Add initial security subsystem
Some checks failed
Builds / ExectOS (amd64, debug) (push) Failing after 25s
Builds / ExectOS (amd64, release) (push) Failing after 36s
Builds / ExectOS (i686, release) (push) Failing after 35s
Builds / ExectOS (i686, debug) (push) Failing after 27s

This commit is contained in:
2026-07-04 00:09:07 +02:00
parent 0ccf20f0c9
commit 66f74be947
7 changed files with 245 additions and 1 deletions

View File

@@ -113,7 +113,9 @@ list(APPEND XTOSKRNL_SOURCE
${XTOSKRNL_SOURCE_DIR}/rtl/string.cc ${XTOSKRNL_SOURCE_DIR}/rtl/string.cc
${XTOSKRNL_SOURCE_DIR}/rtl/time.cc ${XTOSKRNL_SOURCE_DIR}/rtl/time.cc
${XTOSKRNL_SOURCE_DIR}/rtl/unicode.cc ${XTOSKRNL_SOURCE_DIR}/rtl/unicode.cc
${XTOSKRNL_SOURCE_DIR}/rtl/widestr.cc) ${XTOSKRNL_SOURCE_DIR}/rtl/widestr.cc
${XTOSKRNL_SOURCE_DIR}/se/descript.cc
${XTOSKRNL_SOURCE_DIR}/se/privileg.cc)
# Set module definition SPEC file # Set module definition SPEC file
set_specfile(xtoskrnl.spec xtoskrnl.exe) set_specfile(xtoskrnl.spec xtoskrnl.exe)

18
xtoskrnl/includes/se.hh Normal file
View File

@@ -0,0 +1,18 @@
/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: xtoskrnl/includes/se.hh
* DESCRIPTION: Kernel Security
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#ifndef __XTOSKRNL_SE_HH
#define __XTOSKRNL_SE_HH
#include <xtos.hh>
#include <se/descript.hh>
#include <se/privileg.hh>
#endif /* __XTOSKRNL_SE_HH */

View File

@@ -0,0 +1,35 @@
/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: xtoskrnl/includes/se/descript.hh
* DESCRIPTION: Security Descriptors
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#ifndef __XTOSKRNL_SE_DESCRIPT_HH
#define __XTOSKRNL_SE_DESCRIPT_HH
#include <xtos.hh>
/* Kernel Security */
namespace SE
{
class Descriptor
{
public:
STATIC XTAPI XTSTATUS CaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputDescriptor,
IN KPROCESSOR_MODE ProcessorMode,
IN MMPOOL_TYPE PoolType,
IN BOOLEAN ForceCapture,
OUT PSECURITY_DESCRIPTOR *OutputDescriptor);
STATIC XTFASTCALL ULONG ComputeSecurityQuota(IN ULONG Size);
STATIC XTAPI XTSTATUS ComputeQuotaInformationSize(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
OUT PULONG QuotaSize);
STATIC XTAPI VOID ReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR Descriptor,
IN KPROCESSOR_MODE ProcessorMode,
IN BOOLEAN ForceRelease);
};
}
#endif /* __XTOSKRNL_SE_DESCRIPT_HH */

View File

@@ -0,0 +1,27 @@
/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: xtoskrnl/includes/se/privileg.hh
* DESCRIPTION: Privileges Management
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#ifndef __XTOSKRNL_SE_PRIVILEG_HH
#define __XTOSKRNL_SE_PRIVILEG_HH
#include <xtos.hh>
/* Kernel Security */
namespace SE
{
class Privileges
{
public:
STATIC XTAPI BOOLEAN CheckSinglePrivilege(LUID PrivilegeValue,
KPROCESSOR_MODE ProcessorMode);
};
}
#endif /* __XTOSKRNL_SE_PRIVILEG_HH */

View File

@@ -26,3 +26,4 @@
#include <po.hh> #include <po.hh>
#include <ps.hh> #include <ps.hh>
#include <rtl.hh> #include <rtl.hh>
#include <se.hh>

