LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-11 09:18:05 +03:00
Code Issues Packages Projects Releases Wiki Activity
9ca42c4c0e
ladybird/Kernel/Syscalls/execve.cpp

915 lines
36 KiB
C++
Raw Normal View History

Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
/*
Kernel+Profiler: Make profiling per-process and without core dumps This patch merges the profiling functionality in the kernel with the performance events mechanism. A profiler sample is now just another perf event, rather than a dedicated thing. Since perf events were already per-process, this now makes profiling per-process as well. Processes with perf events would already write out a perfcore.PID file to the current directory on death, but since we may want to profile a process and then let it continue running, recorded perf events can now be accessed at any time via /proc/PID/perf_events. This patch also adds information about process memory regions to the perfcore JSON format. This removes the need to supply a core dump to the Profiler app for symbolication, and so the "profiler coredump" mechanism is removed entirely. There's still a hard limit of 4MB worth of perf events per process, so this is by no means a perfect final design, but it's a nice step forward for both simplicity and stability. Fixes #4848 Fixes #4849
2021-01-11 11:52:18 +03:00
* Copyright (c) 2018-2021, Andreas Kling <kling@serenityos.org>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
#include <AK/LexicalPath.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <AK/ScopeGuard.h>
Everywhere: Add missing <AK/TemporaryChange.h> includes Don't rely on HashTable.h pulling this in.
2020-10-15 21:46:52 +03:00
#include <AK/TemporaryChange.h>
AK: Simplify constructors and conversions from nullptr_t Problem: - Many constructors are defined as `{}` rather than using the ` = default` compiler-provided constructor. - Some types provide an implicit conversion operator from `nullptr_t` instead of requiring the caller to default construct. This violates the C++ Core Guidelines suggestion to declare single-argument constructors explicit (https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit). Solution: - Change default constructors to use the compiler-provided default constructor. - Remove implicit conversion operators from `nullptr_t` and change usage to enforce type consistency without conversion.
2021-01-11 02:29:28 +03:00
#include <AK/WeakPtr.h>
Meta: Split debug defines into multiple headers. The following script was used to make these changes: #!/bin/bash set -e tmp=$(mktemp -d) echo "tmp=$tmp" find Kernel \( -name '*.cpp' -o -name '*.h' \) | sort > $tmp/Kernel.files find . \( -path ./Toolchain -prune -o -path ./Build -prune -o -path ./Kernel -prune \) -o \( -name '*.cpp' -o -name '*.h' \) -print | sort > $tmp/EverythingExceptKernel.files cat $tmp/Kernel.files | xargs grep -Eho '[A-Z0-9_]+_DEBUG' | sort | uniq > $tmp/Kernel.macros cat $tmp/EverythingExceptKernel.files | xargs grep -Eho '[A-Z0-9_]+_DEBUG' | sort | uniq > $tmp/EverythingExceptKernel.macros comm -23 $tmp/Kernel.macros $tmp/EverythingExceptKernel.macros > $tmp/Kernel.unique comm -1 $tmp/Kernel.macros $tmp/EverythingExceptKernel.macros > $tmp/EverythingExceptKernel.unique cat $tmp/Kernel.unique | awk '{ print "#cmakedefine01 "$1 }' > $tmp/Kernel.header cat $tmp/EverythingExceptKernel.unique | awk '{ print "#cmakedefine01 "$1 }' > $tmp/EverythingExceptKernel.header for macro in $(cat $tmp/Kernel.unique) do cat $tmp/Kernel.files | xargs grep -l $macro >> $tmp/Kernel.new-includes ||: done cat $tmp/Kernel.new-includes | sort > $tmp/Kernel.new-includes.sorted for macro in $(cat $tmp/EverythingExceptKernel.unique) do cat $tmp/Kernel.files | xargs grep -l $macro >> $tmp/Kernel.old-includes ||: done cat $tmp/Kernel.old-includes | sort > $tmp/Kernel.old-includes.sorted comm -23 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.new comm -13 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.old comm -12 $tmp/Kernel.new-includes.sorted $tmp/Kernel.old-includes.sorted > $tmp/Kernel.includes.mixed for file in $(cat $tmp/Kernel.includes.new) do sed -i -E 's/#include <AK\/Debug\.h>/#include <Kernel\/Debug\.h>/' $file done for file in $(cat $tmp/Kernel.includes.mixed) do echo "mixed include in $file, requires manual editing." done
2021-01-25 18:07:10 +03:00
#include <Kernel/Debug.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <Kernel/FileSystem/Custody.h>
#include <Kernel/FileSystem/FileDescription.h>
Kernel+Profiler: Make profiling per-process and without core dumps This patch merges the profiling functionality in the kernel with the performance events mechanism. A profiler sample is now just another perf event, rather than a dedicated thing. Since perf events were already per-process, this now makes profiling per-process as well. Processes with perf events would already write out a perfcore.PID file to the current directory on death, but since we may want to profile a process and then let it continue running, recorded perf events can now be accessed at any time via /proc/PID/perf_events. This patch also adds information about process memory regions to the perfcore JSON format. This removes the need to supply a core dump to the Profiler app for symbolication, and so the "profiler coredump" mechanism is removed entirely. There's still a hard limit of 4MB worth of perf events per process, so this is by no means a perfect final design, but it's a nice step forward for both simplicity and stability. Fixes #4848 Fixes #4849
2021-01-11 11:52:18 +03:00
#include <Kernel/PerformanceEventBuffer.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <Kernel/Process.h>
#include <Kernel/Random.h>
#include <Kernel/Time/TimeManagement.h>
Kernel: Merge PurgeableVMObject into AnonymousVMObject This implements memory commitments and lazy-allocation of committed memory.
2020-09-06 00:52:14 +03:00
#include <Kernel/VM/AllocationStrategy.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <Kernel/VM/MemoryManager.h>
#include <Kernel/VM/PageDirectory.h>
#include <Kernel/VM/Region.h>
#include <Kernel/VM/SharedInodeVMObject.h>
#include <LibC/limits.h>
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
#include <LibELF/AuxiliaryVector.h>
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
#include <LibELF/Image.h>
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
#include <LibELF/Validation.h>
namespace Kernel {
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
struct LoadResult {
OwnPtr<Space> space;
FlatPtr load_base { 0 };
FlatPtr entry_eip { 0 };
size_t size { 0 };
FlatPtr program_headers { 0 };
size_t num_program_headers { 0 };
WeakPtr<Region> tls_region;
size_t tls_size { 0 };
size_t tls_alignment { 0 };
WeakPtr<Region> stack_region;
};
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, uid_t uid, uid_t euid, gid_t gid, gid_t egid, String executable_path, int main_program_fd);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
static bool validate_stack_size(const Vector<String>& arguments, const Vector<String>& environment)
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
{
Kernel: Limit exec arguments and environment to 1/8th of stack each This sort-of matches what some other systems do and seems like a generally sane thing to do instead of allowing programs to spawn a child with a nearly full stack.
2021-01-17 20:26:12 +03:00
size_t total_arguments_size = 0;
size_t total_environment_size = 0;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
for (auto& a : arguments)
Kernel: Limit exec arguments and environment to 1/8th of stack each This sort-of matches what some other systems do and seems like a generally sane thing to do instead of allowing programs to spawn a child with a nearly full stack.
2021-01-17 20:26:12 +03:00
total_arguments_size += a.length() + 1;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
for (auto& e : environment)
Kernel: Limit exec arguments and environment to 1/8th of stack each This sort-of matches what some other systems do and seems like a generally sane thing to do instead of allowing programs to spawn a child with a nearly full stack.
