summaryrefslogtreecommitdiff
path: root/Kernel/StdLib.cpp
AgeCommit message (Collapse)Author
2020-09-13Kernel: Make copy_to/from_user safe and remove unnecessary checksTom
Since the CPU already does almost all necessary validation steps for us, we don't really need to attempt to do this. Doing it ourselves doesn't really work very reliably, because we'd have to account for other processors modifying virtual memory, and we'd have to account for e.g. pages not being able to be allocated due to insufficient resources. So change the copy_to/from_user (and associated helper functions) to use the new safe_memcpy, which will return whether it succeeded or not. The only manual validation step needed (which the CPU can't perform for us) is making sure the pointers provided by user mode aren't pointing to kernel mappings. To make it easier to read/write from/to either kernel or user mode data add the UserOrKernelBuffer helper class, which will internally either use copy_from/to_user or directly memcpy, or pass the data through directly using a temporary buffer on the stack. Last but not least we need to keep syscall params trivial as we need to copy them from/to user mode using copy_from/to_user.
2020-08-24Kernel: Remove strcpy()Ben Wiederhake
These are not called in the kernel or by libstdc++ anyway. Remove the tempting function, and prevent future overflows.
2020-08-21AK+LibC+Kernel: Move the implementation of memmem to AKAnotherTest
2020-08-17Kernel: Remove strncpy() and strrchr()Andreas Kling
These are not called anywhere in the kernel anyway.
2020-08-13Kernel: Remove strdup() since nothing uses itAndreas Kling
2020-08-12Kernel: Tell compiler about invisible callsBen Wiederhake
This makes the Kernel build cleanly with -Wmissing-declarations.
2020-08-12Kernel: Group C++ ABI functions togetherBen Wiederhake
As suggested in #3096.
2020-08-01Kernel+LibC: Implement 'memmem'AnotherTest
This commit adds an implementation of memmem, using the Bitap text search algorithm for needles smaller than 32 bytes, and a naive loop search for longer needles.
2020-05-16Kernel: Absorb LibBareMetal back into the kernelAndreas Kling
This was supposed to be the foundation for some kind of pre-kernel environment, but nobody is working on it right now, so let's move everything back into the kernel and remove all the confusion.
2020-02-09Kernel: Apply changes to use LibBareMetal definitionsLiav A
2020-01-19Kernel: Assert that copy_to/from_user() are called with user addressesAndreas Kling
This will panic the kernel immediately if these functions are misused so we can catch it and fix the misuse. This patch fixes a couple of misuses: - create_signal_trampolines() writes to a user-accessible page above the 3GB address mark. We should really get rid of this page but that's a whole other thing. - CoW faults need to use copy_from_user rather than copy_to_user since it's the *source* pointer that points to user memory. - Inode faults need to use memcpy rather than copy_to_user since we're copying a kernel stack buffer into a quickmapped page. This should make the copy_to/from_user() functions slightly less useful for exploitation. Before this, they were essentially just glorified memcpy() with SMAP disabled. :^)
2020-01-18Meta: Add license header to source filesAndreas Kling
As suggested by Joshua, this commit adds the 2-clause BSD license as a comment block to the top of every source file. For the first pass, I've just added myself for simplicity. I encourage everyone to add themselves as copyright holders of any file they've added or modified in some significant way. If I've added myself in error somewhere, feel free to replace it with the appropriate copyright holder instead. Going forward, all new source files should include a license header.
2020-01-06Kernel: Randomize the stack canary on startupAndreas Kling
2020-01-06Kernel: Build the kernel as a position-independent executableAndreas Kling
This is a prerequisite for KASLR, which we should eventually be doing.
2020-01-05Kernel: Remove SmapDisablers in open(), openat() and set_thread_name()Andreas Kling
This patch introduces a helpful copy_string_from_user() function that takes a bounded null-terminated string from userspace memory and copies it into a String object.
2020-01-05Kernel: Start implementing x86 SMAP supportAndreas Kling
Supervisor Mode Access Prevention (SMAP) is an x86 CPU feature that prevents the kernel from accessing userspace memory. With SMAP enabled, trying to read/write a userspace memory address while in the kernel will now generate a page fault. Since it's sometimes necessary to read/write userspace memory, there are two new instructions that quickly switch the protection on/off: STAC (disables protection) and CLAC (enables protection.) These are exposed in kernel code via the stac() and clac() helpers. There's also a SmapDisabler RAII object that can be used to ensure that you don't forget to re-enable protection before returning to userspace code. THis patch also adds copy_to_user(), copy_from_user() and memset_user() which are the "correct" way of doing things. These functions allow us to briefly disable protection for a specific purpose, and then turn it back on immediately after it's done. Going forward all kernel code should be moved to using these and all uses of SmapDisabler are to be considered FIXME's. Note that we're not realizing the full potential of this feature since I've used SmapDisabler quite liberally in this initial bring-up patch.
