Commit graph

8589 commits

Author SHA1 Message Date
Andrew Kaster
68b0826107 Revert "Kernel: Add boot parameter to determine i8042 first port translation"
This reverts commit 0379742d7e.

Commit 61a385fc01 breaks the shift and
caps lock key, but depends on this one.
2023-12-29 22:02:19 +01:00
Sönke Holz
28a3089dc3 Kernel/riscv64: Return correct range in kernel_virtual_range on RISC-V
riscv64 doesn't use a prekernel, so use the same code as aarch64 for
determining the kernel virtual address range.
2023-12-29 16:45:08 +01:00
Liav A
0379742d7e Kernel: Add boot parameter to determine i8042 first port translation
This can be used mainly for bare metal hardware, if the user experiences
problems with output from the PS2 keyboard.
2023-12-29 16:40:59 +01:00
Liav A
61a385fc01 Kernel+Userland: Implement support for PS2 scan code set 2
This scan code set is more advanced than the basic scan code set 1, and
is required to be supported for some bare metal hardware that might not
properly enable the PS2 first port translation in the i8042 controller.

LibWeb can now also generate bindings for keyboard events like the Pause
key, as well as other function keys (such as Right Alt, etc).

The logic for handling scan code sets is implemented by the PS2 keyboard
driver and is abstracted from the main HID KeyboardDevice code which
only handles "standard" KeyEvent(s).
2023-12-29 16:40:59 +01:00
Liav A
b89cc81674 Kernel/HID: Expose character map index in the KeyEvent structure
This will be used later on by WindowServer so it will not use the
scancode, which will represent the actual character index in the
keyboard mapping when using scan code set 2.
2023-12-29 16:40:59 +01:00
Linus Groh
9a5bba2ba4 Kernel: Enable MULTIBOOT_VIDEO_MODE by default
This is required for pretty much every bare metal install and doesn't
seem to have any effect on running in QEMU, so let's enable it by
default.
2023-12-29 16:17:07 +01:00
Hendiadyoin1
f4bfd0468b Kernel/USB: Add a rudimentary interrogation only EHCI driver
This adds a simple EHCI driver that currently only interrogates the
device and checks if all ports are addressable via associated legacy
controllers (companion controllers), and warns if this is not the case.

This also adds a lot of the other data structures needed for actually
driving the controller, but these are currently not hooked up to
anything.

To test this run with `SERENITY_EXTRA_QEMU_ARGS="--device usb-ehci"`
or the q35 machine type
2023-12-28 17:08:34 +01:00
Idan Horowitz
785c9d5c2b Kernel: Add support for TCP window size scaling
This should allow us to eventually properly saturate high-bandwidth
network links when using TCP, once other nonoptimal parts of our
network stack are improved.
2023-12-26 21:36:49 +01:00
Idan Horowitz
2c51ff763b Kernel: Properly report receive window size in sent TCP packets
Instead of lying and claiming we always have space left in our receive
buffer, actually report the available space.

While this doesn't really affect network-bound workloads, it makes a
world of difference in cpu/disk-bound ones, like git clones. Resulting
in a considerable speed-up, and in some cases making them work at all.
(instead of the sender side hanging up the connection due to timeouts)
2023-12-26 21:36:49 +01:00
Idan Horowitz
519214697b Kernel: Mark sys$getsockname as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
ed5406e47d Kernel: Mark sys$getpeername as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
24a60c5a10 Kernel: Mark sys$ioctl as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
d63667dbf1 Kernel: Mark sys$kill_thread as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
b44628c1fb Kernel: Mark sys$join_thread as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
82e6090f47 Kernel: Mark sys$detach_thread as not needing the big process lock
This syscall does not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
b49a0e2c61 Kernel: Mark sys$create_thread as not needing the big process lock
Now that the master TLS region is spinlock protected, this syscall does
not access any big process lock protected resources.
2023-12-26 19:20:21 +01:00
Idan Horowitz
6a4b93b3e0 Kernel: Protect processes' master TLS with a fine-grained spinlock
This moves it out of the scope of the big process lock, and allows us
to wean some syscalls off it, starting with sys$allocate_tls.
2023-12-26 19:20:21 +01:00
Idan Horowitz
863e8c30ad Kernel: Ensure sockets_by_tuple table entry is up to date on connect
Previously we would incorrectly handle the (somewhat uncommon) case of
binding and then separately connecting a tcp socket to a server, as we
would register the socket during the manual bind(2) in the sockets by
tuple table, but our effective tuple would then change as the result of
the connect updating our target peer address. This would result in the
the entry not being removed from the table on destruction, which could
lead to a UAF.

We now make sure to update the table entry if needed during connects.
2023-12-26 18:36:43 +01:00
Idan Horowitz
da2f33df82 Kernel: Stop modifying peer address/port in sendto on a TCP socket
POSIX (rightfully so) specifies that the sendto address argument is
ignored in connection-oriented protocols.

The TCPSocket also assumed the peer address may not change post-connect
and would trigger a UAF in sockets_by_tuple() when it did.
2023-12-26 18:36:43 +01:00
Idan Horowitz
dca5c71e53 Kernel: Stub out getsockopt for the SO_REUSEADDR option
We currently discard setsockopt for SO_REUSEADDR, so to ensure
consistency, support getsockopt as well.
2023-12-24 22:22:58 +01:00
Idan Horowitz
545f4b6cc1 Kernel: Properly support the SO_BROADCAST socket option
POSIX requires that broadcast sends will only be allowed if the
SO_BROADCAST socket option was set on the socket.
Also, broadcast sends to protocols that do not support broadcast (like
TCP), should always fail.
2023-12-24 22:22:58 +01:00
Idan Horowitz
a49b7e92eb Kernel: Shrink instead of expand sigaltstack range to page boundaries
Since the POSIX sigaltstack manpage suggests allocating the stack
region using malloc(), and many heap implementations (including ours)
store heap chunk metadata in memory just before the vended pointer,
we would end up zeroing the metadata, leading to various crashes.
2023-12-24 16:11:35 +01:00
Idan Horowitz
4c6fd454d0 Kernel: Add MM helper for shrinking a virtual range to page boundaries 2023-12-24 16:11:35 +01:00
Shannon Booth
e2e7c4d574 Everywhere: Use to_number<T> instead of to_{int,uint,float,double}
In a bunch of cases, this actually ends up simplifying the code as
to_number will handle something such as:

```
Optional<I> opt;
if constexpr (IsSigned<I>)
    opt = view.to_int<I>();
else
    opt = view.to_uint<I>();
```

For us.

The main goal here however is to have a single generic number conversion
API between all of the String classes.
2023-12-23 20:41:07 +01:00
Idan Horowitz
f972eda7ed Kernel: Mark cloned volatile purgeable AnonymousVMOjects as purged
Our existing AnonymousVMObject cloning flow contains an optimization
wherein purgeable VMObjects which are marked volatile during the clone
are created as a new zero-filled VMObject (as if it was purged), which
lets us skip the expensive COW process.

