dollspace.gay / AethelOS
Microkernel based hobby OS
fork atom

Updates sigil command to new features

dollspacegay.tngl.sh 334d7290 7167911b

+223 -47
unified split
aethelos.iso

This is a binary file and will not be displayed.

+49
heartwood/build.log
··· 1 + Compiling heartwood v0.1.0 (F:\OS\heartwood) 2 + warning: associated function `new` is never used 3 + --> heartwood\src\mana_pool\capability.rs:51:19 4 + | 5 + 49 | impl CapabilityId { 6 + | ----------------- associated function in this implementation 7 + 50 | /// Create a new capability ID 8 + 51 | pub(crate) fn new(id: u64) -> Self { 9 + | ^^^ 10 + | 11 + = note: `#[warn(dead_code)]` (part of `#[warn(unused)]`) on by default 12 + 13 + warning: field `seal` is never read 14 + --> heartwood\src\mana_pool\capability.rs:95:5 15 + | 16 + 83 | pub struct SealedCapability { 17 + | ---------------- field in this struct 18 + ... 19 + 95 | seal: [u8; 32], 20 + | ^^^^ 21 + | 22 + = note: `SealedCapability` has derived impls for the traits `Clone` and `Debug`, but these are intentionally ignored during dead code analysis 23 + 24 + warning: associated functions `debug_str`, `identify`, `read_sector_count`, `wait_not_busy`, `wait_400ns`, and `tiny_delay` are never used 25 + --> heartwood\src\drivers\ata.rs:214:8 26 + | 27 + 54 | impl AtaDrive { 28 + | ------------- associated functions in this implementation 29 + ... 30 + 214 | fn debug_str(s: &[u8]) { 31 + | ^^^^^^^^^ 32 + ... 33 + 249 | fn identify(bus: u16, drive: u8) -> bool { 34 + | ^^^^^^^^ 35 + ... 36 + 305 | fn read_sector_count(bus: u16, drive: u8) -> u64 { 37 + | ^^^^^^^^^^^^^^^^^ 38 + ... 39 + 435 | fn wait_not_busy(bus: u16) -> bool { 40 + | ^^^^^^^^^^^^^ 41 + ... 42 + 447 | fn wait_400ns(bus: u16) { 43 + | ^^^^^^^^^^ 44 + ... 45 + 454 | fn tiny_delay() { 46 + | ^^^^^^^^^^ 47 + 48 + warning: `heartwood` (lib) generated 3 warnings 49 + Finished `dev` profile [unoptimized + debuginfo] target(s) in 1.76s
+2
heartwood/src/eldarin.rs
··· 193 193 pub enum PagingCommand { 194 194 Help, 195 195 Wards, 196 + Sigils, 196 197 } 197 198 198 199 pub(crate) static mut PAGING_COMMAND: Option<PagingCommand> = None; ··· 364 365 match PAGING_COMMAND { 365 366 Some(PagingCommand::Help) => show_help_page(PAGING_PAGE), 366 367 Some(PagingCommand::Wards) => crate::wards_command::show_wards_page(PAGING_PAGE), 368 + Some(PagingCommand::Sigils) => crate::sigils_command::show_sigils_page(PAGING_PAGE), 367 369 None => { 368 370 // Safety: should never happen 369 371 PAGING_ACTIVE = false;
+171 -46
heartwood/src/sigils_command.rs
··· 1 1 /// SIGILS - Display The Weaver's Sigils (stack canaries) for all threads 2 2 /// 3 - /// This command shows the unique stack canary values protecting each thread. 4 - /// Each sigil is a 64-bit cryptographically random value that guards against 5 - /// buffer overflow attacks. 3 + /// This command shows the status of stack and heap canary protection without 4 + /// exposing actual canary values (for security). It performs real verification 5 + /// checks to ensure protection is active and working correctly. 