![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to null.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [MW Coherent from dump] / coherent / b / kernel / coh.386|
Return to null.c CVS log | Up to [MW Coherent from dump] / coherent / b / kernel / coh.386 |
1.1 ! root 1: /* $Header: /y/coh.386/RCS/null.c,v 1.7 93/04/14 10:06:37 root Exp $ */ ! 2: /* (lgl- ! 3: * The information contained herein is a trade secret of Mark Williams ! 4: * Company, and is confidential information. It is provided under a ! 5: * license agreement, and may be copied or disclosed only under the ! 6: * terms of that agreement. Any reproduction or disclosure of this ! 7: * material without the express written authorization of Mark Williams ! 8: * Company or persuant to the license agreement is unlawful. ! 9: * ! 10: * COHERENT Version 2.3.37 ! 11: * Copyright (c) 1982, 1983, 1984. ! 12: * An unpublished work by Mark Williams Company, Chicago. ! 13: * All rights reserved. ! 14: -lgl) */ ! 15: /* ! 16: * Null and memory driver. ! 17: * Minor device 0 is /dev/null ! 18: * Minor device 1 is /dev/mem, physical memory ! 19: * Minor device 2 is /dev/kmem, kernel data ! 20: * Minor device 3 is /dev/cmos ! 21: * Minor device 4 is /dev/boot_gift ! 22: * Minor device 5 is /dev/clock ! 23: * Minor device 6 is /dev/ps ! 24: * Minor device 7 is /dev/kmemhi, virtual memory 0x8000_0000-0xFFFF_FFFF ! 25: * ! 26: * $Log: null.c,v $ ! 27: * Revision 1.7 93/04/14 10:06:37 root ! 28: * r75 ! 29: * ! 30: * Revision 1.10 93/03/02 08:16:25 bin ! 31: * kernel 73 update ! 32: * ! 33: * Revision 1.6 92/11/09 17:10:54 root ! 34: * Just before adding vio segs. ! 35: * ! 36: * Revision 1.2 92/01/06 11:59:49 hal ! 37: * Compile with cc.mwc. ! 38: * ! 39: * Revision 1.1 88/03/24 16:14:04 src ! 40: * Initial revision ! 41: * ! 42: */ ! 43: ! 44: /* ! 45: * The symbol "DANGEROUS" should be undefined for a production system. ! 46: */ ! 47: #ifdef TRACER ! 48: #define NULL_IOCTL /* Allow ioctl()s for /dev/kmem. */ ! 49: #define DANGEROUS /* Allow dangerous ioctl()s for /dev/null. */ ! 50: #endif ! 51: ! 52: #include <sys/coherent.h> ! 53: #include <sys/con.h> ! 54: #include <errno.h> ! 55: #include <sys/stat.h> ! 56: #include <sys/typed.h> ! 57: #include <sys/inode.h> ! 58: #include <sys/seg.h> ! 59: #include <sys/coh_ps.h> ! 60: #ifdef NULL_IOCTL ! 61: #include <sys/null.h> ! 62: #endif /* NULL_IOCTL */ ! 63: ! 64: /* These are minor numbers. */ ! 65: #define DEV_NULL 0 /* /dev/null */ ! 66: #define DEV_MEM 1 /* /dev/mem */ ! 67: #define DEV_KMEM 2 /* /dev/kmem */ ! 68: #define DEV_CMOS 3 /* /dev/cmos */ ! 69: #define DEV_BOOTGIFT 4 /* /dev/bootgift */ ! 70: #define DEV_CLOCK 5 /* /dev/clock */ ! 71: #define DEV_PS 6 /* /dev/ps */ ! 72: #define DEV_KMEMHI 7 /* /dev/kmemhi */ ! 73: ! 74: #define KMEMHI_BASE 0x80000000 ! 