Unfortunately, one crucial part was missing: Marking the cloned region
as purged, (which is the value returned from madvise when unmarking the
region as volatile) so the userland logic was left unaware of the
effective zero-ing of their memory region, resulting in odd behaviour
and crashes in places like our malloc's large allocation support.
2023-12-22 10:57:59 +01:00
Sönke Holz
ac79ab0b45 Kernel/riscv64: Specify correct alignment for FPUState struct
The signal handling code (and possibly other code as well) expects this
struct to have an alignment of 16 bytes, as it pushes this struct on the
stack.
2023-12-16 18:21:03 +01:00
Idan Horowitz
662143e0a9 Kernel: Resolve deadlock in MasterPTY due to mutex in spinlock scope
MasterPTY::read called DoubleBuffer::read which takes a mutex (which
may block) while holding m_slave's spinlock. If it did block, and was
later rescheduled on a different physical CPU, we would deadlock on
re-locking m_slave inside the unblock callback. (Since our recursive
spinlock implementation is processor based and not process based)
2023-12-16 12:55:41 +01:00
Idan Horowitz
ab06a76920 Kernel: Resolve lock-inversion based deadlock in MasterPTY & BlockSet
MasterPTY's double buffer unblock callback would take m_slave's
spinlock and then call evaluate_block_conditions() which would take
BlockerSet's spinlock, while on the other hand, BlockerSet's
add_blocker would take BlockerSet's spinlock, and then call
should_add_blocker, which would call unblock_if_conditions_are_met,
which would then call should_unblock, which will finally call
MasterPTY::can_read() which will take m_slave's spinlock.
Resolve this by moving the call to evaluate_block_conditions() out of
the scope of m_slave's spinlock, as there's no need to hold the lock
while calling it anyways.
2023-12-16 12:55:41 +01:00
Idan Horowitz
1bea780a7f Kernel: Reject loading ELF files with no loadable segments
If there's no loadable segments then there can't be any code to execute
either. This resolves a crash these kinds of ELF files would cause from
the directly following VERIFY statement.
2023-12-15 21:36:25 +01:00
Idan Horowitz
2a6b492c7f Kernel: Copy over TLS region size and alignment when forking
Previously we would unintentionally leave them zero-initialized,
resulting in any threads created post fork (but without execve) having
invalid thread local storage pointers stored in their FS register.
2023-12-15 21:36:03 +01:00
Idan Horowitz
b35ebd31a4 Kernel: Include FS & GS in process crash register dump
This is helpful when debugging thread-local-storage related crashes.
2023-12-15 21:36:03 +01:00
Sönke Holz
2b44c4c3f7 Kernel/riscv64: Make the kernel compilable using GCC
This commit adds all necessary includes, so all functions are properly
declared.
PCI.cpp is moved to PCI/Initializer.cpp, as that matches the header
path.
2023-12-14 09:02:15 -07:00
Sönke Holz
4cd1e4d69e Kernel/riscv64: Use ALWAYS_INLINE instead of inline in CSR header
This fixes building the kernel with `-Og` when using GCC.
2023-12-14 09:02:15 -07:00
Sönke Holz
78419e858d Kernel/Graphics: Don't use [[gnu::packed]] on Bochs VGA structs
The `[[gnu::packed]]` attribute apparently lowered the required
alignment of the structs, which caused the compiler to generate two
1 byte loads/stores on RISC-V. This caused the kernel to read/write
incorrect values, as the device only seems to accept 2 byte operations.
2023-12-11 14:46:06 -07:00
Sönke Holz
e4019ba9dc Kernel: Make CrashHandler more useful before init_stage2
Display some helpful information about crashes even before the first
process is started.
2023-12-09 22:36:28 +01:00
Sönke Holz
8e5f201e59 Kernel/riscv64: Add .{ro,unmap}_after_init sections to linker script
`MM.protect_kernel_image` would otherwise make the contents of these
sections read-only, as they were for some reason placed before `.data`
and after the start of `.text`.
2023-12-08 12:36:38 -07:00
Andreas Kling
34ae39478a Kernel/SysFS: Fix bizarre mode bits for directories in SysFS
Not sure what led to 0445 being used here, but let's use 0755.
2023-12-01 20:46:21 +01:00
Ali Mohammad Pur
b545427d53 Kernel: Make RAMFS pass along the inode type when traversing as a dir
RAMFS was passing 0, which lead to the userspace seeing all entries as
DT_UNKNOWN when iterating over the directory contents.
To repro prior to this commit, simply check `echo /tmp/*/`.
2023-12-01 20:46:16 +01:00
Daniel Bertalan
45d81dceed Everywhere: Replace ElfW(type) macro usage with Elf_type
This works around a `clang-format-17` bug which caused certain usages to
be misformatted and fail to compile.

Fixes #8315
2023-12-01 10:02:39 +02:00
Maja Kądziołka
3ed48e6008 Kernel/HID: Don't refer to a USB mouse as PS2
Following 77441079dd, the code in Kernel/Devices/HID/MouseDevice.cpp
is used by both USB and PS2 rodents. Make sure not to emit misleading
debug messages that could suggest that a USB mouse is a PS/2 one.
2023-11-30 13:30:12 -07:00
Sönke Holz
173a085e48 Kernel: Only unmap prekernel on x86_64
Other arches don't use the prekernel, so don't try to unmap it on
non-x86 platforms.
For some reason, this didn't cause aarch64 to crash, but on riscv64 this
would cause a panic.
2023-11-30 13:14:18 -07:00
Sönke Holz
3852f4f136 Kernel: Only try to use VGA text mode on x86_64 2023-11-30 13:13:54 -07:00
Sönke Holz
93b6111f47 Kernel/aarch64: Unbreak RPi framebuffer boot console
342c707 introduced an additional check whether this flag is set
before trying to use the multiboot-provided framebuffer console.
2023-11-30 13:13:54 -07:00
Liav A
c3d28d7f5a Kernel: Switch init boot argument to "/init"
This doesn't affect system functionality, but somewhat reduces the
reliance on complicated hardcoded paths. It also allows the user to
simply link /init (which is normally a symbolic link) to another program
to run it instead of SystemServer as the default option.
2023-11-27 09:29:05 -07:00
Liav A
4a50c01c50 Kernel: Print to the log what is the first user process & its arguments 2023-11-27 09:29:05 -07:00
Liav A
5dba1dedb7 Kernel: Don't warn when running dynamically-linked ELF without PT_INTERP
We could technically copy the dynamic loader to other path and run it
from there, so let's not assume paths.
If the user is so determined to do such thing, then a warning is quite
meaningless.
2023-11-27 09:27:34 -07:00
Liav A
93e172895a Kernel: Add /sys/kernel/request_panic node to simulate a kernel panic
When writing to /sys/kernel/request_panic it will do a kernel panic.
Trying to truncate the node will result in kernel panic with a slightly
different message.
2023-11-27 09:24:52 -07:00
Idan Horowitz
743a9e9ebf Kernel: Stop including the ethernet header in LoopbackAdapter's mtu
The networking subsystem currently assumes all adapters are Ethernet
adapters, including the LoopbackAdapter, so all packets are pre-pended
with an Ethernet Frame header. Since the MTU must not include any
overhead added by the data-link (Ethernet in this case) or physical
layers, we need to subtract it from the MTU.

This fixes a kernel panic which occurs when sending a packet that is at
least 65523 bytes long through the loopback adapter, which results in
the kernel "receiving" a packet which is larger than the support MTU
out the other end. (As the actual final size was increased by the
addition of the ethernet frame header)
2023-11-25 16:34:38 +01:00
Idan Horowitz
16a53c811e Kernel: Treat a backlog argument of 0 to listen() as if it was 1
As per POSIX, the behavior of listen() with a backlog value of 0 is
implementation defined: "A backlog argument of 0 may allow the socket
to accept connections, in which case the length of the listen queue may
be set to an implementation-defined minimum value."
Since creating a socket that can't accept any connections seems
relatively useless, and as other platforms (Linux, FreeBSD, etc) chose
to support accepting connections with this backlog value, support it as
well by normalizing it to 1.
2023-11-25 16:34:38 +01:00
Sönke Holz
185715d832 Kernel/riscv64: Generate Kernel.bin from kernel ELF
This is necessary for being able to use the qemu `-kernel` option.
The QEMU virt machine uses OpenSBI's FW_DYNAMIC feature to pass
the kernel entry address, which is the virtual entry point address
specified in the kernel ELF. If we instead `objcopy` the kernel into a
raw binary, OpenSBI will jump to the physical kernel load address, which
is what we want it to do.
2023-11-24 08:52:02 -07:00
Sönke Holz
fa39a57474 Kernel/riscv64: Add missing input sections to linker script
The linker would otherwise put those sections after
`end_of_kernel_image`.
2023-11-24 08:50:19 -07:00
Blake Smith
e346331424 Kernel/FS: Fix check-then-act concurrency bug in FileSystem/Inode
When the FileSystem does a sync, it gathers up all the inodes with
dirty metadata into a vector. The inode mutex is not held while
checking the inode dirty bit, which can lead to a kernel panic
due to concurrent inode modifications.