127
xtoskrnl/se/descript.cc Normal file
View File

@@ -0,0 +1,127 @@
/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: xtoskrnl/se/descript.cc
* DESCRIPTION: Security Descriptors
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#include <xtos.hh>
/**
* Creates a safe kernel-space copy of a security descriptor to prevent TOC/TOU vulnerabilities.
*
* @param InputDescriptor
* Supplies a pointer to the original security descriptor to be captured.
*
* @param ProcessorMode
* Supplies the processor mode from which the request originated.
*
* @param PoolType
* Supplies the type of memory pool to allocate the captured copy from.
*
* @param ForceCapture
* Supplies a boolean value indicating whether to force the capture in kernel mode.
*
* @param OutputDescriptor
* Supplies a pointer to a variable that receives the safely captured security descriptor.
*
* @return This routine returns a status code indicating the success or failure of the operation.
*
* @since XT 1.0
*/
XTAPI
XTSTATUS
SE::Descriptor::CaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR InputDescriptor,
IN KPROCESSOR_MODE ProcessorMode,
IN MMPOOL_TYPE PoolType,
IN BOOLEAN ForceCapture,
OUT PSECURITY_DESCRIPTOR *OutputDescriptor)
{
UNIMPLEMENTED;
/* Return success */
return STATUS_SUCCESS;
}
/**
* Computes the memory quota required for a security descriptor.
*
* @param Size
* Supplies the base size of the security information in bytes.
*
* @return This routine returns the computed security quota in bytes.
*
* @since XT 1.0
*/
XTFASTCALL
ULONG
SE::Descriptor::ComputeSecurityQuota(IN ULONG Size)
{
ULONG ComputedSize;
/* Calculate double the base size */
ComputedSize = Size * 2;
/* Ensure the allocated quota meets the minimum default system threshold */
return (ComputedSize > SE_DEFAULT_SECURITY_QUOTA) ? ComputedSize : SE_DEFAULT_SECURITY_QUOTA;
}
/**
* Calculates the exact memory footprint of a security descriptor for quota accounting.
*
* @param SecurityDescriptor
* Supplies a pointer to a valid, captured security descriptor.
*
* @param QuotaSize
* Supplies a pointer to a variable that receives the calculated quota size in bytes.
*
* @return This routine returns a status code indicating the success or failure of the operation.
*
* @since XT 1.0
*/
XTAPI
XTSTATUS
SE::Descriptor::ComputeQuotaInformationSize(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
OUT PULONG QuotaSize)
{
UNIMPLEMENTED;
/* Return success */
return STATUS_SUCCESS;
}
/**
* Frees the memory of a captured security descriptor.
*
* @param Descriptor
* Supplies a pointer to the captured security descriptor to be released.
*
* @param ProcessorMode
* Supplies the processor mode that was originally used to capture the descriptor.
*
* @param ForceRelease
* Supplies a boolean value indicating whether to force the deallocation.
*
* @return This routine does not return any value.
*
* @since XT 1.0
*/
XTAPI
VOID
SE::Descriptor::ReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR Descriptor,
IN KPROCESSOR_MODE ProcessorMode,
IN BOOLEAN ForceRelease)
{
/* Check if the descriptor should be released */
if(((ProcessorMode == KernelMode) && (ForceRelease == TRUE)) || (ProcessorMode == UserMode))
{
/* Ensure the descriptor is valid */
if(Descriptor)
{
/* Free the descriptor */
MM::Allocator::FreePool(Descriptor, TAG_SE_DESCRIPTOR);
}
}
}

34
xtoskrnl/se/privileg.cc Normal file
View File

@@ -0,0 +1,34 @@
/**
* PROJECT: ExectOS
* COPYRIGHT: See COPYING.md in the top level directory
* FILE: xtoskrnl/se/privileg.cc
* DESCRIPTION: Privileges Management
* DEVELOPERS: Aiken Harris <harraiken91@gmail.com>
*/
#include <xtos.hh>
/**
* Checks if the current thread's access token holds a specific privilege.
*
* @param PrivilegeValue
* Supplies the locally unique identifier (LUID) of the privilege to check.
*
* @param ProcessorMode
* Supplies the processor mode from which the request originated.
*
* @return This routine returns TRUE if the privilege is held, or FALSE otherwise.
*
* @since XT 1.0
*/
XTAPI
BOOLEAN
SE::Privileges::CheckSinglePrivilege(LUID PrivilegeValue,
KPROCESSOR_MODE ProcessorMode)
{
UNIMPLEMENTED;
/* Return TRUE */
return TRUE;
}