Commit graph

6370 commits

Author SHA1 Message Date
Andreas Kling
09fd59a1b5 LibC: Add INADDR_LOOPBACK 2020-01-15 22:11:44 +01:00
Andreas Kling
9e54c7c17f Ext2FS: Don't allow creating new files in removed directories
Also don't uncache inodes when they reach i_links_count==0 unless they
also have no ref counts other than the +1 from the inode cache.
This prevents the FS from deleting the on-disk inode too soon.
2020-01-15 22:11:44 +01:00
joshua stein
0fa38e4a4a Build: use $SUDO_[UG]ID in build-image-* instead of relying on makeall 2020-01-15 21:52:09 +01:00
joshua stein
c6c7e40bd1 Build: more IPCCompiler-generated dependencies 2020-01-15 21:52:09 +01:00
Andreas Kling
d79de38bd2 Kernel: Don't allow userspace to sys$open() literal symlinks
The O_NOFOLLOW_NOERROR is an internal kernel mechanism used for the
implementation of sys$readlink() and sys$lstat().

There is no reason to allow userspace to open symlinks directly.
2020-01-15 21:19:26 +01:00
Andreas Kling
e23536d682 Kernel: Use Vector::unstable_remove() in a couple of places 2020-01-15 19:26:41 +01:00
Andreas Kling
575664cda3 AK: Add Vector::unstable_remove(index)
This removes an item at an index without preserving the sort order of
the Vector.

This enables constant-time removal from unsorted Vectors, as it avoids
shifting all of the entries following the removed one.
2020-01-15 19:25:58 +01:00
Emanuel Sprung
542098d90d Build: Fix helloworld2's form compiler dependency 2020-01-15 09:39:44 +01:00
Shannon Booth
e455b1095a WindowServer: Do not open system menu after window tiling 2020-01-15 09:38:43 +01:00
Liav A
bd3b64efb7 Kernel: Fix run script to enable networking on Q35 machines
Also, we enable KVM to accelerate the execution when booting with
q35_cmd or qcmd options in the run script.
2020-01-14 15:38:58 +01:00
Liav A
2da8aba48d Kernel: Change ACPI & DMI definitions a bit
Structures declarations changed __attribute__((__packed__))
to [[gnu::packed]] in ACPI & DMI definitions.
Also, declarations of array of pointers in ACPI RSDT/XSDT are correct
now. In addition to that, now we have a declaration of the ACPI MADT
table & the table entries.
2020-01-14 15:38:58 +01:00
Liav A
c2ef7f740b Kernel: Move DMI decoder initialization method to init_stage2
Also, PCI Initializer dismiss() now deletes the object correctly, and
the PCI initialization process no longer use the DMI decoder to
determine if PCI is supported.
grub configuration files include an entry to boot the OS without
ACPI support.
2020-01-14 15:38:58 +01:00
Liav A
918097ae94 Kernel: Fixing E1000 MMIO access
Now E1000 driver no longer use identity-mapping to do IO operations.
Also, print messages were fixed, and debug messages were added for IO
methods.
2020-01-14 15:38:58 +01:00
Liav A
a9884fbbe5 Kernel: Remove problematic memory mapping methods
mmap() & mmap_region() methods are removed from ACPI & DMI components,
and we replace them with the new MM.allocate_kernel_region() helper.

Instead of doing a raw calculation for each VM address, from now on we
can use helper functions to do perform those calculations in a neat,
reusable and readable way.
2020-01-14 15:38:58 +01:00
Liav A
d2b41010c5 Kernel: Change Region allocation helpers
We now can create a cacheable Region, so when map() is called, if a
Region is cacheable then all the virtual memory space being allocated
to it will be marked as not cache disabled.

In addition to that, OS components can create a Region that will be
mapped to a specific physical address by using the appropriate helper
method.
2020-01-14 15:38:58 +01:00
Sergey Bugaev
b913e30011 Kernel: Refactor/rewrite VFS::resolve_path()
This makes the implementation easier to follow, but also fixes multiple issues
with the old implementation. In particular, it now deals properly with . and ..
in paths, including around mount points.

Hopefully there aren't many new bugs this introduces :^)
2020-01-14 12:24:19 +01:00
Sergey Bugaev
499612482b AK: Fix String[View]::split_view() returning an extra empty part
If the last character was the separator and keep_empty is true, the
previous if statement would have already appended the last empty part,
so no need to do this again.

