From f84d328956e9c548251ab080d82dd2d08958bae4 Mon Sep 17 00:00:00 2001 From: Zhang Junyang Date: Sun, 11 Aug 2024 13:09:41 +0000 Subject: [PATCH] Optimize getters of the current process credentials --- kernel/aster-nix/src/process/clone.rs | 5 ++-- .../aster-nix/src/process/credentials/mod.rs | 25 +------------------ kernel/aster-nix/src/process/kill.rs | 10 +++++--- kernel/aster-nix/src/process/mod.rs | 2 +- .../aster-nix/src/process/posix_thread/mod.rs | 12 +++++++-- kernel/aster-nix/src/syscall/capget.rs | 11 ++++---- kernel/aster-nix/src/syscall/capset.rs | 15 +++++------ kernel/aster-nix/src/syscall/execve.rs | 6 ++--- kernel/aster-nix/src/syscall/getegid.rs | 9 +++---- kernel/aster-nix/src/syscall/geteuid.rs | 9 +++---- kernel/aster-nix/src/syscall/getgid.rs | 9 +++---- kernel/aster-nix/src/syscall/getgroups.rs | 6 ++--- kernel/aster-nix/src/syscall/getresgid.rs | 6 ++--- kernel/aster-nix/src/syscall/getresuid.rs | 6 ++--- kernel/aster-nix/src/syscall/getuid.rs | 9 +++---- kernel/aster-nix/src/syscall/kill.rs | 10 ++++---- .../aster-nix/src/syscall/set_get_priority.rs | 8 ++++-- kernel/aster-nix/src/syscall/setfsgid.rs | 9 +++---- kernel/aster-nix/src/syscall/setfsuid.rs | 9 +++---- kernel/aster-nix/src/syscall/setgid.rs | 9 +++---- kernel/aster-nix/src/syscall/setgroups.rs | 9 +++---- kernel/aster-nix/src/syscall/setregid.rs | 9 +++---- kernel/aster-nix/src/syscall/setresgid.rs | 9 +++---- kernel/aster-nix/src/syscall/setresuid.rs | 9 +++---- kernel/aster-nix/src/syscall/setreuid.rs | 9 +++---- kernel/aster-nix/src/syscall/setuid.rs | 9 +++---- kernel/aster-nix/src/syscall/tgkill.rs | 5 ++-- 27 files changed, 96 insertions(+), 148 deletions(-) diff --git a/kernel/aster-nix/src/process/clone.rs b/kernel/aster-nix/src/process/clone.rs index 70d1be2f7..ec228e8e2 100644 --- a/kernel/aster-nix/src/process/clone.rs +++ b/kernel/aster-nix/src/process/clone.rs @@ -8,7 +8,6 @@ use ostd::{ }; use super::{ - credentials, posix_thread::{PosixThread, PosixThreadBuilder, PosixThreadExt, ThreadName}, process_table, process_vm::ProcessVm, @@ -184,7 +183,7 @@ fn clone_child_thread( let child_tid = allocate_tid(); let child_thread = { let credentials = { - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); Credentials::new_from(&credentials) }; @@ -271,7 +270,7 @@ fn clone_child_process( let child_thread_name = ThreadName::new_from_executable_path(&child_elf_path)?; let credentials = { - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); Credentials::new_from(&credentials) }; diff --git a/kernel/aster-nix/src/process/credentials/mod.rs b/kernel/aster-nix/src/process/credentials/mod.rs index c5fa12aa4..2f36bbede 100644 --- a/kernel/aster-nix/src/process/credentials/mod.rs +++ b/kernel/aster-nix/src/process/credentials/mod.rs @@ -7,12 +7,11 @@ mod group; mod static_cap; mod user; -use aster_rights::{FullOp, ReadOp, WriteOp}; +use aster_rights::FullOp; use credentials_::Credentials_; pub use group::Gid; pub use user::Uid; -use super::posix_thread::PosixThreadExt; use crate::prelude::*; /// `Credentials` represents a set of associated numeric user ids (UIDs) and group identifiers (GIDs) @@ -25,25 +24,3 @@ use crate::prelude::*; /// - supplementary group IDs; /// - Linux capabilities. pub struct Credentials(Arc, R); - -/// Gets read-only credentials of current thread. -/// -/// # Panics -/// -/// This method should only be called in process context. -pub fn credentials() -> Credentials { - let current_thread = current_thread!