1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-22 08:22:06 +00:00
Commit graph

756 commits

Author SHA1 Message Date
Andreas Kling
88b6428c25 AK: Make Vector::try_* functions return ErrorOr<void>
Instead of signalling allocation failure with a bool return value
(false), we now use ErrorOr<void> and return ENOMEM as appropriate.
This allows us to use TRY() and MUST() with Vector. :^)
2021-11-10 21:58:58 +01:00
Ben Wiederhake
631447da57 Kernel: Fix TOCTOU in fstatvfs
In particular, fstatvfs used to assume that a file that was earlier
opened using some path will forever be at that path. This is wrong, and
in the meantime new mounts and new filesystems could take up the
filename or directories, leading to a completely inaccurate result.
This commit improves the situation:
- All filesystem information is now always accurate.
- The mount flags *might* be erroneously zero, if the custody for the
  open file is not available. I don't know when that might happen, but
  it is definitely not the typical case.
2021-11-10 16:13:10 +01:00
Andreas Kling
79fa9765ca Kernel: Replace KResult and KResultOr<T> with Error and ErrorOr<T>
We now use AK::Error and AK::ErrorOr<T> in both kernel and userspace!
This was a slightly tedious refactoring that took a long time, so it's
not unlikely that some bugs crept in.

Nevertheless, it does pass basic functionality testing, and it's just
real nice to finally see the same pattern in all contexts. :^)
2021-11-08 01:10:53 +01:00
Daniel Bertalan
bbb4eb0aa1 Kernel: Convert Formatter<Process> to use Formatter<FormatString>
This lets us avoid allocating memory on the heap most of the time, as
Formatter<FormatString> writes into a quite large stack buffer instead.
2021-10-21 22:19:50 +02:00
Rodrigo Tobar
e1093c3403 Kernel: Implement pread syscall
The OpenFileDescription class already offers the necessary functionlity,
so implementing this was only a matter of following the structure for
`read` while handling the additional `offset` argument.
2021-10-13 16:10:50 +02:00
Liav A
8d0dbdeaac Kernel+Userland: Introduce a new way to reboot and poweroff the machine
This change removes the halt and reboot syscalls, and create a new
mechanism to change the power state of the machine.
Instead of how power state was changed until now, put a SysFS node as
writable only for the superuser, that with a defined value, can result
in either reboot or poweroff.
In the future, a power group can be assigned to this node (which will be
the GroupID responsible for power management).

This opens an opportunity to permit to shutdown/reboot without superuser
permissions, so in the future, a userspace daemon can take control of
this node to perform power management operations without superuser
permissions, if we enforce different UserID/GroupID on that node.
2021-09-12 11:52:16 +02:00
TheFightingCatfish
a81b21c1a7 Kernel+LibC: Implement fsync 2021-09-12 11:24:02 +02:00
Liav A
04ba31b8c5 Kernel+Userland: Remove loadable kernel moduless
These interfaces are broken for about 9 months, maybe longer than that.
At this point, this is just a dead code nobody tests or tries to use, so
let's remove it instead of keeping a stale code just for the sake of
keeping it and hoping someone will fix it.

To better justify this, I read that OpenBSD removed loadable kernel
modules in 5.7 release (2014), mainly for the same reason we do -
nobody used it so they had no good reason to maintain it.
Still, OpenBSD had LKMs being effectively working, which is not the
current state in our project for a long time.
An arguably better approach to minimize the Kernel image size is to
allow dropping drivers and features while compiling a new image.
2021-09-11 19:05:00 +02:00
Ali Mohammad Pur
5a0cdb15b0 AK+Everywhere: Reduce the number of template parameters of IntrusiveList
This makes the user-facing type only take the node member pointer, and
lets the compiler figure out the other needed types from that.
2021-09-10 18:05:46 +03:00
Andreas Kling
dd82f68326 Kernel: Use KString all the way in sys$execve()
This patch converts all the usage of AK::String around sys$execve() to
using KString instead, allowing us to catch and propagate OOM errors.