75: #define PXCOPY_LIM 4096 ! 76: ! 77: /* ! 78: * CMOS devices are limited by an 8 bit address. ! 79: */ ! 80: #define MAX_CMOS 255 ! 81: #define CMOS_LEN 256 ! 82: ! 83: /* ! 84: * The first 14 bytes of the CMOS are the clock. ! 85: */ ! 86: #define MAX_CLOCK 13 ! 87: #define CLOCK_LEN 14 ! 88: ! 89: /* ! 90: * These are definitions for mucking with the CMOS clock. ! 91: */ ! 92: #define SRA 10 /* Status Register A */ ! 93: #define SRB 11 /* Status Register B */ ! 94: #define SRC 12 /* Status Register C */ ! 95: #define SRD 13 /* Status Register D */ ! 96: ! 97: #define UIP 0x80 /* Update In Progress bit of SRA. */ ! 98: #define NO_UPD 0x80 /* No Update bit of SRB. */ ! 99: ! 100: /* ! 101: * Functions for configuration. ! 102: */ ! 103: void nlopen(); ! 104: void nlclose(); ! 105: void nlread(); ! 106: void nlwrite(); ! 107: int nlioctl(); ! 108: int nulldev(); ! 109: int nonedev(); ! 110: ! 111: /* ! 112: * Configuration table. ! 113: */ ! 114: CON nlcon ={ ! 115: DFCHR, /* Flags */ ! 116: 0, /* Major index */ ! 117: nlopen, /* Open */ ! 118: nlclose, /* Close */ ! 119: nulldev, /* Block */ ! 120: nlread, /* Read */ ! 121: nlwrite, /* Write */ ! 122: #ifdef NULL_IOCTL ! 123: nlioctl, /* Ioctl */ ! 124: #else /* NULL_IOCTL */ ! 125: nonedev, /* Ioctl */ ! 126: #endif /* NULL_IOCTL */ ! 127: nulldev, /* Powerfail */ ! 128: nulldev, /* Timeout */ ! 129: nulldev, /* Load */ ! 130: nulldev /* Unload */ ! 131: }; ! 132: ! 133: int lock_clock(); ! 134: void unlock_clock(); ! 135: ! 136: /* ! 137: * Null/memory open routine. ! 138: */ ! 139: void ! 140: nlopen(dev, mode) ! 141: dev_t dev; ! 142: int mode; ! 143: { ! 144: switch (minor(dev)) { ! 145: case DEV_PS: ! 146: /* /dev/ps is read only */ ! 147: if (IPR != (IPR & mode)) ! 148: SET_U_ERROR( EACCES, "/dev/ps is read only" ); ! 149: break; ! 150: default: ! 151: /* ! 152: * For minor devices on NULL there is ! 153: * usually no action for open(). ! 154: */ ! 155: break; ! 156: } ! 157: return; ! 158: } /* nlopen() */ ! 159: ! 160: /* ! 161: * Null/memory close routine. ! 162: */ ! 163: void ! 164: nlclose(dev, mode) ! 165: dev_t dev; ! 166: int mode; ! 167: { ! 168: /* ! 169: * For minor devices on NULL there is ! 170: * Usually no action for close(). ! 171: */ ! 172: return; ! 173: } /* nlclose() */ ! 174: ! 175: /* ! 176: * Null/memory read routine. ! 177: */ ! 178: void ! 179: nlread(dev, iop) ! 180: dev_t dev; ! 181: register IO *iop; ! 182: { ! 183: register unsigned bytesRead; ! 184: register SEG *sp; /* u area segment */ ! 185: register PROC *pp1; /* */ ! 186: char psBuf[ARGSZ]; /* buffer for command line ! 187: * arguments for ps. */ ! 188: stMonitor psData; /* All process data for */ ! 189: UPROC *uprc; /* pointer to u area */ ! 190: int ndpUseg; /* System global address ! 191: * of U segment */ ! 