Instead of keeping a separate Vector<Event> for signposts, let them live
in the main event stream. For fast iteration, we instead keep a cache of
the signpost event indices.
The C++ standard specifies that `free` and `operator delete` should
be callable with nullptr. The non-aligned `kfree` already handles this,
but because of the pointer arithmetic to obtain the allocation start
pointer, the aligned version would produce undefined behavior.
In e7fb70b05, regular kmalloc was changed to return nullptr on
allocation failure instead of crashing. The `kmalloc_aligned_cxx`
wrapper used by the aligned operator new should do the same.
When building a port as a dependency for another port the HOST_*
variables were previously initialized with values referring to the
SerenityOS toolchain.
Fixes#9168.
In #9373, /usr/local/bin was added to the unveiled directories to make
symbolization work on ports. This directory only exists if at least one
port is installed, so unveil would fail with ENOENT if we had none.
Enable the LOCK_DEBUG functionality for these new APIs, as it looks
like we want to move the whole system to use this in the not so distant
future. :^)
The LOCK_DEBUG conditional code is pretty ugly for a feature that we
only use rarely. We can remove a significant amount of this code by
utilizing a zero sized fake type when not building in LOCK_DEBUG mode.
This lets us keep the same API, but just let the compiler optimize it
away when don't actually care about the location the caller came from.
Calling error() on KResult is a mistake I made in 7ba991dc37, so
instead of doing that, which triggers an assertion if an error occured,
in Inode::read_entire method with VERIFY(nread <= sizeof(buffer)), we
really should just return the KResult and not to call error() on it.
This script will instantiate a HackStudio template into a project on the
host. It currently supports all templates used by HackStudio.
To avoid having to maintain compatibility between other shells and the
Serenity shell in the postcreate scripts, we build the Serenity shell
with Lagom and use that to run the script.
Previously the system would assume the socket was connected after the
file descriptor became writeable. Just because the fd is signaled as
ready for output does not necessarily indicate the socket is connected.
Instead, we should check the status of the socket with SO_ERROR and
handle successes/errors accordingly.
When TCP sockets successfully establish a connection, any SO_ERROR
should be cleared back to success. For example, SO_ERROR gets set to
EINPROGRESS on asynchronous connect calls and should be cleared when
the socket moves to the Established state.
Adds netstat command line argument to display slash-separated pair of
the id and name of the process that owns the socket. User must have
superuser privileges to see information on non-owned sockets.
This allows for commands like netstat to reference /proc/net and
identify a connection's owning process. Process information is limited
to superusers and user owned processes.
Previously, libcurl is not used in the git build because the test
program in configure fails to link against it properly. We bypass the
test and make sure we link against all necessary libraries (libssl,
libcrypto and zlib).
Previously, the git port would fail in various ways because it uses an
uname detection mechanism to update the configurations, and Makefile
would receive incorrect configurations from the host system. This makes
sure the build uses the correct configurations detected by ./configure.
Fixes#9357.
Problem:
- ToT clang will not build due to casting `nullptr` to `u8*`. This is
redundant because it casts to get a `0` then subtracts it.
Solution:
- Remove it since subtracting `0` doesn't do anything.
Now that we have a significant amount of code paths handling OOM, lets
enable kmalloc and friends to actually return nullptr. This way we can
start stressing these paths and validating all of they work as expected.
The implementation uses try_copy_kstring_from_user to allocate a kernel
string using, but does not use the length of the resulting string.
The size parameter to the syscall is untrusted, as try copy kstring will
attempt to perform a `safe_strlen(..)` on the user mode string and use
that value for the allocated length of the KString instead. The bug is
that we are printing the kstring, but with the usermode size argument.
During fuzzing this resulted in us walking off the end of the allocated
KString buffer printing garbage (or any kernel data!), until we stumbled
in to the KSym region and hit a fatal page fault.
This is technically a kernel information disclosure, but (un)fortunately
the disclosure only happens to the Bochs debug port, and or the serial
port if serial debugging is enabled. As far as I can tell it's not
actually possible for an untrusted attacker to use this to do something
nefarious, as they would need access to the host. If they have host
access then they can already do much worse things :^).
The only two paths for copying strings in the kernel should be going
through the existing Userspace<char const*>, or StringArgument methods.
Lets enforce this by removing the option for using the raw cstring APIs
that were previously available.
Having lots of small files in Base/ may require more inodes in the
ext2 filesystem than the format utility sets aside by default. Let's
make a more educated guess since we have a rough idea of how many
inodes we need by counting files and directories.
