From 54b9a4ec1e7c08a99508d30d150fa17bfe1ee2dc Mon Sep 17 00:00:00 2001 From: Brian Gianforcaro Date: Wed, 29 Dec 2021 01:11:45 -0800 Subject: [PATCH] Kernel: Handle promise violations in the syscall handler Previously we would crash the process immediately when a promise violation was found during a syscall. This is error prone, as we don't unwind the stack. This means that in certain cases we can leak resources, like an OwnPtr / RefPtr tracked on the stack. Or even leak a lock acquired in a ScopeLockLocker. To remedy this situation we move the promise violation handling to the syscall handler, right before we return to user space. This allows the code to follow the normal unwind path, and grantees there is no longer any cleanup that needs to occur. The Process::require_promise() and Process::require_no_promises() functions were modified to return ErrorOr so we enforce that the errors are always propagated by the caller. --- Kernel/Graphics/FramebufferDevice.cpp | 2 +- Kernel/Graphics/GenericFramebufferDevice.cpp | 2 +- .../Graphics/VirtIOGPU/FramebufferDevice.cpp | 2 +- Kernel/Net/IPv4Socket.cpp | 2 +- Kernel/Process.cpp | 15 +++++++------ Kernel/Process.h | 4 ++-- Kernel/Syscall.cpp | 4 ++++ Kernel/Syscalls/access.cpp | 2 +- Kernel/Syscalls/alarm.cpp | 2 +- Kernel/Syscalls/anon_create.cpp | 2 +- Kernel/Syscalls/chdir.cpp | 6 +++--- Kernel/Syscalls/chmod.cpp | 4 ++-- Kernel/Syscalls/chown.cpp | 4 ++-- Kernel/Syscalls/clock.cpp | 10 ++++----- Kernel/Syscalls/disown.cpp | 2 +- Kernel/Syscalls/dup2.cpp | 2 +- Kernel/Syscalls/execve.cpp | 2 +- Kernel/Syscalls/fcntl.cpp | 2 +- Kernel/Syscalls/fork.cpp | 2 +- Kernel/Syscalls/fsync.cpp | 2 +- Kernel/Syscalls/ftruncate.cpp | 2 +- Kernel/Syscalls/get_dir_entries.cpp | 2 +- Kernel/Syscalls/getrandom.cpp | 2 +- Kernel/Syscalls/getuid.cpp | 14 ++++++------- Kernel/Syscalls/hostname.cpp | 4 ++-- Kernel/Syscalls/inode_watcher.cpp | 4 ++-- Kernel/Syscalls/keymap.cpp | 4 ++-- Kernel/Syscalls/kill.cpp | 6 +++--- Kernel/Syscalls/link.cpp | 4 ++-- Kernel/Syscalls/lseek.cpp | 2 +- Kernel/Syscalls/mkdir.cpp | 2 +- Kernel/Syscalls/mknod.cpp | 2 +- Kernel/Syscalls/mmap.cpp | 20 +++++++++--------- Kernel/Syscalls/mount.cpp | 4 ++-- Kernel/Syscalls/open.cpp | 8 +++---- Kernel/Syscalls/pipe.cpp | 2 +- Kernel/Syscalls/poll.cpp | 2 +- Kernel/Syscalls/process.cpp | 8 +++---- Kernel/Syscalls/profiling.cpp | 6 +++--- Kernel/Syscalls/ptrace.cpp | 2 +- Kernel/Syscalls/purge.cpp | 2 +- Kernel/Syscalls/read.cpp | 6 +++--- Kernel/Syscalls/readlink.cpp | 2 +- Kernel/Syscalls/realpath.cpp | 2 +- Kernel/Syscalls/rename.cpp | 2 +- Kernel/Syscalls/rmdir.cpp | 2 +- Kernel/Syscalls/sched.cpp | 6 +++--- Kernel/Syscalls/sendfd.cpp | 4 ++-- Kernel/Syscalls/setpgid.cpp | 10 ++++----- Kernel/Syscalls/setuid.cpp | 16 +++++++------- Kernel/Syscalls/sigaction.cpp | 12 +++++------ Kernel/Syscalls/socket.cpp | 12 +++++------ Kernel/Syscalls/stat.cpp | 4 ++-- Kernel/Syscalls/statvfs.cpp | 4 ++-- Kernel/Syscalls/sync.cpp | 2 +- Kernel/Syscalls/thread.cpp | 21 ++++++++++++------- Kernel/Syscalls/times.cpp | 2 +- Kernel/Syscalls/ttyname.cpp | 4 ++-- Kernel/Syscalls/umask.cpp | 2 +- Kernel/Syscalls/uname.cpp | 2 +- Kernel/Syscalls/unlink.cpp | 2 +- Kernel/Syscalls/utime.cpp | 2 +- Kernel/Syscalls/waitid.cpp | 2 +- Kernel/Syscalls/write.cpp | 4 ++-- Kernel/TTY/MasterPTY.cpp | 2 +- Kernel/TTY/TTY.cpp | 2 +- 66 files changed, 156 insertions(+), 148 deletions(-) diff --git a/Kernel/Graphics/FramebufferDevice.cpp b/Kernel/Graphics/FramebufferDevice.cpp index db7965b2f1..73b50f1226 100644 --- a/Kernel/Graphics/FramebufferDevice.cpp +++ b/Kernel/Graphics/FramebufferDevice.cpp @@ -29,7 +29,7 @@ NonnullRefPtr FramebufferDevice::create(const GenericGraphics ErrorOr FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared) { - process.require_promise(Pledge::video); + TRY(process.require_promise(Pledge::video)); SpinlockLocker lock(m_activation_lock); if (!shared) return ENODEV; diff --git a/Kernel/Graphics/GenericFramebufferDevice.cpp b/Kernel/Graphics/GenericFramebufferDevice.cpp index 4e7b8a5276..80f4ba9032 100644 --- a/Kernel/Graphics/GenericFramebufferDevice.cpp +++ b/Kernel/Graphics/GenericFramebufferDevice.cpp @@ -33,7 +33,7 @@ ErrorOr GenericFramebufferDevice::verify_head_index(int head_index) const ErrorOr GenericFramebufferDevice::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::video); + TRY(Process::current().require_promise(Pledge::video)); switch (request) { case FB_IOCTL_GET_PROPERTIES: { auto user_properties = static_ptr_cast(arg); diff --git a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp index 979c1d9baa..3aa32bbd65 100644 --- a/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp +++ b/Kernel/Graphics/VirtIOGPU/FramebufferDevice.cpp @@ -257,7 +257,7 @@ void FramebufferDevice::set_buffer(int buffer_index) ErrorOr FramebufferDevice::mmap(Process& process, OpenFileDescription&, Memory::VirtualRange const& range, u64 offset, int prot, bool shared) { - process.require_promise(Pledge::video); + TRY(process.require_promise(Pledge::video)); if (!shared) return ENODEV; if (offset != 0 || !m_framebuffer) diff --git a/Kernel/Net/IPv4Socket.cpp b/Kernel/Net/IPv4Socket.cpp index 13fd0c3220..a061b26208 100644 --- a/Kernel/Net/IPv4Socket.cpp +++ b/Kernel/Net/IPv4Socket.cpp @@ -607,7 +607,7 @@ ErrorOr IPv4Socket::getsockopt(OpenFileDescription& description, int level ErrorOr IPv4Socket::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::inet); + TRY(Process::current().require_promise(Pledge::inet)); auto ioctl_route = [request, arg]() -> ErrorOr { auto user_route = static_ptr_cast(arg); diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 96d07ee458..8496b68a08 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -863,26 +863,25 @@ static constexpr StringView to_string(Pledge promise) VERIFY_NOT_REACHED(); } -void Process::require_no_promises() const +ErrorOr Process::require_no_promises() const { if (!has_promises()) - return; + return {}; dbgln("Has made a promise"); - Process::current().crash(SIGABRT, 0); - VERIFY_NOT_REACHED(); + return EPROMISEVIOLATION; } -void Process::require_promise(Pledge promise) +ErrorOr