Kernel: Strongly typed user & group ID's

Prior to this change, both uid_t and gid_t were typedef'ed to `u32`. This made it easy to use them interchangeably. Let's not allow that. This patch adds UserID and GroupID using the AK::DistinctNumeric mechanism we've already been employing for pid_t/ProcessID.
2025-10-31 04:52:45 +00:00 · 2021-08-28 22:11:16 +02:00 · 2021-08-28 22:11:16 +02:00 · ae197deb6b
commit ae197deb6b
parent 59335bd8ea
44 changed files with 172 additions and 169 deletions
--- a/Kernel/Devices/Device.h
+++ b/Kernel/Devices/Device.h
@ -34,8 +34,8 @@ public:
    virtual String absolute_path(const FileDescription&) const override;
    virtual String absolute_path() const;
-    uid_t uid() const { return m_uid; }
+    UserID uid() const { return m_uid; }
-    uid_t gid() const { return m_gid; }
+    GroupID gid() const { return m_gid; }
    virtual mode_t required_mode() const = 0;
    virtual String device_name() const = 0;
@ -62,16 +62,16 @@ public:
 protected:
    Device(unsigned major, unsigned minor);
-    void set_uid(uid_t uid) { m_uid = uid; }
+    void set_uid(UserID uid) { m_uid = uid; }
-    void set_gid(gid_t gid) { m_gid = gid; }
+    void set_gid(GroupID gid) { m_gid = gid; }
    static HashMap<u32, Device*>& all_devices();
 private:
    unsigned m_major { 0 };
    unsigned m_minor { 0 };
-    uid_t m_uid { 0 };
+    UserID m_uid { 0 };
-    gid_t m_gid { 0 };
+    GroupID m_gid { 0 };
    Spinlock<u8> m_requests_lock;
    DoublyLinkedList<RefPtr<AsyncDeviceRequest>> m_requests;
--- a/Kernel/FileSystem/DevFS.cpp
+++ b/Kernel/FileSystem/DevFS.cpp
@ -107,7 +107,7 @@ KResultOr<size_t> DevFSInode::write_bytes(off_t, size_t, const UserOrKernelBuffe
    VERIFY_NOT_REACHED();
 }
-KResultOr<NonnullRefPtr<Inode>> DevFSInode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> DevFSInode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    return EROFS;
 }
@ -127,7 +127,7 @@ KResult DevFSInode::chmod(mode_t)
    return EPERM;
 }
-KResult DevFSInode::chown(uid_t, gid_t)
+KResult DevFSInode::chown(UserID, GroupID)
 {
    return EPERM;
 }
@ -253,7 +253,7 @@ KResultOr<NonnullRefPtr<Inode>> DevFSRootDirectoryInode::lookup(StringView name)
    }
    return ENOENT;
 }
-KResultOr<NonnullRefPtr<Inode>> DevFSRootDirectoryInode::create_child(StringView name, mode_t mode, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> DevFSRootDirectoryInode::create_child(StringView name, mode_t mode, dev_t, UserID, GroupID)
 {
    MutexLocker locker(fs().m_lock);
@ -325,7 +325,7 @@ DevFSDeviceInode::~DevFSDeviceInode()
 {
 }
-KResult DevFSDeviceInode::chown(uid_t uid, gid_t gid)
+KResult DevFSDeviceInode::chown(UserID uid, GroupID gid)
 {
    MutexLocker locker(m_inode_lock);
    m_uid = uid;
--- a/Kernel/FileSystem/DevFS.h
+++ b/Kernel/FileSystem/DevFS.h
@ -58,11 +58,11 @@ protected:
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual void flush_metadata() override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& buffer, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
 };
@ -80,13 +80,13 @@ private:
    virtual KResultOr<size_t> read_bytes(off_t, size_t, UserOrKernelBuffer& buffer, FileDescription*) const override;
    virtual InodeMetadata metadata() const override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& buffer, FileDescription*) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    NonnullRefPtr<Device> m_attached_device;
    NonnullOwnPtr<KString> m_name;
-    uid_t m_uid { 0 };
+    UserID m_uid { 0 };
-    gid_t m_gid { 0 };
+    GroupID m_gid { 0 };
 };
 class DevFSLinkInode : public DevFSInode {
@ -147,7 +147,7 @@ public:
 private:
    explicit DevFSRootDirectoryInode(DevFS&);
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult traverse_as_directory(Function<bool(FileSystem::DirectoryEntryView const&)>) const override;
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual InodeMetadata metadata() const override;
--- a/Kernel/FileSystem/DevPtsFS.cpp
+++ b/Kernel/FileSystem/DevPtsFS.cpp
@ -160,7 +160,7 @@ KResult DevPtsFSInode::add_child(Inode&, const StringView&, mode_t)
    return EROFS;
 }
-KResultOr<NonnullRefPtr<Inode>> DevPtsFSInode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> DevPtsFSInode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    return EROFS;
 }
@ -175,7 +175,7 @@ KResult DevPtsFSInode::chmod(mode_t)
    return EROFS;
 }
-KResult DevPtsFSInode::chown(uid_t, gid_t)
+KResult DevPtsFSInode::chown(UserID, GroupID)
 {
    return EROFS;
 }
--- a/Kernel/FileSystem/DevPtsFS.h
+++ b/Kernel/FileSystem/DevPtsFS.h
@ -53,11 +53,11 @@ private:
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual void flush_metadata() override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& buffer, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    WeakPtr<SlavePTY> m_pty;
    InodeMetadata m_metadata;
--- a/Kernel/FileSystem/Ext2FileSystem.cpp
+++ b/Kernel/FileSystem/Ext2FileSystem.cpp
@ -1176,7 +1176,7 @@ KResult Ext2FSInode::write_directory(Vector<Ext2FSDirectoryEntry>& entries)
    return KSuccess;
 }
-KResultOr<NonnullRefPtr<Inode>> Ext2FSInode::create_child(StringView name, mode_t mode, dev_t dev, uid_t uid, gid_t gid)
+KResultOr<NonnullRefPtr<Inode>> Ext2FSInode::create_child(StringView name, mode_t mode, dev_t dev, UserID uid, GroupID gid)
 {
    if (::is_directory(mode))
        return fs().create_directory(*this, name, mode, uid, gid);
@ -1539,7 +1539,7 @@ KResult Ext2FS::set_block_allocation_state(BlockIndex block_index, bool new_stat
    return update_bitmap_block(bgd.bg_block_bitmap, bit_index, new_state, m_super_block.s_free_blocks_count, bgd.bg_free_blocks_count);
 }
-KResult Ext2FS::create_directory(Ext2FSInode& parent_inode, const String& name, mode_t mode, uid_t uid, gid_t gid)
+KResult Ext2FS::create_directory(Ext2FSInode& parent_inode, const String& name, mode_t mode, UserID uid, GroupID gid)
 {
    MutexLocker locker(m_lock);
    VERIFY(is_directory(mode));
@ -1569,7 +1569,7 @@ KResult Ext2FS::create_directory(Ext2FSInode& parent_inode, const String& name,
    return KSuccess;
 }
-KResultOr<NonnullRefPtr<Inode>> Ext2FS::create_inode(Ext2FSInode& parent_inode, const String& name, mode_t mode, dev_t dev, uid_t uid, gid_t gid)
