Kernel: Move process extra_gids into protected data :^)

Kernel/Process.cpp

@@ -110,7 +110,7 @@ NonnullRefPtrVector<Process> Process::all_processes()
 
 bool Process::in_group(gid_t gid) const
 {
-    return this->gid() == gid || m_extra_gids.contains_slow(gid);
+    return this->gid() == gid || extra_gids().contains_slow(gid);
 }
 
 void Process::kill_threads_except_self()

Kernel/Process.h

@@ -121,6 +121,7 @@ class Process
         gid_t gid { 0 };
         uid_t suid { 0 };
         gid_t sgid { 0 };
+        Vector<gid_t> extra_gids;
     };
 
     // Helper class to temporarily unprotect a process's protected data so you can write to it.
@@ -201,7 +202,7 @@ public:
     bool is_session_leader() const { return protected_data().sid.value() == protected_data().pid.value(); }
     ProcessGroupID pgid() const { return m_pg ? m_pg->pgid() : 0; }
     bool is_group_leader() const { return pgid().value() == protected_data().pid.value(); }
-    Span<const gid_t> extra_gids() const { return m_extra_gids; }
+    const Vector<gid_t>& extra_gids() const { return protected_data().extra_gids; }
     uid_t euid() const { return protected_data().euid; }
     gid_t egid() const { return protected_data().egid; }
     uid_t uid() const { return protected_data().uid; }
@@ -591,8 +592,6 @@ private:
 
     bool m_dumpable { true };
 
-    Vector<gid_t> m_extra_gids;
-
     WeakPtr<Region> m_master_tls_region;
     size_t m_master_tls_size { 0 };
     size_t m_master_tls_alignment { 0 };

Kernel/Syscalls/fork.cpp

@@ -50,12 +50,12 @@ KResultOr<pid_t> Process::sys$fork(RegisterState& regs)
     child->m_fds = m_fds;
     child->m_pg = m_pg;
     child->m_umask = m_umask;
-    child->m_extra_gids = m_extra_gids;
     child->m_signal_trampoline = m_signal_trampoline;
 
     {
         MutableProtectedData child_data { *child };
         child_data->sid = this->sid();
+        child_data->extra_gids = this->extra_gids();
     }
 
     dbgln_if(FORK_DEBUG, "fork: child={}", child);

Kernel/Syscalls/getuid.cpp

@@ -74,11 +74,11 @@ KResultOr<int> Process::sys$getgroups(ssize_t count, Userspace<gid_t*> user_gids
     if (count < 0)
         return EINVAL;
     if (!count)
-        return m_extra_gids.size();
-    if (count != (int)m_extra_gids.size())
+        return extra_gids().size();
+    if (count != (int)extra_gids().size())
         return EINVAL;
 
-    if (!copy_to_user(user_gids, m_extra_gids.data(), sizeof(gid_t) * count))
+    if (!copy_to_user(user_gids, extra_gids().data(), sizeof(gid_t) * count))
         return EFAULT;
 
     return 0;

Kernel/Syscalls/setuid.cpp

@@ -148,7 +148,7 @@ KResultOr<int> Process::sys$setgroups(ssize_t count, Userspace<const gid_t*> use
         return EPERM;
 
     if (!count) {
-        m_extra_gids.clear();
+        MutableProtectedData(*this)->extra_gids.clear();
         return 0;
     }
 
@@ -163,12 +163,13 @@ KResultOr<int> Process::sys$setgroups(ssize_t count, Userspace<const gid_t*> use
             unique_extra_gids.set(extra_gid);
     }
 
-    m_extra_gids.resize(unique_extra_gids.size());
+    MutableProtectedData protected_data { *this };
+    protected_data->extra_gids.resize(unique_extra_gids.size());
     size_t i = 0;
     for (auto& extra_gid : unique_extra_gids) {
         if (extra_gid == gid())
             continue;
-        m_extra_gids[i++] = extra_gid;
+        protected_data->extra_gids[i++] = extra_gid;
     }
     return 0;
 }