6 6 7 + use crate::loom_of_fate::{without_interrupts, ThreadState}; 8 + use alloc::vec::Vec; 9 + 10 + /// Entry point for the sigils command - sets up paging 7 11 pub fn cmd_sigils() { 8 - use crate::loom_of_fate::{without_interrupts, ThreadState}; 9 - use alloc::vec::Vec; 12 + unsafe { 13 + crate::eldarin::PAGING_ACTIVE = true; 14 + crate::eldarin::PAGING_PAGE = 0; 15 + crate::eldarin::PAGING_COMMAND = Some(crate::eldarin::PagingCommand::Sigils); 16 + } 17 + show_sigils_page(0); 18 + } 19 + 20 + /// Display a specific page of sigil information 21 + pub fn show_sigils_page(page: usize) { 22 + match page { 23 + 0 => show_overview_page(), 24 + 1 => show_stack_protection_page(), 25 + 2 => show_heap_protection_page(), 26 + _ => { 27 + // No more pages 28 + unsafe { 29 + crate::eldarin::PAGING_ACTIVE = false; 30 + crate::eldarin::PAGING_PAGE = 0; 31 + crate::eldarin::PAGING_COMMAND = None; 32 + } 33 + crate::eldarin::display_prompt(); 34 + } 35 + } 36 + } 37 + 38 + /// Page 0: Overview of The Weaver's Sigil protection system 39 + fn show_overview_page() { 40 + crate::println!(); 41 + crate::println!("◈ The Weaver's Sigils - Stack & Heap Protection"); 42 + crate::println!(); 43 + crate::println!(" The Weaver's Sigils are cryptographic marks placed on the stack"); 44 + crate::println!(" and heap to detect buffer overflow attacks. Each thread carries"); 45 + crate::println!(" a unique 64-bit sigil, and each heap allocation is wrapped in"); 46 + crate::println!(" protective canaries."); 47 + crate::println!(); 48 + 49 + // Check stack protection status 50 + let stack_guard = crate::stack_protection::get_current_canary(); 51 + let stack_active = stack_guard != 0; 52 + 53 + crate::println!(" Protection Systems:"); 54 + crate::println!(); 55 + 56 + if stack_active { 57 + crate::println!(" [✓] Stack Protection - ACTIVE"); 58 + crate::println!(" Mode: LLVM strong (per-function canaries)"); 59 + crate::println!(" Coverage: All functions with buffers or address-taken locals"); 60 + } else { 61 + crate::println!(" [✗] Stack Protection - INACTIVE (boot in progress?)"); 62 + } 63 + 64 + let heap_enabled = crate::mana_pool::heap_canaries::are_enabled(); 65 + if heap_enabled { 66 + crate::println!(" [✓] Heap Protection - ACTIVE"); 67 + crate::println!(" Mode: Pre/post allocation canaries (8 bytes each)"); 68 + crate::println!(" Coverage: All heap allocations"); 69 + } else { 70 + crate::println!(" [✗] Heap Protection - INACTIVE (boot in progress?)"); 71 + } 10 72 11 - crate::println!("◈ The Weaver's Sigils - Stack Canary Protection"); 73 + crate::println!(); 74 + crate::println!(" Note: Actual canary values are not displayed for security reasons."); 12 75 crate::println!(); 76 + crate::println!("Press SPACE for stack details, or ESC to exit"); 77 + } 13 78 14 - crate::println!(" Status: ✓ ACTIVE (Phase 2: LLVM stack protection)"); 15 - crate::println!(" Mode: LLVM strong mode + per-thread canaries"); 16 - crate::println!(" Protection: All functions with buffers or address-taken locals"); 79 + /// Page 1: Stack protection details and per-thread verification 80 + fn show_stack_protection_page() { 81 + crate::println!(); 82 + crate::println!("◈ Stack Protection Status (Page 2/3)"); 17 83 crate::println!(); 18 84 19 - // Show current global canary value 20 - let current_canary = crate::stack_protection::get_current_canary(); 21 - crate::println!(" Current __stack_chk_guard: 0x{:016x}", current_canary); 85 + // Check global canary 86 + let current_guard = crate::stack_protection::get_current_canary(); 87 + let canary_initialized = current_guard != 0; 88 + 89 + if canary_initialized { 90 + crate::println!(" Global Stack Guard: ✓ INITIALIZED"); 91 + } else { 92 + crate::println!(" Global Stack Guard: ✗ NOT INITIALIZED"); 93 + } 94 + 95 + crate::println!(); 96 + crate::println!(" Per-Thread Sigils:"); 22 97 crate::println!