security: fixing early tty development bugs

Author: cr4zyengineer

Config.xcconfig

@@ -9,4 +9,4 @@
 // https://developer.apple.com/documentation/xcode/adding-a-build-configuration-file-to-your-project
 
 VERSION = 0.9.0
-BUILD_NUMBER = 20260224.76.US.seanistethered
+BUILD_NUMBER = 20260224.98.US.seanistethered

Nyxian.xcodeproj/project.pbxproj

@@ -243,6 +243,7 @@
 				LindChain/ProcEnvironment/Surface/sys/proc/kill.m,
 				LindChain/ProcEnvironment/Surface/sys/proc/wait4.m,
 				LindChain/ProcEnvironment/Surface/sys/syscall.m,
+				LindChain/ProcEnvironment/Surface/tty/attach.m,
 				LindChain/ProcEnvironment/Surface/tty/lookup.m,
 				LindChain/ProcEnvironment/Surface/tty/tty.m,
 				LindChain/ProcEnvironment/syscall.m,

Nyxian/LindChain/LiveContainer/Tweaks/proc_info.h

@@ -4,6 +4,7 @@
 
 #define PROX_FDTYPE_VNODE       1
 #define PROC_PIDFDVNODEPATHINFO         2
+#define PROC_PIDFDSOCKETINFO            3
 #define PROC_PIDFDPIPEINFO              6
 
 #define PROC_PIDLISTFDS                 1
@@ -77,4 +78,190 @@ struct pipe_fdinfo {
     struct pipe_info        pipeinfo;
 };
 
