diff --git a/local/patches/base/P18-5-acpid-robustness.patch b/local/patches/base/P18-5-acpid-robustness.patch index 3c428200a5..3b3f5e18da 100644 --- a/local/patches/base/P18-5-acpid-robustness.patch +++ b/local/patches/base/P18-5-acpid-robustness.patch @@ -1,41 +1,3 @@ ---- a/drivers/acpid/src/acpi.rs -+++ b/drivers/acpid/src/acpi.rs -@@ -266,7 +266,34 @@ - let format_err = |err| format!("{:?}", err); - let handler = AmlPhysMemHandler::new(Arc::clone(&self.pci_fd), Arc::clone(&self.page_cache)); - //TODO: use these parsed tables for the rest of acpid -- let rsdp_address = usize::from_str_radix(&std::env::var("RSDP_ADDR")?, 16)?; -+ let rsdp_address = match std::env::var("RSDP_ADDR") { -+ Ok(addr) => usize::from_str_radix(&addr, 16)?, -+ Err(_) => { -+ // RSDP_ADDR not provided — probe BIOS area (0xE0000–0xFFFFF) for RSDP signature -+ log::info!("RSDP_ADDR not set, probing BIOS area for RSDP..."); -+ let mut found = None; -+ for page_base in (0xE_0000..0x10_0000).step_by(16) { -+ let mapped = unsafe { -+ common::physmap( -+ page_base, -+ 16, -+ common::Prot::RW, -+ common::MemoryType::default(), -+ ) -+ }; -+ if let Ok(virt) = mapped { -+ let sig = unsafe { std::slice::from_raw_parts(virt as *const u8, 8) }; -+ if sig == b"RSD PTR " { -+ log::info!("found RSDP at physical {:#x}", page_base); -+ found = Some(page_base); -+ break; -+ } -+ let _ = unsafe { libredox::call::munmap(virt as *mut (), 16) }; -+ } -+ } -+ found.ok_or("RSDP not found in BIOS area (0xE0000-0xFFFFF)")? -+ } -+ }; - let tables = - unsafe { AcpiTables::from_rsdp(handler.clone(), rsdp_address).map_err(format_err)? }; - let platform = AcpiPlatform::new(tables, handler).map_err(format_err)?; --- a/drivers/acpid/src/aml_physmem.rs +++ b/drivers/acpid/src/aml_physmem.rs @@ -190,7 +190,10 @@ diff --git a/local/patches/base/P19-acpid-startup-hardening.patch b/local/patches/base/P19-acpid-startup-hardening.patch index de7fd2f3b5..d5e39e9281 100644 --- a/local/patches/base/P19-acpid-startup-hardening.patch +++ b/local/patches/base/P19-acpid-startup-hardening.patch @@ -1,5 +1,5 @@ diff --git a/drivers/acpid/src/acpi.rs b/drivers/acpid/src/acpi.rs -index 343533d0..0189c3ad 100644 +index 343533d0..8ef6ab0e 100644 --- a/drivers/acpid/src/acpi.rs +++ b/drivers/acpid/src/acpi.rs @@ -55,3 +55,2 @@ impl SdtHeader { @@ -44,14 +44,44 @@ index 343533d0..0189c3ad 100644 - .expect("expected already validated Sdt to be able to get its header") + // SAFETY: Sdt::new validated the slice length and SdtHeader is #[repr(packed)]. + unsafe { &*(self.0.as_ptr() as *const SdtHeader) } -@@ -444,3 +455,3 @@ impl AcpiContext { +@@ -269,28 +280 @@ impl AmlSymbols { +- let rsdp_address = match std::env::var("RSDP_ADDR") { +- Ok(addr) => usize::from_str_radix(&addr, 16)?, +- Err(_) => { +- // RSDP_ADDR not provided — probe BIOS area (0xE0000–0xFFFFF) for RSDP signature +- log::info!("RSDP_ADDR not set, probing BIOS area for RSDP..."); +- let mut found = None; +- for page_base in (0xE_0000..0x10_0000).step_by(16) { +- let mapped = unsafe { +- common::physmap( +- page_base, +- 16, +- common::Prot::RW, +- common::MemoryType::default(), +- ) +- }; +- if let Ok(virt) = mapped { +- let sig = unsafe { std::slice::from_raw_parts(virt as *const u8, 8) }; +- if sig == b"RSD PTR " { +- log::info!("found RSDP at physical {:#x}", page_base); +- found = Some(page_base); +- break; +- } +- let _ = unsafe { libredox::call::munmap(virt as *mut (), 16) }; +- } +- } +- found.ok_or("RSDP not found in BIOS area (0xE0000-0xFFFFF)")? +- } +- }; ++ let rsdp_address = usize::from_str_radix(&std::env::var("RSDP_ADDR")?, 16)?; +@@ -444,3 +428,3 @@ impl AcpiContext { - interpreter - .release_global_lock() - .expect("Failed to release GIL!"); //TODO: check if this should panic + if let Err(e) = interpreter.release_global_lock() { + log::error!("Failed to release AML global lock: {:?}", e); + } -@@ -462,4 +473,8 @@ impl AcpiContext { +@@ -462,4 +446,8 @@ impl AcpiContext { - .map(|physaddr| { - let physaddr: usize = physaddr - .try_into() @@ -64,7 +94,7 @@ index 343533d0..0189c3ad 100644 + return None; + } + }; -@@ -469 +484,7 @@ impl AcpiContext { +@@ -469 +457,7 @@ impl AcpiContext { - Sdt::load_from_physical(physaddr).expect("failed to load physical SDT") + match Sdt::load_from_physical(physaddr) { + Ok(sdt) => Some(sdt), @@ -73,7 +103,7 @@ index 343533d0..0189c3ad 100644 + None + } + } -@@ -865,3 +886,4 @@ impl Fadt { +@@ -865,3 +859,4 @@ impl Fadt { - Err(plain::Error::BadAlignment) => unreachable!