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_DRIVER_BC12(dev, set_result_cb));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(cb == NULL, "callbacks may not be set from user mode"));
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(cb == NULL, "callbacks may not be set from user mode"));
|
||||
|
||||
return z_impl_bc12_set_result_cb(dev, cb, user_data);
|
||||
}
|
||||
|
||||
@ -102,7 +102,7 @@ static inline int z_vrfy_w1_search_bus(const struct device *dev,
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_OBJ(dev, K_OBJ_DRIVER_W1));
|
||||
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(callback == 0,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(callback == 0,
|
||||
"callbacks may not be set from user mode"));
|
||||
/* user_data is not dereferenced, no need to check parameter */
|
||||
|
||||
|
||||
@ -308,7 +308,7 @@ int z_user_string_copy(char *dst, const char *src, size_t maxlen);
|
||||
* arguments) to print on verification failure
|
||||
* @return False on success, True on failure
|
||||
*/
|
||||
#define Z_SYSCALL_VERIFY_MSG(expr, fmt, ...) ({ \
|
||||
#define K_SYSCALL_VERIFY_MSG(expr, fmt, ...) ({ \
|
||||
bool expr_copy = !(expr); \
|
||||
if (expr_copy) { \
|
||||
TOOLCHAIN_IGNORE_WSHADOW_BEGIN \
|
||||
@ -329,7 +329,7 @@ int z_user_string_copy(char *dst, const char *src, size_t maxlen);
|
||||
* oops. A stringified version of this expression will be printed.
|
||||
* @return 0 on success, nonzero on failure
|
||||
*/
|
||||
#define Z_SYSCALL_VERIFY(expr) Z_SYSCALL_VERIFY_MSG(expr, #expr)
|
||||
#define Z_SYSCALL_VERIFY(expr) K_SYSCALL_VERIFY_MSG(expr, #expr)
|
||||
|
||||
/**
|
||||
* @brief Runtime check that a user thread has read and/or write permission to
|
||||
@ -348,7 +348,7 @@ int z_user_string_copy(char *dst, const char *src, size_t maxlen);
|
||||
* @return 0 on success, nonzero on failure
|
||||
*/
|
||||
#define Z_SYSCALL_MEMORY(ptr, size, write) \
|
||||
Z_SYSCALL_VERIFY_MSG(arch_buffer_validate((void *)ptr, size, write) \
|
||||
K_SYSCALL_VERIFY_MSG(arch_buffer_validate((void *)ptr, size, write) \
|
||||
== 0, \
|
||||
"Memory region %p (size %zu) %s access denied", \
|
||||
(void *)(ptr), (size_t)(size), \
|
||||
@ -389,7 +389,7 @@ int z_user_string_copy(char *dst, const char *src, size_t maxlen);
|
||||
#define Z_SYSCALL_MEMORY_ARRAY(ptr, nmemb, size, write) \
|
||||
({ \
|
||||
size_t product; \
|
||||
Z_SYSCALL_VERIFY_MSG(!size_mul_overflow((size_t)(nmemb), \
|
||||
K_SYSCALL_VERIFY_MSG(!size_mul_overflow((size_t)(nmemb), \
|
||||
(size_t)(size), \
|
||||
&product), \
|
||||
"%zux%zu array is too large", \
|
||||
@ -448,7 +448,7 @@ static inline int z_obj_validation_check(struct k_object *ko,
|
||||
}
|
||||
|
||||
#define Z_SYSCALL_IS_OBJ(ptr, type, init) \
|
||||
Z_SYSCALL_VERIFY_MSG(z_obj_validation_check( \
|
||||
K_SYSCALL_VERIFY_MSG(z_obj_validation_check( \
|
||||
z_object_find((const void *)ptr), \
|
||||
(const void *)ptr, \
|
||||
type, init) == 0, "access denied")
|
||||
@ -467,7 +467,7 @@ static inline int z_obj_validation_check(struct k_object *ko,
|
||||
({ \
|
||||
struct api_name *__device__ = (struct api_name *) \
|
||||
((const struct device *)ptr)->api; \
|
||||
Z_SYSCALL_VERIFY_MSG(__device__->op != NULL, \
|
||||
K_SYSCALL_VERIFY_MSG(__device__->op != NULL, \
|
||||
"Operation %s not defined for driver " \
|
||||
"instance %p", \
|
||||
# op, __device__); \
|
||||
@ -495,7 +495,7 @@ static inline int z_obj_validation_check(struct k_object *ko,
|
||||
({ \
|
||||
const struct device *_dev = (const struct device *)_device; \
|
||||
Z_SYSCALL_OBJ(_dev, _dtype) || \
|
||||
Z_SYSCALL_VERIFY_MSG(_dev->api == _api, \
|
||||
K_SYSCALL_VERIFY_MSG(_dev->api == _api, \
|
||||
"API structure mismatch"); \
|
||||
})
|
||||
|
||||
|
||||
@ -368,7 +368,7 @@ static inline int z_vrfy_k_poll(struct k_poll_event *events,
|
||||
ret = -EINVAL;
|
||||
goto out;
|
||||
}
|
||||
if (Z_SYSCALL_VERIFY_MSG(!u32_mul_overflow(num_events,
|
||||
if (K_SYSCALL_VERIFY_MSG(!u32_mul_overflow(num_events,
|
||||
sizeof(struct k_poll_event),
|
||||
&bounds),
|
||||
"num_events too large")) {
|
||||
|
||||
@ -1359,9 +1359,9 @@ void z_impl_k_thread_priority_set(k_tid_t thread, int prio)
|
||||
static inline void z_vrfy_k_thread_priority_set(k_tid_t thread, int prio)
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_OBJ(thread, K_OBJ_THREAD));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(_is_valid_prio(prio, NULL),
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(_is_valid_prio(prio, NULL),
|
||||
