LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-10-13 05:40:21 +03:00
Code Issues Packages Projects Releases Wiki Activity
8074157c10
ladybird/Kernel/Syscalls/unveil.cpp

132 lines
5.1 KiB
C++
Raw Normal View History

Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
/*
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
Kernel: Allow unveiling subfolders regardless of parent's permissions This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
2021-06-06 22:03:19 +03:00
* Copyright (c) 2021, Max Wipfli <mail@maxwipfli.ch>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
*
Everything: Move to SPDX license identifiers in all files. SPDX License Identifiers are a more compact / standardized way of representing file license information. See: https://spdx.dev/resources/use/#identifiers This was done with the `ambr` search and replace tool. ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
2021-04-22 11:24:48 +03:00
* SPDX-License-Identifier: BSD-2-Clause
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
*/
#include <AK/StringView.h>
#include <Kernel/FileSystem/Custody.h>
#include <Kernel/FileSystem/VirtualFileSystem.h>
Kernel: Replace usage of LexicalPath with KLexicalPath This replaces all uses of LexicalPath in the Kernel with the functions from KLexicalPath. This also allows the Kernel to stop including AK::LexicalPath.
2021-07-06 12:21:52 +03:00
#include <Kernel/KLexicalPath.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <Kernel/Process.h>
namespace Kernel {
Kernel: Update intermediate nodes when changing unveil permissions When changing the unveil permissions of a preexisting node, we need to make sure that any intermediate nodes that were created before and should inherit permissions from the updated node are updated properly. This fixes the following bug: unveil("/home/anon/Documents", "r"); unveil("/home", "r"); Now there was a intermediate node for "/home/anon" which still had no permission, even though it should have inherited the permissions from "/home".
2021-06-06 23:12:04 +03:00
static void update_intermediate_node_permissions(UnveilNode& root_node, UnveilAccess new_permissions)
{
for (auto& entry : root_node.children()) {
auto& node = static_cast<UnveilNode&>(*entry.value);
if (node.was_explicitly_unveiled())
continue;
node.set_metadata({ node.path(), new_permissions, node.was_explicitly_unveiled() });
update_intermediate_node_permissions(node, new_permissions);
}
}
Kernel: Replace KResult and KResultOr<T> with Error and ErrorOr<T> We now use AK::Error and AK::ErrorOr<T> in both kernel and userspace! This was a slightly tedious refactoring that took a long time, so it's not unlikely that some bugs crept in. Nevertheless, it does pass basic functionality testing, and it's just real nice to finally see the same pattern in all contexts. :^)
2021-11-08 02:51:39 +03:00
ErrorOr<FlatPtr> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*> user_params)
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
{
Kernel: Annotate all syscalls with VERIFY_PROCESS_BIG_LOCK_ACQUIRED Before we start disabling acquisition of the big process lock for specific syscalls, make sure to document and assert that all the lock is held during all syscalls.
2021-07-18 21:20:12 +03:00
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
Kernel: Use copy_typed_from_user<T> for fetching syscall parameters
2021-09-05 18:51:37 +03:00
auto params = TRY(copy_typed_from_user(user_params));
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (!params.path.characters && !params.permissions.characters) {
m_veil_state = VeilState::Locked;
return 0;
}
if (m_veil_state == VeilState::Locked)
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EPERM;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (!params.path.characters || !params.permissions.characters)
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EINVAL;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Add unveil('b') This is a new "browse" permission that lets you open (and subsequently list contents of) directories underneath the path, but not regular files or any other types of files.
2020-11-21 22:55:20 +03:00
if (params.permissions.length > 5)
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EINVAL;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Use TRY() in sys$unveil()
2021-09-05 15:30:08 +03:00
auto path = TRY(get_syscall_path_argument(params.path));
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Use TRY() in sys$unveil()
2021-09-05 15:30:08 +03:00
if (path->is_empty() || !path->view().starts_with('/'))
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EINVAL;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Use TRY() in sys$unveil()
2021-09-05 15:30:08 +03:00
auto permissions = TRY(try_copy_kstring_from_user(params.permissions));
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Prevent `unveil` returning ENOENT with cpath permissions This addresses the issue first enountered in #3644. If a path is first unveiled with "c" permissions, we should NOT return ENOENT if the node does not exist on the disk, as the program will most likely be creating it at a later time.
