Commit graph

427 commits

Author SHA1 Message Date
Brian Gianforcaro
7e6fbef8db Kernel: Partial usage of Userspace<T> for the poll syscall
This change mostly converts poll to Userspace<T> with the caveat
of the fds member of SC_poll_params. It's current usage is a bit
too gnarly for me to take on right now, this appears to need a lot
more love.

In addition to enlightening the syscall to use Userspace<T>, I've
also re-worked most of the handling to use validate_read_and_copy
instead of just directly de-referencing the user pointer. We also
appeared to be missing a re-evaluation of the fds array after the
thread block is awoken.
2020-08-06 10:22:44 +02:00
Brian Gianforcaro
fa666f6897 Kernel: Use Userspace<T> for the futex syscall
Utilizie Userspace<T> for the syscall argument itself, as well
as internally in the SC_futex_params struct.

We were double validating the SC_futex_params.timeout validation,
that was removed as well.
2020-08-05 13:03:50 +02:00
Brian Gianforcaro
7490ea9449 Kernel + LibPthread: Use Userspace<T> in the create_thread syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
337e8f98cd Kernel: Use Userspace<T> for the rename syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
c1541f4a61 Kernel: Use Userspace<T> for the mknod syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
d949b2a367 Kernel: Use Userspace<T> for the set_mmap_name syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
7449921f53 Kernel: Use Userspace<T> for the readlink syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
901dae0227 Kernel: Use Userspace<T> for the mmap syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
74d3b202f1 Kernel: Use Userspace<T> for the waitid syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
84035e1035 Kernel: Use Userspace<T> for the clock_nanosleep syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
baa070afb8 Kernel: Use Userspace<T> for the gettimeofday syscall 2020-08-05 09:36:53 +02:00
Brian Gianforcaro
1eeaed31c2 Kernel: Use Userspace<T> for the open syscall 2020-08-05 09:36:53 +02:00
Andreas Kling
58feebeed2 Kernel+LibC: Tidy up sys$ttyname() and sys$ptsname()
- Remove goofy _r suffix from syscall names.
- Don't take a signed buffer size.
- Use Userspace<T>.
- Make TTY::tty_name() return a String instead of a StringView.
2020-08-04 18:17:16 +02:00
Andreas Kling
7de831efc6 Kernel+LibC: Add sys$disown() for disowning child processes
This syscall allows a parent process to disown a child process, setting
its parent PID to 0.

Unparented processes are automatically reaped by the kernel upon exit,
and no sys$waitid() is required. This will make it much nicer to do
spawn-and-forget which is common in the GUI environment.
2020-08-04 18:17:16 +02:00
Andreas Kling
b139fb9f38 Kernel: Use Userspace<T> in sys$link() and sys$symlink() 2020-08-03 18:40:28 +02:00
Brian Gianforcaro
2242f69cd6 Kernel: Use Userspace<T> in unveil syscall 2020-08-02 20:54:17 +02:00
Brian Gianforcaro
9db5a1b92f Kernel: Use Userspace<T> in sched_getparam syscall 2020-08-02 20:53:48 +02:00
Tom
538b985487 Kernel: Remove ProcessInspectionHandle and make Process RefCounted
By making the Process class RefCounted we don't really need
ProcessInspectionHandle anymore. This also fixes some race
conditions where a Process may be deleted while still being
used by ProcFS.

Also make sure to acquire the Process' lock when accessing
regions.