Process::require_promise(Pledge promise) { if (!has_promises()) - return; + return {}; if (has_promised(promise)) - return; + return {}; dbgln("Has not pledged {}", to_string(promise)); (void)try_set_coredump_property("pledge_violation"sv, to_string(promise)); - crash(SIGABRT, 0); + return EPROMISEVIOLATION; } } diff --git a/Kernel/Process.h b/Kernel/Process.h index 8085ef21be..eef9f2c88d 100644 --- a/Kernel/Process.h +++ b/Kernel/Process.h @@ -508,8 +508,8 @@ public: VirtualAddress signal_trampoline() const { return m_protected_values.signal_trampoline; } - void require_promise(Pledge); - void require_no_promises() const; + ErrorOr require_promise(Pledge); + ErrorOr require_no_promises() const; private: friend class MemoryManager; diff --git a/Kernel/Syscall.cpp b/Kernel/Syscall.cpp index cd6199153a..ccb7069efd 100644 --- a/Kernel/Syscall.cpp +++ b/Kernel/Syscall.cpp @@ -234,6 +234,10 @@ NEVER_INLINE void syscall_handler(TrapFrame* trap) // Check if we're supposed to return to userspace or just die. current_thread->die_if_needed(); + // Crash any processes which have commited a promise violation during syscall handling. + if (result.is_error() && result.error().code() == EPROMISEVIOLATION) + process.crash(SIGABRT, 0); + VERIFY(!g_scheduler_lock.is_locked_by_current_processor()); } diff --git a/Kernel/Syscalls/access.cpp b/Kernel/Syscalls/access.cpp index 0281fd1170..96537207f6 100644 --- a/Kernel/Syscalls/access.cpp +++ b/Kernel/Syscalls/access.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$access(Userspace user_path, size_t path_length, int mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().access(path->view(), mode, current_directory())); return 0; diff --git a/Kernel/Syscalls/alarm.cpp b/Kernel/Syscalls/alarm.cpp index 16d23998eb..577a11b315 100644 --- a/Kernel/Syscalls/alarm.cpp +++ b/Kernel/Syscalls/alarm.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$alarm(unsigned seconds) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); unsigned previous_alarm_remaining = 0; if (m_alarm_timer) { bool was_in_use = false; diff --git a/Kernel/Syscalls/anon_create.cpp b/Kernel/Syscalls/anon_create.cpp index 8ffd493186..e4f3a93512 100644 --- a/Kernel/Syscalls/anon_create.cpp +++ b/Kernel/Syscalls/anon_create.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$anon_create(size_t size, int options) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!size) return EINVAL; diff --git a/Kernel/Syscalls/chdir.cpp b/Kernel/Syscalls/chdir.cpp index 9eae9896ce..b12829c161 100644 --- a/Kernel/Syscalls/chdir.cpp +++ b/Kernel/Syscalls/chdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$chdir(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); m_cwd = TRY(VirtualFileSystem::the().open_directory(path->view(), current_directory())); return 0; @@ -22,7 +22,7 @@ ErrorOr Process::sys$chdir(Userspace user_path, size_t pat ErrorOr Process::sys$fchdir(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); if (!description->is_directory()) return ENOTDIR; @@ -35,7 +35,7 @@ ErrorOr Process::sys$fchdir(int fd) ErrorOr Process::sys$getcwd(Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); if (size > NumericLimits::max()) return EINVAL; diff --git a/Kernel/Syscalls/chmod.cpp b/Kernel/Syscalls/chmod.cpp index 56629b5293..34af280f07 100644 --- a/Kernel/Syscalls/chmod.cpp +++ b/Kernel/Syscalls/chmod.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$chmod(Userspace user_path, size_t path_length, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().chmod(path->view(), mode, current_directory())); return 0; @@ -22,7 +22,7 @@ ErrorOr Process::sys$chmod(Userspace user_path, size_t pat ErrorOr Process::sys$fchmod(int fd, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto description = TRY(fds().open_file_description(fd)); TRY(description->chmod(mode)); return 0; diff --git a/Kernel/Syscalls/chown.cpp b/Kernel/Syscalls/chown.cpp index 33d602b5a3..92172fed61 100644 --- a/Kernel/Syscalls/chown.cpp +++ b/Kernel/Syscalls/chown.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$fchown(int fd, UserID uid, GroupID gid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::chown); + TRY(require_promise(Pledge::chown)); auto description = TRY(fds().open_file_description(fd)); TRY(description->chown(uid, gid)); return 0; @@ -21,7 +21,7 @@ ErrorOr Process::sys$fchown(int fd, UserID uid, GroupID gid) ErrorOr Process::sys$chown(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::chown); + TRY(require_promise(Pledge::chown)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); TRY(VirtualFileSystem::the().chown(path->view(), params.uid, params.gid, current_directory())); diff --git a/Kernel/Syscalls/clock.cpp b/Kernel/Syscalls/clock.cpp index 0a121012e2..4c47ea7e56 100644 --- a/Kernel/Syscalls/clock.cpp +++ b/Kernel/Syscalls/clock.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$map_time_page() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto& vmobject = TimeManagement::the().time_page_vmobject(); @@ -25,7 +25,7 @@ ErrorOr Process::sys$map_time_page() ErrorOr Process::sys$clock_gettime(clockid_t clock_id, Userspace user_ts) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!TimeManagement::is_valid_clock_id(clock_id)) return EINVAL; @@ -38,7 +38,7 @@ ErrorOr Process::sys$clock_gettime(clockid_t clock_id, Userspace Process::sys$clock_settime(clockid_t clock_id, Userspace user_ts) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::settime); + TRY(require_promise(Pledge::settime)); if (!is_superuser()) return EPERM; @@ -58,7 +58,7 @@ ErrorOr Process::sys$clock_settime(clockid_t clock_id, Userspace Process::sys$clock_nanosleep(Userspace user_params) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto requested_sleep = TRY(copy_time_from_user(params.requested_sleep)); @@ -105,7 +105,7 @@ ErrorOr Process::sys$adjtime(Userspace user_delta, User } if (user_delta) { - require_promise(Pledge::settime); + TRY(require_promise(Pledge::settime)); if (!is_superuser()) return EPERM; auto delta = TRY(copy_time_from_user(user_delta)); diff --git a/Kernel/Syscalls/disown.cpp b/Kernel/Syscalls/disown.cpp index a83851e6e0..46bb38f3dc 100644 --- a/Kernel/Syscalls/disown.cpp +++ b/Kernel/Syscalls/disown.