Commit graph

16377 commits

Author SHA1 Message Date
Andreas Kling
9984201634 Kernel: Use KResult a bit more in the IPv4 networking code 2021-01-31 12:13:16 +01:00
Ben Wiederhake
b00799b9ce Kernel: Make /proc/self/ work again
I have no idea when it broke.

Inspired by https://www.thanassis.space/bashheimer.html
2021-01-31 12:03:14 +01:00
Andreas Kling
e313323317 LibELF: Split the DynamicLoader's loading mechanism into two steps
load_from_image() becomes map() and link(). This allows us to map
an object before mapping its dependencies.

This solves an issue where fixed-position executables (like GCC)
would clash with the ASLR placement of their own shared libraries.
2021-01-31 11:46:00 +01:00
Andreas Kling
36525c0572 LibELF: Assert on multiple calls to DynamicLoader::load_from_image()
It would be a mistake to recreate the cached DynamicObject.
2021-01-31 11:32:16 +01:00
Andreas Kling
2b862e4569 LibELF: Don't validate ELF twice in DynamicLoader
Validation was happening in two steps, some in the constructor, and then
some later on, in load_from_image().

This made no sense so just move all the validation to the constructor.
2021-01-31 11:29:23 +01:00
Andreas Kling
68576bcf1b LibELF: Call mmap() before constructing the DynamicLoader object
Refactor DynamicLoader construction with a try_create() helper so that
we can call mmap() before making a loader. This way the loader doesn't
need to have an "mmap failed" state.

This patch also takes care of determining the ELF file size in
try_create() instead of expecting callers to provide it.
2021-01-31 11:06:00 +01:00
Andreas Kling
d71bfb9614 LibC: Fix bad error check after open() in dlopen() 2021-01-31 11:06:00 +01:00
Lenny Maiorani
be5311be99 Vector: Correctly pass args to insert, insert_before_matching, prepend
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.

Note:
- `append` is not being changed because there are several overloads
  for appending single values and concatenating vectors. This
  conflation needs to be addressed first.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
537bedbf38 HashTable: Correctly pass args to set
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
2490fc79ad CircularQueue: Correctly pass args to enqueue
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
a2501c3981 CircularDeque: Correctly pass args to enqueue
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
b754121da7 Queue: Correctly pass args to enqueue
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
73d6c73b48 SinglyLinkedList: Correctly pass args to append, insert_before, insert_after
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Lenny Maiorani
5cee5725e7 SinglyLinkedListWithCount: Correctly pass args to append, insert_before, insert_after
Problem:
- Using regular functions rather than function templates results in
  the arguments not being deduced. This then requires the same
  function to be written multiple times and for `move` to be used
  rather than `forward`.

Solution:
- Collapse multiple function overloads to a single function template
  with a deduced argument. This allows the argument to be a forwarding
  reference and bind to either an l-value or r-value and forward the
  value.
2021-01-31 10:48:12 +01:00
Andreas Kling
6e4e3a7612 Kernel: Remove pledge exception for sys$getsockopt() with SO_PEERCRED
We had an exception that allowed SOL_SOCKET + SO_PEERCRED on local
socket to support LibIPC's PID exchange mechanism. This is no longer
needed so let's just remove the exception.
2021-01-31 09:29:27 +01:00
Andreas Kling
1b5be4a342 LibIPC: Stop exchanging client/server PIDs in greeting handshake
The PIDs were used for sharing shbufs between processes, but now that
we have migrated to file descriptor passing, we no longer need to know
the PID of the other side.
2021-01-31 09:29:27 +01:00
Brendan Coles
50092ea0ca Inspector: Exit if inspected process has not pledged accept 2021-01-31 09:08:51 +01:00
Andreas Kling
df2a4adcd2 Browser+LibWeb+WebContent: Make the "Debug" menu work in multi-process
This patch adds an IPC call for debugging requests. It's stringly typed
and very simple, and allows us to easily implement all the features in
the Browser's Debug menu.
2021-01-31 09:07:46 +01:00
Andreas Kling
1dad47c0f9 WebContent: Set the main thread name based on the current page host
We now show up as "WebContent: www.serenityos.org" in System Monitor,
which is just super neat. :^)
2021-01-30 23:43:18 +01:00
Andreas Kling
4d777a9bf4 Kernel: Allow changing thread names with the "stdio" promise
It's useful for programs to change their thread names to say something
interesting about what they are working on. Let's not require "thread"
for this since single-threaded programs may want to do it without
pledging "thread".
2021-01-30 23:38:57 +01:00
Andreas Kling
ded78fc074 Browser: Turn on multi-process mode by default :^)
Frick it, let's just enable this by default and give ourselves a reason
to improve things! Some things are broken, and there's a bit of flicker
when resizing, but we can do this.

