validate flags/options

linux-syscall/src/file/dir.rs

@@ -143,7 +143,7 @@ impl Syscall<'_> {
     ) -> SysResult {
         let oldpath = oldpath.read_cstring()?;
         let newpath = newpath.read_cstring()?;
-        let flags = AtFlags::from_bits_truncate(flags);
+        let flags = AtFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "linkat: olddirfd={:?}, oldpath={:?}, newdirfd={:?}, newpath={:?}, flags={:?}",
             olddirfd, oldpath, newdirfd, newpath, flags
@@ -169,7 +169,7 @@ impl Syscall<'_> {
     /// The unlinkat() system call operates in exactly the same way as either unlink or rmdir.
     pub fn sys_unlinkat(&self, dirfd: FileDesc, path: UserInPtr<u8>, flags: usize) -> SysResult {
         let path = path.read_cstring()?;
-        let flags = AtFlags::from_bits_truncate(flags);
+        let flags = AtFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "unlinkat: dirfd={:?}, path={:?}, flags={:?}",
             dirfd, path, flags

linux-syscall/src/file/fd.rs

@@ -24,7 +24,7 @@ impl Syscall<'_> {
     ) -> SysResult {
         let proc = self.linux_process();
         let path = path.read_cstring()?;
-        let flags = OpenFlags::from_bits_truncate(flags);
+        let flags = OpenFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "openat: dir_fd={:?}, path={:?}, flags={:?}, mode={:#o}",
             dir_fd, path, flags, mode

linux-syscall/src/file/file.rs

@@ -321,7 +321,7 @@ impl Syscall<'_> {
     ) -> SysResult {
         // TODO: check permissions based on uid/gid
         let path = path.read_cstring()?;
-        let flags = AtFlags::from_bits_truncate(flags);
+        let flags = AtFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "faccessat: dirfd={:?}, path={:?}, mode={:#o}, flags={:?}",
             dirfd, path, mode, flags

linux-syscall/src/file/stat.rs

@@ -42,7 +42,7 @@ impl Syscall<'_> {
         flags: usize,
     ) -> SysResult {
         let path = path.read_cstring()?;
-        let flags = AtFlags::from_bits_truncate(flags);
+        let flags = AtFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "fstatat: dirfd={:?}, path={:?}, stat_ptr={:?}, flags={:?}",
             dirfd, path, stat_ptr, flags

linux-syscall/src/ipc.rs

@@ -38,7 +38,7 @@ impl Syscall<'_> {
             .ok_or(LxError::EINVAL)?;
         sem_array.otime();
         for &SemBuf { num, op, flags } in ops.iter() {
-            let flags = SemFlags::from_bits_truncate(flags);
+            let flags = SemFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
             if flags.contains(SemFlags::IPC_NOWAIT) {
                 unimplemented!("Semaphore: semop.IPC_NOWAIT");
             }

linux-syscall/src/misc.rs

@@ -50,7 +50,7 @@ impl Syscall<'_> {
         val: i32,
         timeout: UserInPtr<TimeSpec>,
     ) -> SysResult {
-        let op = FutexFlags::from_bits_truncate(op);
+        let op = FutexFlags::from_bits(op).ok_or(LxError::EINVAL)?;
         info!(
             "futex: uaddr: {:#x}, op: {:?}, val: {}, timeout_ptr: {:?}",
             uaddr, op, val, timeout

linux-syscall/src/task.rs

@@ -55,7 +55,7 @@ impl Syscall<'_> {
         mut child_tid: UserOutPtr<i32>,
         newtls: usize,
     ) -> SysResult {
-        let _flags = CloneFlags::from_bits_truncate(flags);
+        let _flags = CloneFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "clone: flags={:#x}, newsp={:#x}, parent_tid={:?}, child_tid={:?}, newtls={:#x}",
             flags, newsp, parent_tid, child_tid, newtls
@@ -113,7 +113,7 @@ impl Syscall<'_> {
             p if p > 0 => WaitTarget::Pid(p as KoID),
             _ => unimplemented!(),
         };
-        let flags = WaitFlags::from_bits_truncate(options);
+        let flags = WaitFlags::from_bits(options).ok_or(LxError::EINVAL)?;
         let nohang = flags.contains(WaitFlags::NOHANG);
         info!(
             "wait4: target={:?}, wstatus={:?}, options={:?}",

