diff options
| author | Amlal El Mahrouss <amlal@nekernel.org> | 2025-06-06 05:44:34 +0200 |
|---|---|---|
| committer | Amlal El Mahrouss <amlal@nekernel.org> | 2025-06-06 05:44:34 +0200 |
| commit | 17bd847ebc85f4f9e62f510563482939a98f0c8e (patch) | |
| tree | 3e25f1b8da7ec81ef3a88612f757132f3b6d2be2 /dev/kernel | |
| parent | bdf7d346db02e9c20602128e086c6db32930176d (diff) | |
feat: kernel: Start enforcing `User`s validation when issuing OS calls.
refactor: PE: remove BaseOfData, as we are only relying on PE32+ now.
Signed-off-by: Amlal El Mahrouss <amlal@nekernel.org>
Diffstat (limited to 'dev/kernel')
| -rw-r--r-- | dev/kernel/HALKit/AMD64/HalCoreInterruptHandler.cc | 7 | ||||
| -rw-r--r-- | dev/kernel/KernelKit/PE.h | 3 | ||||
| -rw-r--r-- | dev/kernel/KernelKit/UserMgr.h | 3 |
3 files changed, 11 insertions, 2 deletions
diff --git a/dev/kernel/HALKit/AMD64/HalCoreInterruptHandler.cc b/dev/kernel/HALKit/AMD64/HalCoreInterruptHandler.cc index 01456ae5..98e1ed61 100644 --- a/dev/kernel/HALKit/AMD64/HalCoreInterruptHandler.cc +++ b/dev/kernel/HALKit/AMD64/HalCoreInterruptHandler.cc @@ -6,6 +6,7 @@ #include <ArchKit/ArchKit.h> #include <KernelKit/ProcessScheduler.h> +#include <KernelKit/UserMgr.h> #include <NeKit/KString.h> #include <SignalKit/Signals.h> @@ -133,6 +134,8 @@ EXTERN_C Kernel::Void hal_system_call_enter(Kernel::UIntPtr rcx_syscall_index, Kernel::UIntPtr rdx_syscall_struct) { hal_idt_send_eoi(50); + if (!Kernel::kCurrentUser) return; + if (rcx_syscall_index < kSysCalls.Count()) { if (kSysCalls[rcx_syscall_index].fHooked) { if (kSysCalls[rcx_syscall_index].fProc) { @@ -149,6 +152,10 @@ EXTERN_C Kernel::Void hal_kernel_call_enter(Kernel::UIntPtr rcx_kerncall_index, Kernel::UIntPtr rdx_kerncall_struct) { hal_idt_send_eoi(51); + if (!Kernel::kRootUser) return; + if (Kernel::kCurrentUser != Kernel::kRootUser) return; + if (!Kernel::kCurrentUser->IsSuperUser()) return; + if (rcx_kerncall_index < kKernCalls.Count()) { if (kKernCalls[rcx_kerncall_index].fHooked) { if (kKernCalls[rcx_kerncall_index].fProc) { diff --git a/dev/kernel/KernelKit/PE.h b/dev/kernel/KernelKit/PE.h index df5047a3..3aa8fbf2 100644 --- a/dev/kernel/KernelKit/PE.h +++ b/dev/kernel/KernelKit/PE.h @@ -44,8 +44,7 @@ typedef struct LDR_OPTIONAL_HEADER final { Kernel::UInt32 SizeOfUninitializedData; Kernel::UInt32 AddressOfEntryPoint; Kernel::UInt32 BaseOfCode; - Kernel::UInt32 BaseOfData; - Kernel::UInt32 ImageBase; + Kernel::UInt64 ImageBase; Kernel::UInt32 SectionAlignment; Kernel::UInt32 FileAlignment; Kernel::UInt16 MajorOperatingSystemVersion; diff --git a/dev/kernel/KernelKit/UserMgr.h b/dev/kernel/KernelKit/UserMgr.h index ef1cc659..6fa8ba14 100644 --- a/dev/kernel/KernelKit/UserMgr.h +++ b/dev/kernel/KernelKit/UserMgr.h @@ -87,6 +87,9 @@ class User final { Char mUserName[kMaxUserNameLen] = {0}; UInt64 mUserFNV{0UL}; }; + +inline User* kCurrentUser = nullptr; +inline User* kRootUser = nullptr; } // namespace Kernel #endif /* ifndef INC_USER_H */ |