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$disown(ProcessID pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto process = Process::from_pid(pid); if (!process) return ESRCH; diff --git a/Kernel/Syscalls/dup2.cpp b/Kernel/Syscalls/dup2.cpp index d97282e595..43c642b517 100644 --- a/Kernel/Syscalls/dup2.cpp +++ b/Kernel/Syscalls/dup2.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$dup2(int old_fd, int new_fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(old_fd)); if (old_fd == new_fd) return new_fd; diff --git a/Kernel/Syscalls/execve.cpp b/Kernel/Syscalls/execve.cpp index cad556b382..aeb6f5cbea 100644 --- a/Kernel/Syscalls/execve.cpp +++ b/Kernel/Syscalls/execve.cpp @@ -859,7 +859,7 @@ ErrorOr Process::exec(NonnullOwnPtr path, NonnullOwnPtrVector Process::sys$execve(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::exec); + TRY(require_promise(Pledge::exec)); // NOTE: Be extremely careful with allocating any kernel memory in exec(). // On success, the kernel stack will be lost. diff --git a/Kernel/Syscalls/fcntl.cpp b/Kernel/Syscalls/fcntl.cpp index d2a0928e47..c7b83e89a7 100644 --- a/Kernel/Syscalls/fcntl.cpp +++ b/Kernel/Syscalls/fcntl.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$fcntl(int fd, int cmd, u32 arg) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); dbgln_if(IO_DEBUG, "sys$fcntl: fd={}, cmd={}, arg={}", fd, cmd, arg); auto description = TRY(fds().open_file_description(fd)); // NOTE: The FD flags are not shared between OpenFileDescription objects. diff --git a/Kernel/Syscalls/fork.cpp b/Kernel/Syscalls/fork.cpp index 7ee4768d70..711f0d4947 100644 --- a/Kernel/Syscalls/fork.cpp +++ b/Kernel/Syscalls/fork.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$fork(RegisterState& regs) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); RefPtr child_first_thread; auto child_name = TRY(m_name->try_clone()); auto child = TRY(Process::try_create(child_first_thread, move(child_name), uid(), gid(), pid(), m_is_kernel_process, m_cwd, m_executable, m_tty, this)); diff --git a/Kernel/Syscalls/fsync.cpp b/Kernel/Syscalls/fsync.cpp index 630a1a0ee1..15fda4ac2e 100644 --- a/Kernel/Syscalls/fsync.cpp +++ b/Kernel/Syscalls/fsync.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$fsync(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); TRY(description->sync()); return 0; diff --git a/Kernel/Syscalls/ftruncate.cpp b/Kernel/Syscalls/ftruncate.cpp index 72232306dd..ad32a4ad76 100644 --- a/Kernel/Syscalls/ftruncate.cpp +++ b/Kernel/Syscalls/ftruncate.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$ftruncate(int fd, Userspace userspace_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto length = TRY(copy_typed_from_user(userspace_length)); if (length < 0) return EINVAL; diff --git a/Kernel/Syscalls/get_dir_entries.cpp b/Kernel/Syscalls/get_dir_entries.cpp index 9e1c0104f1..763326b0f6 100644 --- a/Kernel/Syscalls/get_dir_entries.cpp +++ b/Kernel/Syscalls/get_dir_entries.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$get_dir_entries(int fd, Userspace user_buffer, size_t user_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (user_size > NumericLimits::max()) return EINVAL; auto description = TRY(fds().open_file_description(fd)); diff --git a/Kernel/Syscalls/getrandom.cpp b/Kernel/Syscalls/getrandom.cpp index 2a8aa6cfcd..6fcea76042 100644 --- a/Kernel/Syscalls/getrandom.cpp +++ b/Kernel/Syscalls/getrandom.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$getrandom(Userspace buffer, size_t buffer_size, [[maybe_unused]] unsigned flags) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (buffer_size > NumericLimits::max()) return EINVAL; diff --git a/Kernel/Syscalls/getuid.cpp b/Kernel/Syscalls/getuid.cpp index 65ce3afb62..0b2d48aa8a 100644 --- a/Kernel/Syscalls/getuid.cpp +++ b/Kernel/Syscalls/getuid.cpp @@ -11,35 +11,35 @@ namespace Kernel { ErrorOr Process::sys$getuid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return uid().value(); } ErrorOr Process::sys$getgid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return gid().value(); } ErrorOr Process::sys$geteuid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return euid().value(); } ErrorOr Process::sys$getegid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return egid().value(); } ErrorOr Process::sys$getresuid(Userspace ruid, Userspace euid, Userspace suid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(copy_to_user(ruid, &m_protected_values.uid)); TRY(copy_to_user(euid, &m_protected_values.euid)); TRY(copy_to_user(suid, &m_protected_values.suid)); @@ -49,7 +49,7 @@ ErrorOr Process::sys$getresuid(Userspace ruid, Userspace Process::sys$getresgid(Userspace rgid, Userspace egid, Userspace sgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(copy_to_user(rgid, &m_protected_values.gid)); TRY(copy_to_user(egid, &m_protected_values.egid)); TRY(copy_to_user(sgid, &m_protected_values.sgid)); @@ -59,7 +59,7 @@ ErrorOr Process::sys$getresgid(Userspace rgid, Userspace Process::sys$getgroups(size_t count, Userspace user_gids) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!count) return extra_gids().size(); if (count != extra_gids().size()) diff --git a/Kernel/Syscalls/hostname.cpp b/Kernel/Syscalls/hostname.cpp index ee087923fa..1d84189087 100644 --- a/Kernel/Syscalls/hostname.cpp +++ b/Kernel/Syscalls/hostname.