+KResultOr<NonnullRefPtr<Inode>> Ext2FS::create_inode(Ext2FSInode& parent_inode, const String& name, mode_t mode, dev_t dev, UserID uid, GroupID gid)
 {
    if (name.length() > EXT2_NAME_LEN)
        return ENAMETOOLONG;
@ -1580,8 +1580,8 @@ KResultOr<NonnullRefPtr<Inode>> Ext2FS::create_inode(Ext2FSInode& parent_inode,
    ext2_inode e2inode {};
    auto now = kgettimeofday().to_truncated_seconds();
    e2inode.i_mode = mode;
-    e2inode.i_uid = uid;
+    e2inode.i_uid = uid.value();
-    e2inode.i_gid = gid;
+    e2inode.i_gid = gid.value();
    e2inode.i_size = 0;
    e2inode.i_atime = now;
    e2inode.i_ctime = now;
@ -1740,13 +1740,13 @@ KResult Ext2FSInode::chmod(mode_t mode)
    return KSuccess;
 }
-KResult Ext2FSInode::chown(uid_t uid, gid_t gid)
+KResult Ext2FSInode::chown(UserID uid, GroupID gid)
 {
    MutexLocker locker(m_inode_lock);
    if (m_raw_inode.i_uid == uid && m_raw_inode.i_gid == gid)
        return KSuccess;
-    m_raw_inode.i_uid = uid;
+    m_raw_inode.i_uid = uid.value();
-    m_raw_inode.i_gid = gid;
+    m_raw_inode.i_gid = gid.value();
    set_metadata_dirty(true);
    return KSuccess;
 }
--- a/Kernel/FileSystem/Ext2FileSystem.h
+++ b/Kernel/FileSystem/Ext2FileSystem.h
@ -44,7 +44,7 @@ private:
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual void flush_metadata() override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& data, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode& child, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult set_atime(time_t) override;
@ -53,7 +53,7 @@ private:
    virtual KResult increment_link_count() override;
    virtual KResult decrement_link_count() override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
    virtual KResultOr<int> get_block_address(int) override;
@ -130,8 +130,8 @@ private:
    virtual StringView class_name() const override { return "Ext2FS"sv; }
    virtual Ext2FSInode& root_inode() override;
    RefPtr<Inode> get_inode(InodeIdentifier) const;
-    KResultOr<NonnullRefPtr<Inode>> create_inode(Ext2FSInode& parent_inode, const String& name, mode_t, dev_t, uid_t, gid_t);
+    KResultOr<NonnullRefPtr<Inode>> create_inode(Ext2FSInode& parent_inode, const String& name, mode_t, dev_t, UserID, GroupID);
-    KResult create_directory(Ext2FSInode& parent_inode, const String& name, mode_t, uid_t, gid_t);
+    KResult create_directory(Ext2FSInode& parent_inode, const String& name, mode_t, UserID, GroupID);
    virtual void flush_writes() override;
    BlockIndex first_block_index() const;
--- a/Kernel/FileSystem/FIFO.cpp
+++ b/Kernel/FileSystem/FIFO.cpp
@ -16,7 +16,7 @@ namespace Kernel {
 static Atomic<int> s_next_fifo_id = 1;
-RefPtr<FIFO> FIFO::try_create(uid_t uid)
+RefPtr<FIFO> FIFO::try_create(UserID uid)
 {
    auto buffer = DoubleBuffer::try_create();
    if (buffer)
@ -65,7 +65,7 @@ KResultOr<NonnullRefPtr<FileDescription>> FIFO::open_direction_blocking(FIFO::Di
    return description;
 }
-FIFO::FIFO(uid_t uid, NonnullOwnPtr<DoubleBuffer> buffer)
+FIFO::FIFO(UserID uid, NonnullOwnPtr<DoubleBuffer> buffer)
    : m_buffer(move(buffer))
    , m_uid(uid)
 {
--- a/Kernel/FileSystem/FIFO.h
+++ b/Kernel/FileSystem/FIFO.h
@ -24,10 +24,10 @@ public:
        Writer
    };
-    static RefPtr<FIFO> try_create(uid_t);
+    static RefPtr<FIFO> try_create(UserID);
    virtual ~FIFO() override;
-    uid_t uid() const { return m_uid; }
+    UserID uid() const { return m_uid; }
    KResultOr<NonnullRefPtr<FileDescription>> open_direction(Direction);
    KResultOr<NonnullRefPtr<FileDescription>> open_direction_blocking(Direction);
@ -49,13 +49,13 @@ private:
    virtual StringView class_name() const override { return "FIFO"; }
    virtual bool is_fifo() const override { return true; }
-    explicit FIFO(uid_t, NonnullOwnPtr<DoubleBuffer> buffer);
+    explicit FIFO(UserID, NonnullOwnPtr<DoubleBuffer> buffer);
    unsigned m_writers { 0 };
    unsigned m_readers { 0 };
    NonnullOwnPtr<DoubleBuffer> m_buffer;
-    uid_t m_uid { 0 };
+    UserID m_uid { 0 };
    int m_fifo_id { 0 };
--- a/Kernel/FileSystem/File.h
+++ b/Kernel/FileSystem/File.h
@ -95,7 +95,7 @@ public:
    virtual String absolute_path(const FileDescription&) const = 0;
    virtual KResult truncate(u64) { return EINVAL; }
-    virtual KResult chown(FileDescription&, uid_t, gid_t) { return EBADF; }
+    virtual KResult chown(FileDescription&, UserID, GroupID) { return EBADF; }
    virtual KResult chmod(FileDescription&, mode_t) { return EBADF; }
    virtual StringView class_name() const = 0;
--- a/Kernel/FileSystem/FileDescription.cpp
+++ b/Kernel/FileSystem/FileDescription.cpp
@ -437,7 +437,7 @@ KResult FileDescription::chmod(mode_t mode)
    return m_file->chmod(*this, mode);
 }
-KResult FileDescription::chown(uid_t uid, gid_t gid)
+KResult FileDescription::chown(UserID uid, GroupID gid)
 {
    MutexLocker locker(m_lock);
    return m_file->chown(*this, uid, gid);
--- a/Kernel/FileSystem/FileDescription.h
+++ b/Kernel/FileSystem/FileDescription.h
@ -123,7 +123,7 @@ public:
    off_t offset() const { return m_current_offset; }
-    KResult chown(uid_t, gid_t);
+    KResult chown(UserID, GroupID);
    FileBlockerSet& blocker_set();
--- a/Kernel/FileSystem/ISO9660FileSystem.cpp
+++ b/Kernel/FileSystem/ISO9660FileSystem.cpp
@ -565,7 +565,7 @@ KResultOr<size_t> ISO9660Inode::write_bytes(off_t, size_t, const UserOrKernelBuf
    return EROFS;
 }
-KResultOr<NonnullRefPtr<Inode>> ISO9660Inode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> ISO9660Inode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    return EROFS;
 }
@ -585,7 +585,7 @@ KResult ISO9660Inode::chmod(mode_t)
    return EROFS;
 }
-KResult ISO9660Inode::chown(uid_t, gid_t)
+KResult ISO9660Inode::chown(UserID, GroupID)
 {
    return EROFS;
 }
--- a/Kernel/FileSystem/ISO9660FileSystem.h
+++ b/Kernel/FileSystem/ISO9660FileSystem.h
@ -353,11 +353,11 @@ public:
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual void flush_metadata() override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& buffer, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
