2020-01-18 08:38:21 +00:00
|
|
|
/*
|
|
|
|
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions are met:
|
|
|
|
*
|
|
|
|
* 1. Redistributions of source code must retain the above copyright notice, this
|
|
|
|
* list of conditions and the following disclaimer.
|
|
|
|
*
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright notice,
|
|
|
|
* this list of conditions and the following disclaimer in the documentation
|
|
|
|
* and/or other materials provided with the distribution.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
|
|
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
|
|
|
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
|
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
#pragma once
|
|
|
|
|
2020-02-16 01:01:42 +00:00
|
|
|
#include <AK/HashMap.h>
|
2019-05-28 09:53:16 +00:00
|
|
|
#include <AK/InlineLinkedList.h>
|
2020-02-16 01:01:42 +00:00
|
|
|
#include <AK/NonnullOwnPtrVector.h>
|
2019-09-27 12:19:07 +00:00
|
|
|
#include <AK/String.h>
|
2019-01-31 06:02:40 +00:00
|
|
|
#include <AK/Weakable.h>
|
2020-02-16 01:01:42 +00:00
|
|
|
#include <Kernel/FileSystem/InodeMetadata.h>
|
2020-02-16 00:50:16 +00:00
|
|
|
#include <Kernel/Forward.h>
|
2019-05-28 09:53:16 +00:00
|
|
|
#include <Kernel/Lock.h>
|
2019-04-21 10:33:14 +00:00
|
|
|
#include <Kernel/Syscall.h>
|
2019-03-23 21:03:17 +00:00
|
|
|
#include <Kernel/Thread.h>
|
2019-05-28 09:53:16 +00:00
|
|
|
#include <Kernel/UnixTypes.h>
|
|
|
|
#include <Kernel/VM/RangeAllocator.h>
|
2019-05-26 00:08:51 +00:00
|
|
|
#include <LibC/signal_numbers.h>
|
2018-10-16 09:01:38 +00:00
|
|
|
|
2019-05-16 15:18:25 +00:00
|
|
|
class ELFLoader;
|
2020-02-16 00:27:42 +00:00
|
|
|
|
|
|
|
namespace Kernel {
|
|
|
|
|
2019-06-06 15:46:41 +00:00
|
|
|
timeval kgettimeofday();
|
2019-03-13 12:13:23 +00:00
|
|
|
void kgettimeofday(timeval&);
|
|
|
|
|
2019-07-19 15:01:16 +00:00
|
|
|
extern VirtualAddress g_return_to_ring3_from_signal_trampoline;
|
|
|
|
|
2020-01-11 19:48:43 +00:00
|
|
|
#define ENUMERATE_PLEDGE_PROMISES \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(stdio) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(rpath) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(wpath) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(cpath) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(dpath) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(inet) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(id) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(proc) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(exec) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(unix) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(fattr) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(tty) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(chown) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(chroot) \
|
|
|
|
__ENUMERATE_PLEDGE_PROMISE(thread) \
|
2020-01-12 01:17:30 +00:00
|
|
|
__ENUMERATE_PLEDGE_PROMISE(video) \
|
2020-01-17 10:12:06 +00:00
|
|
|
__ENUMERATE_PLEDGE_PROMISE(accept) \
|
2020-01-11 19:48:43 +00:00
|
|
|
__ENUMERATE_PLEDGE_PROMISE(shared_buffer)
|
|
|
|
|
|
|
|
enum class Pledge : u32 {
|
|
|
|
#define __ENUMERATE_PLEDGE_PROMISE(x) x,
|
|
|
|
ENUMERATE_PLEDGE_PROMISES
|
|
|
|
#undef __ENUMERATE_PLEDGE_PROMISE
|
|
|
|
};
|
|
|
|
|
2020-01-21 18:28:29 +00:00
|
|
|
enum class VeilState {
|
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of
incremental relinquishing of capabilities for filesystem access.
The first call to unveil() will "drop a veil" on the process, and from
now on, only unveiled parts of the filesystem are visible to it.
Each call to unveil() specifies a path to either a directory or a file
along with permissions for that path. The permissions are a combination
of the following:
- r: Read access (like the "rpath" promise)
- w: Write access (like the "wpath" promise)
- x: Execute access
- c: Create/remove access (like the "cpath" promise)
Attempts to open a path that has not been unveiled with fail with
ENOENT. If the unveiled path lacks sufficient permissions, it will fail
with EACCES.
Like pledge(), subsequent calls to unveil() with the same path can only
remove permissions, not add them.
Once you call unveil(nullptr, nullptr), the veil is locked, and it's no
longer possible to unveil any more paths for the process, ever.
This concept comes from OpenBSD, and their implementation does various
things differently, I'm sure. This is just a first implementation for
SerenityOS, and we'll keep improving on it as we go. :^)
2020-01-20 21:12:04 +00:00
|
|
|
None,
|
2020-01-21 18:28:29 +00:00
|
|
|
Dropped,
|
|
|
|
Locked,
|
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of
incremental relinquishing of capabilities for filesystem access.
The first call to unveil() will "drop a veil" on the process, and from
now on, only unveiled parts of the filesystem are visible to it.
Each call to unveil() specifies a path to either a directory or a file
along with permissions for that path. The permissions are a combination
of the following:
- r: Read access (like the "rpath" promise)
- w: Write access (like the "wpath" promise)
- x: Execute access
- c: Create/remove access (like the "cpath" promise)
Attempts to open a path that has not been unveiled with fail with
ENOENT. If the unveiled path lacks sufficient permissions, it will fail
with EACCES.
Like pledge(), subsequent calls to unveil() with the same path can only
remove permissions, not add them.
Once you call unveil(nullptr, nullptr), the veil is locked, and it's no
longer possible to unveil any more paths for the process, ever.
