diff --git a/Kernel/Graphics/FramebufferDevice.cpp b/Kernel/Graphics/FramebufferDevice.cpp index db7965b2f1..73b50f1226 100644 --- a/Kernel/Graphics/FramebufferDevice.cpp +++ b/Kernel/Graphics/FramebufferDevice.cpp @@ -29,7 +29,7 @@ NonnullRefPtr FramebufferDevice::create(const GenericGraphics ErrorOr FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared) { - process.require_promise(Pledge::video); + TRY(process.require_promise(Pledge::video)); SpinlockLocker lock(m_activation_lock); if (!shared) return ENODEV; diff --git a/Kernel/Graphics/GenericFramebufferDevice.cpp b/Kernel/Graphics/GenericFramebufferDevice.cpp index 4e7b8a5276..80f4ba9032 100644 --- a/Kernel/Graphics/GenericFramebufferDevice.cpp +++ b/Kernel/Graphics/GenericFramebufferDevice.cpp @@ -33,7 +33,7 @@ ErrorOr GenericFramebufferDevice::verify_head_index(int head_index) const ErrorOr GenericFramebufferDevice::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::video); + TRY(Process::current().require_promise(Pledge::video)); switch (request) { case FB_IOCTL_GET_PROPERTIES: { auto user_properties = static_ptr_cast(arg); diff --git a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp index 979c1d9baa..3aa32bbd65 100644 --- a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp +++ b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp @@ -257,7 +257,7 @@ void FramebufferDevice::set_buffer(int buffer_index) ErrorOr FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared) { - process.require_promise(Pledge::video); + TRY(process.require_promise(Pledge::video)); if (!shared) return ENODEV; if (offset != 0 || !m_framebuffer) diff --git a/Kernel/Net/IPv4Socket.cpp b/Kernel/Net/IPv4Socket.cpp index 13fd0c3220..a061b26208 100644 --- a/Kernel/Net/IPv4Socket.cpp +++ b/Kernel/Net/IPv4Socket.cpp @@ -607,7 +607,7 @@ ErrorOr IPv4Socket::getsockopt(OpenFileDescription& description, int level ErrorOr IPv4Socket::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::inet); + TRY(Process::current().require_promise(Pledge::inet)); auto ioctl_route = [request, arg]() -> ErrorOr { auto user_route = static_ptr_cast(arg); diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 96d07ee458..8496b68a08 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -863,26 +863,25 @@ static constexpr StringView to_string(Pledge promise) VERIFY_NOT_REACHED(); } -void Process::require_no_promises() const +ErrorOr Process::require_no_promises() const { if (!has_promises()) - return; + return {}; dbgln("Has made a promise"); - Process::current().crash(SIGABRT, 0); - VERIFY_NOT_REACHED(); + return EPROMISEVIOLATION; } -void Process::require_promise(Pledge promise) +ErrorOr Process::require_promise(Pledge promise) { if (!has_promises()) - return; + return {}; if (has_promised(promise)) - return; + return {}; dbgln("Has not pledged {}", to_string(promise)); (void)try_set_coredump_property("pledge_violation"sv, to_string(promise)); - crash(SIGABRT, 0); + return EPROMISEVIOLATION; } } diff --git a/Kernel/Process.h b/Kernel/Process.h index 8085ef21be..eef9f2c88d 100644 --- a/Kernel/Process.h +++ b/Kernel/Process.h @@ -508,8 +508,8 @@ public: VirtualAddress signal_trampoline() const { return m_protected_values.signal_trampoline; } - void require_promise(Pledge); - void require_no_promises() const; + ErrorOr require_promise(Pledge); + ErrorOr require_no_promises() const; private: friend class MemoryManager; diff --git a/Kernel/Syscall.cpp b/Kernel/Syscall.cpp index cd6199153a..ccb7069efd 100644 --- a/Kernel/Syscall.cpp +++ b/Kernel/Syscall.cpp @@ -234,6 +234,10 @@ NEVER_INLINE void syscall_handler(TrapFrame* trap) // Check if we're supposed to return to userspace or just die. current_thread->die_if_needed(); + // Crash any processes which have commited a promise violation during syscall handling. + if (result.is_error() && result.error().code() == EPROMISEVIOLATION) + process.crash(SIGABRT, 0); + VERIFY(!g_scheduler_lock.is_locked_by_current_processor()); } diff --git a/Kernel/Syscalls/access.cpp b/Kernel/Syscalls/access.cpp index 0281fd1170..96537207f6 100644 --- a/Kernel/Syscalls/access.cpp +++ b/Kernel/Syscalls/access.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$access(Userspace user_path, size_t path_length, int mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().access(path->view(), mode, current_directory())); return 0; diff --git a/Kernel/Syscalls/alarm.cpp b/Kernel/Syscalls/alarm.cpp index 16d23998eb..577a11b315 100644 --- a/Kernel/Syscalls/alarm.cpp +++ b/Kernel/Syscalls/alarm.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$alarm(unsigned seconds) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); unsigned previous_alarm_remaining = 0; if (m_alarm_timer) { bool was_in_use = false; diff --git a/Kernel/Syscalls/anon_create.cpp b/Kernel/Syscalls/anon_create.cpp index 8ffd493186..e4f3a93512 100644 --- a/Kernel/Syscalls/anon_create.cpp +++ b/Kernel/Syscalls/anon_create.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$anon_create(size_t size, int options) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!size) return EINVAL; diff --git a/Kernel/Syscalls/chdir.cpp b/Kernel/Syscalls/chdir.cpp index 9eae9896ce..b12829c161 100644 --- a/Kernel/Syscalls/chdir.cpp +++ b/Kernel/Syscalls/chdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$chdir(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); m_cwd = TRY(VirtualFileSystem::the().open_directory(path->view(), current_directory())); return 0; @@ -22,7 +22,7 @@ ErrorOr Process::sys$chdir(Userspace user_path, size_t pat ErrorOr Process::sys$fchdir(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); if (!description->is_directory()) return ENOTDIR; @@ -35,7 +35,7 @@ ErrorOr Process::sys$fchdir(int fd) ErrorOr Process::sys$getcwd(Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); if (size > NumericLimits::max()) return EINVAL; diff --git a/Kernel/Syscalls/chmod.cpp b/Kernel/Syscalls/chmod.cpp index 56629b5293..34af280f07 100644 --- a/Kernel/Syscalls/chmod.cpp +++ b/Kernel/Syscalls/chmod.