1) prevent mapping at the zero page for segattach(). it is questinable
if it is ok to have zero page mapped, but looking at the semantics
of segattach where a va of zero means "any address where the segment fits in"
this makes the most sense.
2) prevent shrinking of segments that are used by multiple procs in ibrk().
the alternative is to allow faults in kernel mode wich i think just opens another
can of worms.
3) fix string validation for segattach() and exec(). (use validnamedup
to get a save copy of the string)
4) validname*() now also checks the first byte of the passed pointer. because
namec() uses validnamedup() to get a save copy of the path, the validaddr()
call in most of the filesyscalls can be removed.
5) validaddr() used to just call pexit() to suicide the program. this works
for most of the syscalls as parameter validation happens right at the
beginning. however, the mount syscalls doesnt do that and acquires resouces
like chans to file before validation of all parameters happens. it asserts
that it will be able to cleanup using the waserror primitive wich is not the
case with the old validaddr(). the change delays the suicide by having
validaddr() post a NDebug note instead and raise a error(Ebadarg) so all the
cleanup will happen and the syscall will fail. notify() will then pickup the
note from syscall() and the process will be terminated as before.
|