    virtual KResult set_atime(time_t) override;
    virtual KResult set_ctime(time_t) override;
--- a/Kernel/FileSystem/Inode.h
+++ b/Kernel/FileSystem/Inode.h
@ -55,11 +55,11 @@ public:
    virtual KResult traverse_as_directory(Function<bool(FileSystem::DirectoryEntryView const&)>) const = 0;
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) = 0;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& data, FileDescription*) = 0;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) = 0;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) = 0;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) = 0;
    virtual KResult remove_child(const StringView& name) = 0;
    virtual KResult chmod(mode_t) = 0;
-    virtual KResult chown(uid_t, gid_t) = 0;
+    virtual KResult chown(UserID, GroupID) = 0;
    virtual KResult truncate(u64) { return KSuccess; }
    virtual KResultOr<NonnullRefPtr<Custody>> resolve_as_link(Custody& base, RefPtr<Custody>* out_parent, int options, int symlink_recursion_level) const;
--- a/Kernel/FileSystem/InodeFile.cpp
+++ b/Kernel/FileSystem/InodeFile.cpp
@ -127,7 +127,7 @@ KResult InodeFile::truncate(u64 size)
    return KSuccess;
 }
-KResult InodeFile::chown(FileDescription& description, uid_t uid, gid_t gid)
+KResult InodeFile::chown(FileDescription& description, UserID uid, GroupID gid)
 {
    VERIFY(description.inode() == m_inode);
    VERIFY(description.custody());
--- a/Kernel/FileSystem/InodeFile.h
+++ b/Kernel/FileSystem/InodeFile.h
@ -39,7 +39,7 @@ public:
    virtual String absolute_path(const FileDescription&) const override;
    virtual KResult truncate(u64) override;
-    virtual KResult chown(FileDescription&, uid_t, gid_t) override;
+    virtual KResult chown(FileDescription&, UserID, GroupID) override;
    virtual KResult chmod(FileDescription&, mode_t) override;
    virtual StringView class_name() const override { return "InodeFile"; }
--- a/Kernel/FileSystem/InodeMetadata.h
+++ b/Kernel/FileSystem/InodeMetadata.h
@ -38,7 +38,7 @@ struct InodeMetadata {
    bool may_write(const Process&) const;
    bool may_execute(const Process&) const;
-    bool may_read(uid_t u, gid_t g, Span<const gid_t> eg) const
+    bool may_read(UserID u, GroupID g, Span<GroupID const> eg) const
    {
        if (u == 0)
            return true;
@ -49,7 +49,7 @@ struct InodeMetadata {
        return mode & S_IROTH;
    }
-    bool may_write(uid_t u, gid_t g, Span<const gid_t> eg) const
+    bool may_write(UserID u, GroupID g, Span<GroupID const> eg) const
    {
        if (u == 0)
            return true;
@ -60,7 +60,7 @@ struct InodeMetadata {
        return mode & S_IWOTH;
    }
-    bool may_execute(uid_t u, gid_t g, Span<const gid_t> eg) const
+    bool may_execute(UserID u, GroupID g, Span<GroupID const> eg) const
    {
        if (u == 0)
            return true;
@ -91,8 +91,8 @@ struct InodeMetadata {
        buffer.st_ino = inode.index().value();
        buffer.st_mode = mode;
        buffer.st_nlink = link_count;
-        buffer.st_uid = uid;
+        buffer.st_uid = uid.value();
-        buffer.st_gid = gid;
+        buffer.st_gid = gid.value();
        buffer.st_dev = 0; // FIXME
        buffer.st_size = size;
        buffer.st_blksize = block_size;
@ -109,8 +109,8 @@ struct InodeMetadata {
    InodeIdentifier inode;
    off_t size { 0 };
    mode_t mode { 0 };
-    uid_t uid { 0 };
+    UserID uid { 0 };
-    gid_t gid { 0 };
+    GroupID gid { 0 };
    nlink_t link_count { 0 };
    time_t atime { 0 };
    time_t ctime { 0 };
--- a/Kernel/FileSystem/Plan9FileSystem.cpp
+++ b/Kernel/FileSystem/Plan9FileSystem.cpp
@ -934,7 +934,7 @@ KResultOr<NonnullRefPtr<Inode>> Plan9FSInode::lookup(StringView name)
    return Plan9FSInode::create(fs(), newfid);
 }
-KResultOr<NonnullRefPtr<Inode>> Plan9FSInode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> Plan9FSInode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    // TODO
    return ENOTIMPL;
@ -958,7 +958,7 @@ KResult Plan9FSInode::chmod(mode_t)
    return ENOTIMPL;
 }
-KResult Plan9FSInode::chown(uid_t, gid_t)
+KResult Plan9FSInode::chown(UserID, GroupID)
 {
    // TODO
    return ENOTIMPL;
--- a/Kernel/FileSystem/Plan9FileSystem.h
+++ b/Kernel/FileSystem/Plan9FileSystem.h
@ -160,11 +160,11 @@ public:
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& data, FileDescription*) override;
    virtual KResult traverse_as_directory(Function<bool(FileSystem::DirectoryEntryView const&)>) const override;
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
 private:
--- a/Kernel/FileSystem/ProcFS.cpp
+++ b/Kernel/FileSystem/ProcFS.cpp
@ -83,7 +83,7 @@ KResult ProcFSInode::add_child(Inode&, const StringView&, mode_t)
    return EROFS;
 }
-KResultOr<NonnullRefPtr<Inode>> ProcFSInode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> ProcFSInode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    return EROFS;
 }
@ -98,7 +98,7 @@ KResult ProcFSInode::chmod(mode_t)
    return EPERM;
 }
-KResult ProcFSInode::chown(uid_t, gid_t)
+KResult ProcFSInode::chown(UserID, GroupID)
 {
    return EPERM;
 }
--- a/Kernel/FileSystem/ProcFS.h
+++ b/Kernel/FileSystem/ProcFS.h
@ -57,11 +57,11 @@ protected:
    virtual KResult attach(FileDescription& description) = 0;
    virtual void did_seek(FileDescription&, off_t) = 0;
    virtual void flush_metadata() override final;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override final;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override final;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override final;
    virtual KResult remove_child(const StringView& name) override final;
    virtual KResult chmod(mode_t) override final;
-    virtual KResult chown(uid_t, gid_t) override final;
+    virtual KResult chown(UserID, GroupID) override final;
    virtual KResult truncate(u64) override final;
 };
--- a/Kernel/FileSystem/SysFS.cpp
+++ b/Kernel/FileSystem/SysFS.cpp
@ -133,7 +133,7 @@ KResultOr<size_t> SysFSInode::write_bytes(off_t offset, size_t count, UserOrKern
    return m_associated_component->write_bytes(offset, count, buffer, fd);
 }
-KResultOr<NonnullRefPtr<Inode>> SysFSInode::create_child(StringView, mode_t, dev_t, uid_t, gid_t)
