diff options
| author | Liav A <liavalb@gmail.com> | 2021-08-07 22:30:06 +0300 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-08-12 20:57:32 +0200 |
| commit | 01b79910b3b881c26a972487fddb4251682438f5 (patch) | |
| tree | 28e3b7fe5ba9d1260e8da5df431042f50780c186 /Kernel/Syscalls/setuid.cpp | |
| parent | e405f436b69afd9cf553321c59c06f92eefaa239 (diff) | |
| download | serenity-01b79910b3b881c26a972487fddb4251682438f5.zip | |
Kernel/Process: Move protected values to the end of the object
The compiler can re-order the structure (class) members if that's
necessary, so if we make Process to inherit from ProcFSExposedComponent,
even if the declaration is to inherit first from ProcessBase, then from
ProcFSExposedComponent and last from Weakable<Process>, the members of
class ProcFSExposedComponent (including the Ref-counted parts) are the
first members of the Process class.
This problem made it impossible to safely use the current toggling
method with the write-protection bit on the ProcessBase members, so
instead of inheriting from it, we make its members the last ones in the
Process class so we can safely locate and modify the corresponding page
write protection bit of these values.
We make sure that the Process class doesn't expand beyond 8192 bytes and
the protected values are always aligned on a page boundary.
Diffstat (limited to 'Kernel/Syscalls/setuid.cpp')
| -rw-r--r-- | Kernel/Syscalls/setuid.cpp | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/Kernel/Syscalls/setuid.cpp b/Kernel/Syscalls/setuid.cpp index 0a9e7e607c..a16c0eeedb 100644 --- a/Kernel/Syscalls/setuid.cpp +++ b/Kernel/Syscalls/setuid.cpp @@ -21,7 +21,7 @@ KResultOr<FlatPtr> Process::sys$seteuid(uid_t new_euid) ProtectedDataMutationScope scope { *this }; - m_euid = new_euid; + m_protected_values.euid = new_euid; return 0; } @@ -37,7 +37,7 @@ KResultOr<FlatPtr> Process::sys$setegid(gid_t new_egid) set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_egid = new_egid; + m_protected_values.egid = new_egid; return 0; } @@ -53,9 +53,9 @@ KResultOr<FlatPtr> Process::sys$setuid(uid_t new_uid) set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_uid = new_uid; - m_euid = new_uid; - m_suid = new_uid; + m_protected_values.uid = new_uid; + m_protected_values.euid = new_uid; + m_protected_values.suid = new_uid; return 0; } @@ -71,9 +71,9 @@ KResultOr<FlatPtr> Process::sys$setgid(gid_t new_gid) set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_gid = new_gid; - m_egid = new_gid; - m_sgid = new_gid; + m_protected_values.gid = new_gid; + m_protected_values.egid = new_gid; + m_protected_values.sgid = new_gid; return 0; } @@ -98,8 +98,8 @@ KResultOr<FlatPtr> Process::sys$setreuid(uid_t new_ruid, uid_t new_euid) set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_uid = new_ruid; - m_euid = new_euid; + m_protected_values.uid = new_ruid; + m_protected_values.euid = new_euid; return 0; } @@ -123,9 +123,9 @@ KResultOr<FlatPtr> Process::sys$setresuid(uid_t new_ruid, uid_t new_euid, uid_t set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_uid = new_ruid; - m_euid = new_euid; - m_suid = new_suid; + m_protected_values.uid = new_ruid; + m_protected_values.euid = new_euid; + m_protected_values.suid = new_suid; return 0; } @@ -149,9 +149,9 @@ KResultOr<FlatPtr> Process::sys$setresgid(gid_t new_rgid, gid_t new_egid, gid_t set_dumpable(false); ProtectedDataMutationScope scope { *this }; - m_gid = new_rgid; - m_egid = new_egid; - m_sgid = new_sgid; + m_protected_values.gid = new_rgid; + m_protected_values.egid = new_egid; + m_protected_values.sgid = new_sgid; return 0; } @@ -164,7 +164,7 @@ KResultOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<const gid_t*> if (!count) { ProtectedDataMutationScope scope { *this }; - m_extra_gids.clear(); + m_protected_values.extra_gids.clear(); return 0; } @@ -181,13 +181,13 @@ KResultOr<FlatPtr> Process::sys$setgroups(size_t count, Userspace<const gid_t*> } ProtectedDataMutationScope scope { *this }; - if (!m_extra_gids.try_resize(unique_extra_gids.size())) + if (!m_protected_values.extra_gids.try_resize(unique_extra_gids.size())) return ENOMEM; size_t i = 0; for (auto& extra_gid : unique_extra_gids) { if (extra_gid == gid()) continue; - m_extra_gids[i++] = extra_gid; + m_protected_values.extra_gids[i++] = extra_gid; } return 0; } |