2020-11-05 10:12:23 +03:00
// Let's work out permissions first...
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
unsigned new_permissions = 0;
Kernel: Migrate sys$unveil to use the KString API This avoids potential unhandled OOM that's possible with the old copy_string_from_user API.
2021-07-23 18:21:10 +03:00
for (const char permission : permissions->view()) {
Kernel: Use for-each loops in unveil syscall
2020-08-02 22:06:39 +03:00
switch (permission) {
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
case 'r':
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
new_permissions |= UnveilAccess::Read;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
break;
case 'w':
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
new_permissions |= UnveilAccess::Write;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
break;
case 'x':
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
new_permissions |= UnveilAccess::Execute;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
break;
case 'c':
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
new_permissions |= UnveilAccess::CreateOrRemove;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
break;
Kernel: Add unveil('b') This is a new "browse" permission that lets you open (and subsequently list contents of) directories underneath the path, but not regular files or any other types of files.
2020-11-21 22:55:20 +03:00
case 'b':
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
new_permissions |= UnveilAccess::Browse;
Kernel: Add unveil('b') This is a new "browse" permission that lets you open (and subsequently list contents of) directories underneath the path, but not regular files or any other types of files.
2020-11-21 22:55:20 +03:00
break;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
default:
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EINVAL;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
}
Kernel: Prevent `unveil` returning ENOENT with cpath permissions This addresses the issue first enountered in #3644. If a path is first unveiled with "c" permissions, we should NOT return ENOENT if the node does not exist on the disk, as the program will most likely be creating it at a later time.
2020-11-05 10:12:23 +03:00
// Now, let's try and resolve the path and obtain custody of the inode on the disk, and if not, bail out with
// the error from resolve_path_without_veil()
// However, if the user specified unveil() with "c" permissions, we don't set errno if ENOENT is encountered,
// because they most likely intend the program to create the file for them later on.
// If this case is encountered, the parent node of the path is returned and the custody of that inode is used instead.
RefPtr<Custody> parent_custody; // Parent inode in case of ENOENT
Kernel: Custody::absolute_path() => try_create_absolute_path() This converts most users of Custody::absolute_path() to use the new try_create_absolute_path() API, and return ENOMEM if the KString allocation fails.
2021-07-06 13:58:03 +03:00
OwnPtr<KString> new_unveiled_path;
Kernel: Use TRY() in sys$unveil()
2021-09-05 15:30:08 +03:00
auto custody_or_error = VirtualFileSystem::the().resolve_path_without_veil(path->view(), VirtualFileSystem::the().root_custody(), &parent_custody);
Kernel: Prevent `unveil` returning ENOENT with cpath permissions This addresses the issue first enountered in #3644. If a path is first unveiled with "c" permissions, we should NOT return ENOENT if the node does not exist on the disk, as the program will most likely be creating it at a later time.