+KResultOr<NonnullRefPtr<Inode>> SysFSInode::create_child(StringView, mode_t, dev_t, UserID, GroupID)
 {
    return EROFS;
 }
@ -153,7 +153,7 @@ KResult SysFSInode::chmod(mode_t)
    return EPERM;
 }
-KResult SysFSInode::chown(uid_t, gid_t)
+KResult SysFSInode::chown(UserID, GroupID)
 {
    return EPERM;
 }
--- a/Kernel/FileSystem/SysFS.h
+++ b/Kernel/FileSystem/SysFS.h
@ -89,11 +89,11 @@ protected:
    virtual void flush_metadata() override;
    virtual InodeMetadata metadata() const override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, UserOrKernelBuffer const&, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, StringView const& name, mode_t) override;
    virtual KResult remove_child(StringView const& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
    NonnullRefPtr<SysFSComponent> m_associated_component;
--- a/Kernel/FileSystem/TmpFS.cpp
+++ b/Kernel/FileSystem/TmpFS.cpp
@ -249,7 +249,7 @@ KResult TmpFSInode::chmod(mode_t mode)
    return KSuccess;
 }
-KResult TmpFSInode::chown(uid_t uid, gid_t gid)
+KResult TmpFSInode::chown(UserID uid, GroupID gid)
 {
    MutexLocker locker(m_inode_lock);
@ -259,7 +259,7 @@ KResult TmpFSInode::chown(uid_t uid, gid_t gid)
    return KSuccess;
 }
-KResultOr<NonnullRefPtr<Inode>> TmpFSInode::create_child(StringView name, mode_t mode, dev_t dev, uid_t uid, gid_t gid)
+KResultOr<NonnullRefPtr<Inode>> TmpFSInode::create_child(StringView name, mode_t mode, dev_t dev, UserID uid, GroupID gid)
 {
    MutexLocker locker(m_inode_lock);
--- a/Kernel/FileSystem/TmpFS.h
+++ b/Kernel/FileSystem/TmpFS.h
@ -58,11 +58,11 @@ public:
    virtual KResultOr<NonnullRefPtr<Inode>> lookup(StringView name) override;
    virtual void flush_metadata() override;
    virtual KResultOr<size_t> write_bytes(off_t, size_t, const UserOrKernelBuffer& buffer, FileDescription*) override;
-    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
+    virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, UserID, GroupID) override;
    virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
    virtual KResult remove_child(const StringView& name) override;
    virtual KResult chmod(mode_t) override;
-    virtual KResult chown(uid_t, gid_t) override;
+    virtual KResult chown(UserID, GroupID) override;
    virtual KResult truncate(u64) override;
    virtual KResult set_atime(time_t) override;
    virtual KResult set_ctime(time_t) override;
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@ -370,8 +370,8 @@ KResultOr<NonnullRefPtr<FileDescription>> VirtualFileSystem::create(StringView p
        return EROFS;
    dbgln_if(VFS_DEBUG, "VirtualFileSystem::create: '{}' in {}", basename, parent_inode.identifier());
-    uid_t uid = owner.has_value() ? owner.value().uid : current_process.euid();
+    auto uid = owner.has_value() ? owner.value().uid : current_process.euid();
-    gid_t gid = owner.has_value() ? owner.value().gid : current_process.egid();
+    auto gid = owner.has_value() ? owner.value().gid : current_process.egid();
    auto inode_or_error = parent_inode.create_child(basename, mode, 0, uid, gid);
    if (inode_or_error.is_error())
        return inode_or_error.error();
@ -582,7 +582,7 @@ KResult VirtualFileSystem::rename(StringView old_path, StringView new_path, Cust
    return KSuccess;
 }
-KResult VirtualFileSystem::chown(Custody& custody, uid_t a_uid, gid_t a_gid)
+KResult VirtualFileSystem::chown(Custody& custody, UserID a_uid, GroupID a_gid)
 {
    auto& inode = custody.inode();
    auto metadata = inode.metadata();
@ -591,8 +591,8 @@ KResult VirtualFileSystem::chown(Custody& custody, uid_t a_uid, gid_t a_gid)
    if (current_process.euid() != metadata.uid && !current_process.is_superuser())
        return EPERM;
-    uid_t new_uid = metadata.uid;
+    UserID new_uid = metadata.uid;
-    gid_t new_gid = metadata.gid;
+    GroupID new_gid = metadata.gid;
    if (a_uid != (uid_t)-1) {
        if (current_process.euid() != a_uid && !current_process.is_superuser())
@ -619,7 +619,7 @@ KResult VirtualFileSystem::chown(Custody& custody, uid_t a_uid, gid_t a_gid)
    return inode.chown(new_uid, new_gid);
 }
-KResult VirtualFileSystem::chown(StringView path, uid_t a_uid, gid_t a_gid, Custody& base)
+KResult VirtualFileSystem::chown(StringView path, UserID a_uid, GroupID a_gid, Custody& base)
 {
    auto custody_or_error = resolve_path(path, base);
    if (custody_or_error.is_error())
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@ -29,8 +29,8 @@ namespace Kernel {
 #define O_UNLINK_INTERNAL (1 << 30)
 struct UidAndGid {
-    uid_t uid;
+    UserID uid;
-    gid_t gid;
+    GroupID gid;
 };
 class VirtualFileSystem {
@ -57,8 +57,8 @@ public:
    KResult rmdir(StringView path, Custody& base);
    KResult chmod(StringView path, mode_t, Custody& base);
    KResult chmod(Custody&, mode_t);
-    KResult chown(StringView path, uid_t, gid_t, Custody& base);
+    KResult chown(StringView path, UserID, GroupID, Custody& base);
-    KResult chown(Custody&, uid_t, gid_t);
+    KResult chown(Custody&, UserID, GroupID);
    KResult access(StringView path, int mode, Custody& base);
    KResultOr<InodeMetadata> lookup_metadata(StringView path, Custody& base, int options = 0);
    KResult utime(StringView path, Custody& base, time_t atime, time_t mtime);
--- a/Kernel/Forward.h
+++ b/Kernel/Forward.h
@ -7,6 +7,7 @@
 #pragma once
 #include <AK/DistinctNumeric.h>
 #include <Kernel/API/POSIX/sys/types.h>
 namespace Kernel {
@ -98,4 +99,7 @@ TYPEDEF_DISTINCT_ORDERED_ID(pid_t, ThreadID);
 TYPEDEF_DISTINCT_ORDERED_ID(pid_t, SessionID);
 TYPEDEF_DISTINCT_ORDERED_ID(pid_t, ProcessGroupID);
 TYPEDEF_DISTINCT_ORDERED_ID(uid_t, UserID);
 TYPEDEF_DISTINCT_ORDERED_ID(gid_t, GroupID);
 }
--- a/Kernel/GlobalProcessExposed.cpp
+++ b/Kernel/GlobalProcessExposed.cpp
@ -111,8 +111,8 @@ private:
            obj.add("bytes_out", socket.bytes_out());
            if (Process::current().is_superuser() || Process::current().uid() == socket.origin_uid()) {
                obj.add("origin_pid", socket.origin_pid());
-                obj.add("origin_uid", socket.origin_uid());
+                obj.add("origin_uid", socket.origin_uid().value());