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$gethostname(Userspace buffer, size_t size) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size > NumericLimits::max()) return EINVAL; return hostname().with_shared([&](const auto& name) -> ErrorOr { @@ -25,7 +25,7 @@ ErrorOr Process::sys$gethostname(Userspace buffer, size_t size) ErrorOr Process::sys$sethostname(Userspace buffer, size_t length) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; diff --git a/Kernel/Syscalls/inode_watcher.cpp b/Kernel/Syscalls/inode_watcher.cpp index 2fcb899fd9..6dc8b387bb 100644 --- a/Kernel/Syscalls/inode_watcher.cpp +++ b/Kernel/Syscalls/inode_watcher.cpp @@ -16,7 +16,7 @@ namespace Kernel { ErrorOr Process::sys$create_inode_watcher(u32 flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto fd_allocation = TRY(m_fds.allocate()); auto watcher = TRY(InodeWatcher::try_create()); @@ -37,7 +37,7 @@ ErrorOr Process::sys$create_inode_watcher(u32 flags) ErrorOr Process::sys$inode_watcher_add_watch(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto description = TRY(fds().open_file_description(params.fd)); diff --git a/Kernel/Syscalls/keymap.cpp b/Kernel/Syscalls/keymap.cpp index ebf46ad8db..fe656e4391 100644 --- a/Kernel/Syscalls/keymap.cpp +++ b/Kernel/Syscalls/keymap.cpp @@ -14,7 +14,7 @@ constexpr size_t map_name_max_size = 50; ErrorOr Process::sys$setkeymap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this); - require_promise(Pledge::setkeymap); + TRY(require_promise(Pledge::setkeymap)); if (!is_superuser()) return EPERM; @@ -40,7 +40,7 @@ ErrorOr Process::sys$setkeymap(Userspace Process::sys$getkeymap(Userspace user_params) { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::getkeymap); + TRY(require_promise(Pledge::getkeymap)); auto params = TRY(copy_typed_from_user(user_params)); String keymap_name = HIDManagement::the().keymap_name(); diff --git a/Kernel/Syscalls/kill.cpp b/Kernel/Syscalls/kill.cpp index abd38e9ecb..66067584e5 100644 --- a/Kernel/Syscalls/kill.cpp +++ b/Kernel/Syscalls/kill.cpp @@ -99,9 +99,9 @@ ErrorOr Process::sys$kill(pid_t pid_or_pgid, int signal) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) if (pid_or_pgid == pid().value()) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); else - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (signal < 0 || signal >= 32) return EINVAL; @@ -130,7 +130,7 @@ ErrorOr Process::sys$kill(pid_t pid_or_pgid, int signal) ErrorOr Process::sys$killpg(pid_t pgrp, int signum) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (signum < 1 || signum >= 32) return EINVAL; if (pgrp < 0) diff --git a/Kernel/Syscalls/link.cpp b/Kernel/Syscalls/link.cpp index 2a5ed3fefd..9cbb382d68 100644 --- a/Kernel/Syscalls/link.cpp +++ b/Kernel/Syscalls/link.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$link(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto old_path = TRY(try_copy_kstring_from_user(params.old_path)); auto new_path = TRY(try_copy_kstring_from_user(params.new_path)); @@ -24,7 +24,7 @@ ErrorOr Process::sys$link(Userspace use ErrorOr Process::sys$symlink(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto target = TRY(get_syscall_path_argument(params.target)); diff --git a/Kernel/Syscalls/lseek.cpp b/Kernel/Syscalls/lseek.cpp index 76a63547cf..e2ed624f80 100644 --- a/Kernel/Syscalls/lseek.cpp +++ b/Kernel/Syscalls/lseek.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$lseek(int fd, Userspace userspace_offset, int whence) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); off_t offset; TRY(copy_from_user(&offset, userspace_offset)); diff --git a/Kernel/Syscalls/mkdir.cpp b/Kernel/Syscalls/mkdir.cpp index aafc4fb4ed..cd193bf778 100644 --- a/Kernel/Syscalls/mkdir.cpp +++ b/Kernel/Syscalls/mkdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$mkdir(Userspace user_path, size_t path_length, mode_t mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().mkdir(path->view(), mode & ~umask(), current_directory())); return 0; diff --git a/Kernel/Syscalls/mknod.cpp b/Kernel/Syscalls/mknod.cpp index 8ad02c5bfd..41d2603731 100644 --- a/Kernel/Syscalls/mknod.cpp +++ b/Kernel/Syscalls/mknod.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$mknod(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::dpath); + TRY(require_promise(Pledge::dpath)); auto params = TRY(copy_typed_from_user(user_params)); if (!is_superuser() && !is_regular_file(params.mode) && !is_fifo(params.mode) && !is_socket(params.mode)) diff --git a/Kernel/Syscalls/mmap.cpp b/Kernel/Syscalls/mmap.cpp index 7eb33c605f..cf06604220 100644 --- a/Kernel/Syscalls/mmap.cpp +++ b/Kernel/Syscalls/mmap.cpp @@ -120,7 +120,7 @@ static bool validate_inode_mmap_prot(const Process& process, int prot, const Ino ErrorOr Process::sys$mmap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto addr = (FlatPtr)params.addr; @@ -132,11 +132,11 @@ ErrorOr Process::sys$mmap(Userspace use auto offset = params.offset; if (prot & PROT_EXEC) { - require_promise(Pledge::prot_exec); + TRY(require_promise(Pledge::prot_exec)); } if (prot & MAP_FIXED || prot & MAP_FIXED_NOREPLACE) { - require_promise(Pledge::map_fixed); + TRY(require_promise(Pledge::map_fixed)); } if (alignment & ~PAGE_MASK) @@ -253,10 +253,10 @@ ErrorOr Process::sys$mmap(Userspace use ErrorOr Process::sys$mprotect(Userspace addr, size_t size, int prot) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (prot & PROT_EXEC) { - require_promise(Pledge::prot_exec); + TRY(require_promise(Pledge::prot_exec)); } auto range_to_mprotect = TRY(Memory::expand_range_to_page_boundaries(addr.ptr(), size)); @@ -395,7 +395,7 @@ ErrorOr Process::sys$mprotect(Userspace addr, size_t size, int p ErrorOr Process::sys$madvise(Userspace address, size_t size, int advice) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto range_to_madvise = TRY(Memory::expand_range_to_page_boundaries(address.ptr(), size)); @@ -426,7 +426,7 @@ ErrorOr Process::sys$madvise(Userspace address, size_t size, int ErrorOr Process::sys$set_mmap_name(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); if (params.name.length > PATH_MAX) @@ -450,7 +450,7 @@ ErrorOr Process::sys$set_mmap_name(Userspace Process::sys$munmap(Userspace addr, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); TRY(address_space().unmap_mmap_range(addr.vaddr(), size)); return 0; } @@ -458,7 +458,7 @@ ErrorOr Process::sys$munmap(Userspace addr, size_t size) ErrorOr Process::sys$mremap(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); auto old_range = TRY(Memory::expand_range_to_page_boundaries((FlatPtr)params.old_address, params.old_size)); @@ -495,7 +495,7 @@ ErrorOr Process::sys$mremap(Userspace ErrorOr Process::sys$allocate_tls(Userspace initial_data, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (!size || size % PAGE_SIZE != 0) return EINVAL; diff --git a/Kernel/Syscalls/mount.cpp