mirror of
https://github.com/SerenityOS/serenity
synced 2024-10-15 20:33:10 +00:00
Kernel: De-atomicize fields for promises in Process
These 4 fields were made `Atomic` inc3f668a758
, at which time these were still accessed unserialized and TOCTOU bugs could happen. Later, in8ed06ad814
, we serialized access to these fields in a number of helper methods, removing the need for `Atomic`.
This commit is contained in:
parent
7f855ad6b3
commit
81a6976e90
|
@ -712,8 +712,8 @@ ErrorOr<void> Process::do_exec(NonnullRefPtr<OpenFileDescription> main_program_d
|
|||
// NOTE: Be careful to not trigger any page faults below!
|
||||
|
||||
with_mutable_protected_data([&](auto& protected_data) {
|
||||
protected_data.promises = protected_data.execpromises.load();
|
||||
protected_data.has_promises = protected_data.has_execpromises.load();
|
||||
protected_data.promises = protected_data.execpromises;
|
||||
protected_data.has_promises = protected_data.has_execpromises;
|
||||
|
||||
protected_data.execpromises = 0;
|
||||
protected_data.has_execpromises = false;
|
||||
|
|
|
@ -99,10 +99,10 @@ ErrorOr<FlatPtr> Process::sys$fork(RegisterState& regs)
|
|||
|
||||
with_protected_data([&](auto& my_protected_data) {
|
||||
child->with_mutable_protected_data([&](auto& child_protected_data) {
|
||||
child_protected_data.promises = my_protected_data.promises.load();
|
||||
child_protected_data.execpromises = my_protected_data.execpromises.load();
|
||||
child_protected_data.has_promises = my_protected_data.has_promises.load();
|
||||
child_protected_data.has_execpromises = my_protected_data.has_execpromises.load();
|
||||
child_protected_data.promises = my_protected_data.promises;
|
||||
child_protected_data.execpromises = my_protected_data.execpromises;
|
||||
child_protected_data.has_promises = my_protected_data.has_promises;
|
||||
child_protected_data.has_execpromises = my_protected_data.has_execpromises;
|
||||
child_protected_data.credentials = my_protected_data.credentials;
|
||||
child_protected_data.umask = my_protected_data.umask;
|
||||
child_protected_data.signal_trampoline = my_protected_data.signal_trampoline;
|
||||
|
|
|
@ -120,10 +120,10 @@ class Process final
|
|||
RefPtr<TTY> tty;
|
||||
bool dumpable { false };
|
||||
bool executable_is_setid { false };
|
||||
Atomic<bool> has_promises { false };
|
||||
Atomic<u32> promises { 0 };
|
||||
Atomic<bool> has_execpromises { false };
|
||||
Atomic<u32> execpromises { 0 };
|
||||
bool has_promises { false };
|
||||
u32 promises { 0 };
|
||||
bool has_execpromises { false };
|
||||
u32 execpromises { 0 };
|
||||
mode_t umask { 022 };
|
||||
VirtualAddress signal_trampoline;
|
||||
Atomic<u32> thread_count { 0 };
|
||||
|
@ -520,7 +520,7 @@ public:
|
|||
|
||||
bool has_promises() const
|
||||
{
|
||||
return with_protected_data([](auto& protected_data) { return protected_data.has_promises.load(); });
|
||||
return with_protected_data([](auto& protected_data) { return protected_data.has_promises; });
|
||||
}
|
||||
bool has_promised(Pledge pledge) const
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue