Recognize kernel memory regions in the Linux boot path

2025-06-28 11:53:24 +00:00 · 2023-12-13 16:25:16 +08:00
parent d4b6eea97d
commit 487e0cdd15
11 changed files with 117 additions and 58 deletions
--- a/services/libs/aster-std/src/process/credentials/credentials_.rs
+++ b/services/libs/aster-std/src/process/credentials/credentials_.rs
@ -158,16 +158,37 @@ impl Credentials_ {
            return Ok(());
        }

-        if let Some(ruid) = ruid && *ruid != self.ruid() && *ruid != self.euid() && (!ruid_may_be_old_suid || *ruid != self.suid()) {
-            return_errno_with_message!(Errno::EPERM, "ruid can only be one of old ruid, old euid (and old suid).");
+        if let Some(ruid) = ruid
+            && *ruid != self.ruid()
+            && *ruid != self.euid()
+            && (!ruid_may_be_old_suid || *ruid != self.suid())
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "ruid can only be one of old ruid, old euid (and old suid)."
+            );
        }

-        if let Some(euid) = euid && *euid != self.ruid() && *euid != self.euid() && *euid != self.suid() {
-            return_errno_with_message!(Errno::EPERM, "euid can only be one of old ruid, old euid and old suid.")
+        if let Some(euid) = euid
+            && *euid != self.ruid()
+            && *euid != self.euid()
+            && *euid != self.suid()
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "euid can only be one of old ruid, old euid and old suid."
+            )
        }

-        if let Some(suid) = suid && *suid != self.ruid() && *suid != self.euid() && *suid != self.suid() {
-            return_errno_with_message!(Errno::EPERM, "suid can only be one of old ruid, old euid and old suid.")
+        if let Some(suid) = suid
+            && *suid != self.ruid()
+            && *suid != self.euid()
+            && *suid != self.suid()
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "suid can only be one of old ruid, old euid and old suid."
+            )
        }

        Ok(())
@ -291,16 +312,37 @@ impl Credentials_ {
            return Ok(());
        }

-        if let Some(rgid) = rgid && *rgid != self.rgid() && *rgid != self.egid() && (!rgid_may_be_old_sgid || *rgid != self.sgid()) {
-            return_errno_with_message!(Errno::EPERM, "rgid can only be one of old rgid, old egid (and old sgid).");
+        if let Some(rgid) = rgid
+            && *rgid != self.rgid()
+            && *rgid != self.egid()
+            && (!rgid_may_be_old_sgid || *rgid != self.sgid())
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "rgid can only be one of old rgid, old egid (and old sgid)."
+            );
        }

-        if let Some(egid) = egid && *egid != self.rgid() && *egid != self.egid() && *egid != self.sgid() {
-            return_errno_with_message!(Errno::EPERM, "egid can only be one of old rgid, old egid and old sgid.")
+        if let Some(egid) = egid
+            && *egid != self.rgid()
+            && *egid != self.egid()
+            && *egid != self.sgid()
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "egid can only be one of old rgid, old egid and old sgid."
+            )
        }

-        if let Some(sgid) = sgid && *sgid != self.rgid() && *sgid != self.egid() && *sgid != self.sgid() {
-            return_errno_with_message!(Errno::EPERM, "sgid can only be one of old rgid, old egid and old sgid.")
+        if let Some(sgid) = sgid
+            && *sgid != self.rgid()
+            && *sgid != self.egid()
+            && *sgid != self.sgid()
+        {
+            return_errno_with_message!(
+                Errno::EPERM,
+                "sgid can only be one of old rgid, old egid and old sgid."
+            )
        }

        Ok(())
--- a/services/libs/aster-std/src/process/posix_thread/mod.rs
+++ b/services/libs/aster-std/src/process/posix_thread/mod.rs
@ -101,12 +101,17 @@ impl PosixThread {
            return Ok(());
        }

-        if let Some(signum) = signum && *signum == SIGCONT {
+        if let Some(signum) = signum
+            && *signum == SIGCONT
+        {
            let receiver_sid = self.process().session().unwrap().sid();
            if receiver_sid == sender.sid() {
-                return Ok(())
+                return Ok(());
            } else {
-                return_errno_with_message!(Errno::EPERM, "sigcont requires that sender and receiver belongs to the same session");
+                return_errno_with_message!(
+                    Errno::EPERM,
+                    "sigcont requires that sender and receiver belongs to the same session"
+                );
            }
        }

--- a/services/libs/aster-std/src/process/signal/mod.rs
+++ b/services/libs/aster-std/src/process/signal/mod.rs
@ -14,7 +14,7 @@ pub mod signals;
 pub use events::{SigEvents, SigEventsFilter};
 pub use pauser::Pauser;
 pub use poll::{Pollee, Poller};
-pub use sig_stack::{SigStack, SigStackFlags, SigStackStatus};
+pub use sig_stack::{SigStack, SigStackFlags};

 use align_ext::AlignExt;
 use aster_frame::cpu::UserContext;
--- a/services/libs/aster-std/src/syscall/sigaltstack.rs
+++ b/services/libs/aster-std/src/syscall/sigaltstack.rs
@ -49,7 +49,9 @@ fn set_new_stack(sig_stack_addr: Vaddr, old_stack: Option<&SigStack>) -> Result<
        return Ok(());
    }

-    if let Some(old_stack) = old_stack && old_stack.is_active() {
+    if let Some(old_stack) = old_stack
+        && old_stack.is_active()
+    {
        return_errno_with_message!(Errno::EPERM, "the old stack is active now");
    }