Projects (at) Tadryanom (dot) Me

author	Tulio A M Mendes <[email protected]>
	Mon, 25 May 2026 13:31:24 +0000 (10:31 -0300)
committer	Tulio A M Mendes <[email protected]>
	Wed, 3 Jun 2026 04:02:35 +0000 (01:02 -0300)
commit	4d1926cfa88de50b0301a70c3890b743dd86ccb0
tree	3ae4fad2f684fb568dfd1246f86792c56440cd21	tree \| snapshot
parent	344cd4345c3f78d548ca9cd63bc609d9abd340b1	commit \| diff

kernel: POSIX compliance and robustness fixes (Round 3)

Round 3 of the audit fix plan — medium-severity POSIX compliance fixes:

- ftruncate: reject O_RDONLY fd with EBADF (write permission check)
- truncate: check vfs_check_permission for write access (EACCES)
- O_EXCL: return EEXIST when O_CREAT|O_EXCL on existing file
- O_DIRECTORY: return ENOTDIR when O_DIRECTORY on non-directory
- posix_spawn: fix _syscall2→_syscall4 to pass all 4 args (pid_out,
  path, argv, envp) matching kernel handler expectations
- SYSCALL_MKDIR: accept mode argument from user space (passed through
  to syscall_mkdir_impl; VFS backends don't use it yet)
- CLONE_VM: add address-space refcount table to prevent use-after-free
  when thread group leader exits before threads. g_as_refcnt[] tracks
  refs per addr_space value; parent and child each hold a ref; last
  ref to exit destroys the AS.

Tests: 116/116 smoke, 142/142 battery, 111/111 host, cppcheck clean

include/process.h		diff \| blob \| blame \| history
src/kernel/scheduler.c		diff \| blob \| blame \| history
src/kernel/syscall.c		diff \| blob \| blame \| history
user/ulibc/src/spawn.c		diff \| blob \| blame \| history