chore: kernel/boot: Enforce subsystem 17 by default.

Signed-off-by: Amlal El Mahrouss <amlal@nekernel.org>

8 files changed, 30 insertions, 14 deletions

diff --git a/doc/specs/SPECFICATION_MACROS.md b/doc/specs/SPECFICATION_MACROS.md
index e3456e50..08c57447 100644
--- a/doc/specs/SPECFICATION_MACROS.md
+++ b/doc/specs/SPECFICATION_MACROS.md
@@ -4,8 +4,10 @@
 
 - `__nekernel_max_cores` -> Max SMP cores usable by NeKernel's scheduler.
 - `__nekernel_boot_core_index` -> Index of the boot core (0, 1, or 3).
+- `__nekernel_allow_non_nekernel_pe` -> Allow non-subsystem 17 to run on NeKernel.
 
 ## KernelTest:
 
 - `__KT_TEST_MAIN` -> KernelTest entrypoint symbol.
+- `KT_TESTING_ENABLED` -> Program is running under testing constraints.
 
diff --git a/public/frameworks/KernelTest.fwrk/headers/TestCase.h b/public/frameworks/KernelTest.fwrk/headers/TestCase.h
index 79ebab8d..4f835ff6 100644
--- a/public/frameworks/KernelTest.fwrk/headers/TestCase.h
+++ b/public/frameworks/KernelTest.fwrk/headers/TestCase.h
@@ -12,10 +12,10 @@
 /// @file TestCase.h
 /// ================================================================================
 
-#define KT_RUN_TEST(OBJECT)     \
-  {                             \
-    KTTestCase##OBJECT obj{};   \
-    obj.Run(); \
+#define KT_RUN_TEST(OBJECT)   \
+  {                           \
+    KTTestCase##OBJECT obj{}; \
+    obj.Run();                \
   }
 
 #define KT_MUST_PASS(MSG, LEFT_COND, RIGHT_COND) \
diff --git a/src/boot/src/BootThread.cc b/src/boot/src/BootThread.cc
index ec26209b..bbb8fb5a 100644
--- a/src/boot/src/BootThread.cc
+++ b/src/boot/src/BootThread.cc
@@ -52,6 +52,13 @@ BootThread::BootThread(VoidPtr blob) : fStartAddress(nullptr), fBlob(blob) {
     }
 #endif  // __NE_AMD64__ || __NE_ARM64__
 
+#if !defined(__nekernel_allow_non_nekernel_pe)
+    if (opt_header_ptr->Subsystem != kNeKernelPESubsystem) {
+      writer.Write("BootZ: Not a NeKernel PE32+ executable.\r");
+      return;
+    }
+#endif
+
     writer.Write("BootZ: PE32+ executable detected (NeKernel Subsystem).\r");
 
     auto numSecs = header_ptr->NumberOfSections;
diff --git a/src/kernel/KernelKit/PE.h b/src/kernel/KernelKit/PE.h
index 751e7ceb..bef39481 100644
--- a/src/kernel/KernelKit/PE.h
+++ b/src/kernel/KernelKit/PE.h
@@ -15,6 +15,8 @@
 #define kPeMachineAMD64 (0x8664)
 #define kPeMachineARM64 (0xaa64)
 
+#define kNeKernelPESubsystem (0x11)
+
 typedef struct LDR_EXEC_HEADER final {
   Kernel::UInt32 Signature;
   Kernel::UInt16 Machine;
diff --git a/src/kernel/src/PE32CodeMgr.cc b/src/kernel/src/PE32CodeMgr.cc
index 517900c4..7f5250fd 100644
--- a/src/kernel/src/PE32CodeMgr.cc
+++ b/src/kernel/src/PE32CodeMgr.cc
@@ -98,6 +98,12 @@ ErrorOr<VoidPtr> PE32Loader::FindSectionByName(const Char* name) {
     return ErrorOr<VoidPtr>{kErrorInvalidData};
   }
 
