spsf/HyperionOS
1
0
Fork 0
forked from Hyperion/HyperionOS
Code Pull Requests Activity

AsyncSyscall3 exploit fix

Browse Source
This commit is contained in:
spsf
2026-02-24 00:01:39 -06:00
parent 6bb7f03a3e
commit e77a8b3636
2 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Src/Hyperion-kernel/lib/modules/Hyperion/30_userspace.kmod
View File

@@ -21,7 +21,7 @@ local function readonly(tbl)
error("Attempt to modify global variable '" .. k .. "'", 2) error("Attempt to modify global variable '" .. k .. "'", 2)
end, end,
__pairs = function() __pairs = function(self)
local function iter(_, key) local function iter(_, key)
local nextKey, value = next(tbl, key) local nextKey, value = next(tbl, key)
if type(value) == "table" then if type(value) == "table" then
@@ -29,7 +29,7 @@ local function readonly(tbl)
end end
return nextKey, value return nextKey, value
end end
return iter, tbl, nil return iter, self, nil
end, end,
__ipairs = function() __ipairs = function()
@@ -54,4 +54,4 @@ local origLoad = load
kernel._U = readonly(kernel._G) kernel._U = readonly(kernel._G)
kernel._U._G = kernel._U kernel._U._G = kernel._U
kernel._U.load = function(a, b, c, d) return origLoad(a, b, c, d or kernel._U) end kernel._U.load = function(a,b,c,d) return origLoad(a,b,c,d or kernel._U) end

14
Src/Hyperion-kernel/lib/modules/Hyperion/45_hypervisor.kmod
View File

@@ -5,6 +5,8 @@ local sys = {}
local nextpid = 2 local nextpid = 2
kernel.exitMain = false kernel.exitMain = false
local resumeWithTimeout = coroutine.resumeWithTimeout
local function bit_is_set(num, bit) local function bit_is_set(num, bit)
return math.floor(num / (2 ^ bit)) % 2 == 1 return math.floor(num / (2 ^ bit)) % 2 == 1
end end
@@ -206,10 +208,14 @@ function sys.kill(pid)
return false, "Task does not exist" return false, "Task does not exist"
elseif task.status == "Z" then elseif task.status == "Z" then
return false, "Task is already dead" return false, "Task is already dead"
else end
local caller = kernel.currentTask
local ceuid = caller and (caller.euid or caller.uid) or kernel.uid
if ceuid ~= 0 and task.uid ~= (caller and caller.uid or kernel.uid) then
return false, "EPERM"
end
task.status = "Z" task.status = "Z"
return true return true
end
end end
function sys.stop(pid) function sys.stop(pid)
@@ -352,7 +358,7 @@ function kernel.main()
if task.sigq and #task.sigq ~= 0 and task.sigh then if task.sigq and #task.sigq ~= 0 and task.sigh then
local coro = coroutine.create(task.sigh) local coro = coroutine.create(task.sigh)
if kernel.config.preempt then if kernel.config.preempt then
coroutine.resumeWithTimeout(coro, task.timeSlice, table.remove(task.sigq, 1)) resumeWithTimeout(coro, task.timeSlice, table.remove(task.sigq, 1))
else else
coroutine.resume(coro, table.remove(task.sigq, 1)) coroutine.resume(coro, table.remove(task.sigq, 1))
end end
@@ -363,7 +369,7 @@ function kernel.main()
local ret local ret
if kernel.config.preempt then if kernel.config.preempt then
ret = { coroutine.resumeWithTimeout(task.coro, task.timeSlice, table.unpack(task.syscallReturn)) } ret = { resumeWithTimeout(task.coro, task.timeSlice, table.unpack(task.syscallReturn)) }
else else
ret = { coroutine.resume(task.coro, table.unpack(task.syscallReturn)) } ret = { coroutine.resume(task.coro, table.unpack(task.syscallReturn)) }
end end