(); - let posix_thread = current_thread.as_posix_thread().unwrap(); - posix_thread.credentials() -} - -/// Gets write-only credentials of current thread. -/// -/// # Panics -/// -/// This method should only be called in process context. -pub fn credentials_mut() -> Credentials { - let current_thread = current_thread!(); - let posix_thread = current_thread.as_posix_thread().unwrap(); - posix_thread.credentials_mut() -} diff --git a/kernel/aster-nix/src/process/kill.rs b/kernel/aster-nix/src/process/kill.rs index 2e54f7694..c510bb9f6 100644 --- a/kernel/aster-nix/src/process/kill.rs +++ b/kernel/aster-nix/src/process/kill.rs @@ -1,7 +1,6 @@ // SPDX-License-Identifier: MPL-2.0 use super::{ - credentials, posix_thread::PosixThreadExt, process_table, signal::signals::{user::UserSignal, Signal}, @@ -139,10 +138,15 @@ fn kill_process(process: &Process, signal: Option) -> Result<()> { } fn current_thread_sender_ids() -> SignalSenderIds { - let credentials = credentials(); + let current_thread = current_thread!(); + let current_posix_thread = current_thread.as_posix_thread().unwrap(); + let current_process = current_posix_thread.process(); + + let credentials = current_posix_thread.credentials(); let ruid = credentials.ruid(); let euid = credentials.euid(); - let sid = current!().session().unwrap().sid(); + let sid = current_process.session().unwrap().sid(); + SignalSenderIds::new(ruid, euid, sid) } diff --git a/kernel/aster-nix/src/process/mod.rs b/kernel/aster-nix/src/process/mod.rs index c701a5a7f..c7e3caa1f 100644 --- a/kernel/aster-nix/src/process/mod.rs +++ b/kernel/aster-nix/src/process/mod.rs @@ -19,7 +19,7 @@ mod term_status; mod wait; pub use clone::{clone_child, CloneArgs, CloneFlags}; -pub use credentials::{credentials, credentials_mut, Credentials, Gid, Uid}; +pub use credentials::{Credentials, Gid, Uid}; pub use exit::do_exit_group; pub use kill::{kill, kill_all, kill_group, tgkill}; pub use process::{ diff --git a/kernel/aster-nix/src/process/posix_thread/mod.rs b/kernel/aster-nix/src/process/posix_thread/mod.rs index 25c076bac..8c93343a3 100644 --- a/kernel/aster-nix/src/process/posix_thread/mod.rs +++ b/kernel/aster-nix/src/process/posix_thread/mod.rs @@ -252,8 +252,16 @@ impl PosixThread { self.credentials.dup().restrict() } - /// Gets the write-only credentials of the thread. - pub(in crate::process) fn credentials_mut(&self) -> Credentials { + /// Gets the write-only credentials of the current thread. + /// + /// It is illegal to mutate the credentials from a thread other than the + /// current thread. For performance reasons, this function only checks it + /// using debug assertions. + pub fn credentials_mut(&self) -> Credentials { + debug_assert!(core::ptr::eq( + current_thread!