From d5722eab36695a7be600f6c0b702721f2946e047 Mon Sep 17 00:00:00 2001
From: Max Wipfli <mail@maxwipfli.ch>
Date: Tue, 6 Jul 2021 12:58:03 +0200
Subject: Kernel: Custody::absolute_path() => try_create_absolute_path()

This converts most users of Custody::absolute_path() to use the new
try_create_absolute_path() API, and return ENOMEM if the KString
allocation fails.
---
 Kernel/FileSystem/VirtualFileSystem.cpp | 16 +++++++++++-----
 Kernel/Syscalls/chdir.cpp               |  5 ++++-
 Kernel/Syscalls/realpath.cpp            |  8 +++++---
 Kernel/Syscalls/unveil.cpp              | 18 ++++++++++++------
 4 files changed, 32 insertions(+), 15 deletions(-)

(limited to 'Kernel')

diff --git a/Kernel/FileSystem/VirtualFileSystem.cpp b/Kernel/FileSystem/VirtualFileSystem.cpp
index be3993fcb1..1119e15beb 100644
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@@ -56,7 +56,7 @@ KResult VFS::mount(FS& file_system, Custody& mount_point, int flags)
     auto& inode = mount_point.inode();
     dbgln("VFS: Mounting {} at {} (inode: {}) with flags {}",
         file_system.class_name(),
-        mount_point.absolute_path(),
+        mount_point.try_create_absolute_path(),
         inode.identifier(),
         flags);
     // FIXME: check that this is not already a mount point
@@ -69,7 +69,7 @@ KResult VFS::bind_mount(Custody& source, Custody& mount_point, int flags)
 {
     Locker locker(m_lock);
 
-    dbgln("VFS: Bind-mounting {} at {}", source.absolute_path(), mount_point.absolute_path());
+    dbgln("VFS: Bind-mounting {} at {}", source.try_create_absolute_path(), mount_point.try_create_absolute_path());
     // FIXME: check that this is not already a mount point
     Mount mount { source.inode(), mount_point, flags };
     m_mounts.append(move(mount));
@@ -80,7 +80,7 @@ KResult VFS::remount(Custody& mount_point, int new_flags)
 {
     Locker locker(m_lock);
 
-    dbgln("VFS: Remounting {}", mount_point.absolute_path());
+    dbgln("VFS: Remounting {}", mount_point.try_create_absolute_path());
 
     Mount* mount = find_mount_for_guest(mount_point.inode());
     if (!mount)
@@ -361,7 +361,10 @@ KResult VFS::mknod(StringView path, mode_t mode, dev_t dev, Custody& base)
 KResultOr<NonnullRefPtr<FileDescription>> VFS::create(StringView path, int options, mode_t mode, Custody& parent_custody, Optional<UidAndGid> owner)
 {
     auto basename = KLexicalPath::basename(path);
-    auto full_path = KLexicalPath::try_join(parent_custody.absolute_path(), basename);
+    auto parent_path = parent_custody.try_create_absolute_path();
+    if (!parent_path)
+        return ENOMEM;
+    auto full_path = KLexicalPath::try_join(parent_path->view(), basename);
     if (!full_path)
         return ENOMEM;
     if (auto result = validate_path_against_process_veil(full_path->view(), options); result.is_error())
@@ -844,7 +847,10 @@ KResult VFS::validate_path_against_process_veil(Custody const& custody, int opti
 {
     if (Process::current()->veil_state() == VeilState::None)
         return KSuccess;
-    return validate_path_against_process_veil(custody.absolute_path(), options);
+    auto absolute_path = custody.try_create_absolute_path();
+    if (!absolute_path)
+        return ENOMEM;
+    return validate_path_against_process_veil(absolute_path->view(), options);
 }
 
 KResult VFS::validate_path_against_process_veil(StringView path, int options)
diff --git a/Kernel/Syscalls/chdir.cpp b/Kernel/Syscalls/chdir.cpp
index 6d69d91c07..bb016f9374 100644
--- a/Kernel/Syscalls/chdir.cpp
+++ b/Kernel/Syscalls/chdir.cpp
@@ -48,7 +48,10 @@ KResultOr<FlatPtr> Process::sys$getcwd(Userspace<char*> buffer, size_t size)
     if (size > NumericLimits<ssize_t>::max())
         return EINVAL;
 
