]> Projects (at) Tadryanom (dot) Me - AdrOS.git/commit
projects / AdrOS.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dd4b3df) | patch
fix: 4 security/robustness bugs from audit
authorTulio A M Mendes <[email protected]>
Fri, 17 Apr 2026 03:16:43 +0000 (00:16 -0300)
committerTulio A M Mendes <[email protected]>
Fri, 17 Apr 2026 03:29:31 +0000 (00:29 -0300)
commitd861bfb2efc686319afb99906e5783e24e42f7e4
treedb74746cf8b00a2a110467b8ed968615c993e190tree | snapshot
parentdd4b3dff7b436ac7e6c1f24db6f798415ae5b82acommit | diff
fix: 4 security/robustness bugs from audit

1. epoll: remove fd from epoll instances on close() — prevents
   use-after-close where a reused fd number would monitor the
   wrong file. Also auto-remove stale entries in epoll_wait.

2. clone: validate flags against CLONE_SUPPORTED_MASK — unknown
   flags (CLONE_NEWPID, CLONE_NEWUSER, etc.) now return EINVAL
   instead of being silently ignored.

3. futex: cleanup waiters on process exit — futex_waiters table
   moved to file scope; futex_cleanup_process() called from
   SYSCALL_EXIT prevents UAF when FUTEX_WAKE dereferences a
   freed process pointer.

4. ksem: fix infinite spin when waiters array full — replace
   schedule() spin-yield with process_sleep(1), and increase
   KSEM_MAX_WAITERS/KCOND_MAX_WAITERS from 16 to 64.
Makefile diff | blob | blame | history
include/sync.h diff | blob | blame | history
src/kernel/sync.c diff | blob | blame | history
src/kernel/syscall.c diff | blob | blame | history
AdrOS - A Unix-like Operating System for hobby/academic study.