2020-11-05 10:12:23 +03:00
if (!custody_or_error.is_error()) {
Kernel: Improvements to Custody absolute path serialization - Renamed try_create_absolute_path() => try_serialize_absolute_path() - Use KResultOr and TRY() to propagate errors - Don't call this when it's only for debug logging
2021-09-06 13:24:36 +03:00
new_unveiled_path = TRY(custody_or_error.value()->try_serialize_absolute_path());
Kernel: Replace KResult and KResultOr<T> with Error and ErrorOr<T> We now use AK::Error and AK::ErrorOr<T> in both kernel and userspace! This was a slightly tedious refactoring that took a long time, so it's not unlikely that some bugs crept in. Nevertheless, it does pass basic functionality testing, and it's just real nice to finally see the same pattern in all contexts. :^)
2021-11-08 02:51:39 +03:00
} else if (custody_or_error.error().code() == ENOENT && parent_custody && (new_permissions & UnveilAccess::CreateOrRemove)) {
Kernel: Improvements to Custody absolute path serialization - Renamed try_create_absolute_path() => try_serialize_absolute_path() - Use KResultOr and TRY() to propagate errors - Don't call this when it's only for debug logging
2021-09-06 13:24:36 +03:00
auto parent_custody_path = TRY(parent_custody->try_serialize_absolute_path());
Kernel: Make KString factories return KResultOr + use TRY() everywhere There are a number of places that don't have an error propagation path right now, so I've added FIXME's about that.
2021-09-06 20:24:54 +03:00
new_unveiled_path = TRY(KLexicalPath::try_join(parent_custody_path->view(), KLexicalPath::basename(path->view())));
Kernel: Prevent `unveil` returning ENOENT with cpath permissions This addresses the issue first enountered in #3644. If a path is first unveiled with "c" permissions, we should NOT return ENOENT if the node does not exist on the disk, as the program will most likely be creating it at a later time.
2020-11-05 10:12:23 +03:00
} else {
// FIXME Should this be EINVAL?
Kernel: Replace KResult and KResultOr<T> with Error and ErrorOr<T> We now use AK::Error and AK::ErrorOr<T> in both kernel and userspace! This was a slightly tedious refactoring that took a long time, so it's not unlikely that some bugs crept in. Nevertheless, it does pass basic functionality testing, and it's just real nice to finally see the same pattern in all contexts. :^)
2021-11-08 02:51:39 +03:00
return custody_or_error.release_error();
Kernel: Prevent `unveil` returning ENOENT with cpath permissions This addresses the issue first enountered in #3644. If a path is first unveiled with "c" permissions, we should NOT return ENOENT if the node does not exist on the disk, as the program will most likely be creating it at a later time.
2020-11-05 10:12:23 +03:00
}
Kernel: Custody::absolute_path() => try_create_absolute_path() This converts most users of Custody::absolute_path() to use the new try_create_absolute_path() API, and return ENOMEM if the KString allocation fails.
2021-07-06 13:58:03 +03:00
auto path_parts = KLexicalPath::parts(new_unveiled_path->view());
Kernel: Replace usage of LexicalPath with KLexicalPath This replaces all uses of LexicalPath in the Kernel with the functions from KLexicalPath. This also allows the Kernel to stop including AK::LexicalPath.
2021-07-06 12:21:52 +03:00
auto it = path_parts.begin();
auto& matching_node = m_unveiled_paths.traverse_until_last_accessible_node(it, path_parts.end());
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
if (it.is_end()) {
Kernel: Allow unveiling subfolders regardless of parent's permissions This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
2021-06-06 22:03:19 +03:00
// If the path has already been explicitly unveiled, do not allow elevating its permissions.
if (matching_node.was_explicitly_unveiled()) {
if (new_permissions & ~matching_node.permissions())
Kernel: Make all syscall functions return KResultOr<T> This makes it a lot easier to return errors since we no longer have to worry about negating EFOO errors and can just return them flat.
2021-03-01 15:49:16 +03:00
return EPERM;
Kernel: Allow 'elevating' unveil permissions if implicitly inherited from '/' This can happen when an unveil follows another with a path that is a sub-path of the other one: ```c++ unveil("/home/anon/.config/whoa.ini", "rw"); unveil("/home/anon", "r"); // this would fail, as "/home/anon" inherits // the permissions of "/", which is None. ```
2020-12-26 17:24:01 +03:00
}
Kernel: Update intermediate nodes when changing unveil permissions When changing the unveil permissions of a preexisting node, we need to make sure that any intermediate nodes that were created before and should inherit permissions from the updated node are updated properly. This fixes the following bug: unveil("/home/anon/Documents", "r"); unveil("/home", "r"); Now there was a intermediate node for "/home/anon" which still had no permission, even though it should have inherited the permissions from "/home".
