kern: mac: Add MAC resource querying

Introduce a feature where a program with the correct rights may get
information about a MAC object

Signed-off-by: Ian Moffett <ian@osmora.org>

5 files changed, 72 insertions, 2 deletions

diff --git a/src/sys/compat/unix/os/os_mac.c b/src/sys/compat/unix/os/os_mac.c
index 8180090..be0ec84 100644
--- a/src/sys/compat/unix/os/os_mac.c
+++ b/src/sys/compat/unix/os/os_mac.c
@@ -65,3 +65,47 @@ sys_cross(struct syscall_args *scargs)
 
     return mac_map(bop, off, len, res, flags);
 }
+
+/*
+ * ARG0: Border ID (BORDER_*)
+ * ARG1: Data
+ * ARG2: Data length
+ * ARG3: Optional flags
+ *
+ * Returns int (0 on success)
+ */
+scret_t
+sys_query(struct syscall_args *scargs)
+{
+    border_id_t bd = SCARG(scargs, border_id_t, 0);
+    void *u_data = SCARG(scargs, void *, 1);
+    size_t u_datalen = SCARG(scargs, size_t, 2);
+    int flags = SCARG(scargs, int, 3);
+    struct mac_border *bop;
+    struct mac_ops *ops;
+    struct proc *self = proc_self();
+    int error;
+
+    bop = mac_get_border(bd);
+    if (bop == NULL) {
+        return -EIO;
+    }
+
+    /* Can we even touch this? */
+    error = mac_check_creds(self, bop);
+    if (error < 0) {
+        return error;
+    }
+
+    error = proc_check_addr(self, (uintptr_t)u_data, u_datalen);
+    if (error < 0) {
+        return error;
+    }
+
+    /* We need the operations vector */
+    if ((ops = bop->ops) == NULL) {
+        return -EIO;
+    }
+
+    return ops->getattr(bop, u_data, u_datalen);
+}
diff --git a/src/sys/include/compat/unix/syscall.h b/src/sys/include/compat/unix/syscall.h
index 88c86ba..d39f627 100644
--- a/src/sys/include/compat/unix/syscall.h
+++ b/src/sys/include/compat/unix/syscall.h
@@ -49,12 +49,18 @@ scret_t sys_write(struct syscall_args *scargs);
  */
 scret_t sys_cross(struct syscall_args *scargs);
 
+/*
+ * Query a syscall border - L5 mandatory
+ */
+scret_t sys_query(struct syscall_args *scargs);
+
 #ifdef _NEED_UNIX_SCTAB
 scret_t(*g_unix_sctab[])(struct syscall_args *) = {
     [SYS_none]   = NULL,
     [SYS_exit]   = sys_exit,
     [SYS_write]  = sys_write,
-    [SYS_cross]  = sys_cross
+    [SYS_cross]  = sys_cross,
+    [SYS_query]  = sys_query
 };
 
 #endif  /* !_NEED_UNIX_SCTAB */
diff --git a/src/sys/include/sys/mac.h b/src/sys/include/sys/mac.h
index 4bd46c0..72c0ba2 100644
--- a/src/sys/include/sys/mac.h
+++ b/src/sys/include/sys/mac.h
@@ -61,5 +61,15 @@ ssize_t cross(
     int flags, void *res
 );
 
+/*
+ * Query a resource border
+ *
+ * @id: Border ID
+ * @buf: Buffer to store data
+ * @len: Length of buffer
+ * @flags: Optional flags
+ */
+int query(border_id_t id, void *buf, size_t len, int flags);
+
 #endif  /* _KERNEL */
 #endif  /* !_SYS_MAC_H_ */
diff --git a/src/sys/include/sys/syscall.h b/src/sys/include/sys/syscall.h
index 5ec48c3..215ea22 100644
--- a/src/sys/include/sys/syscall.h
+++ b/src/sys/include/sys/syscall.h
@@ -47,6 +47,7 @@
 #define SYS_write       0x02
 #define SYS_cross       0x03    /* cross a border (mandatory) */
 #define SYS_sigaction   0x04
+#define SYS_query       0x05    /* query a border (mandatory) */
 
 typedef __ssize_t scret_t;
 typedef __ssize_t scarg_t;
diff --git a/src/sys/io/video/fbdev.c b/src/sys/io/video/fbdev.c
index 1464f0c..9ebad7a 100644
--- a/src/sys/io/video/fbdev.c
+++ b/src/sys/io/video/fbdev.c
@@ -39,6 +39,7 @@
 #include <io/video/fbdev.h>
 #include <vm/map.h>
 #include <vm/mmu.h>
+#include <string.h>
 
 static struct fb_info info;
 
@@ -88,6 +89,14 @@ fbdev_map(struct mac_border *mbp, struct mac_map_args *args)
 }
 
 static int
+fbdev_getattr(struct mac_border *mbp, void *p, size_t len)
+{
+    len = MIN(len, sizeof(struct fb_info));
+    memcpy(p, &info, len);
+    return 0;
+}
+
+static int
 fbdev_init(struct module *modp)
 {
     struct bootvar_fb *fbvar;
@@ -123,7 +132,7 @@ fbdev_init(struct module *modp)
 static struct mac_ops ops = {
     .map = fbdev_map,
     .sync = NULL,
-    .getattr = NULL
+    .getattr = fbdev_getattr
 };
 
 struct mac_border g_fbdev_border = {