summaryrefslogtreecommitdiff
path: root/Kernel/Syscalls/ptrace.cpp
diff options
context:
space:
mode:
authorBrian Gianforcaro <bgianf@serenityos.org>2021-12-29 01:11:45 -0800
committerAndreas Kling <kling@serenityos.org>2021-12-29 18:08:15 +0100
commit54b9a4ec1e7c08a99508d30d150fa17bfe1ee2dc (patch)
tree6e8958e82202e3ad0f3ae3fbbf48e8662e735ad2 /Kernel/Syscalls/ptrace.cpp
parentc444a3fc9e12eda8f4a391bce48fa78a7b2d2e4b (diff)
downloadserenity-54b9a4ec1e7c08a99508d30d150fa17bfe1ee2dc.zip
Kernel: Handle promise violations in the syscall handler
Previously we would crash the process immediately when a promise violation was found during a syscall. This is error prone, as we don't unwind the stack. This means that in certain cases we can leak resources, like an OwnPtr / RefPtr tracked on the stack. Or even leak a lock acquired in a ScopeLockLocker. To remedy this situation we move the promise violation handling to the syscall handler, right before we return to user space. This allows the code to follow the normal unwind path, and grantees there is no longer any cleanup that needs to occur. The Process::require_promise() and Process::require_no_promises() functions were modified to return ErrorOr<void> so we enforce that the errors are always propagated by the caller.
Diffstat (limited to 'Kernel/Syscalls/ptrace.cpp')
-rw-r--r--Kernel/Syscalls/ptrace.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/Kernel/Syscalls/ptrace.cpp b/Kernel/Syscalls/ptrace.cpp
index 0660c57b0c..59fd80e249 100644
--- a/Kernel/Syscalls/ptrace.cpp
+++ b/Kernel/Syscalls/ptrace.cpp
@@ -159,7 +159,7 @@ static ErrorOr<FlatPtr> handle_ptrace(const Kernel::Syscall::SC_ptrace_params& p
ErrorOr<FlatPtr> Process::sys$ptrace(Userspace<const Syscall::SC_ptrace_params*> user_params)
{
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this)
- require_promise(Pledge::ptrace);
+ TRY(require_promise(Pledge::ptrace));
auto params = TRY(copy_typed_from_user(user_params));
return handle_ptrace(params, *this);