id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,blockedby,blocking,platform 14961,Audit all syscalls for permissions and access checks,waddlesplash,waddlesplash,"Here's a full list of source files containing syscall implementations: * OK ~~src/system/kernel/arch/arm/arch_atomic32.cpp~~ * OK ~~src/system/kernel/arch/arm/arch_atomic64.cpp~~ * OK ~~src/system/kernel/arch/m68k/arch_atomic.cpp~~ * OK ~~src/system/kernel/arch/x86/arch_system_info.cpp~~ * OK ~~src/system/kernel/arch/x86/syscalls_compat.cpp~~ * OK ~~src/system/kernel/debug/debug.cpp~~ * OK ~~src/system/kernel/debug/frame_buffer_console.cpp~~ * OK ~~src/system/kernel/debug/safemode_settings.cpp~~ * OK ~~src/system/kernel/debug/system_profiler.cpp~~ * OK ~~src/system/kernel/debug/tracing.cpp~~ * OK ~~src/system/kernel/debug/user_debugger.cpp~~ * NEEDSWORK src/system/kernel/disk_device_manager/ddm_userland_interface.cpp * OK ~~src/system/kernel/UserTimer.cpp~~ * OK ~~src/system/kernel/cpu.cpp~~ * OK ~~src/system/kernel/elf.cpp~~ * OK ~~src/system/kernel/fs/fd.cpp~~ * NEEDSWORK src/system/kernel/fs/node_monitor.cpp * OK ~~src/system/kernel/fs/socket.cpp~~ * OK ~~src/system/kernel/fs/vfs.cpp~~ (except #15701) * src/system/kernel/image.cpp * src/system/kernel/locks/user_mutex.cpp * src/system/kernel/messaging/MessagingService.cpp * src/system/kernel/port.cpp * src/system/kernel/posix/realtime_sem.cpp * src/system/kernel/posix/xsi_message_queue.cpp * src/system/kernel/posix/xsi_semaphore.cpp * src/system/kernel/real_time_clock.cpp * src/system/kernel/scheduler/scheduler.cpp * src/system/kernel/scheduler/scheduling_analysis.cpp * src/system/kernel/sem.cpp * src/system/kernel/shutdown.cpp * src/system/kernel/signal.cpp * src/system/kernel/syscalls.cpp * src/system/kernel/system_info.cpp * src/system/kernel/team.cpp * src/system/kernel/thread.cpp * src/system/kernel/usergroup.cpp * src/system/kernel/vm/vm.cpp * src/system/kernel/wait_for_objects.cpp Each and every one of these needs to be audited, namely: * All passed pointers are checked against {{{IS_USER_ADDRESS}}} (thanks to SMAP, largely already done) * All objects (e.g. FDs, areas, semaphores) manipulated by syscalls are checked that the calling team has access to manipulate them * Whatever other things I think of adding here...",bug,assigned,high,R1/beta5,System/Kernel,R1/Development,,security,,15356,,All