This makes the Kernel UBSan deadly by compile time,
it can be made recoverable by setting
`ENABLE_KERNEL_UNDEFINED_SANITIZER_ALWAYS_DEADLY` to `OFF` in the
CMake options, and the `ubsan_is_deadly` sysctl option to `0`.
Previously, you'd occasionally see this sort of construct (simplified):
```
return FooDevice::all_instances().with([&](auto& list) {
for (auto& device : list) {
if (/* search condition */)
continue;
return do_something_that_reacquires(device.index());
}
return ENOENT;
});
```
This would only work if the relevant `all_instances()` used a recursive
spinlock, since reacquiring the device would lock that again.
To get around this, a new helper has been added in `Device` through
which devices can be accessed whilst locking the device list, removing
the need to loop through the device type's `all_instances()`.
7fa12df7 overlooked the fact that we use `first_cluster == 0` to
represent root directories in addition to clusterless entries. This
patch makes compute_cluster_list return a cluster list that actually
contains cluster #0 if we're dealing with the root directory (like it
used to), but retains the new behavior for all other entries.
Instead, this patch makes it get all the information it needs directly
from the inode object or the filesystem. This also inlines the
cluster-freeing mechanism in remove_child_impl since we can no longer
use compute_cluster_list there.
This isn't a valid scenario, and we don't really guard against malformed
filesystems in most places, but this becomes somewhat relevant in the
next commit.
Since the VFS renaming refactor, this function has only been used for
hardlinking, which isn't possible on FATFS since there's no real concept
of inodes or anything comparable to those.
The term "Human Interface Device" (HID) is commonly used for the HID
specification specifically, not just input devices in general.
Also remove the "HID" prefix from the "HIDMouse" and "HIDKeyboard"
DeviceMapper.ini configuration groups, since it's unnecessary and
misleading.
The next few commits will introduce actual HID support, so the naming
would otherwise get confusing.
Now we no longer compute the cluster list at the exact moment when an
in-memory inode is created, but rather defer doing that until we
actually need the cluster list. This distinction is important when
traversing directories, as we *are* interested in the inode, but not
really in its contents (though now we do have to resort to using the
file size to approximate the amount of allocated blocks, but this
shouldn't be an issue when working with well-formed filesystems.)
Plain resizes (that increase file size) are now much faster, as the
zeroing is now done in a more efficient way (rather than just looping
over `write_bytes_locked`.) Writes should also be faster, since we no
longer zero out the underlying bytes if we are going to write something
in that very same location anyway.
There's not much use in having this function, as the only remotely
useful thing that it does is that it ensures that the disk cache is
locked before destroying it. However, there shouldn't be any filesystem
activity this late in the unmounting process anyway, so the locking
doesn't seem necessary either.
Make the MemoryType used by mmap() configurable by
File::vmobject_and_memory_type_for_mmap overrides (previously called
vmobject_for_mmap).
All mmap()s were previously MemoryType::Normal.
Immutable mounts are mounts that can't be changed in any aspect, if the
VFSRootContext that hold them is used by a process. This includes two
operations on a mount:
1. Trying to remove the mount from the mount table.
2. Trying to change the flags of the mount.
The condition of a VFSRootContext being held by a process or not is
crucial, as the intention is to allow removal of mounts that marked as
immutable if the VFSRootContext is not being used anymore (for example,
if the container that was created with such context stopped).
Marking mounts as immutable on the first VFS root context essentially
ensures they will never be modified because there will be a process
using that context (which is the "main" VFS root context in the system
runtime).
It should be noted that setting a mount as immutable can be done in
creation time of the mount by passing the MS_IMMUTABLE flag, or by doing
a remount with MS_IMMUTABLE flag.
Previously, the VFS layer would try to handle renames more-or-less by
itself, which really only worked for ext2, and even that was only due to
the replace_child kludge existing specifically for this purpose. This
never worked properly for FATFS, since the VFS layer effectively
depended on filesystems having some kind of reference-counting for
inodes, which is something that simply doesn't exist on any FAT variant
we support.
To resolve various issues with the existing scheme, this commit makes
filesystem implementations themselves responsible for the actual rename
operation, while keeping all the existing validation inside the VFS
layer. The only intended behavior change here is that rename operations
should actually properly work on FATFS.
There were two separate issues at play which made this work incorrectly.
The first was that the newly allocated block was incorrectly computed,
because it was assumed that the cached block list was updated when a new
cluster was allocated. The second issue was that there was an off-by-one
in the loop that collected the newly allocated entries, which meant that
the resulting list had an entry less than what was requested.
The old overload still depended on m_entry being initialized, which
meant that (due to where this method is used) all inodes ended up
getting the same index.
128-byte inodes are more-or-less deprecated since they store timestamps
as unsigned 32-bit integer offsets from the UNIX epoch. Large inodes, on
the other hand, contain records that may specify a different epoch, and
are thus less susceptible to overflows. These very same records also
have the capability to store timestamps with nanosecond precision, which
this commit adds full support for as well.
This replaces all usages of Cacheable::Yes with MemoryType::Normal and
Cacheable::No with either MemoryType::NonCacheable or MemoryType::IO,
depending on the context.
The Page{Directory,Table}::set_cache_disabled function therefore also
has been replaced with a more appropriate set_memory_type_function.
Adding a memory_type "getter" would not be as easy, as some
architectures may not support all memory types, so getting the memory
type again may be a lossy conversion. The is_cache_disabled function
was never used, so just simply remove it altogether.
There is no difference between MemoryType::NonCacheable and
MemoryType::IO on x86 for now.
Other architectures currently don't respect the MemoryType at all.
For some context, write_bytes_locked used to simply bail out before
writing any data if there weren't enough blocks to cover the entire size
of an inode before 1bf7f99a.
We're not actually restoring that behavior here, since computing the
amount of blocks to be allocated would get exceedingly complex,
considering that there could always be holes in between already
allocated blocks.
Instead, this simply makes allocate_blocks() bail out properly if there
aren't any free blocks left.
Fixes#24980