-#endif
+/* https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/bsd/sys/proc_info.h */
+
+#include <sys/ioctl.h>
+#include <sys/un.h>
+
+#define MAX_KCTL_NAME   96
+
+typedef struct in6_addr {
+    union {
+        __uint8_t   __u6_addr8[16];
+        __uint16_t  __u6_addr16[8];
+        __uint32_t  __u6_addr32[4];
+    } __u6_addr;                    /* 128-bit IP6 address */
+} in6_addr_t;
+
+
+struct in_addr {
+    in_addr_t s_addr;
+};
+
+#define INI_IPV4        0x1
+#define INI_IPV6        0x2
+
+struct in4in6_addr {
+    u_int32_t               i46a_pad32[3];
+    struct in_addr          i46a_addr4;
+};
+
+struct in_sockinfo {
+    int                                     insi_fport;             /* foreign port */
+    int                                     insi_lport;             /* local port */
+    uint64_t                                insi_gencnt;            /* generation count of this instance */
+    uint32_t                                insi_flags;             /* generic IP/datagram flags */
+    uint32_t                                insi_flow;
+
+    uint8_t                                 insi_vflag;             /* ini_IPV4 or ini_IPV6 */
+    uint8_t                                 insi_ip_ttl;            /* time to live proto */
+    uint32_t                                rfu_1;                  /* reserved */
+    /* protocol dependent part */
+    union {
+        struct in4in6_addr      ina_46;
+        struct in6_addr         ina_6;
+    }                                       insi_faddr;             /* foreign host table entry */
+    union {
+        struct in4in6_addr      ina_46;
+        struct in6_addr         ina_6;
+    }                                       insi_laddr;             /* local host table entry */
+    struct {
+        u_char                  in4_tos;                        /* type of service */
+    }                                       insi_v4;
+    struct {
+        uint8_t                 in6_hlim;
+        int                     in6_cksum;
+        u_short                 in6_ifindex;
+        short                   in6_hops;
+    }                                       insi_v6;
+};
+
+#define TSI_T_REXMT             0       /* retransmit */
+#define TSI_T_PERSIST           1       /* retransmit persistence */
+#define TSI_T_KEEP              2       /* keep alive */
+#define TSI_T_2MSL              3       /* 2*msl quiet time timer */
+#define TSI_T_NTIMERS           4
+
+#define TSI_S_CLOSED            0       /* closed */
+#define TSI_S_LISTEN            1       /* listening for connection */
+#define TSI_S_SYN_SENT          2       /* active, have sent syn */
+#define TSI_S_SYN_RECEIVED      3       /* have send and received syn */
+#define TSI_S_ESTABLISHED       4       /* established */
+#define TSI_S__CLOSE_WAIT       5       /* rcvd fin, waiting for close */
+#define TSI_S_FIN_WAIT_1        6       /* have closed, sent fin */
+#define TSI_S_CLOSING           7       /* closed xchd FIN; await FIN ACK */
+#define TSI_S_LAST_ACK          8       /* had fin and close; await FIN ACK */
+#define TSI_S_FIN_WAIT_2        9       /* have closed, fin is acked */
+#define TSI_S_TIME_WAIT         10      /* in 2*msl quiet wait after close */
+#define TSI_S_RESERVED          11      /* pseudo state: reserved */
+
+struct tcp_sockinfo {
+    struct in_sockinfo              tcpsi_ini;
+    int                             tcpsi_state;
+    int                             tcpsi_timer[TSI_T_NTIMERS];
+    int                             tcpsi_mss;
+    uint32_t                        tcpsi_flags;
+    uint32_t                        rfu_1;          /* reserved */
+    uint64_t                        tcpsi_tp;       /* opaque handle of TCP protocol control block */
+};
+
+struct un_sockinfo {
+    uint64_t                                unsi_conn_so;   /* opaque handle of connected socket */
+    uint64_t                                unsi_conn_pcb;  /* opaque handle of connected protocol control block */
+    union {
+        struct sockaddr_un      ua_sun;
+        char                    ua_dummy[SOCK_MAXADDRLEN];
+    }                                       unsi_addr;      /* bound address */
+    union {
+        struct sockaddr_un      ua_sun;
+        char                    ua_dummy[SOCK_MAXADDRLEN];
+    }                                       unsi_caddr;     /* address of socket connected to */
+};
+
+struct ndrv_info {
+    uint32_t        ndrvsi_if_family;
+    uint32_t        ndrvsi_if_unit;
+    char            ndrvsi_if_name[IF_NAMESIZE];
+};
+
+struct kern_event_info {
+    uint32_t        kesi_vendor_code_filter;
+    uint32_t        kesi_class_filter;
+    uint32_t        kesi_subclass_filter;
+};
+
+struct kern_ctl_info {
+    uint32_t        kcsi_id;
+    uint32_t        kcsi_reg_unit;
+    uint32_t        kcsi_flags;                     /* support flags */
+    uint32_t        kcsi_recvbufsize;               /* request more than the default buffer size */
+    uint32_t        kcsi_sendbufsize;               /* request more than the default buffer size */
+    uint32_t        kcsi_unit;
+    char            kcsi_name[MAX_KCTL_NAME];       /* unique nke identifier, provided by DTS */
+};
+
+struct vsock_sockinfo {
+    uint32_t        local_cid;
+    uint32_t        local_port;
+    uint32_t        remote_cid;
+    uint32_t        remote_port;
+};
+
+struct sockbuf_info {
+    uint32_t                sbi_cc;
+    uint32_t                sbi_hiwat;                      /* SO_RCVBUF, SO_SNDBUF */
+    uint32_t                sbi_mbcnt;
+    uint32_t                sbi_mbmax;
+    uint32_t                sbi_lowat;
+    short                   sbi_flags;
+    short                   sbi_timeo;
+};
+
+enum {
+    SOCKINFO_GENERIC        = 0,
+    SOCKINFO_IN             = 1,
+    SOCKINFO_TCP            = 2,
+    SOCKINFO_UN             = 3,
+    SOCKINFO_NDRV           = 4,
+    SOCKINFO_KERN_EVENT     = 5,
+    SOCKINFO_KERN_CTL       = 6,
+    SOCKINFO_VSOCK          = 7,
+};
+
+struct socket_info {
+    struct vinfo_stat                       soi_stat;
+    uint64_t                                soi_so;         /* opaque handle of socket */
+    uint64_t                                soi_pcb;        /* opaque handle of protocol control block */
+    int                                     soi_type;
+    int                                     soi_protocol;
+    int                                     soi_family;
+    short                                   soi_options;
+    short                                   soi_linger;
+    short                                   soi_state;
+    short                                   soi_qlen;
+    short                                   soi_incqlen;
+    short                                   soi_qlimit;
+    short                                   soi_timeo;
+    u_short                                 soi_error;
+    uint32_t                                soi_oobmark;
+    struct sockbuf_info                     soi_rcv;
+    struct sockbuf_info                     soi_snd;
+    int                                     soi_kind;
+    uint32_t                                rfu_1;          /* reserved */
+    union {
+        struct in_sockinfo      pri_in;                 /* SOCKINFO_IN */
+        struct tcp_sockinfo     pri_tcp;                /* SOCKINFO_TCP */
+        struct un_sockinfo      pri_un;                 /* SOCKINFO_UN */
+        struct ndrv_info        pri_ndrv;               /* SOCKINFO_NDRV */
+        struct kern_event_info  pri_kern_event;         /* SOCKINFO_KERN_EVENT */
+        struct kern_ctl_info    pri_kern_ctl;           /* SOCKINFO_KERN_CTL */
+        struct vsock_sockinfo   pri_vsock;              /* SOCKINFO_VSOCK */
+    }                                       soi_proto;
+};
+
+struct socket_fdinfo {
+    struct proc_fileinfo    pfi;
+    struct socket_info      psi;
+};
+
+#endif // !_PROCINFO_H_

