Commit graph

6621 commits

Author SHA1 Message Date
Idan Horowitz
2e5a9b4fab Kernel: Use HashCompatible HashMap lookups instead of specifying a hash 2022-01-29 23:01:23 +02:00
Idan Horowitz
c68609b27f Kernel: Make {Nonnull,}OwnPtr<KString> hash compatible with StringView
This will allow us to use KString as HashTable/HashMap keys more easily
2022-01-29 23:01:23 +02:00
Lenny Maiorani
b0a54518d8 Everywhere: Remove redundant inline keyword
`constexpr` implies `inline` so when both are used it is redundant.
2022-01-29 21:45:17 +02:00
Idan Horowitz
e28af4a2fc Kernel: Stop using HashMap in Mutex
This commit removes the usage of HashMap in Mutex, thereby making Mutex
be allocation-free.

In order to achieve this several simplifications were made to Mutex,
removing unused code-paths and extra VERIFYs:
 * We no longer support 'upgrading' a shared lock holder to an
   exclusive holder when it is the only shared holder and it did not
   unlock the lock before relocking it as exclusive. NOTE: Unlike the
   rest of these changes, this scenario is not VERIFY-able in an
   allocation-free way, as a result the new LOCK_SHARED_UPGRADE_DEBUG
   debug flag was added, this flag lets Mutex allocate in order to
   detect such cases when debugging a deadlock.
 * We no longer support checking if a Mutex is locked by the current
   thread when the Mutex was not locked exclusively, the shared version
   of this check was not used anywhere.
 * We no longer support force unlocking/relocking a Mutex if the Mutex
   was not locked exclusively, the shared version of these functions
   was not used anywhere.
2022-01-29 16:45:39 +01:00
Pankaj Raghav
60aa4152e9 Kernel: Optimize StorageDevice read and write function
Use shift operator with log size instead of division while calculating
the index and len.
2022-01-29 17:41:06 +02:00
Pankaj Raghav
0f010cee02 Kernel: Add block_size_log helper to BlockDevice
It is useful to have the log2 value of the block size while calculating
index for an IO.
2022-01-29 17:41:06 +02:00
Pankaj Raghav
3b27e28e67 Kernel: Cache blocks_per_page in StorageDevice class
Instead of calculating blocks_per_page in every IO, cache it to save
CPU cycles as that value will not change after initialization.
2022-01-29 17:41:06 +02:00
Pankaj Raghav
cf44d71edf Kernel: Remove the assumption of 512 block size in read/write_block
Devices such as NVMe can have blocks bigger that 512. Use the
m_block_size variable in read/write_block function instead of the
hardcoded 512 block size.
2022-01-29 17:41:06 +02:00
Liav A
308e54bc19 AK+Kernel: Implement UUID mixed endianness support
This is being used by GUID partitions so the first three dash-delimited
fields of the GUID are stored in little endian order but the last two
fields are stored in big endian order, hence it's a representation which
is mixed.
2022-01-29 13:35:54 +02:00
Andreas Kling
d748a3c173 Kernel: Only lock process file descriptor table once in sys$poll()
Grab the OpenFileDescriptions mutex once and hold on to it while
populating the SelectBlocker::FDVector.
2022-01-29 02:17:12 +01:00
Andreas Kling
b56646e293 Kernel: Switch process file descriptor table from spinlock to mutex
There's no reason for this to use a spinlock. Instead, let's allow
threads to block if someone else is using the descriptor table.
2022-01-29 02:17:09 +01:00
Andreas Kling
8ebec2938c Kernel: Convert process file descriptor table to a SpinlockProtected
Instead of manually locking in the various member functions of
Process::OpenFileDescriptions, simply wrap it in a SpinlockProtected.
2022-01-29 02:17:06 +01:00
Andreas Kling
b27b22a68c Kernel: Allocate entire SelectBlocker::FDVector at once
Use try_ensure_capacity() + unchecked_append() instead of repeatedly
doing try_append().
2022-01-28 23:41:18 +01:00
Andreas Kling
a12e19c015 Kernel: Move kernel region checks from x86 page fault handler to MM
Ideally the x86 fault handler would only do x86 specific things and
delegate the rest of the work to MemoryManager. This patch moves some of
the address checks to a more generic place.
2022-01-28 23:41:18 +01:00
Andreas Kling
5092813a45 Kernel: Quickly reject userspace addresses in kernel_region_from_vaddr()
This avoids taking and releasing the MM lock just to reject an address
that we can tell from just looking at it that it won't ever be in the
kernel regions tree.
2022-01-28 23:41:18 +01:00
Idan Horowitz
e1ad9326df Kernel: Remove unimplemented AHCIPort::is_hot_pluggable declaration 2022-01-28 19:05:52 +02:00
Idan Horowitz
5146315a15 Kernel: Convert MemoryManager::allocate_user_physical_page to ErrorOr
This allows is to use the TRY macro at the call sites, instead of using
clunky null checks.
2022-01-28 19:05:52 +02:00
Idan Horowitz
bd5b56cab0 Kernel: Make allocate_supervisor_physical_page OOM-fallible 2022-01-28 19:05:52 +02:00
Idan Horowitz
4d2f1a05ec Kernel: Make allocate_contiguous_supervisor_physical_pages OOM-fallible 2022-01-28 19:05:52 +02:00
Idan Horowitz
956824afe2 Kernel: Use memset instead of fast_u32_fill in MemoryManager zero fills
When the values we're setting are not actually u32s and the size of the
area we're setting is PAGE_SIZE-aligned and a multiple of PAGE_SIZE in
size, there's no point in using fast_u32_fill, as that forces us to use
STOSDs instead of STOSQs.
2022-01-28 19:05:52 +02:00
Idan Horowitz
c131e69748 Kernel: Make UHCIController::spawn_port_process OOM-fallible 2022-01-28 19:05:52 +02:00
Idan Horowitz
ad7d4d9be1 Kernel: Rename UHCIController::{spawn_port_proc => spawn_port_process}
There's no need to use this non-standard shorthand mnemonic.
(This commit also removes the unimplemented do_debug_transfer while
we're here.)
2022-01-28 19:05:52 +02:00
Andreas Kling
31c1094577 Kernel: Don't mess with thread state in Process::do_exec()
We were marking the execing thread as Runnable near the end of
Process::do_exec().