2019-12-20Kernel+LibC: Build with basic -fstack-protector supportAndreas Kling
Use simple stack cookies to try to provoke an assertion failure on stack overflow. This is far from perfect, since we use a constant cookie instead of generating a random one on startup, but it can still help us catch bugs, which is the primary concern right now. :^)
2019-11-27Kernel: Demangle userspace ELF symbols in backtracesAndreas Kling
Turns out we can use abi::__cxa_demangle() for this, and all we need to provide is sprintf(), realloc() and free(), so this patch exposes them. We now have fully demangled C++ backtraces :^)
2019-11-06Kernel: Link with libgccAndreas Kling
This allows us to get rid of all the custom 64-bit division helpers. I wanted to do this ages ago but couldn't get it working. Turns out it was unstable due to libgcc using the regular ABI and the kernel being built with -mregparm=3. Now that we build the kernel with regular calls, we can just link with libgcc and get this stuff for free. :^)
2019-10-28AK: Add String::contains(String)Andreas Kling
This is just a wrapper around strstr() for now. There are many better ways to search for a string within a string, but I'm just adding a nice API at the moment. :^)
2019-09-16Kernel: Move kmalloc() into a Kernel/Heap/ directoryAndreas Kling
2019-08-11Kernel: Add strncmp()Sergey Bugaev
2019-07-29Kernel+AK: Remove AK/StdLibExtras.cpp, moving kernel stuff to Kernel/.Andreas Kling
We had some kernel-specific gizmos in AK that should really just be in the Kernel subdirectory instead. The only thing remaining after moving those was mmx_memcpy() which I moved to the ARCH(i386)-specific section of LibC/string.cpp.
2019-07-03AK: Rename the common integer typedefs to make it obvious what they are.Andreas Kling
These types can be picked up by including <AK/Types.h>: * u8, u16, u32, u64 (unsigned) * i8, i16, i32, i64 (signed)
2019-06-07Kernel: The kernel will never call mmx_memcpy() so prune it.Andreas Kling
2019-06-07Kernel: Qualify a bunch of #include statements.Andreas Kling
2019-06-07Kernel: Run clang-format on everything.Andreas Kling
2019-04-22Kernel: Don't use MMX memcpy() in the kernel.Andreas Kling
I just discovered the hard way that clobbering FPU/MMX/SSE registers in the kernel makes things very confusing for userspace (and other kernel threads.) Let's banish all of those things from the kernel to keep things simple.
2019-04-06Kernel: Get rid of Kernel/types.h, separate LinearAddress/PhysicalAddress.Andreas Kling
2019-04-05AK: Revert Eternal<T> for now since it doesn't work as intended.Andreas Kling
2019-04-03AK: Add Eternal<T> and use it in various places.Andreas Kling
This is useful for static locals that never need to be destroyed: Thing& Thing::the() { static Eternal<Thing> the; return the; } The object will be allocated in data segment memory and will never have its destructor invoked.
2019-03-23Kernel: Introduce threads, and refactor everything in support of it.Andreas Kling
The scheduler now operates on threads, rather than on processes. Each process has a main thread, and can have any number of additional threads. The process exits when the main thread exits. This patch doesn't actually spawn any additional threads, it merely does all the plumbing needed to make it possible. :^)
2019-02-22Start fixing things up to build with a proper cross-compiler.Andreas Kling
2019-02-15Use modern C++ attributes instead of __attribute__ voodoo.Andreas Kling
This is quite nice, although I wish [[gnu::always_inline]] implied inline. Also "gnu::" is kind of a wart, but whatcha gonna do.
2019-02-07Kernel: Don't disable interrupts to access the system hostname.Andreas Kling
2019-02-07Add a fast memcpy() using MMX when we're moving >= 1KB.Andreas Kling
This is a nice speedup for WindowServer. I'll eventually have to do this with SSE but the kernel doesn't support SSE yet so this is it for now.
2019-02-03Kernel: Rewrite ProcFS.Andreas Kling
Now the filesystem is generated on-the-fly instead of manually adding and removing inodes as processes spawn and die. The code is convoluted and bloated as I wrote it while sleepless. However, it's still vastly better than the old ProcFS, so I'm committing it. I also added /proc/PID/fd/N symlinks for each of a process's open fd's.
2019-01-15Let's do dword-at-a-time memcpy() and memset() in userspace as well.Andreas Kling
Also fix a dumb bug that showed up when I was memsetting something other than zeroes.
2019-01-12Don't use dword-by-dword memset/memcpy if the addresses are unaligned.Andreas Kling
Also don't enable the large kmalloc catcher by default.
2019-01-12Make the kernel's memcpy() and memset() go fast with dword copies.Andreas Kling
Also I learned that the ABI allows us to assume DF=0 on function entry.
2019-01-12Make the kernel's memset do a "rep stosb" because.Andreas Kling
2018-11-17Make bash-2.05b build with minimal changes.Andreas Kling
This is really neat. :^)
2018-11-09Make kernel build with clang.Andreas Kling
It's a bit faster than g++ and seems to generate perfectly fine code. The kernel is also roughly 10% smaller(!)
2018-11-09Fix all current build warnings in the kernel.Andreas Kling
2018-10-31Fix busted display of tty names in /proc/summary.Andreas Kling
2018-10-30Implement sys$getcwd properly.Andreas Kling
Also fixed broken strcpy that didn't copy the null terminator.
2018-10-17Print the contents of motd.txt on boot.Andreas Kling
2018-10-17Integrate ext2 from VFS into Kernel.Andreas Kling
2018-10-16Import the "gerbert" kernel I worked on earlier this year.Andreas Kling
It's a lot crappier than I remembered it. It's gonna need a lot of work.