Kernel/LibC: Implement chroot
This commit is contained in:
@@ -20,6 +20,6 @@ namespace Kernel::ELF
|
||||
BAN::Vector<BAN::UniqPtr<MemoryRegion>> regions;
|
||||
};
|
||||
|
||||
BAN::ErrorOr<LoadResult> load_from_inode(BAN::RefPtr<Inode>, const Credentials&, PageTable&);
|
||||
BAN::ErrorOr<LoadResult> load_from_inode(BAN::RefPtr<Inode> root, BAN::RefPtr<Inode> inode, const Credentials&, PageTable&);
|
||||
|
||||
}
|
||||
|
||||
@@ -71,13 +71,13 @@ namespace Kernel
|
||||
|
||||
File root_file()
|
||||
{
|
||||
return File(root_inode(), "/"_sv);
|
||||
return File { root_inode(), "/"_sv };
|
||||
}
|
||||
|
||||
BAN::ErrorOr<File> file_from_relative_path(const File& parent, const Credentials&, BAN::StringView, int);
|
||||
BAN::ErrorOr<File> file_from_absolute_path(const Credentials& credentials, BAN::StringView path, int flags)
|
||||
BAN::ErrorOr<File> file_from_relative_path(BAN::RefPtr<Inode> root_inode, const File& parent, const Credentials&, BAN::StringView, int);
|
||||
BAN::ErrorOr<File> file_from_absolute_path(BAN::RefPtr<Inode> root_inode, const Credentials& credentials, BAN::StringView path, int flags)
|
||||
{
|
||||
return file_from_relative_path(root_file(), credentials, path, flags);
|
||||
return file_from_relative_path(root_inode, File { root_inode, "/"_sv }, credentials, path, flags);
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
#include <BAN/WeakPtr.h>
|
||||
#include <kernel/FS/Socket.h>
|
||||
#include <kernel/FS/TmpFS/Inode.h>
|
||||
#include <kernel/FS/VirtualFileSystem.h>
|
||||
#include <kernel/Lock/SpinLock.h>
|
||||
|
||||
namespace Kernel
|
||||
@@ -39,8 +40,8 @@ namespace Kernel
|
||||
|
||||
BAN::ErrorOr<void> add_packet(BAN::ConstByteSpan);
|
||||
|
||||
bool is_bound() const { return !m_bound_path.empty(); }
|
||||
bool is_bound_to_unused() const { return m_bound_path == "X"_sv; }
|
||||
bool is_bound() const { return !m_bound_file.canonical_path.empty(); }
|
||||
bool is_bound_to_unused() const { return !m_bound_file.inode; }
|
||||
|
||||
bool is_streaming() const;
|
||||
|
||||
@@ -62,8 +63,8 @@ namespace Kernel
|
||||
};
|
||||
|
||||
private:
|
||||
const Socket::Type m_socket_type;
|
||||
BAN::String m_bound_path;
|
||||
const Socket::Type m_socket_type;
|
||||
VirtualFileSystem::File m_bound_file;
|
||||
|
||||
BAN::Variant<ConnectionInfo, ConnectionlessInfo> m_info;
|
||||
|
||||
|
||||
@@ -76,6 +76,7 @@ namespace Kernel
|
||||
BAN::ErrorOr<long> sys_getcwd(char* buffer, size_t size);
|
||||
BAN::ErrorOr<long> sys_chdir(const char* path);
|
||||
BAN::ErrorOr<long> sys_fchdir(int fildes);
|
||||
BAN::ErrorOr<long> sys_chroot(const char* path);
|
||||
|
||||
BAN::ErrorOr<long> sys_setuid(uid_t);
|
||||
BAN::ErrorOr<long> sys_setgid(gid_t);
|
||||
@@ -234,6 +235,7 @@ namespace Kernel
|
||||
static void update_alarm_queue();
|
||||
|
||||
const VirtualFileSystem::File& working_directory() const { return m_working_directory; }
|
||||
const VirtualFileSystem::File& root_file() const { return m_root_file; }
|
||||
|
||||
private:
|
||||
Process(const Credentials&, pid_t pid, pid_t parent, pid_t sid, pid_t pgrp);
|
||||
@@ -313,6 +315,7 @@ namespace Kernel
|
||||
mutable Mutex m_process_lock;
|
||||
|
||||
VirtualFileSystem::File m_working_directory;
|
||||
VirtualFileSystem::File m_root_file;
|
||||
|
||||
BAN::Vector<Thread*> m_threads;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user