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$chmod(Userspace user_path, size_t path_length, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().chmod(path->view(), mode, current_directory())); return 0; @@ -22,7 +22,7 @@ ErrorOr Process::sys$chmod(Userspace user_path, size_t pat ErrorOr Process::sys$fchmod(int fd, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto description = TRY(fds().open_file_description(fd)); TRY(description->chmod(mode)); return 0; diff --git a/Kernel/Syscalls/chown.cpp b/Kernel/Syscalls/chown.cpp index 33d602b5a3..92172fed61 100644 --- a/Kernel/Syscalls/chown.cpp +++ b/Kernel/Syscalls/chown.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$fchown(int fd, UserID uid, GroupID gid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::chown); + TRY(require_promise(Pledge::chown)); auto description = TRY(fds().open_file_description(fd)); TRY(description->chown(uid, gid)); return 0; @@ -21,7 +21,7 @@ ErrorOr Process::sys$fchown(int fd, UserID uid, GroupID gid) ErrorOr Process::sys$chown(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::chown); + TRY(require_promise(Pledge::chown)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); TRY(VirtualFileSystem::the().chown(path->view(), params.uid, params.gid, current_directory())); diff --git a/Kernel/Syscalls/clock.cpp b/Kernel/Syscalls/clock.cpp index 0a121012e2..4c47ea7e56 100644 --- a/Kernel/Syscalls/clock.cpp +++ b/Kernel/Syscalls/clock.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$map_time_page() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto& vmobject = TimeManagement::the().time_page_vmobject(); @@ -25,7 +25,7 @@ ErrorOr Process::sys$map_time_page() ErrorOr Process::sys$clock_gettime(clockid_t clock_id, Userspace user_ts) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!TimeManagement::is_valid_clock_id(clock_id)) return EINVAL; @@ -38,7 +38,7 @@ ErrorOr Process::sys$clock_gettime(clockid_t clock_id, Userspace Process::sys$clock_settime(clockid_t clock_id, Userspace user_ts) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::settime); + TRY(require_promise(Pledge::settime)); if (!is_superuser()) return EPERM; @@ -58,7 +58,7 @@ ErrorOr Process::sys$clock_settime(clockid_t clock_id, Userspace Process::sys$clock_nanosleep(Userspace user_params) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto requested_sleep = TRY(copy_time_from_user(params.requested_sleep)); @@ -105,7 +105,7 @@ ErrorOr Process::sys$adjtime(Userspace user_delta, User } if (user_delta) { - require_promise(Pledge::settime); + TRY(require_promise(Pledge::settime)); if (!is_superuser()) return EPERM; auto delta = TRY(copy_time_from_user(user_delta)); diff --git a/Kernel/Syscalls/disown.cpp b/Kernel/Syscalls/disown.cpp index a83851e6e0..46bb38f3dc 100644 --- a/Kernel/Syscalls/disown.cpp +++ b/Kernel/Syscalls/disown.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$disown(ProcessID pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto process = Process::from_pid(pid); if (!process) return ESRCH; diff --git a/Kernel/Syscalls/dup2.cpp b/Kernel/Syscalls/dup2.cpp index d97282e595..43c642b517 100644 --- a/Kernel/Syscalls/dup2.cpp +++ b/Kernel/Syscalls/dup2.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$dup2(int old_fd, int new_fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(old_fd)); if (old_fd == new_fd) return new_fd; diff --git a/Kernel/Syscalls/execve.cpp b/Kernel/Syscalls/execve.cpp index cad556b382..aeb6f5cbea 100644 --- a/Kernel/Syscalls/execve.cpp +++ b/Kernel/Syscalls/execve.cpp @@ -859,7 +859,7 @@ ErrorOr Process::exec(NonnullOwnPtr path, NonnullOwnPtrVector Process::sys$execve(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::exec); + TRY(require_promise(Pledge::exec)); // NOTE: Be extremely careful with allocating any kernel memory in exec(). // On success, the kernel stack will be lost. diff --git a/Kernel/Syscalls/fcntl.cpp b/Kernel/Syscalls/fcntl.cpp index d2a0928e47..c7b83e89a7 100644 --- a/Kernel/Syscalls/fcntl.cpp +++ b/Kernel/Syscalls/fcntl.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$fcntl(int fd, int cmd, u32 arg) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); dbgln_if(IO_DEBUG, "sys$fcntl: fd={}, cmd={}, arg={}", fd, cmd, arg); auto description = TRY(fds().open_file_description(fd)); // NOTE: The FD flags are not shared between OpenFileDescription objects. diff --git a/Kernel/Syscalls/fork.cpp b/Kernel/Syscalls/fork.cpp index 7ee4768d70..711f0d4947 100644 --- a/Kernel/Syscalls/fork.cpp +++ b/Kernel/Syscalls/fork.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$fork(RegisterState& regs) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); RefPtr child_first_thread; auto child_name = TRY(m_name->try_clone()); auto child = TRY(Process::try_create(child_first_thread, move(child_name), uid(), gid(), pid(), m_is_kernel_process, m_cwd, m_executable, m_tty, this)); diff --git a/Kernel/Syscalls/fsync.cpp b/Kernel/Syscalls/fsync.cpp index 630a1a0ee1..15fda4ac2e 100644 --- a/Kernel/Syscalls/fsync.cpp +++ b/Kernel/Syscalls/fsync.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$fsync(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); TRY(description->sync()); return 0; diff --git a/Kernel/Syscalls/ftruncate.cpp b/Kernel/Syscalls/ftruncate.cpp index 72232306dd..ad32a4ad76 100644 --- a/Kernel/Syscalls/ftruncate.cpp +++ b/Kernel/Syscalls/ftruncate.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$ftruncate(int fd, Userspace userspace_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto length = TRY(copy_typed_from_user(userspace_length)); if (length < 0) return EINVAL; diff --git a/Kernel/Syscalls/get_dir_entries.cpp b/Kernel/Syscalls/get_dir_entries.cpp index 9e1c0104f1..763326b0f6 100644 --- a/Kernel/Syscalls/get_dir_entries.cpp +++ b/Kernel/Syscalls/get_dir_entries.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$get_dir_entries(int fd, Userspace user_buffer, size_t user_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (user_size > NumericLimits::max()) return EINVAL; auto description = TRY(fds().open_file_description(fd)); diff --git a/Kernel/Syscalls/getrandom.cpp b/Kernel/Syscalls/getrandom.cpp index 2a8aa6cfcd..6fcea76042 100644 --- a/Kernel/Syscalls/getrandom.cpp +++ b/Kernel/Syscalls/getrandom.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$getrandom(Userspace buffer, size_t buffer_size, [[maybe_unused]] unsigned flags) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (buffer_size > NumericLimits::max()) return EINVAL; diff --git a/Kernel/Syscalls/getuid.cpp b/Kernel/Syscalls/getuid.cpp index 65ce3afb62..0b2d48aa8a 100644 --- a/Kernel/Syscalls/getuid.cpp +++ b/Kernel/Syscalls/getuid.cpp @@ -11,35 +11,35 @@ namespace Kernel { ErrorOr Process::sys$getuid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return uid().value(); } ErrorOr Process::sys$getgid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return gid().value(); } ErrorOr Process::sys$geteuid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return euid().value(); } ErrorOr Process::sys$getegid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return egid().value(); } ErrorOr Process::sys$getresuid(Userspace ruid, Userspace euid, Userspace suid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(copy_to_user(ruid, &m_protected_values.uid)); TRY(copy_to_user(euid, &m_protected_values.euid)); TRY(copy_to_user(suid, &m_protected_values.suid)); @@ -49,7 +49,7 @@ ErrorOr Process::sys$getresuid(Userspace ruid, Userspace Process::sys$getresgid(Userspace rgid, Userspace egid, Userspace sgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(copy_to_user(rgid, &m_protected_values.gid)); TRY(copy_to_user(egid, &m_protected_values.egid)); TRY(copy_to_user(sgid, &m_protected_values.sgid)); @@ -59,7 +59,7 @@ ErrorOr Process::sys$getresgid(Userspace rgid, Userspace Process::sys$getgroups(size_t count, Userspace user_gids) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!count) return extra_gids().size(); if (count != extra_gids().size()) diff --git a/Kernel/Syscalls/hostname.cpp b/Kernel/Syscalls/hostname.cpp index ee087923fa..1d84189087 100644 --- a/Kernel/Syscalls/hostname.cpp +++ b/Kernel/Syscalls/hostname.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$gethostname(Userspace buffer, size_t size) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size > NumericLimits::max()) return EINVAL; return hostname().with_shared([&](const auto& name) -> ErrorOr { @@ -25,7 +25,7 @@ ErrorOr Process::sys$gethostname(Userspace buffer, size_t size) ErrorOr Process::sys$sethostname(Userspace buffer, size_t length) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; diff --git a/Kernel/Syscalls/inode_watcher.cpp b/Kernel/Syscalls/inode_watcher.cpp index 2fcb899fd9..6dc8b387bb 100644 --- a/Kernel/Syscalls/inode_watcher.cpp +++ b/Kernel/Syscalls/inode_watcher.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$create_inode_watcher(u32 flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto fd_allocation = TRY(m_fds.allocate()); auto watcher = TRY(InodeWatcher::try_create()); @@ -37,7 +37,7 @@ ErrorOr Process::sys$create_inode_watcher(u32 flags) ErrorOr Process::sys$inode_watcher_add_watch(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto description = TRY(fds().open_file_description(params.fd)); diff --git a/Kernel/Syscalls/keymap.cpp b/Kernel/Syscalls/keymap.cpp index ebf46ad8db..fe656e4391 100644 --- a/Kernel/Syscalls/keymap.cpp +++ b/Kernel/Syscalls/keymap.cpp @@ -14,7 +14,7 @@ constexpr size_t map_name_max_size = 50; ErrorOr Process::sys$setkeymap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::setkeymap); + TRY(require_promise(Pledge::setkeymap)); if (!is_superuser()) return EPERM; @@ -40,7 +40,7 @@ ErrorOr Process::sys$setkeymap(Userspace Process::sys$getkeymap(Userspace user_params) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::getkeymap); + TRY(require_promise(Pledge::getkeymap)); auto params = TRY(copy_typed_from_user(user_params)); String keymap_name = HIDManagement::the().keymap_name(); diff --git a/Kernel/Syscalls/kill.cpp b/Kernel/Syscalls/kill.cpp index abd38e9ecb..66067584e5 100644 --- a/Kernel/Syscalls/kill.cpp +++ b/Kernel/Syscalls/kill.cpp @@ -99,9 +99,9 @@ ErrorOr Process::sys$kill(pid_t pid_or_pgid, int signal) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) if (pid_or_pgid == pid().value()) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); else - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (signal < 0 || signal >= 32) return EINVAL; @@ -130,7 +130,7 @@ ErrorOr Process::sys$kill(pid_t pid_or_pgid, int signal) ErrorOr Process::sys$killpg(pid_t pgrp, int signum) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (signum < 1 || signum >= 32) return EINVAL; if (pgrp < 0) diff --git a/Kernel/Syscalls/link.cpp b/Kernel/Syscalls/link.cpp index 2a5ed3fefd..9cbb382d68 100644 --- a/Kernel/Syscalls/link.cpp +++ b/Kernel/Syscalls/link.