It also required changing the kernel CommandLine helper class to return
a vector of KString for the userspace init program arguments.
2021-09-09 21:25:10 +02:00
Andreas Kling
6f992d784f Kernel: Add const variant of Process::perf_events()
This lets us get rid of some const_casts.
2021-09-07 22:16:25 +02:00
Andreas Kling
213b8868af Kernel: Rename file_description(fd) => open_file_description(fd)
To go with the class rename.
2021-09-07 13:53:14 +02:00
Andreas Kling
4a9c18afb9 Kernel: Rename FileDescription => OpenFileDescription
Dr. POSIX really calls these "open file description", not just
"file description", so let's call them exactly that. :^)
2021-09-07 13:53:14 +02:00
Andreas Kling
dbd639a2d8 Kernel: Convert much of sys$execve() to using KString
Make use of the new FileDescription::try_serialize_absolute_path() to
avoid String in favor of KString throughout much of sys$execve() and
its helpers.
2021-09-07 13:53:14 +02:00
Andreas Kling
a27c6f5226 Kernel: Avoid unnecessary String allocation in sys$statvfs() 2021-09-07 13:53:14 +02:00
Andreas Kling
55b0b06897 Kernel: Store process names as KString 2021-09-07 13:53:14 +02:00
Andreas Kling
db2e67fd53 Kernel: Tidy up ProcessProcFSTraits construction a bit more
Let the constructor take a Process& instead of a WeakPtr<Process> and
avoid a bunch of WeakPtr copying.
2021-09-07 13:53:14 +02:00
Andreas Kling
511ebffd94 Kernel: Improve find_elf_interpreter_for_executable() parameter names 2021-09-06 18:56:51 +02:00
Andreas Kling
7981422500 Kernel: Make Threads always have a name
We previously allowed Thread to exist in a state where its m_name was
null, and had to work around that in various places.

This patch removes that possibility and forces those who would create a
thread (or change the name of one) to provide a NonnullOwnPtr<KString>
with the name.
2021-09-06 13:06:05 +02:00
Brian Gianforcaro
bb58a4d943 Kernel: Make all Spinlocks use u8 for storage, remove template
The default template argument is only used in one place, and it
looks like it was probably just an oversight. The rest of the Kernel
code all uses u8 as the type. So lets make that the default and remove
the unused template argument, as there doesn't seem to be a reason to
allow the size to be customizable.
2021-09-05 20:46:02 +02:00
Brian Gianforcaro
472454cded Kernel: Switch static_asserts of a type size to AK::AssertSize
This will provide better debug ability when the size comparison fails.
2021-09-05 20:08:57 +02:00
Andreas Kling
a9204510a4 Kernel: Make file description lookup return KResultOr
Instead of checking it at every call site (to generate EBADF), we make
file_description(fd) return a KResultOr<NonnullRefPtr<FileDescription>>.

This allows us to wrap all the calls in TRY(). :^)

The only place that got a little bit messier from this is sys$mount(),
and there's a whole bunch of things there in need of cleanup.
2021-09-05 18:36:13 +02:00
Andreas Kling
48a0b31c47 Kernel: Make copy_{from,to}_user() return KResult and use TRY()
This makes EFAULT propagation flow much more naturally. :^)
2021-09-05 17:38:37 +02:00
Brian Gianforcaro
9d1b27263f Kernel: Declare type aliases with "using" instead of "typedef"
This is the idiomatic way to declare type aliases in modern C++.
Flagged by Sonar Cloud as a "Code Smell", but I happen to agree
with this particular one. :^)
2021-09-05 09:48:43 +01:00
Andreas Kling
12f820eb08 Kernel: Make Process::try_create() propagate errors better 2021-09-04 23:11:04 +02:00
Andreas Kling
3b995c6d01 Kernel: Tidy up Process::try_create_user_process()
This function is currently only ever used to create the init process
(SystemServer). It had a few idiosyncratic things about it that this
patch cleans up:

- Errors were returned in an int& out-param.
- It had a path for non-0 process PIDs which was never taken.
2021-09-04 23:11:04 +02:00
Andreas Kling
ba1a6ca971 Kernel: Move pledge verification into Process member functions
REQUIRE_PROMISE and REQUIRE_NO_PROMISES were macros for some reason,
and used all over the place.

This patch adds require_promise(Pledge) and require_no_promises()
to Process and makes the macros call these on the current process
instead of inlining code everywhere.
2021-09-04 23:11:04 +02:00
Andreas Kling
5e2e17c38c Kernel: Rename Process::create() => try_create() 2021-09-04 23:11:03 +02:00
Andreas Kling
0b4671add7 Kernel: {Mutex,Spinlock}::own_lock() => is_locked_by_current_thread()
Rename these API's to make it more clear what they are checking.
2021-08-29 12:53:11 +02:00
Andreas Kling
ae197deb6b Kernel: Strongly typed user & group ID's
Prior to this change, both uid_t and gid_t were typedef'ed to `u32`.
This made it easy to use them interchangeably. Let's not allow that.