192: unsigned int seek; ! 193: unsigned char read_cmos(); ! 194: extern typed_space boot_gift; ! 195: ! 196: switch (minor(dev)) { ! 197: case DEV_NULL: ! 198: /* ! 199: * Read nothing. ! 200: * Do NOT update iop->io_ioc. ! 201: * This way, caller knows 0 bytes were read. ! 202: */ ! 203: break; ! 204: ! 205: case DEV_MEM: ! 206: while (iop->io_ioc) { ! 207: int src = iop->io_seek; ! 208: int dest = iop->io.pbase; ! 209: int numBytes = PXCOPY_LIM; ! 210: if (numBytes > iop->io_ioc) ! 211: numBytes = iop->io_ioc; ! 212: ! 213: bytesRead = pxcopy(src, dest, numBytes, SEG_386_UD); ! 214: src += bytesRead; ! 215: dest += bytesRead; ! 216: iop->io_ioc -= bytesRead; ! 217: if (u.u_error == EFAULT) { ! 218: u.u_error = 0; ! 219: break; ! 220: } ! 221: } ! 222: break; ! 223: ! 224: case DEV_KMEM: ! 225: iowrite(iop, iop->io_seek, iop->io_ioc); ! 226: if (u.u_error == EFAULT) ! 227: u.u_error = 0; ! 228: break; ! 229: ! 230: case DEV_CLOCK: ! 231: /* ! 232: * Don't go past the end of the CLOCK. ! 233: */ ! 234: if (iop->io_seek >= CLOCK_LEN) ! 235: break; ! 236: ! 237: /* ! 238: * Lock the clock before any reading. ! 239: */ ! 240: if (lock_clock() == 0) { ! 241: SET_U_ERROR(EIO, "RT clock will not settle."); ! 242: break; ! 243: } ! 244: ! 245: /* ! 246: * Read the requested data out of the CMOS. ! 247: */ ! 248: for (seek = iop->io_seek; seek < CLOCK_LEN; seek++) { ! 249: if(ioputc(read_cmos(seek), iop) == -1) ! 250: break; ! 251: } ! 252: ! 253: /* ! 254: * Now that we are done reading the CMOS, let ! 255: * the clock loose. ! 256: */ ! 257: unlock_clock(); ! 258: break; ! 259: ! 260: case DEV_CMOS: ! 261: /* ! 262: * Don't go past the end of the CMOS. ! 263: */ ! 264: if (iop->io_seek >= CMOS_LEN) ! 265: break; ! 266: ! 267: /* ! 268: * Read the requested data out of the CMOS. ! 269: */ ! 270: for (seek = iop->io_seek; seek < CMOS_LEN; seek++) { ! 271: if(ioputc(read_cmos(seek), iop) == -1) ! 272: break; ! 273: } ! 274: break; ! 275: ! 276: case DEV_BOOTGIFT: ! 277: /* ! 278: * Reads all from the data structure boot_gift. ! 279: */ ! 280: if (iop->io_seek < BG_LEN) { ! 281: bytesRead = iop->io_ioc; ! 282: /* ! 283: * Copy no more than to the end of boot_gift. ! 284: */ ! 285: if (iop->io_seek + bytesRead > BG_LEN) { ! 286: bytesRead = BG_LEN - (iop->io_seek); ! 287: } ! 288: ! 289: iowrite(iop, ! 290: (char *)(&boot_gift) + iop->io_seek, ! 291: bytesRead); ! 292: } ! 293: break; ! 294: ! 295: case DEV_PS: ! 296: /* Lock the process table. It allows to have an atomic ps. */ ! 297: lock(pnxgate); ! 298: /* Main driver loop. Go through all processes. Fill struct PS ! 299: * and send put to user buffer. ! 300: */ ! 301: for (pp1 = &procq; (pp1=pp1->p_nforw) != &procq; ) { ! 302: register int i; /* loop index */ ! 303: register unsigned uLen, /* Process size */ ! 