Kernel: Add a way to specify which memory regions can make syscalls

This patch adds sys$msyscall() which is loosely based on an OpenBSD mechanism for preventing syscalls from non-blessed memory regions. It works similarly to pledge and unveil, you can call it as many times as you like, and when you're finished, you call it with a null pointer and it will stop accepting new regions from then on. If a syscall later happens and doesn't originate from one of the previously blessed regions, the kernel will simply crash the process.
Author: https://github.com/awesomekling Commit: 823186031d
2025-08-23 02:42:10 +00:00 · 2021-02-02 19:56:11 +01:00 · 2021-02-02 19:56:11 +01:00 · 823186031d · 2024-07-18 22:37:38 +09:00
commit 823186031d
parent d57b4128a1
10 changed files with 43 additions and 1 deletions
--- a/Kernel/API/Syscall.h
+++ b/Kernel/API/Syscall.h
@ -190,7 +190,8 @@ namespace Kernel {
    S(mremap)                 \
    S(set_coredump_metadata)  \
    S(abort)                  \
-    S(anon_create)
+    S(anon_create)            \
+    S(msyscall)

 namespace Syscall {