blob: e5e1ad822a7bc9649359edb751851b9c041dbad1 [file] [log] [blame]
// SPDX-License-Identifier: Apache-2.0
// Copyright (C) 2018 IBM Corp.
#include "config.h"
extern "C" {
#include "mboxd.h"
#include "protocol.h"
#include "vpnor/protocol.h"
}
#include "vpnor/pnor_partition_table.hpp"
/* XXX: Maybe this should be a method on a class? */
static bool vpnor_partition_is_readonly(const pnor_partition &part)
{
return part.data.user.data[1] & PARTITION_READONLY;
}
typedef int (*create_window_fn)(struct mbox_context *context,
struct protocol_create_window *io);
static int generic_vpnor_create_window(struct mbox_context *context,
struct protocol_create_window *io,
create_window_fn create_window)
{
if (io->req.ro)
{
return create_window(context, io);
}
/* Only allow write windows on regions mapped by the ToC as writeable */
size_t offset = io->req.offset;
offset <<= context->block_size_shift;
try
{
const pnor_partition &part = context->vpnor->table->partition(offset);
if (vpnor_partition_is_readonly(part))
{
return -EPERM;
}
}
catch (const openpower::virtual_pnor::UnmappedOffset &e)
{
/*
* Writes to unmapped areas are not meaningful, so deny the request.
* This removes the ability for a compromised host to abuse unused
* space if any data was to be persisted (which it isn't).
*/
return -EACCES;
}
return create_window(context, io);
}
int protocol_v1_vpnor_create_window(struct mbox_context *context,
struct protocol_create_window *io)
{
return generic_vpnor_create_window(context, io, protocol_v1_create_window);
}
int protocol_v2_vpnor_create_window(struct mbox_context *context,
struct protocol_create_window *io)
{
return generic_vpnor_create_window(context, io, protocol_v2_create_window);
}