[kernel][object] job policy update for timers

To line up with all the other objects that don't require a parent handle the policy can now deny new timers. Change-Id: Iff69f2c6f97322a4d30661b43eef955a7d7db7c8
2017-09-09 18:05:02 -07:00
commit 7df8af9197
@@ -65,6 +65,8 @@ Where *condition* is one of
  a new socket.
 + **MX_POL_NEW_FIFO** a process under this job is attempting to create
  a new fifo.
+ **MX_POL_NEW_TIMER** a process under this job is attempting to create
+  a new timer.
 + **MX_POL_NEW_ANY** is a special *condition* that stands for all of
  the above **MX_NEW** condtions such as **MX_POL_NEW_VMO**,
  **MX_POL_NEW_CHANNEL**, **MX_POL_NEW_EVENT**, **MX_POL_NEW_EVPAIR**,
@@ -24,10 +24,15 @@ mx_status_t sys_timer_create(uint32_t options, uint32_t clock_id, user_ptr<mx_ha
    if (clock_id != MX_CLOCK_MONOTONIC)
        return MX_ERR_INVALID_ARGS;

+    auto up = ProcessDispatcher::GetCurrent();
+    mx_status_t result = up->QueryPolicy(MX_POL_NEW_TIMER);
+    if (result != MX_OK)
+        return result;
+
    fbl::RefPtr<Dispatcher> dispatcher;
    mx_rights_t rights;

-    mx_status_t result = TimerDispatcher::Create(options, &dispatcher, &rights);
+    result = TimerDispatcher::Create(options, &dispatcher, &rights);

    if (result != MX_OK)
        return result;
@@ -36,7 +41,6 @@ mx_status_t sys_timer_create(uint32_t options, uint32_t clock_id, user_ptr<mx_ha
    if (!handle)
        return MX_ERR_NO_MEMORY;

-    auto up = ProcessDispatcher::GetCurrent();
    mx_handle_t hv = up->MapHandleToValue(handle);

    if (_out.copy_to_user(hv) != MX_OK)
@@ -42,7 +42,8 @@ union Encoding {
        uint64_t new_port        :  4;
        uint64_t new_socket      :  4;
        uint64_t new_fifo        :  4;
-        uint64_t unused_bits     : 23;
+        uint64_t new_timer       :  4;
+        uint64_t unused_bits     : 19;
        uint64_t cookie_mode     :  1;  // see kPolicyInCookie.
    };

@@ -61,7 +62,7 @@ constexpr uint32_t kPolicyActionValidBits =
 static_assert(sizeof(Encoding) == sizeof(pol_cookie_t), "bitfield issue");

 // Make sure that adding new policies forces updating this file.
-static_assert(MX_POL_MAX == 11u, "please update PolicyManager AddPolicy and QueryBasicPolicy");
+static_assert(MX_POL_MAX == 12u, "please update PolicyManager AddPolicy and QueryBasicPolicy");

 PolicyManager* PolicyManager::Create(uint32_t default_action) {
    fbl::AllocChecker ac;
@@ -111,7 +112,7 @@ mx_status_t PolicyManager::AddPolicy(

        if (in.condition == MX_POL_NEW_ANY) {
            // loop over all MX_POL_NEW_xxxx conditions.
-            for (uint32_t it = MX_POL_NEW_VMO; it <= MX_POL_NEW_FIFO; ++it) {
+            for (uint32_t it = MX_POL_NEW_VMO; it <= MX_POL_NEW_TIMER; ++it) {
                if ((res = AddPartial(mode, existing_policy, it, in.policy, &partials[it])) < 0)
                    return res;
            }
@@ -149,6 +150,7 @@ uint32_t PolicyManager::QueryBasicPolicy(pol_cookie_t policy, uint32_t condition
    case MX_POL_NEW_PORT: return GetEffectiveAction(existing.new_port);
    case MX_POL_NEW_SOCKET: return GetEffectiveAction(existing.new_socket);
    case MX_POL_NEW_FIFO: return GetEffectiveAction(existing.new_fifo);
+    case MX_POL_NEW_TIMER: return GetEffectiveAction(existing.new_fifo);
    case MX_POL_VMAR_WX: return GetEffectiveAction(existing.vmar_wx);
    default: return MX_POL_ACTION_DENY;
    }
@@ -171,7 +173,7 @@ bool PolicyManager::CanSetEntry(uint64_t existing, uint32_t new_action) {
            resultant = in_pol & Encoding::kActionBits;                 \
            resultant |= Encoding::kExplicitBit;                        \
        } else if (mode == MX_JOB_POL_ABSOLUTE) {                       \
-            return MX_ERR_ALREADY_EXISTS;                                  \
+            return MX_ERR_ALREADY_EXISTS;                               \
        }                                                               \
    } while (0)

@@ -214,6 +216,9 @@ mx_status_t PolicyManager::AddPartial(uint32_t mode, pol_cookie_t existing_polic
    case MX_POL_NEW_FIFO:
        POLMAN_SET_ENTRY(mode, existing.new_fifo, policy, result.new_fifo);
        break;
+    case MX_POL_NEW_TIMER:
+        POLMAN_SET_ENTRY(mode, existing.new_timer, policy, result.new_timer);
+        break;
    default:
        return MX_ERR_NOT_SUPPORTED;
    }
@@ -27,18 +27,19 @@ typedef struct mx_policy_basic {
 } mx_policy_basic_t;

 // Conditions handled by job policy.
-#define MX_POL_BAD_HANDLE                   0u
-#define MX_POL_WRONG_OBJECT                 1u
-#define MX_POL_VMAR_WX                      2u
-#define MX_POL_NEW_ANY                      3u
-#define MX_POL_NEW_VMO                      4u
-#define MX_POL_NEW_CHANNEL                  5u
-#define MX_POL_NEW_EVENT                    6u
-#define MX_POL_NEW_EVPAIR                   7u
-#define MX_POL_NEW_PORT                     8u
-#define MX_POL_NEW_SOCKET                   9u
+#define MX_POL_BAD_HANDLE                    0u
+#define MX_POL_WRONG_OBJECT                  1u
+#define MX_POL_VMAR_WX                       2u
+#define MX_POL_NEW_ANY                       3u
+#define MX_POL_NEW_VMO                       4u
+#define MX_POL_NEW_CHANNEL                   5u
+#define MX_POL_NEW_EVENT                     6u
+#define MX_POL_NEW_EVPAIR                    7u
+#define MX_POL_NEW_PORT                      8u
+#define MX_POL_NEW_SOCKET                    9u
 #define MX_POL_NEW_FIFO                     10u
-#define MX_POL_MAX                          11u
+#define MX_POL_NEW_TIMER                    11u
+#define MX_POL_MAX                          12u

 // Policy actions.
 // MX_POL_ACTION_ALLOW and MX_POL_ACTION_DENY can be ORed with MX_POL_ACTION_EXCEPTION.