fixed ghxx exploit

2026-02-01 01:01:07 -05:00
parent bf1dc9da7a
commit 4f50d90b79
11 changed files with 138 additions and 94 deletions
--- a/Src/Hyperion-bash/bin/neofetch
+++ b/Src/Hyperion-bash/bin/neofetch
@@ -1,4 +1,4 @@
-local userhost = (syscall.getUser() or "Unknown").."@"..(syscall.getHostname() or "Unknown")
+local userhost = (syscall.getUsername() or "Unknown").."@"..(syscall.getHostname() or "Unknown")
 print("..               *.              .. | "..userhost)
 print(" *=             +@*             +*  | "..string.rep("-",#userhost))
 print(" .@#.          -@@@=          :#@.  | OS: "..(syscall.version() or "Unknown"))
--- a/Src/Hyperion-core/sbin/init.lua
+++ b/Src/Hyperion-core/sbin/init.lua
@@ -28,6 +28,7 @@ for i,v in ipairs(files) do
            kernel.log("Error loading startup script '" .. filepath .. "': " .. err, "ERROR")
        else
            syscall.spawn(function()
+                syscall.setUsername("User")
                syscall.setuid(1)
                syscall.IO_bind("eventQueue:"..tostring(i))
                local spot = #eventQueues+1
--- a/Src/Hyperion-firmware-cct/boot/cct/boot.lua
+++ b/Src/Hyperion-firmware-cct/boot/cct/boot.lua
@@ -109,22 +109,22 @@ local ok, err = xpcall(function()
        while stoptime > apis.os.clock() do end
    end

-    apis.term.setPaletteColor(0x1,    0x000000) -- #000000
-    apis.term.setPaletteColor(0x2,    0xFFFFFF) -- #FFFFFF
-    apis.term.setPaletteColor(0x4,    0xFF0000) -- #FF0000
-    apis.term.setPaletteColor(0x8,    0x00FF00) -- #00FF00
-    apis.term.setPaletteColor(0x10,   0x0000FF) -- #0000FF
-    apis.term.setPaletteColor(0x20,   0x00FFFF) -- #00FFFF
-    apis.term.setPaletteColor(0x40,   0xFF00FF) -- #FF00FF
-    apis.term.setPaletteColor(0x80,   0xFFFF00) -- #FFFF00
-    apis.term.setPaletteColor(0x100,  0xFF6D00) -- #FF6D00
-    apis.term.setPaletteColor(0x200,  0x6DFF55) -- #6DFF55
-    apis.term.setPaletteColor(0x400,  0x24FFFF) -- #24FFFF
-    apis.term.setPaletteColor(0x800,  0x924900) -- #924900
-    apis.term.setPaletteColor(0x1000, 0x6D6D55) -- #6D6D55
-    apis.term.setPaletteColor(0x2000, 0xDBDBAA) -- #DBDBAA
-    apis.term.setPaletteColor(0x4000, 0x6D00FF) -- #6D00FF
-    apis.term.setPaletteColor(0x8000, 0xB6FF00) -- #B6FF00
+    apis.term.setPaletteColor(0x1,    0xFFFFFF) -- #000000
+    apis.term.setPaletteColor(0x2,    0xFF0000) -- #FFFFFF
+    apis.term.setPaletteColor(0x4,    0x00FF00) -- #FF0000
+    apis.term.setPaletteColor(0x8,    0x0000FF) -- #00FF00
+    apis.term.setPaletteColor(0x10,   0x00FFFF) -- #0000FF
+    apis.term.setPaletteColor(0x20,   0xFF00FF) -- #00FFFF
+    apis.term.setPaletteColor(0x40,   0xFFFF00) -- #FF00FF
+    apis.term.setPaletteColor(0x80,   0xFF6D00) -- #FFFF00
+    apis.term.setPaletteColor(0x100,  0x6DFF55) -- #FF6D00
+    apis.term.setPaletteColor(0x200,  0x24FFFF) -- #6DFF55
+    apis.term.setPaletteColor(0x400,  0x924900) -- #24FFFF
+    apis.term.setPaletteColor(0x800,  0x6D6D55) -- #924900
+    apis.term.setPaletteColor(0x1000, 0xDBDBAA) -- #6D6D55
+    apis.term.setPaletteColor(0x2000, 0x6D00FF) -- #DBDBAA
+    apis.term.setPaletteColor(0x4000, 0xB6FF00) -- #6D00FF
+    apis.term.setPaletteColor(0x8000, 0x000000) -- #B6FF00