304: uLenR; /* Real process size */ ! 305: int work; /* virtual click number */ ! 306: ! 307: /* Check if driver can send next proc data */ ! 308: if ( iop->io_ioc < sizeof(stMonitor)) ! 309: break; ! 310: ! 311: /* Calculate the size of process. */ ! 312: uLen = uLenR = 0; ! 313: for (i = 0; i < NUSEG + 1; i++) { ! 314: if ((sp=pp1->p_segp[i]) == NULL) ! 315: continue; ! 316: uLenR += sp->s_size; ! 317: if (i == SIUSERP || i == SIAUXIL) ! 318: continue; ! 319: uLen += sp->s_size; ! 320: ! 321: } ! 322: ! 323: /* Find u area for process pp1 */ ! 324: sp = pp1->p_segp[SIUSERP]; ! 325: ndpUseg = MAPIO(sp->s_vmem, U_OFFSET); ! 326: work = workAlloc(); ! 327: ptable1_v[work] = ! 328: sysmem.u.pbase[btocrd(ndpUseg)] | SEG_RW; ! 329: mmuupd(); ! 330: uprc = (UPROC *) (ctob(work) + U_OFFSET); ! 331: kkcopy(uprc->u_comm, psData.u_comm, ARGSZ); ! 332: kkcopy(uprc->u_sleep, psData.u_sleep, U_SLEEP_LEN); ! 333: workFree(work); ! 334: ! 335: /* fill up stMonitor */ ! 336: psData.p_pid = pp1->p_pid; ! 337: psData.p_ppid = pp1->p_ppid; ! 338: psData.p_uid = pp1->p_uid; ! 339: psData.p_ruid = pp1->p_ruid; ! 340: psData.p_rgid = pp1->p_rgid; ! 341: psData.p_state = pp1->p_state; ! 342: psData.p_flags = pp1->p_flags; ! 343: psData.rrun = (char *) pp1 != pp1->p_event; ! 344: psData.p_event = pp1->p_event; ! 345: psData.p_ttdev = pp1->p_ttdev; ! 346: psData.p_nice = pp1->p_nice; ! 347: psData.size = (short) (uLen>>10); ! 348: psData.rsize = (short) (uLenR>>10); ! 349: psData.p_schedPri = pp1->p_schedPri; ! 350: psData.p_utime = pp1->p_utime; ! 351: psData.p_stime = pp1->p_stime; ! 352: kkcopy(psBuf, psData.pr_argv, ARGSZ); ! 353: /* send data to user */ ! 354: iowrite(iop, (char *) &psData, sizeof(stMonitor)); ! 355: } ! 356: unlock(pnxgate); ! 357: break; ! 358: case DEV_KMEMHI: ! 359: iowrite(iop, iop->io_seek - KMEMHI_BASE, iop->io_ioc); ! 360: if (u.u_error == EFAULT) ! 361: u.u_error = 0; ! 362: break; ! 363: default: ! 364: SET_U_ERROR(ENXIO, "nlread(): illegal minor device for null"); ! 365: } ! 366: return; ! 367: } ! 368: ! 369: /* ! 370: * Null/memory write routine. ! 371: */ ! 372: void ! 373: nlwrite(dev, iop) ! 374: dev_t dev; ! 375: register IO *iop; ! 376: { ! 377: register unsigned bytesWrit; ! 378: unsigned write_cmos(); ! 379: unsigned seek; ! 380: int ch; ! 381: ! 382: switch (minor(dev)) { ! 383: case DEV_NULL: ! 384: /* ! 385: * Tell caller all bytes were written. ! 386: */ ! 387: iop->io_ioc = 0; ! 388: break; ! 389: ! 390: case DEV_MEM: ! 391: while(iop->io_ioc) { ! 392: int src = iop->io.pbase; ! 393: int dest = iop->io_seek; ! 394: int numBytes = PXCOPY_LIM; ! 395: if (numBytes > iop->io_ioc) ! 396: numBytes = iop->io_ioc; ! 397: ! 398: bytesWrit = xpcopy(src, dest, numBytes, SEG_386_UD); ! 399: src += bytesWrit; ! 400: dest += bytesWrit; ! 401: iop->io_ioc -= bytesWrit; ! 