().as_posix_thread().unwrap(), + self + )); self.credentials.dup().restrict() } } diff --git a/kernel/aster-nix/src/syscall/capget.rs b/kernel/aster-nix/src/syscall/capget.rs index 0f0d11656..5c28a3b9b 100644 --- a/kernel/aster-nix/src/syscall/capget.rs +++ b/kernel/aster-nix/src/syscall/capget.rs @@ -3,16 +3,15 @@ use super::SyscallReturn; use crate::{ prelude::*, - process::{ - credentials, - credentials::c_types::{cap_user_data_t, cap_user_header_t, LINUX_CAPABILITY_VERSION_3}, + process::credentials::c_types::{ + cap_user_data_t, cap_user_header_t, LINUX_CAPABILITY_VERSION_3, }, }; pub fn sys_capget( cap_user_header_addr: Vaddr, cap_user_data_addr: Vaddr, - _ctx: &Context, + ctx: &Context, ) -> Result { let user_space = CurrentUserSpace::get(); let cap_user_header: cap_user_header_t = @@ -27,11 +26,11 @@ pub fn sys_capget( // Capget only query current process's credential. Namely, it only allows header->pid == 0 // or header->pid == getpid(), which are equivalent. // See https://linux.die.net/man/2/capget (Section. With VFS capability support) for details. - if header_pid != 0 && header_pid != current!().pid() { + if header_pid != 0 && header_pid != ctx.process.pid() { return_errno_with_message!(Errno::EINVAL, "invalid pid"); } - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); let inheritable_capset = credentials.inheritable_capset(); let permitted_capset = credentials.permitted_capset(); let effective_capset = credentials.effective_capset(); diff --git a/kernel/aster-nix/src/syscall/capset.rs b/kernel/aster-nix/src/syscall/capset.rs index daacc5408..b92715c8b 100644 --- a/kernel/aster-nix/src/syscall/capset.rs +++ b/kernel/aster-nix/src/syscall/capset.rs @@ -3,12 +3,9 @@ use super::SyscallReturn; use crate::{ prelude::*, - process::{ - credentials::{ - c_types::{cap_user_data_t, cap_user_header_t, LINUX_CAPABILITY_VERSION_3}, - capabilities::CapSet, - }, - credentials_mut, + process::credentials::{ + c_types::{cap_user_data_t, cap_user_header_t, LINUX_CAPABILITY_VERSION_3}, + capabilities::CapSet, }, }; @@ -19,7 +16,7 @@ fn make_kernel_cap(low: u32, high: u32) -> u64 { pub fn sys_capset( cap_user_header_addr: Vaddr, cap_user_data_addr: Vaddr, - _ctx: &Context, + ctx: &Context, ) -> Result { let user_space = CurrentUserSpace::get(); let cap_user_header: cap_user_header_t = @@ -32,7 +29,7 @@ pub fn sys_capset( // The ability to set capabilities of any other process has been deprecated. // See: https://elixir.bootlin.com/linux/v6.9.3/source/kernel/capability.c#L209 for more details. let header_pid = cap_user_header.pid; - if header_pid != 0 && header_pid != current!().pid() { + if header_pid != 0 && header_pid != ctx.process.pid() { return_errno_with_message!(Errno::EINVAL, "invalid pid"); } @@ -43,7 +40,7 @@ pub fn sys_capset( let permitted = make_kernel_cap(cap_user_data.permitted, 0); let effective = make_kernel_cap(cap_user_data.effective, 0); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_inheritable_capset(CapSet::from_bits_truncate(inheritable)); credentials.set_permitted_capset(CapSet::from_bits_truncate(permitted)); diff --git a/kernel/aster-nix/src/syscall/execve.rs b/kernel/aster-nix/src/syscall/execve.rs index da7450b5f..e94f36f19 100644 --- a/kernel/aster-nix/src/syscall/execve.rs +++ b/kernel/aster-nix/src/syscall/execve.rs @@ -14,8 +14,8 @@ use crate::{ }, prelude::*, process::{ - check_executable_file, credentials_mut, load_program_to_vm, posix_thread::ThreadName, - Credentials, Process, MAX_ARGV_NUMBER, MAX_ARG_LEN, MAX_ENVP_NUMBER, MAX_ENV_LEN, + check_executable_file, load_program_to_vm, posix_thread::ThreadName, Credentials, Process, + MAX_ARGV_NUMBER, MAX_ARG_LEN, MAX_ENVP_NUMBER, MAX_ENV_LEN, }, }; @@ -123,7 +123,7 @@ fn do_execve( *posix_thread.robust_list().lock() = None; debug!