    local function getFile(path)
        local file = apis.fs.open(path, "r")
@@ -180,26 +180,26 @@ local ok, err = xpcall(function()
    }

    local icolors={
-        [0x1]    =0,  -- #000000
-        [0x2]    =1,  -- #FFFFFF
-        [0x4]    =2,  -- #FF0000
-        [0x8]    =3,  -- #00FF00
-        [0x10]   =4,  -- #0000FF
-        [0x20]   =5,  -- #00FFFF
-        [0x40]   =6,  -- #FF00FF
-        [0x80]   =7,  -- #FFFF00
-        [0x100]  =8,  -- #FF6D00
-        [0x200]  =9,  -- #6DFF55
-        [0x400]  =10, -- #24FFFF
-        [0x800]  =11, -- #924900
-        [0x1000] =12, -- #6D6D55
-        [0x2000] =13, -- #DBDBAA
-        [0x4000] =14, -- #6D00FF
-        [0x8000] =15  -- #B6FF00
+        [0x1]    =1,  -- #000000
+        [0x2]    =2,  -- #FFFFFF
+        [0x4]    =3,  -- #FF0000
+        [0x8]    =4,  -- #00FF00
+        [0x10]   =5,  -- #0000FF
+        [0x20]   =6,  -- #00FFFF
+        [0x40]   =7,  -- #FF00FF
+        [0x80]   =8,  -- #FFFF00
+        [0x100]  =9,  -- #FF6D00
+        [0x200]  =10,  -- #6DFF55
+        [0x400]  =11, -- #24FFFF
+        [0x800]  =12, -- #924900
+        [0x1000] =13, -- #6D6D55
+        [0x2000] =14, -- #DBDBAA
+        [0x4000] =15, -- #6D00FF
+        [0x8000] =16  -- #B6FF00
    }

    local colors={
-        [0]=0x0001, -- #000000
+        0x0001, -- #000000
        0x0002, -- #FFFFFF
        0x0004, -- #FF0000
        0x0008, -- #00FF00
@@ -217,7 +217,7 @@ local ok, err = xpcall(function()
        0x8000  -- #B6FF00
    }

-    apis.term.setBackgroundColor(0x1)
+    apis.term.setBackgroundColor(0x8000)
    apis.term.setTextColor(0x1000)
    apis.term.clear()
    apis.term.setCursorPos(1, 1)
--- a/Src/Hyperion-firmware-cct/lib/modules/CC-Tweaked/51_tty.kmod
+++ b/Src/Hyperion-firmware-cct/lib/modules/CC-Tweaked/51_tty.kmod
@@ -48,8 +48,27 @@ local function wrapPeripheral(name)
    return nil
 end

+local icolors={
+    [0x1]    =1,  -- #000000
+    [0x2]    =2,  -- #FFFFFF
+    [0x4]    =3,  -- #FF0000
+    [0x8]    =4,  -- #00FF00
+    [0x10]   =5,  -- #0000FF
+    [0x20]   =6,  -- #00FFFF
+    [0x40]   =7,  -- #FF00FF
+    [0x80]   =8,  -- #FFFF00
+    [0x100]  =9,  -- #FF6D00
+    [0x200]  =10,  -- #6DFF55
+    [0x400]  =11, -- #24FFFF
+    [0x800]  =12, -- #924900
+    [0x1000] =13, -- #6D6D55
+    [0x2000] =14, -- #DBDBAA
+    [0x4000] =15, -- #6D00FF
+    [0x8000] =16  -- #B6FF00
+}
+
 local colors={
-    [0]=0x0001, -- #000000
+    0x0001, -- #000000
    0x0002, -- #FFFFFF
    0x0004, -- #FF0000
    0x0008, -- #00FF00
@@ -67,25 +86,6 @@ local colors={
    0x8000  -- #B6FF00
 }

