[Zion] Make sure result of ValidateCapability is used.

rust/lib/mammoth/src/elf.rs

@@ -331,7 +331,7 @@ pub fn spawn_process_from_elf(elf_file: &[u8]) -> Result<z_cap_t, ZError> {
     port.write_u64_and_cap(crate::init::Z_INIT_SELF_VMAS, new_as_cap)?;
     port.write_u64_and_cap(
         crate::init::Z_INIT_ENDPOINT,
-        syscall::cap_duplicate(unsafe { crate::init::INIT_ENDPOINT }, u64::MAX)?,
+        self_cap.duplicate(Capability::PERMS_ALL)?,
     )?;
 
     let thread_cap = syscall::thread_create(new_proc_cap)?;

zion/capability/capability.h

@@ -5,6 +5,7 @@
 #include <glacier/status/error.h>
 #include <stdint.h>
 
+#include "debug/debug.h"
 #include "include/ztypes.h"
 #include "object/kernel_object.h"
 
@@ -42,7 +43,10 @@ class Capability : public glcr::RefCounted<Capability> {
 template <typename T>
 glcr::RefPtr<T> Capability::obj() {
   if (obj_->TypeTag() != KernelObjectTag<T>::type) {
-    return nullptr;
+    uint64_t type = KernelObjectTag<T>::type;
+    dbgln("Mismatched type tag returning nullptr.");
+    dbgln("Expected {x} got {x}", type, obj_->TypeTag());
+    panic("Unhandled obj type mismatch");
   }
   return StaticCastRefPtr<T>(obj_);
 }

zion/syscall/ipc.cpp

@@ -175,7 +175,7 @@ glcr::ErrorCode EndpointSend(ZEndpointSendReq* req) {
   auto& proc = gScheduler->CurrentProcess();
 
   auto endpoint_cap = proc.GetCapability(req->endpoint_cap);
-  ValidateCapability<Endpoint>(endpoint_cap, kZionPerm_Write);
+  RET_ERR(ValidateCapability<Endpoint>(endpoint_cap, kZionPerm_Write));
   auto endpoint = endpoint_cap->obj<Endpoint>();
 
   auto reply_port = ReplyPort::Create();
@@ -191,7 +191,7 @@ glcr::ErrorCode EndpointRecv(ZEndpointRecvReq* req) {
   auto& proc = gScheduler->CurrentProcess();
 
   auto endpoint_cap = proc.GetCapability(req->endpoint_cap);
-  ValidateCapability<Endpoint>(endpoint_cap, kZionPerm_Read);
+  RET_ERR(ValidateCapability<Endpoint>(endpoint_cap, kZionPerm_Read));
   auto endpoint = endpoint_cap->obj<Endpoint>();
 
   ASSIGN_OR_RETURN(IpcMessage msg,
@@ -202,7 +202,7 @@ glcr::ErrorCode EndpointRecv(ZEndpointRecvReq* req) {
 glcr::ErrorCode ReplyPortSend(ZReplyPortSendReq* req) {
   auto& proc = gScheduler->CurrentProcess();
   auto reply_port_cap = proc.GetCapability(req->reply_port_cap);
-  ValidateCapability<ReplyPort>(reply_port_cap, kZionPerm_Read);
+  RET_ERR(ValidateCapability<ReplyPort>(reply_port_cap, kZionPerm_Read));
   auto reply_port = reply_port_cap->obj<ReplyPort>();
 
   ASSIGN_OR_RETURN(IpcMessage message, TranslateRequestToIpcMessage(*req));
@@ -212,7 +212,7 @@ glcr::ErrorCode ReplyPortRecv(ZReplyPortRecvReq* req) {
   auto& proc = gScheduler->CurrentProcess();
 
   auto reply_port_cap = proc.GetCapability(req->reply_port_cap);
-  ValidateCapability<ReplyPort>(reply_port_cap, kZionPerm_Read);
+  RET_ERR(ValidateCapability<ReplyPort>(reply_port_cap, kZionPerm_Read));
   auto reply_port = reply_port_cap->obj<ReplyPort>();
 
   ASSIGN_OR_RETURN(IpcMessage msg,