-    auto path = current_directory().absolute_path();
+    auto maybe_path = current_directory().try_create_absolute_path();
+    if (!maybe_path)
+        return ENOMEM;
+    auto& path = *maybe_path;
 
     size_t ideal_size = path.length() + 1;
     auto size_to_copy = min(ideal_size, size);
diff --git a/Kernel/Syscalls/realpath.cpp b/Kernel/Syscalls/realpath.cpp
index 497f9cbf22..13ba7e4f41 100644
--- a/Kernel/Syscalls/realpath.cpp
+++ b/Kernel/Syscalls/realpath.cpp
@@ -27,11 +27,13 @@ KResultOr<FlatPtr> Process::sys$realpath(Userspace<const Syscall::SC_realpath_pa
     if (custody_or_error.is_error())
         return custody_or_error.error();
     auto& custody = custody_or_error.value();
-    auto absolute_path = custody->absolute_path();
+    auto absolute_path = custody->try_create_absolute_path();
+    if (!absolute_path)
+        return ENOMEM;
 
-    size_t ideal_size = absolute_path.length() + 1;
+    size_t ideal_size = absolute_path->length() + 1;
     auto size_to_copy = min(ideal_size, params.buffer.size);
-    if (!copy_to_user(params.buffer.data, absolute_path.characters(), size_to_copy))
+    if (!copy_to_user(params.buffer.data, absolute_path->characters(), size_to_copy))
         return EFAULT;
     // Note: we return the whole size here, not the copied size.
     return ideal_size;
diff --git a/Kernel/Syscalls/unveil.cpp b/Kernel/Syscalls/unveil.cpp
index 39099be3a0..ef8fa20fa0 100644
--- a/Kernel/Syscalls/unveil.cpp
+++ b/Kernel/Syscalls/unveil.cpp
@@ -86,19 +86,25 @@ KResultOr<FlatPtr> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params
     // because they most likely intend the program to create the file for them later on.
     // If this case is encountered, the parent node of the path is returned and the custody of that inode is used instead.
     RefPtr<Custody> parent_custody; // Parent inode in case of ENOENT
-    String new_unveiled_path;
+    OwnPtr<KString> new_unveiled_path;
     auto custody_or_error = VFS::the().resolve_path_without_veil(path.view(), root_directory(), &parent_custody);
     if (!custody_or_error.is_error()) {
-        new_unveiled_path = custody_or_error.value()->absolute_path();
+        new_unveiled_path = custody_or_error.value()->try_create_absolute_path();
+        if (!new_unveiled_path)
+            return ENOMEM;
     } else if (custody_or_error.error() == -ENOENT && parent_custody && (new_permissions & UnveilAccess::CreateOrRemove)) {
-        auto basename = KLexicalPath::basename(path.view());
-        new_unveiled_path = String::formatted("{}/{}", parent_custody->absolute_path(), basename);
+        auto parent_custody_path = parent_custody->try_create_absolute_path();
+        if (!parent_custody_path)
+            return ENOMEM;
+        new_unveiled_path = KLexicalPath::try_join(parent_custody_path->view(), KLexicalPath::basename(path.view()));
+        if (!new_unveiled_path)
+            return ENOMEM;
     } else {
         // FIXME Should this be EINVAL?
         return custody_or_error.error();
     }
 
-    auto path_parts = KLexicalPath::parts(new_unveiled_path);
+    auto path_parts = KLexicalPath::parts(new_unveiled_path->view());
     auto it = path_parts.begin();
     auto& matching_node = m_unveiled_paths.traverse_until_last_accessible_node(it, path_parts.end());
     if (it.is_end()) {
@@ -123,7 +129,7 @@ KResultOr<FlatPtr> Process::sys$unveil(Userspace<const Syscall::SC_unveil_params
     matching_node.insert(
         it,
         path_parts.end(),
-        { new_unveiled_path, (UnveilAccess)new_permissions, true },
+        { new_unveiled_path->view(), (UnveilAccess)new_permissions, true },
         [](auto& parent, auto& it) -> Optional<UnveilMetadata> {
             auto path = String::formatted("{}/{}", parent.path(), *it);
             return UnveilMetadata { path, parent.permissions(), false };
-- 
cgit v1.2.3