2021-01-17 20:26:12 +03:00
total_environment_size += e.length() + 1;
total_arguments_size += sizeof(char*) * (arguments.size() + 1);
total_environment_size += sizeof(char*) * (environment.size() + 1);
static constexpr size_t max_arguments_size = Thread::default_userspace_stack_size / 8;
static constexpr size_t max_environment_size = Thread::default_userspace_stack_size / 8;
if (total_arguments_size > max_arguments_size)
return false;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Limit exec arguments and environment to 1/8th of stack each This sort-of matches what some other systems do and seems like a generally sane thing to do instead of allowing programs to spawn a child with a nearly full stack.
2021-01-17 20:26:12 +03:00
if (total_environment_size > max_environment_size)
return false;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
// FIXME: This doesn't account for the size of the auxiliary vector
Kernel: Limit exec arguments and environment to 1/8th of stack each This sort-of matches what some other systems do and seems like a generally sane thing to do instead of allowing programs to spawn a child with a nearly full stack.
2021-01-17 20:26:12 +03:00
return true;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Allocate new main thread stack before committing to exec If the allocation fails (e.g ENOMEM) we want to simply return an error from sys$execve() and continue executing the current executable. This patch also moves make_userspace_stack_for_main_thread() out of the Thread class since it had nothing in particular to do with Thread.
2020-12-25 18:20:26 +03:00
static KResultOr<FlatPtr> make_userspace_stack_for_main_thread(Region& region, Vector<String> arguments, Vector<String> environment, Vector<ELF::AuxiliaryValue> auxiliary_values)
{
FlatPtr new_esp = region.vaddr().offset(Thread::default_userspace_stack_size).get();
auto push_on_new_stack = [&new_esp](u32 value) {
new_esp -= 4;
Userspace<u32*> stack_ptr = new_esp;
return copy_to_user(stack_ptr, &value);
};
auto push_aux_value_on_new_stack = [&new_esp](auxv_t value) {
new_esp -= sizeof(auxv_t);
Userspace<auxv_t*> stack_ptr = new_esp;
return copy_to_user(stack_ptr, &value);
};
auto push_string_on_new_stack = [&new_esp](const String& string) {
new_esp -= round_up_to_power_of_two(string.length() + 1, 4);
Userspace<u32*> stack_ptr = new_esp;
return copy_to_user(stack_ptr, string.characters(), string.length() + 1);
};
Vector<FlatPtr> argv_entries;
for (auto& argument : arguments) {
push_string_on_new_stack(argument);
argv_entries.append(new_esp);
}
Vector<FlatPtr> env_entries;
for (auto& variable : environment) {
push_string_on_new_stack(variable);
env_entries.append(new_esp);
}
for (auto& value : auxiliary_values) {
if (!value.optional_string.is_empty()) {
push_string_on_new_stack(value.optional_string);
value.auxv.a_un.a_ptr = (void*)new_esp;
}
}
for (ssize_t i = auxiliary_values.size() - 1; i >= 0; --i) {
auto& value = auxiliary_values[i];
push_aux_value_on_new_stack(value.auxv);
}
push_on_new_stack(0);
for (ssize_t i = env_entries.size() - 1; i >= 0; --i)
push_on_new_stack(env_entries[i]);
FlatPtr envp = new_esp;
push_on_new_stack(0);
for (ssize_t i = argv_entries.size() - 1; i >= 0; --i)
push_on_new_stack(argv_entries[i]);
FlatPtr argv = new_esp;
// NOTE: The stack needs to be 16-byte aligned.
new_esp -= new_esp % 16;
push_on_new_stack((FlatPtr)envp);
push_on_new_stack((FlatPtr)argv);
push_on_new_stack((FlatPtr)argv_entries.size());
push_on_new_stack(0);
return new_esp;
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
static KResultOr<LoadResult> load_elf_object(NonnullOwnPtr<Space> new_space, FileDescription& object_description, FlatPtr load_offset, Process::ShouldAllocateTls should_allocate_tls)
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
{
auto& inode = *(object_description.inode());
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
auto vmobject = SharedInodeVMObject::create_with_inode(inode);
Kernel: Remove an unnecessary cast in sys$execve()
2020-12-25 16:16:35 +03:00
if (vmobject->writable_mappings()) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("Refusing to execute a write-mapped program");
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ETXTBSY;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Kernel: Don't fetch full inode metadata in sys$execve() We only need the size, so let's not fetch all the metadata.
2020-12-25 16:15:33 +03:00
size_t executable_size = inode.size();
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
auto executable_region = MM.allocate_kernel_region_with_vmobject(*vmobject, PAGE_ROUND_UP(executable_size), "ELF loading", Region::Access::Read);
if (!executable_region) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("Could not allocate memory for ELF loading");
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOMEM;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
auto elf_image = ELF::Image(executable_region->vaddr().as_ptr(), executable_size);
Kernel: Add back missing ELF::Image validity check If the image is not a valid ELF we should just fail ASAP.
2020-12-25 16:06:19 +03:00
if (!elf_image.is_valid())
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Add back missing ELF::Image validity check If the image is not a valid ELF we should just fail ASAP.
2020-12-25 16:06:19 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
Region* master_tls_region { nullptr };
size_t master_tls_size = 0;
size_t master_tls_alignment = 0;
Loader: Stabilize loader & Use shared libraries everywhere :^) The dynamic loader is now stable enough to be used everywhere in the system - so this commit does just that. No More .a Files, Long Live .so's!
2020-10-17 14:39:36 +03:00
FlatPtr load_base_address = 0;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
String elf_name = object_description.absolute_path();
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
ASSERT(!Processor::current().in_critical());
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
MemoryManager::enter_space(*new_space);
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
KResult ph_load_result = KSuccess;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
elf_image.for_each_program_header([&](const ELF::Image::ProgramHeader& program_header) {
if (program_header.type() == PT_TLS) {
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
ASSERT(should_allocate_tls == Process::ShouldAllocateTls::Yes);
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
ASSERT(program_header.size_in_memory());
if (!elf_image.is_within_image(program_header.raw_data(), program_header.size_in_image())) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("Shenanigans! ELF PT_TLS header sneaks outside of executable.");
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
ph_load_result = ENOEXEC;
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto range = new_space->allocate_range({}, program_header.size_in_memory());
Kernel: Remove Range "valid" state and use Optional<Range> instead It's easier to understand VM ranges if they are always valid. We can simply use an empty Optional<Range> to encode absence when needed.
2021-01-27 23:01:45 +03:00
if (!range.has_value()) {
Kernel: Remove allocate_region() functions that don't take a Range Let's force callers to provide a VM range when allocating a region. This makes ENOMEM error handling more visible and removes implicit VM allocation which felt a bit magical.
2021-01-26 16:13:57 +03:00
ph_load_result = ENOMEM;
return IterationDecision::Break;
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto region_or_error = new_space->allocate_region(range.value(), String::formatted("{} (master-tls)", elf_name), PROT_READ | PROT_WRITE, AllocationStrategy::Reserve);
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
if (region_or_error.is_error()) {
ph_load_result = region_or_error.error();
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
master_tls_region = region_or_error.value();
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
master_tls_size = program_header.size_in_memory();
master_tls_alignment = program_header.alignment();
if (!copy_to_user(master_tls_region->vaddr().as_ptr(), program_header.raw_data(), program_header.size_in_image())) {
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
ph_load_result = EFAULT;
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Continue;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
if (program_header.type() != PT_LOAD)
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Continue;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
if (program_header.is_writable()) {
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
// Writable section: create a copy in memory.
