RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-25 21:05:07 +00:00
Code Issues Activity Actions

Kernel: Only allow superuser to halt() the system (#342)

Browse source 
Following the discussion in #334, shutdown must also have root-only
run permissions.
This commit is contained in:
Jesse 2019-07-19 21:08:26 +10:00 committed by Andreas Kling
parent cd76b691fb
commit a5d80f7e3b
6 changed files with 31 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

15
Kernel/Process.cpp
View file

@ -2639,6 +2639,21 @@ int Process::sys$systrace(pid_t pid)
return fd; return fd;
} }
int Process::sys$halt()
{
if (!is_superuser())
return -EPERM;
dbgprintf("acquiring FS locks...\n");
FS::lock_all();
dbgprintf("syncing mounted filesystems...\n");
FS::sync();
dbgprintf("attempting system shutdown...\n");
IO::out16(0x604, 0x2000);
return ESUCCESS;
}
int Process::sys$reboot() int Process::sys$reboot()
{ {
if (!is_superuser()) if (!is_superuser())

1
Kernel/Process.h
View file

@ -203,6 +203,7 @@ public:
int sys$release_shared_buffer(int shared_buffer_id); int sys$release_shared_buffer(int shared_buffer_id);
int sys$seal_shared_buffer(int shared_buffer_id); int sys$seal_shared_buffer(int shared_buffer_id);
int sys$get_shared_buffer_size(int shared_buffer_id); int sys$get_shared_buffer_size(int shared_buffer_id);
int sys$halt();
int sys$reboot(); int sys$reboot();
static void initialize(); static void initialize();

9
Kernel/Syscall.cpp
View file

@ -1,7 +1,7 @@
#include <Kernel/Arch/i386/CPU.h> #include <Kernel/Arch/i386/CPU.h>
#include <Kernel/Console.h> #include <Kernel/Console.h>
#include <Kernel/Process.h>
#include <Kernel/IO.h> #include <Kernel/IO.h>
#include <Kernel/Process.h>
#include <Kernel/ProcessTracer.h> #include <Kernel/ProcessTracer.h>
#include <Kernel/Scheduler.h> #include <Kernel/Scheduler.h>
#include <Kernel/Syscall.h> #include <Kernel/Syscall.h>
@ -285,12 +285,7 @@ static u32 handle(RegisterDump& regs, u32 function, u32 arg1, u32 arg2, u32 arg3
case Syscall::SC_sched_getparam: case Syscall::SC_sched_getparam:
return current->process().sys$sched_setparam((pid_t)arg1, (struct sched_param*)arg2); return current->process().sys$sched_setparam((pid_t)arg1, (struct sched_param*)arg2);
case Syscall::SC_halt: { case Syscall::SC_halt: {
dbgprintf("<%u> halting! acquiring locks...\n"); return current->process().sys$halt();
FS::lock_all();
dbgprintf("<%u> halting! syncing...\n");
FS::sync();
dbgprintf("<%u> halting! bye, friends...\n");
IO::out16(0x604, 0x2000);
break; break;
} }
case Syscall::SC_reboot: { case Syscall::SC_reboot: {

6
Libraries/LibC/unistd.cpp
View file

@ -515,6 +515,12 @@ int fsync(int fd)
return 0; return 0;
} }
int halt()
{
int rc = syscall(SC_halt);
__RETURN_WITH_ERRNO(rc, rc, -1);
}
int reboot() int reboot()
{ {
int rc = syscall(SC_reboot); int rc = syscall(SC_reboot);

1
Libraries/LibC/unistd.h
View file

@ -93,6 +93,7 @@ char* getlogin();
int chown(const char* pathname, uid_t, gid_t); int chown(const char* pathname, uid_t, gid_t);
int fchown(int fd, uid_t, gid_t); int fchown(int fd, uid_t, gid_t);
int ftruncate(int fd, off_t length); int ftruncate(int fd, off_t length);
int halt();
int reboot(); int reboot();
enum { enum {

9
Userland/shutdown.cpp
View file

@ -1,5 +1,6 @@
#include <Kernel/Syscall.h>
#include <LibCore/CArgsParser.h> #include <LibCore/CArgsParser.h>
#include <stdio.h>
#include <unistd.h>
int main(int argc, char** argv) int main(int argc, char** argv)
{ {
@ -8,8 +9,10 @@ int main(int argc, char** argv)
CArgsParserResult args = args_parser.parse(argc, argv); CArgsParserResult args = args_parser.parse(argc, argv);
if (args.is_present("n")) { if (args.is_present("n")) {
syscall(SC_halt); if (halt() < 0) {
return 0; perror("shutdown");
return 1;
}
} else { } else {
args_parser.print_usage(); args_parser.print_usage();
return 0; return 0;