Kernel+Userland: Refine preventing syscall annotations of Regions option

Instead of using a special case of the annotate_mapping syscall, let's introduce a new prctl option to disallow further annotations of Regions as new syscall Region(s).
2025-10-31 17:32:44 +00:00 · 2023-01-20 00:37:14 +02:00 · 2023-01-20 00:37:14 +02:00 · b27f88f61d
commit b27f88f61d
parent 08de5abc6d
4 changed files with 23 additions and 6 deletions
--- a/Kernel/API/prctl_numbers.h
+++ b/Kernel/API/prctl_numbers.h
@ -8,3 +8,5 @@

 #define PR_SET_DUMPABLE 1
 #define PR_GET_DUMPABLE 2
+#define PR_SET_NO_NEW_SYSCALL_REGION_ANNOTATIONS 3
+#define PR_GET_NO_NEW_SYSCALL_REGION_ANNOTATIONS 4
--- a/Kernel/Syscalls/mmap.cpp
+++ b/Kernel/Syscalls/mmap.cpp
@ -578,6 +578,9 @@ ErrorOr<FlatPtr> Process::sys$annotate_mapping(Userspace<void*> address, int fla
    if (flags == to_underlying(VirtualMemoryRangeFlags::None))
        return EINVAL;

+    if (!address)
+        return EINVAL;
+
    if (!Memory::is_user_address(address.vaddr()))
        return EFAULT;

@ -585,11 +588,6 @@ ErrorOr<FlatPtr> Process::sys$annotate_mapping(Userspace<void*> address, int fla
        if (space->enforces_syscall_regions() && (flags & to_underlying(VirtualMemoryRangeFlags::SyscallCode)))
            return EPERM;

-        if (!address) {
-            space->set_enforces_syscall_regions(true);
-            return 0;
-        }
-
        auto* region = space->find_region_containing(Memory::VirtualRange { address.vaddr(), 1 });
        if (!region)
            return EINVAL;
--- a/Kernel/Syscalls/prctl.cpp
+++ b/Kernel/Syscalls/prctl.cpp
@ -21,6 +21,22 @@ ErrorOr<FlatPtr> Process::sys$prctl(int option, FlatPtr arg1, [[maybe_unused]] F
                return EINVAL;
            protected_data.dumpable = arg1;
            return 0;
+        case PR_GET_NO_NEW_SYSCALL_REGION_ANNOTATIONS:
+            return address_space().with([&](auto& space) -> ErrorOr<FlatPtr> {
+                return space->enforces_syscall_regions();
+            });
+        case PR_SET_NO_NEW_SYSCALL_REGION_ANNOTATIONS:
+            if (arg1 != 0 && arg1 != 1)
+                return EINVAL;
+            bool prohibit_new_annotated_syscall_regions = (arg1 == 1);
+            return address_space().with([&](auto& space) -> ErrorOr<FlatPtr> {
+                if (space->enforces_syscall_regions() && !prohibit_new_annotated_syscall_regions)
+                    return EPERM;
+
+                space->set_enforces_syscall_regions(prohibit_new_annotated_syscall_regions);
+                return 0;
+            });
+            return 0;
        }
        return EINVAL;
    });
--- a/Userland/Libraries/LibELF/DynamicLinker.cpp
+++ b/Userland/Libraries/LibELF/DynamicLinker.cpp
@ -17,6 +17,7 @@
 #include <AK/ScopeGuard.h>
 #include <AK/Vector.h>
 #include <Kernel/API/VirtualMemoryAnnotations.h>
+#include <Kernel/API/prctl_numbers.h>
 #include <LibC/bits/pthread_integration.h>
 #include <LibC/link.h>
 #include <LibC/sys/mman.h>
@ -677,7 +678,7 @@ void ELF::DynamicLinker::linker_main(DeprecatedString&& main_program_path, int m

    s_loaders.clear();

-    int rc = syscall(SC_annotate_mapping, nullptr);
+    int rc = syscall(SC_prctl, PR_SET_NO_NEW_SYSCALL_REGION_ANNOTATIONS, 1, 0);
    if (rc < 0) {
        VERIFY_NOT_REACHED();
    }