Fixes: #21796
2023-11-20 09:44:29 +01:00
Dan Klishch
c0ffff7e88 AK: Ban JsonValue from the kernel and remove ifdef guards
JsonValue can store JsonObject which uses DS for keys, so it is not safe
to use it in the kernel even with the double/String guards.
2023-11-14 10:06:54 +01:00
Sönke Holz
da88d766b2 Kernel/riscv64: Make the kernel compile
This commits inserts TODOs into all necessary places to make the kernel
compile on riscv64!
2023-11-10 15:51:31 -07:00
Sönke Holz
b6ac2ed34d Kernel/riscv64: Implement RISC-V SmapDisabler 2023-11-10 15:51:31 -07:00
Sönke Holz
cb1b0c4101 Kernel/riscv64: Add initial PageDirectory header 2023-11-10 15:51:31 -07:00
Sönke Holz
fd8858ace2 Kernel/riscv64: Add RISC-V Syscall API 2023-11-10 15:51:31 -07:00
Tim Schumacher
a2f60911fe AK: Rename GenericTraits to DefaultTraits
This feels like a more fitting name for something that provides the
default values for Traits.
2023-11-09 10:05:51 -05:00
Romain Chardiny
61ac554a34 Kernel/Net: Implement TCP_NODELAY 2023-11-08 09:31:54 +01:00
Uku Loskit
ecbb1df01b Kernel/Syscalls: Allow root to ptrace any process
Previously root (euid=0) was not able to ptrace any dumpable process
as expected. This change fixes this.
2023-11-06 10:03:07 +01:00
Uku Loskit
2bec281ddc Kernel: Fix panic for Nagel's algorithm
It seems like the current implementation returns 0 in case we do not
have enough data for a whole packet yet. The 0 value gets propagated
to the return value of the syscall which according to the spec
should return non-zero values for non-errors cases. This causes panic,
as there is a VERIFY guard checking that more than > 0 bytes are
written if no error has occurred.
2023-11-05 09:07:39 +01:00
Romain Chardiny
6d31d81309 Kernel: Allow negative value for backlog in sys$listen 2023-11-04 17:35:54 +01:00
Liav A
26f96d2a42 Kernel+Userland: Add option for duration of /dev/beep producing sound 2023-11-03 15:19:33 +01:00
Liav A
1b00618fd9 Kernel+Userland: Replace the beep syscall with the new /dev/beep device
There's no need to have separate syscall for this kind of functionality,
as we can just have a device node in /dev, called "beep", that allows
writing tone generation packets to emulate the same behavior.

In addition to that, we remove LibC sysbeep function, as this function
was never being used by any C program nor it was standardized in any
way.
Instead, we move the userspace implementation to LibCore.
2023-11-03 15:19:33 +01:00
Sönke Holz
194bf5a677 Kernel/riscv64: Add RISC-V Processor class 2023-10-28 10:36:06 -06:00
Sönke Holz
24e64cac7e Kernel/riscv64: Add register state related headers 2023-10-28 10:36:06 -06:00
Sönke Holz
978cc1c197 Kernel/riscv64: Add a header for reading/writing RISC-V CSRs 2023-10-28 10:36:06 -06:00
Tim Ledbetter
db929e0fcf Kernel/Ext2: Avoid overflow when updating UID and GID values
Previously, attempting to update an ext2 inode with a UID or GID
larger than 65535 would overflow. We now write the high bits of UIDs
and GIDs to the same place that Linux does within the `osd2` struct.
2023-10-24 07:21:11 +02:00
Hendiadyoin1
4ba68c94fe Kernel: Allow enumerating disk partitions without any devices detected 2023-10-17 11:50:33 -06:00
Hendiadyoin1
8993c43598 Kernel: Try 5 times to find the root boot drive
This gives us enough time to discover more devices, such as USB drives
2023-10-17 11:50:33 -06:00
Hendiadyoin1
a390adcf35 Kernel: Load drivers before looking for the boot drive 2023-10-17 11:50:33 -06:00
Andrew Kaster
91816c15f8 Kernel: Don't register USB devices if USBManagement is not initialized 2023-10-17 11:02:25 -06:00
Edwin Rijkee
8388fe51b5 Kernel: Add a framebuffer driver for 3Dfx Voodoo 3
A bit old but a relatively uncomplicated device capable of outputting
1920x1080 video with 32-bit color. Tested with a Voodoo 3 3000 16MB
PCI card. Resolution switching from DisplaySettings also works.

If the requested mode contains timing information, it is used directly.
Otherwise, display timing values are selected from the EDID. First the
detailed timings are checked, and then standard and established
timings for which there is a matching DMT mode. The driver does not
(yet) read the actual EDID, so the generic EDID in DisplayConnector now
includes a set of common display modes to make this work.

The driver should also be compatible with the Voodoo Banshee, 4 and 5
but I don't have these cards to test this with. The PCI IDs of these
cards are included as a commented line in case someone wants to give it
a try.
2023-10-16 01:25:45 +02:00
Liav A
77441079dd Kernel/HID: Introduce initial USB mouse support 2023-10-15 22:56:30 +02:00
Liav A
430e987078 Kernel/USB: Don't invoke async callback if transfer data size is 0
We can't do anything valuable with such "transfer" so just discard it.
2023-10-15 22:56:30 +02:00
Liav A
e7c1148ec6 Kernel/USB: Handle NAK correctly in a transfer status bits 2023-10-15 22:56:30 +02:00
Liav A
62c2c9df69 Kernel/HID: Add methods to attach and detach standalone devices 2023-10-15 22:56:30 +02:00
Liav A
83835c7256 Kernel/HID: Add boot option to disable PS2 Mouse 2023-10-15 22:56:30 +02:00
kleines Filmröllchen
40fb41322e Kernel: Fix SipHash aarch64 boot regression
Moving the DeviceManagement initialization, which is only needed by
userland in the first place, to after interrupt and time management
initialization (like other things that require randomness) allows the
SipHash initialization to access good randomness without problems.

Note: There currently is another, unrelated boot problem on aarch64,
which is not caused by SipHash as far as we know. This commit therefore
only fixes the SipHash regression.
2023-10-15 09:40:04 +02:00
Hendiadyoin1
aea244efe1 Kernel: Mark SDHC InterruptStatus structured view as const
This view is really nice to check flags, but when clearing them we must
make sure that we only ever try to set 1 bit at a time, which makes
setting bits through the structured view a footgun, as that fetches,
ors in and then sets, potentially resetting other flags.
2023-10-06 08:16:56 +02:00
Vladimir Serbinenko
2e9a28272e Kernel/Audio: Fail AC97 probe if no good BAR1 is found
Otherwise we get a kernel panic later on Intel SOF.
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
3e1146d4b8 Kernel: Detect PS2 keyboards on some chromebooks properly
Some chromebooks don't support PS2 controller reset and ignore it.
Other OSes in case of failed reset check by keyboard ID. Do the same
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
160609d80a Kernel/Memory: Map framebuffer and address space <4GiB
Address space under 4GiB is used for I/O but is absent
from memory maps on some systems.
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
342c707be3 Kernel: Don't use framebuffer if flag is not set
According to multiboot spec if flag for framebuffer isn't
set then corresponding fields are invalid. In reality they're set
to 0 but let's be defensive.
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
10d4bbd133 Prekernel: Fix wrong and misleading comment
Comment speaks about MULTIBOOT_MEMORY_INFO but those fields are actually
about aout kludge.
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
19cede9b3b Prekernel: Load multiboot values before loading kernel
This makes sure we don't clobber multiboot structure before we need it
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
d13609a607 Prekernel: Support kernel preloaded at high address
Loaders try to put modules as low as reasonable but on
EFI often "reasonable" is much higher than on BIOS. As
a result target can be easily higher than source.