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$link(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto old_path = TRY(try_copy_kstring_from_user(params.old_path)); auto new_path = TRY(try_copy_kstring_from_user(params.new_path)); @@ -24,7 +24,7 @@ ErrorOr Process::sys$link(Userspace use ErrorOr Process::sys$symlink(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto target = TRY(get_syscall_path_argument(params.target)); diff --git a/Kernel/Syscalls/lseek.cpp b/Kernel/Syscalls/lseek.cpp index 76a63547cf..e2ed624f80 100644 --- a/Kernel/Syscalls/lseek.cpp +++ b/Kernel/Syscalls/lseek.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$lseek(int fd, Userspace userspace_offset, int whence) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); off_t offset; TRY(copy_from_user(&offset, userspace_offset)); diff --git a/Kernel/Syscalls/mkdir.cpp b/Kernel/Syscalls/mkdir.cpp index aafc4fb4ed..cd193bf778 100644 --- a/Kernel/Syscalls/mkdir.cpp +++ b/Kernel/Syscalls/mkdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$mkdir(Userspace user_path, size_t path_length, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().mkdir(path->view(), mode & ~umask(), current_directory())); return 0; diff --git a/Kernel/Syscalls/mknod.cpp b/Kernel/Syscalls/mknod.cpp index 8ad02c5bfd..41d2603731 100644 --- a/Kernel/Syscalls/mknod.cpp +++ b/Kernel/Syscalls/mknod.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$mknod(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::dpath); + TRY(require_promise(Pledge::dpath)); auto params = TRY(copy_typed_from_user(user_params)); if (!is_superuser() && !is_regular_file(params.mode) && !is_fifo(params.mode) && !is_socket(params.mode)) diff --git a/Kernel/Syscalls/mmap.cpp b/Kernel/Syscalls/mmap.cpp index 7eb33c605f..cf06604220 100644 --- a/Kernel/Syscalls/mmap.cpp +++ b/Kernel/Syscalls/mmap.cpp @@ -120,7 +120,7 @@ static bool validate_inode_mmap_prot(const Process& process, int prot, const Ino ErrorOr Process::sys$mmap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto addr = (FlatPtr)params.addr; @@ -132,11 +132,11 @@ ErrorOr Process::sys$mmap(Userspace use auto offset = params.offset; if (prot & PROT_EXEC) { - require_promise(Pledge::prot_exec); + TRY(require_promise(Pledge::prot_exec)); } if (prot & MAP_FIXED || prot & MAP_FIXED_NOREPLACE) { - require_promise(Pledge::map_fixed); + TRY(require_promise(Pledge::map_fixed)); } if (alignment & ~PAGE_MASK) @@ -253,10 +253,10 @@ ErrorOr Process::sys$mmap(Userspace use ErrorOr Process::sys$mprotect(Userspace addr, size_t size, int prot) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (prot & PROT_EXEC) { - require_promise(Pledge::prot_exec); + TRY(require_promise(Pledge::prot_exec)); } auto range_to_mprotect = TRY(Memory::expand_range_to_page_boundaries(addr.ptr(), size)); @@ -395,7 +395,7 @@ ErrorOr Process::sys$mprotect(Userspace addr, size_t size, int p ErrorOr Process::sys$madvise(Userspace address, size_t size, int advice) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto range_to_madvise = TRY(Memory::expand_range_to_page_boundaries(address.ptr(), size)); @@ -426,7 +426,7 @@ ErrorOr Process::sys$madvise(Userspace address, size_t size, int ErrorOr Process::sys$set_mmap_name(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); if (params.name.length > PATH_MAX) @@ -450,7 +450,7 @@ ErrorOr Process::sys$set_mmap_name(Userspace Process::sys$munmap(Userspace addr, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(address_space().unmap_mmap_range(addr.vaddr(), size)); return 0; } @@ -458,7 +458,7 @@ ErrorOr Process::sys$munmap(Userspace addr, size_t size) ErrorOr Process::sys$mremap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto old_range = TRY(Memory::expand_range_to_page_boundaries((FlatPtr)params.old_address, params.old_size)); @@ -495,7 +495,7 @@ ErrorOr Process::sys$mremap(Userspace ErrorOr Process::sys$allocate_tls(Userspace initial_data, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!size || size % PAGE_SIZE != 0) return EINVAL; diff --git a/Kernel/Syscalls/mount.cpp b/Kernel/Syscalls/mount.cpp index 0fd05ae7a3..73c1976e3c 100644 --- a/Kernel/Syscalls/mount.cpp +++ b/Kernel/Syscalls/mount.cpp @@ -21,7 +21,7 @@ namespace Kernel { ErrorOr Process::sys$mount(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; @@ -120,7 +120,7 @@ ErrorOr Process::sys$umount(Userspace user_mountpoint, siz if (!is_superuser()) return EPERM; - require_no_promises(); + TRY(require_no_promises()); auto mountpoint = TRY(get_syscall_path_argument(user_mountpoint, mountpoint_length)); auto custody = TRY(VirtualFileSystem::the().resolve_path(mountpoint->view(), current_directory())); diff --git a/Kernel/Syscalls/open.cpp b/Kernel/Syscalls/open.cpp index c10d438358..26dc679976 100644 --- a/Kernel/Syscalls/open.cpp +++ b/Kernel/Syscalls/open.cpp @@ -27,12 +27,12 @@ ErrorOr Process::sys$open(Userspace use return EINVAL; if (options & O_WRONLY) - require_promise(Pledge::wpath); + TRY(require_promise(Pledge::wpath)); else if (options & O_RDONLY) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); if (options & O_CREAT) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); // Ignore everything except permission bits. mode &= 0777; @@ -67,7 +67,7 @@ ErrorOr Process::sys$open(Userspace use ErrorOr Process::sys$close(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto result = description->close(); m_fds[fd] = {}; diff --git a/Kernel/Syscalls/pipe.cpp b/Kernel/Syscalls/pipe.cpp index 46cc66897d..90cd2ddb49 100644 --- a/Kernel/Syscalls/pipe.cpp +++ b/Kernel/Syscalls/pipe.