This concept comes from OpenBSD, and their implementation does various
things differently, I'm sure. This is just a first implementation for
SerenityOS, and we'll keep improving on it as we go. :^)
2020-01-20 21:12:04 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
struct UnveiledPath {
|
|
|
|
enum Access {
|
|
|
|
Read = 1,
|
|
|
|
Write = 2,
|
|
|
|
Execute = 4,
|
|
|
|
CreateOrRemove = 8,
|
|
|
|
};
|
|
|
|
|
|
|
|
String path;
|
|
|
|
unsigned permissions { 0 };
|
|
|
|
};
|
|
|
|
|
2019-05-28 09:53:16 +00:00
|
|
|
class Process : public InlineLinkedListNode<Process>
|
|
|
|
, public Weakable<Process> {
|
2018-11-01 12:15:46 +00:00
|
|
|
friend class InlineLinkedListNode<Process>;
|
2019-03-23 21:03:17 +00:00
|
|
|
friend class Thread;
|
2019-05-28 09:53:16 +00:00
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
public:
|
2019-12-22 10:35:02 +00:00
|
|
|
static Process* create_kernel_process(Thread*& first_thread, String&& name, void (*entry)());
|
|
|
|
static Process* create_user_process(Thread*& first_thread, const String& path, uid_t, gid_t, pid_t ppid, int& error, Vector<String>&& arguments = Vector<String>(), Vector<String>&& environment = Vector<String>(), TTY* = nullptr);
|
2018-11-01 12:15:46 +00:00
|
|
|
~Process();
|
2018-10-23 10:44:46 +00:00
|
|
|
|
2019-02-03 11:33:11 +00:00
|
|
|
static Vector<pid_t> all_pids();
|
2019-01-31 16:31:23 +00:00
|
|
|
static Vector<Process*> all_processes();
|
2018-10-16 09:01:38 +00:00
|
|
|
|
2019-12-11 19:36:56 +00:00
|
|
|
bool is_profiling() const { return m_profiling; }
|
|
|
|
void set_profiling(bool profiling) { m_profiling = profiling; }
|
|
|
|
|
2019-08-08 12:56:50 +00:00
|
|
|
enum RingLevel : u8 {
|
2018-10-16 09:01:38 +00:00
|
|
|
Ring0 = 0,
|
|
|
|
Ring3 = 3,
|
|
|
|
};
|
|
|
|
|
2019-08-07 19:52:43 +00:00
|
|
|
KBuffer backtrace(ProcessInspectionHandle&) const;
|
2019-07-25 19:02:19 +00:00
|
|
|
|
2019-03-24 00:20:35 +00:00
|
|
|
bool is_dead() const { return m_dead; }
|
2019-03-23 21:03:17 +00:00
|
|
|
|
2019-01-31 16:31:23 +00:00
|
|
|
bool is_ring0() const { return m_ring == Ring0; }
|
|
|
|
bool is_ring3() const { return m_ring == Ring3; }
|
2018-11-07 20:19:47 +00:00
|
|
|
|
2018-11-09 00:25:31 +00:00
|
|
|
PageDirectory& page_directory() { return *m_page_directory; }
|
|
|
|
const PageDirectory& page_directory() const { return *m_page_directory; }
|
|
|
|
|
2018-11-07 20:38:18 +00:00
|
|
|
static Process* from_pid(pid_t);
|
2018-10-16 09:01:38 +00:00
|
|
|
|
2019-12-15 20:29:26 +00:00
|
|
|
static void update_info_page_timestamp(const timeval&);
|
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
const String& name() const { return m_name; }
|
|
|
|
pid_t pid() const { return m_pid; }
|
2018-11-02 11:56:51 +00:00
|
|
|
pid_t sid() const { return m_sid; }
|
|
|
|
pid_t pgid() const { return m_pgid; }
|
2018-10-23 10:44:46 +00:00
|
|
|
uid_t uid() const { return m_uid; }
|
2018-11-05 14:04:19 +00:00
|
|
|
gid_t gid() const { return m_gid; }
|
2020-01-02 22:45:52 +00:00
|
|
|
const HashTable<gid_t>& extra_gids() const { return m_extra_gids; }
|
2018-11-05 14:04:19 +00:00
|
|
|
uid_t euid() const { return m_euid; }
|
|
|
|
gid_t egid() const { return m_egid; }
|
2018-11-06 12:33:06 +00:00
|
|
|
pid_t ppid() const { return m_ppid; }
|
2018-10-25 08:15:13 +00:00
|
|
|
|
2019-02-22 01:39:13 +00:00
|
|
|
mode_t umask() const { return m_umask; }
|
|
|
|
|
2019-02-27 11:32:53 +00:00
|
|
|
bool in_group(gid_t) const;
|
|
|
|
|
2020-01-07 14:53:42 +00:00
|
|
|
RefPtr<FileDescription> file_description(int fd) const;
|
2019-09-28 20:00:38 +00:00
|
|
|
int fd_flags(int fd) const;
|
2018-10-16 09:01:38 +00:00
|
|
|
|
2019-05-28 09:53:16 +00:00
|
|
|
template<typename Callback>
|
|
|
|
static void for_each(Callback);
|
|
|
|
template<typename Callback>
|
|
|
|
static void for_each_in_pgrp(pid_t, Callback);
|
|
|
|
template<typename Callback>
|
|
|
|
void for_each_child(Callback);
|
|
|
|
template<typename Callback>
|
|
|
|
void for_each_thread(Callback) const;
|
2018-11-02 13:06:48 +00:00
|
|
|
|
2019-01-30 17:26:19 +00:00
|
|
|
void die();
|
2019-02-06 17:45:21 +00:00
|
|
|
void finalize();
|
2018-10-16 09:01:38 +00:00
|
|
|
|
2019-11-09 21:18:16 +00:00
|
|
|
int sys$yield();
|
|
|
|
int sys$sync();
|
|
|
|
int sys$beep();
|
2019-08-15 18:55:10 +00:00
|
|
|
int sys$get_process_name(char* buffer, int buffer_size);
|
2020-01-06 10:12:29 +00:00
|
|
|
int sys$watch_file(const char* path, size_t path_length);
|
2019-07-21 17:45:31 +00:00
|
|
|
int sys$dbgputch(u8);
|
2019-07-21 19:43:37 +00:00
|
|
|
int sys$dbgputstr(const u8*, int length);
|
2019-07-21 07:59:17 +00:00
|
|
|
int sys$dump_backtrace();
|
2019-03-25 12:03:49 +00:00
|
|
|
int sys$gettid();
|
|
|
|
int sys$donate(int tid);
|
2019-04-08 23:10:00 +00:00
|
|
|
int sys$ftruncate(int fd, off_t);
|
2018-11-02 11:56:51 +00:00
|
|
|
pid_t sys$setsid();
|
|
|
|
pid_t sys$getsid(pid_t);
|
|
|
|
int sys$setpgid(pid_t pid, pid_t pgid);
|
|
|
|
pid_t sys$getpgrp();
|
|
|
|
pid_t sys$getpgid(pid_t);
|
2018-10-16 09:01:38 +00:00
|
|
|
uid_t sys$getuid();
|
2018-10-22 11:55:11 +00:00
|
|
|
gid_t sys$getgid();
|
2018-11-05 14:04:19 +00:00
|
|
|
uid_t sys$geteuid();
|
|
|
|
gid_t sys$getegid();
|
2018-10-22 11:55:11 +00:00
|
|
|
pid_t sys$getpid();
|
2018-11-06 12:33:06 +00:00
|
|
|
pid_t sys$getppid();
|
2018-11-06 12:40:23 +00:00
|
|
|
mode_t sys$umask(mode_t);
|
2019-07-08 18:01:49 +00:00
|
|
|
int sys$open(const Syscall::SC_open_params*);
|
2018-10-16 09:01:38 +00:00
|
|
|
int sys$close(int fd);
|
2019-07-03 19:17:35 +00:00
|
|
|
ssize_t sys$read(int fd, u8*, ssize_t);
|
|
|
|
ssize_t sys$write(int fd, const u8*, ssize_t);
|
2019-05-10 01:19:25 +00:00
|
|
|
ssize_t sys$writev(int fd, const struct iovec* iov, int iov_count);
|
2019-01-23 05:53:01 +00:00
|
|
|
int sys$fstat(int fd, stat*);
|
2020-02-10 18:32:40 +00:00
|
|
|
int sys$stat(const Syscall::SC_stat_params*);
|
2018-10-31 16:50:43 +00:00
|
|
|
int sys$lseek(int fd, off_t, int whence);
|
2018-10-16 09:01:38 +00:00
|
|
|