Then we have 2 problems:
* memmove compares virtual address and since target
  is mapped higher it ends up going backwards which
  is wrong if target is physically below source
* order of copying of sections must be inverted if
  target is below source
2023-10-03 16:19:03 -06:00
Vladimir Serbinenko
982ce17927 Prekernel: Map entire 4GiB space
Prekernel code currently assumes that mapping until MAX_KERNEL_SIZE
is enough to make the modules accessible. GRUB tries to load as low
as possible but higher than 1 MiB. Hence this is usually true.
However on EFI some ranges may already be used by boot services and
GRUB tries to avoid them if possible. This pushes modules higher.
The simplest solution is to map entire 4 GiB space.
As an additional benefit it makes the framebuffer accessible that
can be used for the debugging.
2023-10-03 16:19:03 -06:00
kleines Filmröllchen
398d271a46 Kernel: Share Processor class (and others) across architectures
About half of the Processor code is common across architectures, so
let's share it with a templated base class. Also, other code that can be
shared in some ways, like FPUState and TrapFrame functions, is adjusted
here. Functions which cannot be shared trivially (without internal
refactoring) are left alone for now.
2023-10-03 16:08:29 -06:00
Tim Ledbetter
ad984ba522 Kernel: Populate stat.st_dev with fsid
This allows userland programs to differentiate inodes on different
filesystems.
2023-10-01 13:34:41 +02:00
kleines Filmröllchen
9a026fc8d5 AK: Implement SipHash as the default hash algorithm for most use cases
SipHash is highly HashDoS-resistent, initialized with a random seed at
startup (i.e. non-deterministic) and usable for security-critical use
cases with large enough parameters. We just use it because it's
reasonably secure with parameters 1-3 while having excellent properties
and not being significantly slower than before.
2023-10-01 11:06:36 +03:30
Timon Kruiper
d170186163 Kernel/aarch64: Subtract KERNEL_MAPPING_BASE from driver_init section
This subtraction is necessary to ensure that the section has the correct
address. Also, without this change, the Kernel ELF binary would explode
in size. This was forgotten in a0dd6ec6b1.
2023-09-30 16:58:15 +02:00
Hendiadyoin1
29292bbdbf Kernel/USB: Add a crude USB MassStorage driver :^) 2023-09-29 16:14:47 -06:00
Hendiadyoin1
c230a0d96f Kernel: Avoid some copies during USBInterface enumeration/creation 2023-09-29 16:14:47 -06:00
Hendiadyoin1
b857c6b92f Kernel/USB: Make USBControllers pseudo StorageControllers
This will be needed in the next commit to generate valid LUNs
2023-09-29 16:14:47 -06:00
Hendiadyoin1
4b327bdc95 Kernel/USB: Add UKBuffer variants of certain BulkPipe/Transfer functions
These will be useful for directly accessing the source/destination
buffers, without going through a third buffer first.
2023-09-29 16:14:47 -06:00
Hendiadyoin1
8335803045 Kernel/USB: Explicitely copy descriptor.hub_characteristics for printing
This field is in a packed struct, which makes it possibly misaligned.
This knowledge is lost when invoking `dbgln` triggering an unaligned
access to it, aka UB. By explicitely copying it we avoid this issue.
2023-09-29 16:14:47 -06:00
Hendiadyoin1
c9a4ab9987 Kernel/USB: Add missing include in USBInterface.h 2023-09-29 16:14:47 -06:00
Hendiadyoin1
d39acfb908 Kernel/USB: Copy device configurations when copying devices 2023-09-29 16:14:47 -06:00
Hendiadyoin1
4f46fb9891 Kernel: Allow adding storage devices after init 2023-09-29 16:14:47 -06:00
Hendiadyoin1
0b649878a5 Kernel: Remove UNMAP_ATER_INIT from StorageDeviceSysFSDirectory
We will need these when plugging in USB drives
2023-09-29 16:14:47 -06:00
Liav A
7718842829 Kernel/VirtIO: Ensure proper error propagation in core methods
Simplify core methods in the VirtIO bus handling code by ensuring proper
error propagation. This makes initialization of queues, handling changes
in device configuration, and other core patterns more readable as well.

It also allows us to remove the obnoxious pattern of checking for
boolean "success" and if we get false answer then returning an actual
errno code.
2023-09-24 19:54:23 -06:00
Hendiadyoin1
cfba182b61 Kernel/PCI: Make SATAProgIF comparable with ProgrammingInterface
This makes checking it a bit nicer
2023-09-22 18:39:37 -06:00
Hendiadyoin1
d64d03e0d6 Kernel: Make Graphics device detection a bit more idomatic 2023-09-22 18:39:37 -06:00
Hendiadyoin1
e7012a9245 Kernel: Use PCI/Definitions.h for PCI-USB controller magic numbers 2023-09-22 18:39:37 -06:00
Hendiadyoin1
693f3ad33e Kernel: Add some more PCI [Sub]Class IDs 2023-09-22 18:39:37 -06:00
Hendiadyoin1
66647b58d4 Kernel: Make PCI [Sub]ClassCode comparable to the corresponding ID enums 2023-09-22 18:39:37 -06:00
Hendiadyoin1
d168bfabc4 Kernel/USB: Detach devices from their driver when they are detached 2023-09-18 11:09:19 -06:00
Jesse Buhagiar
b4cd354bae Kernel/USB: Add driver search on device plug
When a device is plugged into the machine (and hence, when
`Device::try_create()` is called), then we attempt to load a driver by
calling that driver's probe function.
2023-09-18 11:09:19 -06:00
Jesse Buhagiar
b0ed126538 Kernel/USB: Expose USBConfiguration in USBInterface 2023-09-18 11:09:19 -06:00
Jesse Buhagiar
3cfdc6e363 Kernel/USB: Add get_driver_by_name helper in USBManagement 2023-09-18 11:09:19 -06:00
Jesse Buhagiar
2aa17f619c Kernel/USB: Add USB Driver register/unregister function 2023-09-18 11:09:19 -06:00
Jesse Buhagiar
3cead2801a Kernel: Call USB Driver initialize functions during init 2023-09-18 11:09:19 -06:00
Jesse Buhagiar
a0dd6ec6b1 Kernel/USB: Add driver_init section
At any one given time, there can be an abitrary number of USB drivers in
the system. The way driver mapping works (i.e, a device is inserted, and
a potentially matching driver is probed) requires us to have
instantiated driver objects _before_ a device is inserted. This leaves
us with a slight "chicken and egg" problem. We cannot call the probe
function before the driver is initialised, but we need to know _what_
driver to initialise.

This section is designed to store pointers to functions that are called
during the last stage of the early `_init` sequence in the Kernel. The
accompanying macro in `USBDriver` emits a symbol, based on the driver
name, into this table that is then automatically called.

This way, we enforce a "common" driver model; driver developers are not
only required to write their driver and inherit from `USB::Driver`, but
are also required to have a free floating init function that registers
their driver with the USB Core.
2023-09-18 11:09:19 -06:00
Jesse Buhagiar
8883da9586 Kernel/USB: Add new Driver base class
Co-Authored-By: Liav A <liavalb@gmail.com>
Co-Authored-By: Leon Albrecht <leon2002.la@gmail.com>
2023-09-18 11:09:19 -06:00
Liav A
d61c23569e Kernel/VirtIO: Introduce the concept of transport options
The VirtIO specification defines many types of devices with different
purposes, and it also defines 3 possible transport mediums where devices
could be connected to the host machine.

We only care about the PCIe transport, but this commit puts the actual
foundations for supporting the lean MMIO transport too in the future.

To ensure things are kept abstracted but still functional, the VirtIO
transport code is responsible for what is deemed as related to an actual
transport type - allocation of interrupt handlers and tinkering with low
level transport-related registers, etc.
2023-09-16 14:04:17 -06:00
Liav A
68c3f9aa5a Kernel/Interrupts: Move PCIIRQHandler => PCI::IRQHandler
This class is part of the PCI code so let's move it to the PCI namespace
like other handling code parts of the PCI bus.
2023-09-16 14:04:17 -06:00
Hendiadyoin1
a2810d3cf8 Kernel: Use Processor::wait_check in loops waiting for HW to respond
This gives the processor the hint that it is in a hot loop and allows us
to do other work in between
2023-09-15 11:07:35 -06:00
Liav A
cbaa3465a8 Kernel: Add jail semantics to methods iterating over thread lists
We should consider whether the selected Thread is within the same jail
or not.
Therefore let's make it clear to callers with jail semantics if a called
method checks if the desired Thread object is within the same jail.

