Previously accept() would copy the listener socket's cloexec and
non-blocking flag. With that fixed however TCPServer and LocalServer
now leak file descriptors into child processes and are blocking.
These all looked out of place both when used on a regular button (e.g.
in the SoundPlayer application) and a toolbar action button (e.g. in the
GameOfLife application). This makes them a bit smaller (hand-drawn, not
scaled down).
This service daemon will act as an intermediary between the Inspector
program and the inspectable programs it wants to inspect.
Programs can make themselves available for inspection by connecting
to /tmp/portal/inspectables using the Core::EventLoop RPC protocol.
This commit is the start of LibPDF, and introduces some basic structure
objects. This emulates LibJS's Value structure, where Value is a simple
class that can contain a pointer to a more complex Object class with
more data. All of the basic PDF objects have a representation.
Every GL library needs an implementation of this!
Currently drawn with "pixel vomit" colours as we don't
yet support lighting via the GL library.
This also ships with a super basic Wavefront OBJ loader.
After looking closely at this, I realized that we've been running
all the service processes under separate user accounts even though
there's actually no need to.
Since we already use pledge() and unveil() to limit the scope and
access of these programs, separating them to another UID doesn't
achieve anything meaningful. So let's bring them back to the "anon"
user account and simplify things.
Programs affected:
- ImageDecoder
- RequestServer
- WebContent
- WebSocket
Longer term, I'd like for all of these to get spawned for the current
desktop user somehow, possibly by some kind of session manager, or
perhaps by the Browser program itself. But for now they remain under
SystemServer's control.
I can't say I like starting yet another thing on boot... but now that
LookupServer provides mDNS (and optionaly DNS) services to other hosts,
we have to start it on boot, not when the first local client connects.
Windows that are marked as modified will now have another (themable)
close button. This gives an additional visual clue that some action
will be required by the user before the window gets closed.
The default window-close-modified icon is an "X" with "..." underneath,
building on the established use of "..." in menus to signify that
additional user input will be required before an action is completed.
The glyph for the letter `Shin` (U+05E9) looks a bit wonky because the
width of the font is too small. Unfortunately it doesn't look like the
FontEditor is capable of changing the width of an existing font, so if
that option will be added in the future this glyph can be fixed.
We had some inconsistencies before:
- Sometimes "The", sometimes "the"
- Sometimes trailing ".", sometimes no trailing "."
I picked the most common one (lowecase "the", trailing ".") and applied
it to all copyright headers.
By using the exact same string everywhere we can ensure nothing gets
missed during a global search (and replace), and that these
inconsistencies are not spread any further (as copyright headers are
commonly copied to new files).
The current ProtocolServer was really only used for requests, and with
the recent introduction of the WebSocket service, long-lasting
connections with another server are not part of it. To better reflect
this, this commit renames it to RequestServer.
This commit also changes the existing 'protocol' portal to 'request',
the existing 'protocol' user and group to 'request', and most mentions
of the 'download' aspect of the request to 'request' when relevant, to
make everything consistent across the system.
Note that LibProtocol still exists as-is, but the more generic Client
class and the more specific Download class have both been renamed to a
more accurate RequestClient and Request to match the new names.
This commit only change names, not behaviors.
The WebSocket bindings match the original specification from the
WHATWG living standard, but do not match the later update of the
standard that involves FETCH. The FETCH update will be handled later
since the changes would also affect XMLHttpRequest.
The WebSocket service isolates communication with a WebSocket to its
own isolated process. Similar to other isolating services, it has its
own user and group.
This is useful for CI where we don't want to spend a minute and a half
benchmarking Vector::append, and we don't have a good way to pass
test-specific arguments yet. :)
This error page template is slightly hilarious and should probably
be replaced with AK::SourceGenerator or some such, but for now let's
just get rid of the call to String::format().
Move LibCompress unit tests to LibCompress/Tests directory and register
them with CMake's add_test. This allows us to run these tests with
ninja test instead of running a separate executable.