("load elf in execve succeeds"); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); set_uid_from_elf(process, &credentials, &elf_file)?; set_gid_from_elf(process, &credentials, &elf_file)?; diff --git a/kernel/aster-nix/src/syscall/getegid.rs b/kernel/aster-nix/src/syscall/getegid.rs index 5c0cf1320..656c87253 100644 --- a/kernel/aster-nix/src/syscall/getegid.rs +++ b/kernel/aster-nix/src/syscall/getegid.rs @@ -1,13 +1,10 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; -pub fn sys_getegid(_ctx: &Context) -> Result { - let egid = { - let credentials = credentials(); - credentials.egid() - }; +pub fn sys_getegid(ctx: &Context) -> Result { + let egid = ctx.posix_thread.credentials().egid(); Ok(SyscallReturn::Return(egid.as_u32() as _)) } diff --git a/kernel/aster-nix/src/syscall/geteuid.rs b/kernel/aster-nix/src/syscall/geteuid.rs index b34e8a996..d86c39011 100644 --- a/kernel/aster-nix/src/syscall/geteuid.rs +++ b/kernel/aster-nix/src/syscall/geteuid.rs @@ -1,13 +1,10 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; -pub fn sys_geteuid(_ctx: &Context) -> Result { - let euid = { - let credentials = credentials(); - credentials.euid() - }; +pub fn sys_geteuid(ctx: &Context) -> Result { + let euid = ctx.posix_thread.credentials().euid(); Ok(SyscallReturn::Return(euid.as_u32() as _)) } diff --git a/kernel/aster-nix/src/syscall/getgid.rs b/kernel/aster-nix/src/syscall/getgid.rs index 336b0e8ee..03da14100 100644 --- a/kernel/aster-nix/src/syscall/getgid.rs +++ b/kernel/aster-nix/src/syscall/getgid.rs @@ -1,13 +1,10 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; -pub fn sys_getgid(_ctx: &Context) -> Result { - let gid = { - let credentials = credentials(); - credentials.rgid() - }; +pub fn sys_getgid(ctx: &Context) -> Result { + let gid = ctx.posix_thread.credentials().rgid(); Ok(SyscallReturn::Return(gid.as_u32() as _)) } diff --git a/kernel/aster-nix/src/syscall/getgroups.rs b/kernel/aster-nix/src/syscall/getgroups.rs index 51131c71d..4e959d85d 100644 --- a/kernel/aster-nix/src/syscall/getgroups.rs +++ b/kernel/aster-nix/src/syscall/getgroups.rs @@ -1,16 +1,16 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; -pub fn sys_getgroups(size: i32, group_list_addr: Vaddr, _ctx: &Context) -> Result { +pub fn sys_getgroups(size: i32, group_list_addr: Vaddr, ctx: &Context) -> Result { debug!("size = {}, group_list_addr = 0x{:x}", size, group_list_addr); if size < 0 { return_errno_with_message!(Errno::EINVAL, "size cannot be negative"); } - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); let groups = credentials.groups(); if size == 0 { diff --git a/kernel/aster-nix/src/syscall/getresgid.rs b/kernel/aster-nix/src/syscall/getresgid.rs index 68166e15a..ba90a4557 100644 --- a/kernel/aster-nix/src/syscall/getresgid.rs +++ b/kernel/aster-nix/src/syscall/getresgid.rs @@ -1,17 +1,17 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; pub fn sys_getresgid( rgid_ptr: Vaddr, egid_ptr: Vaddr, sgid_ptr: Vaddr, - _ctx: &Context, + ctx: &Context, ) -> Result { debug!