Hardening of syscalls - Githubissues

insane-adding-machines / frosted

Frosted: Free POSIX OS for tiny embedded devices

GNU General Public License v2.0

215 stars 39 forks source link

Closed danielinux closed 8 years ago

danielinux commented 8 years ago

It should be not possible to panic the kernel via misuse of syscalls().

A few improvements needed:

[x] syscalls should check all pointer values
[x] pointer values should be in the correct space (user stack or owned heap chunks)
[x] when a process tries to use an invalid address in a syscall, an error should be returned (-EINVAL)

danielinux commented 8 years ago

perhaps verification via a syscall fuzzer like https://github.com/nccgroup/TriforceLinuxSyscallFuzzer could be useful.

danielinux commented 8 years ago

Syscalls returning -EACCES for invalid memory areas.