This was even more problematic, because the result of split_view() is
expected to consist of true substrings that are usable with the
StringView::substring_view_starting_*_substring() methods, not of
equal strings located elsewhere.

Fixes https://github.com/SerenityOS/serenity/issues/970
See https://github.com/SerenityOS/serenity/pull/938
2020-01-14 12:24:19 +01:00
Sergey Bugaev
7ad9bfbc68 AK: Don't return null from String[View]::substring_view()
We expect the result to be usable with the
StringView::substring_view_starting_*_substring() methods.

See https://github.com/SerenityOS/serenity/pull/938
2020-01-14 12:24:19 +01:00
Brian Gianforcaro
b553a86048 man: Fix minor inconsistencies in pledge(2) man page
- tty promise was listed twice.

- Fix a few typos
2020-01-14 08:00:35 +01:00
Andreas Kling
fd64e97c8a LibDraw+LibHTML: Make link colors themeable
Add "Link", "ActiveLink" and "VisitedLink" colors to the system theme
definition, and implement support for them in LibHTML.

Note that <body link="foo" alink="bar" vlink="baz"> takes precedence
over the system colors. Author style also takes precedence, since we
only fetch the system color in case the CSS color is -libhtml-link.
2020-01-13 20:33:15 +01:00
Andreas Kling
3b2f20ed4d LibM: Implement some naive functionality to make VVVVVV run 2020-01-13 19:01:44 +01:00
Andreas Kling
65cb406327 Kernel: Allow unlocking a held Lock with interrupts disabled
This is needed to eliminate a race in Thread::wait_on() where we'd
otherwise have to wait until after unlocking the process lock before
we can disable interrupts.
2020-01-13 18:56:46 +01:00
DrewStratford
2a8de4cdec LibCore: Fix segfault in CArgsParser (#1072)
CArgsParser::parse_next_param did not properly ensure that, when
a param required a following argument, there were enough parameters left to
complete the parse. This meant that params_left could become negative,
avoiding parse_next_param's termination condition, and cause a segfault
when reading from argv with an out of bounds index.

This fixes the check to ensure that we do in fact have the right amount
of parameters and also adds an assertion to ensure that params_left does
not become negative.
2020-01-13 14:52:25 +01:00
Andreas Kling
ad5ee27ea9 mv: Use pledge() 2020-01-13 14:51:35 +01:00
Andreas Kling
8ccc2b25c2 cp: Use pledge() 2020-01-13 14:51:18 +01:00
Andreas Kling
56428e764e Applications: Use pledge()
Add some basic pledges to the following apps:

- Calculator
- DisplayProperties
- FontEditor
- HexEditor
- PaintBrush
2020-01-13 14:41:15 +01:00
Andreas Kling
6182a1a71c About: Drop "unix" pledge after connecting to WindowServer 2020-01-13 14:41:15 +01:00
Andreas Kling
6f89557ffc WindowServer: Add "thread" pledge since we need it for wallpapers
Longer-term we should come up with a design where WindowServer doesn't
have to decode untrusted image files.
2020-01-13 14:41:15 +01:00
Andrew Kaster
c3be3718cf Demos: Compile LinkDemo as a PIE with interpreter /lib/lib-elf.so 2020-01-13 13:03:30 +01:00
Andrew Kaster
7a7e7c82b5 Kernel: Tighten up exec/do_exec and allow for PT_INTERP iterpreters
This patch changes how exec() figures out which program image to
actually load. Previously, we opened the path to our main executable in
find_shebang_interpreter_for_executable, read the first page (or less,
if the file was smaller) and then decided whether to recurse with the
interpreter instead. We then then re-opened the main executable in
do_exec.

However, since we now want to parse the ELF header and Program Headers
of an elf image before even doing any memory region work, we can change
the way this whole process works. We open the file and read (up to) the
first page in exec() itself, then pass just the page and the amount read
to find_shebang_interpreter_for_executable. Since we now have that page
and the FileDescription for the main executable handy, we can do a few
things. First, validate the ELF header and ELF program headers for any
shenanigans. ELF32 Little Endian i386 only, please. Second, we can grab
the PT_INTERP interpreter from any ET_DYN files, and open that guy right
away if it exists. Finally, we can pass the main executable's and
optionally the PT_INTERP interpreter's file descriptions down to do_exec
and not have to feel guilty about opening the file twice.