int sys$kill(pid_t pid, int sig);
|
2019-02-15 11:30:48 +00:00
|
|
|
[[noreturn]] void sys$exit(int status);
|
2020-02-15 23:15:37 +00:00
|
|
|
int sys$sigreturn(RegisterState& registers);
|
2020-02-05 16:42:43 +00:00
|
|
|
pid_t sys$waitid(const Syscall::SC_waitid_params*);
|
2018-11-08 10:37:01 +00:00
|
|
|
void* sys$mmap(const Syscall::SC_mmap_params*);
|
2018-10-24 07:48:24 +00:00
|
|
|
int sys$munmap(void*, size_t size);
|
2020-01-06 10:56:59 +00:00
|
|
|
int sys$set_mmap_name(const Syscall::SC_set_mmap_name_params*);
|
2019-08-12 17:33:24 +00:00
|
|
|
int sys$mprotect(void*, size_t, int prot);
|
2019-12-09 18:12:38 +00:00
|
|
|
int sys$madvise(void*, size_t, int advice);
|
2019-12-29 12:16:53 +00:00
|
|
|
int sys$purge(int mode);
|
2019-01-15 22:12:20 +00:00
|
|
|
int sys$select(const Syscall::SC_select_params*);
|
2019-01-23 06:27:41 +00:00
|
|
|
int sys$poll(pollfd*, int nfds, int timeout);
|
2019-02-25 20:19:57 +00:00
|
|
|
ssize_t sys$get_dir_entries(int fd, void*, ssize_t);
|
|
|
|
int sys$getcwd(char*, ssize_t);
|
2020-01-05 21:06:25 +00:00
|
|
|
int sys$chdir(const char*, size_t);
|
2019-09-11 23:18:25 +00:00
|
|
|
int sys$fchdir(int fd);
|
2018-10-25 11:53:49 +00:00
|
|
|
int sys$sleep(unsigned seconds);
|
2019-02-03 15:11:28 +00:00
|
|
|
int sys$usleep(useconds_t usec);
|
2018-10-25 15:29:49 +00:00
|
|
|
int sys$gettimeofday(timeval*);
|
2019-11-02 18:34:06 +00:00
|
|
|
int sys$clock_gettime(clockid_t, timespec*);
|
|
|
|
int sys$clock_nanosleep(const Syscall::SC_clock_nanosleep_params*);
|
2019-02-25 20:19:57 +00:00
|
|
|
int sys$gethostname(char*, ssize_t);
|
2018-10-26 12:56:21 +00:00
|
|
|
int sys$uname(utsname*);
|
2020-01-10 19:13:23 +00:00
|
|
|
int sys$readlink(const Syscall::SC_readlink_params*);
|
2019-02-25 20:19:57 +00:00
|
|
|
int sys$ttyname_r(int fd, char*, ssize_t);
|
|
|
|
int sys$ptsname_r(int fd, char*, ssize_t);
|
2020-02-15 23:15:37 +00:00
|
|
|
pid_t sys$fork(RegisterState&);
|
2020-01-10 11:20:36 +00:00
|
|
|
int sys$execve(const Syscall::SC_execve_params*);
|
2018-11-05 18:01:22 +00:00
|
|
|
int sys$getdtablesize();
|
|
|
|
int sys$dup(int oldfd);
|
|
|
|
int sys$dup2(int oldfd, int newfd);
|
2019-01-23 05:53:01 +00:00
|
|
|
int sys$sigaction(int signum, const sigaction* act, sigaction* old_act);
|
|
|
|
int sys$sigprocmask(int how, const sigset_t* set, sigset_t* old_set);
|
|
|
|
int sys$sigpending(sigset_t*);
|
2019-02-25 21:06:55 +00:00
|
|
|
int sys$getgroups(ssize_t, gid_t*);
|
|
|
|
int sys$setgroups(ssize_t, const gid_t*);
|
2019-08-05 12:29:05 +00:00
|
|
|
int sys$pipe(int pipefd[2], int flags);
|
2018-11-10 23:20:53 +00:00
|
|
|
int sys$killpg(int pgrp, int sig);
|
|
|
|
int sys$setgid(gid_t);
|
|
|
|
int sys$setuid(uid_t);
|
|
|
|
unsigned sys$alarm(unsigned seconds);
|
2020-01-06 09:43:53 +00:00
|
|
|
int sys$access(const char* pathname, size_t path_length, int mode);
|
2019-07-03 19:17:35 +00:00
|
|
|
int sys$fcntl(int fd, int cmd, u32 extra_arg);
|
2018-11-16 12:11:21 +00:00
|
|
|
int sys$ioctl(int fd, unsigned request, unsigned arg);
|
2020-01-06 10:05:59 +00:00
|
|
|
int sys$mkdir(const char* pathname, size_t path_length, mode_t mode);
|
2019-01-23 05:53:01 +00:00
|
|
|
clock_t sys$times(tms*);
|
2020-01-06 11:23:30 +00:00
|
|
|
int sys$utime(const char* pathname, size_t path_length, const struct utimbuf*);
|
2020-01-10 20:26:47 +00:00
|
|
|
int sys$link(const Syscall::SC_link_params*);
|
2020-01-09 11:41:15 +00:00
|
|
|
int sys$unlink(const char* pathname, size_t path_length);
|
2020-01-11 09:31:33 +00:00
|
|
|
int sys$symlink(const Syscall::SC_symlink_params*);
|
2020-01-06 10:05:59 +00:00
|
|
|
int sys$rmdir(const char* pathname, size_t path_length);
|
2020-01-11 09:46:21 +00:00
|
|
|
int sys$mount(const Syscall::SC_mount_params*);
|
2020-01-09 11:41:15 +00:00
|
|
|
int sys$umount(const char* mountpoint, size_t mountpoint_length);
|
2020-01-06 10:05:59 +00:00
|
|
|
int sys$chmod(const char* pathname, size_t path_length, mode_t);
|
2019-03-01 09:39:19 +00:00
|
|
|
int sys$fchmod(int fd, mode_t);
|
2020-01-11 09:17:08 +00:00
|
|
|
int sys$chown(const Syscall::SC_chown_params*);
|
2019-06-01 18:31:36 +00:00
|
|
|
int sys$fchown(int fd, uid_t, gid_t);
|
2019-02-14 13:17:38 +00:00
|
|
|
int sys$socket(int domain, int type, int protocol);
|
|
|
|
int sys$bind(int sockfd, const sockaddr* addr, socklen_t);
|
|
|
|
int sys$listen(int sockfd, int backlog);
|
2019-02-14 14:17:30 +00:00
|
|
|
int sys$accept(int sockfd, sockaddr*, socklen_t*);
|
2019-02-14 13:17:38 +00:00
|
|
|
int sys$connect(int sockfd, const sockaddr*, socklen_t);
|
2020-02-07 23:52:33 +00:00
|
|
|
int sys$shutdown(int sockfd, int how);
|
2019-03-12 14:51:42 +00:00
|
|
|
ssize_t sys$sendto(const Syscall::SC_sendto_params*);
|
2019-03-12 16:27:07 +00:00
|
|
|
ssize_t sys$recvfrom(const Syscall::SC_recvfrom_params*);
|
2019-03-13 12:13:23 +00:00
|
|
|
int sys$getsockopt(const Syscall::SC_getsockopt_params*);
|
|
|
|
int sys$setsockopt(const Syscall::SC_setsockopt_params*);
|
2020-01-27 20:11:36 +00:00
|
|
|
int sys$getsockname(const Syscall::SC_getsockname_params*);
|
|
|
|
int sys$getpeername(const Syscall::SC_getpeername_params*);
|
2019-05-29 21:20:51 +00:00
|
|
|
int sys$sched_setparam(pid_t pid, const struct sched_param* param);
|
|
|
|
int sys$sched_getparam(pid_t pid, struct sched_param* param);
|
2019-11-18 03:08:10 +00:00
|
|
|
int sys$create_thread(void* (*)(void*), void* argument, const Syscall::SC_create_thread_params*);
|
2019-11-13 20:49:24 +00:00
|
|
|
void sys$exit_thread(void*);
|
2019-11-14 19:58:23 +00:00
|
|
|
int sys$join_thread(int tid, void** exit_value);
|
2019-12-07 13:47:00 +00:00
|
|
|
int sys$detach_thread(int tid);
|
2020-01-11 11:47:47 +00:00
|
|
|
int sys$set_thread_name(int tid, const char* buffer, size_t buffer_size);
|
|
|
|
int sys$get_thread_name(int tid, char* buffer, size_t buffer_size);
|
2020-01-11 09:36:54 +00:00
|
|
|
int sys$rename(const Syscall::SC_rename_params*);
|
2019-04-22 16:44:45 +00:00
|
|
|
int sys$systrace(pid_t);
|
2020-01-11 09:27:37 +00:00
