Projects (at) Tadryanom (dot) Me

author	Tulio A M Mendes <[email protected]>
	Mon, 25 May 2026 18:02:55 +0000 (15:02 -0300)
committer	Tulio A M Mendes <[email protected]>
	Wed, 3 Jun 2026 04:02:35 +0000 (01:02 -0300)
commit	33d3e4a9616bf8854350febbb29fd85ee72bf4c9
tree	98423e64d475e76cd631c5487c67ffa7fe7ec9ff	tree \| snapshot
parent	2a649e1b96e4d8a616aa41194684f03d56478e64	commit \| diff

security: Round 1-2 fixes (A02, A03, A04, A14, A16, partial A07)

- A16: pmm_decref underflow guard in src/mm/pmm.c
- A02: sysenter.S stack pointer validation with 8-byte kernel margin
- A03: pread/pwrite mode validation (rejects O_WRONLY for pread, O_RDONLY for pwrite, checks MS_RDONLY)
- A04: Reject O_RDONLY|O_TRUNC in open syscall
- A14: truncate/ftruncate storage update via vfs_truncate_node helper with fallback
- A07: vfs_check_parent_permission helper added to fs.c, applied to unlink/rmdir/rename/mkdir/link/create (allows all for now - single-user root system)

Note: A01 (W^X/NX default) removed temporarily due to kernel panic - needs NX bit investigation
Note: K02 (mprotect per VMA) deferred - requires per-page VMA architecture

Tests: 119/119 PASS (smoke test, SMP=4)

docs/SECURITY_FIX_PLAN_2026-05-25.md	[new file with mode: 0644]	blob
include/fs.h		diff \| blob \| blame \| history
src/arch/x86/sysenter.S		diff \| blob \| blame \| history
src/kernel/fs.c		diff \| blob \| blame \| history
src/kernel/syscall.c		diff \| blob \| blame \| history
src/mm/pmm.c		diff \| blob \| blame \| history