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
ASSERT(program_header.size_in_memory());
ASSERT(program_header.alignment() == PAGE_SIZE);
if (!elf_image.is_within_image(program_header.raw_data(), program_header.size_in_image())) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("Shenanigans! Writable ELF PT_LOAD header sneaks outside of executable.");
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
ph_load_result = ENOEXEC;
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
int prot = 0;
if (program_header.is_readable())
prot |= PROT_READ;
if (program_header.is_writable())
prot |= PROT_WRITE;
auto region_name = String::formatted("{} (data-{}{})", elf_name, program_header.is_readable() ? "r" : "", program_header.is_writable() ? "w" : "");
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto range = new_space->allocate_range(program_header.vaddr().offset(load_offset), program_header.size_in_memory());
Kernel: Remove Range "valid" state and use Optional<Range> instead It's easier to understand VM ranges if they are always valid. We can simply use an empty Optional<Range> to encode absence when needed.
2021-01-27 23:01:45 +03:00
if (!range.has_value()) {
Kernel: Remove allocate_region() functions that don't take a Range Let's force callers to provide a VM range when allocating a region. This makes ENOMEM error handling more visible and removes implicit VM allocation which felt a bit magical.
2021-01-26 16:13:57 +03:00
ph_load_result = ENOMEM;
return IterationDecision::Break;
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto region_or_error = new_space->allocate_region(range.value(), region_name, prot, AllocationStrategy::Reserve);
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
if (region_or_error.is_error()) {
ph_load_result = region_or_error.error();
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel: Simplify ELF loading logic in sys$execve() somewhat Get rid of the lambda functions and put the logic inline in the program header traversal loop instead. This makes the code quite a bit shorter and hopefully makes it easier to see what's going on.
2020-12-25 04:31:04 +03:00
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
// It's not always the case with PIE executables (and very well shouldn't be) that the
// virtual address in the program header matches the one we end up giving the process.
// In order to copy the data image correctly into memory, we need to copy the data starting at
// the right initial page offset into the pages allocated for the elf_alloc-XX section.
// FIXME: There's an opportunity to munmap, or at least mprotect, the padding space between
// the .text and .data PT_LOAD sections of the executable.
// Accessing it would definitely be a bug.
auto page_offset = program_header.vaddr();
page_offset.mask(~PAGE_MASK);
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
if (!copy_to_user((u8*)region_or_error.value()->vaddr().as_ptr() + page_offset.get(), program_header.raw_data(), program_header.size_in_image())) {
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
ph_load_result = EFAULT;
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Continue;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
}
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
// Non-writable section: map the executable itself in memory.
ASSERT(program_header.size_in_memory());
ASSERT(program_header.alignment() == PAGE_SIZE);
int prot = 0;
if (program_header.is_readable())
prot |= PROT_READ;
if (program_header.is_writable())
prot |= PROT_WRITE;
if (program_header.is_executable())
prot |= PROT_EXEC;
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto range = new_space->allocate_range(program_header.vaddr().offset(load_offset), program_header.size_in_memory());
Kernel: Remove Range "valid" state and use Optional<Range> instead It's easier to understand VM ranges if they are always valid. We can simply use an empty Optional<Range> to encode absence when needed.
2021-01-27 23:01:45 +03:00
if (!range.has_value()) {
Kernel: Remove allocate_region() functions that don't take a Range Let's force callers to provide a VM range when allocating a region. This makes ENOMEM error handling more visible and removes implicit VM allocation which felt a bit magical.
2021-01-26 16:13:57 +03:00
ph_load_result = ENOMEM;
return IterationDecision::Break;
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto region_or_error = new_space->allocate_region_with_vmobject(range.value(), *vmobject, program_header.offset(), elf_name, prot, true);
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
if (region_or_error.is_error()) {
ph_load_result = region_or_error.error();
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Break;
}
if (program_header.offset() == 0)
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
load_base_address = (FlatPtr)region_or_error.value()->vaddr().as_ptr();
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
return IterationDecision::Continue;
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
});
Kernel+LibELF: Abort ELF executable load sooner when something fails Make it possible to bail out of ELF::Image::for_each_program_header() and then do exactly that if something goes wrong during executable loading in the kernel. Also make the errors we return slightly more nuanced than just ENOEXEC.
2020-12-25 16:42:42 +03:00
if (ph_load_result.is_error()) {
dbgln("do_exec: Failure loading program ({})", ph_load_result.error());
return ph_load_result;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
if (!elf_image.entry().offset(load_offset).get()) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("do_exec: Failure loading program, entry pointer is invalid! {})", elf_image.entry().offset(load_offset));
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto stack_range = new_space->allocate_range({}, Thread::default_userspace_stack_size);
Kernel: Remove Range "valid" state and use Optional<Range> instead It's easier to understand VM ranges if they are always valid. We can simply use an empty Optional<Range> to encode absence when needed.
2021-01-27 23:01:45 +03:00
if (!stack_range.has_value()) {
Kernel: Remove allocate_region() functions that don't take a Range Let's force callers to provide a VM range when allocating a region. This makes ENOMEM error handling more visible and removes implicit VM allocation which felt a bit magical.
2021-01-26 16:13:57 +03:00
dbgln("do_exec: Failed to allocate VM range for stack");
return ENOMEM;
}
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto stack_region_or_error = new_space->allocate_region(stack_range.value(), "Stack (Main thread)", PROT_READ | PROT_WRITE, AllocationStrategy::Reserve);
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
if (stack_region_or_error.is_error())
return stack_region_or_error.error();
auto& stack_region = *stack_region_or_error.value();
stack_region.set_stack(true);
Kernel: Allocate new main thread stack before committing to exec If the allocation fails (e.g ENOMEM) we want to simply return an error from sys$execve() and continue executing the current executable. This patch also moves make_userspace_stack_for_main_thread() out of the Thread class since it had nothing in particular to do with Thread.
2020-12-25 18:20:26 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
return LoadResult {
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
move(new_space),
Loader: Stabilize loader & Use shared libraries everywhere :^) The dynamic loader is now stable enough to be used everywhere in the system - so this commit does just that. No More .a Files, Long Live .so's!
2020-10-17 14:39:36 +03:00
load_base_address,
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
elf_image.entry().offset(load_offset).get(),
Kernel: Don't fetch full inode metadata in sys$execve() We only need the size, so let's not fetch all the metadata.
2020-12-25 16:15:33 +03:00
executable_size,
Kernel+LibELF: Move sys$execve()'s loading logic from LibELF to Kernel It was really weird that ELF loading was performed by the ELF::Loader class instead of just being done by the kernel itself. This patch moves all the layout logic from ELF::Loader over to sys$execve(). The kernel no longer cares about ELF::Loader and instead only uses an ELF::Image as an interpreting wrapper around executables.
2020-12-25 03:22:55 +03:00
VirtualAddress(elf_image.program_header_table_offset()).offset(load_offset).get(),
elf_image.program_header_count(),
AK: Simplify constructors and conversions from nullptr_t Problem: - Many constructors are defined as `{}` rather than using the ` = default` compiler-provided constructor. - Some types provide an implicit conversion operator from `nullptr_t` instead of requiring the caller to default construct. This violates the C++ Core Guidelines suggestion to declare single-argument constructors explicit (https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#c46-by-default-declare-single-argument-constructors-explicit). Solution: - Change default constructors to use the compiler-provided default constructor. - Remove implicit conversion operators from `nullptr_t` and change usage to enforce type consistency without conversion.
