Commit graph

161 commits

Author SHA1 Message Date
Idan Horowitz
bee2de4b31 Kernel: Use an IntrusiveRedBlackTree for storing the cr3 mappings
This ensures we don't allocate when intializing the PageDirectory.
2021-09-08 19:17:07 +03:00
Andreas Kling
b481132418 Kernel: Make UserOrKernelBuffer return KResult from read/write/memset
This allows us to simplify a whole bunch of call sites with TRY(). :^)
2021-09-07 13:53:14 +02:00
Brian Gianforcaro
abc523a5ab Kernel: Specify a lock rank for s_mm_lock 2021-09-07 13:16:01 +02:00
Andreas Kling
56a2594de7 Kernel: Make KString factories return KResultOr + use TRY() everywhere
There are a number of places that don't have an error propagation path
right now, so I've added FIXME's about that.
2021-09-06 19:25:36 +02:00
Andreas Kling
f16b9a691f Kernel: Rename ProcessPagingScope => ScopedAddressSpaceSwitcher 2021-09-06 18:56:51 +02:00
Andreas Kling
cd8d52e6ae Kernel: Improve API names for switching address spaces
- enter_space => enter_address_space
- enter_process_paging_scope => enter_process_address_space
2021-09-06 18:56:51 +02:00
Andreas Kling
6e3381ac32 Kernel: Use KResultOr and TRY() for {Shared,Private}InodeVMObject 2021-09-06 13:06:05 +02:00
Andreas Kling
e3a716ceff Kernel: Make Memory::Region::map() return KResult
..and use TRY() at the call sites to propagate errors. :^)
2021-09-06 13:06:05 +02:00
Andreas Kling
a994f11f10 Kernel: Make AddressSpace::add_region() return KResultOr<Region*>
This allows us to use TRY() in a few places.
2021-09-06 02:02:06 +02:00
Andreas Kling
062cc804e7 Kernel: Use TRY() some more in Memory::AddressSpace 2021-09-06 01:59:30 +02:00
Andreas Kling
75564b4a5f Kernel: Make kernel region allocators return KResultOr<NOP<Region>>
This expands the reach of error propagation greatly throughout the
kernel. Sadly, it also exposes the fact that we're allocating (and
doing other fallible things) in constructors all over the place.

This patch doesn't attempt to address that of course. That's work for
our future selves.
2021-09-06 01:55:27 +02:00
Andreas Kling
f4a9a0d561 Kernel: Make VirtualRangeAllocator return KResultOr<VirtualRange>
This achieves two things:
- The allocator can report more specific errors
- Callers can (and now do) use TRY() :^)
2021-09-06 01:55:27 +02:00
Andreas Kling
21f7932ae2 Kernel: Use TRY() and adopt_nonnull_ref_or_enomem() in AnonymousVMObject 2021-09-06 01:55:27 +02:00
Andreas Kling
52cbbe1dc5 Kernel: Actually share committed CoW pages
Due to a double-move mistake, we were always clearing the shared
committed CoW pages in the parent when forking.
2021-09-06 01:55:27 +02:00
Andreas Kling
2f790cf78f Kernel: Make MM.commit_user_physical_pages() return KResultOr
..and use TRY() at call sites. :^)
2021-09-06 01:55:27 +02:00
Brian Gianforcaro
bb58a4d943 Kernel: Make all Spinlocks use u8 for storage, remove template
The default template argument is only used in one place, and it
looks like it was probably just an oversight. The rest of the Kernel
code all uses u8 as the type. So lets make that the default and remove
the unused template argument, as there doesn't seem to be a reason to
allow the size to be customizable.
2021-09-05 20:46:02 +02:00
Andreas Kling
3631ebe963 Kernel: Use TRY() in AnonymousVMObject 2021-09-05 16:25:40 +02:00
Andreas Kling
f20d1f0cc6 Kernel: Use TRY() in Region 2021-09-05 16:25:40 +02:00
Andreas Kling
4b7575fabd Kernel: Unbreak x86_64 build (PageDirectory) 2021-09-05 15:38:57 +02:00
Andreas Kling
83fed5b2de Kernel: Tidy up Memory::AddressSpace construction
- Return KResultOr<T> in places
- Propagate errors
- Use TRY()
2021-09-05 15:13:20 +02:00
Andreas Kling
5ba10c6017 Kernel: Use TRY() in Memory::AddressSpace 2021-09-05 14:40:18 +02:00
sin-ack
566c5d1e99 AK+Kernel: Move KResult.h to Kernel/API for userspace access
This commit moves the KResult and KResultOr objects to Kernel/API to
signify that they may now be freely used by userspace code at points
where a syscall-related error result is to be expected. It also exposes
KResult and KResultOr to the global namespace to make it nicer to use
for userspace code.
2021-09-05 12:54:48 +02:00
Luke Wilde
01af7d1ae1 Kernel: Don't use {:p} when printing out invalid userspace stack pointer
`userspace_esp` is a virtual address and thus using `{:p}` on it is
invalid and will cause an assertion failure.