Also split the existing tests in 3 test files that better follow the
source code structure (inspired by AK tests).
This fixed-width font had some garbage per glyph width values, which
while previously was ok, they now had to be correctly set to indicate
glyph presence.
With this patch the window manager related functionality is split out
onto a new endpoint pair named WindowManagerServer/Client. This allows
window manager functionality to be potentially privilege separated in
the future. To this end, a new client named WMConnectionClient
is used to maintain a window manager connection. When a process
connects to the endpoint and greets the WindowServer as a window manager
(via Window::make_window_manager(int)), they're subscribed to the events
they requested via the WM event mask.
This patch also removes the hardcoding of the Taskbar WindowType to
receive WM events automatically. However, being a window manager still
requires having an active window, at the moment.
Bring some mid-90s charm and show a file flying animation while copying
files. Icons for both source and destination directories are currently
the default icons, but in the future they could be the respective icons
for the destination directory.
I hereby declare these to be full nouns that we don't split,
neither by space, nor by underscore:
- Breadcrumbbar
- Coolbar
- Menubar
- Progressbar
- Scrollbar
- Statusbar
- Taskbar
- Toolbar
This patch makes everything consistent by replacing every other variant
of these with the proper one. :^)
They were previously stored inside the Locator widget. I moved them to
the globally visible ProjectDeclarations class so they can also be used
by other widgets.
A "Tray" is a sunken container area for widgets. The first intended
client of this style is the GUI::FilePicker's common locations frame.
Thanks to @nvella for coming up with the term "Tray" :^)
This page tests the following values for background-repeat:
repeat, repeat-x, repeat-y, no-repeat
The test is duplicated for the <body> node and for child <div> nodes,
because the code that paints these nodes are in separate locations.
In this test, a set of links has a background box placed behind them via
a negative z-index. The expectation is that a hit test on a link during
a mouse-move event should select that link, and not the background box.
And overhaul resize and paint events to fix layout edge cases in
which Calendar wasn't filling its parent widget completely. Ensures
month views always display prior month days for click navigation.
Converts Calendar app layout to GML.
Instead of assuming that we should use the OSC 9 progress messages
whenever we run on serenity, add a show-progress=[true|false] option.
This lets us avoid seeing esc sequence spam in GitHub Actions logs.
Build a new version of Serenity in CI that doesn't have all the debug
symbols on, or we'd be waiting a very long time to boot.
Insert a TestRunner entry into SystemServer.ini that will run a shell
script that runs tests in /bin and /usr/Tests and shuts down the system
in the new self-test boot mode. Also make sure enough basic services are
started in self-test such that the tests will actually run properly.
The Locator now keeps a cache of the declared symbol in a document.
The language client updates that cache whenever it gets an update from
the language server about declared symbols.
This allows searching for symbol declarations in the Locator, in
addition to file names.
Closes#5478
This patch provides the basic components needed for developers to create
consistent wizard interface experiences in their applications.
`WizardDialog` provides the dialog frame for the wizard, handling navigation
and presentation.
`AbstractWizardPage`s form the base class of Wizard pages, which are
pushed onto the `WizardDialog` page stack via `WizardDialog::push_page`.
`CoverWizardPage` and `WizardPage` are provided to ease the creation of
Wizard interfaces consistent with the Serenity visual language.
This is a new promise that guards access to mmap() with MAP_FIXED.
Fixed-address mappings are rarely used, but can be useful if you are
trying to groom the process address space for malicious purposes.
None of our programs need this at the moment, as the only user of
MAP_FIXED is DynamicLoader, but the fixed mappings are constructed
before the process has had a chance to pledge anything.
LookupServer can now itself server as a DNS server! To service DNS clients, it
uses the exact same lookup logic as it does for LibIPC clients. Namely, it will
synthesize records for data from /etc/hosts on its own (you can use this to
configure host names for your domain!), and forward other questions to
configured upstream DNS servers. On top of that, it implements its own caching,
so once a DNS resource record has been obtained from an upstream server,
LookupServer will cache it locally for faster future lookups.