-                obj.add("origin_gid", socket.origin_gid());
+                obj.add("origin_gid", socket.origin_gid().value());
            }
        });
        array.finish();
@ -133,11 +133,11 @@ private:
            auto obj = array.add_object();
            obj.add("path", String(socket.socket_path()));
            obj.add("origin_pid", socket.origin_pid());
-            obj.add("origin_uid", socket.origin_uid());
+            obj.add("origin_uid", socket.origin_uid().value());
-            obj.add("origin_gid", socket.origin_gid());
+            obj.add("origin_gid", socket.origin_gid().value());
            obj.add("acceptor_pid", socket.acceptor_pid());
-            obj.add("acceptor_uid", socket.acceptor_uid());
+            obj.add("acceptor_uid", socket.acceptor_uid().value());
-            obj.add("acceptor_gid", socket.acceptor_gid());
+            obj.add("acceptor_gid", socket.acceptor_gid().value());
        });
        array.finish();
        return true;
@ -161,8 +161,8 @@ private:
            obj.add("peer_port", socket.peer_port());
            if (Process::current().is_superuser() || Process::current().uid() == socket.origin_uid()) {
                obj.add("origin_pid", socket.origin_pid());
-                obj.add("origin_uid", socket.origin_uid());
+                obj.add("origin_uid", socket.origin_uid().value());
-                obj.add("origin_gid", socket.origin_gid());
+                obj.add("origin_gid", socket.origin_gid().value());
            }
        });
        array.finish();
@ -456,8 +456,8 @@ private:
            process_object.add("pgid", process.tty() ? process.tty()->pgid().value() : 0);
            process_object.add("pgp", process.pgid().value());
            process_object.add("sid", process.sid().value());
-            process_object.add("uid", process.uid());
+            process_object.add("uid", process.uid().value());
-            process_object.add("gid", process.gid());
+            process_object.add("gid", process.gid().value());
            process_object.add("ppid", process.ppid().value());
            process_object.add("nfds", process.fds().open_count());
            process_object.add("name", process.name());
--- a/Kernel/Net/LocalSocket.cpp
+++ b/Kernel/Net/LocalSocket.cpp
@ -63,7 +63,7 @@ KResultOr<SocketPair> LocalSocket::create_connected_pair(int type)
    memcpy(socket->m_address.sun_path, "[socketpair]", 13);
    auto& process = Process::current();
-    socket->m_acceptor = { process.pid().value(), process.uid(), process.gid() };
+    socket->m_acceptor = { process.pid().value(), process.uid().value(), process.gid().value() };
    socket->set_connected(true);
    socket->set_connect_side_role(Role::Connected);
@ -456,7 +456,7 @@ KResult LocalSocket::chmod(FileDescription&, mode_t mode)
    return KSuccess;
 }
-KResult LocalSocket::chown(FileDescription&, uid_t uid, gid_t gid)
+KResult LocalSocket::chown(FileDescription&, UserID uid, GroupID gid)
 {
    if (m_file)
        return m_file->chown(uid, gid);
--- a/Kernel/Net/LocalSocket.h
+++ b/Kernel/Net/LocalSocket.h
@ -48,7 +48,7 @@ public:
    virtual KResultOr<size_t> recvfrom(FileDescription&, UserOrKernelBuffer&, size_t, int flags, Userspace<sockaddr*>, Userspace<socklen_t*>, Time&) override;
    virtual KResult getsockopt(FileDescription&, int level, int option, Userspace<void*>, Userspace<socklen_t*>) override;
    virtual KResult ioctl(FileDescription&, unsigned request, Userspace<void*> arg) override;
-    virtual KResult chown(FileDescription&, uid_t, gid_t) override;
+    virtual KResult chown(FileDescription&, UserID, GroupID) override;
    virtual KResult chmod(FileDescription&, mode_t) override;
 private:
@ -72,8 +72,8 @@ private:
    // An open socket file on the filesystem.
    RefPtr<FileDescription> m_file;
-    uid_t m_prebind_uid { 0 };
+    UserID m_prebind_uid { 0 };
-    gid_t m_prebind_gid { 0 };
+    GroupID m_prebind_gid { 0 };
    mode_t m_prebind_mode { 0 };
    // A single LocalSocket is shared between two file descriptions
--- a/Kernel/Net/Socket.cpp
+++ b/Kernel/Net/Socket.cpp
@ -35,7 +35,7 @@ Socket::Socket(int domain, int type, int protocol)
    , m_protocol(protocol)
 {
    auto& process = Process::current();
-    m_origin = { process.pid().value(), process.uid(), process.gid() };
+    m_origin = { process.pid().value(), process.uid().value(), process.gid().value() };
 }
 Socket::~Socket()
@ -58,7 +58,7 @@ RefPtr<Socket> Socket::accept()
    auto client = m_pending.take_first();
    VERIFY(!client->is_connected());
    auto& process = Process::current();
-    client->m_acceptor = { process.pid().value(), process.uid(), process.gid() };
+    client->m_acceptor = { process.pid().value(), process.uid().value(), process.gid().value() };
    client->m_connected = true;
    client->m_role = Role::Accepted;
    if (!m_pending.is_empty())
--- a/Kernel/Net/Socket.h
+++ b/Kernel/Net/Socket.h
@ -92,11 +92,11 @@ public:
    virtual KResult getsockopt(FileDescription&, int level, int option, Userspace<void*>, Userspace<socklen_t*>);
    pid_t origin_pid() const { return m_origin.pid; }
-    uid_t origin_uid() const { return m_origin.uid; }
+    UserID origin_uid() const { return m_origin.uid; }
-    gid_t origin_gid() const { return m_origin.gid; }
+    GroupID origin_gid() const { return m_origin.gid; }
    pid_t acceptor_pid() const { return m_acceptor.pid; }
-    uid_t acceptor_uid() const { return m_acceptor.uid; }
+    UserID acceptor_uid() const { return m_acceptor.uid; }
-    gid_t acceptor_gid() const { return m_acceptor.gid; }
+    GroupID acceptor_gid() const { return m_acceptor.gid; }
    const RefPtr<NetworkAdapter> bound_interface() const { return m_bound_interface; }
    Mutex& lock() { return m_lock; }
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@ -94,7 +94,7 @@ NonnullRefPtrVector<Process> Process::all_processes()
    return output;
 }
-bool Process::in_group(gid_t gid) const
+bool Process::in_group(GroupID gid) const
 {
    return this->gid() == gid || extra_gids().contains_slow(gid);
 }
@ -143,7 +143,7 @@ void Process::register_new(Process& process)
    });
 }