Last but not least, there's no reason why a thread can't be
scheduled while being inspected, though in practice it won't
happen anyway because the scheduler lock is held at the same
time.
2020-08-02 17:15:11 +02:00
Tom
5bbf6ed46b Kernel: Fix some crashes due to missing locks
We need to hold m_lock when accessing m_regions.
2020-08-02 17:15:11 +02:00
Andreas Kling
e526fa572a Kernel: Convert some more syscalls to Userspace<T>
These are really straightforward when all the helpers just work.
2020-08-02 11:01:00 +02:00
Brian Gianforcaro
2a74c59dec Kernel: Use Userspace<T> in pledge syscall 2020-08-02 10:56:43 +02:00
Brian Gianforcaro
ba4cf59d04 Kernel: Use Userspace<T> in setkeymap syscall 2020-08-02 10:56:33 +02:00
Brian Gianforcaro
10e912d68c Kernel: Use Userspace<T> in sched_setparam syscall
Note: I switched from copying the single element out of the sched_param
struct, to copy struct it self as it is identical in functionality.
This way the types match up nicer with the Userpace<T> api's and it
conforms to the conventions used in other syscalls.
2020-08-02 10:55:38 +02:00
Brian Gianforcaro
1209bf82c1 Kernel: Use Userspace<T> in ptrace syscall 2020-08-02 00:29:04 +02:00
Andreas Kling
8d4d1c7457 Kernel: Use Userspace<T> in more syscalls 2020-08-01 11:37:40 +02:00
Andreas Kling
628b3badfb Kernel+AK: Add and use Userspace<T>::unsafe_userspace_ptr()
Since we already have the type information in the Userspace template,
it was a bit silly to cast manually everywhere. Just add a sufficiently
scary-sounding getter for a typed pointer.

Thanks @alimpfard for pointing out that I was being silly with tossing
out the type.

In the future we may want to make this API non-public as well.
2020-07-31 20:56:48 +02:00
Andreas Kling
180207062c Kernel: Use Userspace<T> in sys$utime()
And again, another helper overload.
2020-07-31 16:38:47 +02:00
Andreas Kling
62a4099581 Kernel: Use Userspace<T> in sys$getcwd() and sys$chdir()
Add more validation helper overloads as we go. :^)
2020-07-31 16:34:47 +02:00
Andreas Kling
314dbc10d4 Kernel: Use Userspace<T> for sys$read() and sys$stat()
Add validation helper overloads as needed.
2020-07-31 16:28:37 +02:00
Andreas Kling
be7add690d Kernel: Rename region_from_foo() => find_region_from_foo()
Let's emphasize that these functions actually go out and find regions.
2020-07-30 23:52:28 +02:00
Andreas Kling
2e2de125e5 Kernel: Turn Process::FileDescriptionAndFlags into a proper class 2020-07-30 23:50:31 +02:00
Andreas Kling
949aef4aef Kernel: Move syscall implementations out of Process.cpp
This is something I've been meaning to do for a long time, and here we
finally go. This patch moves all sys$foo functions out of Process.cpp
and into files in Kernel/Syscalls/.

It's not exactly one syscall per file (although it could be, but I got
a bit tired of the repetitive work here..)

This makes hacking on individual syscalls a lot less painful since you
don't have to rebuild nearly as much code every time. I'm also hopeful
that this makes it easier to understand individual syscalls. :^)
2020-07-30 23:40:57 +02:00
Andreas Kling
b5f54d4153 Kernel+LibC: Add sys$set_process_name() for changing the process name 2020-07-27 19:10:18 +02:00
Nico Weber
4eb967b5eb LibC+Kernel: Start implementing sysconf
For now, only the non-standard _SC_NPROCESSORS_CONF and
_SC_NPROCESSORS_ONLN are implemented.

Use them to make ninja pick a better default -j value.
While here, make the ninja package script not fail if
no other port has been built yet.
2020-07-15 00:07:20 +02:00
Andrew Kaster
f96b827990 Kernel+LibELF: Expose ELF Auxiliary Vector to Userspace
The AT_* entries are placed after the environment variables, so that
they can be found by iterating until the end of the envp array, and then
going even further beyond :^)
2020-07-07 10:38:54 +02:00
Andreas Kling
11c4a28660 Kernel: Move headers intended for userspace use into Kernel/API/ 2020-07-04 17:22:23 +02:00
Tom
e373e5f007 Kernel: Fix signal delivery
When delivering urgent signals to the current thread
we need to check if we should be unblocked, and if not
we need to yield to another process.

