RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-24 06:25:06 +00:00
Code Issues Activity Actions

Kernel: Introduce "sigaction" pledge

Browse source 
You now have to pledge "sigaction" to change signal handlers/dispositions. This
is to prevent malicious code from messing with assertions (and segmentation
faults), which are normally expected to instantly terminate the process but can
do other things if you change signal disposition for them.
This commit is contained in:
Sergey Bugaev 2020-05-26 13:49:35 +03:00 committed by Andreas Kling
parent 839ae82d66
commit cddaeb43d3
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/Process.cpp
View file

@ -2711,7 +2711,7 @@ int Process::sys$sigpending(sigset_t* set)
int Process::sys$sigaction(int signum, const sigaction* act, sigaction* old_act) int Process::sys$sigaction(int signum, const sigaction* act, sigaction* old_act)
{ {
REQUIRE_PROMISE(stdio); REQUIRE_PROMISE(sigaction);
if (signum < 1 || signum >= 32 || signum == SIGKILL || signum == SIGSTOP) if (signum < 1 || signum >= 32 || signum == SIGKILL || signum == SIGSTOP)
return -EINVAL; return -EINVAL;
if (!validate_read_typed(act)) if (!validate_read_typed(act))

1
Kernel/Process.h
View file

@ -72,6 +72,7 @@ extern VirtualAddress g_return_to_ring3_from_signal_trampoline;
__ENUMERATE_PLEDGE_PROMISE(video) \ __ENUMERATE_PLEDGE_PROMISE(video) \
__ENUMERATE_PLEDGE_PROMISE(accept) \ __ENUMERATE_PLEDGE_PROMISE(accept) \
__ENUMERATE_PLEDGE_PROMISE(settime) \ __ENUMERATE_PLEDGE_PROMISE(settime) \
__ENUMERATE_PLEDGE_PROMISE(sigaction) \
__ENUMERATE_PLEDGE_PROMISE(shared_buffer) __ENUMERATE_PLEDGE_PROMISE(shared_buffer)
enum class Pledge : u32 { enum class Pledge : u32 {