-RefPtr<Process> Process::create_user_process(RefPtr<Thread>& first_thread, const String& path, uid_t uid, gid_t gid, ProcessID parent_pid, int& error, Vector<String>&& arguments, Vector<String>&& environment, TTY* tty)
+RefPtr<Process> Process::create_user_process(RefPtr<Thread>& first_thread, const String& path, UserID uid, GroupID gid, ProcessID parent_pid, int& error, Vector<String>&& arguments, Vector<String>&& environment, TTY* tty)
 {
    auto parts = path.split('/');
    if (arguments.is_empty()) {
@ -192,7 +192,7 @@ RefPtr<Process> Process::create_user_process(RefPtr<Thread>& first_thread, const
 RefPtr<Process> Process::create_kernel_process(RefPtr<Thread>& first_thread, String&& name, void (*entry)(void*), void* entry_data, u32 affinity, RegisterProcess do_register)
 {
-    auto process = Process::create(first_thread, move(name), (uid_t)0, (gid_t)0, ProcessID(0), true);
+    auto process = Process::create(first_thread, move(name), UserID(0), GroupID(0), ProcessID(0), true);
    if (!first_thread || !process)
        return {};
    first_thread->regs().set_ip((FlatPtr)entry);
@ -225,7 +225,7 @@ void Process::unprotect_data()
    });
 }
-RefPtr<Process> Process::create(RefPtr<Thread>& first_thread, const String& name, uid_t uid, gid_t gid, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty, Process* fork_parent)
+RefPtr<Process> Process::create(RefPtr<Thread>& first_thread, const String& name, UserID uid, GroupID gid, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty, Process* fork_parent)
 {
    auto space = Memory::AddressSpace::try_create(fork_parent ? &fork_parent->address_space() : nullptr);
    if (!space)
@ -239,7 +239,7 @@ RefPtr<Process> Process::create(RefPtr<Thread>& first_thread, const String& name
    return process;
 }
-Process::Process(const String& name, uid_t uid, gid_t gid, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty)
+Process::Process(const String& name, UserID uid, GroupID gid, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty)
    : m_name(move(name))
    , m_is_kernel_process(is_kernel_process)
    , m_executable(move(executable))
@ -521,7 +521,7 @@ siginfo_t Process::wait_info()
    siginfo_t siginfo {};
    siginfo.si_signo = SIGCHLD;
    siginfo.si_pid = pid().value();
-    siginfo.si_uid = uid();
+    siginfo.si_uid = uid().value();
    if (m_protected_values.termination_signal) {
        siginfo.si_status = m_protected_values.termination_signal;
--- a/Kernel/Process.h
+++ b/Kernel/Process.h
@ -93,13 +93,13 @@ class Process final
        ProcessID pid { 0 };
        ProcessID ppid { 0 };
        SessionID sid { 0 };
-        uid_t euid { 0 };
+        UserID euid { 0 };
-        gid_t egid { 0 };
+        GroupID egid { 0 };
-        uid_t uid { 0 };
+        UserID uid { 0 };
-        gid_t gid { 0 };
+        GroupID gid { 0 };
-        uid_t suid { 0 };
+        UserID suid { 0 };
-        gid_t sgid { 0 };
+        GroupID sgid { 0 };
-        Vector<gid_t> extra_gids;
+        Vector<GroupID> extra_gids;
        bool dumpable { false };
        Atomic<bool> has_promises { false };
        Atomic<u32> promises { 0 };
@ -179,7 +179,7 @@ public:
    }
    static RefPtr<Process> create_kernel_process(RefPtr<Thread>& first_thread, String&& name, void (*entry)(void*), void* entry_data = nullptr, u32 affinity = THREAD_AFFINITY_DEFAULT, RegisterProcess do_register = RegisterProcess::Yes);
-    static RefPtr<Process> create_user_process(RefPtr<Thread>& first_thread, const String& path, uid_t, gid_t, ProcessID ppid, int& error, Vector<String>&& arguments = Vector<String>(), Vector<String>&& environment = Vector<String>(), TTY* = nullptr);
+    static RefPtr<Process> create_user_process(RefPtr<Thread>& first_thread, const String& path, UserID, GroupID, ProcessID ppid, int& error, Vector<String>&& arguments = Vector<String>(), Vector<String>&& environment = Vector<String>(), TTY* = nullptr);
    static void register_new(Process&);
    bool unref() const;
@ -213,13 +213,13 @@ public:
    bool is_session_leader() const { return sid().value() == pid().value(); }
    ProcessGroupID pgid() const { return m_pg ? m_pg->pgid() : 0; }
    bool is_group_leader() const { return pgid().value() == pid().value(); }
-    const Vector<gid_t>& extra_gids() const { return m_protected_values.extra_gids; }
+    Vector<GroupID> const& extra_gids() const { return m_protected_values.extra_gids; }
-    uid_t euid() const { return m_protected_values.euid; }
+    UserID euid() const { return m_protected_values.euid; }
-    gid_t egid() const { return m_protected_values.egid; }
+    GroupID egid() const { return m_protected_values.egid; }
-    uid_t uid() const { return m_protected_values.uid; }
+    UserID uid() const { return m_protected_values.uid; }
-    gid_t gid() const { return m_protected_values.gid; }
+    GroupID gid() const { return m_protected_values.gid; }
-    uid_t suid() const { return m_protected_values.suid; }
+    UserID suid() const { return m_protected_values.suid; }
-    gid_t sgid() const { return m_protected_values.sgid; }
+    GroupID sgid() const { return m_protected_values.sgid; }
    ProcessID ppid() const { return m_protected_values.ppid; }
    bool is_dumpable() const { return m_protected_values.dumpable; }
@ -227,7 +227,7 @@ public:
    mode_t umask() const { return m_protected_values.umask; }
-    bool in_group(gid_t) const;
+    bool in_group(GroupID) const;
    // Breakable iteration functions
    template<IteratorFunction<Process&> Callback>
@ -288,8 +288,8 @@ public:
    KResultOr<FlatPtr> sys$getegid();
    KResultOr<FlatPtr> sys$getpid();
    KResultOr<FlatPtr> sys$getppid();
-    KResultOr<FlatPtr> sys$getresuid(Userspace<uid_t*>, Userspace<uid_t*>, Userspace<uid_t*>);
+    KResultOr<FlatPtr> sys$getresuid(Userspace<UserID*>, Userspace<UserID*>, Userspace<UserID*>);
-    KResultOr<FlatPtr> sys$getresgid(Userspace<gid_t*>, Userspace<gid_t*>, Userspace<gid_t*>);
+    KResultOr<FlatPtr> sys$getresgid(Userspace<GroupID*>, Userspace<GroupID*>, Userspace<GroupID*>);
    KResultOr<FlatPtr> sys$umask(mode_t);
    KResultOr<FlatPtr> sys$open(Userspace<const Syscall::SC_open_params*>);
    KResultOr<FlatPtr> sys$close(int fd);