|
|
|
int sys$mknod(const Syscall::SC_mknod_params*);
|
2019-07-18 07:52:22 +00:00
|
|
|
int sys$create_shared_buffer(int, void** buffer);
|
|
|
|
int sys$share_buffer_with(int, pid_t peer_pid);
|
2019-07-29 05:26:01 +00:00
|
|
|
int sys$share_buffer_globally(int);
|
2019-02-16 11:13:43 +00:00
|
|
|
void* sys$get_shared_buffer(int shared_buffer_id);
|
|
|
|
int sys$release_shared_buffer(int shared_buffer_id);
|
2019-03-08 11:22:55 +00:00
|
|
|
int sys$seal_shared_buffer(int shared_buffer_id);
|
|
|
|
int sys$get_shared_buffer_size(int shared_buffer_id);
|
2019-12-09 19:06:47 +00:00
|
|
|
int sys$set_shared_buffer_volatile(int shared_buffer_id, bool);
|
2019-07-19 11:08:26 +00:00
|
|
|
int sys$halt();
|
2019-07-19 07:58:12 +00:00
|
|
|
int sys$reboot();
|
2019-07-29 05:26:01 +00:00
|
|
|
int sys$set_process_icon(int icon_id);
|
2020-01-06 10:32:25 +00:00
|
|
|
int sys$realpath(const Syscall::SC_realpath_params*);
|
2019-10-13 14:41:55 +00:00
|
|
|
ssize_t sys$getrandom(void*, size_t, unsigned int);
|
2019-12-31 12:37:38 +00:00
|
|
|
int sys$setkeymap(const Syscall::SC_setkeymap_params*);
|
2019-11-28 19:59:11 +00:00
|
|
|
int sys$module_load(const char* path, size_t path_length);
|
|
|
|
int sys$module_unload(const char* name, size_t name_length);
|
2019-12-11 19:36:56 +00:00
|
|
|
int sys$profiling_enable(pid_t);
|
|
|
|
int sys$profiling_disable(pid_t);
|
2019-12-15 20:29:26 +00:00
|
|
|
void* sys$get_kernel_info_page();
|
2019-12-22 20:29:47 +00:00
|
|
|
int sys$futex(const Syscall::SC_futex_params*);
|
2019-12-30 18:23:13 +00:00
|
|
|
int sys$set_thread_boost(int tid, int amount);
|
2019-12-30 19:10:00 +00:00
|
|
|
int sys$set_process_boost(pid_t, int amount);
|
2020-01-12 18:03:42 +00:00
|
|
|
int sys$chroot(const char* path, size_t path_length, int mount_flags);
|
2020-01-11 19:48:43 +00:00
|
|
|
int sys$pledge(const Syscall::SC_pledge_params*);
|
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of
incremental relinquishing of capabilities for filesystem access.
The first call to unveil() will "drop a veil" on the process, and from
now on, only unveiled parts of the filesystem are visible to it.
Each call to unveil() specifies a path to either a directory or a file
along with permissions for that path. The permissions are a combination
of the following:
- r: Read access (like the "rpath" promise)
- w: Write access (like the "wpath" promise)
- x: Execute access
- c: Create/remove access (like the "cpath" promise)
Attempts to open a path that has not been unveiled with fail with
ENOENT. If the unveiled path lacks sufficient permissions, it will fail
with EACCES.
Like pledge(), subsequent calls to unveil() with the same path can only
remove permissions, not add them.
Once you call unveil(nullptr, nullptr), the veil is locked, and it's no
longer possible to unveil any more paths for the process, ever.
This concept comes from OpenBSD, and their implementation does various
things differently, I'm sure. This is just a first implementation for
SerenityOS, and we'll keep improving on it as we go. :^)
2020-01-20 21:12:04 +00:00
|
|
|
int sys$unveil(const Syscall::SC_unveil_params*);
|
2020-02-02 19:26:27 +00:00
|
|
|
int sys$perf_event(int type, uintptr_t arg1, uintptr_t arg2);
|
2019-02-16 11:13:43 +00:00
|
|
|
|
2020-01-27 20:11:36 +00:00
|
|
|
template<bool sockname, typename Params>
|
|
|
|
int get_sock_or_peer_name(const Params&);
|
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
static void initialize();
|
|
|
|
|
2019-07-03 19:17:35 +00:00
|
|
|
[[noreturn]] void crash(int signal, u32 eip);
|
2020-02-05 16:42:43 +00:00
|
|
|
[[nodiscard]] static siginfo_t reap(Process&);
|
2018-10-17 22:26:30 +00:00
|
|
|
|
2018-10-30 14:33:37 +00:00
|
|
|
const TTY* tty() const { return m_tty; }
|
2020-02-16 01:01:42 +00:00
|
|
|
void set_tty(TTY*);
|
2018-10-30 14:33:37 +00:00
|
|
|
|
2019-01-31 16:31:23 +00:00
|
|
|
size_t region_count() const { return m_regions.size(); }
|
2019-09-27 12:19:07 +00:00
|
|
|
const NonnullOwnPtrVector<Region>& regions() const { return m_regions; }
|
2019-01-31 16:31:23 +00:00
|
|
|
void dump_regions();
|
2018-10-18 12:53:00 +00:00
|
|
|
|
2019-04-22 16:44:45 +00:00
|
|
|
ProcessTracer* tracer() { return m_tracer.ptr(); }
|
|
|
|
ProcessTracer& ensure_tracer();
|
|
|
|
|
2019-07-03 19:17:35 +00:00
|
|
|
u32 m_ticks_in_user { 0 };
|
|
|
|
u32 m_ticks_in_kernel { 0 };
|
2018-12-03 00:12:26 +00:00
|
|
|
|
2019-07-03 19:17:35 +00:00
|
|
|
u32 m_ticks_in_user_for_dead_children { 0 };
|
|
|
|
u32 m_ticks_in_kernel_for_dead_children { 0 };
|
2018-12-03 00:12:26 +00:00
|
|
|
|
2020-01-29 17:31:15 +00:00
|
|
|
bool validate_read_from_kernel(VirtualAddress, size_t) const;
|
2018-10-26 22:14:24 +00:00
|
|
|
|
2020-01-29 17:31:15 +00:00
|
|
|
bool validate_read(const void*, size_t) const;
|
|
|
|
bool validate_write(void*, size_t) const;
|
2019-05-28 09:53:16 +00:00
|
|
|
template<typename T>
|
|
|
|
bool validate_read_typed(T* value, size_t count = 1) { return validate_read(value, sizeof(T) * count); }
|
|
|
|
template<typename T>
|
2020-01-13 10:19:18 +00:00
|
|
|
bool validate_read_and_copy_typed(T* dest, const T* src)
|
|
|
|
{
|
|
|
|
bool validated = validate_read_typed(src);
|
|
|
|
if (validated) {
|
|
|
|
copy_from_user(dest, src);
|
|
|
|
}
|
|
|
|
return validated;
|
|
|
|
}
|
|
|
|
template<typename T>
|
2019-05-28 09:53:16 +00:00
|
|
|
bool validate_write_typed(T* value, size_t count = 1) { return validate_write(value, sizeof(T) * count); }
|
2020-01-10 19:13:23 +00:00
|
|
|
template<typename DataType, typename SizeType>
|
|
|
|
bool validate(const Syscall::MutableBufferArgument<DataType, SizeType>&);
|
2020-01-11 11:47:47 +00:00
|
|
|
template<typename DataType, typename SizeType>
|
|
|
|
bool validate(const Syscall::ImmutableBufferArgument<DataType, SizeType>&);
|
2018-11-16 14:41:48 +00:00
|
|
|
|
2020-01-11 11:47:47 +00:00
|
|
|
String validate_and_copy_string_from_user(const char*, size_t) const;
|
2020-01-10 20:26:47 +00:00
|
|
|
