| Age | Commit message (Collapse) | Author |
|---|
|
This was a helper that would call a syscall repeatedly until it either
succeeded or failed with a non-EINTR error.
It was only used in two places, so I don't think we need this helper.
|
|
The API existed for add_positional_argument, but not for named arguments.
|
|
|
|
that just compares their timestamps.
|
|
This allows us to add fast-paths for commonly used types.
|
|
|
|
|
|
Taking a StringView parameter that gets immediately converted to
a String anyway is silly. Just take a String directly instead.
This pattern is the main reason we have the "StringView internal
StringImpl pointer" optimization, and I suspect that we can throw
that whole thing out if we make a couple more patches like this.
|
|
This should allow creating intrusive lists that have smart pointers,
while remaining free (compared to the impl before this commit) when
holding raw pointers :^)
As a sidenote, this also adds a `RawPtr<T>` type, which is just
equivalent to `T*`.
Note that this does not actually use such functionality, but is only
expected to pave the way for #6369, to replace NonnullRefPtrVector<T>
with intrusive lists.
As it is with zero-cost things, this makes the interface a bit less nice
by requiring the type name of what an `IntrusiveListNode` holds (and
optionally its container, if not RawPtr), and also requiring the type of
the container (normally `RawPtr`) on the `IntrusiveList` instance.
|
|
Since LibCore cannot depend on LibIPC, the coders are defined in LibIPC
just like they are for Core::AnonymousBuffer.
|
|
SystemServer only allowed a single socket to be created for a service
before this. Now, SystemServer will allow any amount of sockets. The
sockets can be defined like so:
[SomeService]
Socket=/tmp/portal/socket1,/tmp/portal/socket2,/tmp/portal/socket3
SocketPermissions=660,600
The last item in SocketPermissions is applied to the remainder of the
sockets in the Socket= line, so multiple sockets can have the same
permissions without having to repeat them.
Defining multiple sockets is not allowed for socket-activated services
at the moment, and wouldn't make much sense anyway.
This patch also makes socket takeovers more robust by removing the
assumption that the socket will always be passed in fd 3. Now, the
SOCKET_TAKEOVER environment variable carries information about which
endpoint corresponds to which socket, like so:
SOCKET_TAKEOVER=/tmp/portal/socket1:3 /tmp/portal/socket2:4
and LocalServer/LocalService will parse this automatically and select
the correct one. The old behavior of getting the default socket is
preserved so long as the service only requests a single socket in
SystemServer.ini.
|
|
|
|
|
|
|
|
This commit makes the user-facing StdLibExtras templates and utilities
arguably more nice-looking by removing the need to reach into the
wrapper structs generated by them to get the value/type needed.
The C++ standard library had to invent `_v` and `_t` variants (likely
because of backwards compat), but we don't need to cater to any codebase
except our own, so might as well have good things for free. :^)
|
|
|
|
The helpers check if the file is a block device or a character device
via stat and fstat.
|
|
You can now specify the font, font_size, font_weight
and font_type (fixed_width/normal) through GML
|
|
|
|
|
|
The event filter is consulted by Object::dispatch_event() and may
decide that the event should not be delivered to the target object.
|
|
|
|
|
|
Good-bye LogStream. Long live AK::Format!
|
|
This is basically the same version as const char *, but it's a nice
helper that allows us to handle strings without casting.
|
|
This commit removes the only 3rd party library (and its usages)
in serenity: puff, which is used for deflate decompression. and
replaces it with the existing original serenity implementation
in LibCompress. :^)
|
|
This is basically just for consistency, it's quite strange to see
multiple AK container types next to each other, some with and some
without the namespace prefix - we're 'using AK::Foo;' a lot and should
leverage that. :^)
|
|
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)
Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.
We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
|
|
FileManager, cp, mv, rm had some duplicated code, implementing basic
file management operations. This patch creates adds functions that try
to provide an interface suited for all these programs, but this patch
does not make them be used throughout the Userland.