This patch adds UserID and GroupID using the AK::DistinctNumeric
mechanism we've already been employing for pid_t/ProcessID.
2021-08-29 01:09:19 +02:00
Andrew Kaster
54161bf5b4 Kernel: Acquire reference to waitee before trying to block in sys$waitid
Previously, we would try to acquire a reference to the all processes
lock or other contended resources while holding both the scheduler lock
and the thread's blocker lock. This could lead to a deadlock if we
actually have to block on those other resources.
2021-08-28 20:53:38 +02:00
Andrew Kaster
dea62fe93c Kernel: Guard the all processes list with a Spinlock rather than a Mutex
There are callers of processes().with or processes().for_each that
require interrupts to be disabled. Taking a Mutexe with interrupts
disabled is a recipe for deadlock, so convert this to a Spinlock.
2021-08-28 20:53:38 +02:00
Andreas Kling
e51a5e2d5d Kernel: Rename some BlockerSets to foo_blocker_set
Cleanup after renaming BlockCondition to BlockerSet.
2021-08-23 01:42:04 +02:00
Andreas Kling
85546af417 Kernel: Rename Thread::BlockCondition to BlockerSet
This class represents a set of Thread::Blocker objects attached to
something that those blockers are waiting on.
2021-08-23 00:02:09 +02:00
Andreas Kling
bcd2025311 Everywhere: Core dump => Coredump
We all know what a coredump is, and it feels more natural to refer to
it as a coredump (most code already does), so let's be consistent.
2021-08-23 00:02:09 +02:00
Andreas Kling
c922a7da09 Kernel: Rename ScopedSpinlock => SpinlockLocker
This matches MutexLocker, and doesn't sound like it's a lock itself.
2021-08-22 03:34:10 +02:00
Andreas Kling
55adace359 Kernel: Rename SpinLock => Spinlock 2021-08-22 03:34:10 +02:00
Andreas Kling
ed6f84c2c9 Kernel: Rename SpinLockProtectedValue<T> => SpinLockProtected<T> 2021-08-22 03:34:09 +02:00
Andreas Kling
c2fc33becd Kernel: Rename ProtectedValue<T> => MutexProtected<T>
Let's make it obvious what we're protecting it with.
2021-08-22 03:34:09 +02:00
Idan Horowitz
cf271183b4 Kernel: Make Process::current() return a Process& instead of Process*
This has several benefits:
1) We no longer just blindly derefence a null pointer in various places
2) We will get nicer runtime error messages if the current process does
turn out to be null in the call location
3) GCC no longer complains about possible nullptr dereferences when
compiling without KUBSAN
2021-08-19 23:49:53 +02:00
Ali Mohammad Pur
e9feced041 Kernel: Add a Process::FileDescriptions::get_if_valid(index) API
Note that this is not the same as ::at(index), which has a different
precondition ("allocated" vs "valid").
2021-08-16 21:16:14 +02:00
sin-ack
8d90ecb280 Kernel: Simplify OOM handling in ProcessProcFSTraits 2021-08-15 15:41:02 +02:00
Andreas Kling
1b739a72c2 Kernel+Userland: Remove chroot functionality
We are not using this for anything and it's just been sitting there
gathering dust for well over a year, so let's stop carrying all this
complexity around for no good reason.
2021-08-15 12:44:35 +02:00
Andreas Kling
96d5d017b7 Kernel: Remove copy_string_from_user() as it's no longer used 2021-08-15 12:44:35 +02:00
sin-ack
24fcff45ae Kernel: Make Process final
This silences a clangd diagnostic about Process holding virtual
functions but having a non-virtual destructor.
2021-08-15 02:27:13 +02:00
sin-ack
18f260b78b Kernel: Handle removal of Process from list before unref
This makes the following scenario impossible with an SMP setup:

1) CPU A enters unref() and decrements the link count to 0.
2) CPU B sees the process in the process list and ref()s it.
3) CPU A removes the process from the list and continues destructing.
4) CPU B is now holding a destructed Process object.

By holding the process list lock before doing anything with it, we
ensure that other CPUs can't find this process in the middle of it being
destructed.
2021-08-15 02:27:13 +02:00
sin-ack
2830a0ecda Kernel: Move ProcFS related overrides in Process to ProcessProcFSTraits
This allows us to 1) let go of the Process when an inode is ref'ing for
ProcFSExposedComponent related reasons, and 2) change our ref/unref
implementation.
2021-08-15 02:27:13 +02:00
sin-ack
748938ea59 Kernel: Handle allocation failure in ProcFS and friends
There were many places in which allocation failure was noticed but
ignored.
2021-08-15 02:27:13 +02:00
Brian Gianforcaro
296452a981 Kernel: Make cloning of FileDescriptions OOM safe 2021-08-13 11:09:25 +02:00
Brian Gianforcaro
40a942d28b Kernel: Remove char* versions of path argument / kstring copy methods
The only two paths for copying strings in the kernel should be going
through the existing Userspace<char const*>, or StringArgument methods.

Lets enforce this by removing the option for using the raw cstring APIs
that were previously available.
2021-08-13 11:08:11 +02:00