#14961: Audit all syscalls for permissions and access checks
-----------------------------+----------------------------
Reporter: waddlesplash | Owner: waddlesplash
Type: bug | Status: assigned
Priority: high | Milestone: R1/beta2
Component: System/Kernel | Version: R1/Development
Resolution: | Keywords: security
Blocked By: 15356 | Blocking:
Has a Patch: 0 | Platform: All
-----------------------------+----------------------------
Old description:
Here's a full list of source files containing syscall implementations:
* OK ~~src/system/kernel/arch/arm/arch_atomic32.cpp~~
* OK ~~src/system/kernel/arch/arm/arch_atomic64.cpp~~
* OK ~~src/system/kernel/arch/m68k/arch_atomic.cpp~~
* OK ~~src/system/kernel/arch/x86/arch_system_info.cpp~~
* OK ~~src/system/kernel/arch/x86/syscalls_compat.cpp~~
* OK ~~src/system/kernel/debug/debug.cpp~~
* OK ~~src/system/kernel/debug/frame_buffer_console.cpp~~
* OK ~~src/system/kernel/debug/safemode_settings.cpp~~
* OK ~~src/system/kernel/debug/system_profiler.cpp~~
* OK ~~src/system/kernel/debug/tracing.cpp~~
* OK ~~src/system/kernel/debug/user_debugger.cpp~~
* NEEDSWORK
src/system/kernel/disk_device_manager/ddm_userland_interface.cpp
* OK ~~src/system/kernel/UserTimer.cpp~~
* OK ~~src/system/kernel/cpu.cpp~~
* OK ~~src/system/kernel/elf.cpp~~
* OK ~~src/system/kernel/fs/fd.cpp~~
* NEEDSWORK src/system/kernel/fs/node_monitor.cpp
* OK ~~src/system/kernel/fs/socket.cpp~~
* src/system/kernel/fs/vfs.cpp
* src/system/kernel/image.cpp
* src/system/kernel/locks/user_mutex.cpp
* src/system/kernel/messaging/MessagingService.cpp
* src/system/kernel/port.cpp
* src/system/kernel/posix/realtime_sem.cpp
* src/system/kernel/posix/xsi_message_queue.cpp
* src/system/kernel/posix/xsi_semaphore.cpp
* src/system/kernel/real_time_clock.cpp
* src/system/kernel/scheduler/scheduler.cpp
* src/system/kernel/scheduler/scheduling_analysis.cpp
* src/system/kernel/sem.cpp
* src/system/kernel/shutdown.cpp
* src/system/kernel/signal.cpp
* src/system/kernel/syscalls.cpp
* src/system/kernel/system_info.cpp
* src/system/kernel/team.cpp
* src/system/kernel/thread.cpp
* src/system/kernel/usergroup.cpp
* src/system/kernel/vm/vm.cpp
* src/system/kernel/wait_for_objects.cpp
Each and every one of these needs to be audited, namely:
* All passed pointers are checked against {{{IS_USER_ADDRESS}}} (thanks
to SMAP, largely already done)
* All objects (e.g. FDs, areas, semaphores) manipulated by syscalls are
checked that the calling team has access to manipulate them
* Whatever other things I think of adding here...