I ran into this while testing #9772.
2021-09-03 11:46:40 +02:00
Andreas Kling
eaf88cc78a AK: Rename create<T> => make_ref_counted<T>
And also try_create<T> => try_make_ref_counted<T>.

A global "create" was a bit much. The new name matches make<T> better,
which we've used for making single-owner objects since forever.
2021-09-03 02:36:09 +02:00
Andreas Kling
68bf6db673 Kernel: Rename Spinlock::is_owned_by_current_thread()
...to is_owned_by_current_processor(). As Tom pointed out, this is
much more accurate. :^)
2021-08-29 22:19:42 +02:00
Andreas Kling
0b4671add7 Kernel: {Mutex,Spinlock}::own_lock() => is_locked_by_current_thread()
Rename these API's to make it more clear what they are checking.
2021-08-29 12:53:11 +02:00
Brian Gianforcaro
16ad297078 Kernel: Annotate Memory::Region APIs with [[nodiscard]]
This is an attempt to mitigate callers not observing the result of
map or remap.
2021-08-25 00:18:42 +02:00
Brian Gianforcaro
485f51690d Kernel: Always observe the return value of Region::map and remap
We have seen cases where the map fails, but we return the region
to the caller, causing them to page fault later on when they touch
the region.

The fix is to always observe the return code of map/remap.
2021-08-25 00:18:42 +02:00
Andreas Kling
a930877f31 Kernel: Mape quickmap functions VERIFY that MM lock is held
The quickmap_page() and unquickmap_page() functions are used to map a
single physical page at a kernel virtual address for temporary access.

These use the per-CPU quickmap buffer in the page tables, and access to
this is guarded by the MM lock. To prevent bugs, quickmap_page() should
not *take* the MM lock, but rather verify that it is already held!

This exposed two situations where we were using quickmap without holding
the MM lock during page fault handling. This patch is forced to fix
these issues (which is great!) :^)
2021-08-23 00:02:09 +02:00
Andreas Kling
dea93a8bb9 Kernel: Rename Processor::id() => current_id()
And let id() be the non-static version that gives you the ID of a
Processor object.
2021-08-23 00:02:09 +02:00
Andreas Kling
d60635cb9d Kernel: Convert Processor::in_irq() to static current_in_irq()
This closes the race window between Processor::current() and a context
switch happening before in_irq().
2021-08-23 00:02:09 +02:00
Andreas Kling
c922a7da09 Kernel: Rename ScopedSpinlock => SpinlockLocker
This matches MutexLocker, and doesn't sound like it's a lock itself.
2021-08-22 03:34:10 +02:00
Andreas Kling
55adace359 Kernel: Rename SpinLock => Spinlock 2021-08-22 03:34:10 +02:00
Andreas Kling
ed6f84c2c9 Kernel: Rename SpinLockProtectedValue<T> => SpinLockProtected<T> 2021-08-22 03:34:09 +02:00
Idan Horowitz
cf271183b4 Kernel: Make Process::current() return a Process& instead of Process*
This has several benefits:
1) We no longer just blindly derefence a null pointer in various places
2) We will get nicer runtime error messages if the current process does
turn out to be null in the call location
3) GCC no longer complains about possible nullptr dereferences when
compiling without KUBSAN
2021-08-19 23:49:53 +02:00
Andreas Kling
b70b3a9b92 Kernel: Remove unused VMObject::is_contiguous() 2021-08-17 01:21:47 +02:00
Andreas Kling
4226b662cd Kernel+Userland: Remove global futexes
We only ever use private futexes, so it doesn't make sense to carry
around all the complexity required for global (cross-process) futexes.
2021-08-17 01:21:47 +02:00
Andreas Kling
7979b5a8bb Kernel: Port VMObject to ListedRefCounted
The VMObject class now manages its own instance list (it was previously
a member of MemoryManager.) Removal from the list is done safely on the
last unref(), closing a race window in the previous implementation.