b/Kernel/Syscalls/mount.cpp index 0fd05ae7a3..73c1976e3c 100644 --- a/Kernel/Syscalls/mount.cpp +++ b/Kernel/Syscalls/mount.cpp @@ -21,7 +21,7 @@ namespace Kernel { ErrorOr Process::sys$mount(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; @@ -120,7 +120,7 @@ ErrorOr Process::sys$umount(Userspace user_mountpoint, siz if (!is_superuser()) return EPERM; - require_no_promises(); + TRY(require_no_promises()); auto mountpoint = TRY(get_syscall_path_argument(user_mountpoint, mountpoint_length)); auto custody = TRY(VirtualFileSystem::the().resolve_path(mountpoint->view(), current_directory())); diff --git a/Kernel/Syscalls/open.cpp b/Kernel/Syscalls/open.cpp index c10d438358..26dc679976 100644 --- a/Kernel/Syscalls/open.cpp +++ b/Kernel/Syscalls/open.cpp @@ -27,12 +27,12 @@ ErrorOr Process::sys$open(Userspace use return EINVAL; if (options & O_WRONLY) - require_promise(Pledge::wpath); + TRY(require_promise(Pledge::wpath)); else if (options & O_RDONLY) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); if (options & O_CREAT) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); // Ignore everything except permission bits. mode &= 0777; @@ -67,7 +67,7 @@ ErrorOr Process::sys$open(Userspace use ErrorOr Process::sys$close(int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto result = description->close(); m_fds[fd] = {}; diff --git a/Kernel/Syscalls/pipe.cpp b/Kernel/Syscalls/pipe.cpp index 46cc66897d..90cd2ddb49 100644 --- a/Kernel/Syscalls/pipe.cpp +++ b/Kernel/Syscalls/pipe.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$pipe(int pipefd[2], int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (fds().open_count() + 2 > OpenFileDescriptions::max_open()) return EMFILE; // Reject flags other than O_CLOEXEC, O_NONBLOCK diff --git a/Kernel/Syscalls/poll.cpp b/Kernel/Syscalls/poll.cpp index 946929fc8b..8c63ee51c2 100644 --- a/Kernel/Syscalls/poll.cpp +++ b/Kernel/Syscalls/poll.cpp @@ -17,7 +17,7 @@ using BlockFlags = Thread::FileBlocker::BlockFlags; ErrorOr Process::sys$poll(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto params = TRY(copy_typed_from_user(user_params)); diff --git a/Kernel/Syscalls/process.cpp b/Kernel/Syscalls/process.cpp index 09bee8b794..036bf1df4d 100644 --- a/Kernel/Syscalls/process.cpp +++ b/Kernel/Syscalls/process.cpp @@ -12,21 +12,21 @@ namespace Kernel { ErrorOr Process::sys$getpid() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return pid().value(); } ErrorOr Process::sys$getppid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return m_protected_values.ppid.value(); } ErrorOr Process::sys$get_process_name(Userspace buffer, size_t buffer_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (m_name->length() + 1 > buffer_size) return ENAMETOOLONG; @@ -37,7 +37,7 @@ ErrorOr Process::sys$get_process_name(Userspace buffer, size_t b ErrorOr Process::sys$set_process_name(Userspace user_name, size_t user_name_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (user_name_length > 256) return ENAMETOOLONG; auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length)); diff --git a/Kernel/Syscalls/profiling.cpp b/Kernel/Syscalls/profiling.cpp index ed54d9ea15..1fd23a6fba 100644 --- a/Kernel/Syscalls/profiling.cpp +++ b/Kernel/Syscalls/profiling.cpp @@ -19,7 +19,7 @@ u64 g_profiling_event_mask; ErrorOr Process::sys$profiling_enable(pid_t pid, u64 event_mask) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) @@ -69,7 +69,7 @@ ErrorOr Process::sys$profiling_enable(pid_t pid, u64 event_mask) ErrorOr Process::sys$profiling_disable(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) @@ -99,7 +99,7 @@ ErrorOr Process::sys$profiling_disable(pid_t pid) ErrorOr Process::sys$profiling_free_buffer(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (pid == -1) { if (!is_superuser()) diff --git a/Kernel/Syscalls/ptrace.cpp b/Kernel/Syscalls/ptrace.cpp index 0660c57b0c..59fd80e249 100644 --- a/Kernel/Syscalls/ptrace.cpp +++ b/Kernel/Syscalls/ptrace.cpp @@ -159,7 +159,7 @@ static ErrorOr handle_ptrace(const Kernel::Syscall::SC_ptrace_params& p ErrorOr Process::sys$ptrace(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::ptrace); + TRY(require_promise(Pledge::ptrace)); auto params = TRY(copy_typed_from_user(user_params)); return handle_ptrace(params, *this); diff --git a/Kernel/Syscalls/purge.cpp b/Kernel/Syscalls/purge.cpp index 722c67166f..e690a79df5 100644 --- a/Kernel/Syscalls/purge.cpp +++ b/Kernel/Syscalls/purge.cpp @@ -15,7 +15,7 @@ namespace Kernel { ErrorOr Process::sys$purge(int mode) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_no_promises(); + TRY(require_no_promises()); if (!is_superuser()) return EPERM; size_t purged_page_count = 0; diff --git a/Kernel/Syscalls/read.cpp b/Kernel/Syscalls/read.cpp index e481c21ff5..21916c7a57 100644 --- a/Kernel/Syscalls/read.cpp +++ b/Kernel/Syscalls/read.cpp @@ -40,7 +40,7 @@ static ErrorOr check_blocked_read(OpenFileDescription* description) ErrorOr Process::sys$readv(int fd, Userspace iov, int iov_count) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (iov_count < 0) return EINVAL; @@ -74,7 +74,7 @@ ErrorOr Process::sys$readv(int fd, Userspace iov, ErrorOr Process::sys$read(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) @@ -91,7 +91,7 @@ ErrorOr Process::sys$read(int fd, Userspace buffer, size_t size) ErrorOr Process::sys$pread(int fd, Userspace buffer, size_t size, Userspace userspace_offset) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) diff --git a/Kernel/Syscalls/readlink.cpp b/Kernel/Syscalls/readlink.cpp index f641e64159..9684705b39 100644 --- a/Kernel/Syscalls/readlink.cpp +++ b/Kernel/Syscalls/readlink.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$readlink(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/realpath.cpp b/Kernel/Syscalls/realpath.cpp index f8e28dd5f7..e1feed2eb7 100644 --- a/Kernel/Syscalls/realpath.cpp +++ b/Kernel/Syscalls/realpath.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$realpath(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/rename.cpp b/Kernel/Syscalls/rename.cpp index 02671d1670..39ebb9bef4 100644 --- a/Kernel/Syscalls/rename.cpp +++ b/Kernel/Syscalls/rename.