2021-01-11 02:29:28 +03:00
AK::try_make_weak_ptr(master_tls_region),
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
master_tls_size,
Kernel: Allocate new main thread stack before committing to exec If the allocation fails (e.g ENOMEM) we want to simply return an error from sys$execve() and continue executing the current executable. This patch also moves make_userspace_stack_for_main_thread() out of the Thread class since it had nothing in particular to do with Thread.
2020-12-25 18:20:26 +03:00
master_tls_alignment,
Kernel: Make Process::allocate_region*() return KResultOr<Region*> This allows region allocation to return specific errors and we don't have to assume every failure is an ENOMEM.
2021-01-15 19:27:52 +03:00
stack_region.make_weak_ptr()
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
};
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
KResultOr<LoadResult> Process::load(NonnullRefPtr<FileDescription> main_program_description, RefPtr<FileDescription> interpreter_description, const Elf32_Ehdr& main_program_header)
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
{
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto new_space = Space::create(*this, nullptr);
if (!new_space)
return ENOMEM;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
ScopeGuard space_guard([&]() {
MemoryManager::enter_process_paging_scope(*this);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
});
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
if (interpreter_description.is_null()) {
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto result = load_elf_object(new_space.release_nonnull(), main_program_description, FlatPtr { 0 }, ShouldAllocateTls::Yes);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
if (result.is_error())
return result.error();
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
return result;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Avoid collision between dynamic loader and main program When loading non position-independent programs, we now take care not to load the dynamic loader at an address that collides with the location the main program wants to load at. Fixes #4847.
2021-01-10 22:10:45 +03:00
auto interpreter_load_offset = get_interpreter_load_offset(main_program_header, main_program_description, *interpreter_description);
if (interpreter_load_offset.is_error()) {
return interpreter_load_offset.error();
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto interpreter_load_result = load_elf_object(new_space.release_nonnull(), *interpreter_description, interpreter_load_offset.value(), ShouldAllocateTls::No);
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
if (interpreter_load_result.is_error())
return interpreter_load_result.error();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
// TLS allocation will be done in userspace by the loader
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
ASSERT(!interpreter_load_result.value().tls_region);
ASSERT(!interpreter_load_result.value().tls_alignment);
ASSERT(!interpreter_load_result.value().tls_size);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
return interpreter_load_result;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Avoid collision between dynamic loader and main program When loading non position-independent programs, we now take care not to load the dynamic loader at an address that collides with the location the main program wants to load at. Fixes #4847.
2021-01-10 22:10:45 +03:00
struct RequiredLoadRange {
FlatPtr start { 0 };
FlatPtr end { 0 };
};
static KResultOr<RequiredLoadRange> get_required_load_range(FileDescription& program_description)
{
auto& inode = *(program_description.inode());
auto vmobject = SharedInodeVMObject::create_with_inode(inode);
size_t executable_size = inode.size();
auto region = MM.allocate_kernel_region_with_vmobject(*vmobject, PAGE_ROUND_UP(executable_size), "ELF memory range calculation", Region::Access::Read);
if (!region) {
dbgln("Could not allocate memory for ELF");
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOMEM;
Kernel: Avoid collision between dynamic loader and main program When loading non position-independent programs, we now take care not to load the dynamic loader at an address that collides with the location the main program wants to load at. Fixes #4847.
2021-01-10 22:10:45 +03:00
}
auto elf_image = ELF::Image(region->vaddr().as_ptr(), executable_size);
if (!elf_image.is_valid()) {
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return EINVAL;
Kernel: Avoid collision between dynamic loader and main program When loading non position-independent programs, we now take care not to load the dynamic loader at an address that collides with the location the main program wants to load at. Fixes #4847.
2021-01-10 22:10:45 +03:00
}
RequiredLoadRange range {};
elf_image.for_each_program_header([&range](const auto& pheader) {
if (pheader.type() != PT_LOAD)
return IterationDecision::Continue;
auto region_start = (FlatPtr)pheader.vaddr().as_ptr();
auto region_end = region_start + pheader.size_in_memory();
if (range.start == 0 || region_start < range.start)
range.start = region_start;
if (range.end == 0 || region_end > range.end)
range.end = region_end;
return IterationDecision::Continue;
});
ASSERT(range.end > range.start);
return range;
};
KResultOr<FlatPtr> Process::get_interpreter_load_offset(const Elf32_Ehdr& main_program_header, FileDescription& main_program_description, FileDescription& interpreter_description)
{
constexpr FlatPtr interpreter_load_range_start = 0x08000000;
constexpr FlatPtr interpreter_load_range_size = 65536 * PAGE_SIZE; // 2**16 * PAGE_SIZE = 256MB
constexpr FlatPtr minimum_interpreter_load_offset_randomization_size = 10 * MiB;
auto random_load_offset_in_range([](auto start, auto size) {
return PAGE_ROUND_DOWN(start + get_good_random<FlatPtr>() % size);
});
if (main_program_header.e_type == ET_DYN) {
return random_load_offset_in_range(interpreter_load_range_start, interpreter_load_range_size);
}
if (main_program_header.e_type != ET_EXEC)
return -EINVAL;
auto main_program_load_range_result = get_required_load_range(main_program_description);
if (main_program_load_range_result.is_error())
return main_program_load_range_result.error();
auto main_program_load_range = main_program_load_range_result.value();
auto interpreter_load_range_result = get_required_load_range(interpreter_description);
if (interpreter_load_range_result.is_error())
return interpreter_load_range_result.error();
auto interpreter_size_in_memory = interpreter_load_range_result.value().end - interpreter_load_range_result.value().start;
auto interpreter_load_range_end = interpreter_load_range_start + interpreter_load_range_size - interpreter_size_in_memory;
// No intersection
if (main_program_load_range.end < interpreter_load_range_start || main_program_load_range.start > interpreter_load_range_end)
return random_load_offset_in_range(interpreter_load_range_start, interpreter_load_range_size);
RequiredLoadRange first_available_part = { interpreter_load_range_start, main_program_load_range.start };
RequiredLoadRange second_available_part = { main_program_load_range.end, interpreter_load_range_end };
RequiredLoadRange selected_range {};
// Select larger part
if (first_available_part.end - first_available_part.start > second_available_part.end - second_available_part.start)
selected_range = first_available_part;
else
selected_range = second_available_part;
// If main program is too big and leaves us without enough space for adequate loader randmoization
if (selected_range.end - selected_range.start < minimum_interpreter_load_offset_randomization_size)
return -E2BIG;
return random_load_offset_in_range(selected_range.start, selected_range.end - selected_range.start);
}
int Process::do_exec(NonnullRefPtr<FileDescription> main_program_description, Vector<String> arguments, Vector<String> environment, RefPtr<FileDescription> interpreter_description, Thread*& new_main_thread, u32& prev_flags, const Elf32_Ehdr& main_program_header)
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
{
ASSERT(is_user_process());
ASSERT(!Processor::current().in_critical());
auto path = main_program_description->absolute_path();
Everywhere: Hook up remaining debug macros to Debug.h.
2021-01-24 17:28:26 +03:00
#if EXEC_DEBUG
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("do_exec({})", path);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
#endif
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
// FIXME: How much stack space does process startup need?
if (!validate_stack_size(arguments, environment))
return -E2BIG;
auto parts = path.split('/');
if (parts.is_empty())
return -ENOENT;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto main_program_metadata = main_program_description->metadata();
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto load_result_or_error = load(main_program_description, interpreter_description, main_program_header);
if (load_result_or_error.is_error()) {
dbgln("do_exec({}): Failed to load main program or interpreter", path);
return load_result_or_error.error();
}
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
// We commit to the new executable at this point. There is no turning back!
