Projects (at) Tadryanom (dot) Me

author	Tulio A M Mendes <[email protected]>
	Mon, 25 May 2026 13:31:24 +0000 (10:31 -0300)
committer	Tulio A M Mendes <[email protected]>
	Mon, 25 May 2026 15:38:54 +0000 (12:38 -0300)
commit	f27292ed02f4427bb2e404193832db75b2ba8a14
tree	7c2df5c95a54180ca09d986bf480ef0675f9b5cb	tree \| snapshot
parent	cdb8b41a661791360b0f5d5725607f208154c667	commit \| diff

kernel: POSIX compliance and robustness fixes (Round 3)

Round 3 of the audit fix plan — medium-severity POSIX compliance fixes:

- ftruncate: reject O_RDONLY fd with EBADF (write permission check)
- truncate: check vfs_check_permission for write access (EACCES)
- O_EXCL: return EEXIST when O_CREAT|O_EXCL on existing file
- O_DIRECTORY: return ENOTDIR when O_DIRECTORY on non-directory
- posix_spawn: fix _syscall2→_syscall4 to pass all 4 args (pid_out,
  path, argv, envp) matching kernel handler expectations
- SYSCALL_MKDIR: accept mode argument from user space (passed through
  to syscall_mkdir_impl; VFS backends don't use it yet)
- CLONE_VM: add address-space refcount table to prevent use-after-free
  when thread group leader exits before threads. g_as_refcnt[] tracks
  refs per addr_space value; parent and child each hold a ref; last
  ref to exit destroys the AS.

Tests: 116/116 smoke, 142/142 battery, 111/111 host, cppcheck clean

include/process.h		diff \| blob \| blame \| history
src/kernel/scheduler.c		diff \| blob \| blame \| history
src/kernel/syscall.c		diff \| blob \| blame \| history
user/ulibc/src/spawn.c		diff \| blob \| blame \| history