("rgid_ptr = 0x{rgid_ptr:x}, egid_ptr = 0x{egid_ptr:x}, sgid_ptr = 0x{sgid_ptr:x}"); - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); let user_space = CurrentUserSpace::get(); let rgid = credentials.rgid(); diff --git a/kernel/aster-nix/src/syscall/getresuid.rs b/kernel/aster-nix/src/syscall/getresuid.rs index fbef5c59d..519a09af4 100644 --- a/kernel/aster-nix/src/syscall/getresuid.rs +++ b/kernel/aster-nix/src/syscall/getresuid.rs @@ -1,17 +1,17 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; pub fn sys_getresuid( ruid_ptr: Vaddr, euid_ptr: Vaddr, suid_ptr: Vaddr, - _ctx: &Context, + ctx: &Context, ) -> Result { debug!("ruid_ptr = 0x{ruid_ptr:x}, euid_ptr = 0x{euid_ptr:x}, suid_ptr = 0x{suid_ptr:x}"); - let credentials = credentials(); + let credentials = ctx.posix_thread.credentials(); let user_space = CurrentUserSpace::get(); let ruid = credentials.ruid(); diff --git a/kernel/aster-nix/src/syscall/getuid.rs b/kernel/aster-nix/src/syscall/getuid.rs index 8b392df68..fb1b1711a 100644 --- a/kernel/aster-nix/src/syscall/getuid.rs +++ b/kernel/aster-nix/src/syscall/getuid.rs @@ -1,13 +1,10 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{prelude::*, process::credentials}; +use crate::prelude::*; -pub fn sys_getuid(_ctx: &Context) -> Result { - let uid = { - let credentials = credentials(); - credentials.ruid() - }; +pub fn sys_getuid(ctx: &Context) -> Result { + let uid = ctx.posix_thread.credentials().ruid(); Ok(SyscallReturn::Return(uid.as_u32() as _)) } diff --git a/kernel/aster-nix/src/syscall/kill.rs b/kernel/aster-nix/src/syscall/kill.rs index 1444b6ffc..03f54587e 100644 --- a/kernel/aster-nix/src/syscall/kill.rs +++ b/kernel/aster-nix/src/syscall/kill.rs @@ -4,7 +4,7 @@ use super::SyscallReturn; use crate::{ prelude::*, process::{ - credentials, kill, kill_all, kill_group, + kill, kill_all, kill_group, signal::{ sig_num::SigNum, signals::user::{UserSignal, UserSignalKind}, @@ -13,7 +13,7 @@ use crate::{ }, }; -pub fn sys_kill(process_filter: u64, sig_num: u64, _ctx: &Context) -> Result { +pub fn sys_kill(process_filter: u64, sig_num: u64, ctx: &Context) -> Result { let process_filter = ProcessFilter::from_id(process_filter as _); let sig_num = if sig_num == 0 { None @@ -24,16 +24,16 @@ pub fn sys_kill(process_filter: u64, sig_num: u64, _ctx: &Context) -> Result) -> Result<()> { +pub fn do_sys_kill(filter: ProcessFilter, sig_num: Option, ctx: &Context) -> Result<()> { let current = current!(); let signal = sig_num.map(|sig_num| { let pid = current.pid(); - let uid = credentials().ruid(); + let uid = ctx.posix_thread.credentials().ruid(); UserSignal::new(sig_num, UserSignalKind::Kill, pid, uid) }); diff --git a/kernel/aster-nix/src/syscall/set_get_priority.rs b/kernel/aster-nix/src/syscall/set_get_priority.rs index 75201017b..7d3ee8452 100644 --- a/kernel/aster-nix/src/syscall/set_get_priority.rs +++ b/kernel/aster-nix/src/syscall/set_get_priority.rs @@ -5,7 +5,7 @@ use core::sync::atomic::Ordering; use super::SyscallReturn; use crate::{ prelude::*, - process::{credentials, posix_thread::PosixThreadExt, process_table, Pgid, Pid, Process, Uid}, + process::{posix_thread::PosixThreadExt, process_table, Pgid, Pid, Process, Uid}, sched::nice::Nice, }; @@ -120,7 +120,11 @@ impl PriorityTarget { } Which::PRIO_USER => { let uid = if who == 0 { - credentials().ruid() + current_thread!