+#if !defined(__nekernel_allow_non_nekernel_pe)
+  if (opt_header_ptr->Subsystem != kNeKernelPESubsystem) {
+    return ErrorOr<VoidPtr>{kErrorInvalidData};
+  }
+#endif
+
   LDR_SECTION_HEADER_PTR secs =
       (LDR_SECTION_HEADER_PTR) (((Char*) opt_header_ptr) + header_ptr->SizeOfOptionalHeader);
 
diff --git a/src/libDDK/src/ddk_kernel_call.c b/src/libDDK/src/ddk_kernel_call.c
index 95af4dc3..d240c637 100644
--- a/src/libDDK/src/ddk_kernel_call.c
+++ b/src/libDDK/src/ddk_kernel_call.c
@@ -12,7 +12,7 @@
 #include <stdarg.h>
 
 /// @brief this is an internal call, do not use it.
-DDK_EXTERN ATTRIBUTE(naked)     /*  */
+DDK_EXTERN ATTRIBUTE(naked) /*  */
 ptr_t      __ke_call_dispatch(const int32_t name, int32_t cnt, void* data, size_t sz);
 
 /// @brief This function hashes the path into a FNV symbol.
diff --git a/src/libSystem/src/SystemCalls.cc b/src/libSystem/src/SystemCalls.cc
index 0d5980e4..0059d55d 100644
--- a/src/libSystem/src/SystemCalls.cc
+++ b/src/libSystem/src/SystemCalls.cc
@@ -149,7 +149,8 @@ IMPORT_C UInt64 IoTellFile(_Input Ref desc) {
 }
 
 IMPORT_C SInt32 PrintRelease(_Input IORef buf) {
-  SInt32* ret = static_cast<SInt32*>(libsys_syscall_arg_2(SYSCALL_HASH("PrintRelease"), static_cast<VoidPtr>(buf)));
+  SInt32* ret = static_cast<SInt32*>(
+      libsys_syscall_arg_2(SYSCALL_HASH("PrintRelease"), static_cast<VoidPtr>(buf)));
   if (!ret) return -kErrorInvalidData;
 
   return static_cast<SInt32>(*ret);
@@ -159,15 +160,13 @@ IMPORT_C IORef PrintCreate(Void) {
   return static_cast<IORef>(libsys_syscall_arg_1(SYSCALL_HASH("PrintCreate")));
 }
 
-
 IMPORT_C VoidPtr MmCreateHeap(UInt64 initial_size, UInt32 max_size) {
   return static_cast<VoidPtr>(libsys_syscall_arg_3(SYSCALL_HASH("MmCreateHeap"),
-                                                    reinterpret_cast<VoidPtr>(&initial_size),
-                                                    reinterpret_cast<VoidPtr>(&max_size)));
+                                                   reinterpret_cast<VoidPtr>(&initial_size),
+                                                   reinterpret_cast<VoidPtr>(&max_size)));
 }
 
-IMPORT_C SInt32 MmDestroyHeap(VoidPtr heap)
-{
+IMPORT_C SInt32 MmDestroyHeap(VoidPtr heap) {
   auto ret = libsys_syscall_arg_2(SYSCALL_HASH("MmDestroyHeap"), static_cast<VoidPtr>(heap));
   return *static_cast<SInt32*>(ret);
 }
@@ -192,8 +191,8 @@ IMPORT_C SInt32 PrintIn(_Input IORef desc, const Char* fmt, ...) {
 }
 
 IMPORT_C IORef PrintGet(const Char* path) {
-  return static_cast<IORef>(libsys_syscall_arg_2(SYSCALL_HASH("PrintGet"),
-                                                 Verify::sys_safe_cast<Char, Void>(path)));
+  return static_cast<IORef>(
+      libsys_syscall_arg_2(SYSCALL_HASH("PrintGet"), Verify::sys_safe_cast<Char, Void>(path)));
 }
 
 IMPORT_C ErrRef ErrGetLastError(Void) {
diff --git a/test/kernel_test/process.test.cc b/test/kernel_test/process.test.cc
index b742b5c1..2ec7d191 100644
--- a/test/kernel_test/process.test.cc
+++ b/test/kernel_test/process.test.cc
@@ -2,8 +2,8 @@
 /// \brief Process management tests.
 /// \author Amlal El Mahrouss (amlal at nekernel dot org)
 
-#include <libSystem/SystemKit/System.h>
 #include <KernelTest.fwrk/headers/TestCase.h>
+#include <libSystem/SystemKit/System.h>
 
 /// \note RtlSpawnProcess tests
 KT_DECL_TEST(ProcessHasFailed, []() -> bool {