(); 23 98 24 - // Get thread information 99 + // Verify thread sigils 25 100 without_interrupts(|| { 26 101 unsafe { 27 102 let loom = crate::loom_of_fate::get_loom().lock(); 28 103 29 - // Collect threads (not fading) 104 + // Collect active threads 30 105 let threads: Vec<_> = loom.threads.iter() 31 106 .filter(|t| !matches!(t.state, ThreadState::Fading)) 32 107 .collect(); 33 108 34 - crate::println!(" Active Sigils ({} threads):", threads.len()); 109 + crate::println!(" Active Threads: {}", threads.len()); 35 110 crate::println!(); 36 111 37 - for thread in threads { 112 + let mut all_valid = true; 113 + 114 + for thread in &threads { 38 115 let state_str = match thread.state { 39 116 ThreadState::Weaving => "Weaving", 40 117 ThreadState::Resting => "Resting", ··· 42 119 ThreadState::Fading => "Fading", 43 120 }; 44 121 45 - let priority_str = match thread.priority { 46 - crate::loom_of_fate::ThreadPriority::Critical => "Critical", 47 - crate::loom_of_fate::ThreadPriority::High => "High", 48 - crate::loom_of_fate::ThreadPriority::Normal => "Normal", 49 - crate::loom_of_fate::ThreadPriority::Low => "Low", 50 - crate::loom_of_fate::ThreadPriority::Idle => "Idle", 51 - }; 122 + // Check if sigil is set (non-zero) 123 + let sigil_valid = thread.sigil != 0; 124 + 125 + let status = if sigil_valid { "✓" } else { "✗" }; 126 + 127 + crate::print!(" Thread #{:2} [{}] - Sigil: {}", 128 + thread.id.0, state_str, status); 129 + 130 + if !sigil_valid { 131 + crate::print!(" (UNINITIALIZED)"); 132 + all_valid = false; 133 + } 52 134 53 - crate::println!(" Thread #{} [{}|{}]", 54 - thread.id.0, state_str, priority_str); 55 - crate::println!(" Sigil: 0x{:016x}", thread.sigil); 56 135 crate::println!(); 57 136 } 58 137 59 - // Verify uniqueness 138 + crate::println!(); 139 + 140 + // Check uniqueness 60 141 let mut sigils: Vec<u64> = loom.threads.iter() 61 142 .filter(|t| !matches!(t.state, ThreadState::Fading)) 62 143 .map(|t| t.sigil) 144 + .filter(|&s| s != 0) // Exclude uninitialized 63 145 .collect(); 64 146 65 147 let original_len = sigils.len(); ··· 67 149 sigils.dedup(); 68 150 let unique_len = sigils.len(); 69 151 70 - if original_len == unique_len { 71 - crate::println!(" ✓ All sigils are unique ({} distinct values)", unique_len); 152 + crate::println!(" Uniqueness Check:"); 153 + if original_len == unique_len && original_len > 0 { 154 + crate::println!(" ✓ All {} sigils are unique", unique_len); 155 + } else if original_len == 0 { 156 + crate::println!(" ✗ No initialized sigils found"); 72 157 } else { 73 - crate::println!(" ✗ WARNING: {} duplicate sigils detected!", 158 + crate::println!(" ✗ WARNING: {} duplicate sigils detected!", 74 159 original_len - unique_len); 75 160 } 76 161 77 162 crate::println!(); 78 - crate::println!(" Protection Status:"); 79 - crate::println!(" [✓] Per-thread storage - Active"); 80 - crate::println!(" [✓] Cryptographic generation - Active"); 81 - crate::println!(" [✓] Stack canary placement - Active (LLVM inserts at function entry)"); 82 - crate::println!(" [✓] Overflow detection - Active (LLVM checks before return)"); 83 - crate::println!(); 84 - crate::println!(" Phase 2 Complete: LLVM stack-protector (strong mode) is active."); 85 - crate::println!(" All functions with buffers or address-taken locals are protected."); 163 + 164 + if all_valid && canary_initialized && original_len == unique_len && original_len > 0 { 165 + crate::println!(" Overall Status: ✓ PROTECTION ACTIVE AND VERIFIED"); 166 + } else { 167 + crate::println!