This was necessary for exec in processes that had never been scheduled
yet, which is a specific edge case that only applies to the very first
userspace process (normally SystemServer). At this point, such threads
are in the Invalid state.

In the common case (normal userspace-initiated exec), making the current
thread Runnable meant that we switched away from its current state:
Running. As the thread is indeed running, that's a bogus change!
This created a short time window in which the thread state was bogus,
and any attempt to block the thread would panic the kernel (due to a
bogus thread state in Thread::block() leading to VERIFY_NOT_REACHED().)

Fix this by not touching the thread state in Process::do_exec()
and instead make the first userspace thread Runnable directly after
calling Process::exec() on it in try_create_userspace_process().

It's unfortunate that exec() can be called both on the current thread,
and on a new thread that has never been scheduled. It would be good to
not have the latter edge case, but fixing that will require larger
architectural changes outside the scope of this fix.
2022-01-27 11:18:25 +01:00
Idan Horowitz
ac4583660b Kernel: Make VirtIO::ConsolePort construction OOM-fallible 2022-01-26 22:07:01 +00:00
Idan Horowitz
94a39db31d Kernel: Add try_create_device overload for static factory functions
This makes sure DeviceManagement::try_create_device will call the
static factory function (if available) instead of directly calling the
constructor, which will allow us to move OOM-fallible calls out of
Device constructors.
2022-01-26 22:07:01 +00:00
Idan Horowitz
9259bce34e Kernel: Remove unimplemented is_device_event_queue_ready_to_read method 2022-01-26 22:07:01 +00:00
Idan Horowitz
e729c3ae36 Kernel: Add missing nothrow tag to DeviceManagement::try_create_device
Without this tag this method was essentially a must_create.
2022-01-26 22:07:01 +00:00
Idan Horowitz
a0f404551e Kernel: Ignore allocation failures during thread finalization
We ignore allocation failures above the first 32 guaranteed thread
slots, and just flag our future-selves to finalize these threads at a
later point.
2022-01-26 22:05:34 +00:00
Idan Horowitz
7e9df6ddba Kernel: Remove always-false Thread::drop_thread_count boolean parameter 2022-01-26 22:05:34 +00:00
Idan Horowitz
1e941fc3cc Kernel: Make VirtualRangeAllocator::carve_from_region OOM-fallible 2022-01-26 22:05:34 +00:00
Linus Groh
c05feaaa74 Kernel/Storage: Dump detected devices and partitions before PANIC()'ing
If we panic the kernel for a storage-related reason, we might as well be
helpful and print out a list of detected storage devices and their
partitions to help with debugging.