As for Thread::for_each_* methods, currently nothing in the kernel
codebase needs iteration with consideration for jails, so the old
Thread::for_each* were simply renamed to include "ignoring_jails" suffix
in their names.
2023-09-15 11:06:48 -06:00
Liav A
3a55a1b592 Kernel: Use Process::get_thread_from_thread_list in Syscalls/thread.cpp
Some syscalls could be simplified by using the non-static method
Process::get_thread_from_thread_list which should ensure that the
specified tid is of a Thread in the same Process of the current Thread.
2023-09-15 11:06:48 -06:00
Liav A
50429d3b22 LibC+Kernel: Move GPU-related API methods to a LibC header file
The Kernel/API directory in general shouldn't include userspace code,
but structure definitions that both are shared between the Kernel and
userspace.

All users of the ioctl API obviously use LibC so LibC is the most common
and shared library for the affected programs.
2023-09-15 11:05:25 -06:00
Liav A
8fe74c7d57 LibC+Kernel: Move device-files related methods to a LibC header file
The Kernel/API directory in general shouldn't include userspace code,
but structure definitions that both are shared between the Kernel and
userspace.

LibC is the most appropriate place for these methods as they're already
included in the sys/sysmacros.h file to create a set of convenient
macros for these methods.
2023-09-15 11:05:25 -06:00
Liav A
b49f2937f0 Kernel/TTY: Don't return NonnullLockRefPtr when creating MasterPTY
We can just return a normal NonnullRefPtr because nobody needs an actual
*LockRefPtrs here anymore.
2023-09-09 12:08:59 -06:00
Liav A
82428e2a05 Kernel/TTY: Protect SlavePTY pointer with proper spinlock
Instead of using a LockRefPtr, we could easily use SpinlockProtected to
ensure proper locking of this pointer.
2023-09-09 12:08:59 -06:00
Liav A
b55199c227 Kernel: Move TTY-related code to a new subdirectory under Devices
The TTY subsystem is represented with unix devices, so it should be
under the Devices directory like the Audio, Storage, GPU and HID
subsystems.
2023-09-09 12:08:59 -06:00
Jakub Berkop
54e79aa1d9 Kernel+ProfileViewer: Display additional filesystem events 2023-09-09 11:26:51 -06:00
Jakub Berkop
c184a0786f Kernel: Protect access to PerformanceEventBuffer strings with spinlock 2023-09-09 11:26:51 -06:00
DaftMouse
29c89d3b95 Kernel: Implement scrolling critical messages vga text mode console 2023-09-09 10:18:17 -06:00
DaftMouse
6f7f0b3a8c Kernel: Implement scrolling critical messages in framebuffer console 2023-09-09 10:18:17 -06:00
Sönke Holz
9bd3c542b4 Kernel/riscv64: Add basic SBI support 2023-09-07 11:56:34 -06:00
Liav A
446200d6f3 Kernel+Services: Enable barebones hot-plug handling capabilities
Userspace initially didn't have any sort of mechanism to handle
device hotplug (either removing or inserting a device).
This meant that after a short term of scanning all known devices, by
fetching device events (DeviceEvent packets) from /dev/devctl, we
basically never try to read it again after SystemServer initialization
code.

To accommodate hotplug needs, we change SystemServer by ensuring it will
generate a known set of device nodes at their location during the its
main initialization code. This includes devices like /dev/mem, /dev/zero
and /dev/full, etc.

The actual responsible userspace program to handle hotplug events is a
new userspace program called DeviceMapper, with following key points:
- Its current task is to to constantly read the /dev/devctl device node.
  Because we already created generic devices, we only handle devices
  that are dynamically-generated in nature, like storage devices, audio
  channels, etc.

- Since dynamically-generated device nodes could have an infinite minor
  numbers, but major numbers are decoded to a device type, we create an
  internal registry based on two structures - DeviceNodeFamily, and
  RegisteredDeviceNode. DeviceNodeFamily objects are attached in the
  main logic code, when handling a DeviceEvent device insertion packet.
  A DeviceNodeFamily object has an internal HashTable to hold objects of
  RegisteredDeviceNode class.

- Because some device nodes could still share the same major number (TTY
  and serial TTY devices), we have two modes of allocation - limited
  allocation (so a range is defined for a major number), or infinite
  range. Therefore, two (or more) separate DeviceNodeFamily objects can
  can exist albeit sharing the same major number, but they are required
  to allocate from a different minor numbers' range to ensure there are
  no collisions.

- As for KCOV, we handle this device differently. In case the user
  compiled the kernel with such support - this happens to be a singular
  device node that we usually don't need, so it's dynamically-generated
  too, and because it has only one instance, we don't register it in our
  internal registry to not make it complicated needlessly.

The Kernel code is modified to allow proper blocking in case of no
events in the DeviceControlDevice class, because otherwise we will need
to poll periodically the device to check if a new event is available,
which would waste CPU time for no good reason.
2023-09-07 11:50:50 -06:00
Liav A
39c93f63c8 Kernel: Move FileSystem/DeviceFileTypes.h => API/DeviceFileTypes.h
This file will be used by userspace code later on, so let's move to the
API directory.
2023-09-07 11:50:50 -06:00
Liav A
ed315dd950 Kernel: Move m_uid and m_gid from the Device class to SlavePTY
No other device needs to store the UID/GID of the process that created
them, so only store these values within the SlavePTY class.
2023-08-31 11:59:18 +02:00
Sönke Holz
6ef2c34eb4 Kernel: Add riscv64 assembly startup code
This adds a simple boot.S for RISC-V (64-bit), which clears the BSS and
sets up the processor to be ready for pre_init.cpp (which is not added
yet).
2023-08-29 11:07:06 +02:00
Sönke Holz
132d25e5bf Kernel: Add linker script for riscv64 2023-08-29 11:07:06 +02:00
kleines Filmröllchen
12e534c8c6 Kernel: Implement Nagle’s Algorithm
This is an initial implementation, about as basic as intended by the
RFC, and not configurable from userspace at the moment. It should reduce
the amount of low-sized packets sent, reducing overhead and thereby
network traffic.
2023-08-28 00:28:15 +02:00
kleines Filmröllchen
ed966a80e2 Kernel/Net: Use monotonic time for TCP times
These were using real time as a mistake before; changing the system time
during ongoing TCP connections shouldn’t break them.
2023-08-28 00:28:15 +02:00
Liav A
aee5f4e4b2 Kernel: Remove the /sys/kernel/constants directory
The name for this directory is a bit awkward. Also, the distinction of
constant information is not really valuable as I thought it would be, so
let's bring that information back into the /sys/kernel directory.
2023-08-27 22:50:22 +02:00
Liav A
751aae77bc Kernel: Rename /sys/kernel/variables => /sys/kernel/conf
The name "variables" is a bit awkward and what the directory entries are
really about is kernel configuration so let's make it clear with the new
name.
2023-08-27 22:50:22 +02:00
Liav A
4177e6be8b Kernel: Remove KDSETMODE and KDGETMODE ioctl options from the TTY class
These options are not relevant and are actually meaningless on pure TTY
devices, as they are meant to be effective only for the VirtualConsole
devices.

This also removes the virtual marking from two methods because they're
no longer declared in the TTY class as well.
2023-08-26 16:29:28 +02:00
Timothy Flynn
4fc88aa17b Kernel: Run clang-format on a couple of FileSystem sources
Fixes bad formatting in commit abcf05801a.
2023-08-25 08:34:21 -04:00
Zak-K-Abdi
abcf05801a Kernel: Allow Ext2FS::flush_writes() to return ErrorOr<void> 2023-08-25 11:36:57 +01:00
Liav A
1c0aa51684 Kernel+Userland: Remove the {get,set}_thread_name syscalls
These syscalls are not necessary on their own, and they give the false
impression that a caller could set or get the thread name of any process
in the system, which is not true.

