From 2e55956784ac0c61fe877c316867074e0f432452 Mon Sep 17 00:00:00 2001 From: Liav A Date: Fri, 11 Nov 2022 14:55:28 +0200 Subject: [PATCH] Kernel: Forbid access to /sys/kernel/power_state for Jailed processes There's simply no benefit in allowing sandboxed programs to change the power state of the machine, so disallow writes to the mentioned node to prevent malicious programs to request that. --- .../Subsystems/Kernel/PowerStateSwitch.cpp | 21 ++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/Kernel/FileSystem/SysFS/Subsystems/Kernel/PowerStateSwitch.cpp b/Kernel/FileSystem/SysFS/Subsystems/Kernel/PowerStateSwitch.cpp index 747f2af1266..5362a824c1d 100644 --- a/Kernel/FileSystem/SysFS/Subsystems/Kernel/PowerStateSwitch.cpp +++ b/Kernel/FileSystem/SysFS/Subsystems/Kernel/PowerStateSwitch.cpp @@ -16,6 +16,7 @@ #include #include #include +#include namespace Kernel { @@ -45,18 +46,25 @@ ErrorOr SysFSPowerStateSwitchNode::truncate(u64 size) ErrorOr SysFSPowerStateSwitchNode::write_bytes(off_t offset, size_t count, UserOrKernelBuffer const& data, OpenFileDescription*) { + TRY(Process::current().jail().with([&](auto const& my_jail) -> ErrorOr { + // Note: If we are in a jail, don't let the current process to change the power state. + if (my_jail) + return Error::from_errno(EPERM); + return {}; + })); if (Checked::addition_would_overflow(offset, count)) - return EOVERFLOW; + return Error::from_errno(EOVERFLOW); if (offset > 0) - return EINVAL; + return Error::from_errno(EINVAL); if (count > 1) - return EINVAL; - + return Error::from_errno(EINVAL); char buf[1]; TRY(data.read(buf, 1)); + if (buf[0] == '0') + return Error::from_errno(EINVAL); switch (buf[0]) { case '0': - return EINVAL; + VERIFY_NOT_REACHED(); case '1': reboot(); VERIFY_NOT_REACHED(); @@ -64,9 +72,8 @@ ErrorOr SysFSPowerStateSwitchNode::write_bytes(off_t offset, size_t coun poweroff(); VERIFY_NOT_REACHED(); default: - return EINVAL; + VERIFY_NOT_REACHED(); } - VERIFY_NOT_REACHED(); } void SysFSPowerStateSwitchNode::reboot()