Projects (at) Tadryanom (dot) Me

author	Tulio A M Mendes <[email protected]>
	Mon, 27 Apr 2026 01:41:15 +0000 (22:41 -0300)
committer	Tulio A M Mendes <[email protected]>
	Mon, 27 Apr 2026 01:41:15 +0000 (22:41 -0300)
commit	02ac07bd1996cf5734192157988284acc5cc0528
tree	5a1fae5883db516cc32a838bc86dd802dcc1a818	tree \| snapshot
parent	63bbca350b4cc961bc600e4870bd1d3bb1d8466d	commit \| diff

kernel: security audit fixes — C1-C6, H3-H4, M5

Critical fixes:
- C1: procfs UAF — add g_pid_cmdline pool, stop overwriting g_pid_status
- C2: heap corruption — kill process + schedule() instead of infinite loop
- C3: ext2 consistency — write inode after each i_blocks increment
- C4: shm UAF — reject shm_at on IPC_RMID'd segments (-EIDRM),
  skip marked_rm segments in shm_get lookup
- C6: ELF W^X — parse p_flags for segment permissions, re-protect
  after relocations, only re-protect full pages within non-writable
  segments (partial pages may be shared with .data)

High fixes:
- H3: execve_copy_user_str — add upfront user_range_ok check
- H4: rq_remove_if_queued — scan all priority queues in both
  active and expired runqueues (not just current priority)

Low fixes:
- M5: frame_refcount uint16_t → uint32_t to prevent overflow

Also adds EIDRM/ENOMSG errno definitions.

Tests: 120/120 QEMU, 33/33 battery, 69/69 host — zero regressions

include/errno.h		diff \| blob \| blame \| history
include/pmm.h		diff \| blob \| blame \| history
src/arch/x86/elf.c		diff \| blob \| blame \| history
src/kernel/ext2.c		diff \| blob \| blame \| history
src/kernel/procfs.c		diff \| blob \| blame \| history
src/kernel/scheduler.c		diff \| blob \| blame \| history
src/kernel/shm.c		diff \| blob \| blame \| history
src/kernel/sync.c		diff \| blob \| blame \| history
src/kernel/syscall.c		diff \| blob \| blame \| history
src/mm/heap.c		diff \| blob \| blame \| history
src/mm/pmm.c		diff \| blob \| blame \| history