Kernel: Add Credentials to hold a set of user and group IDs

This patch adds a new object to hold a Process's user credentials: - UID, EUID, SUID - GID, EGID, SGID, extra GIDs Credentials are immutable and child processes initially inherit the Credentials object from their parent. Whenever a process changes one or more of its user/group IDs, a new Credentials object is constructed. Any code that wants to inspect and act on a set of credentials can now do so without worrying about data races.
2025-05-31 07:58:11 +00:00 · 2022-08-20 18:25:54 +02:00 · 2022-08-20 18:25:54 +02:00 · 122d7d9533
commit 122d7d9533
parent bec314611d
11 changed files with 366 additions and 128 deletions
--- a/Kernel/Credentials.cpp
+++ b/Kernel/Credentials.cpp
@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2022, Andreas Kling <kling@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <AK/NonnullRefPtr.h>
+#include <AK/RefPtr.h>
+#include <Kernel/Credentials.h>
+
+namespace Kernel {
+
+ErrorOr<NonnullRefPtr<Credentials>> Credentials::create(UserID uid, GroupID gid, UserID euid, GroupID egid, UserID suid, GroupID sgid, Span<GroupID const> extra_gids)
+{
+    auto extra_gids_array = TRY(FixedArray<GroupID>::try_create(extra_gids));
+    return adopt_nonnull_ref_or_enomem(new (nothrow) Credentials(uid, gid, euid, egid, suid, sgid, move(extra_gids_array)));
+}
+
+Credentials::Credentials(UserID uid, GroupID gid, UserID euid, GroupID egid, UserID suid, GroupID sgid, FixedArray<GroupID> extra_gids)
+    : m_uid(uid)
+    , m_gid(gid)
+    , m_euid(euid)
+    , m_egid(egid)
+    , m_suid(suid)
+    , m_sgid(sgid)
+    , m_extra_gids(move(extra_gids))
+{
+}
+
+Credentials::~Credentials() = default;
+
+}