Kernel+Userland: Refine preventing syscall annotations of Regions option

Instead of using a special case of the annotate_mapping syscall, let's introduce a new prctl option to disallow further annotations of Regions as new syscall Region(s).
2025-05-31 12:48:10 +00:00 · 2023-01-20 00:37:14 +02:00 · 2023-01-20 00:37:14 +02:00 · b27f88f61d
commit b27f88f61d
parent 08de5abc6d
4 changed files with 23 additions and 6 deletions
--- a/Kernel/Syscalls/prctl.cpp
+++ b/Kernel/Syscalls/prctl.cpp
@ -21,6 +21,22 @@ ErrorOr<FlatPtr> Process::sys$prctl(int option, FlatPtr arg1, [[maybe_unused]] F
                return EINVAL;
            protected_data.dumpable = arg1;
            return 0;
+        case PR_GET_NO_NEW_SYSCALL_REGION_ANNOTATIONS:
+            return address_space().with([&](auto& space) -> ErrorOr<FlatPtr> {
+                return space->enforces_syscall_regions();
+            });
+        case PR_SET_NO_NEW_SYSCALL_REGION_ANNOTATIONS:
+            if (arg1 != 0 && arg1 != 1)
+                return EINVAL;
+            bool prohibit_new_annotated_syscall_regions = (arg1 == 1);
+            return address_space().with([&](auto& space) -> ErrorOr<FlatPtr> {
+                if (space->enforces_syscall_regions() && !prohibit_new_annotated_syscall_regions)
+                    return EPERM;
+
+                space->set_enforces_syscall_regions(prohibit_new_annotated_syscall_regions);
+                return 0;
+            });
+            return 0;
        }
        return EINVAL;
    });