linux-syscall/src/vm.rs

@@ -20,8 +20,8 @@ impl Syscall<'_> {
         fd: FileDesc,
         offset: u64,
     ) -> SysResult {
-        let prot = MmapProt::from_bits_truncate(prot);
-        let flags = MmapFlags::from_bits_truncate(flags);
+        let prot = MmapProt::from_bits(prot).ok_or(LxError::EINVAL)?;
+        let flags = MmapFlags::from_bits(flags).ok_or(LxError::EINVAL)?;
         info!(
             "mmap: addr={:#x}, size={:#x}, prot={:?}, flags={:?}, fd={:?}, offset={:#x}",
             addr, len, prot, flags, fd, offset
@@ -57,7 +57,7 @@ impl Syscall<'_> {
     /// containing any part of the address range in the interval [addr, addr+len-1]
     /// TODO: unimplemented
     pub fn sys_mprotect(&self, addr: usize, len: usize, prot: usize) -> SysResult {
-        let prot = MmapProt::from_bits_truncate(prot);
+        let prot = MmapProt::from_bits(prot).ok_or(LxError::EINVAL)?;
         info!(
             "mprotect: addr={:#x}, size={:#x}, prot={:?}",
             addr, len, prot

zircon-syscall/src/ddk.rs

@@ -81,7 +81,7 @@ impl Syscall<'_> {
         addrs_count: usize,
         mut out: UserOutPtr<HandleValue>,
     ) -> ZxResult {
-        let options = BtiOptions::from_bits_truncate(options);
+        let options = BtiOptions::from_bits(options).ok_or(ZxError::INVALID_ARGS)?;
         info!(
             "bti.pin: bti={:#x}, options={:?}, vmo={:#x}, offset={:#x}, size={:#x}, addrs={:#x?}, addrs_count={:#x}",
             bti, options, vmo, offset, size, addrs, addrs_count
@@ -161,7 +161,7 @@ impl Syscall<'_> {
             resource, src_num, options
         );
         let proc = self.thread.proc();
-        let options = InterruptOptions::from_bits_truncate(options);
+        let options = InterruptOptions::from_bits(options).ok_or(ZxError::INVALID_ARGS)?;
         let interrupt = if options.contains(InterruptOptions::VIRTUAL) {
             if options != InterruptOptions::VIRTUAL {
                 return Err(ZxError::INVALID_ARGS);

zircon-syscall/src/object.rs

@@ -192,7 +192,7 @@ impl Syscall<'_> {
         deadline: Deadline,
         mut observed: UserOutPtr<Signal>,
     ) -> ZxResult {
-        let signals = Signal::from_bits_truncate(signals);
+        let signals = Signal::from_bits(signals).ok_or(ZxError::INVALID_ARGS)?;
         info!(
             "object.wait_one: handle={:#x?}, signals={:#x?}, deadline={:#x?}, observed={:#x?}",
             handle, signals, deadline, observed
@@ -389,7 +389,7 @@ impl Syscall<'_> {
         signals: u32,
         options: u32,
     ) -> ZxResult {
-        let signals = Signal::from_bits_truncate(signals);
+        let signals = Signal::from_bits(signals).ok_or(ZxError::INVALID_ARGS)?;
         info!(
             "object.wait_async: handle={:#x}, port={:#x}, key={:#x}, signal={:?}, options={:#X}",
             handle_value, port_handle_value, key, signals, options

zircon-syscall/src/socket.rs

@@ -81,7 +81,7 @@ impl Syscall<'_> {
 
     /// Prevent future reading or writing on a socket.   
     pub fn sys_socket_shutdown(&self, socket: HandleValue, options: u32) -> ZxResult {
-        let options = SocketFlags::from_bits_truncate(options);
+        let options = SocketFlags::from_bits(options).ok_or(ZxError::INVALID_ARGS)?;
         info!(
             "socket.shutdown: socket={:#x?}, options={:#x?}",
             socket, options