1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 13:07:46 +00:00

Kernel: Add a way to specify which memory regions can make syscalls

This patch adds sys$msyscall() which is loosely based on an OpenBSD
mechanism for preventing syscalls from non-blessed memory regions.

It works similarly to pledge and unveil, you can call it as many
times as you like, and when you're finished, you call it with a null
pointer and it will stop accepting new regions from then on.

If a syscall later happens and doesn't originate from one of the
previously blessed regions, the kernel will simply crash the process.
This commit is contained in:
Andreas Kling 2021-02-02 19:56:11 +01:00
parent d57b4128a1
commit 823186031d
10 changed files with 43 additions and 1 deletions

View file

@ -549,6 +549,8 @@ int Process::do_exec(NonnullRefPtr<FileDescription> main_program_description, Ve
m_execpromises = 0;
m_has_execpromises = false;
m_enforces_syscall_regions = false;
m_veil_state = VeilState::None;
m_unveiled_paths.clear();

View file

@ -47,6 +47,7 @@ pid_t Process::sys$fork(RegisterState& regs)
child->m_has_execpromises = m_has_execpromises;
child->m_veil_state = m_veil_state;
child->m_unveiled_paths = m_unveiled_paths.deep_copy();
child->m_enforces_syscall_regions = m_enforces_syscall_regions;
child->m_fds = m_fds;
child->m_sid = m_sid;
child->m_pg = m_pg;

View file

@ -550,4 +550,22 @@ void* Process::sys$allocate_tls(size_t size)
return m_master_tls_region.unsafe_ptr()->vaddr().as_ptr();
}
int Process::sys$msyscall(void* address)
{
if (m_enforces_syscall_regions)
return -EPERM;
if (!address) {
m_enforces_syscall_regions = true;
return 0;
}
auto* region = find_region_containing(Range { VirtualAddress { address }, 1 });
if (!region)
return -EINVAL;
region->set_syscall_region(true);
return 0;
}
}