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
// Disable profiling temporarily in case it's running on this process.
TemporaryChange profiling_disabler(m_profiling, false);
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
kill_threads_except_self();
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto& load_result = load_result_or_error.value();
Kernel: Reset the process dumpable flag on successful non-setid exec Once we've committed to a new memory layout and non-setid credentials, we can reset the dumpable flag.
2020-12-26 03:18:41 +03:00
bool executable_is_setid = false;
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
if (!(main_program_description->custody()->mount_flags() & MS_NOSUID)) {
Kernel+LibC: Introduce a "dumpable" flag for processes This new flag controls two things: - Whether the kernel will generate core dumps for the process - Whether the EUID:EGID should own the process's files in /proc Processes are automatically made non-dumpable when their EUID or EGID is changed, either via syscalls that specifically modify those ID's, or via sys$execve(), when a set-uid or set-gid program is executed. A process can change its own dumpable flag at any time by calling the new sys$prctl(PR_SET_DUMPABLE) syscall. Fixes #4504.
2020-12-25 20:27:42 +03:00
if (main_program_metadata.is_setuid()) {
Kernel: Reset the process dumpable flag on successful non-setid exec Once we've committed to a new memory layout and non-setid credentials, we can reset the dumpable flag.
2020-12-26 03:18:41 +03:00
executable_is_setid = true;
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
m_euid = m_suid = main_program_metadata.uid;
Kernel+LibC: Introduce a "dumpable" flag for processes This new flag controls two things: - Whether the kernel will generate core dumps for the process - Whether the EUID:EGID should own the process's files in /proc Processes are automatically made non-dumpable when their EUID or EGID is changed, either via syscalls that specifically modify those ID's, or via sys$execve(), when a set-uid or set-gid program is executed. A process can change its own dumpable flag at any time by calling the new sys$prctl(PR_SET_DUMPABLE) syscall. Fixes #4504.
2020-12-25 20:27:42 +03:00
}
if (main_program_metadata.is_setgid()) {
Kernel: Reset the process dumpable flag on successful non-setid exec Once we've committed to a new memory layout and non-setid credentials, we can reset the dumpable flag.
2020-12-26 03:18:41 +03:00
executable_is_setid = true;
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
m_egid = m_sgid = main_program_metadata.gid;
Kernel+LibC: Introduce a "dumpable" flag for processes This new flag controls two things: - Whether the kernel will generate core dumps for the process - Whether the EUID:EGID should own the process's files in /proc Processes are automatically made non-dumpable when their EUID or EGID is changed, either via syscalls that specifically modify those ID's, or via sys$execve(), when a set-uid or set-gid program is executed. A process can change its own dumpable flag at any time by calling the new sys$prctl(PR_SET_DUMPABLE) syscall. Fixes #4504.
2020-12-25 20:27:42 +03:00
}
Kernel: Activate SUID/SGID credentials earlier in sys$execve() Switch on the new credentials before loading the new executable into memory. This ensures that attempts to ptrace() the program from an unprivileged process will fail. This covers one bug that was exploited in the 2020 HXP CTF: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/ Thanks to yyyyyyy for finding the bug! :^)
2020-12-20 20:35:29 +03:00
}
Kernel: Set the dumpable flag before switching spaces in sys$execve()
2021-02-08 21:15:42 +03:00
set_dumpable(!executable_is_setid);
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
m_space = load_result.space.release_nonnull();
MemoryManager::enter_space(*m_space);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
m_executable = main_program_description->custody();
Kernel: Store process arguments and environment in coredumps Currently they're only pushed onto the stack but not easily accessible from the Process class, so this adds a Vector<String> for both.
2021-01-15 22:21:03 +03:00
m_arguments = arguments;
m_environment = environment;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
m_promises = m_execpromises;
Kernel: Update process promise states on execve() and fork() We now move the execpromises state into the regular promises, and clear the execpromises state. Also make sure to duplicate the promise state on fork. This fixes an issue where "su" would launch a shell which immediately crashed due to not having pledged "stdio".
2021-01-26 17:25:18 +03:00
m_has_promises = m_has_execpromises;
m_execpromises = 0;
m_has_execpromises = false;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
m_veil_state = VeilState::None;
m_unveiled_paths.clear();
Kernel: Clear coredump metadata on exec() If for some reason a process wants to exec after saving some coredump metadata, we should just throw away the data.
2021-01-23 11:41:11 +03:00
m_coredump_metadata.clear();
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
auto current_thread = Thread::current();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
current_thread->set_default_signal_dispositions();
Kernel: Keep signal state in sync In c3d231616c1d20309b2b568f383fbcb736887dad we added the atomic variable m_have_any_unmasked_pending_signals tracking the state of pending signals. Add helper functions that automatically update this variable as needed.
2020-09-09 05:37:15 +03:00
current_thread->clear_signals();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Some futex improvements This adds support for FUTEX_WAKE_OP, FUTEX_WAIT_BITSET, FUTEX_WAKE_BITSET, FUTEX_REQUEUE, and FUTEX_CMP_REQUEUE, as well well as global and private futex and absolute/relative timeouts against the appropriate clock. This also changes the implementation so that kernel resources are only used when a thread is blocked on a futex. Global futexes are implemented as offsets in VMObjects, so that different processes can share a futex against the same VMObject despite potentially being mapped at different virtual addresses.
2020-12-22 09:21:58 +03:00
clear_futex_queues_on_exec();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
for (size_t i = 0; i < m_fds.size(); ++i) {
Kernel: Turn Process::FileDescriptionAndFlags into a proper class
2020-07-31 00:50:31 +03:00
auto& description_and_flags = m_fds[i];
Kernel: Fix overly eager fd closing in sys$execve() When obeying FD_CLOEXEC, we don't need to explicitly call close() on all the FileDescriptions. We can just clear them out from the process fd table. ~FileDescription() will call close() anyway. This fixes an issue where TelnetServer would shut down accepted sockets when exec'ing a shell for them. Since the parent process still has the socket open, we should not force-close it. Just let go.
2020-09-28 23:40:44 +03:00
if (description_and_flags.description() && description_and_flags.flags() & FD_CLOEXEC)
Kernel: Turn Process::FileDescriptionAndFlags into a proper class
2020-07-31 00:50:31 +03:00
description_and_flags = {};
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
int main_program_fd = -1;
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
if (interpreter_description) {
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
main_program_fd = alloc_fd();
ASSERT(main_program_fd >= 0);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
main_program_description->seek(0, SEEK_SET);
main_program_description->set_readable(true);
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
m_fds[main_program_fd].set(move(main_program_description), FD_CLOEXEC);
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
new_main_thread = nullptr;
if (&current_thread->process() == this) {
new_main_thread = current_thread;
} else {
for_each_thread([&](auto& thread) {
new_main_thread = &thread;
return IterationDecision::Break;
});
}
ASSERT(new_main_thread);
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auto auxv = generate_auxiliary_vector(load_result.load_base, load_result.entry_eip, m_uid, m_euid, m_gid, m_egid, path, main_program_fd);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// NOTE: We create the new stack before disabling interrupts since it will zero-fault
// and we don't want to deal with faults after this point.
Kernel: Allocate new main thread stack before committing to exec If the allocation fails (e.g ENOMEM) we want to simply return an error from sys$execve() and continue executing the current executable. This patch also moves make_userspace_stack_for_main_thread() out of the Thread class since it had nothing in particular to do with Thread.