Therefore, move the functionality of these syscalls to be options in the
prctl syscall, which makes it abundantly clear that these operations
could only occur from a running thread in a process that sees other
threads in that process only.
2023-08-25 11:51:52 +02:00
Liav A
1458849850 Kernel: Remove FixedStringBuffer template argument in prctl.cpp
This template argument can be inferred automatically and is not needed.
2023-08-25 11:51:52 +02:00
Liav A
72231b405a AK+Kernel: Introduce StdLib function to copy FixedStringBuffer to user
This new Kernel StdLib function will be used to copy contents of a
FixedStringBuffer with a null character to a user process.

The first user of this new function is the prctl option of
PR_GET_PROCESS_NAME which would copy a process name including a null
character to a user provided buffer.
2023-08-25 11:51:52 +02:00
Liav A
6cb88e224e Kernel: Remove checks for signed numbers in the prctl syscall
When doing PR_{SET,GET}_PROCESS_NAME, it's not expected to pass a signed
integer for the buffer size (in arg2). Therefore, cast it immediately to
a size_t integer type, and let the FixedStringBuffer StdLib memory copy
functions in such cases to worry about possible overflows.
2023-08-25 11:51:52 +02:00
Karol Kosek
e575ee4462 AK+Kernel: Unify Traits<T>::equals()'s argument order on different types
There was a small mishmash of argument order, as seen on the table:

                 | Traits<T>::equals(U, T) | Traits<T>::equals(T, U)
   ============= | ======================= | =======================
   uses equals() | HashMap                 | Vector, HashTable
defines equals() | *String[^1]             | ByteBuffer

[^1]: String, DeprecatedString, their Fly-type equivalents and KString.

This mostly meant that you couldn't use a StringView for finding a value
in Vector<String>.

I'm changing the order of arguments to make the trait type itself first
(`Traits<T>::equals(T, U)`), as I think it's more expected and makes us
more consistent with the rest of the functions that put the stored type
first (like StringUtils functions and binary_serach). I've also renamed
the variable name "other" in find functions to "entry" to give more
importance to the value.

With this change, each of the following lines will now compile
successfully:

    Vector<String>().contains_slow("WHF!"sv);
    HashTable<String>().contains("WHF!"sv);
    HashMap<ByteBuffer, int>().contains("WHF!"sv.bytes());
2023-08-23 20:21:09 +02:00
Aman Singh
fb4a20ade5 Kernel: Fix condition for write to succeed on pseudoterminal
As "\n" is translated to "\r\n" in TTYs, the condition for a write
to succeed on a pseudoterminal should check if the underlying buffer
has 2 bytes empty rather than 1.

Fixes SerenityOS#18888
2023-08-23 15:26:03 +02:00
Liav A
ef6133337e Kernel: Merge PowerStateSwitchTask reboot and shutdown procedures
The reboot procedure should prepare to "shutdown" the system cleanly and
therefore has to be merged with how shutdown is handled.
2023-08-20 13:04:42 -06:00
Liav A
b81b2c3fe7 Kernel: Ensure only user processes are terminated properly in shutdown
This patch ensures that the shutdown procedure can complete due to the
fact we don't kill kernel processes anymore, and only stop the scheduler
from running after the filesystems unmount procedure.

We also need kernel processes during the shutdown procedure, because we
rely on the WorkQueue threads to run WorkQueue items to complete async
IO requests initiated by filesystem sync & unmounting, etc.

This is also simplifying the code around the killing processes, because
we don't need to worry about edge cases such as the FinalizerTask
anymore.
2023-08-20 13:04:42 -06:00
Liav A
7082a1f0c4 Kernel: Reject all syscalls during the shutdown procedure 2023-08-20 13:04:42 -06:00
Liav A
a43133b3c7 Kernel: Hold a weak reference to a Process object in AsyncDeviceRequest
The process could be long gone by the point the async IO request has
completed so hold a weak reference pointer to the requesting Process and
try get a strong reference only when needed.

This patch is necessary because otherwise async IO requests can hold
Process objects long after they were terminated, which would make it
impossible to perform certain tasks in the system, like killing all user
processes during the shutdown procedure.
2023-08-20 13:04:42 -06:00
Liav A
dbab4d34d7 Kernel/FileSystem: Remove disk cache only after ext2 superblock flush
We first must flush the superblock through the BlockBasedFileSystem
methods properly and only then clear the DiskCache pointer, to prevent a
possible kernel panic due to nullptr dereference.
2023-08-20 13:04:42 -06:00
0GreenClover0
719ab586c4 Kernel: Change the code point of numpad keys to 0, when Num Lock is off
Previously we would set the KeyCode correctly to the appropriate
extended keys values, like Home and End, but keep the code point of the
original keys, like 1, 2, 3, etc. Because of this, the keys would just
print the original keys, instead of behaving like the extended ones.
2023-08-20 12:21:57 -06:00
0GreenClover0
c261e5e39b Kernel: Add a Keypad modifier to the numpad Enter key 2023-08-20 12:21:08 -06:00
0GreenClover0
33921e75c9 Kernel: Stop overeagerly adding a Keypad modifier 2023-08-20 12:21:08 -06:00
kleines Filmröllchen
096cecb95e Everywhere: Add RISC-V 64 target to the build system
This is a minimal set of changes to allow `serenity.sh build riscv64` to
successfully generate the build environment and start building. This
includes some, but not all, assembly stubs that will be needed later on;
they are currently empty.
2023-08-18 08:37:43 -06:00
Pankaj Raghav
7138395982 NVMe: Add shadow doorbell support
Shadow doorbell feature was added in the NVMe spec to improve
the performance of virtual devices.

Typically, ringing a doorbell involves writing to an MMIO register in
QEMU, which can be expensive as there will be a trap for the VM.

Shadow doorbell mechanism was added for the VM to communicate with the
OS when it needs to do an MMIO write, thereby avoiding it when it is
not necessary.

There is no performance improvement with this support in Serenity
at the moment because of the block layer constraint of not batching
multiple IOs. Once the command batching support is added to the block
layer, shadow doorbell support can improve performance by avoiding many
MMIO writes.

Default to old MMIO mechanism if shadow doorbell is not supported.
2023-08-18 15:47:51 +02:00
Pankaj Raghav
5b774f3617 NVMe: Add a new struct Doorbell to encapsulate doorbell registers
Introduce a new Struct Doorbell that encapsulates the mmio doorbell
register.

This commit does not introduce any functional changes and it is added
in preparation to adding shadow doorbell support.
2023-08-18 15:47:51 +02:00
Liav A
0b6424d883 Kernel/Storage: Properly free unused NVMeIO AsyncBlockDeviceRequest
This was the root cause of zombie processes showing up randomly and
disappearing after some disk activity, such as running shell commands -
The NVMeIO AsyncBlockDeviceRequest member simply held a pointer to a
Process object, therefore it could keep it alive a for a long time after
it ceased to actually function at all.
2023-08-18 14:08:54 +02:00
Seal Sealy
1262a7d142 Kernel: Alias MAXNAMLEN to NAME_MAX
MAXNAMLEN is the BSD name for NAME_MAX, as used by some programs.
2023-08-18 11:43:19 +02:00
Liav A
3f63be949a Kernel/Net: Don't allocate memory for adapters' names
Instead, use a FixedStringBuffer to store a string with up to 16 chars.
2023-08-12 11:48:48 -06:00
Daniel Bertalan
055d2b6c8a CMake: Enable RELR relocations for Clang OR x86-64
While LLD and mold support RELR "packed" relocations on all
architectures, the BFD linker currently only implements them on x86-64
and POWER.

This fixes two issues:
- The Kernel had it enabled even for AArch64 + GCC, which led to the
  following being printed: `warning: -z pack-relative-relocs ignored`.
- The userland always had it disabled, even in the supported AArch64 +
  Clang/mold scenarios.
2023-08-12 19:39:00 +02:00
Daniel Bertalan
11896868d6 CMake: Clean up AArch64 compiler flags
Two non-functional changes:
- Remove pointless `-latomic` flag. It was specified via
  `add_compile_options`, which only affects compilation and not linking,
  so the library was never actually linked into the kernel. In fact, we
  do not even build `libatomic` for our toolchain.
- Do not disable `-Wnonnull`. The warning-causing code was fixed at some
  point.

