Sinipelto
/
banan-os
forked from Bananymous/banan-os
1
0
Fork 0
Code Pull Requests Activity

Kernel: Fix /proc/<pid>/exe permissions

This commit is contained in:
Bananymous 2025-08-29 01:40:56 +03:00
parent f15f88ebd6
commit 30215963b2
4 changed files with 62 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
kernel/include/kernel/FS/ProcFS/Inode.h
View File

@ -57,6 +57,35 @@ namespace Kernel
size_t (Process::*m_callback)(off_t, BAN::ByteSpan) const; size_t (Process::*m_callback)(off_t, BAN::ByteSpan) const;
}; };
class ProcSymlinkProcessInode final : public TmpInode
{
public:
static BAN::ErrorOr<BAN::RefPtr<ProcSymlinkProcessInode>> create_new(Process& process, BAN::ErrorOr<BAN::String> (Process::*callback)() const, TmpFileSystem&, mode_t);
~ProcSymlinkProcessInode() = default;
virtual uid_t uid() const override { return m_process.credentials().ruid(); }
virtual gid_t gid() const override { return m_process.credentials().rgid(); }
protected:
virtual BAN::ErrorOr<BAN::String> link_target_impl() override;
// You may not write here and this is always non blocking
virtual BAN::ErrorOr<size_t> write_impl(off_t, BAN::ConstByteSpan) override { return BAN::Error::from_errno(EINVAL); }
virtual BAN::ErrorOr<void> truncate_impl(size_t) override { return BAN::Error::from_errno(EINVAL); }
virtual bool can_read_impl() const override { return false; }
virtual bool can_write_impl() const override { return false; }
virtual bool has_error_impl() const override { return false; }
virtual bool has_hungup_impl() const override { return false; }
private:
ProcSymlinkProcessInode(Process& process, BAN::ErrorOr<BAN::String> (Process::*)() const, TmpFileSystem&, const TmpInodeInfo&);
private:
Process& m_process;
BAN::ErrorOr<BAN::String> (Process::*m_callback)() const;
};
class ProcROInode final : public TmpInode class ProcROInode final : public TmpInode
{ {
public: public:

1
kernel/include/kernel/Process.h
View File

@ -225,6 +225,7 @@ namespace Kernel
size_t proc_meminfo(off_t offset, BAN::ByteSpan) const; size_t proc_meminfo(off_t offset, BAN::ByteSpan) const;
size_t proc_cmdline(off_t offset, BAN::ByteSpan) const; size_t proc_cmdline(off_t offset, BAN::ByteSpan) const;
size_t proc_environ(off_t offset, BAN::ByteSpan) const; size_t proc_environ(off_t offset, BAN::ByteSpan) const;
BAN::ErrorOr<BAN::String> proc_executable() const;
BAN::StringView executable() const { return m_executable; } BAN::StringView executable() const { return m_executable; }

34
kernel/kernel/FS/ProcFS/Inode.cpp
View File

@ -17,16 +17,7 @@ namespace Kernel
TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_meminfo, fs, 0400)), "meminfo"_sv)); TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_meminfo, fs, 0400)), "meminfo"_sv));
TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_cmdline, fs, 0400)), "cmdline"_sv)); TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_cmdline, fs, 0400)), "cmdline"_sv));
TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_environ, fs, 0400)), "environ"_sv)); TRY(inode->link_inode(*MUST(ProcROProcessInode::create_new(process, &Process::proc_environ, fs, 0400)), "environ"_sv));
TRY(inode->link_inode(*MUST(ProcSymlinkProcessInode::create_new(process, &Process::proc_executable, fs, 0400)), "exe"_sv));
TRY(inode->link_inode(*MUST(ProcSymlinkInode::create_new(
[](void* process) -> BAN::ErrorOr<BAN::String>
{
BAN::String result;
TRY(result.append(static_cast<Process*>(process)->executable()));
return result;
},
&process, fs, 0400, process.credentials().ruid(), process.credentials().ruid()
)), "exe"_sv));
return inode; return inode;
} }
@ -70,6 +61,29 @@ namespace Kernel
return (m_process.*m_callback)(offset, buffer); return (m_process.*m_callback)(offset, buffer);
} }
BAN::ErrorOr<BAN::RefPtr<ProcSymlinkProcessInode>> ProcSymlinkProcessInode::create_new(Process& process, BAN::ErrorOr<BAN::String> (Process::*callback)() const, TmpFileSystem& fs, mode_t mode)
{
auto inode_info = create_inode_info(Mode::IFLNK | mode, 0, 0);
auto* inode_ptr = new ProcSymlinkProcessInode(process, callback, fs, inode_info);
if (inode_ptr == nullptr)
return BAN::Error::from_errno(ENOMEM);
return BAN::RefPtr<ProcSymlinkProcessInode>::adopt(inode_ptr);
}
ProcSymlinkProcessInode::ProcSymlinkProcessInode(Process& process, BAN::ErrorOr<BAN::String> (Process::*callback)() const, TmpFileSystem& fs, const TmpInodeInfo& inode_info)
: TmpInode(fs, MUST(fs.allocate_inode(inode_info)), inode_info)
, m_process(process)
, m_callback(callback)
{
m_inode_info.mode |= Inode::Mode::IFLNK;
}
BAN::ErrorOr<BAN::String> ProcSymlinkProcessInode::link_target_impl()
{
return (m_process.*m_callback)();
}
BAN::ErrorOr<BAN::RefPtr<ProcROInode>> ProcROInode::create_new(size_t (*callback)(off_t, BAN::ByteSpan), TmpFileSystem& fs, mode_t mode, uid_t uid, gid_t gid) BAN::ErrorOr<BAN::RefPtr<ProcROInode>> ProcROInode::create_new(size_t (*callback)(off_t, BAN::ByteSpan), TmpFileSystem& fs, mode_t mode, uid_t uid, gid_t gid)
{ {
auto inode_info = create_inode_info(Mode::IFREG | mode, uid, gid); auto inode_info = create_inode_info(Mode::IFREG | mode, uid, gid);

8
kernel/kernel/Process.cpp
View File

@ -463,6 +463,14 @@ namespace Kernel
return read_from_vec_of_str(m_environ, offset, buffer); return read_from_vec_of_str(m_environ, offset, buffer);
} }
BAN::ErrorOr<BAN::String> Process::proc_executable() const
{
LockGuard _(m_process_lock);
BAN::String result;
TRY(result.append(m_executable));
return result;
}
BAN::ErrorOr<VirtualFileSystem::File> Process::find_file(int fd, const char* path, int flags) const BAN::ErrorOr<VirtualFileSystem::File> Process::find_file(int fd, const char* path, int flags) const
{ {
ASSERT(m_process_lock.is_locked()); ASSERT(m_process_lock.is_locked());