This drastically improves our web browsing security model by isolating
each tab into its own WebContent process that runs as an unprivileged
user with a tight pledge+unveil sandbox.

To get a single-process browser, you can start it with -s.
2021-01-30 23:16:41 +01:00
Andreas Kling
74c8490acd LibWeb: Don't try to create GUI::TextBox inside multi-process web views
This is a workaround until we can implement a proper <input type=text>
in terms of LibWeb primitives.

This makes google.com not crash in multi-process mode (but there is no
search box.)
2021-01-30 23:16:41 +01:00
Matteo Sozzi
32a363ded5 HackStudio: removed toggle_index
Removed `m_project_tree_view->toggle_index()` when adding new file to
project.
2021-01-30 22:59:59 +01:00
etaIneLp
e625ae1130 WindowManager: Restore a window's geometry when untiling it
Specifically, when untiling it using the Super-{Left,Right} shortcuts

Fixes #5182
2021-01-30 22:59:16 +01:00
Peter Elliott
c0e88b9710 Kernel: Add FIBMAP ioctl to Ext2FileSystem
FIBMAP is a linux ioctl that gives the location on disk of a specific
block of a file
2021-01-30 22:54:51 +01:00
Linus Groh
e8aae033f1 LibWeb: URL-encode/escape variables used in OOPWV's crash error page
This fixes arbitrary HTML injections via the URL on OOPWV's crash error
page - probably not a security issue, but annoying nonetheless.
2021-01-30 22:49:34 +01:00
Linus Groh
ec57c6c836 Meta: Fix sync-local.sh file check
Missing '{'. Thanks to @BenWiederhake for noticing!
2021-01-30 22:49:02 +01:00
Andreas Kling
f3e85e43c7 LibWeb: Handle WebContent process crashes gracefully :^)
The OOPWV will now detect WebContent process crashes/disconnections and
simply create a new WebContent process in its place. We also generate a
little error page with a link to the crashing URL so you can reload and
try again.

This a huge step forward for OOPWV since it now has a feature that IPWV
can never replicate. :^)
2021-01-30 18:27:39 +01:00
AnotherTest
322936115e LibProtocol: Bump download stream buffer to PAGE_SIZE
I think this should scale based on the network speed (or download
rate?), but for the time being, 4K seems to be good-enough.
2021-01-30 14:12:14 +01:00
AnotherTest
904e1002b8 pro: Use a rolling average for the download rate calculation
This makes it jump around less, and give a decent-ish representation of
download speed.
2021-01-30 14:12:14 +01:00
AnotherTest
bdda1600d0 WebServer: Stream the downloaded files
...instead of reading them into memory first.
This makes it possible to download large files from WebServer.
2021-01-30 14:12:14 +01:00
Brendan Coles
58abdde2e4 Inspector: Allow browsing inspection data in UI after process exits 2021-01-30 14:10:10 +01:00
Matteo Sozzi
f80b40b411 HackStudio: do not toggle_index in open_project
When opening a new project `m_prject_tree_view->toggle_index()` is not
needed because `m_project_tree_view->set_model()` already updates the
indexes.
2021-01-30 14:08:41 +01:00
Andreas Kling
d9c5fdf5d5 LibGUI: Handle Window::hide() during Application teardown better
If a window is being torn down during app shutdown, the global
application pointer may be nulled out already. So let's handle that
case gracefully in Window::hide().
2021-01-30 14:03:53 +01:00
Andreas Kling
5bf9999652 LibELF: Add a bunch of overflow checks in ELF validation 2021-01-30 13:54:24 +01:00
Andreas Kling
90343eeaeb Revert "Kernel: Return -ENOTDIR for non-directory mount target"
This reverts commit b7b09470ca.