This commit also removes `-mstrict-align` from the userland. Our target
AArch64 hardware natively supports unaligned accesses without a
significant performance penalty. Allowing the compiler to insert
unaligned accesses into aligned-as-written code allows for some
performance optimizations in fact. We keep this option turned on in the
kernel to preserve correctness for MMIO, as that might be sensitive to
alignment.
2023-08-12 19:39:00 +02:00
Edwin Rijkee
637c74ac93 Kernel: Add PCISerialDevice WCH CH351 IDs
Add the device ID for PCI serial port cards that use the WCH CH351
chip. This device has been tested with real hardware where the serial
debug output could succesfully be received.
2023-08-12 13:08:07 +02:00
Daniel Bertalan
286984750e Kernel+LibC: Pass 64-bit integers in syscalls by value
Now that support for 32-bit x86 has been removed, we don't have to worry
about the top half of `off_t`/`u64` values being chopped off when we try
to pass them in registers. Therefore, we no longer need the workaround
of pointers to stack-allocated values to syscalls.

Note that this changes the system call ABI, so statically linked
programs will have to be re-linked.
2023-08-12 01:14:26 +02:00
Sönke Holz
9522794a0e Toolchain: Add (basic) support for riscv64
This makes `ARCH=riscv64 Toolchain/BuildGNU.sh` work, but the patches
might not be completely correct.
2023-08-11 09:20:08 +02:00
Liav A
58b509584a Kernel: Allocate version string in the Process::initialize() method
Instead of allocating a KString on each uname syscall, just allocate
during boot so we never have to worry about heap allocation in that
syscall.
2023-08-09 21:06:54 -06:00
Liav A
d8b514873f Kernel: Use FixedStringBuffer for fixed-length strings in syscalls
Using the kernel stack is preferable, especially when the examined
strings should be limited to a reasonable length.

This is a small improvement, because if we don't actually move these
strings then we don't need to own heap allocations for them during the
syscall handler function scope.

In addition to that, some kernel strings are known to be limited, like
the hostname string, for these strings we also can use FixedStringBuffer
to store and copy to and from these buffers, without using any heap
allocations at all.
2023-08-09 21:06:54 -06:00
Liav A
3fd4997fc2 Kernel: Don't allocate memory for names of processes and threads
Instead, use the FixedCharBuffer class to ensure we always use a static
buffer storage for these names. This ensures that if a Process or a
Thread were created, there's a guarantee that setting a new name will
never fail, as only copying of strings should be done to that static
storage.

The limits which are set are 32 characters for processes' names and 64
characters for thread names - this is because threads' names could be
more verbose than processes' names.
2023-08-09 21:06:54 -06:00
Liav A
0d30f558f4 AK+Kernel: Add the FixedStringBuffer class and StdLib functions for it
This class encapsulates a fixed Array with compile-time size definition
for storing ASCII characters.

There are also new Kernel StdLib functions to copy user data into such
objects so this class will be useful later on.
2023-08-09 21:06:54 -06:00
Liav A
3b09560251 Kernel/Memory: Split the MemoryManager.h file from user address checks 2023-08-09 21:06:54 -06:00
Liav A
5efb91ec06 Kernel/VFS: Ensure working with mount entry per a custody is safe
Previously we could get a raw pointer to a Mount object which might be
invalid when actually dereferencing it.
To ensure this could not happen, we should just use a callback that will
be used immediately after finding the appropriate Mount entry, while
holding the mount table lock.
2023-08-05 18:41:01 +02:00
Liav A
d216f780a4 Kernel/VFS: Remove the find_mount_for_guest method
We don't really need this method anymore, because we could just try to
find the mount entry based on the given mount point host custody.

This also allows us to remove the is_vfs_root and root_inode_id methods
from the VirtualFileSystem class.
2023-08-05 18:41:01 +02:00
Liav A
e5c7662638 Kernel/VFS: Check matching absolute path when jump to mount guest inode
We could easily encounter a case where we do the following:

```
mkdir -p /tmp2
mount /dev/hda /tmp2
```

would produce a bug that doing `ls /tmp2/tmp2` will give the contents
on `/dev/hda` ext2 root directory and also on `/tmp2/tmp2/tmp2` and so
on.
To prevent this, we must compare the current custody against each mount
entry's custody to ensure their paths match.
2023-08-05 18:41:01 +02:00
Liav A
80f400a150 Kernel/VFS: Don't resolve root inode mounts when traversing a directory
This is not useful, as we have literally zero knowledge about where this
inode is actually located at with respect to the entire global path tree
so we could easily encounter a case where we do the following:

```
mkdir -p /tmp2
mount /dev/hda /tmp2
```

and when traversing the /tmp2 directory entries, we will see the root
inode of /dev/hda on "/tmp2/tmp2", even if it was not mounted.

Therefore, we should just plainly give the raw directory entries as they
are written "on the disk". Anything else that needs to exactly know if
there's an underlying mounted filesystem, can just use the stat syscall
instead.
2023-08-05 18:41:01 +02:00
Liav A
debbfe07fb Kernel/VFS: Ensure Custodies' absolute path don't match before mounting
This ensures that the host mount point custody path is not the same like
the new to-be-mounted custody.

A scenario that could happen before adding this check is:
```
mkdir -p /tmp2
mount /dev/hda /tmp2/
mount /dev/hda /tmp2/
mount /dev/hda /tmp2/ # this will fail here
```

and after adding this check, the following scenario is now this:
```
mkdir -p /tmp2
mount /dev/hda /tmp2/
mount /dev/hda /tmp2/ # this will fail here
mount /dev/hda /tmp2/ # this will fail here too
```
2023-08-05 18:41:01 +02:00
Liav A
8da7d84512 Kernel/VFS: Remove misleading part of debug message when mounting 2023-08-05 18:41:01 +02:00
Lucas CHOLLET
cd0fe4bb48 Kernel: Mark sys$poll as not needing the big lock 2023-08-01 05:35:26 +02:00
Sergey Bugaev
ddafc5dc98 Kernel/Net: Make a debug message more detailed
It helps to see which socket it is talking about here, especially if you
can cross-reference it with other socket logging.
2023-07-29 16:51:58 -06:00
Sergey Bugaev
95bcffd713 Kernel/Net: Rework ephemeral port allocation
Currently, ephemeral port allocation is handled by the
allocate_local_port_if_needed() and protocol_allocate_local_port()
methods. Actually binding the socket to an address (which means
inserting the socket/address pair into a global map) is performed either
in protocol_allocate_local_port() (for ephemeral ports) or in
protocol_listen() (for non-ephemeral ports); the latter will fail with
EADDRINUSE if the address is already used by an existing pair present in
the map.

There used to be a bug where for listen() without an explicit bind(),
the port allocation would conflict with itself: first an ephemeral port
would get allocated and inserted into the map, and then
protocol_listen() would check again for the port being free, find the
just-created map entry, and error out. This was fixed in commit
01e5af487f by passing an additional flag
did_allocate_port into protocol_listen() which specifies whether the
port was just allocated, and skipping the check in protocol_listen() if
the flag is set.

However, this only helps if the socket is bound to an ephemeral port
inside of this very listen() call. But calling bind(sin_port = 0) from
userspace should succeed and bind to an allocated ephemeral port, in the
same was as using an unbound socket for connect() does. The port number
can then be retrieved from userspace by calling getsockname (), and it
should be possible to either connect() or listen() on this socket,
keeping the allocated port number. Also, calling bind() when already
bound (either explicitly or implicitly) should always result in EINVAL.