String validate_and_copy_string_from_user(const Syscall::StringArgument&) const;
|
|
|
|
|
2019-05-30 18:23:50 +00:00
|
|
|
Custody& current_directory();
|
|
|
|
Custody* executable() { return m_executable.ptr(); }
|
2018-10-28 11:20:25 +00:00
|
|
|
|
2019-03-06 21:30:13 +00:00
|
|
|
int number_of_open_file_descriptors() const;
|
|
|
|
int max_open_file_descriptors() const { return m_max_open_file_descriptors; }
|
2018-11-01 12:39:28 +00:00
|
|
|
|
2019-12-29 11:45:58 +00:00
|
|
|
size_t amount_clean_inode() const;
|
2019-12-29 11:28:32 +00:00
|
|
|
size_t amount_dirty_private() const;
|
2019-02-03 17:53:18 +00:00
|
|
|
size_t amount_virtual() const;
|
|
|
|
size_t amount_resident() const;
|
|
|
|
size_t amount_shared() const;
|
2019-12-09 18:12:38 +00:00
|
|
|
size_t amount_purgeable_volatile() const;
|
|
|
|
size_t amount_purgeable_nonvolatile() const;
|
2019-02-03 17:53:18 +00:00
|
|
|
|
Kernel: Tighten up exec/do_exec and allow for PT_INTERP iterpreters
This patch changes how exec() figures out which program image to
actually load. Previously, we opened the path to our main executable in
find_shebang_interpreter_for_executable, read the first page (or less,
if the file was smaller) and then decided whether to recurse with the
interpreter instead. We then then re-opened the main executable in
do_exec.
However, since we now want to parse the ELF header and Program Headers
of an elf image before even doing any memory region work, we can change
the way this whole process works. We open the file and read (up to) the
first page in exec() itself, then pass just the page and the amount read
to find_shebang_interpreter_for_executable. Since we now have that page
and the FileDescription for the main executable handy, we can do a few
things. First, validate the ELF header and ELF program headers for any
shenanigans. ELF32 Little Endian i386 only, please. Second, we can grab
the PT_INTERP interpreter from any ET_DYN files, and open that guy right
away if it exists. Finally, we can pass the main executable's and
optionally the PT_INTERP interpreter's file descriptions down to do_exec
and not have to feel guilty about opening the file twice.
In do_exec, we now have a choice. Are we going to load the main
executable, or the interpreter? We could load both, but it'll be way
easier for the inital pass on the RTLD if we only load the interpreter.
Then it can load the main executable itself like any old shared object,
just, the one with main in it :). Later on we can load both of them
into memory and the RTLD can relocate itself before trying to do
anything. The way it's written now the RTLD will get dibs on its
requested virtual addresses being the actual virtual addresses.
2020-01-11 01:28:02 +00:00
|
|
|
int exec(String path, Vector<String> arguments, Vector<String> environment, int recusion_depth = 0);
|
2018-11-02 19:41:58 +00:00
|
|
|
|
2019-02-21 22:35:07 +00:00
|
|
|
bool is_superuser() const { return m_euid == 0; }
|
2018-11-07 00:38:51 +00:00
|
|
|
|
2020-01-10 05:57:18 +00:00
|
|
|
Region* allocate_region_with_vmobject(VirtualAddress, size_t, NonnullRefPtr<VMObject>, size_t offset_in_vmobject, const String& name, int prot, bool user_accessible = true);
|
2019-07-19 14:09:34 +00:00
|
|
|
Region* allocate_file_backed_region(VirtualAddress, size_t, NonnullRefPtr<Inode>, const String& name, int prot);
|
2019-06-07 18:58:12 +00:00
|
|
|
Region* allocate_region(VirtualAddress, size_t, const String& name, int prot = PROT_READ | PROT_WRITE, bool commit = true);
|
2019-02-16 11:13:43 +00:00
|
|
|
bool deallocate_region(Region& region);
|
2019-02-16 08:57:42 +00:00
|
|
|
|
2019-12-19 18:13:44 +00:00
|
|
|
Region& allocate_split_region(const Region& source_region, const Range&, size_t offset_in_vmobject);
|
2019-12-30 20:11:25 +00:00
|
|
|
Vector<Region*, 2> split_region_around_range(const Region& source_region, const Range&);
|
2019-08-29 18:57:02 +00:00
|
|
|
|
2019-03-23 21:03:17 +00:00
|
|
|
void set_being_inspected(bool b) { m_being_inspected = b; }
|
|
|
|
bool is_being_inspected() const { return m_being_inspected; }
|
|
|
|
|
2019-07-03 19:17:35 +00:00
|
|
|
void terminate_due_to_signal(u8 signal);
|
|
|
|
void send_signal(u8, Process* sender);
|
2019-03-23 21:03:17 +00:00
|
|
|
|
2019-12-22 10:35:02 +00:00
|
|
|
u16 thread_count() const { return m_thread_count; }
|
|
|
|
|
|
|
|
Thread& any_thread();
|
2019-03-12 16:27:07 +00:00
|
|
|
|
2019-04-01 18:02:05 +00:00
|
|
|
Lock& big_lock() { return m_big_lock; }
|
|
|
|
|
2019-05-16 15:18:25 +00:00
|
|
|
const ELFLoader* elf_loader() const { return m_elf_loader.ptr(); }
|
|
|
|
|
2019-07-29 05:26:01 +00:00
|
|
|
int icon_id() const { return m_icon_id; }
|
|
|
|
|
2019-12-30 19:10:00 +00:00
|
|
|
u32 priority_boost() const { return m_priority_boost; }
|
|
|
|
|
2020-01-10 22:14:04 +00:00
|
|
|
Custody& root_directory();
|
2020-01-12 18:42:01 +00:00
|
|
|
Custody& root_directory_relative_to_global_root();
|
2020-01-10 22:14:04 +00:00
|
|
|
void set_root_directory(const Custody&);
|
|
|
|
|
2020-01-11 19:48:43 +00:00
|
|
|
bool has_promises() const { return m_promises; }
|
|
|
|
bool has_promised(Pledge pledge) const { return m_promises & (1u << (u32)pledge); }
|
|
|
|
|
2020-01-21 18:28:29 +00:00
|
|
|
VeilState veil_state() const { return m_veil_state; }
|
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of
incremental relinquishing of capabilities for filesystem access.
The first call to unveil() will "drop a veil" on the process, and from
now on, only unveiled parts of the filesystem are visible to it.
Each call to unveil() specifies a path to either a directory or a file
along with permissions for that path. The permissions are a combination
of the following:
- r: Read access (like the "rpath" promise)
- w: Write access (like the "wpath" promise)
- x: Execute access
- c: Create/remove access (like the "cpath" promise)
Attempts to open a path that has not been unveiled with fail with
ENOENT. If the unveiled path lacks sufficient permissions, it will fail
with EACCES.
