asleepymoon/Luna
1
1
Fork 0
Code Issues Pull Requests Actions Projects Releases 8 Wiki Activity
fb3333a086
Luna/kernel/src/Pledge.cpp
apio dc766e1da7
Some checks failed
Build and test / build (push) Has been cancelled
Details
kernel: Rework VFS access checking + add processes 
VFS functions now accept a single Process* pointer instead of credentials and groups.
There is now a distinction between processes and threads
Now to fix all the bugs... waitpid crashes the process with an NX error...
2024-12-06 21:35:59 +01:00

75 lines
2.3 KiB
C++
Raw Blame History

#include "Pledge.h"
#include "Log.h"
#include "memory/MemoryManager.h"
#include "thread/Scheduler.h"
static const char* promise_names[] = {
#define __enumerate(promise) #promise,
enumerate_promises(__enumerate)
#undef __enumerate
};
Result<void> check_pledge(Process* process, Promise promise)
{
// Thread has not called pledge().
if (process->promises < 0) return {};
int mask = (1 << (int)promise);
if ((process->promises & mask) != mask)
{
kerrorln("Pledge violation in process %d! Has not pledged %s", process->id, promise_names[(int)promise]);
if (process->promises & (1 << (int)Promise::p_error)) return err(ENOSYS);
Scheduler::for_each_thread(process, [](Thread* thread) {
// Kill this thread with an uncatchable SIGABRT. For this, we reset the disposition of SIGABRT to the
// default (dump core). We could just kill the thread here and be done, but that discards anything on the
// current stack, which means that some destructors might not be called. Instead, leave the job to the next
// call of Thread::process_pending_signals().
thread->signal_handlers[SIGABRT - 1].sa_handler = SIG_DFL;
// Unblock SIGABRT.
thread->signal_mask.set(SIGABRT - 1, false);
// If there are any other pending signals, they might be processed before SIGABRT. Avoid that by resetting
// the thread's pending signals.
thread->pending_signals.clear();
thread->send_signal(SIGABRT);
return true;
});
// This should never arrive to userspace, unless we're init and have ignored SIGABRT.
return err(ENOSYS);
}
return {};
}
Result<int> parse_promises(u64 pledge)
{
if (!pledge) return -1;
auto text = TRY(MemoryManager::strdup_from_user(pledge));
if (text.is_empty()) return 0;
auto promises = TRY(text.split(" "));
int result = 0;
for (const auto& promise : promises)
{
for (int i = 0; i < (int)Promise::num_promises; i++)
{
if (promise.view() == promise_names[i])
{
result |= (1 << i);
goto found;
}
}
return err(EINVAL);
found:
continue;
}
return result;
}
Reference in New Issue View Git Blame Copy Permalink