Mounting a file on top of a file is a valid thing we support.
2021-01-30 13:52:12 +01:00
Andreas Kling
dc17e01c99 AK: Allow Checked += Checked, and other such operations
The overflow state from both Checkeds is OR'ed in the result.
2021-01-30 13:52:12 +01:00
Linus Groh
6b7c96589b Everywhere: Add missing parent window to about dialogs
Partially addresses #5177.
2021-01-30 13:42:39 +01:00
Linus Groh
1a2b693242 HexEditor: Fix about dialog icon 2021-01-30 13:42:39 +01:00
Linus Groh
5b43419a63 SystemMonitor: Handle PCIDB::Database::open() failure gracefully
No need to dereference the nullptr, let's just show raw IDs instead.
2021-01-30 13:42:15 +01:00
Andreas Kling
9b0ca75f84 LibWeb: Add Frame::ViewportClient and use it for Layout::ImageBox
Image boxes want to know whether they are inside the visible viewport.
This is used to pause/resume animations, and to update the purgeable
memory volatility state.

Previously we would traverse the entire layout tree on every resize,
calling a helper on each ImageBox. Make those boxes register with the
frame they are interested in instead, saving us all that traversal.

This also makes it easier for other parts of the code to learn about
viewport changes in the future. :^)
2021-01-30 12:29:11 +01:00
Andreas Kling
1c6f278677 LookupServer: Unbreak reverse DNS lookups
We were ignoring everything but A records in DNS responses. This broke
reverse lookups which obviously want the PTR records.

Fix this by filtering on the requested record type instead of always A.
2021-01-30 12:06:51 +01:00
Andreas Kling
489d413fc7 LookupServer: Be a little more robust in case accept() fails 2021-01-30 11:55:21 +01:00
Andreas Kling
5cbc9d5724 LookupServer: Don't create Core::Object on the stack 2021-01-30 11:43:09 +01:00
Andreas Kling
553361d83f LibC: Protect the atexit() handler list when not writing to it
Remap the list of atexit handlers as read-only while we're not actively
writing to it. This prevents an attacker from using a memory write
primitive to gain code execution via the atexit list.

This is based on a technique used in OpenBSD. :^)
2021-01-30 10:41:36 +01:00
Andreas Kling
123c37e1c0 Kernel: Fix mix-up between MAP_STACK/MAP_ANONYMOUS in prot validation 2021-01-30 10:30:17 +01:00
Andreas Kling
e55ef70e5e Kernel: Remove "has made executable exception for dynamic loader" flag
As Idan pointed out, this flag is actually not needed, since we don't
allow transitioning from previously-executable to writable anyway.
2021-01-30 10:06:52 +01:00
Andreas Kling
5b37c0a71a LibC: Convert remaining String::format() to formatted()/number() 2021-01-30 09:29:51 +01:00
Ben Wiederhake
ec91f8ad1d LibELF: Avoid quadratic memory usage weakness
Section names are referred to by offset and length. We do not check
(and probably should not check) whether these names overlap in any way.
This opened the door to many sections (in this example: about 2700)
forcing ELF::Image::m_sections to contain endless copies of the same
huge string (in this case: 882K).

Fix this by loading only the first PAGE_SIZE bytes of each name.
Since section names are only relevant for relocations and debug
information and most section names are hard-coded (and far below 4096
bytes) anyway, this should be no restriction at all for 'normal'
executables.

Found by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29187
2021-01-30 09:25:02 +01:00
Ben Wiederhake
4332dfb964 LibGfx: Fix dynamic bitmasks in BMPs
I overlooked a corner case where we might call the built-in ctz() on zero.

Furthermore, the calculation of the shift was wrong and the results were often
unusable.

Both issue were caused by a forgotten 36daeee34f.
This time I made sure to look at bmpsuite_files first, and now they look good.

Found by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28985
2021-01-30 09:23:18 +01:00