mirrors/serenity
1
0
Fork 0
mirror of https://github.com/SerenityOS/serenity.git synced 2025-01-23 01:41:59 -05:00
Code Issues Projects Releases Packages Wiki Activity

Kernel: Disallow access to shared buffers we're not allowed to access.

Browse source 
Unless we're on the share list, make all shared buffer related syscalls
return EPERM.
This commit is contained in:
Andreas Kling 2019-07-28 07:11:14 +02:00
parent de3d1f2275
commit 63619b9f7c
1 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Kernel/Process.cpp
View file

@ -2440,6 +2440,8 @@ int Process::sys$share_buffer_with(int shared_buffer_id, pid_t peer_pid)
if (it == shared_buffers().resource().end()) if (it == shared_buffers().resource().end())
return -EINVAL; return -EINVAL;
auto& shared_buffer = *(*it).value; auto& shared_buffer = *(*it).value;
if (!shared_buffer.is_shared_with(m_pid))
return -EPERM;
{ {
InterruptDisabler disabler; InterruptDisabler disabler;
auto* peer = Process::from_pid(peer_pid); auto* peer = Process::from_pid(peer_pid);
@ -2457,6 +2459,8 @@ int Process::sys$release_shared_buffer(int shared_buffer_id)
if (it == shared_buffers().resource().end()) if (it == shared_buffers().resource().end())
return -EINVAL; return -EINVAL;
auto& shared_buffer = *(*it).value; auto& shared_buffer = *(*it).value;
if (!shared_buffer.is_shared_with(m_pid))
return -EPERM;
#ifdef SHARED_BUFFER_DEBUG #ifdef SHARED_BUFFER_DEBUG
kprintf("%s(%u): Releasing shared buffer %d, buffer count: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size()); kprintf("%s(%u): Releasing shared buffer %d, buffer count: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size());
#endif #endif
@ -2472,7 +2476,7 @@ void* Process::sys$get_shared_buffer(int shared_buffer_id)
return (void*)-EINVAL; return (void*)-EINVAL;
auto& shared_buffer = *(*it).value; auto& shared_buffer = *(*it).value;
if (!shared_buffer.is_shared_with(m_pid)) if (!shared_buffer.is_shared_with(m_pid))
return (void*)-EINVAL; return (void*)-EPERM;
#ifdef SHARED_BUFFER_DEBUG #ifdef SHARED_BUFFER_DEBUG
kprintf("%s(%u): Retaining shared buffer %d, buffer count: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size()); kprintf("%s(%u): Retaining shared buffer %d, buffer count: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size());
#endif #endif
@ -2487,7 +2491,7 @@ int Process::sys$seal_shared_buffer(int shared_buffer_id)
return -EINVAL; return -EINVAL;
auto& shared_buffer = *(*it).value; auto& shared_buffer = *(*it).value;
if (!shared_buffer.is_shared_with(m_pid)) if (!shared_buffer.is_shared_with(m_pid))
return -EINVAL; return -EPERM;
#ifdef SHARED_BUFFER_DEBUG #ifdef SHARED_BUFFER_DEBUG
kprintf("%s(%u): Sealing shared buffer %d\n", name().characters(), pid(), shared_buffer_id); kprintf("%s(%u): Sealing shared buffer %d\n", name().characters(), pid(), shared_buffer_id);
#endif #endif
@ -2503,7 +2507,7 @@ int Process::sys$get_shared_buffer_size(int shared_buffer_id)
return -EINVAL; return -EINVAL;
auto& shared_buffer = *(*it).value; auto& shared_buffer = *(*it).value;
if (!shared_buffer.is_shared_with(m_pid)) if (!shared_buffer.is_shared_with(m_pid))
return -EINVAL; return -EPERM;
#ifdef SHARED_BUFFER_DEBUG #ifdef SHARED_BUFFER_DEBUG
kprintf("%s(%u): Get shared buffer %d size: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size()); kprintf("%s(%u): Get shared buffer %d size: %u\n", name().characters(), pid(), shared_buffer_id, shared_buffers().resource().size());
#endif #endif