(" Overall Status: ⚠ ISSUES DETECTED"); 168 + } 86 169 } 87 170 }); 88 171 89 - // Heap Canary Status 90 172 crate::println!(); 91 - crate::println!(" Heap Protection (Buffer Overflow Detection):"); 92 - crate::println!(" [✓] Pre-allocation canaries - Active (8 bytes before each allocation)"); 93 - crate::println!(" [✓] Post-allocation canaries - Active (8 bytes after each allocation)"); 173 + crate::println!("Press SPACE for heap details, or ESC to exit"); 174 + } 94 175 176 + /// Page 2: Heap protection details and violation status 177 + fn show_heap_protection_page() { 178 + crate::println!(); 179 + crate::println!("◈ Heap Protection Status (Page 3/3)"); 180 + crate::println!(); 181 + 182 + let heap_enabled = crate::mana_pool::heap_canaries::are_enabled(); 183 + 184 + if heap_enabled { 185 + crate::println!(" Heap Canary System: ✓ ACTIVE"); 186 + } else { 187 + crate::println!(" Heap Canary System: ✗ INACTIVE"); 188 + } 189 + 190 + crate::println!(); 191 + crate::println!(" Protection Mechanism:"); 192 + crate::println!(" [✓] Pre-allocation canary - 8 bytes before each allocation"); 193 + crate::println!(" [✓] Post-allocation canary - 8 bytes after each allocation"); 194 + crate::println!(" [✓] Per-allocation unique - Canary XORed with address"); 195 + crate::println!(); 196 + 197 + // Check violation count 95 198 let violations = crate::mana_pool::heap_canaries::violations_count(); 199 + 200 + crate::println!(" Violation Detection:"); 96 201 if violations == 0 { 97 - crate::println!(" [✓] Violations detected - None (heap integrity maintained)"); 202 + crate::println!(" ✓ No violations detected"); 203 + crate::println!(" ✓ Heap integrity maintained"); 98 204 } else { 99 - crate::println!(" [✗] Violations detected - {} (HEAP CORRUPTION!)", violations); 205 + crate::println!(" ✗ {} VIOLATIONS DETECTED!", violations); 206 + crate::println!(" ✗ HEAP CORRUPTION OCCURRED!"); 207 + crate::println!(); 208 + crate::println!(" WARNING: Buffer overflow(s) were caught and blocked."); 209 + crate::println!(" Check system logs for details."); 210 + } 211 + 212 + crate::println!(); 213 + 214 + // Overall heap status 215 + if heap_enabled && violations == 0 { 216 + crate::println!(" Overall Heap Status: ✓ PROTECTED AND CLEAN"); 217 + } else if heap_enabled && violations > 0 { 218 + crate::println!(" Overall Heap Status: ⚠ PROTECTED BUT VIOLATIONS OCCURRED"); 219 + } else { 220 + crate::println!(" Overall Heap Status: ✗ PROTECTION NOT ACTIVE"); 100 221 } 101 222 102 223 crate::println!(); 103 - crate::println!("The sigils remain pure and distinct."); 104 - crate::println!("Stack and heap are guarded by the Weaver's protective marks."); 224 + crate::println!(" Security Note:"); 225 + crate::println!(" Actual canary values and secrets are not displayed to prevent"); 226 + crate::println!(" information leakage. The Weaver's Sigils remain hidden, but"); 227 + crate::println!(" their protective power is verified and active."); 228 + crate::println!(); 229 + crate::println!("Press ESC to exit, or SPACE to return to page 1"); 105 230 }
+1 -1
heartwood/src/vfs/fat32/bpb.rs
··· 9 9 //! - Backup boot sector location (for redundancy) 10 10 11 11 use super::super::block_device::BlockDevice; 12 - use alloc::string::{String, ToString}; 12 + // String types removed - using fixed byte arrays instead 13 13 14 14 /// FSInfo (File System Information) structure 15 15 ///
isodir/boot/aethelos/heartwood.bin

This is a binary file and will not be displayed.