| Age | Commit message (Collapse) | Author |
|---|
|
The absence of this check allowed silly things like this:
# touch file
# mount /dev/hda file
|
|
|
|
`allocate_randomized` assert an already sanitized size but `mmap` were
just forwarding whatever the process asked so it was possible to
trigger a kernel panic from an unpriviliged process just by asking some
randomly placed memory and a size non alligned with the page size.
This fixes this issue by rounding up to the next page size before
calling `allocate_randomized`.
Fixes #5149
|
|
This fixes the build of `jq`.
`diff` were not matched by `patches/*.patch`, this seems to have gone
unnoticed in a refactor.
|
|
|
|
Some drivers may require allocating contiguous physical pages with
a specific alignment for the physical address.
|
|
This allows us to get rid of the thread lists in SchedulerData.
Also, instead of iterating over all threads to find a thread by id,
just use a lookup table. In the rare case of having to iterate over
all threads, just iterate the lookup table.
|
|
|
|
If someone wants to debug this code, it's better that they rewrite the
logging code to take randomization and guard pages into account.
|
|
Use mmap() with the new MAP_RANDOMIZED flag to load shared libraries at
random addresses in each process.
To avoid address space collisions, we start by doing a large chunk mmap
that covers enough VM for both text and data, then we unmap and remap
the data segment separately, once we know everything will fit.
This is pretty cool! :^)
|
|
This can be used to request random VM placement instead of the highly
predictable regular mmap(nullptr, ...) VM allocation strategy.
It will soon be used to implement ASLR in the dynamic loader. :^)
|
|
The specific virtual address should always be page aligned.
|
|
The requested alignment should always be a multiple of the page size.
|
|
If it's missing we get an empty value, but we can't use that with
to_string_without_side_effects() so we have to use undefined as the
default.
Fixes #5142.
|
|
We were calling directly up to Cell, skipping over ScopeObject.
This made us not mark the scope chain parent for lexical environments,
sometimes causing them to get GC'd and use-after-free'd.
Found by Fuzzilli.
Fixes #5140.
|
|
We stopped using that warning ages ago since it confused the compiler.
|
|
|
|
b72f067f0daac88ebe66e3f714e517b995b48e7b
|
|
This broke with the change that gave each process a list of its own
threads. Since threads are removed slightly earlier from that list
during process teardown, we're not able to use it for generating
coredump backtraces. Fortunately we have the "threads for coredump"
list for just this purpose. :^)
|
|
This has been merged with the regular Thread::priority field after
the recent changes to the scheduler.
|
|
Add the functionality of key sequences 'cw', 'ce', 'cb', 'dw', 'de' and 'db'.
|
|
This adds an optional argument to get_good_random_bytes that can be
used to only return randomness if it doesn't have to block.
Also add a SpinLock around using FortunaPRNG.
Fixes #5132
|
|
Since each Process now has its own list of threads, we don't need
to treat colonel any different anymore. This also means that it
reports all kernel threads, not just the idle threads.
|
|
In ab14b0ac64cd8bcaf7060050a7ec5a99cf7bd121, mmap was changed so that
the size of the region is aligned before it was passed to the device
driver. The previous logic would assert when the framebuffer size was
not a multiple of the page size. I've also taken the liberty of
returning an error on mmap failure rather than asserting.
|
|
This reverts commit e9e76b80749c74bc1ef6bd24c30d11103a28a27e.
This was causing a noticeable slowdown, and we're not sure that it was
actually necessary.
|
|
This is meant to be temporary only and should be removed once scheduling
on all CPUs is stable.
|
|
We don't want to explicitly enable interrupts when leaving the
critical section to trigger a context switch.
|
|
This fixes a deadlock when one processor is trying to block while another is
trying to unblock the same.
|
|
We need to make sure other processors can grab the MM lock while we
wait, so release it when we might block. Reading the page from
disk may also block, so release it during that time as well.
|
|
This allow us to iterate only the threads of the process.
|
|
Rather than walking all Thread instances and putting them into
a vector to be sorted by priority, queue them into priority sorted
linked lists as soon as they become ready to be executed.
|
|
Attempt to wake idle processors to get threads to be scheduled more quickly.
We don't want to wait until the next timer tick if we have processors that
aren't doing anything.
|
|
|
|
|
|
It's easier to understand VM ranges if they are always valid. We can
simply use an empty Optional<Range> to encode absence when needed.
|
|
Otherwise the kernel is free to allocate a different address.
|
|
If we can't use that specific address, it's still okay to put it
anywhere else in VM.
|
|
This eliminates the window between calling Processor::current and
the member function where a thread could be moved to another
processor. This is generally not as big of a concern as with
Processor::current_thread, but also slightly more light weight.
|
|
Change Thread::current to be a static function and read using the fs
register, which eliminates a window between Processor::current()
returning and calling a function on it, which can trigger preemption
and a move to a different processor, which then causes operating
on the wrong object.
|
|
We also need to store m_in_critical in the Thread upon switching,
and we need to restore it. This solves a problem where threads
moving between different processors could end up with an unexpected
value.
|
|
|
|
This allows us to determine what the previous mode (user or kernel)
was, e.g. in the timer interrupt. This is used e.g. to determine
whether a signal handler should be set up.
Fixes #5096
|
|
By default, C++ auto completion will still be performed by the
lexer-based logic.
However, the parser-based logic can be switched on via the menubar.
|
|
Previously, if a new LanguageClient was created & destroyed, the
ServerConnection to the language server would be left without an
attached LanguageClient.
As a result, auto-completion results would not be updated in the UI.
Starting with this commit, the LanguageClient holds a WeakPtr to the
previous LanguageClient that was attached to the ServerConnection,
and re-attaches it after detaching itself.
|
|
|
|
This parser will be used by the C++ langauge server to provide better
auto-complete (& maybe also other things in the future).
It is designed to be error tolerant, and keeps track of the position
spans of the AST nodes, which should be useful later for incremental
parsing.
|
|
Code meant for the move_to_next_word functions which set the cursor to
the last character in the file if it was reached was copied into the
move_to_previous_word functions which lead them not moving when
the function was called from the end of the file.
|
|
|
|
Thanks to Iliad for finding this! :^)
|
|
Fixes #5131.
|