The DNS server part of LookupServer is disabled by default, because it requires
you to run it as root (for it to bind to the port 53) and on boot, and we don't
want either by default. If you want to try it, modify SystemServer.ini like so:
[LookupServer]
Socket=/tmp/portal/lookup
SocketPermissions=666
Priority=low
KeepAlive=1
User=root
BootModes=text,graphical
and enable server mode in LookupServer.ini like so:
[DNS]
Nameservers=...
EnableServer=1
If in the future we implement socket takeover for IP sockets, these limitations
may be lifted.
gimp claimed that the rightmost white pixel was actually transparent.
It didn't look transparent in Serenity, but I painted it white like
the other inner pixels anyways.
I upsampled them in gimp using the "None" filter and manually cleaned up
the outline. The drop shadow is just upsampled using "None" and looks a
bit rough -- someone who knows how to do this either has to re-create
the shadow on the 2x bitmaps, or we need to remove the shadow from the
resource and render it in code at some point. Still, looks a lot better
than with the upsampled 1x bitmaps.
This implements simple window shadows around most windows, including
tooltips. Because this method uses a bitmap for the shadow bits,
it is limited to rectangular window frames. For non-rectangular
window frames we'll need to implement a more sophisticated algorithm.
... and performs preprocessing on the source code before parsing.
To support this, we are now able to keep track of multiple
files in the autocomplete engine. We re-parse a file whenever it is
edited.
This is an external file from https://pci-ids.ucw.cz that's being updated
daily, which was imported a while ago but probably shouldn't live in the
SerenityOS repository in the first place (or else would need manual
maintenance). The legal aspects of redistributing this file as we
currently do are not quite clear to me, they require either GPL (version
2 or later) or 3-clause BSD - Serenity is 2-clause BSD...
The current version we use is 2019.08.08, so quite outdated - and while
most of these devices are obviously not supported, we're still capable
of *listing* them, so having an up-to-date version with recent additions
and fixes would be nice.
This updates the root CMakeLists.txt to check for existence of the file
and download it if not found - effectively on every fresh build. Do note
that this is not a critical file, and the system runs just fine should
this ever fail. :^)
This patch adds SymbolServer, a service daemon that provides
symbolication of ELF binaries. It has a very simple IPC API at the
moment that only turns addresses into symbol names.
This can be used to implement symbolication without having to do
in-process ELF parsing yourself. :^)
Since it is owned by root anyway, there is no need for 'additional security' to prevent
modification of that directory. This makes it easier to quickly export files from
Serenity. Fixes#5152.
I used this arcane incantation by @emanuele6:
< <(grep -hoP -e '\\u[A-Za-z0-9]{4}' ./*.json) grep -i -ve '\\u001b' \
| sort -u \
| while read -r; do
sed -i "s,\\$REPLY,$(eval "echo $'$REPLY'"),g" ./*.json
done
Plus some manual editing to re-align everything. Thanks! :)
We had an exception that allowed SOL_SOCKET + SO_PEERCRED on local
socket to support LibIPC's PID exchange mechanism. This is no longer
needed so let's just remove the exception.
This prevents sys$mmap() and sys$mprotect() from creating executable
memory mappings in pledged programs that don't have this promise.
Note that the dynamic loader runs before pledging happens, so it's
unaffected by this.
When mounting an Ext2FS, a block device source is required. All other
filesystem types are unaffected, as most of them ignore the source file
descriptor anyway.
Fixes#5153.
Until someone has time to implement something for not showing the
very first network change at boot, let's turn off notifications for
network changes by default altogether. Having to dismiss this
notification at every boot gets old fast.
The window close buttons look correct.
The arrow cursor isn't quite right yet:
- its shadow was nearest-neighbor upscaled from the 1x version
- the arrow handle looks a bit too chubby
But it's a start, and maybe someone with better gimp skills than me can
pretty it up later.