To untangle this, introduce an explicit m_bound state in IPv4Socket,
just like LocalSocket has already. Once a socket is bound, further
attempt to bind it fail. Some operations cause the socket to implicitly
get bound to an (ephemeral) address; this is implemented by the new
ensure_bound() method. The protocol_allocate_local_port() method is
gone; it is now up to a protocol to assign a port to the socket inside
protocol_bind() if it finds that the socket has local_port() == 0.

protocol_bind() is now called in more cases, such as inside listen() if
the socket wasn't bound before that.
2023-07-29 16:51:58 -06:00
kleines Filmröllchen
c8d7bcede6 Kernel/FileSystem: Rename block_size -> logical_block_size
Since this is the block size that file system drivers *should* set,
let's name it the logical block size, just like most file systems such
as ext2 already do anyways.
2023-07-28 14:51:07 +02:00
kleines Filmröllchen
d1e6e6110d Kernel/FileSystem: Rename logical_block_size -> device_block_size
This never was a logical block size, it always was a device specific
block size. Ideally the block size would change in accordance to
whatever the driver wants to use, but that is a change for the future.
For now, let's get rid of this confusing naming.
2023-07-28 14:51:07 +02:00
kleines Filmröllchen
bf1610d378 Kernel/Ext2: Don't rely on block size 512 for superblock offset 2023-07-28 14:51:07 +02:00
kleines Filmröllchen
10ba54a009 Kernel/Ext2: Write BGDT backups
Same as for the superblock, let's back up the block group descriptor
table.
2023-07-28 14:51:07 +02:00
kleines Filmröllchen
a0705202ea Kernel/Ext2: Write superblock backups
We don't ever read them out, but this should make fsck a lot less mad.
2023-07-28 14:51:07 +02:00
kleines Filmröllchen
cc1cb72fb5 Kernel/Ext2: Extract common calculations to functions
This also makes it easier to understand and reference where these
(sometimes rather arbitrary) calculations come from.

This also fixes a bug where group_index_from_block_index assumed 1KiB
blocks.
2023-07-28 14:51:07 +02:00
kleines Filmröllchen
b645f87b7a Kernel: Overhaul system shutdown procedure
For a long time, our shutdown procedure has basically been:
- Acquire big process lock.
- Switch framebuffer to Kernel debug console.
- Sync and lock all file systems so that disk caches are flushed and
  files are in a good state.
- Use firmware and architecture-specific functionality to perform
  hardware shutdown.

This naive and simple shutdown procedure has multiple issues:
- No processes are terminated properly, meaning they cannot perform more
  complex cleanup work. If they were in the middle of I/O, for instance,
  only the data that already reached the Kernel is written to disk, and
  data corruption due to unfinished writes can therefore still occur.
- No file systems are unmounted, meaning that any important unmount work
  will never happen. This is important for e.g. Ext2, which has
  facilites for detecting improper unmounts (see superblock's s_state
  variable) and therefore requires a proper unmount to be performed.
  This was also the starting point for this PR, since I wanted to
  introduce basic Ext2 file system checking and unmounting.
- No hardware is properly shut down beyond what the system firmware does
  on its own.
- Shutdown is performed within the write() call that asked the Kernel to
  change its power state. If the shutdown procedure takes longer (i.e.
  when it's done properly), this blocks the process causing the shutdown
  and prevents any potentially-useful interactions between Kernel and
  userland during shutdown.

In essence, current shutdown is a glorified system crash with minimal
file system cleanliness guarantees.

Therefore, this commit is the first step in improving our shutdown
procedure. The new shutdown flow is now as follows:
- From the write() call to the power state SysFS node, a new task is
  started, the Power State Switch Task. Its only purpose is to change
  the operating system's power state. This task takes over shutdown and
  reboot duties, although reboot is not modified in this commit.
- The Power State Switch Task assumes that userland has performed all
  shutdown duties it can perform on its own. In particular, it assumes
  that all kinds of clean process shutdown have been done, and remaining
  processes can be hard-killed without consequence. This is an important
  separation of concerns: While this commit does not modify userland, in
  the future SystemServer will be responsible for performing proper
  shutdown of user processes, including timeouts for stubborn processes
  etc.
- As mentioned above, the task hard-kills remaining user processes.
- The task hard-kills all Kernel processes except itself and the
  Finalizer Task. Since Kernel processes can delay their own shutdown
  indefinitely if they want to, they have plenty opportunity to perform
  proper shutdown if necessary. This may become a problem with
  non-cooperative Kernel tasks, but as seen two commits earlier, for now
  all tasks will cooperate within a few seconds.
- The task waits for the Finalizer Task to clean up all processes.
- The task hard-kills and finalizes the Finalizer Task itself, meaning
  that it now is the only remaining process in the system.
- The task syncs and locks all file systems, and then unmounts them. Due
  to an unknown refcount bug we currently cannot unmount the root file
  system; therefore the task is able to abort the clean unmount if
  necessary.
- The task performs platform-dependent hardware shutdown as before.

This commit has multiple remaining issues (or exposed existing ones)
which will need to be addressed in the future but are out of scope for
now:
- Unmounting the root filesystem is impossible due to remaining
  references to the inodes /home and /home/anon. I investigated this
  very heavily and could not find whoever is holding the last two
  references.
- Userland cannot perform proper cleanup, since the Kernel's power state
  variable is accessed directly by tools instead of a proper userland
  shutdown procedure directed by SystemServer.

The recently introduced Firmware/PowerState procedures are removed
again, since all of the architecture-independent code can live in the
power state switch task. The architecture-specific code is kept,
however.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
2fd23745a9 Kernel: Allow relaxing cleanup task rules during system shutdown
Once we move to a more proper shutdown procedure, processes other than
the finalizer task must be able to perform cleanup and finalization
duties, not only because the finalizer task itself needs to be cleaned
up by someone. This global variable, mirroring the early boot flags,
allows a future shutdown process to perform cleanup on its own.

Note that while this *could* be considered a weakening in security, the
attack surface is minimal and the results are not dramatic. To exploit
this, an attacker would have to gain a Kernel write primitive to this
global variable (bypassing KASLR among other things) and then gain some
way of calling the relevant functions, all of this only to destroy some
other running process. The same effect can be achieved with LPE which
can often be gained with significantly simpler userspace exploits (e.g.
of setuid binaries).
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
021fb3ea05 Kernel/Tasks: Allow Kernel processes to be shut down
Since we never check a kernel process's state like a userland process,
it's possible for a kernel process to ignore the fact that someone is
trying to kill it, and continue running. This is not desireable if we
want to properly shutdown all processes, including Kernel ones.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
8940552d1d Kernel/VirtualFileSystem: Allow unmounting via inode and mount path
This pair of information uniquely identifies any mount point, and it can
be used in situations where mount point custodies are not available.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
abc1eaff36 Kernel/VirtualFileSystem: Count bind mounts towards normal FS mountcount
This is correct since unmount doesn't treat bind mounts specially. If we
don't do this, unmounting bind mounts will call
prepare_for_last_unmount() on the guest FS much too early, which will
most likely fail due to a busy file system.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
251b17085b Kernel/Ext2: Check and set file system state
This is supposed to detect whether a file system was unmounted
cleanly or not.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
8fb126bec6 Kernel/FileSystem: Pass last mount point guest inode to unmount prepare
This will be important later on when we check file system busyness.
2023-07-15 00:12:01 +02:00
kleines Filmröllchen
2fe5ece449 Kernel: Add accessor for mount host custody
There's no reason this information needs to be secret.
2023-07-15 00:12:01 +02:00
Kirill Nikolaev
6cdb1f0415 Kernel: Add an initial implementation of virtio-net driver
It can be exercised by setting
    SERENITY_ETHERNET_DEVICE_TYPE=virtio-net-pci.
2023-07-11 00:49:11 -06:00
Taj Morton
1d2f1abf97 FileSystem/FATFS: Convert internal FAT inode attributes to dirent types 2023-07-10 21:54:23 -06:00
Tim Schumacher
9d6372ff07 Kernel: Consolidate finding the ELF stack size with validation
Previously, we started parsing the ELF file again in a completely
different place, and without the partial mapping that we do while
validating.

Instead of doing manual parsing in two places, just capture the
requested stack size right after we validated it.
2023-07-10 21:08:31 -06:00
Timothy Flynn
f798e43ea8 Kernel: Add a key code modifier to detect the number pad
This is analagous to how Qt exposes whether the number pad was used for
a key press.
2023-07-09 06:32:20 +02:00
Timothy Flynn
c911781c21 Everywhere: Remove needless trailing semi-colons after functions
This is a new option in clang-format-16.
2023-07-08 10:32:56 +01:00