-local icolors={
-    [0x1]    =0,  -- #000000
-    [0x2]    =1,  -- #FFFFFF
-    [0x4]    =2,  -- #FF0000
-    [0x8]    =3,  -- #00FF00
-    [0x10]   =4,  -- #0000FF
-    [0x20]   =5,  -- #00FFFF
-    [0x40]   =6,  -- #FF00FF
-    [0x80]   =7,  -- #FFFF00
-    [0x100]  =8,  -- #FF6D00
-    [0x200]  =9,  -- #6DFF55
-    [0x400]  =10, -- #24FFFF
-    [0x800]  =11, -- #924900
-    [0x1000] =12, -- #6D6D55
-    [0x2000] =13, -- #DBDBAA
-    [0x4000] =14, -- #6D00FF
-    [0x8000] =15  -- #B6FF00
-}
-
 local function write(text, term)
    local x, y = term.getCursorPos()
    local w, h = term.getSize()
--- a/Src/Hyperion-kernel/boot/kernel.lua
+++ b/Src/Hyperion-kernel/boot/kernel.lua
@@ -10,8 +10,7 @@ local kernel = {}
 kernel.LOG_Text=""
 kernel.version="HyperionOS V1.0.0"
 kernel.process = "Kernel"
-kernel.user = "root"
-kernel.group = "root"
+kernel.username = "root"
 kernel.hostname = "hyperion"
 kernel.groups = {0}
 kernel.uid = 0
@@ -28,15 +27,15 @@ local windowsExp = false

 function kernel.log(msg, level, c)
    c=c or 12
-    kernel.LOG_Text = kernel.LOG_Text..tostring(computer:time()).." "..kernel.user.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg.."\n"
+    kernel.LOG_Text = kernel.LOG_Text..tostring(computer:time()).." "..kernel.username.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg.."\n"
    if kernel.status == "start" then
        screen:setTextColor(c)
-        screen:print(tostring(computer:time()).." "..kernel.user.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg)
+        screen:print(tostring(computer:time()).." "..kernel.username.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg)
    elseif kernel.status == "init" then
        kernel.standbyTask=kernel.currentTask
        kernel.currentTask=kernel.kernelTask
        kernel.tty.setTextColor(c)
-        kernel.tty.print(tostring(computer:time()).." "..kernel.user.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg)
+        kernel.tty.print(tostring(computer:time()).." "..kernel.username.." "..kernel.process.."["..tostring(level or "INFO").."]: "..msg)
        kernel.currentTask=kernel.standbyTask
    end
 end
@@ -48,7 +47,7 @@ function kernel.PANIC(msg)
        kernel.status="Panic"
        kernel.reason=msg
        screen:setTextColor(2)
-        screen:setBackgroundColor(0)
+        screen:setBackgroundColor(16)
        screen:clear()
        screen:setCursorPos(1,1)
        screen:print(kernel.LOG_Text)
@@ -208,7 +207,7 @@ kernel.kernelTask = {
    status="R",
    pid=0,
    tgid=0,
-    user="root",
+    username="root",
    uid=0,
    fd={},
    exit="",
@@ -236,12 +235,12 @@ end
 kernel.syscalls["time"]=function() return kernel.computer:time() end
 kernel.syscalls["log"]=kernel.log
 kernel.syscalls["getUptime"]=function() return kernel.computer:clock() end
-kernel.syscalls["getUser"]=function() return kernel.user end
-kernel.syscalls["getHostname"]=function() return kernel.host end
+kernel.syscalls["getUsername"]=function() return kernel.username end
+kernel.syscalls["getHostname"]=function() return kernel.hostname end
 kernel.syscalls["getHost"]=function() return kernel.apis._HOST end
 kernel.syscalls["version"]=function() return kernel.version end
 kernel.syscalls["setHostname"]=function(name) if kernel.uid~=0 then error("Permission denied") end kernel.hostname=name end
-kernel.syscalls["setUser"]=function(user) if kernel.uid~=0 then error("Permission denied") end kernel.currentTask.user=user end
+kernel.syscalls["setUsername"]=function(user) if kernel.uid~=0 then error("Permission denied") end kernel.currentTask.username=user end
 kernel.syscalls["test"]=function() return true end

 kernel.log("Running modules")
--- a/Src/Hyperion-kernel/lib/modules/Hyperion/13_keventd.kmod
+++ b/Src/Hyperion-kernel/lib/modules/Hyperion/13_keventd.kmod
@@ -1,6 +1,7 @@
 --:Minify:--
 local kernel = ...