They are added to Core::File following the example of functions such as
read_link/real_path_for.
|
|
|
|
|
|
This wrapper abstracts the watch_file setup and file handling, and
allows using the watch_file events as part of the event loop via the
Core::Notifier class.
Also renames the existing DirectoryWatcher class to BlockingFileWatcher,
and adds support for the Modified mode in this class.
|
|
Replacement made by `find Kernel Userland -name '*.h' -o -name '*.cpp' | sed -i -Ee 's/dbgln\b<(\w+)>\(/dbgln_if(\1, /g'`
|
|
This achieves two things:
- Programs can now intentionally perform arbitrary syscalls by calling
syscall(). This allows us to work on things like syscall fuzzing.
- It restricts the ability of userspace to make syscalls to a single
4KB page of code. In order to call the kernel directly, an attacker
must now locate this page and call through it.
|
|
|
|
This has been merged with the regular Thread::priority field after
the recent changes to the scheduler.
|
|
|
|
This was done with the following script:
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/dbgln<debug_([a-z_]+)>/dbgln<\U\1_DEBUG>/' {} \;
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/if constexpr \(debug_([a-z0-9_]+)/if constexpr \(\U\1_DEBUG/' {} \;
|
|
Personally, I prefer the naming convention DEBUG_FOO over FOO_DEBUG, but
the majority of the debug macros are already named in the latter naming
convention, so I just enforce consistency here.
This was done with the following script:
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/DEBUG_PATH/PATH_DEBUG/' {} \;
|
|
It would be tempting to uncomment these statements, but that won't work
with the new changes.
This was done with the following commands:
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/#define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/#define/ { toggle = 1 }' {} \;
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/ #define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/ #define/ { toggle = 1 }' {} \;
|
|
This was done with the help of several scripts, I dump them here to
easily find them later:
awk '/#ifdef/ { print "#cmakedefine01 "$2 }' AK/Debug.h.in
for debug_macro in $(awk '/#ifdef/ { print $2 }' AK/Debug.h.in)
do
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/#ifdef '$debug_macro'/#if '$debug_macro'/' {} \;
done
# Remember to remove WRAPPER_GERNERATOR_DEBUG from the list.
awk '/#cmake/ { print "set("$2" ON)" }' AK/Debug.h.in
|
|
These changes are arbitrarily divided into multiple commits to make it
easier to find potentially introduced bugs with git bisect.
|
|
These changes are arbitrarily divided into multiple commits to make it
easier to find potentially introduced bugs with git bisect.
|
|
If a user is missing from /etc/shadow, we used to just allow anyone to
authenticate as that user without a password.
With this patch, authentication will instead always fail.
|
|
Now that we've moved to atomic replacement of these files when altering
them, we don't need to keep them open for the lifetime of Core::Account
so just simplify this and close them when they are not needed.
|
|
Before this patch, we had a nasty race condition when changing a user's
password: there was a time window between truncating /etc/shadow and
writing out its new contents, where you could simply "su" to root
without using a password.
Instead of writing directly to /etc/passwd and /etc/shadow, we now
create temporary files in /etc and fill them with the new contents.
Those files are then atomically renamed to /etc/passwd and /etc/shadow.
Sadly, fixing this race requires giving the passwd program a lot more
privileges. This is something we can and should improve upon. :^)
|
|
Apparently memfd_create() is newish in glibc, and oss-fuzz
uses Ubuntu 16.04 as base for its docker images, which doens't
yet have memfd_create(). But, not to worry, it does have the syscall
define and that's all we really need :/
|
|
This reverts commit c5709c0aed02cf7c7c5cda914d9794ac5cab55e7.
|
|
This might fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29675
See also `man memfd_create`.
|
|
Noone seems to check 'errno' when using LibCore, but let's make sure it's correct anyway.
|