( - "plain::from_bytes reported bad alignment, but FadtAcpi2Struct is #[repr(packed)]" - ), @@ -81,12 +111,12 @@ index 343533d0..0189c3ad 100644 + log::error!("plain::from_bytes reported bad alignment for FadtAcpi2Struct, but it is #[repr(packed)]"); + None + } -@@ -876,2 +898,2 @@ impl Deref for Fadt { +@@ -876,2 +871,2 @@ impl Deref for Fadt { - plain::from_bytes::(&self.0 .0) - .expect("expected FADT struct to already be validated in Deref impl") + // SAFETY: Fadt::new validated the slice length and FadtStruct is #[repr(packed)]. + unsafe { &*(self.0 .0.as_ptr() as *const FadtStruct) } -@@ -890,3 +912,7 @@ impl Fadt { +@@ -890,3 +885,7 @@ impl Fadt { - let fadt_sdt = context - .take_single_sdt(*b"FACP") - .expect("expected ACPI to always have a FADT"); @@ -97,7 +127,7 @@ index 343533d0..0189c3ad 100644 + return; + } + }; -@@ -903,4 +929,2 @@ impl Fadt { +@@ -903,4 +902,2 @@ impl Fadt { - Some(fadt2) => usize::try_from(fadt2.x_dsdt).unwrap_or_else(|_| { - usize::try_from(fadt.dsdt).expect("expected any given u32 to fit within usize") - }), @@ -105,7 +135,7 @@ index 343533d0..0189c3ad 100644 + Some(fadt2) => fadt2.x_dsdt as usize, + None => fadt.dsdt as usize, diff --git a/drivers/acpid/src/acpi/dmar/mod.rs b/drivers/acpid/src/acpi/dmar/mod.rs -index ed27849b..c6d335c9 100644 +index ed27849b..b5cb96f2 100644 --- a/drivers/acpid/src/acpi/dmar/mod.rs +++ b/drivers/acpid/src/acpi/dmar/mod.rs @@ -47,2 +47,2 @@ impl Deref for Dmar { @@ -189,7 +219,7 @@ index ed27849b..c6d335c9 100644 - - diff --git a/drivers/acpid/src/main.rs b/drivers/acpid/src/main.rs -index ea3cbaeb..79d739c2 100644 +index ea3cbaeb..0c1d4c72 100644 --- a/drivers/acpid/src/main.rs +++ b/drivers/acpid/src/main.rs @@ -32,3 +32,8 @@ fn daemon(daemon: daemon::Daemon) -> ! { @@ -230,20 +260,21 @@ index ea3cbaeb..79d739c2 100644 + if let Err(e) = libredox::call::setrens(0, 0) { + log::warn!("acpid: failed to enter null namespace: {} — continuing", e); + } -@@ -114,5 +133,7 @@ fn daemon(daemon: daemon::Daemon) -> ! { +@@ -114,6 +133,7 @@ fn daemon(daemon: daemon::Daemon) -> ! { - let Some(event) = event_queue - .next() - .transpose() - .expect("acpid: failed to read event file") - else { -+ let Some(event) = match event_queue.next().transpose() { -+ Ok(e) => e, +- break; ++ let event = match event_queue.next().transpose() { ++ Ok(Some(e)) => e, ++ Ok(None) => break, + Err(e) => { + log::error!("acpid: failed to read event file: {} — continuing", e); + continue; + } -+ } else { -@@ -124,6 +145,7 @@ fn daemon(daemon: daemon::Daemon) -> ! { +@@ -124,6 +144,7 @@ fn daemon(daemon: daemon::Daemon) -> ! { - match handler - .process_requests_nonblocking(&mut scheme) - .expect("acpid: failed to process requests") @@ -257,7 +288,7 @@ index ea3cbaeb..79d739c2 100644 + log::error!("acpid: failed to process requests: {} — continuing", e); + continue; + } -@@ -146 +168,2 @@ fn daemon(daemon: daemon::Daemon) -> ! { +@@ -146 +167,2 @@ fn daemon(daemon: daemon::Daemon) -> ! { - unreachable!("System should have shut down before this is entered"); + log::error!("System should have shut down before this was reached"); + std::process::exit(1); diff --git a/local/patches/base/P19-init-startup-hardening.patch b/local/patches/base/P19-init-startup-hardening.patch index 9b481aeaf5..f4ec3fb2cd 100644 --- a/local/patches/base/P19-init-startup-hardening.patch +++ b/local/patches/base/P19-init-startup-hardening.patch @@ -8,7 +8,7 @@ index 5891b808..b8720e81 100644 @@ -174 +174,3 @@ fn main() { - libredox::call::setrens(0, 0).expect("init: failed to enter null namespace"); + if let Err(err) = libredox::call::setrens(0, 0) { -+ log::warn!("init: failed to enter null namespace: {} — continuing", err); ++ init_warn(&format!("init: failed to enter null namespace: {} — continuing", err)); + } diff --git a/init/src/service.rs b/init/src/service.rs index 10bb9d8a..970c0338 100644