Like pledge(), subsequent calls to unveil() with the same path can only
remove permissions, not add them.
Once you call unveil(nullptr, nullptr), the veil is locked, and it's no
longer possible to unveil any more paths for the process, ever.
This concept comes from OpenBSD, and their implementation does various
things differently, I'm sure. This is just a first implementation for
SerenityOS, and we'll keep improving on it as we go. :^)
2020-01-20 21:12:04 +00:00
|
|
|
const Vector<UnveiledPath>& unveiled_paths() const { return m_unveiled_paths; }
|
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
private:
|
2018-10-18 11:05:00 +00:00
|
|
|
friend class MemoryManager;
|
2018-11-07 21:15:02 +00:00
|
|
|
friend class Scheduler;
|
2018-11-08 13:35:30 +00:00
|
|
|
friend class Region;
|
2018-10-18 11:05:00 +00:00
|
|
|
|
2019-12-22 10:35:02 +00:00
|
|
|
Process(Thread*& first_thread, const String& name, uid_t, gid_t, pid_t ppid, RingLevel, RefPtr<Custody> cwd = nullptr, RefPtr<Custody> executable = nullptr, TTY* = nullptr, Process* fork_parent = nullptr);
|
2019-12-22 10:51:24 +00:00
|
|
|
static pid_t allocate_pid();
|
2018-10-25 09:15:17 +00:00
|
|
|
|
2019-06-07 10:56:50 +00:00
|
|
|
Range allocate_range(VirtualAddress, size_t);
|
2019-05-17 02:39:22 +00:00
|
|
|
|
2020-01-19 15:25:38 +00:00
|
|
|
Region& add_region(NonnullOwnPtr<Region>);
|
|
|
|
|
Kernel: Tighten up exec/do_exec and allow for PT_INTERP iterpreters
This patch changes how exec() figures out which program image to
actually load. Previously, we opened the path to our main executable in
find_shebang_interpreter_for_executable, read the first page (or less,
if the file was smaller) and then decided whether to recurse with the
interpreter instead. We then then re-opened the main executable in
do_exec.
However, since we now want to parse the ELF header and Program Headers
of an elf image before even doing any memory region work, we can change
the way this whole process works. We open the file and read (up to) the
first page in exec() itself, then pass just the page and the amount read
to find_shebang_interpreter_for_executable. Since we now have that page
and the FileDescription for the main executable handy, we can do a few
things. First, validate the ELF header and ELF program headers for any
shenanigans. ELF32 Little Endian i386 only, please. Second, we can grab
the PT_INTERP interpreter from any ET_DYN files, and open that guy right
away if it exists. Finally, we can pass the main executable's and
optionally the PT_INTERP interpreter's file descriptions down to do_exec
and not have to feel guilty about opening the file twice.
In do_exec, we now have a choice. Are we going to load the main
executable, or the interpreter? We could load both, but it'll be way
easier for the inital pass on the RTLD if we only load the interpreter.
Then it can load the main executable itself like any old shared object,
just, the one with main in it :). Later on we can load both of them
into memory and the RTLD can relocate itself before trying to do
anything. The way it's written now the RTLD will get dibs on its
requested virtual addresses being the actual virtual addresses.
2020-01-11 01:28:02 +00:00
|
|
|
int do_exec(NonnullRefPtr<FileDescription> main_program_description, Vector<String> arguments, Vector<String> environment, RefPtr<FileDescription> interpreter_description);
|
2019-07-03 19:17:35 +00:00
|
|
|
ssize_t do_write(FileDescription&, const u8*, int data_size);
|
2018-10-16 09:01:38 +00:00
|
|
|
|
Kernel: Tighten up exec/do_exec and allow for PT_INTERP iterpreters
This patch changes how exec() figures out which program image to
actually load. Previously, we opened the path to our main executable in
find_shebang_interpreter_for_executable, read the first page (or less,
if the file was smaller) and then decided whether to recurse with the
interpreter instead. We then then re-opened the main executable in
do_exec.
However, since we now want to parse the ELF header and Program Headers
of an elf image before even doing any memory region work, we can change
the way this whole process works. We open the file and read (up to) the
first page in exec() itself, then pass just the page and the amount read
to find_shebang_interpreter_for_executable. Since we now have that page
and the FileDescription for the main executable handy, we can do a few
things. First, validate the ELF header and ELF program headers for any
shenanigans. ELF32 Little Endian i386 only, please. Second, we can grab
the PT_INTERP interpreter from any ET_DYN files, and open that guy right
away if it exists. Finally, we can pass the main executable's and
optionally the PT_INTERP interpreter's file descriptions down to do_exec
and not have to feel guilty about opening the file twice.
In do_exec, we now have a choice. Are we going to load the main
executable, or the interpreter? We could load both, but it'll be way
easier for the inital pass on the RTLD if we only load the interpreter.
Then it can load the main executable itself like any old shared object,
just, the one with main in it :). Later on we can load both of them
into memory and the RTLD can relocate itself before trying to do
anything. The way it's written now the RTLD will get dibs on its
requested virtual addresses being the actual virtual addresses.
2020-01-11 01:28:02 +00:00
|
|
|
KResultOr<NonnullRefPtr<FileDescription>> find_elf_interpreter_for_executable(const String& path, char (&first_page)[PAGE_SIZE], int nread, size_t file_size);