402: if (u.u_error == EFAULT) { ! 403: u.u_error = 0; ! 404: break; ! 405: } ! 406: } ! 407: break; ! 408: ! 409: case DEV_KMEM: ! 410: ioread(iop, iop->io_seek, iop->io_ioc); ! 411: break; ! 412: ! 413: case DEV_CLOCK: ! 414: /* ! 415: * Don't go past the end of the CLOCK. ! 416: */ ! 417: if (iop->io_seek >= CLOCK_LEN) ! 418: break; ! 419: ! 420: /* ! 421: * Lock the clock before any writing. ! 422: */ ! 423: if (lock_clock() == 0) { ! 424: SET_U_ERROR(EIO, "RT clock will not settle."); ! 425: break; ! 426: } ! 427: ! 428: /* ! 429: * Write the requested data into the CMOS. ! 430: */ ! 431: for (seek = iop->io_seek; seek < CLOCK_LEN; seek++) { ! 432: if((ch = iogetc(iop)) == -1) ! 433: break; ! 434: write_cmos(seek, ch); ! 435: } ! 436: ! 437: /* ! 438: * Now that we are done writing the CMOS, let ! 439: * the clock loose. ! 440: */ ! 441: unlock_clock(); ! 442: break; ! 443: ! 444: case DEV_CMOS: ! 445: /* ! 446: * Don't go past the end of the CMOS. ! 447: */ ! 448: if (iop->io_seek >= CMOS_LEN) ! 449: break; ! 450: ! 451: /* ! 452: * Write the requested data into the CMOS. ! 453: */ ! 454: for (seek = iop->io_seek; seek < CMOS_LEN; seek++) { ! 455: if((ch = iogetc(iop)) == -1) ! 456: break; ! 457: write_cmos(seek, ch); ! 458: } ! 459: break; ! 460: ! 461: case DEV_BOOTGIFT: ! 462: /* ! 463: * /dev/bootgift is not writable. ! 464: */ ! 465: break; ! 466: ! 467: case DEV_PS: ! 468: /* We should not be able to open /dev/ps to write. ! 469: * Just paranoya. ! 470: */ ! 471: break; ! 472: ! 473: case DEV_KMEMHI: ! 474: ioread(iop, iop->io_seek - KMEMHI_BASE, iop->io_ioc); ! 475: break; ! 476: ! 477: default: ! 478: SET_U_ERROR(ENXIO, ! 479: "nlwrite(): illegal minor device for null"); ! 480: } ! 481: return; ! 482: } ! 483: ! 484: #ifdef NULL_IOCTL /* Includes all of nlioctl(). */ ! 485: ! 486: /* ! 487: * Do an ioctl call for /dev/null. ! 488: */ ! 489: int ! 490: nlioctl(dev, cmd, vec) ! 491: dev_t dev; ! 492: int cmd; ! 493: char * vec; ! 494: { ! 495: /* Only /dev/kmem has an ioctl. */ ! 496: switch (minor(dev)) { ! 497: case DEV_KMEM: ! 498: switch (cmd) { ! 499: #ifdef DANGEROUS ! 500: case NLCALL: /* Call a function. */ ! 501: return docall(vec); ! 502: #endif /* DANGEROUS */ ! 503: default: ! 504: SET_U_ERROR(EINVAL, ! 505: "nioctl(): illegal command for kmem"); ! 506: return(-1); ! 507: } ! 508: default: ! 509: SET_U_ERROR(EINVAL, "illegal minor device for null ioctl"); ! 510: return (-1); ! 511: } /* switch on minor device */ ! 512: ! 513: } /* nlioctl() */ ! 514: ! 515: #endif /* NULL_IOCTL */ ! 516: ! 517: #ifdef DANGEROUS /* Includes all of docall(). */ ! 518: /* ! 519: * MASSIVE SECURITY HOLE! This should NOT be included in a distribution ! 520: * system. Among other problems, it becomes possible to do "setuid(0)". ! 521: * ! 522: * Call a function with arguments. ! 