1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 11:27:35 +00:00

AK+Kernel: OOM-harden most parts of Trie

The only part of Unveil that can't handle OOM gracefully is the
String::formatted() use in the node metadata.
This commit is contained in:
Ali Mohammad Pur 2022-02-14 16:49:53 +03:30 committed by Idan Horowitz
parent 80e6198563
commit a1cb2c371a
9 changed files with 145 additions and 99 deletions

View file

@ -525,7 +525,7 @@ ErrorOr<void> Process::do_exec(NonnullRefPtr<OpenFileDescription> main_program_d
m_veil_state = VeilState::None;
m_unveiled_paths.clear();
m_unveiled_paths.set_metadata({ "/", UnveilAccess::None, false });
m_unveiled_paths.set_metadata({ TRY(KString::try_create("/"sv)), UnveilAccess::None, false });
for (auto& property : m_coredump_properties)
property = {};

View file

@ -21,7 +21,7 @@ ErrorOr<FlatPtr> Process::sys$fork(RegisterState& regs)
auto child_name = TRY(m_name->try_clone());
auto child = TRY(Process::try_create(child_first_thread, move(child_name), uid(), gid(), pid(), m_is_kernel_process, m_cwd, m_executable, m_tty, this));
child->m_veil_state = m_veil_state;
child->m_unveiled_paths = m_unveiled_paths.deep_copy();
child->m_unveiled_paths = TRY(m_unveiled_paths.deep_copy());
TRY(child->m_fds.with_exclusive([&](auto& child_fds) {
return m_fds.with_exclusive([&](auto& parent_fds) {

View file

@ -19,7 +19,7 @@ static void update_intermediate_node_permissions(UnveilNode& root_node, UnveilAc
auto& node = static_cast<UnveilNode&>(*entry.value);
if (node.was_explicitly_unveiled())
continue;
node.set_metadata({ node.path(), new_permissions, node.was_explicitly_unveiled() });
node.metadata_value().permissions = new_permissions;
update_intermediate_node_permissions(node, new_permissions);
}
}
@ -109,19 +109,20 @@ ErrorOr<FlatPtr> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*>
if (matching_node.permissions() != new_permissions)
update_intermediate_node_permissions(matching_node, (UnveilAccess)new_permissions);
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true });
matching_node.metadata_value().explicitly_unveiled = true;
matching_node.metadata_value().permissions = (UnveilAccess)new_permissions;
m_veil_state = VeilState::Dropped;
return 0;
}
matching_node.insert(
TRY(matching_node.insert(
it,
path_parts.end(),
{ new_unveiled_path->view(), (UnveilAccess)new_permissions, true },
[](auto& parent, auto& it) -> Optional<UnveilMetadata> {
auto path = String::formatted("{}/{}", parent.path(), *it);
return UnveilMetadata { path, parent.permissions(), false };
});
{ new_unveiled_path.release_nonnull(), (UnveilAccess)new_permissions, true },
[](auto& parent, auto& it) -> ErrorOr<Optional<UnveilMetadata>> {
auto path = TRY(KString::formatted("{}/{}", parent.path(), *it));
return UnveilMetadata(move(path), parent.permissions(), false);
}));
VERIFY(m_veil_state != VeilState::Locked);
m_veil_state = VeilState::Dropped;