We also need to make sure that we suppress context switches
during Process::exec() so that we don't clobber the registers
that it sets up (eip mainly) by a context switch. To be able
to do that we add the concept of a critical section, which are
similar to Process::m_in_irq but different in that they can be
requested at any time. Calls to Scheduler::yield and
Scheduler::donate_to will return instantly without triggering
a context switch, but the processor will then asynchronously
trigger a context switch once the critical section is left.
2020-07-03 19:32:34 +02:00
Tom
16783bd14d Kernel: Turn Thread::current and Process::current into functions
This allows us to query the current thread and process on a
per processor basis
2020-07-01 12:07:01 +02:00
Andreas Kling
d4195672b7 Kernel+LibC: Add sys$recvfd() and sys$sendfd() for fd passing
These new syscalls allow you to send and receive file descriptors over
a local domain socket. This will enable various privilege separation
techniques and other good stuff. :^)
2020-06-24 23:08:09 +02:00
Nico Weber
d2684a8645 LibC+Kernel: Implement ppoll
ppoll() is similar() to poll(), but it takes its timeout
as timespec instead of as int, and it takes an additional
sigmask parameter.

Change the sys$poll parameters to match ppoll() and implement
poll() in terms of ppoll().
2020-06-23 14:12:20 +02:00
Nico Weber
dd53e070c5 Kernel+LibC: Remove setreuid() / setregid() again
It looks like they're considered a bad idea, so let's not add
them before we need them. I figured it's good to have them in
git history if we ever do need them though, hence the add/remove
dance.
2020-06-18 23:19:16 +02:00
Nico Weber
a38754d9f2 Kernel+LibC: Implement seteuid() and friends!
Add seteuid()/setegid() under _POSIX_SAVED_IDS semantics,
which also requires adding suid and sgid to Process, and
changing setuid()/setgid() to honor these semantics.

The exact semantics aren't specified by POSIX and differ
between different Unix implementations. This patch makes
serenity follow FreeBSD. The 2002 USENIX paper
"Setuid Demystified" explains the differences well.

In addition to seteuid() and setegid() this also adds
setreuid()/setregid() and setresuid()/setresgid(), and
the accessors getresuid()/getresgid().

Also reorder uid/euid functions so that they are the
same order everywhere (namely, the order that
geteuid()/getuid() already have).
2020-06-18 23:19:16 +02:00
Andreas Kling
0609eefd57 Kernel: Add "setkeymap" pledge promise 2020-06-18 22:19:36 +02:00
Sergey Bugaev
a77405665f Kernel: Fix overflow in Process::validate_{read,write}_typed()
Userspace could pass us a large count to overflow the check. I'm not enough of a
haxx0r to write an actual exploit though.
2020-05-31 21:38:50 +02:00
Sergey Bugaev
cddaeb43d3 Kernel: Introduce "sigaction" pledge
You now have to pledge "sigaction" to change signal handlers/dispositions. This
is to prevent malicious code from messing with assertions (and segmentation
faults), which are normally expected to instantly terminate the process but can
do other things if you change signal disposition for them.
2020-05-26 14:35:10 +02:00
Andreas Kling
b3736c1b1e Kernel: Use a FlatPtr for the "argument" to ioctl()
Since it's often used to pass pointers, it should really be a FlatPtr.
2020-05-23 15:25:43 +02:00
Andreas Kling
f7a75598bb Kernel: Remove Process::any_thread()
This was a holdover from the old times when each Process had a special
main thread with TID 0. Using it was a total crapshoot since it would
just return whichever thread was first on the process's thread list.

Now that I've removed all uses of it, we don't need it anymore. :^)
2020-05-16 12:40:15 +02:00
Andreas Kling
0e7f85c24a Kernel: Sending a signal to a process now goes to the main thread
Instead of falling back to the suspicious "any_thread()" mechanism,
just fail with ESRCH if you try to kill() a PID that doesn't have a
corresponding TID.
2020-05-16 12:33:48 +02:00
Andreas Kling
21d5f4ada1 Kernel: Absorb LibBareMetal back into the kernel
This was supposed to be the foundation for some kind of pre-kernel
environment, but nobody is working on it right now, so let's move
everything back into the kernel and remove all the confusion.
2020-05-16 12:00:04 +02:00
Andreas Kling
2dc051c866 Kernel: Remove sys$getdtablesize()
I'm not sure why this was a syscall. If we need this we can add it in
LibC as a wrapper around sysconf(_SC_OPEN_MAX).
2020-05-16 11:34:01 +02:00