2021-06-06 23:12:04 +03:00
// It is possible that nodes that are "grandchildren" of the matching node have already been unveiled.
// This means that there may be intermediate nodes between this one and the unveiled "grandchildren"
// that inherited the current node's previous permissions. Those nodes now need their permissions
// updated to match the current node.
if (matching_node.permissions() != new_permissions)
update_intermediate_node_permissions(matching_node, (UnveilAccess)new_permissions);
Kernel: Allow unveiling subfolders regardless of parent's permissions This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
2021-06-06 22:03:19 +03:00
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true });
Kernel: Change unveil state to dropped even when node already exists This also changes the UnveilState to Dropped when the path unveil() is called for already has a node. This fixes a bug where unveiling "/" would previously keep the UnveilState as None, which meant that everything was still accessible until unveil() was called with any non-root path (or nullptr).
2021-06-07 00:10:27 +03:00
m_veil_state = VeilState::Dropped;
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
return 0;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Kernel: Implement unveil() as a prefix-tree Fixes #4530.
2020-12-26 13:24:34 +03:00
matching_node.insert(
it,
Kernel: Replace usage of LexicalPath with KLexicalPath This replaces all uses of LexicalPath in the Kernel with the functions from KLexicalPath. This also allows the Kernel to stop including AK::LexicalPath.
2021-07-06 12:21:52 +03:00
path_parts.end(),
Kernel: Custody::absolute_path() => try_create_absolute_path() This converts most users of Custody::absolute_path() to use the new try_create_absolute_path() API, and return ENOMEM if the KString allocation fails.
2021-07-06 13:58:03 +03:00
{ new_unveiled_path->view(), (UnveilAccess)new_permissions, true },
Kernel: Use LexicalPath to avoid two consecutive slashes in unveil path This patch fixes a bug in the unveil syscall where an UnveilNode's path would start with two slashes if it's parent node was "/".
2021-06-06 20:19:59 +03:00
[](auto& parent, auto& it) -> Optional<UnveilMetadata> {
Kernel: Replace usage of LexicalPath with KLexicalPath This replaces all uses of LexicalPath in the Kernel with the functions from KLexicalPath. This also allows the Kernel to stop including AK::LexicalPath.
2021-07-06 12:21:52 +03:00
auto path = String::formatted("{}/{}", parent.path(), *it);
Kernel: Allow unveiling subfolders regardless of parent's permissions This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
2021-06-06 22:03:19 +03:00
return UnveilMetadata { path, parent.permissions(), false };
Kernel: Use LexicalPath to avoid two consecutive slashes in unveil path This patch fixes a bug in the unveil syscall where an UnveilNode's path would start with two slashes if it's parent node was "/".
2021-06-06 20:19:59 +03:00
});
Kernel: Allow unveiling subfolders regardless of parent's permissions This fixes a bug where unveiling a subdirectory of an already unveiled path would sometimes be allowed and sometimes not (depending on what other unveil calls have been made). Now, it is always allowed to unveil a subdirectory of an already unveiled directory, even if it has higher permissions. This removes the need for the permissions_inherited_from_root flag in UnveilMetadata, so it has been removed.
2021-06-06 22:03:19 +03:00
Everywhere: Rename ASSERT => VERIFY (...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED) Since all of these checks are done in release builds as well, let's rename them to VERIFY to prevent confusion, as everyone is used to assertions being compiled out in release. We can introduce a new ASSERT macro that is specifically for debug checks, but I'm doing this wholesale conversion first since we've accumulated thousands of these already, and it's not immediately obvious which ones are suitable for ASSERT.
2021-02-23 22:42:32 +03:00
VERIFY(m_veil_state != VeilState::Locked);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
m_veil_state = VeilState::Dropped;
return 0;
}
}
Reference in New Issue Copy Permalink