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$pipe(int pipefd[2], int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (fds().open_count() + 2 > OpenFileDescriptions::max_open()) return EMFILE; // Reject flags other than O_CLOEXEC, O_NONBLOCK diff --git a/Kernel/Syscalls/poll.cpp b/Kernel/Syscalls/poll.cpp index 946929fc8b..8c63ee51c2 100644 --- a/Kernel/Syscalls/poll.cpp +++ b/Kernel/Syscalls/poll.cpp @@ -17,7 +17,7 @@ using BlockFlags = Thread::FileBlocker::BlockFlags; ErrorOr Process::sys$poll(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); diff --git a/Kernel/Syscalls/process.cpp b/Kernel/Syscalls/process.cpp index 09bee8b794..036bf1df4d 100644 --- a/Kernel/Syscalls/process.cpp +++ b/Kernel/Syscalls/process.cpp @@ -12,21 +12,21 @@ namespace Kernel { ErrorOr Process::sys$getpid() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return pid().value(); } ErrorOr Process::sys$getppid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return m_protected_values.ppid.value(); } ErrorOr Process::sys$get_process_name(Userspace buffer, size_t buffer_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (m_name->length() + 1 > buffer_size) return ENAMETOOLONG; @@ -37,7 +37,7 @@ ErrorOr Process::sys$get_process_name(Userspace buffer, size_t b ErrorOr Process::sys$set_process_name(Userspace user_name, size_t user_name_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (user_name_length > 256) return ENAMETOOLONG; auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length)); diff --git a/Kernel/Syscalls/profiling.cpp b/Kernel/Syscalls/profiling.cpp index ed54d9ea15..1fd23a6fba 100644 --- a/Kernel/Syscalls/profiling.cpp +++ b/Kernel/Syscalls/profiling.cpp @@ -19,7 +19,7 @@ u64 g_profiling_event_mask; ErrorOr Process::sys$profiling_enable(pid_t pid, u64 event_mask) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) @@ -69,7 +69,7 @@ ErrorOr Process::sys$profiling_enable(pid_t pid, u64 event_mask) ErrorOr Process::sys$profiling_disable(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) @@ -99,7 +99,7 @@ ErrorOr Process::sys$profiling_disable(pid_t pid) ErrorOr Process::sys$profiling_free_buffer(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) diff --git a/Kernel/Syscalls/ptrace.cpp b/Kernel/Syscalls/ptrace.cpp index 0660c57b0c..59fd80e249 100644 --- a/Kernel/Syscalls/ptrace.cpp +++ b/Kernel/Syscalls/ptrace.cpp @@ -159,7 +159,7 @@ static ErrorOr handle_ptrace(const Kernel::Syscall::SC_ptrace_params& p ErrorOr Process::sys$ptrace(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::ptrace); + TRY(require_promise(Pledge::ptrace)); auto params = TRY(copy_typed_from_user(user_params)); return handle_ptrace(params, *this); diff --git a/Kernel/Syscalls/purge.cpp b/Kernel/Syscalls/purge.cpp index 722c67166f..e690a79df5 100644 --- a/Kernel/Syscalls/purge.cpp +++ b/Kernel/Syscalls/purge.cpp @@ -15,7 +15,7 @@ namespace Kernel { ErrorOr Process::sys$purge(int mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; size_t purged_page_count = 0; diff --git a/Kernel/Syscalls/read.cpp b/Kernel/Syscalls/read.cpp index e481c21ff5..21916c7a57 100644 --- a/Kernel/Syscalls/read.cpp +++ b/Kernel/Syscalls/read.cpp @@ -40,7 +40,7 @@ static ErrorOr check_blocked_read(OpenFileDescription* description) ErrorOr Process::sys$readv(int fd, Userspace iov, int iov_count) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (iov_count < 0) return EINVAL; @@ -74,7 +74,7 @@ ErrorOr Process::sys$readv(int fd, Userspace iov, ErrorOr Process::sys$read(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) @@ -91,7 +91,7 @@ ErrorOr Process::sys$read(int fd, Userspace buffer, size_t size) ErrorOr Process::sys$pread(int fd, Userspace buffer, size_t size, Userspace userspace_offset) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) diff --git a/Kernel/Syscalls/readlink.cpp b/Kernel/Syscalls/readlink.cpp index f641e64159..9684705b39 100644 --- a/Kernel/Syscalls/readlink.cpp +++ b/Kernel/Syscalls/readlink.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$readlink(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/realpath.cpp b/Kernel/Syscalls/realpath.cpp index f8e28dd5f7..e1feed2eb7 100644 --- a/Kernel/Syscalls/realpath.cpp +++ b/Kernel/Syscalls/realpath.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$realpath(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/rename.cpp b/Kernel/Syscalls/rename.cpp index 02671d1670..39ebb9bef4 100644 --- a/Kernel/Syscalls/rename.cpp +++ b/Kernel/Syscalls/rename.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$rename(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto old_path = TRY(get_syscall_path_argument(params.old_path)); auto new_path = TRY(get_syscall_path_argument(params.new_path)); diff --git a/Kernel/Syscalls/rmdir.cpp b/Kernel/Syscalls/rmdir.cpp index e570f562c5..0371c267fa 100644 --- a/Kernel/Syscalls/rmdir.cpp +++ b/Kernel/Syscalls/rmdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$rmdir(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().rmdir(path->view(), current_directory())); return 0; diff --git a/Kernel/Syscalls/sched.cpp b/Kernel/Syscalls/sched.cpp index 07986209af..e8abc88955 100644 --- a/Kernel/Syscalls/sched.cpp +++ b/Kernel/Syscalls/sched.