"invalid thread priority %d", prio));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG((int8_t)prio >= thread->base.prio,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG((int8_t)prio >= thread->base.prio,
|
||||
"thread priority may only be downgraded (%d < %d)",
|
||||
prio, thread->base.prio));
|
||||
|
||||
@ -1390,7 +1390,7 @@ static inline void z_vrfy_k_thread_deadline_set(k_tid_t tid, int deadline)
|
||||
struct k_thread *thread = tid;
|
||||
|
||||
Z_OOPS(Z_SYSCALL_OBJ(thread, K_OBJ_THREAD));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(deadline > 0,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(deadline > 0,
|
||||
"invalid thread deadline %d",
|
||||
(int)deadline));
|
||||
|
||||
@ -1890,7 +1890,7 @@ static bool thread_obj_validate(struct k_thread *thread)
|
||||
#ifdef CONFIG_LOG
|
||||
z_dump_object_error(ret, thread, ko, K_OBJ_THREAD);
|
||||
#endif
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ret, "access denied"));
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(ret, "access denied"));
|
||||
}
|
||||
CODE_UNREACHABLE; /* LCOV_EXCL_LINE */
|
||||
}
|
||||
@ -1912,7 +1912,7 @@ static inline void z_vrfy_k_thread_abort(k_tid_t thread)
|
||||
return;
|
||||
}
|
||||
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!(thread->base.user_options & K_ESSENTIAL),
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(!(thread->base.user_options & K_ESSENTIAL),
|
||||
"aborting essential thread %p", thread));
|
||||
|
||||
z_impl_k_thread_abort((struct k_thread *)thread);
|
||||
|
||||
@ -734,7 +734,7 @@ k_tid_t z_vrfy_k_thread_create(struct k_thread *new_thread,
|
||||
* object table if it isn't
|
||||
*/
|
||||
stack_object = z_object_find(stack);
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(z_obj_validation_check(stack_object, stack,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(z_obj_validation_check(stack_object, stack,
|
||||
K_OBJ_THREAD_STACK_ELEMENT,
|
||||
_OBJ_INIT_FALSE) == 0,
|
||||
"bad stack object"));
|
||||
@ -742,7 +742,7 @@ k_tid_t z_vrfy_k_thread_create(struct k_thread *new_thread,
|
||||
/* Verify that the stack size passed in is OK by computing the total
|
||||
* size and comparing it with the size value in the object metadata
|
||||
*/
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!size_add_overflow(K_THREAD_STACK_RESERVED,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(!size_add_overflow(K_THREAD_STACK_RESERVED,
|
||||
stack_size, &total_size),
|
||||
"stack size overflow (%zu+%zu)",
|
||||
stack_size,
|
||||
@ -756,7 +756,7 @@ k_tid_t z_vrfy_k_thread_create(struct k_thread *new_thread,
|
||||
#else
|
||||
stack_obj_size = stack_object->data.stack_size;
|
||||
#endif
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(total_size <= stack_obj_size,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(total_size <= stack_obj_size,
|
||||
"stack size %zu is too big, max is %zu",
|
||||
total_size, stack_obj_size));
|
||||
|
||||
|
||||
@ -60,7 +60,7 @@ static inline void z_vrfy_k_object_access_grant(const void *object,
|
||||
|
||||
Z_OOPS(Z_SYSCALL_OBJ_INIT(thread, K_OBJ_THREAD));
|
||||
ko = validate_any_object(object);
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
|
||||
object));
|
||||
z_thread_perms_set(ko, thread);
|
||||
}
|
||||
@ -71,7 +71,7 @@ static inline void z_vrfy_k_object_release(const void *object)
|
||||
struct k_object *ko;
|
||||
|
||||
ko = validate_any_object((void *)object);
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(ko != NULL, "object %p access denied",
|
||||
(void *)object));
|
||||
z_thread_perms_clear(ko, _current);
|
||||
}
|
||||
|
||||
@ -449,13 +449,13 @@ uint32_t z_vrfy_log_filter_set(struct log_backend const *const backend,
|
||||
int16_t src_id,
|
||||
uint32_t level)
|
||||
{
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(backend == NULL,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(backend == NULL,
|
||||
"Setting per-backend filters from user mode is not supported"));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(domain_id == Z_LOG_LOCAL_DOMAIN_ID,
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(domain_id == Z_LOG_LOCAL_DOMAIN_ID,
|
||||
"Invalid log domain_id"));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(src_id < (int16_t)log_src_cnt_get(domain_id),
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(src_id < (int16_t)log_src_cnt_get(domain_id),
|
||||
"Invalid log source id"));
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(
|
||||
Z_OOPS(K_SYSCALL_VERIFY_MSG(
|
||||
(level <= LOG_LEVEL_DBG),
|
||||
"Invalid log level"));
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user