06da50afc7
Modify the user mode runtime to insert stack canaries to find stack corruptions.
The `-fstack-protector-strong` variant was chosen because it catches more
issues than vanilla `-fstack-protector`, but doesn't have substantial
performance impact like `-fstack-protector-all`.
Details:
-fstack-protector enables stack protection for vulnerable functions that contain:
* A character array larger than 8 bytes.
* An 8-bit integer array larger than 8 bytes.
* A call to alloca() with either a variable size or a constant size bigger than 8 bytes.
-fstack-protector-strong enables stack protection for vulnerable functions that contain:
* An array of any size and type.
* A call to alloca().
* A local variable that has its address taken.
Example of it catching corrupting in the `stack-smash` test:
```
courage ~ $ ./user/Tests/LibC/stack-smash
[+] Starting the stack smash ...
Error: Stack protector failure, stack smashing detected!
Shell: Job 1 (/usr/Tests/LibC/stack-smash) Aborted
```
|
||
|---|---|---|
| .github | ||
| AK | ||
| Applications | ||
| Base | ||
| Demos | ||
| DevTools | ||
| Documentation | ||
| Games | ||
| Kernel | ||
| Libraries | ||
| MenuApplets | ||
| Meta | ||
| Ports | ||
| Services | ||
| Shell | ||
| Toolchain | ||
| Userland | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| .pre-commit-config.yaml | ||
| .prettierignore | ||
| .prettierrc | ||
| CMakeLists.txt | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| ReadMe.md | ||
SerenityOS
Graphical Unix-like operating system for x86 computers.
About
SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.
Roughly speaking, the goal is a marriage between the aesthetic of late-1990s productivity software and the power-user accessibility of late-2000s *nix. This is a system by us, for us, based on the things we like.
I (Andreas) regularly post raw hacking sessions and demos on my YouTube channel.
Sometimes I write about the system on my github.io blog.
I'm also on Patreon and GitHub Sponsors if you would like to show some support that way.
Screenshot
Kernel features
- x86 (32-bit) kernel with pre-emptive multi-threading
- Hardware protections (SMEP, SMAP, UMIP, NX, WP, TSD, ...)
- IPv4 stack with ARP, TCP, UDP and ICMP protocols
- ext2 filesystem
- POSIX signals
- Purgeable memory
- /proc filesystem
- Pseudoterminals (with /dev/pts filesystem)
- Filesystem notifications
- CPU and memory profiling
- SoundBlaster 16 driver
- VMWare/QEMU mouse integration
System services
- Launch/session daemon (SystemServer)
- Compositing window server (WindowServer)
- Text console manager (TTYServer)
- DNS client (LookupServer)
- Network protocols server (ProtocolServer)
- Software-mixing sound daemon (AudioServer)
- Desktop notifications (NotificationServer)
- HTTP server (WebServer)
- Telnet server (TelnetServer)
- DHCP client (DHCPClient)
Libraries
- C++ templates and containers (AK)
- Event loop and utilities (LibCore)
- 2D graphics library (LibGfx)
- GUI toolkit (LibGUI)
- Cross-process communication library (LibIPC)
- HTML/CSS engine (LibWeb)
- JavaScript engine (LibJS)
- Markdown (LibMarkdown)
- Audio (LibAudio)
- PCI database (LibPCIDB)
- Terminal emulation (LibVT)
- Out-of-process network protocol I/O (LibProtocol)
- Mathematical functions (LibM)
- ELF file handling (LibELF)
- POSIX threading (LibPthread)
- Higher-level threading (LibThread)
- Transport Layer Security (LibTLS)
- HTTP and HTTPS (LibHTTP)
Userland features
- Unix-like libc and userland
- Shell with pipes and I/O redirection
- On-line help system (both terminal and GUI variants)
- Web browser (Browser)
- C++ IDE (HackStudio)
- IRC client
- Desktop synthesizer (Piano)
- Various desktop apps & games
- Color themes
How do I read the documentation?
Man pages are browsable outside of SerenityOS under Base/usr/share/man.
When running SerenityOS you can use man for the terminal interface, or help for the GUI interface.
How do I build and run this?
See the SerenityOS build instructions
Before opening an issue
Please see the issue policy.
Communication hubs
The main hub is #serenityos on the Freenode IRC network.
We also have a project mailing list: serenityos-dev.
Author
- Andreas Kling - awesomekling
Contributors
- Robin Burchell - rburchell
- Conrad Pankoff - deoxxa
- Sergey Bugaev - bugaevc
- Liav A - supercomputer7
- Linus Groh - linusg
- Ali Mohammad Pur - alimpfard
- Shannon Booth - shannonbooth
- Hüseyin ASLITÜRK - asliturk
- Matthew Olsson - mattco98
- Nico Weber - nico
- Brian Gianforcaro - bgianfo
- Ben Wiederhake - BenWiederhake
- Tom - tomuta
- Paul Scharnofske - asynts
- Itamar Shenhar - itamar8910
- Luke Wilde - Lubrsi
- Brendan Coles - bcoles
(And many more!) The people listed above have landed more than 100 commits in the project. :^)
License
SerenityOS is licensed under a 2-clause BSD license.