@ -339,13 +339,13 @@ public:
    KResultOr<FlatPtr> sys$setgroups(size_t, Userspace<const gid_t*>);
    KResultOr<FlatPtr> sys$pipe(int pipefd[2], int flags);
    KResultOr<FlatPtr> sys$killpg(pid_t pgrp, int sig);
-    KResultOr<FlatPtr> sys$seteuid(uid_t);
+    KResultOr<FlatPtr> sys$seteuid(UserID);
-    KResultOr<FlatPtr> sys$setegid(gid_t);
+    KResultOr<FlatPtr> sys$setegid(GroupID);
-    KResultOr<FlatPtr> sys$setuid(uid_t);
+    KResultOr<FlatPtr> sys$setuid(UserID);
-    KResultOr<FlatPtr> sys$setgid(gid_t);
+    KResultOr<FlatPtr> sys$setgid(GroupID);
-    KResultOr<FlatPtr> sys$setreuid(uid_t, uid_t);
+    KResultOr<FlatPtr> sys$setreuid(UserID, UserID);
-    KResultOr<FlatPtr> sys$setresuid(uid_t, uid_t, uid_t);
+    KResultOr<FlatPtr> sys$setresuid(UserID, UserID, UserID);
-    KResultOr<FlatPtr> sys$setresgid(gid_t, gid_t, gid_t);
+    KResultOr<FlatPtr> sys$setresgid(GroupID, GroupID, GroupID);
    KResultOr<FlatPtr> sys$alarm(unsigned seconds);
    KResultOr<FlatPtr> sys$access(Userspace<const char*> pathname, size_t path_length, int mode);
    KResultOr<FlatPtr> sys$fcntl(int fd, int cmd, u32 extra_arg);
@ -362,7 +362,7 @@ public:
    KResultOr<FlatPtr> sys$chmod(Userspace<const char*> pathname, size_t path_length, mode_t);
    KResultOr<FlatPtr> sys$fchmod(int fd, mode_t);
    KResultOr<FlatPtr> sys$chown(Userspace<const Syscall::SC_chown_params*>);
-    KResultOr<FlatPtr> sys$fchown(int fd, uid_t, gid_t);
+    KResultOr<FlatPtr> sys$fchown(int fd, UserID, GroupID);
    KResultOr<FlatPtr> sys$socket(int domain, int type, int protocol);
    KResultOr<FlatPtr> sys$bind(int sockfd, Userspace<const sockaddr*> addr, socklen_t);
    KResultOr<FlatPtr> sys$listen(int sockfd, int backlog);
@ -518,8 +518,8 @@ private:
    bool add_thread(Thread&);
    bool remove_thread(Thread&);
-    Process(const String& name, uid_t uid, gid_t gid, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty);
+    Process(const String& name, UserID, GroupID, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd, RefPtr<Custody> executable, TTY* tty);
-    static RefPtr<Process> create(RefPtr<Thread>& first_thread, const String& name, uid_t, gid_t, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd = nullptr, RefPtr<Custody> executable = nullptr, TTY* = nullptr, Process* fork_parent = nullptr);
+    static RefPtr<Process> create(RefPtr<Thread>& first_thread, const String& name, UserID, GroupID, ProcessID ppid, bool is_kernel_process, RefPtr<Custody> cwd = nullptr, RefPtr<Custody> executable = nullptr, TTY* = nullptr, Process* fork_parent = nullptr);
    KResult attach_resources(NonnullOwnPtr<Memory::AddressSpace>&&, RefPtr<Thread>& first_thread, Process* fork_parent);
    static ProcessID allocate_pid();
@ -726,9 +726,8 @@ public:
        virtual KResult traverse_as_directory(unsigned, Function<bool(FileSystem::DirectoryEntryView const&)>) const override;
        virtual mode_t required_mode() const override { return 0555; }
-        virtual uid_t owner_user() const override;
+        virtual UserID owner_user() const override;
-
+        virtual GroupID owner_group() const override;
        virtual gid_t owner_group() const override;
    private:
        ProcessProcFSTraits(WeakPtr<Process> process)
--- a/Kernel/ProcessExposed.h
+++ b/Kernel/ProcessExposed.h
@ -73,8 +73,8 @@ public:
    virtual size_t size() const { return 0; }
    virtual mode_t required_mode() const { return 0444; }
-    virtual uid_t owner_user() const { return 0; }
+    virtual UserID owner_user() const { return 0; }
-    virtual gid_t owner_group() const { return 0; }
+    virtual GroupID owner_group() const { return 0; }
    time_t modified_time() const { return TimeManagement::now().to_timeval().tv_sec; }
    virtual void prepare_for_deletion() { }
--- a/Kernel/ProcessProcFSTraits.cpp
+++ b/Kernel/ProcessProcFSTraits.cpp
@ -9,7 +9,7 @@
 namespace Kernel {
-uid_t Process::ProcessProcFSTraits::owner_user() const
+UserID Process::ProcessProcFSTraits::owner_user() const
 {
    auto process = m_process.strong_ref();
    if (!process)
@ -18,7 +18,7 @@ uid_t Process::ProcessProcFSTraits::owner_user() const
    return process->uid();
 }
-gid_t Process::ProcessProcFSTraits::owner_group() const
+GroupID Process::ProcessProcFSTraits::owner_group() const
 {
    auto process = m_process.strong_ref();
    if (!process)
--- a/Kernel/Syscalls/chown.cpp
+++ b/Kernel/Syscalls/chown.cpp
@ -9,7 +9,7 @@
 namespace Kernel {
-KResultOr<FlatPtr> Process::sys$fchown(int fd, uid_t uid, gid_t gid)
+KResultOr<FlatPtr> Process::sys$fchown(int fd, UserID uid, GroupID gid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
    REQUIRE_PROMISE(chown);
--- a/Kernel/Syscalls/execve.cpp
+++ b/Kernel/Syscalls/execve.cpp
@ -40,7 +40,7 @@ struct LoadResult {
    WeakPtr<Memory::Region> stack_region;
 };
-static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, uid_t uid, uid_t euid, gid_t gid, gid_t egid, String executable_path, int main_program_fd);
+static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, UserID uid, UserID euid, GroupID gid, GroupID egid, String executable_path, int main_program_fd);
 static bool validate_stack_size(const Vector<String>& arguments, const Vector<String>& environment)
 {
@ -693,7 +693,7 @@ KResult Process::do_exec(NonnullRefPtr<FileDescription> main_program_description
    return KSuccess;
 }
-static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, uid_t uid, uid_t euid, gid_t gid, gid_t egid, String executable_path, int main_program_fd)
+static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, UserID uid, UserID euid, GroupID gid, GroupID egid, String executable_path, int main_program_fd)
 {
    Vector<ELF::AuxiliaryValue> auxv;
    // PHDR/EXECFD
@ -703,10 +703,10 @@ static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base,
    auxv.append({ ELF::AuxiliaryValue::Entry, (void*)entry_eip });
    // NOTELF
-    auxv.append({ ELF::AuxiliaryValue::Uid, (long)uid });
+    auxv.append({ ELF::AuxiliaryValue::Uid, (long)uid.value() });
-    auxv.append({ ELF::AuxiliaryValue::EUid, (long)euid });
+    auxv.append({ ELF::AuxiliaryValue::EUid, (long)euid.value() });