Reasons for such a panic include:
- No boot device with the given name found
- No boot device with the given UUID found
- Failing to open the root filesystem after determining a boot device
2022-01-26 21:34:26 +00:00
Linus Groh
d8fb3290d5 Kernel/Storage: Add device null check in AHCIPort::handle_interrupt()
Before attempting to remove the device while handling an AHCI port
interrupt, check if m_connected_device is even non-null.
This happened during my bare metal run and caused a kernel panic.
2022-01-26 21:34:26 +00:00
Brian Gianforcaro
1422187427 Kernel: Add tracing to help catch thread blocking with incorrect state
A number of crashes in this `VERIFY_NOT_REACHED` case have been
reported on discord. Lets add some tracing to gather more information
and help diagnose what is the cause of these crashes.
2022-01-26 16:44:50 +02:00
Brian Gianforcaro
e954b4bdd4 Kernel: Return error from sys$execve() when called with zero arguments
There are many assumptions in the stack that argc is not zero, and
argv[0] points to a valid string. The recent pwnkit exploit on Linux
was able to exploit this assumption in the `pkexec` utility
(a SUID-root binary) to escalate from any user to root.

By convention `execve(..)` should always be called with at least one
valid argument, so lets enforce that semantic to harden the system
against vulnerabilities like pwnkit.

Reference: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
2022-01-26 13:05:59 +01:00
Tom
4383b26faa Kernel: Enable Write-Combine for FramebufferDevice
This enables much faster writing to the userspace mapped framebuffer,
if supported by the hardware.
2022-01-26 09:21:04 +02:00
Tom
6e46e21c42 Kernel: Implement Page Attribute Table (PAT) support and Write-Combine
This allows us to enable Write-Combine on e.g. framebuffers,
significantly improving performance on bare metal.

To keep things simple we right now only use one of up to three bits
(bit 7 in the PTE), which maps to the PA4 entry in the PAT MSR, which
we set to the Write-Combine mode on each CPU at boot time.
2022-01-26 09:21:04 +02:00
Idan Horowitz
1abbe9b02c Kernel: Ignore allocation failures when appending threads to coredump
We shouldn't panic due to a failure in coredump generation
2022-01-26 02:37:03 +02:00
Idan Horowitz
d1433c35b0 Kernel: Handle OOM failures in find_shebang_interpreter_for_executable 2022-01-26 02:37:03 +02:00
Idan Horowitz
8cf0e4a5e4 Kernel: Eliminate allocations from generate_auxiliary_vector 2022-01-26 02:37:03 +02:00
Idan Horowitz
a6f0ab358a Kernel: Make AddressSpace::find_regions_intersecting OOM-fallible 2022-01-26 02:37:03 +02:00
Idan Horowitz
dab73d6d23 Kernel: Make pledge serialization in /proc/all generation OOM-fallible 2022-01-26 02:37:03 +02:00
Idan Horowitz
e23d320bb9 Kernel: Fail gracefully due to OOM on HashTable set in sys$setgroups 2022-01-26 02:37:03 +02:00
Idan Horowitz
a9cd8ca841 Kernel: Make Inode::register_watcher() OOM-fallible 2022-01-26 02:37:03 +02:00
Idan Horowitz
87bd930e7e Kernel: Make InodeWatcher inode registration completely OOM-fallible
InodeWatcher::register_inode was already partially fallible, but the
insertion of the inodes and watch descriptions into their respective
hash maps was not. Note that we cannot simply TRY the insertion into
both, as that could result in an inconsistent state, instead we must
remove the inode from the inode hash map if the insertion into the
watch description hash map failed.
2022-01-26 02:37:03 +02:00
Idan Horowitz
bd603003b5 Kernel: Make AddressSpace::amount_clean_inode() OOM-fallible 2022-01-26 02:37:03 +02:00
Idan Horowitz
daf6b59a01 Kernel: Make StorageDevice partial block writes OOM-fallible 2022-01-26 02:37:03 +02:00
Idan Horowitz
c9d026d7bc Kernel: Perform DeviceManagement initialization after MM is initialized
There's no need to perform it this early, and until the MemoryManager
is initialized we have very limited kmalloc capacity, so let's try and
keep anything that's not required to be there out of there.
2022-01-25 22:41:26 +02:00
Idan Horowitz
fa0a052fc6 Kernel: Use PARTUUID: instead of PARTUUID= as the partition uuid prefix
This makes the functionality work again, as we no longer allow any
equal signs inside boot parameter values.
2022-01-25 22:41:17 +02:00
Idan Horowitz
971ab3b919 Kernel: Use u64 instead of size_t in the STORAGE_DEVICE_GET_SIZE ioctl
This ensures the device size doesn't get truncated on i686.
2022-01-25 22:41:17 +02:00
Idan Horowitz
d1ed554dc8 Kernel: Use u64 instead of u32 and u16 in StorageDevice::{read, write}
This ensures offsets will not be truncated on large filesystems on i686
2022-01-25 22:41:17 +02:00