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$rename(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto params = TRY(copy_typed_from_user(user_params)); auto old_path = TRY(get_syscall_path_argument(params.old_path)); auto new_path = TRY(get_syscall_path_argument(params.new_path)); diff --git a/Kernel/Syscalls/rmdir.cpp b/Kernel/Syscalls/rmdir.cpp index e570f562c5..0371c267fa 100644 --- a/Kernel/Syscalls/rmdir.cpp +++ b/Kernel/Syscalls/rmdir.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$rmdir(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().rmdir(path->view(), current_directory())); return 0; diff --git a/Kernel/Syscalls/sched.cpp b/Kernel/Syscalls/sched.cpp index 07986209af..e8abc88955 100644 --- a/Kernel/Syscalls/sched.cpp +++ b/Kernel/Syscalls/sched.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$yield() { VERIFY_NO_PROCESS_BIG_LOCK(this); - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); Thread::current()->yield_without_releasing_big_lock(); return 0; } @@ -19,7 +19,7 @@ ErrorOr Process::sys$yield() ErrorOr Process::sys$sched_setparam(int pid, Userspace user_param) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto param = TRY(copy_typed_from_user(user_param)); if (param.sched_priority < THREAD_PRIORITY_MIN || param.sched_priority > THREAD_PRIORITY_MAX) @@ -43,7 +43,7 @@ ErrorOr Process::sys$sched_setparam(int pid, Userspace Process::sys$sched_getparam(pid_t pid, Userspace user_param) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); int priority; { auto* peer = Thread::current(); diff --git a/Kernel/Syscalls/sendfd.cpp b/Kernel/Syscalls/sendfd.cpp index 66880344d7..4c1dd274ee 100644 --- a/Kernel/Syscalls/sendfd.cpp +++ b/Kernel/Syscalls/sendfd.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$sendfd(int sockfd, int fd) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sendfd); + TRY(require_promise(Pledge::sendfd)); auto socket_description = TRY(fds().open_file_description(sockfd)); if (!socket_description->is_socket()) return ENOTSOCK; @@ -32,7 +32,7 @@ ErrorOr Process::sys$sendfd(int sockfd, int fd) ErrorOr Process::sys$recvfd(int sockfd, int options) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::recvfd); + TRY(require_promise(Pledge::recvfd)); auto socket_description = TRY(fds().open_file_description(sockfd)); if (!socket_description->is_socket()) return ENOTSOCK; diff --git a/Kernel/Syscalls/setpgid.cpp b/Kernel/Syscalls/setpgid.cpp index 2abf7b7a90..9d3f58e13d 100644 --- a/Kernel/Syscalls/setpgid.cpp +++ b/Kernel/Syscalls/setpgid.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$getsid(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (pid == 0) return sid().value(); auto process = Process::from_pid(pid); @@ -27,7 +27,7 @@ ErrorOr Process::sys$getsid(pid_t pid) ErrorOr Process::sys$setsid() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); InterruptDisabler disabler; bool found_process_with_same_pgid_as_my_pid = false; Process::for_each_in_pgrp(pid().value(), [&](auto&) { @@ -48,7 +48,7 @@ ErrorOr Process::sys$setsid() ErrorOr Process::sys$getpgid(pid_t pid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); if (pid == 0) return pgid().value(); auto process = Process::from_pid(pid); @@ -60,7 +60,7 @@ ErrorOr Process::sys$getpgid(pid_t pid) ErrorOr Process::sys$getpgrp() { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return pgid().value(); } @@ -80,7 +80,7 @@ SessionID Process::get_sid_from_pgid(ProcessGroupID pgid) ErrorOr Process::sys$setpgid(pid_t specified_pid, pid_t specified_pgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); ProcessID pid = specified_pid ? ProcessID(specified_pid) : this->pid(); if (specified_pgid < 0) { // The value of the pgid argument is less than 0, or is not a value supported by the implementation. diff --git a/Kernel/Syscalls/setuid.cpp b/Kernel/Syscalls/setuid.cpp index be0531745c..3968422936 100644 --- a/Kernel/Syscalls/setuid.cpp +++ b/Kernel/Syscalls/setuid.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$seteuid(UserID new_euid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_euid == (uid_t)-1) return EINVAL; @@ -31,7 +31,7 @@ ErrorOr Process::sys$seteuid(UserID new_euid) ErrorOr Process::sys$setegid(GroupID new_egid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_egid == (uid_t)-1) return EINVAL; @@ -50,7 +50,7 @@ ErrorOr Process::sys$setegid(GroupID new_egid) ErrorOr Process::sys$setuid(UserID new_uid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_uid == (uid_t)-1) return EINVAL; @@ -71,7 +71,7 @@ ErrorOr Process::sys$setuid(UserID new_uid) ErrorOr Process::sys$setgid(GroupID new_gid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_gid == (uid_t)-1) return EINVAL; @@ -92,7 +92,7 @@ ErrorOr Process::sys$setgid(GroupID new_gid) ErrorOr Process::sys$setreuid(UserID new_ruid, UserID new_euid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_ruid == (uid_t)-1) new_ruid = uid(); @@ -118,7 +118,7 @@ ErrorOr Process::sys$setreuid(UserID new_ruid, UserID new_euid) ErrorOr Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID new_suid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_ruid == (uid_t)-1) new_ruid = uid(); @@ -144,7 +144,7 @@ ErrorOr Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID ErrorOr Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, GroupID new_sgid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (new_rgid == (gid_t)-1) new_rgid = gid(); @@ -170,7 +170,7 @@ ErrorOr Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, Grou ErrorOr Process::sys$setgroups(size_t count, Userspace user_gids) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::id); + TRY(require_promise(Pledge::id)); if (!is_superuser()) return EPERM; diff --git a/Kernel/Syscalls/sigaction.cpp b/Kernel/Syscalls/sigaction.cpp index ce634685b6..411ecd99e7 100644 --- a/Kernel/Syscalls/sigaction.cpp +++ b/Kernel/Syscalls/sigaction.