From f6b073cb7094e252516516c6b50ccbc34e4efe16 Mon Sep 17 00:00:00 2001 From: Amlal El Mahrouss Date: Mon, 21 Apr 2025 13:26:12 +0200 Subject: dev, sched: scheduler security patches. - Regarding process spawning and process exit safer with boundary checks and pointer checks. - Made the method HasMP smarter, with assert as kHandoverHeader is expected to be valid. Signed-off-by: Amlal El Mahrouss --- dev/kernel/src/UserProcessScheduler.cc | 47 +++++++++++++++++++++++++++------- 1 file changed, 38 insertions(+), 9 deletions(-) (limited to 'dev') diff --git a/dev/kernel/src/UserProcessScheduler.cc b/dev/kernel/src/UserProcessScheduler.cc index 5e8cc89e..7e71fc22 100644 --- a/dev/kernel/src/UserProcessScheduler.cc +++ b/dev/kernel/src/UserProcessScheduler.cc @@ -13,6 +13,7 @@ /// @author Amlal El Mahrouss (amlal@nekernel.org) /***********************************************************************************/ +#include "FirmwareKit/Handover.h" #include #include #include @@ -58,8 +59,8 @@ namespace Kernel if (this->Status != ProcessStatusKind::kRunning) return; - (void)(kout << this->Name << ": crashed, error id: " << number(kErrorProcessFault) << kendl); - this->Exit(kErrorProcessFault); + (void)(kout << this->Name << ": crashed, error id: " << number(-kErrorProcessFault) << kendl); + this->Exit(-kErrorProcessFault); } /***********************************************************************************/ @@ -285,11 +286,21 @@ namespace Kernel ProcessID UserProcessScheduler::Spawn(const Char* name, VoidPtr code, VoidPtr image) { + if (!name || !code) + { + return -kErrorProcessFault; + } + + if (*name == 0) + { + return -kErrorProcessFault; + } + ProcessID pid = this->mTeam.mProcessCount; if (pid > kSchedProcessLimitPerTeam) { - return kErrorProcessFault; + return -kErrorProcessFault; } ++this->mTeam.mProcessCount; @@ -299,7 +310,14 @@ namespace Kernel process.Image.fCode = code; process.Image.fBlob = image; - rt_copy_memory(reinterpret_cast(const_cast(name)), process.Name, rt_string_len(name)); + SizeT len = rt_string_len(name); + + if (len > kSchedNameLen) + { + return -kErrorProcessFault; + } + + rt_copy_memory(reinterpret_cast(const_cast(name)), process.Name, len); #ifdef __NE_VIRTUAL_MEMORY_SUPPORT__ process.VMRegister = new PDE(); @@ -307,7 +325,7 @@ namespace Kernel if (!process.VMRegister) { process.Crash(); - return kErrorProcessFault; + return -kErrorProcessFault; } UInt32 flags = HAL::kMMFlagsPresent; @@ -322,7 +340,7 @@ namespace Kernel if (!process.StackFrame) { process.Crash(); - return kErrorProcessFault; + return -kErrorProcessFault; } rt_set_memory(process.StackFrame, 0, sizeof(HAL::StackFrame)); @@ -357,7 +375,7 @@ namespace Kernel if (!process.StackReserve) { process.Crash(); - return kErrorProcessFault; + return -kErrorProcessFault; } rt_set_memory(process.StackReserve, 0, process.StackSize); @@ -402,6 +420,16 @@ namespace Kernel Void UserProcessScheduler::Remove(ProcessID process_id) { + if (process_id < 0 || process_id >= kSchedProcessLimitPerTeam) + { + return; + } + + if (this->mTeam.mProcessList[process_id].Status == ProcessStatusKind::kInvalid) + { + return; + } + mTeam.mProcessList[process_id].Exit(0); } @@ -423,7 +451,8 @@ namespace Kernel Bool UserProcessScheduler::HasMP() { - return Yes; + MUST_PASS(kHandoverHeader); + return kHandoverHeader->f_HardwareTables.f_MultiProcessingEnabled; } /***********************************************************************************/ @@ -497,7 +526,7 @@ namespace Kernel ErrorOr UserProcessHelper::TheCurrentPID() { if (!kProcessScheduler.CurrentProcess()) - return ErrorOr{kErrorProcessFault}; + return ErrorOr{-kErrorProcessFault}; kout << "UserProcessHelper::TheCurrentPID: Leaking ProcessId...\r"; return ErrorOr{kProcessScheduler.CurrentProcess().Leak().ProcessId}; -- cgit v1.2.3