() + .as_posix_thread() + .unwrap() + .credentials() + .ruid() } else { Uid::new(who) }; diff --git a/kernel/aster-nix/src/syscall/setfsgid.rs b/kernel/aster-nix/src/syscall/setfsgid.rs index d6080f5ae..b83ae1f48 100644 --- a/kernel/aster-nix/src/syscall/setfsgid.rs +++ b/kernel/aster-nix/src/syscall/setfsgid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Gid}, -}; +use crate::{prelude::*, process::Gid}; -pub fn sys_setfsgid(gid: i32, _ctx: &Context) -> Result { +pub fn sys_setfsgid(gid: i32, ctx: &Context) -> Result { debug!("gid = {}", gid); let fsgid = if gid < 0 { @@ -16,7 +13,7 @@ pub fn sys_setfsgid(gid: i32, _ctx: &Context) -> Result { }; let old_fsgid = { - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_fsgid(fsgid)? }; diff --git a/kernel/aster-nix/src/syscall/setfsuid.rs b/kernel/aster-nix/src/syscall/setfsuid.rs index b751cf7f3..b5445905c 100644 --- a/kernel/aster-nix/src/syscall/setfsuid.rs +++ b/kernel/aster-nix/src/syscall/setfsuid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Uid}, -}; +use crate::{prelude::*, process::Uid}; -pub fn sys_setfsuid(uid: i32, _ctx: &Context) -> Result { +pub fn sys_setfsuid(uid: i32, ctx: &Context) -> Result { debug!("uid = {}", uid); let fsuid = if uid < 0 { @@ -16,7 +13,7 @@ pub fn sys_setfsuid(uid: i32, _ctx: &Context) -> Result { }; let old_fsuid = { - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_fsuid(fsuid)? }; diff --git a/kernel/aster-nix/src/syscall/setgid.rs b/kernel/aster-nix/src/syscall/setgid.rs index a26a6bf2b..03ca2239c 100644 --- a/kernel/aster-nix/src/syscall/setgid.rs +++ b/kernel/aster-nix/src/syscall/setgid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Gid}, -}; +use crate::{prelude::*, process::Gid}; -pub fn sys_setgid(gid: i32, _ctx: &Context) -> Result { +pub fn sys_setgid(gid: i32, ctx: &Context) -> Result { debug!("gid = {}", gid); if gid < 0 { @@ -15,7 +12,7 @@ pub fn sys_setgid(gid: i32, _ctx: &Context) -> Result { let gid = Gid::new(gid as u32); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_gid(gid); Ok(SyscallReturn::Return(0)) diff --git a/kernel/aster-nix/src/syscall/setgroups.rs b/kernel/aster-nix/src/syscall/setgroups.rs index 9c7f65954..c8f73c8cb 100644 --- a/kernel/aster-nix/src/syscall/setgroups.rs +++ b/kernel/aster-nix/src/syscall/setgroups.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Gid}, -}; +use crate::{prelude::*, process::Gid}; -pub fn sys_setgroups(size: usize, group_list_addr: Vaddr, _ctx: &Context) -> Result { +pub fn sys_setgroups(size: usize, group_list_addr: Vaddr, ctx: &Context) -> Result { debug!("size = {}, group_list_addr = 0x{:x}", size, group_list_addr); // TODO: check perm: the calling process should have the CAP_SETGID capability @@ -22,7 +19,7 @@ pub fn sys_setgroups(size: usize, group_list_addr: Vaddr, _ctx: &Context) -> Res new_groups.insert(gid); } - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); *credentials.groups_mut() = new_groups; Ok(SyscallReturn::Return(0)) diff --git a/kernel/aster-nix/src/syscall/setregid.rs b/kernel/aster-nix/src/syscall/setregid.rs index 46997e9bb..3e2fc1acd 100644 --- a/kernel/aster-nix/src/syscall/setregid.rs +++ b/kernel/aster-nix/src/syscall/setregid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Gid}, -}; +use crate::{prelude::*, process::Gid}; -pub fn sys_setregid(rgid: i32, egid: i32, _ctx: &Context) -> Result { +pub fn sys_setregid(rgid: i32, egid: i32, ctx: &Context) -> Result { debug!