2020-12-25 18:20:26 +03:00
auto make_stack_result = make_userspace_stack_for_main_thread(*load_result.stack_region.unsafe_ptr(), move(arguments), move(environment), move(auxv));
Kernel: Return ENOMEM in more places There are plenty of places in the kernel that aren't checking if they actually got their allocation. This fixes some of them, but definitely not all. Fixes #3390 Fixes #3391 Also, let's make find_one_free_page() return nullptr if it doesn't get a free index. This stops the kernel crashing when out of memory and allows memory purging to take place again. Fixes #3487
2020-09-16 20:47:47 +03:00
if (make_stack_result.is_error())
return make_stack_result.error();
u32 new_userspace_esp = make_stack_result.value();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Fix behaviour of PT_TRACEME in ptrace The behaviour of the PT_TRACEME feature has been broken for some time, this change fixes it. When this ptrace flag is used, the traced process should be paused before exiting execve. We previously were sending the SIGSTOP signal at a stage where interrupts are disabled, and the traced process continued executing normally, without pausing and waiting for the tracer. This change fixes it.
2020-08-15 10:57:53 +03:00
if (wait_for_tracer_at_next_execve())
Thread::current()->send_urgent_signal_to_self(SIGSTOP);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// We enter a critical section here because we don't want to get interrupted between do_exec()
// and Processor::assume_context() or the next context switch.
// If we used an InterruptDisabler that sti()'d on exit, we might timer tick'd too soon in exec().
Processor::current().enter_critical(prev_flags);
// NOTE: Be careful to not trigger any page faults below!
m_name = parts.take_last();
new_main_thread->set_name(m_name);
Kernel: More PID/TID typing
2020-08-09 02:08:24 +03:00
// FIXME: PID/TID ISSUE
Kernel: PID/TID typing This compiles, and contains exactly the same bugs as before. The regex 'FIXME: PID/' should reveal all markers that I left behind, including: - Incomplete conversion - Issues or things that look fishy - Actual bugs that will go wrong during runtime
2020-08-08 18:32:34 +03:00
m_pid = new_main_thread->tid().value();
Kernel: Return ENOMEM in more places There are plenty of places in the kernel that aren't checking if they actually got their allocation. This fixes some of them, but definitely not all. Fixes #3390 Fixes #3391 Also, let's make find_one_free_page() return nullptr if it doesn't get a free index. This stops the kernel crashing when out of memory and allows memory purging to take place again. Fixes #3487
2020-09-16 20:47:47 +03:00
auto tsr_result = new_main_thread->make_thread_specific_region({});
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
if (tsr_result.is_error()) {
// FIXME: We cannot fail this late. Refactor this so the allocation happens before we commit to the new executable.
ASSERT_NOT_REACHED();
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
new_main_thread->reset_fpu_state();
auto& tss = new_main_thread->m_tss;
tss.cs = GDT_SELECTOR_CODE3 | 3;
tss.ds = GDT_SELECTOR_DATA3 | 3;
tss.es = GDT_SELECTOR_DATA3 | 3;
tss.ss = GDT_SELECTOR_DATA3 | 3;
tss.fs = GDT_SELECTOR_DATA3 | 3;
tss.gs = GDT_SELECTOR_TLS | 3;
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
tss.eip = load_result.entry_eip;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
tss.esp = new_userspace_esp;
Kernel: Factor address space management out of the Process class This patch adds Space, a class representing a process's address space. - Each Process has a Space. - The Space owns the PageDirectory and all Regions in the Process. This allows us to reorganize sys$execve() so that it constructs and populates a new Space fully before committing to it. Previously, we would construct the new address space while still running in the old one, and encountering an error meant we had to do tedious and error-prone rollback. Those problems are now gone, replaced by what's hopefully a set of much smaller problems and missing cleanups. :^)
2021-02-08 17:45:40 +03:00
tss.cr3 = space().page_directory().cr3();
Kernel: PID/TID typing This compiles, and contains exactly the same bugs as before. The regex 'FIXME: PID/' should reveal all markers that I left behind, including: - Incomplete conversion - Issues or things that look fishy - Actual bugs that will go wrong during runtime
2020-08-08 18:32:34 +03:00
tss.ss2 = m_pid.value();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel+Profiler: Make profiling per-process and without core dumps This patch merges the profiling functionality in the kernel with the performance events mechanism. A profiler sample is now just another perf event, rather than a dedicated thing. Since perf events were already per-process, this now makes profiling per-process as well. Processes with perf events would already write out a perfcore.PID file to the current directory on death, but since we may want to profile a process and then let it continue running, recorded perf events can now be accessed at any time via /proc/PID/perf_events. This patch also adds information about process memory regions to the perfcore JSON format. This removes the need to supply a core dump to the Profiler app for symbolication, and so the "profiler coredump" mechanism is removed entirely. There's still a hard limit of 4MB worth of perf events per process, so this is by no means a perfect final design, but it's a nice step forward for both simplicity and stability. Fixes #4848 Fixes #4849
2021-01-11 11:52:18 +03:00
// Throw away any recorded performance events in this process.
if (m_perf_event_buffer)
m_perf_event_buffer->clear();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Fix a few deadlocks with Thread::m_lock and g_scheduler_lock g_scheduler_lock cannot safely be acquired after Thread::m_lock because another processor may already hold g_scheduler_lock and wait for the same Thread::m_lock.
2020-10-26 05:22:59 +03:00
{
ScopedSpinLock lock(g_scheduler_lock);
new_main_thread->set_state(Thread::State::Runnable);
}
Kernel: Fix Lock race causing infinite spinning between two threads We need to account for how many shared lock instances the current thread owns, so that we can properly release such references when yielding execution. We also need to release the process lock when donating.
2020-12-15 02:36:22 +03:00
u32 lock_count_to_restore;
Everywhere: Switch from (void) to [[maybe_unused]] (#4473) Problem: - `(void)` simply casts the expression to void. This is understood to indicate that it is ignored, but this is really a compiler trick to get the compiler to not generate a warning. Solution: - Use the `[[maybe_unused]]` attribute to indicate the value is unused. Note: - Functions taking a `(void)` argument list have also been changed to `()` because this is not needed and shows up in the same grep command.
2020-12-21 02:09:48 +03:00
[[maybe_unused]] auto rc = big_lock().force_unlock_if_locked(lock_count_to_restore);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
ASSERT_INTERRUPTS_DISABLED();
ASSERT(Processor::current().in_critical());
return 0;
}
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
static Vector<ELF::AuxiliaryValue> generate_auxiliary_vector(FlatPtr load_base, FlatPtr entry_eip, uid_t uid, uid_t euid, gid_t gid, gid_t egid, String executable_path, int main_program_fd)
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
{
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
Vector<ELF::AuxiliaryValue> auxv;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// PHDR/EXECFD
// PH*
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::PageSize, PAGE_SIZE });
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::BaseAddress, (void*)load_base });
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::Entry, (void*)entry_eip });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// NOTELF
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::Uid, (long)uid });
auxv.append({ ELF::AuxiliaryValue::EUid, (long)euid });
auxv.append({ ELF::AuxiliaryValue::Gid, (long)gid });
auxv.append({ ELF::AuxiliaryValue::EGid, (long)egid });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// FIXME: Don't hard code this? We might support other platforms later.. (e.g. x86_64)
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::Platform, "i386" });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// FIXME: This is platform specific
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::HwCap, (long)CPUID(1).edx() });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::ClockTick, (long)TimeManagement::the().ticks_per_second() });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// FIXME: Also take into account things like extended filesystem permissions? That's what linux does...
