RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 06:17:35 +00:00
Code Issues Activity Actions

Kernel: Add a way to specify which memory regions can make syscalls

Browse source 
This patch adds sys$msyscall() which is loosely based on an OpenBSD
mechanism for preventing syscalls from non-blessed memory regions.

It works similarly to pledge and unveil, you can call it as many
times as you like, and when you're finished, you call it with a null
pointer and it will stop accepting new regions from then on.

If a syscall later happens and doesn't originate from one of the
previously blessed regions, the kernel will simply crash the process.
This commit is contained in:
Andreas Kling 2021-02-02 19:56:11 +01:00
parent d57b4128a1
commit 823186031d
10 changed files with 43 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/VM/Region.cpp
View file

@ -105,6 +105,7 @@ OwnPtr<Region> Region::clone(Process& new_owner)
region->copy_purgeable_page_ranges(*this);
region->set_mmap(m_mmap);
region->set_shared(m_shared);
region->set_syscall_region(is_syscall_region());
return region;
}
@ -127,6 +128,7 @@ OwnPtr<Region> Region::clone(Process& new_owner)
ASSERT(vmobject().is_anonymous());
clone_region->set_stack(true);
}
clone_region->set_syscall_region(is_syscall_region());
clone_region->set_mmap(m_mmap);
return clone_region;
}