In do_exec, we now have a choice. Are we going to load the main
executable, or the interpreter? We could load both, but it'll be way
easier for the inital pass on the RTLD if we only load the interpreter.
Then it can load the main executable itself like any old shared object,
just, the one with main in it :). Later on we can load both of them
into memory and the RTLD can relocate itself before trying to do
anything. The way it's written now the RTLD will get dibs on its
requested virtual addresses being the actual virtual addresses.
2020-01-13 13:03:30 +01:00
Andrew Kaster
046d6a6bbb LibELF: Add methods to validate the ELF and program headers
These will make sure there's no funny business or funny offsets in the
main ELF header or each Program Header. More can still be done (like
validating section headers), but this is a good start
2020-01-13 13:03:30 +01:00
Andrew Kaster
fe0eb04a22 Kernel: Overload dbgputstr for char array literals in C++
This just seems like something we should be able to do. The compiler
knows how long my "string literal" is, passing it along manually seems
siilly.
2020-01-13 13:03:30 +01:00
Andrew Kaster
5accedfedb Demos: Remove extra methods/globals from DynamicLib 2020-01-13 13:03:30 +01:00
Andrew Kaster
4cb7c8ea85 LibC: Move even more methods and globals out of crt0.o 2020-01-13 13:03:30 +01:00
Andrew Kaster
9681d41bf0 AK: Add ArmedScopeGuard, a scope guard that can be disarmed 2020-01-13 13:03:30 +01:00
Brian Gianforcaro
4cee441279 Kernel: Combine validate and copy of user mode pointers (#1069)
Right now there is a significant amount of boiler plate code required
to validate user mode parameters in syscalls. In an attempt to reduce
this a bit, introduce validate_read_and_copy_typed which combines the
usermode address check and does the copy internally if the validation
passes. This cleans up a little bit of code from a significant amount
of syscalls.
2020-01-13 11:19:17 +01:00
Brian Gianforcaro
9cac205d67 Kernel: Fix SMAP in setkeymap syscall
It looks like setkeymap was missed when
the SMAP functionality was introduced.

Disable SMAP only in the scope where we
actually read the usermode addresses.
2020-01-13 11:17:10 +01:00
Brian Gianforcaro
e9a5b7456e About: Use pledge() 2020-01-13 11:11:18 +01:00
Brian Gianforcaro
02704a73e9 Kernel: Use the templated copy_from_user where possible
Now that the templated version of copy_from_user exists
their is normally no reason to use the version which
takes the number of bytes to copy. Move to the templated
version where possible.
2020-01-13 11:07:39 +01:00
Brian Gianforcaro
46c60fd451 Debugging: Add kernel debugging support
Introduce the 'debug-kernel' script to allow developers to
quickly attach a debugger to the QEMU debug remote. The
setting (-s) is already enabled by ./run today when using
QEMU for virtualisation.

If the system is running under QEMU, the debugger
will break in when the script is run. If you add
the -S option to QEMU it will wait for the debugger
to connect before booting the kernel. This allows
you to debug the init/boot process.

Personally I use cgdb instead of gdb, so I opted
to make the debugger used by the script customizable
via an environment variable.

This change also adds -g3 to the kernel build so that
rich debug symbols are available in the kernel binary.
2020-01-13 11:06:42 +01:00
Brian Gianforcaro
10c1f27b7a LookupServer: Use pledge() 2020-01-13 11:05:52 +01:00
Brian Gianforcaro
1915151116 man: Use pledge() 2020-01-13 11:04:35 +01:00
Brian Gianforcaro
f7148c766a more: Use pledge() 2020-01-13 11:04:35 +01:00
Brian Gianforcaro
e45a4b0931 md: Use pledge() 2020-01-13 11:04:35 +01:00
Brian Gianforcaro
a77da7f245 ls: Use pledge() 2020-01-13 11:04:35 +01:00
Brian Gianforcaro
70defb34e6 tail: Use pledge() 2020-01-13 11:04:35 +01:00
Andreas Kling
0c44a12247 Kernel: read() and write() should EOVERFLOW if (offset+size) overflows 2020-01-12 20:20:17 +01:00
Andreas Kling
20b2bfcafd Kernel: Fix SMAP violation in sys$getrandom() 2020-01-12 20:10:53 +01:00
Andreas Kling
14d4b1058e Kernel: Add a basic lock to FileDescription
Let's prevent two processes sharing a FileDescription from messing with
it at the same time for now.
2020-01-12 20:09:44 +01:00
Sergey Bugaev
9513f54932 Base: Document new chroot abilities 2020-01-12 20:02:11 +01:00