Note that VMObject::all_instances() now has its own lock instead of
using the global MM lock.
2021-08-17 01:21:47 +02:00
Andreas Kling
a154faebb7 Kernel: Use NonnullRefPtr<PhysicalPage> in PageDirectory::m_page_tables
We don't care to store null page pointers in the page table map.
2021-08-15 16:53:03 +02:00
sin-ack
0a18425cbb Kernel: Make Memory::Region allocation functions return KResultOr
This makes for some nicer handling of errors compared to checking an
OwnPtr for null state.
2021-08-15 15:41:02 +02:00
sin-ack
4bfd6e41b9 Kernel: Make Kernel::VMObject allocation functions return KResultOr
This makes for nicer handling of errors compared to checking whether a
RefPtr is null. Additionally, this will give way to return different
types of errors in the future.
2021-08-15 15:41:02 +02:00
Andreas Kling
f357fd91da Kernel: Don't hog MM lock in Memory::Region::clone()
We don't need to hold the MM lock across all of Region::clone().
2021-08-09 11:46:31 +02:00
Andreas Kling
08b4d8f0de Kernel: Fix deadlock in ~Memory::Region()
First off: unregister the region from MemoryManager before unmapping it.
The order of operations here was a bit strange, presumably to avoid a
situation where a fault would happen while unmapping, and the fault
handler would find the MemoryManager region list in an invalid state.

Unregistering it before unmapping sidesteps the whole problem, and
allows us to easily fix another problem: a deadlock could occur due
to inconsistent acquisition order (PageDirectory must come before MM.)
2021-08-09 11:46:31 +02:00
Andreas Kling
95c8e421ae Kernel: Don't hog MM lock in find_region_from_vaddr()
We don't want to be holding the MM lock if it's a user region and we
have to consult the page directory, since that can lead to a deadlock
if we don't already have the page directory lock.
2021-08-09 11:46:31 +02:00
Andreas Kling
96c7b70de3 Kernel: Remove unused list of user regions in MemoryManager
We were putting all the user Region objects on an intrusive list
but not using it for anything.
2021-08-09 11:46:31 +02:00
Andreas Kling
6283acb6b7 Kernel/SMP: Don't panic in inode fault if other CPU already paged it in
It may happen that CPU A manages to page in from the same inode
while we're just entering the same page fault handler on CPU B.

Handle it gracefully by checking if the data has already been paged in
(instead of VERIFY'ing that it hasn't) and then remap the page if that's
the case.
2021-08-09 11:46:31 +02:00
Andreas Kling
00bbbdeda6 Kernel/SMP: Always take PageDirectory lock before the MemoryManager lock
This prevents deadlocking due to inconsistent acquisition order.
2021-08-09 11:46:31 +02:00
Daniel Bertalan
fa8507d1ce Kernel: Fix UB caused by taking a reference to a packed struct's member
Taking a reference or a pointer to a value that's not aligned properly
is undefined behavior. While `[[gnu::packed]]` ensures that reads from
and writes to fields of packed structs is a safe operation, the
information about the reduced alignment is lost when creating pointers
to these values.

Weirdly enough, GCC's undefined behavior sanitizer doesn't flag these,
even though the doc of `-Waddress-of-packed-member` says that it usually
leads to UB. In contrast, x86_64 Clang does flag these, which renders
the 64-bit kernel unable to boot.

For now, the `address-of-packed-member` warning will only be enabled in
the kernel, as it is absolutely crucial there because of KUBSAN, but
might get excessively noisy for the userland in the future.

Also note that we can't append to `CMAKE_CXX_FLAGS` like we do for other
flags in the kernel, because flags added via `add_compile_options` come
after these, so the `-Wno-address-of-packed-member` in the root would
cancel it out.
2021-08-08 10:55:36 +02:00
Andreas Kling
c94c15d45c Everywhere: Replace AK::Singleton => Singleton 2021-08-08 00:03:45 +02:00
Andreas Kling
15d033b486 Kernel: Remove unused Process pointer in Memory::AddressSpace
Nobody was using the back-pointer to the process, so let's lose it.
2021-08-08 00:03:45 +02:00