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$sigprocmask(int how, Userspace set, Userspace old_set) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); auto* current_thread = Thread::current(); u32 previous_signal_mask; if (set) { @@ -44,7 +44,7 @@ ErrorOr Process::sys$sigprocmask(int how, Userspace se ErrorOr Process::sys$sigpending(Userspace set) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto pending_signals = Thread::current()->pending_signals(); TRY(copy_to_user(set, &pending_signals)); return 0; @@ -53,7 +53,7 @@ ErrorOr Process::sys$sigpending(Userspace set) ErrorOr Process::sys$sigaction(int signum, Userspace user_act, Userspace user_old_act) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); if (signum < 1 || signum >= 32 || signum == SIGKILL || signum == SIGSTOP) return EINVAL; @@ -76,7 +76,7 @@ ErrorOr Process::sys$sigaction(int signum, Userspace ErrorOr Process::sys$sigreturn([[maybe_unused]] RegisterState& registers) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); SmapDisabler disabler; #if ARCH(I386) @@ -258,7 +258,7 @@ ErrorOr Process::remap_range_as_stack(FlatPtr address, size_t size) ErrorOr Process::sys$sigaltstack(Userspace user_ss, Userspace user_old_ss) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); if (user_old_ss) { stack_t old_ss_value {}; @@ -307,7 +307,7 @@ ErrorOr Process::sys$sigaltstack(Userspace user_ss, Use ErrorOr Process::sys$sigtimedwait(Userspace set, Userspace info, Userspace timeout) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::sigaction); + TRY(require_promise(Pledge::sigaction)); sigset_t set_value; TRY(copy_from_user(&set_value, set)); diff --git a/Kernel/Syscalls/socket.cpp b/Kernel/Syscalls/socket.cpp index fc5fd9be9f..bca00d5209 100644 --- a/Kernel/Syscalls/socket.cpp +++ b/Kernel/Syscalls/socket.cpp @@ -14,9 +14,9 @@ namespace Kernel { #define REQUIRE_PROMISE_FOR_SOCKET_DOMAIN(domain) \ do { \ if (domain == AF_INET) \ - require_promise(Pledge::inet); \ + TRY(require_promise(Pledge::inet)); \ else if (domain == AF_LOCAL) \ - require_promise(Pledge::unix); \ + TRY(require_promise(Pledge::unix)); \ } while (0) void Process::setup_socket_fd(int fd, NonnullRefPtr description, int type) @@ -76,7 +76,7 @@ ErrorOr Process::sys$listen(int sockfd, int backlog) ErrorOr Process::sys$accept4(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::accept); + TRY(require_promise(Pledge::accept)); auto params = TRY(copy_typed_from_user(user_params)); int accepting_socket_fd = params.sockfd; @@ -146,7 +146,7 @@ ErrorOr Process::sys$connect(int sockfd, Userspace use ErrorOr Process::sys$shutdown(int sockfd, int how) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (how & ~SHUT_RDWR) return EINVAL; auto description = TRY(fds().open_file_description(sockfd)); @@ -161,7 +161,7 @@ ErrorOr Process::sys$shutdown(int sockfd, int how) ErrorOr Process::sys$sendmsg(int sockfd, Userspace user_msg, int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto msg = TRY(copy_typed_from_user(user_msg)); if (msg.msg_iovlen != 1) @@ -189,7 +189,7 @@ ErrorOr Process::sys$sendmsg(int sockfd, Userspace Process::sys$recvmsg(int sockfd, Userspace user_msg, int flags) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); struct msghdr msg; TRY(copy_from_user(&msg, user_msg)); diff --git a/Kernel/Syscalls/stat.cpp b/Kernel/Syscalls/stat.cpp index 3ce8c83b5d..eb027ada40 100644 --- a/Kernel/Syscalls/stat.cpp +++ b/Kernel/Syscalls/stat.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$fstat(int fd, Userspace user_statbuf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto buffer = TRY(description->stat()); TRY(copy_to_user(user_statbuf, &buffer)); @@ -24,7 +24,7 @@ ErrorOr Process::sys$fstat(int fd, Userspace user_statbuf) ErrorOr Process::sys$stat(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); diff --git a/Kernel/Syscalls/statvfs.cpp b/Kernel/Syscalls/statvfs.cpp index e917e0bda3..b78145c367 100644 --- a/Kernel/Syscalls/statvfs.cpp +++ b/Kernel/Syscalls/statvfs.cpp @@ -40,7 +40,7 @@ ErrorOr Process::do_statvfs(FileSystem const& fs, Custody const* custod ErrorOr Process::sys$statvfs(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::rpath); + TRY(require_promise(Pledge::rpath)); auto params = TRY(copy_typed_from_user(user_params)); auto path = TRY(get_syscall_path_argument(params.path)); @@ -55,7 +55,7 @@ ErrorOr Process::sys$statvfs(Userspace Process::sys$fstatvfs(int fd, statvfs* buf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto description = TRY(fds().open_file_description(fd)); auto const* inode = description->inode(); diff --git a/Kernel/Syscalls/sync.cpp b/Kernel/Syscalls/sync.cpp index f1bb331d93..6557d4e86b 100644 --- a/Kernel/Syscalls/sync.cpp +++ b/Kernel/Syscalls/sync.cpp @@ -12,7 +12,7 @@ namespace Kernel { ErrorOr Process::sys$sync() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); VirtualFileSystem::sync(); return 0; } diff --git a/Kernel/Syscalls/thread.cpp b/Kernel/Syscalls/thread.cpp index 3c61eaee66..c42618efa6 100644 --- a/Kernel/Syscalls/thread.cpp +++ b/Kernel/Syscalls/thread.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$create_thread(void* (*entry)(void*), Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto params = TRY(copy_typed_from_user(user_params)); unsigned detach_state = params.detach_state; @@ -74,7 +74,12 @@ ErrorOr Process::sys$create_thread(void* (*entry)(void*), Userspace exit_value, Userspace stack_location, size_t stack_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + + auto result = require_promise(Pledge::thread); + if (result.is_error()) { + // Crash now, as we will never reach back to the syscall handler. + crash(SIGABRT, 0); + } if (this->thread_count() == 1) { // If this is the last thread, instead kill the process. @@ -98,7 +103,7 @@ void Process::sys$exit_thread(Userspace exit_value, Userspace stac ErrorOr Process::sys$detach_thread(pid_t tid) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto thread = Thread::from_tid(tid); if (!thread || thread->pid() != pid()) return ESRCH; @@ -113,7 +118,7 @@ ErrorOr Process::sys$detach_thread(pid_t tid) ErrorOr Process::sys$join_thread(pid_t tid, Userspace exit_value) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); auto thread = Thread::from_tid(tid); if (!thread || thread->pid() != pid()) @@ -148,7 +153,7 @@ ErrorOr Process::sys$join_thread(pid_t tid, Userspace