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::Secure, ((uid != euid) || (gid != egid)) ? 1 : 0 });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
char random_bytes[16] {};
get_fast_random_bytes((u8*)random_bytes, sizeof(random_bytes));
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::Random, String(random_bytes, sizeof(random_bytes)) });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::ExecFilename, executable_path });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Move ELF auxiliary vector building out of Process class Process had a couple of members whose only purpose was holding on to some temporary data while building the auxiliary vector. Remove those members and move the vector building to a free function in execve.cpp
2020-12-25 17:23:35 +03:00
auxv.append({ ELF::AuxiliaryValue::ExecFileDescriptor, main_program_fd });
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
LibELF: Move AuxiliaryValue into the ELF namespace
2020-12-25 16:48:30 +03:00
auxv.append({ ELF::AuxiliaryValue::Null, 0L });
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return auxv;
}
static KResultOr<Vector<String>> find_shebang_interpreter_for_executable(const char first_page[], int nread)
{
int word_start = 2;
int word_length = 0;
if (nread > 2 && first_page[0] == '#' && first_page[1] == '!') {
Vector<String> interpreter_words;
for (int i = 2; i < nread; ++i) {
if (first_page[i] == '\n') {
break;
}
if (first_page[i] != ' ') {
++word_length;
}
if (first_page[i] == ' ') {
if (word_length > 0) {
interpreter_words.append(String(&first_page[word_start], word_length));
}
word_length = 0;
word_start = i + 1;
}
}
if (word_length > 0)
interpreter_words.append(String(&first_page[word_start], word_length));
if (!interpreter_words.is_empty())
return interpreter_words;
}
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
KResultOr<RefPtr<FileDescription>> Process::find_elf_interpreter_for_executable(const String& path, const Elf32_Ehdr& main_program_header, int nread, size_t file_size)
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
{
// Not using KResultOr here because we'll want to do the same thing in userspace in the RTLD
String interpreter_path;
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
if (!ELF::validate_program_headers(main_program_header, file_size, (const u8*)&main_program_header, nread, &interpreter_path)) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): File has invalid ELF Program headers", path);
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
if (!interpreter_path.is_empty()) {
Everywhere: Hook up remaining debug macros to Debug.h.
2021-01-24 17:28:26 +03:00
#if EXEC_DEBUG
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): Using program interpreter {}", path, interpreter_path);
Kernel: Silence debug spam when running dynamically linked programs
2020-12-20 18:06:39 +03:00
#endif
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
auto interp_result = VFS::the().open(interpreter_path, O_EXEC, 0, current_directory());
if (interp_result.is_error()) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): Unable to open program interpreter {}", path, interpreter_path);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return interp_result.error();
}
auto interpreter_description = interp_result.value();
auto interp_metadata = interpreter_description->metadata();
ASSERT(interpreter_description->inode());
// Validate the program interpreter as a valid elf binary.
// If your program interpreter is a #! file or something, it's time to stop playing games :)
if (interp_metadata.size < (int)sizeof(Elf32_Ehdr))
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
char first_page[PAGE_SIZE] = {};
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
auto first_page_buffer = UserOrKernelBuffer::for_kernel_buffer((u8*)&first_page);
auto nread_or_error = interpreter_description->read(first_page_buffer, sizeof(first_page));
Kernel: Make File::write() and File::read() return KResultOr<size_t> Instead of returning a ssize_t where negative values mean error, we now return KResultOr<size_t> and use the error state to report errors exclusively.
2020-08-04 19:02:23 +03:00
if (nread_or_error.is_error())
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Make File::write() and File::read() return KResultOr<size_t> Instead of returning a ssize_t where negative values mean error, we now return KResultOr<size_t> and use the error state to report errors exclusively.
2020-08-04 19:02:23 +03:00
nread = nread_or_error.value();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (nread < (int)sizeof(Elf32_Ehdr))
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
auto elf_header = (Elf32_Ehdr*)first_page;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (!ELF::validate_elf_header(*elf_header, interp_metadata.size)) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): Interpreter ({}) has invalid ELF header", path, interpreter_description->absolute_path());
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
// Not using KResultOr here because we'll want to do the same thing in userspace in the RTLD
String interpreter_interpreter_path;
LibELF+Kernel: Validate program headers in Image::parse This should catch more malformed ELF files earlier than simply checking the ELF header alone. Also change the API of validate_program_headers to take the interpreter_path by pointer. This makes it less awkward to call when we don't care about the interpreter, and just want the validation.
2020-12-01 09:21:55 +03:00
if (!ELF::validate_program_headers(*elf_header, interp_metadata.size, (u8*)first_page, nread, &interpreter_interpreter_path)) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): Interpreter ({}) has invalid ELF Program headers", path, interpreter_description->absolute_path());
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
DynamicLoader: Tell the linker to not add a PT_INTERP header Use the GNU LD option --no-dynamic-linker. This allows uncommenting some code in the Kernel that gets upset if your ELF interpreter has its own interpreter.
2021-01-01 03:51:21 +03:00
if (!interpreter_interpreter_path.is_empty()) {
dbgln("exec({}): Interpreter ({}) has its own interpreter ({})! No thank you!", path, interpreter_description->absolute_path(), interpreter_interpreter_path);
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ELOOP;
DynamicLoader: Tell the linker to not add a PT_INTERP header Use the GNU LD option --no-dynamic-linker. This allows uncommenting some code in the Kernel that gets upset if your ELF interpreter has its own interpreter.
2021-01-01 03:51:21 +03:00
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return interpreter_description;
}
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
if (main_program_header.e_type == ET_REL) {
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// We can't exec an ET_REL, that's just an object file from the compiler
Kernel+LibC: Turn errno codes into a strongly typed enum ..and allow implicit creation of KResult and KResultOr from ErrnoCode. This means that kernel functions that return those types can finally do "return EINVAL;" and it will just work. There's a handful of functions that still deal with signed integers that should be converted to return KResults.
2021-01-21 01:11:17 +03:00
return ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
if (main_program_header.e_type == ET_DYN) {
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
// If it's ET_DYN with no PT_INTERP, then it's a dynamic executable responsible
// for its own relocation (i.e. it's /usr/lib/Loader.so)
if (path != "/usr/lib/Loader.so")
Kernel: execve: find_elf_interpreter_for_executable: Fix dbgln
2021-01-17 00:34:53 +03:00
dbgln("exec({}): WARNING - Dynamic ELF executable without a PT_INTERP header, and isn't /usr/lib/Loader.so", path);
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
return nullptr;
}
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// No interpreter, but, path refers to a valid elf image
return KResult(KSuccess);
}
int Process::exec(String path, Vector<String> arguments, Vector<String> environment, int recursion_depth)
{
if (recursion_depth > 2) {
Kernel: Convert dbg() => dbgln() in sys$execve()
2020-12-25 14:51:35 +03:00
dbgln("exec({}): SHENANIGANS! recursed too far trying to find #! interpreter", path);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return -ELOOP;
}
// Open the file to check what kind of binary format it is
// Currently supported formats:
// - #! interpreted file
// - ELF32
// * ET_EXEC binary that just gets loaded
// * ET_DYN binary that requires a program interpreter
//
auto result = VFS::the().open(path, O_EXEC, 0, current_directory());
if (result.is_error())
return result.error();
Kernel: Don't leak ref on executable inode in sys$execve() We were leaking a ref on the executed inode in successful calls to sys$execve(). This meant that once a binary had ever been executed, it was impossible to remove it from the file system. The execve system call is particularly finicky since the function does not return normally on success, so extra care must be taken to ensure nothing is kept alive by stack variables. There is a big NOTE comment about this, and yet the bug still got in. It would be nice to enforce this, but I'm unsure how.