523: * ! 524: * Takes an array of unsigned ints. The first element is the length of ! 525: * the whole array, the second element is a pointer to the function to ! 526: * call, all other elements are arguments. At most 5 arguments may be ! 527: * passed. ! 528: * ! 529: * Returns the return value of the called fuction in uvec[0]. ! 530: */ ! 531: int ! 532: docall(uvec) ! 533: unsigned uvec[]; ! 534: { ! 535: int (* func)(); ! 536: unsigned kvec[7]; ! 537: int retval; ! 538: ! 539: printf("NLCALL security hole.\n"); ! 540: ! 541: /* Fetch the first element of vec. */ ! 542: ukcopy(uvec, kvec, sizeof(unsigned)); ! 543: ! 544: if ((kvec[0] < 2) || (kvec[0] > 7)) { ! 545: /* Invalid number of elements in uvec. */ ! 546: SET_U_ERROR(EINVAL, "Invalid number of elements in uvec"); ! 547: return(-1); ! 548: } ! 549: ! 550: /* Fetch the whole vector. */ ! 551: ukcopy(uvec, kvec, kvec[0] * sizeof(unsigned)); ! 552: ! 553: /* Extract the function. */ ! 554: func = (int (*)()) kvec[1]; ! 555: ! 556: /* Call the function with all arguments. */ ! 557: retval = (*func)(kvec[2], kvec[3], kvec[4], kvec[5], kvec[6]); ! 558: ! 559: kucopy(&retval, uvec, sizeof(unsigned)); ! 560: ! 561: } /* docall() */ ! 562: ! 563: #endif /* DANGEROUS */ ! 564: ! 565: /* ! 566: * int lock_clock() -- Stop the update cycle on the CMOS RT clock and ! 567: * wait for it to settle. Returns 0 if the clock would not settle ! 568: * in time. ! 569: */ ! 570: int ! 571: lock_clock() ! 572: { ! 573: register int i; ! 574: ! 575: /* ! 576: * Wait for the clock to settle. If it does not settle in ! 577: * a reasonable amount of time, give up. ! 578: */ ! 579: i = 65536; /* Loop for a longish time. */ ! 580: while (--i > 0) { ! 581: if (0 == (UIP & read_cmos(SRA))) { ! 582: break; /* Break if there is no update in progress. */ ! 583: } ! 584: } ! 585: ! 586: if (0 == i) { ! 587: /* The clock would not settle. */ ! 588: return 0; ! 589: } ! 590: ! 591: /* ! 592: * There is a tiny race here--an interrupt could conceivably ! 593: * come here, thus allowing enough delay for another update to ! 594: * begin. But if we take interrupts that take a full second ! 595: * to process, other things are going to break horribly. ! 596: */ ! 597: ! 598: /* ! 599: * Lock out updates. ! 600: * We set the No Updates bit in Clock Status Register B. ! 601: */ ! 602: write_cmos(SRB, (NO_UPD | read_cmos(SRB))); ! 603: ! 604: return 1; ! 605: } /* lock_clock() */ ! 606: ! 607: /* ! 608: * void unlock_clock() -- Restart the update cycle on the CMOS RT clock. ! 609: */ ! 610: void ! 611: unlock_clock() ! 612: { ! 613: /* ! 614: * We clear the No Updates bit in Clock Status Register B. ! 615: */ ! 616: write_cmos(SRB, ((~ NO_UPD) & read_cmos(SRB))); ! 617: } /* unlock_clock() */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.