bitkeeper revision 1.208 (3eb7cc95biENxNPLM1gD4B9rpj7H_w)

Makefile:
  new file
Many files:
  Allow hypercalls from ring 3 (if permitted by ring 1).
.del-Config.in~31701845a0b06ec3:
  Delete: xenolinux-2.4.21-pre4-sparse/drivers/char/Config.in

4 files changed, 56 insertions, 26 deletions

diff --git a/xenolinux-2.4.21-pre4-sparse/arch/xeno/config.in b/xenolinux-2.4.21-pre4-sparse/arch/xeno/config.in
index 2bf874d69e..717ae0c605 100644
--- a/xenolinux-2.4.21-pre4-sparse/arch/xeno/config.in
+++ b/xenolinux-2.4.21-pre4-sparse/arch/xeno/config.in
@@ -107,7 +107,25 @@ source drivers/block/Config.in
 define_bool CONFIG_BLK_DEV_IDE_MODES n
 define_bool CONFIG_BLK_DEV_HD n
 
-source drivers/char/Config.in
+mainmenu_option next_comment
+comment 'Character devices'
+
+bool 'Xen console support' CONFIG_XEN_CONSOLE
+comment 'The options below are alpha-stage and will probably not work'
+bool 'Virtual terminal' CONFIG_VT
+if [ "$CONFIG_VT" = "y" ]; then
+   bool '  Support for console on virtual terminal' CONFIG_VT_CONSOLE
+   bool '  Support for VGA Video' CONFIG_VGA_CONSOLE
+   bool '  Support for Dummy Video (for testing)' CONFIG_DUMMY_CONSOLE
+   bool '  PS/2 mouse (aka "auxiliary device") support' CONFIG_PSMOUSE
+fi
+
+bool 'Unix98 PTY support' CONFIG_UNIX98_PTYS
+if [ "$CONFIG_UNIX98_PTYS" = "y" ]; then
+   int 'Maximum number of Unix98 PTYs in use (0-2048)' CONFIG_UNIX98_PTY_COUNT 256
+fi
+
+endmenu
 
 source fs/Config.in
 
diff --git a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/ioport.c b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/ioport.c
index c43daee3fd..b86f8ee4d5 100644
--- a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/ioport.c
+++ b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/ioport.c
@@ -15,22 +15,32 @@ asmlinkage int sys_ioperm(unsigned long from, unsigned long num, int turn_on)
 asmlinkage int sys_iopl(unsigned long unused)
 {
     struct pt_regs *regs = (struct pt_regs *)&unused;
-    unsigned int level = regs->ebx;
-    unsigned int old = (regs->eflags >> 12) & 3;
-
-    if ( !(start_info.flags & SIF_PRIVILEGED) )
+    unsigned int new_io_pl = regs->ebx & 3;
+    unsigned int old_io_pl = (regs->eflags >> 12) & 3;
+    unsigned int new_hypercall_pl = (regs->ebx >> 2) & 3;
+    unsigned int old_hypercall_pl = current->thread.hypercall_pl;
+
+    /* Need "raw I/O" privileges for direct port access. */
+    if ( (new_io_pl > old_io_pl) && 
+         (!capable(CAP_SYS_RAWIO) || !(start_info.flags & SIF_PRIVILEGED)) )
         return -EPERM;
 
-    if ( level > 3 )
-        return -EINVAL;
-    if ( (level > old) && !capable(CAP_SYS_RAWIO) )
+    /* Just need generic root/admin privileges for direct hypercall access. */
+    if ( (new_hypercall_pl > old_hypercall_pl) && !capable(CAP_SYS_ADMIN) )
         return -EPERM;
-    
-    /* Change the one on our stack for sanity's sake. */
-    regs->eflags = (regs->eflags & 0xffffcfff) | (level << 12);
+
+    /* Maintain OS privileges even if user attempts to relinquish them. */
+    if ( new_hypercall_pl == 0 )
+        new_hypercall_pl = 1;
+    if ( (new_io_pl == 0) && !(start_info.flags & SIF_PRIVILEGED) )
+        new_io_pl = 1;
+
+    /* Change our version of the privilege levels. */
+    regs->eflags = (regs->eflags & 0xffffcfff) | (old_io_pl << 12);
+    current->thread.hypercall_pl = new_hypercall_pl;
 
     /* Force the change at ring 0. */
-    HYPERVISOR_iopl(level);
+    HYPERVISOR_set_priv_levels(new_io_pl, new_hypercall_pl);
 
     return 0;
 }
diff --git a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/process.c b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/process.c
index a7c0755d38..c1764fce50 100644
--- a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/process.c
+++ b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/process.c
@@ -269,6 +269,9 @@ int copy_thread(int nr, unsigned long clone_flags, unsigned long esp,
     unlazy_fpu(current);
     struct_cpy(&p->thread.i387, &current->thread.i387);
 
+    /* We're careful with hypercall privileges. Don't allow inheritance. */
+    p->thread.hypercall_pl = 1;
+
     return 0;
 }
 
@@ -366,8 +369,9 @@ void __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
     {
         queue_multicall2(__HYPERVISOR_stack_switch, __KERNEL_DS, next->esp0);
         /* Next call will silently fail if we are a non-privileged guest OS. */
-        queue_multicall1(__HYPERVISOR_iopl, 
-                         ((((struct pt_regs *)next->esp0)-1)->eflags>>12)&3);
+        queue_multicall2(__HYPERVISOR_set_priv_levels,
+                         ((((struct pt_regs *)next->esp0)-1)->eflags>>12)&3,
+                         next->hypercall_pl);
     }
 
     /* EXECUTE ALL TASK SWITCH XEN SYSCALLS AT THIS POINT. */
diff --git a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/setup.c b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/setup.c
index 832a7a2087..cc53983f34 100644
--- a/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/setup.c
+++ b/xenolinux-2.4.21-pre4-sparse/arch/xeno/kernel/setup.c
@@ -301,23 +301,21 @@ void __init setup_arch(char **cmdline_p)
 
     paging_init();
 
-    if(start_info.flags & SIF_PRIVILEGED) {
-      // we are privileged guest os - should be able to set IOPL
-      if(HYPERVISOR_iopl(1)) {
-	panic("Unable to obtain IOPL, despite being SIF_PRIVILEGED");
-      }
+    if ( start_info.flags & SIF_PRIVILEGED ) 
+        /* We are privileged guest os - should have IO privileges. */
+        if( HYPERVISOR_set_priv_levels(1, 1) )
+            panic("Unable to obtain IOPL, despite being SIF_PRIVILEGED");
 
-    }
+    if(start_info.flags & SIF_CONSOLE)
+    {
+        if( !(start_info.flags & SIF_PRIVILEGED) )
+            panic("Xen granted us console access but not privileged status");
 
-    if(start_info.flags & SIF_CONSOLE) {
-      if(!(start_info.flags & SIF_PRIVILEGED)) {
-	panic("Xen granted us console access but not privileged status");
-      }
 #ifdef CONFIG_VT
 #if defined(CONFIG_VGA_CONSOLE)
-      conswitchp = &vga_con;
+        conswitchp = &vga_con;
 #elif defined(CONFIG_DUMMY_CONSOLE)
-      conswitchp = &dummy_con;
+        conswitchp = &dummy_con;
 #endif
 #endif
     }