2020-11-23 17:48:45 +03:00
auto description = result.release_value();
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
auto metadata = description->metadata();
// Always gonna need at least 3 bytes. these are for #!X
if (metadata.size < 3)
return -ENOEXEC;
ASSERT(description->inode());
// Read the first page of the program into memory so we can validate the binfmt of it
char first_page[PAGE_SIZE];
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
auto first_page_buffer = UserOrKernelBuffer::for_kernel_buffer((u8*)&first_page);
auto nread_or_error = description->read(first_page_buffer, sizeof(first_page));
Kernel: Make File::write() and File::read() return KResultOr<size_t> Instead of returning a ssize_t where negative values mean error, we now return KResultOr<size_t> and use the error state to report errors exclusively.
2020-08-04 19:02:23 +03:00
if (nread_or_error.is_error())
return -ENOEXEC;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
// 1) #! interpreted file
Kernel: Make File::write() and File::read() return KResultOr<size_t> Instead of returning a ssize_t where negative values mean error, we now return KResultOr<size_t> and use the error state to report errors exclusively.
2020-08-04 19:02:23 +03:00
auto shebang_result = find_shebang_interpreter_for_executable(first_page, nread_or_error.value());
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (!shebang_result.is_error()) {
Vector<String> new_arguments(shebang_result.value());
new_arguments.append(path);
arguments.remove(0);
new_arguments.append(move(arguments));
return exec(shebang_result.value().first(), move(new_arguments), move(environment), ++recursion_depth);
}
// #2) ELF32 for i386
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
if (nread_or_error.value() < (int)sizeof(Elf32_Ehdr))
Kernel: Fix two error codes being returned as positive in Process::exec This made the assertion on line 921 think it was a successful exec, when it wasn't. Fixes #5084
2021-01-24 03:03:14 +03:00
return -ENOEXEC;
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
auto main_program_header = (Elf32_Ehdr*)first_page;
if (!ELF::validate_elf_header(*main_program_header, metadata.size)) {
dbgln("exec({}): File has invalid ELF header", path);
Kernel: Fix two error codes being returned as positive in Process::exec This made the assertion on line 921 think it was a successful exec, when it wasn't. Fixes #5084
2021-01-24 03:03:14 +03:00
return -ENOEXEC;
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
}
auto elf_result = find_elf_interpreter_for_executable(path, *main_program_header, nread_or_error.value(), metadata.size);
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
// Assume a static ELF executable by default
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
RefPtr<FileDescription> interpreter_description;
// We're getting either an interpreter, an error, or KSuccess (i.e. no interpreter but file checks out)
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
if (!elf_result.is_error()) {
// It's a dynamic ELF executable, with or without an interpreter. Do not allocate TLS
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
interpreter_description = elf_result.value();
Kernel+Loader.so: Allow dynamic executables without an interpreter Commit a3a9016701e487a5ca92d83b8cff179a190cdeb2 removed the PT_INTERP header from Loader.so which cleaned up some kernel code in execve. Unfortunately it prevents Loader.so from being run as an executable
2021-01-03 00:31:01 +03:00
} else if (elf_result.error().is_error())
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return elf_result.error();
// The bulk of exec() is done by do_exec(), which ensures that all locals
// are cleaned up by the time we yield-teleport below.
Thread* new_main_thread = nullptr;
u32 prev_flags = 0;
Kernel: Plumb the elf header of the main program down to Process::load This will enable us to take the desired load address of non-position independent programs into account when randomizing the load address of the dynamic loader.
2021-01-10 22:07:08 +03:00
int rc = do_exec(move(description), move(arguments), move(environment), move(interpreter_description), new_main_thread, prev_flags, *main_program_header);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (rc < 0)
return rc;
ASSERT_INTERRUPTS_DISABLED();
ASSERT(Processor::current().in_critical());
auto current_thread = Thread::current();
if (current_thread == new_main_thread) {
// We need to enter the scheduler lock before changing the state
// and it will be released after the context switch into that
// thread. We should also still be in our critical section
ASSERT(!g_scheduler_lock.own_lock());
ASSERT(Processor::current().in_critical() == 1);
g_scheduler_lock.lock();
current_thread->set_state(Thread::State::Running);
Processor::assume_context(*current_thread, prev_flags);
ASSERT_NOT_REACHED();
}
Processor::current().leave_critical(prev_flags);
return 0;
}
Kernel: Use Userspace<T> for the execve syscall
2020-08-09 22:11:13 +03:00
int Process::sys$execve(Userspace<const Syscall::SC_execve_params*> user_params)
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
{
REQUIRE_PROMISE(exec);
// NOTE: Be extremely careful with allocating any kernel memory in exec().
// On success, the kernel stack will be lost.
Syscall::SC_execve_params params;
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
if (!copy_from_user(&params, user_params))
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return -EFAULT;
if (params.arguments.length > ARG_MAX || params.environment.length > ARG_MAX)
return -E2BIG;
String path;
{
auto path_arg = get_syscall_path_argument(params.path);
if (path_arg.is_error())
return path_arg.error();
path = path_arg.value();
}
Kernel: Remove unnecessary capture in sys$execve()
2020-09-28 23:24:27 +03:00
auto copy_user_strings = [](const auto& list, auto& output) {
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (!list.length)
return true;
Kernel: Fix wrong-looking overflow check in sys$execve() This was harmless since sizeof(length) and sizeof(strings) are both 4 on x86 but let's check the right things regardless.
2020-12-23 22:34:22 +03:00
Checked size = sizeof(list.strings);
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
size *= list.length;
if (size.has_overflow())
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
return false;
Vector<Syscall::StringArgument, 32> strings;
strings.resize(list.length);
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
if (!copy_from_user(strings.data(), list.strings, list.length * sizeof(Syscall::StringArgument)))
return false;
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
for (size_t i = 0; i < list.length; ++i) {
Kernel: Make copy_to/from_user safe and remove unnecessary checks Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-09-12 06:11:07 +03:00
auto string = copy_string_from_user(strings[i]);
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
if (string.is_null())
return false;
output.append(move(string));
}
return true;
};
Vector<String> arguments;
if (!copy_user_strings(params.arguments, arguments))
return -EFAULT;
Vector<String> environment;
if (!copy_user_strings(params.environment, environment))
return -EFAULT;
int rc = exec(move(path), move(arguments), move(environment));
ASSERT(rc < 0); // We should never continue after a successful exec!
return rc;
}
Kernel: Add ability to load interpreter instead of main program When the main executable needs an interpreter, we load the requested interpreter program, and pass to it an open file decsriptor to the main executable via the auxiliary vector. Note that we do not allocate a TLS region for the interpreter.
2020-10-10 12:13:21 +03:00
Kernel: Move syscall implementations out of Process.cpp This is something I've been meaning to do for a long time, and here we finally go. This patch moves all sys$foo functions out of Process.cpp and into files in Kernel/Syscalls/. It's not exactly one syscall per file (although it could be, but I got a bit tired of the repetitive work here..) This makes hacking on individual syscalls a lot less painful since you don't have to rebuild nearly as much code every time. I'm also hopeful that this makes it easier to understand individual syscalls. :^)
2020-07-31 00:38:15 +03:00
}
Reference in New Issue Copy Permalink