("rgid = {}, egid = {}", rgid, egid); let rgid = if rgid > 0 { @@ -21,7 +18,7 @@ pub fn sys_setregid(rgid: i32, egid: i32, _ctx: &Context) -> Result Result { +pub fn sys_setresgid(rgid: i32, egid: i32, sgid: i32, ctx: &Context) -> Result { let rgid = if rgid > 0 { Some(Gid::new(rgid as u32)) } else { @@ -27,7 +24,7 @@ pub fn sys_setresgid(rgid: i32, egid: i32, sgid: i32, _ctx: &Context) -> Result< debug!("rgid = {:?}, egid = {:?}, sgid = {:?}", rgid, egid, sgid); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_resgid(rgid, egid, sgid)?; Ok(SyscallReturn::Return(0)) diff --git a/kernel/aster-nix/src/syscall/setresuid.rs b/kernel/aster-nix/src/syscall/setresuid.rs index 1b9ef2737..b2835a692 100644 --- a/kernel/aster-nix/src/syscall/setresuid.rs +++ b/kernel/aster-nix/src/syscall/setresuid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Uid}, -}; +use crate::{prelude::*, process::Uid}; -pub fn sys_setresuid(ruid: i32, euid: i32, suid: i32, _ctx: &Context) -> Result { +pub fn sys_setresuid(ruid: i32, euid: i32, suid: i32, ctx: &Context) -> Result { let ruid = if ruid > 0 { Some(Uid::new(ruid as u32)) } else { @@ -27,7 +24,7 @@ pub fn sys_setresuid(ruid: i32, euid: i32, suid: i32, _ctx: &Context) -> Result< debug!("ruid = {:?}, euid = {:?}, suid = {:?}", ruid, euid, suid); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_resuid(ruid, euid, suid)?; diff --git a/kernel/aster-nix/src/syscall/setreuid.rs b/kernel/aster-nix/src/syscall/setreuid.rs index b394b42ed..68c8a78e6 100644 --- a/kernel/aster-nix/src/syscall/setreuid.rs +++ b/kernel/aster-nix/src/syscall/setreuid.rs @@ -1,12 +1,9 @@ // SPDX-License-Identifier: MPL-2.0 use super::SyscallReturn; -use crate::{ - prelude::*, - process::{credentials_mut, Uid}, -}; +use crate::{prelude::*, process::Uid}; -pub fn sys_setreuid(ruid: i32, euid: i32, _ctx: &Context) -> Result { +pub fn sys_setreuid(ruid: i32, euid: i32, ctx: &Context) -> Result { debug!("ruid = {}, euid = {}", ruid, euid); let ruid = if ruid > 0 { @@ -21,7 +18,7 @@ pub fn sys_setreuid(ruid: i32, euid: i32, _ctx: &Context) -> Result Result { +pub fn sys_setuid(uid: i32, ctx: &Context) -> Result { debug!("uid = {}", uid); if uid < 0 { @@ -15,7 +12,7 @@ pub fn sys_setuid(uid: i32, _ctx: &Context) -> Result { let uid = Uid::new(uid as u32); - let credentials = credentials_mut(); + let credentials = ctx.posix_thread.credentials_mut(); credentials.set_uid(uid); Ok(SyscallReturn::Return(0)) diff --git a/kernel/aster-nix/src/syscall/tgkill.rs b/kernel/aster-nix/src/syscall/tgkill.rs index fad4d4488..24a88b739 100644 --- a/kernel/aster-nix/src/syscall/tgkill.rs +++ b/kernel/aster-nix/src/syscall/tgkill.rs @@ -4,7 +4,6 @@ use super::SyscallReturn; use crate::{ prelude::*, process::{ - credentials, signal::{ sig_num::SigNum, signals::user::{UserSignal, UserSignalKind}, @@ -15,7 +14,7 @@ use crate::{ }; /// tgkill send a signal to a thread with pid as its thread id, and tgid as its thread group id. -pub fn sys_tgkill(tgid: Pid, tid: Tid, sig_num: u8, _ctx: &Context) -> Result { +pub fn sys_tgkill(tgid: Pid, tid: Tid, sig_num: u8, ctx: &Context) -> Result { let sig_num = if sig_num == 0 { None } else { @@ -26,7 +25,7 @@ pub fn sys_tgkill(tgid: Pid, tid: Tid, sig_num: u8, _ctx: &Context) -> Result