|
|
|
|
|
2019-04-06 12:54:32 +00:00
|
|
|
int alloc_fd(int first_candidate_fd = 0);
|
2019-02-16 11:13:43 +00:00
|
|
|
void disown_all_shared_buffers();
|
2018-11-12 00:28:46 +00:00
|
|
|
|
2019-11-14 16:16:30 +00:00
|
|
|
KResult do_kill(Process&, int signal);
|
|
|
|
KResult do_killpg(pid_t pgrp, int signal);
|
|
|
|
|
2020-02-05 16:42:43 +00:00
|
|
|
KResultOr<siginfo_t> do_waitid(idtype_t idtype, int id, int options);
|
|
|
|
|
2020-01-11 11:47:47 +00:00
|
|
|
KResultOr<String> get_syscall_path_argument(const char* user_path, size_t path_length) const;
|
|
|
|
KResultOr<String> get_syscall_path_argument(const Syscall::StringArgument&) const;
|
2020-01-06 10:05:59 +00:00
|
|
|
|
2019-06-21 16:37:47 +00:00
|
|
|
RefPtr<PageDirectory> m_page_directory;
|
2018-11-01 08:01:51 +00:00
|
|
|
|
2018-11-01 12:15:46 +00:00
|
|
|
Process* m_prev { nullptr };
|
|
|
|
Process* m_next { nullptr };
|
2018-10-16 09:01:38 +00:00
|
|
|
|
|
|
|
String m_name;
|
2019-03-23 21:03:17 +00:00
|
|
|
|
2018-10-16 09:01:38 +00:00
|
|
|
pid_t m_pid { 0 };
|
|
|
|
uid_t m_uid { 0 };
|
2018-10-22 11:55:11 +00:00
|
|
|
gid_t m_gid { 0 };
|
2018-11-05 14:04:19 +00:00
|
|
|
uid_t m_euid { 0 };
|
|
|
|
gid_t m_egid { 0 };
|
2018-11-02 11:56:51 +00:00
|
|
|
pid_t m_sid { 0 };
|
|
|
|
pid_t m_pgid { 0 };
|
2019-03-23 21:03:17 +00:00
|
|
|
|
2019-08-08 12:56:50 +00:00
|
|
|
static const int m_max_open_file_descriptors { FD_SETSIZE };
|
2019-03-23 21:03:17 +00:00
|
|
|
|
2019-06-07 07:36:51 +00:00
|
|
|
struct FileDescriptionAndFlags {
|
2019-06-13 20:03:04 +00:00
|
|
|
operator bool() const { return !!description; }
|
2019-04-29 02:55:54 +00:00
|
|
|
void clear();
|
2019-07-03 19:17:35 +00:00
|
|
|
void set(NonnullRefPtr<FileDescription>&& d, u32 f = 0);
|
2019-06-21 16:37:47 +00:00
|
|
|
RefPtr<FileDescription> description;
|
2019-07-03 19:17:35 +00:00
|
|
|
u32 flags { 0 };
|
2018-11-13 00:36:31 +00:00
|
|
|
};
|
2019-06-07 07:36:51 +00:00
|
|
|
Vector<FileDescriptionAndFlags> m_fds;
|
2018-11-07 17:30:59 +00:00
|
|
|
|
2019-08-08 12:56:50 +00:00
|
|
|
RingLevel m_ring { Ring0 };
|
2019-07-03 19:17:35 +00:00
|
|
|
u8 m_termination_status { 0 };
|
|
|
|
u8 m_termination_signal { 0 };
|
2019-12-22 10:35:02 +00:00
|
|
|
u16 m_thread_count { 0 };
|
2018-10-18 11:05:00 +00:00
|
|
|
|
2019-08-08 12:56:50 +00:00
|
|
|
bool m_being_inspected { false };
|
|
|
|
bool m_dead { false };
|
2019-12-11 19:36:56 +00:00
|
|
|
bool m_profiling { false };
|
2019-08-08 12:56:50 +00:00
|
|
|
|
2019-06-21 16:37:47 +00:00
|
|
|
RefPtr<Custody> m_executable;
|
|
|
|
RefPtr<Custody> m_cwd;
|
2020-01-10 22:14:04 +00:00
|
|
|
RefPtr<Custody> m_root_directory;
|
2020-01-12 18:42:01 +00:00
|
|
|
RefPtr<Custody> m_root_directory_relative_to_global_root;
|
2018-10-24 12:28:22 +00:00
|
|
|
|
2019-11-06 15:52:54 +00:00
|
|
|
RefPtr<TTY> m_tty;
|
2018-10-30 12:59:29 +00:00
|
|
|
|
2019-08-29 18:57:02 +00:00
|
|
|
Region* region_from_range(const Range&);
|
|
|
|
Region* region_containing(const Range&);
|
2018-10-18 12:53:00 +00:00
|
|
|
|
2019-09-27 12:19:07 +00:00
|
|
|
NonnullOwnPtrVector<Region> m_regions;
|
2020-01-19 15:44:37 +00:00
|
|
|
struct RegionLookupCache {
|
|
|
|
Range range;
|
|
|
|
Region* region { nullptr };
|
|
|
|
};
|
|
|
|
RegionLookupCache m_region_lookup_cache;
|
2018-10-18 11:05:00 +00:00
|
|
|
|
2018-11-06 12:33:06 +00:00
|
|
|
pid_t m_ppid { 0 };
|
2018-11-06 12:40:23 +00:00
|
|
|
mode_t m_umask { 022 };
|
2018-10-26 09:16:56 +00:00
|
|
|
|
2020-01-02 22:45:52 +00:00
|
|
|
HashTable<gid_t> m_extra_gids;
|
2018-11-07 20:19:47 +00:00
|
|
|
|
2019-06-21 16:37:47 +00:00
|
|
|
RefPtr<ProcessTracer> m_tracer;
|
2019-05-16 15:18:25 +00:00
|
|
|
OwnPtr<ELFLoader> m_elf_loader;
|
2019-04-22 16:44:45 +00:00
|
|
|
|
2019-09-27 12:19:07 +00:00
|
|
|
Region* m_master_tls_region { nullptr };
|
2019-09-07 13:50:44 +00:00
|
|
|
size_t m_master_tls_size { 0 };
|
|
|
|
size_t m_master_tls_alignment { 0 };
|
|
|
|
|
2019-05-02 01:28:20 +00:00
|
|
|
Lock m_big_lock { "Process" };
|
2019-06-07 09:30:07 +00:00
|
|
|
|
2019-07-03 19:17:35 +00:00
|
|
|
u64 m_alarm_deadline { 0 };
|
2019-07-29 05:26:01 +00:00
|
|
|
|
|
|
|
int m_icon_id { -1 };
|
2019-12-22 20:29:47 +00:00
|
|
|
|
2019-12-30 19:10:00 +00:00
|
|
|
u32 m_priority_boost { 0 };
|
|
|
|
|
2020-01-11 19:48:43 +00:00
|
|
|
u32 m_promises { 0 };
|
|
|
|
u32 m_execpromises { 0 };
|
|
|
|
|
2020-01-21 18:28:29 +00:00
|
|
|
VeilState m_veil_state { VeilState::None };
|
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of
incremental relinquishing of capabilities for filesystem access.
The first call to unveil() will "drop a veil" on the process, and from
now on, only unveiled parts of the filesystem are visible to it.
Each call to unveil() specifies a path to either a directory or a file
along with permissions for that path. The permissions are a combination
of the following:
- r: Read access (like the "rpath" promise)
- w: Write access (like the "wpath" promise)
- x: Execute access
- c: Create/remove access (like the "cpath" promise)
Attempts to open a path that has not been unveiled with fail with
ENOENT. If the unveiled path lacks sufficient permissions, it will fail
with EACCES.
Like pledge(), subsequent calls to unveil() with the same path can only
remove permissions, not add them.
Once you call unveil(nullptr, nullptr), the veil is locked, and it's no
longer possible to unveil any more paths for the process, ever.