All users of this mechanism have been switched to anonymous files and
passing file descriptors with sendfd()/recvfd().
Shbufs got us where we are today, but it's time we say good-bye to them
and welcome a much more idiomatic replacement. :^)
This adds a scale factor to Painter, which will be used for HighDPI
support. It's also a step towards general affine transforms on Painters.
All of Painter's public API takes logical coordinates, while some
internals deal with physical coordinates now. If scale == 1, logical
and physical coordinates are the same. For scale == 2, a 200x100 bitmap
would be covered by a logical {0, 0, 100, 50} rect, while its physical
size would be {0, 0, 200, 100}.
Most of Painter's functions just assert that scale() == 1 is for now,
but most functions called by WindowServer are updated to handle
arbitrary (integer) scale.
Also add a new Demo "LibGfxScaleDemo" that covers the converted
functions and that can be used to iteratively add scaling support
to more functions.
To make Painter's interface deal with logical coordinates only,
make translation() and clip_rect() non-public.
This reverts commit 0ae9ae48fa.
@bcoles informs me that these match Solaris 9 and it checks out.
I don't know what version I was comparing against, and who cares?
The vast majority of programs don't ever need to use sys$ptrace(),
and it seems like a high-value system call to prevent a compromised
process from using.
This patch moves sys$ptrace() from the "proc" promise to its own,
new "ptrace" promise and updates the affected apps.
This patch moves the user account password hashes from /etc/passwd,
where they were world-readable, to /etc/shadow, where only root can
access them.
The Core::Account class is extended to support both authentication
against, and modification of /etc/shadow.
The default password for "anon" as of this commit is "foo" :^)
SpaceAnalyzer: Partially address code review changes.
- Use GUI::CommonActions::make_about_action().
- Pass large arguments by const reference instead of by value.
- Mark const functions as such.
- Add newline at end of SpaceAnalyzer.af
- Use full words instead of abbreviations in variable names.
- Use application's namespace instead of 'TreeMap'.
- move() certain assignments.
- Use member declaration initialization.
- Initialize TreeNode* member of QueueEntry.
- Rewrite find_mount_for_path to return MountInfo* instead.
- Rename ITreeMap and ITreeMapNode to TreeMap and TreeMapNode.
- Replace ext suffix with rect suffix for rectangles.
SpaceAnalyzer: Further address code review and coding style.
- Remove get prefix from accessor functions.
- Layout algorithm in its own function, with callback.
- Remove nullptr comparisons.
- Store lstat errors in error_accumulator.
- Use Rect::shatter.
- Use Rect's orientation based functions.
SpaceAnalyzer: Make sort_children_by_area const qualified.
This app allows the user to easily adjust his mouse's acceleration
as well as the scrollwheel's global scroll length.
The mouse acceleration changes would not be noticeable in qemu as
by default serenity uses VMWareBackdoor when available which lets
the host handle mouse movement instead of the guest (Serenity),
so in order to test this on a none-baremetal pc the VMWareBackdoor
has to be disabled.
Such errors are raised when SyntaxError nodes are executed, and are also
used for internal control flow.
The 'break' and 'continue' commands are currently only allowed inside
for loops, and outside function bodies.
This also adds a 'loop' keyword for infinite loops.
This is a simple application that can read a coredump file and display
information regarding the crash, like the application's name and icon
and a backtrace. It will be launched by CrashDaemon whenever a new
coredump is available.
Also, it's mostly written in GML! :^)
Closes#400, but note that, unlike mentioned in that issue, this
implementation doesn't ignore applications that "have been started in
the terminal". That's just overcomplicating things, IMO. When my js(1)
REPL segfaults, I want to see a backtrace!
The DevFS along with DevPtsFS give a complete solution for populating
device nodes in /dev. The main purpose of DevFS is to eliminate the
need of device nodes generation when building the system.
Later on, DevFS will assist with exposing disk partition nodes.