exit_valu ErrorOr Process::sys$kill_thread(pid_t tid, int signal) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); if (signal < 0 || signal >= 32) return EINVAL; @@ -166,7 +171,7 @@ ErrorOr Process::sys$kill_thread(pid_t tid, int signal) ErrorOr Process::sys$set_thread_name(pid_t tid, Userspace user_name, size_t user_name_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto name = TRY(try_copy_kstring_from_user(user_name, user_name_length)); @@ -185,7 +190,7 @@ ErrorOr Process::sys$set_thread_name(pid_t tid, Userspace ErrorOr Process::sys$get_thread_name(pid_t tid, Userspace buffer, size_t buffer_size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::thread); + TRY(require_promise(Pledge::thread)); if (buffer_size == 0) return EINVAL; @@ -212,7 +217,7 @@ ErrorOr Process::sys$get_thread_name(pid_t tid, Userspace buffer ErrorOr Process::sys$gettid() { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); return Thread::current()->tid().value(); } diff --git a/Kernel/Syscalls/times.cpp b/Kernel/Syscalls/times.cpp index 6f96e7e35d..54aa6b481d 100644 --- a/Kernel/Syscalls/times.cpp +++ b/Kernel/Syscalls/times.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$times(Userspace user_times) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); tms times = {}; times.tms_utime = m_ticks_in_user; times.tms_stime = m_ticks_in_kernel; diff --git a/Kernel/Syscalls/ttyname.cpp b/Kernel/Syscalls/ttyname.cpp index d2aa5e5d46..b1f04a3c02 100644 --- a/Kernel/Syscalls/ttyname.cpp +++ b/Kernel/Syscalls/ttyname.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$ttyname(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::tty); + TRY(require_promise(Pledge::tty)); auto description = TRY(fds().open_file_description(fd)); if (!description->is_tty()) return ENOTTY; @@ -28,7 +28,7 @@ ErrorOr Process::sys$ttyname(int fd, Userspace buffer, size_t si ErrorOr Process::sys$ptsname(int fd, Userspace buffer, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::tty); + TRY(require_promise(Pledge::tty)); auto description = TRY(fds().open_file_description(fd)); auto* master_pty = description->master_pty(); if (!master_pty) diff --git a/Kernel/Syscalls/umask.cpp b/Kernel/Syscalls/umask.cpp index 1a951186f9..6018984765 100644 --- a/Kernel/Syscalls/umask.cpp +++ b/Kernel/Syscalls/umask.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$umask(mode_t mask) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); auto old_mask = m_protected_values.umask; ProtectedDataMutationScope scope { *this }; m_protected_values.umask = mask & 0777; diff --git a/Kernel/Syscalls/uname.cpp b/Kernel/Syscalls/uname.cpp index 67911d6723..ab6ac949ef 100644 --- a/Kernel/Syscalls/uname.cpp +++ b/Kernel/Syscalls/uname.cpp @@ -11,7 +11,7 @@ namespace Kernel { ErrorOr Process::sys$uname(Userspace user_buf) { VERIFY_NO_PROCESS_BIG_LOCK(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); utsname buf {}; memcpy(buf.sysname, "SerenityOS", 11); diff --git a/Kernel/Syscalls/unlink.cpp b/Kernel/Syscalls/unlink.cpp index bc4d016ffd..98526ed9f9 100644 --- a/Kernel/Syscalls/unlink.cpp +++ b/Kernel/Syscalls/unlink.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$unlink(Userspace user_path, size_t path_length) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::cpath); + TRY(require_promise(Pledge::cpath)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); TRY(VirtualFileSystem::the().unlink(path->view(), current_directory())); return 0; diff --git a/Kernel/Syscalls/utime.cpp b/Kernel/Syscalls/utime.cpp index 4b609ae1f1..b72599ab04 100644 --- a/Kernel/Syscalls/utime.cpp +++ b/Kernel/Syscalls/utime.cpp @@ -13,7 +13,7 @@ namespace Kernel { ErrorOr Process::sys$utime(Userspace user_path, size_t path_length, Userspace user_buf) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::fattr); + TRY(require_promise(Pledge::fattr)); auto path = TRY(get_syscall_path_argument(user_path, path_length)); utimbuf buf; if (user_buf) { diff --git a/Kernel/Syscalls/waitid.cpp b/Kernel/Syscalls/waitid.cpp index 1764c1d49b..7ac7ff4ee8 100644 --- a/Kernel/Syscalls/waitid.cpp +++ b/Kernel/Syscalls/waitid.cpp @@ -22,7 +22,7 @@ ErrorOr Process::do_waitid(Variant, Non ErrorOr Process::sys$waitid(Userspace user_params) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::proc); + TRY(require_promise(Pledge::proc)); auto params = TRY(copy_typed_from_user(user_params)); Variant, NonnullRefPtr> waitee; diff --git a/Kernel/Syscalls/write.cpp b/Kernel/Syscalls/write.cpp index e643abc03d..0cbc764a41 100644 --- a/Kernel/Syscalls/write.cpp +++ b/Kernel/Syscalls/write.cpp @@ -14,7 +14,7 @@ namespace Kernel { ErrorOr Process::sys$writev(int fd, Userspace iov, int iov_count) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (iov_count < 0) return EINVAL; @@ -90,7 +90,7 @@ ErrorOr Process::do_write(OpenFileDescription& description, const UserO ErrorOr Process::sys$write(int fd, Userspace data, size_t size) { VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this) - require_promise(Pledge::stdio); + TRY(require_promise(Pledge::stdio)); if (size == 0) return 0; if (size > NumericLimits::max()) diff --git a/Kernel/TTY/MasterPTY.cpp b/Kernel/TTY/MasterPTY.cpp index 63fb020a33..1198134832 100644 --- a/Kernel/TTY/MasterPTY.cpp +++ b/Kernel/TTY/MasterPTY.cpp @@ -122,7 +122,7 @@ ErrorOr MasterPTY::close() ErrorOr MasterPTY::ioctl(OpenFileDescription& description, unsigned request, Userspace arg) { - Process::current().require_promise(Pledge::tty); + TRY(Process::current().require_promise(Pledge::tty)); if (!m_slave) return EIO; if (request == TIOCSWINSZ || request == TIOCGPGRP) diff --git a/Kernel/TTY/TTY.cpp b/Kernel/TTY/TTY.cpp index 110c8c3b74..a7424da961 100644 --- a/Kernel/TTY/TTY.cpp +++ b/Kernel/TTY/TTY.cpp @@ -475,7 +475,7 @@ ErrorOr TTY::set_termios(const termios& t) ErrorOr TTY::ioctl(OpenFileDescription&, unsigned request, Userspace arg) { auto& current_process = Process::current(); - current_process.require_promise(Pledge::tty); + TRY(current_process.require_promise(Pledge::tty)); #if 0 // FIXME: When should we block things? // How do we make this work together with MasterPTY forwarding to us?