This concept comes from OpenBSD, and their implementation does various
things differently, I'm sure. This is just a first implementation for
SerenityOS, and we'll keep improving on it as we go. :^)
2020-01-20 21:12:04 +00:00
|
|
|
Vector<UnveiledPath> m_unveiled_paths;
|
|
|
|
|
2019-12-22 20:29:47 +00:00
|
|
|
WaitQueue& futex_queue(i32*);
|
|
|
|
HashMap<u32, OwnPtr<WaitQueue>> m_futex_queues;
|
2020-02-02 19:26:27 +00:00
|
|
|
|
|
|
|
OwnPtr<PerformanceEventBuffer> m_perf_event_buffer;
|
2018-10-16 09:01:38 +00:00
|
|
|
};
|
|
|
|
|
2018-11-10 15:50:42 +00:00
|
|
|
class ProcessInspectionHandle {
|
2018-11-01 13:21:02 +00:00
|
|
|
public:
|
2018-11-10 15:50:42 +00:00
|
|
|
ProcessInspectionHandle(Process& process)
|
2018-11-01 13:21:02 +00:00
|
|
|
: m_process(process)
|
|
|
|
{
|
2019-03-23 21:03:17 +00:00
|
|
|
if (&process != ¤t->process()) {
|
|
|
|
ASSERT(!m_process.is_being_inspected());
|
|
|
|
m_process.set_being_inspected(true);
|
|
|
|
}
|
2018-11-01 13:21:02 +00:00
|
|
|
}
|
2018-11-10 15:50:42 +00:00
|
|
|
~ProcessInspectionHandle()
|
2018-11-01 13:21:02 +00:00
|
|
|
{
|
2019-03-23 21:03:17 +00:00
|
|
|
m_process.set_being_inspected(false);
|
2018-11-01 13:21:02 +00:00
|
|
|
}
|
2018-11-10 15:50:42 +00:00
|
|
|
|
2019-02-03 11:33:11 +00:00
|
|
|
Process& process() { return m_process; }
|
|
|
|
|
|
|
|
static OwnPtr<ProcessInspectionHandle> from_pid(pid_t pid)
|
|
|
|
{
|
|
|
|
InterruptDisabler disabler;
|
|
|
|
auto* process = Process::from_pid(pid);
|
|
|
|
if (process)
|
|
|
|
return make<ProcessInspectionHandle>(*process);
|
|
|
|
return nullptr;
|
|
|
|
}
|
|
|
|
|
2018-11-10 15:50:42 +00:00
|
|
|
Process* operator->() { return &m_process; }
|
|
|
|
Process& operator*() { return m_process; }
|
2019-05-28 09:53:16 +00:00
|
|
|
|
2018-11-01 13:21:02 +00:00
|
|
|
private:
|
|
|
|
Process& m_process;
|
|
|
|
};
|
|
|
|
|
2018-11-07 21:15:02 +00:00
|
|
|
extern InlineLinkedList<Process>* g_processes;
|
2018-11-08 15:09:05 +00:00
|
|
|
|
|
|
|
template<typename Callback>
|
|
|
|
inline void Process::for_each(Callback callback)
|
|
|
|
{
|
|
|
|
ASSERT_INTERRUPTS_DISABLED();
|
|
|
|
for (auto* process = g_processes->head(); process;) {
|
|
|
|
auto* next_process = process->next();
|
2019-06-07 15:13:23 +00:00
|
|
|
if (callback(*process) == IterationDecision::Break)
|
2018-11-08 15:09:05 +00:00
|
|
|
break;
|
|
|
|
process = next_process;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-11 14:36:40 +00:00
|
|
|
template<typename Callback>
|
|
|
|
inline void Process::for_each_child(Callback callback)
|
|
|
|
{
|
|
|
|
ASSERT_INTERRUPTS_DISABLED();
|
|
|
|
pid_t my_pid = pid();
|
|
|
|
for (auto* process = g_processes->head(); process;) {
|
|
|
|
auto* next_process = process->next();
|
|
|
|
if (process->ppid() == my_pid) {
|
2019-07-14 09:35:49 +00:00
|
|
|
if (callback(*process) == IterationDecision::Break)
|
2018-11-11 14:36:40 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
process = next_process;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-08 15:09:05 +00:00
|
|
|
template<typename Callback>
|
2019-03-23 21:03:17 +00:00
|
|
|
inline void Process::for_each_thread(Callback callback) const
|
2018-11-08 15:09:05 +00:00
|
|
|
{
|
2019-03-23 21:03:17 +00:00
|
|
|
InterruptDisabler disabler;
|
|
|
|
pid_t my_pid = pid();
|
2019-11-26 20:25:11 +00:00
|
|
|
|
|
|
|
if (my_pid == 0) {
|
2019-12-22 10:35:02 +00:00
|
|
|
// NOTE: Special case the colonel process, since its main thread is not in the global thread table.
|
|
|
|
callback(*g_colonel);
|
2019-11-26 20:25:11 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-07-19 10:16:46 +00:00
|
|
|
Thread::for_each([callback, my_pid](Thread& thread) -> IterationDecision {
|
|
|
|
if (thread.pid() == my_pid)
|
|
|
|
return callback(thread);
|
|
|
|
|
|
|
|
return IterationDecision::Continue;
|
|
|
|
});
|
2018-11-08 15:09:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
template<typename Callback>
|
2019-03-23 21:03:17 +00:00
|
|
|
inline void Process::for_each_in_pgrp(pid_t pgid, Callback callback)
|
2018-11-08 15:09:05 +00:00
|
|
|
{
|
|
|
|
ASSERT_INTERRUPTS_DISABLED();
|
|
|
|
for (auto* process = g_processes->head(); process;) {
|
|
|
|
auto* next_process = process->next();
|
2019-12-26 21:20:39 +00:00
|
|
|
if (!process->is_dead() && process->pgid() == pgid) {
|
2019-08-22 19:12:55 +00:00
|
|
|
if (callback(*process) == IterationDecision::Break)
|
2019-03-23 21:03:17 +00:00
|
|
|
break;
|
|
|
|
}
|
2018-11-08 15:09:05 +00:00
|
|
|
process = next_process;
|
|
|
|
}
|
|
|
|
}
|
2019-02-21 14:45:31 +00:00
|
|
|
|
2020-01-07 18:17:35 +00:00
|
|
|
inline bool InodeMetadata::may_read(const Process& process) const
|
2019-02-21 14:45:31 +00:00
|
|
|
{
|
2020-01-02 22:45:52 +00:00
|
|
|
return may_read(process.euid(), process.egid(), process.extra_gids());
|
2019-02-21 14:45:31 +00:00
|
|
|
}
|
|
|
|
|
2020-01-07 18:17:35 +00:00
|
|
|
inline bool InodeMetadata::may_write(const Process& process) const
|
2019-02-21 14:45:31 +00:00
|
|
|
{
|
2020-01-02 22:45:52 +00:00
|
|
|
return may_write(process.euid(), process.egid(), process.extra_gids());
|
2019-02-21 14:45:31 +00:00
|
|
|
}
|
|
|
|
|
2020-01-07 18:17:35 +00:00
|
|
|
inline bool InodeMetadata::may_execute(const Process& process) const
|
2019-02-21 14:45:31 +00:00
|
|
|
{
|
2020-01-02 22:45:52 +00:00
|
|
|
return may_execute(process.euid(), process.egid(), process.extra_gids());
|
2019-02-21 14:45:31 +00:00
|
|
|
}
|
2019-03-23 21:03:17 +00:00
|
|
|
|
|
|
|
inline int Thread::pid() const
|
|
|
|
{
|
|
|
|
return m_process.pid();
|
|
|
|
}
|
2019-07-08 16:58:19 +00:00
|
|
|
|
|
|
|
inline const LogStream& operator<<(const LogStream& stream, const Process& process)
|
|
|
|
{
|
|
|
|
return stream << process.name() << '(' << process.pid() << ')';
|
|
|
|
}
|
2019-12-30 19:10:00 +00:00
|
|
|
|
|
|
|
inline u32 Thread::effective_priority() const
|
|
|
|
{
|
|
|
|
return m_priority + m_process.priority_boost() + m_priority_boost + m_extra_priority;
|
|
|
|
}
|
2020-01-12 01:17:30 +00:00
|
|
|
|
2020-01-21 15:14:39 +00:00
|
|
|
#define REQUIRE_NO_PROMISES \
|
|
|
|
do { \
|
|
|
|
if (current->process().has_promises()) { \
|
|
|
|
dbg() << "Has made a promise"; \
|
|
|
|
cli(); \
|
|
|
|
current->process().crash(SIGABRT, 0); \
|
|
|
|
ASSERT_NOT_REACHED(); \
|
|
|
|
} \
|
2020-01-12 01:17:30 +00:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
#define REQUIRE_PROMISE(promise) \
|
|
|
|
do { \
|
|
|
|
if (current->process().has_promises() \
|
|
|
|
&& !current->process().has_promised(Pledge::promise)) { \
|
2020-01-21 15:14:39 +00:00
|
|
|
dbg() << "Has not pledged " << #promise; \
|
2020-01-12 01:17:30 +00:00
|
|
|
cli(); \
|
|
|
|
current->process().crash(SIGABRT, 0); \
|
|
|
|
ASSERT_NOT_REACHED(); \
|
|
|
|
} \
|
|
|
|
} while (0)
|
2020-02-16 00:27:42 +00:00
|
|
|
|
|
|
|
}
|