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$yield() { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); Thread::current()->yield_without_releasing_big_lock(); return 0; } @@ -19,7 +19,7 @@ ErrorOr Process::sys$yield() ErrorOr Process::sys$sched_setparam(int pid, Userspace user_param) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto param = TRY(copy_typed_from_user(user_param)); if (param.sched_priority < THREAD_PRIORITY_MIN || param.sched_priority > THREAD_PRIORITY_MAX) @@ -43,7 +43,7 @@ ErrorOr Process::sys$sched_setparam(int pid, Userspace Process::sys$sched_getparam(pid_t pid, Userspace user_param) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); int priority; { auto* peer = Thread::current(); diff --git a/Kernel/Syscalls/sendfd.cpp b/Kernel/Syscalls/sendfd.cpp index 66880344d7..4c1dd274ee 100644 --- a/Kernel/Syscalls/sendfd.cpp +++ b/Kernel/Syscalls/sendfd.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$sendfd(int sockfd, int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sendfd); + TRY(require_promise(Pledge::sendfd)); auto socket_description = TRY(fds().open_file_description(sockfd)); if (!socket_description->is_socket()) return ENOTSOCK; @@ -32,7 +32,7 @@ ErrorOr Process::sys$sendfd(int sockfd, int fd) ErrorOr Process::sys$recvfd(int sockfd, int options) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::recvfd); + TRY(require_promise(Pledge::recvfd)); auto socket_description = TRY(fds().open_file_description(sockfd)); if (!socket_description->is_socket()) return ENOTSOCK; diff --git a/Kernel/Syscalls/setpgid.cpp b/Kernel/Syscalls/setpgid.cpp index 2abf7b7a90..9d3f58e13d 100644 --- a/Kernel/Syscalls/setpgid.cpp +++ b/Kernel/Syscalls/setpgid.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$getsid(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (pid == 0) return sid().value(); auto process = Process::from_pid(pid); @@ -27,7 +27,7 @@ ErrorOr Process::sys$getsid(pid_t pid) ErrorOr Process::sys$setsid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); InterruptDisabler disabler; bool found_process_with_same_pgid_as_my_pid = false; Process::for_each_in_pgrp(pid().value(), [&](auto&) { @@ -48,7 +48,7 @@ ErrorOr Process::sys$setsid() ErrorOr Process::sys$getpgid(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (pid == 0) return pgid().value(); auto process = Process::from_pid(pid); @@ -60,7 +60,7 @@ ErrorOr Process::sys$getpgid(pid_t pid) ErrorOr Process::sys$getpgrp() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return pgid().value(); } @@ -80,7 +80,7 @@ SessionID Process::get_sid_from_pgid(ProcessGroupID pgid) ErrorOr Process::sys$setpgid(pid_t specified_pid, pid_t specified_pgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); ProcessID pid = specified_pid ? ProcessID(specified_pid) : this->pid(); if (specified_pgid < 0) { // The value of the pgid argument is less than 0, or is not a value supported by the implementation. diff --git a/Kernel/Syscalls/setuid.cpp b/Kernel/Syscalls/setuid.cpp index be0531745c..3968422936 100644 --- a/Kernel/Syscalls/setuid.cpp +++ b/Kernel/Syscalls/setuid.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$seteuid(UserID new_euid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_euid == (uid_t)-1) return EINVAL; @@ -31,7 +31,7 @@ ErrorOr Process::sys$seteuid(UserID new_euid) ErrorOr Process::sys$setegid(GroupID new_egid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_egid == (uid_t)-1) return EINVAL; @@ -50,7 +50,7 @@ ErrorOr Process::sys$setegid(GroupID new_egid) ErrorOr Process::sys$setuid(UserID new_uid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_uid == (uid_t)-1) return EINVAL; @@ -71,7 +71,7 @@ ErrorOr Process::sys$setuid(UserID new_uid) ErrorOr Process::sys$setgid(GroupID new_gid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_gid == (uid_t)-1) return EINVAL; @@ -92,7 +92,7 @@ ErrorOr Process::sys$setgid(GroupID new_gid) ErrorOr Process::sys$setreuid(UserID new_ruid, UserID new_euid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_ruid == (uid_t)-1) new_ruid = uid(); @@ -118,7 +118,7 @@ ErrorOr Process::sys$setreuid(UserID new_ruid, UserID new_euid) ErrorOr Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID new_suid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_ruid == (uid_t)-1) new_ruid = uid(); @@ -144,7 +144,7 @@ ErrorOr Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID ErrorOr Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, GroupID new_sgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_rgid == (gid_t)-1) new_rgid = gid(); @@ -170,7 +170,7 @@ ErrorOr Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, Grou ErrorOr Process::sys$setgroups(size_t count, Userspace user_gids) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (!is_superuser()) return EPERM; diff --git a/Kernel/Syscalls/sigaction.cpp b/Kernel/Syscalls/sigaction.cpp index ce634685b6..411ecd99e7 100644 --- a/Kernel/Syscalls/sigaction.cpp +++ b/Kernel/Syscalls/sigaction.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$sigprocmask(int how, Userspace set, Userspace old_set) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); auto* current_thread = Thread::current(); u32 previous_signal_mask; if (set) { @@ -44,7 +44,7 @@ ErrorOr Process::sys$sigprocmask(int how, Userspace se ErrorOr Process::sys$sigpending(Userspace set) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto pending_signals = Thread::current()->pending_signals(); TRY(copy_to_user(set, &pending_signals)); return 0; @@ -53,7 +53,7 @@ ErrorOr Process::sys$sigpending(Userspace set) ErrorOr Process::sys$sigaction(int signum, Userspace user_act, Userspace user_old_act) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); if (signum < 1 || signum >= 32 || signum == SIGKILL || signum == SIGSTOP) return EINVAL; @@ -76,7 +76,7 @@ ErrorOr Process::sys$sigaction(int signum, Userspace ErrorOr Process::sys$sigreturn([[maybe_unused]] RegisterState& registers) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); SmapDisabler disabler; #if ARCH(I386) @@ -258,7 +258,7 @@ ErrorOr Process::remap_range_as_stack(FlatPtr address, size_t size) ErrorOr Process::sys$sigaltstack(Userspace user_ss, Userspace user_old_ss) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); if (user_old_ss) { stack_t old_ss_value {}; @@ -307,7 +307,7 @@ ErrorOr Process::sys$sigaltstack(Userspace user_ss, Use ErrorOr Process::sys$sigtimedwait(Userspace set, Userspace info, Userspace timeout) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); sigset_t set_value; TRY(copy_from_user(&set_value, set)); diff --git a/Kernel/Syscalls/socket.cpp b/Kernel/Syscalls/socket.cpp index fc5fd9be9f..bca00d5209 100644 --- a/Kernel/Syscalls/socket.cpp +++ b/Kernel/Syscalls/socket.cpp @@ -14,9 +14,9 @@ namespace Kernel { #define REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(domain) \ do { \ if (domain == AF_INET) \ - require_promise(Pledge::inet); \ + TRY(require_promise(Pledge::inet)); \ else if (domain == AF_LOCAL) \ - require_promise(Pledge::unix); \ + TRY(require_promise(Pledge::unix)); \ } while (0) void Process::setup_socket_fd(int fd, NonnullRefPtr description, int type) @@ -76,7 +76,7 @@ ErrorOr Process::sys$listen(int sockfd, int backlog) ErrorOr Process::sys$accept4(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::accept); + TRY(require_promise(Pledge::accept)); auto params = TRY(copy_typed_from_user(user_params)); int accepting_socket_fd = params.sockfd; @@ -146,7 +146,7 @@ ErrorOr Process::sys$connect(int sockfd, Userspace use ErrorOr Process::sys$shutdown(int sockfd, int how) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (how & ~SHUT_RDWR) return EINVAL; auto description = TRY(fds().open_file_description(sockfd)); @@ -161,7 +161,7 @@ ErrorOr Process::sys$shutdown(int sockfd, int how) ErrorOr Process::sys$sendmsg(int sockfd, Userspace user_msg, int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto msg = TRY(copy_typed_from_user(user_msg)); if (msg.msg_iovlen != 1) @@ -189,7 +189,7 @@ ErrorOr Process::sys$sendmsg(int sockfd, Userspace Process::sys$recvmsg(int sockfd, Userspace user_msg, int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); struct msghdr msg; TRY(copy_from_user(&msg, user_msg)); diff --git a/Kernel/Syscalls/stat.cpp b/Kernel/Syscalls/stat.cpp index 3ce8c83b5d..eb027ada40 100644 --- a/Kernel/Syscalls/stat.cpp +++ b/Kernel/Syscalls/stat.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$fstat(int fd, Userspace user_statbuf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto buffer = TRY(description->stat()); TRY(copy_to_user(user_statbuf, &buffer)); @@ -24,7 +24,7 @@ ErrorOr Process::sys$fstat(int fd, Userspace user_statbuf) ErrorOr Process::sys$stat(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/statvfs.cpp b/Kernel/Syscalls/statvfs.cpp index e917e0bda3..b78145c367 100644 --- a/Kernel/Syscalls/statvfs.cpp +++ b/Kernel/Syscalls/statvfs.cpp @@ -40,7 +40,7 @@ ErrorOr Process::do_statvfs(FileSystem const& fs, Custody const* custod ErrorOr Process::sys$statvfs(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); @@ -55,7 +55,7 @@ ErrorOr Process::sys$statvfs(Userspace Process::sys$fstatvfs(int fd, statvfs* buf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto const* inode = description->inode(); diff --git a/Kernel/Syscalls/sync.cpp b/Kernel/Syscalls/sync.cpp index f1bb331d93..6557d4e86b 100644 --- a/Kernel/Syscalls/sync.cpp +++ b/Kernel/Syscalls/sync.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$sync() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); VirtualFileSystem::sync(); return 0; } diff --git a/Kernel/Syscalls/thread.cpp b/Kernel/Syscalls/thread.cpp index 3c61eaee66..c42618efa6 100644 --- a/Kernel/Syscalls/thread.cpp +++ b/Kernel/Syscalls/thread.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$create_thread(void* (*entry)(void*), Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto params = TRY(copy_typed_from_user(user_params)); unsigned detach_state = params.detach_state; @@ -74,7 +74,12 @@ ErrorOr Process::sys$create_thread(void* (*entry)(void*), Userspace exit_value, Userspace stack_location, size_t stack_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + + auto result = require_promise(Pledge::thread); + if (result.is_error()) { + // Crash now, as we will never reach back to the syscall handler. + crash(SIGABRT, 0); + } if (this->thread_count() == 1) { // If this is the last thread, instead kill the process. @@ -98,7 +103,7 @@ void Process::sys$exit_thread(Userspace exit_value, Userspace stac ErrorOr Process::sys$detach_thread(pid_t tid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto thread = Thread::from_tid(tid); if (!thread || thread->pid() != pid()) return ESRCH; @@ -113,7 +118,7 @@ ErrorOr Process::sys$detach_thread(pid_t tid) ErrorOr Process::sys$join_thread(pid_t tid, Userspace exit_value) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto thread = Thread::from_tid(tid); if (!thread || thread->pid() != pid()) @@ -148,7 +153,7 @@ ErrorOr Process::sys$join_thread(pid_t tid, Userspace exit_valu ErrorOr Process::sys$kill_thread(pid_t tid, int signal) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); if (signal < 0 || signal >= 32) return EINVAL; @@ -166,7 +171,7 @@ ErrorOr Process::sys$kill_thread(pid_t tid, int signal) ErrorOr Process::sys$set_thread_name(pid_t tid, Userspace user_name, size_t user_name_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length)); @@ -185,7 +190,7 @@ ErrorOr Process::sys$set_thread_name(pid_t tid, Userspace ErrorOr Process::sys$get_thread_name(pid_t tid, Userspace buffer, size_t buffer_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); if (buffer_size == 0) return EINVAL; @@ -212,7 +217,7 @@ ErrorOr Process::sys$get_thread_name(pid_t tid, Userspace buffer ErrorOr Process::sys$gettid() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return Thread::current()->tid().value(); } diff --git a/Kernel/Syscalls/times.cpp b/Kernel/Syscalls/times.cpp index 6f96e7e35d..54aa6b481d 100644 --- a/Kernel/Syscalls/times.cpp +++ b/Kernel/Syscalls/times.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$times(Userspace user_times) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); tms times = {}; times.tms_utime = m_ticks_in_user; times.tms_stime = m_ticks_in_kernel; diff --git a/Kernel/Syscalls/ttyname.cpp b/Kernel/Syscalls/ttyname.cpp index d2aa5e5d46..b1f04a3c02 100644 --- a/Kernel/Syscalls/ttyname.cpp +++ b/Kernel/Syscalls/ttyname.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$ttyname(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::tty); + TRY(require_promise(Pledge::tty)); auto description = TRY(fds().open_file_description(fd)); if (!description->is_tty()) return ENOTTY; @@ -28,7 +28,7 @@ ErrorOr Process::sys$ttyname(int fd, Userspace buffer, size_t si ErrorOr Process::sys$ptsname(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::tty); + TRY(require_promise(Pledge::tty)); auto description = TRY(fds().open_file_description(fd)); auto* master_pty = description->master_pty(); if (!master_pty) diff --git a/Kernel/Syscalls/umask.cpp b/Kernel/Syscalls/umask.cpp index 1a951186f9..6018984765 100644 --- a/Kernel/Syscalls/umask.cpp +++ b/Kernel/Syscalls/umask.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$umask(mode_t mask) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto old_mask = m_protected_values.umask; ProtectedDataMutationScope scope { *this }; m_protected_values.umask = mask & 0777; diff --git a/Kernel/Syscalls/uname.cpp b/Kernel/Syscalls/uname.cpp index 67911d6723..ab6ac949ef 100644 --- a/Kernel/Syscalls/uname.cpp +++ b/Kernel/Syscalls/uname.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$uname(Userspace user_buf) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); utsname buf {}; memcpy(buf.sysname, "SerenityOS", 11); diff --git a/Kernel/Syscalls/unlink.cpp b/Kernel/Syscalls/unlink.cpp index bc4d016ffd..98526ed9f9 100644 --- a/Kernel/Syscalls/unlink.cpp +++ b/Kernel/Syscalls/unlink.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$unlink(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().unlink(path->view(), current_directory())); return 0; diff --git a/Kernel/Syscalls/utime.cpp b/Kernel/Syscalls/utime.cpp index 4b609ae1f1..b72599ab04 100644 --- a/Kernel/Syscalls/utime.cpp +++ b/Kernel/Syscalls/utime.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$utime(Userspace user_path, size_t path_length, Userspace user_buf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); utimbuf buf; if (user_buf) { diff --git a/Kernel/Syscalls/waitid.cpp b/Kernel/Syscalls/waitid.cpp index 1764c1d49b..7ac7ff4ee8 100644 --- a/Kernel/Syscalls/waitid.cpp +++ b/Kernel/Syscalls/waitid.cpp @@ -22,7 +22,7 @@ ErrorOr Process::do_waitid(Variant, Non ErrorOr Process::sys$waitid(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto params = TRY(copy_typed_from_user(user_params)); Variant, NonnullRefPtr> waitee; diff --git a/Kernel/Syscalls/write.cpp b/Kernel/Syscalls/write.cpp index e643abc03d..0cbc764a41 100644 --- a/Kernel/Syscalls/write.cpp +++ b/Kernel/Syscalls/write.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$writev(int fd, Userspace iov, int iov_count) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (iov_count < 0) return EINVAL; @@ -90,7 +90,7 @@ ErrorOr Process::do_write(OpenFileDescription& description, const UserO ErrorOr Process::sys$write(int fd, Userspace data, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) diff --git a/Kernel/TTY/MasterPTY.cpp b/Kernel/TTY/MasterPTY.cpp index 63fb020a33..1198134832 100644 --- a/Kernel/TTY/MasterPTY.cpp +++ b/Kernel/TTY/MasterPTY.cpp @@ -122,7 +122,7 @@ ErrorOr MasterPTY::close() ErrorOr MasterPTY::ioctl(OpenFileDescription& description, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::tty); + TRY(Process::current().require_promise(Pledge::tty)); if (!m_slave) return EIO; if (request == TIOCSWINSZ || request == TIOCGPGRP) diff --git a/Kernel/TTY/TTY.cpp b/Kernel/TTY/TTY.cpp index 110c8c3b74..a7424da961 100644 --- a/Kernel/TTY/TTY.cpp +++ b/Kernel/TTY/TTY.cpp @@ -475,7 +475,7 @@ ErrorOr TTY::set_termios(const termios& t) ErrorOr TTY::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { auto& current_process = Process::current(); - current_process.require_promise(Pledge::tty); + TRY(current_process.require_promise(Pledge::tty)); #if 0 // FIXME: When should we block things? // How do we make this work together with MasterPTY forwarding to us?