+local timeout=false
 kernel.processes.keventd = function()
    while true do
        local event = {kernel.computer:getMachineEvent()}
@@ -13,6 +14,12 @@ kernel.processes.keventd = function()
                end
            end
            kernel.io.pushEvent("raw", table.unpack(event))
+            timeout=false
+        else
+            timeout=true
+        end
+        if timeout then
+            sleep(.05)
        end
    end
 end
--- a/Src/Hyperion-kernel/lib/modules/Hyperion/30_userspace.kmod
+++ b/Src/Hyperion-kernel/lib/modules/Hyperion/30_userspace.kmod
@@ -2,17 +2,28 @@
 local args={...}
 local kernel=args[1]
 kernel._G=_G
-kernel._U=setmetatable({},{
-    __index = kernel._G,
-    __newindex = function(t,k,v)
-        if kernel.config.allowGlobalOverwrites or kernel.allowGlobalOverwrites then
-            rawset(t,k,v)
-            return
-        end
-        error("Attempt to modify global variable '"..k.."'",2)
-    end,
-    __metatable = false
-})
+
+local function fixstupidghxxexploit(tbl)
+    return setmetatable({},{
+        __index = function(t,k)
+            if type(tbl[k])=="table" then
+                return fixstupidghxxexploit(tbl[k])
+            else
+                return tbl[k]
+            end
+        end,
+        __newindex = function(t,k,v)
+            if kernel.config.allowGlobalOverwrites or kernel.allowGlobalOverwrites then
+                rawset(tbl,k,v)
+                return
+            end
+            error("Attempt to modify global variable '"..k.."'",2)
+        end,
+        __metatable = false
+    })
+end
+
+kernel._U=fixstupidghxxexploit(kernel._G)
 kernel.allowGlobalOverwrites=true
 kernel._U._G=kernel._U
 kernel.allowGlobalOverwrites=false
--- a/Src/Hyperion-kernel/lib/modules/Hyperion/45_hypervisor.kmod
+++ b/Src/Hyperion-kernel/lib/modules/Hyperion/45_hypervisor.kmod
@@ -39,7 +39,7 @@ function sys.spawn(func, name, envars, args, tgid)
        status="R",
        pid=id,
        tgid=tgid or kernel.currentTask.tgid,
-        user=kernel.user,
+        username=kernel.username,
        uid=kernel.uid,
        fd={},
        exit="",
@@ -86,7 +86,7 @@ function sys.getTask(pid)
            status=task.status,
            pid=task.pid,
            tgid=task.tgid,
-            user=task.user,
+            username=task.username,
            uid=task.uid,
            exit=task.exit,
            sleep=task.sleep,
@@ -302,7 +302,7 @@ function kernel.main()
            end
            if task.status == "R" then
                kernel.currentTask = task
-                kernel.user = task.user
+                kernel.username = task.username
                kernel.uid = task.uid
                kernel.process = task.name
                N = N + 1
@@ -331,14 +331,14 @@ function kernel.main()
                if elapsed >= Tmax then Tmax_hit = Tmax_hit + 1 end

                -- handle task results
-                if ret[1] == "error" then
+                if ret[1] == "error" or ret[1]==false then
                    kernel.log("processHandlerException: "..ret[2], "ERROR", 2)
                    task.status = "Z"
                    task.exit = "processHandlerException: "..ret[2]
                elseif ret[1] == "timeout" then
                    task.ivs=task.ivs+1
                    task.syscallReturn = {}
-                elseif ret[1] == "success" then
+                elseif ret[1] == "success" or ret[1] == true then
                    task.vs=task.vs+1
                    if ret[2]=="syscall" then
                        if kernel.syscalls[ret[3]] then
--- a/Src/Hyperion-kernel/lib/modules/Hyperion/90_init.kmod
+++ b/Src/Hyperion-kernel/lib/modules/Hyperion/90_init.kmod
@@ -25,7 +25,7 @@ kernel.tasks["1"] = {
    status="R",
    pid=1,
    tgid=1,
-    user="root",
+    username="root",
    uid=0,
    fd={},
    envars={},