-    auxv.append({ ELF::AuxiliaryValue::Gid, (long)gid });
+    auxv.append({ ELF::AuxiliaryValue::Gid, (long)gid.value() });
-    auxv.append({ ELF::AuxiliaryValue::EGid, (long)egid });
+    auxv.append({ ELF::AuxiliaryValue::EGid, (long)egid.value() });
    auxv.append({ ELF::AuxiliaryValue::Platform, Processor::platform_string() });
    // FIXME: This is platform specific
--- a/Kernel/Syscalls/getuid.cpp
+++ b/Kernel/Syscalls/getuid.cpp
@ -12,31 +12,31 @@ KResultOr<FlatPtr> Process::sys$getuid()
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
-    return uid();
+    return uid().value();
 }
 KResultOr<FlatPtr> Process::sys$getgid()
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
-    return gid();
+    return gid().value();
 }
 KResultOr<FlatPtr> Process::sys$geteuid()
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
-    return euid();
+    return euid().value();
 }
 KResultOr<FlatPtr> Process::sys$getegid()
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
-    return egid();
+    return egid().value();
 }
-KResultOr<FlatPtr> Process::sys$getresuid(Userspace<uid_t*> ruid, Userspace<uid_t*> euid, Userspace<uid_t*> suid)
+KResultOr<FlatPtr> Process::sys$getresuid(Userspace<UserID*> ruid, Userspace<UserID*> euid, Userspace<UserID*> suid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
@ -45,7 +45,7 @@ KResultOr<FlatPtr> Process::sys$getresuid(Userspace<uid_t*> ruid, Userspace<uid_
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$getresgid(Userspace<gid_t*> rgid, Userspace<gid_t*> egid, Userspace<gid_t*> sgid)
+KResultOr<FlatPtr> Process::sys$getresgid(Userspace<GroupID*> rgid, Userspace<GroupID*> egid, Userspace<GroupID*> sgid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(stdio);
--- a/Kernel/Syscalls/setuid.cpp
+++ b/Kernel/Syscalls/setuid.cpp
@ -8,7 +8,7 @@
 namespace Kernel {
-KResultOr<FlatPtr> Process::sys$seteuid(uid_t new_euid)
+KResultOr<FlatPtr> Process::sys$seteuid(UserID new_euid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -25,7 +25,7 @@ KResultOr<FlatPtr> Process::sys$seteuid(uid_t new_euid)
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setegid(gid_t new_egid)
+KResultOr<FlatPtr> Process::sys$setegid(GroupID new_egid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -41,7 +41,7 @@ KResultOr<FlatPtr> Process::sys$setegid(gid_t new_egid)
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setuid(uid_t new_uid)
+KResultOr<FlatPtr> Process::sys$setuid(UserID new_uid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -59,7 +59,7 @@ KResultOr<FlatPtr> Process::sys$setuid(uid_t new_uid)
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setgid(gid_t new_gid)
+KResultOr<FlatPtr> Process::sys$setgid(GroupID new_gid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -77,7 +77,7 @@ KResultOr<FlatPtr> Process::sys$setgid(gid_t new_gid)
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setreuid(uid_t new_ruid, uid_t new_euid)
+KResultOr<FlatPtr> Process::sys$setreuid(UserID new_ruid, UserID new_euid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -87,7 +87,7 @@ KResultOr<FlatPtr> Process::sys$setreuid(uid_t new_ruid, uid_t new_euid)
    if (new_euid == (uid_t)-1)
        new_euid = euid();
-    auto ok = [this](uid_t id) { return id == uid() || id == euid() || id == suid(); };
+    auto ok = [this](UserID id) { return id == uid() || id == euid() || id == suid(); };
    if (!ok(new_ruid) || !ok(new_euid))
        return EPERM;
@ -103,7 +103,7 @@ KResultOr<FlatPtr> Process::sys$setreuid(uid_t new_ruid, uid_t new_euid)
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setresuid(uid_t new_ruid, uid_t new_euid, uid_t new_suid)
+KResultOr<FlatPtr> Process::sys$setresuid(UserID new_ruid, UserID new_euid, UserID new_suid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -115,7 +115,7 @@ KResultOr<FlatPtr> Process::sys$setresuid(uid_t new_ruid, uid_t new_euid, uid_t
    if (new_suid == (uid_t)-1)
        new_suid = suid();
-    auto ok = [this](uid_t id) { return id == uid() || id == euid() || id == suid(); };
+    auto ok = [this](UserID id) { return id == uid() || id == euid() || id == suid(); };
    if ((!ok(new_ruid) || !ok(new_euid) || !ok(new_suid)) && !is_superuser())
        return EPERM;
@ -129,7 +129,7 @@ KResultOr<FlatPtr> Process::sys$setresuid(uid_t new_ruid, uid_t new_euid, uid_t
    return 0;
 }
-KResultOr<FlatPtr> Process::sys$setresgid(gid_t new_rgid, gid_t new_egid, gid_t new_sgid)
+KResultOr<FlatPtr> Process::sys$setresgid(GroupID new_rgid, GroupID new_egid, GroupID new_sgid)
 {
    VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
    REQUIRE_PROMISE(id);
@ -141,7 +141,7 @@ KResultOr<FlatPtr> Process::sys$setresgid(gid_t new_rgid, gid_t new_egid, gid_t
    if (new_sgid == (gid_t)-1)
        new_sgid = sgid();
-    auto ok = [this](gid_t id) { return id == gid() || id == egid() || id == sgid(); };
+    auto ok = [this](GroupID id) { return id == gid() || id == egid() || id == sgid(); };
    if ((!ok(new_rgid) || !ok(new_egid) || !ok(new_sgid)) && !is_superuser())
        return EPERM;
--- a/Kernel/ThreadBlockers.cpp
+++ b/Kernel/ThreadBlockers.cpp
@ -724,7 +724,7 @@ bool Thread::WaitBlocker::unblock(Process& process, UnblockFlags flags, u8 signa
            // We need to gather the information before we release the scheduler lock!
            siginfo.si_signo = SIGCHLD;
            siginfo.si_pid = process.pid().value();
-            siginfo.si_uid = process.uid();
+            siginfo.si_uid = process.uid().value();
            siginfo.si_status = signal;
            switch (flags) {
--- a/Kernel/init.cpp
+++ b/Kernel/init.cpp
@ -344,7 +344,7 @@ void init_stage2(void*)
    RefPtr<Thread> thread;
    auto userspace_init = kernel_command_line().userspace_init();
    auto init_args = kernel_command_line().userspace_init_args();
-    Process::create_user_process(thread, userspace_init, (uid_t)0, (gid_t)0, ProcessID(0), error, move(init_args), {}, tty0);
+    Process::create_user_process(thread, userspace_init, UserID(0), GroupID(0), ProcessID(0), error, move(init_args), {}, tty0);
    if (error != 0) {
        PANIC("init_stage2: Error spawning SystemServer: {}", error);
    }