Nyxian/LindChain/ProcEnvironment/Surface/proc/list.m

@@ -93,7 +93,7 @@ void copy_proc_to_user(ksurface_proc_t *proc,
     memcpy(kp, &(proc->kproc.kcproc.bsd), sizeof(kinfo_proc_t));
 }
 
-void proc_list_radix_walker_callback(pid_t pid,
+void proc_list_radix_walker_callback(uint64_t ident,
                                      void *value,
                                      void *ctx)
 {

Nyxian/LindChain/ProcEnvironment/Surface/surface.m

@@ -85,9 +85,10 @@ static inline void ksurface_kinit_kinfo(void)
     }
 
     /* setting up process radix tree */
-    klog_log(@"ksurface:kinit:kinfo", @"initilizing radix tree");
+    klog_log(@"ksurface:kinit:kinfo", @"initilizing radix trees");
     ksurface->proc_info.tree.root = NULL;
     ksurface->proc_info.proc_count = 0;
+    ksurface->tty_info.tty.root = NULL;
 
     /* loading hostname from standard user defaults */
     NSString *hostname = [[NSUserDefaults standardUserDefaults] stringForKey:@"LDEHostname"];

Nyxian/LindChain/ProcEnvironment/Surface/tty/attach.h

@@ -0,0 +1,28 @@
+/*
+ Copyright (C) 2025 cr4zyengineer
+
+ This file is part of Nyxian.
+
+ Nyxian is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ Nyxian is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Nyxian. If not, see <https://www.gnu.org/licenses/>.
+*/
+
+#ifndef TTY_ATTACH_H
+#define TTY_ATTACH_H
+
+#import <LindChain/ProcEnvironment/Surface/tty/def.h>
+#import <LindChain/ProcEnvironment/Surface/proc/def.h>
+
+ksurface_return_t tty_attach_proc(ksurface_proc_t *proc, ksurface_tty_t *tty);
+
+#endif /* TTY_ATTACH_H */

Nyxian/LindChain/ProcEnvironment/Surface/tty/attach.m

@@ -0,0 +1,55 @@
+/*
+ Copyright (C) 2025 cr4zyengineer
+
+ This file is part of Nyxian.
+
+ Nyxian is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ Nyxian is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Nyxian. If not, see <https://www.gnu.org/licenses/>.
+*/
+
+#import <LindChain/ProcEnvironment/Surface/tty/attach.h>
+
+/* typedef bool (*kvobject_event_handler_t)(kvobject_strong_t*,kvevent_type_t,uint8_t,void*); */
+bool tty_proc_event_handler(kvobject_strong_t *kvo,
+                            kvevent_type_t type,
+                            uint8_t value,
+                            void *pld)
+{
+    switch(type)
+    {
+        case kvObjEventDeinit:
+            return true;
+        default:
+            return false;
+    }
+}
+
+ksurface_return_t tty_attach_proc(ksurface_proc_t *proc,
+                                  ksurface_tty_t *tty)
+{
+    /* retain process */
+    if(!kvo_retain(proc))
+    {
+        return SURFACE_RETAIN_FAILED;
+    }
+    
+    /*
+     * attach to process lifecycle
+     * and consume callers reference.
+     */
+    kvobject_event_register((kvobject_t*)proc, tty_proc_event_handler, NULL, tty);
+    
+    
+    kvo_release(proc);
+    return SURFACE_SUCCESS;
+}

Nyxian/LindChain/ProcEnvironment/Surface/tty/def.h

@@ -34,7 +34,7 @@ struct ksurface_tty {
     /* file descriptors */
     int masterfd;
     int slavefd;
-    uint64_t slavehandle;
+    uint32_t kslavecid;
 };
 
 #endif /* TTY_DEF_H */

Nyxian/LindChain/ProcEnvironment/Surface/tty/lookup.h

@@ -21,7 +21,8 @@
 #define TTY_LOOKUP_H
 
 #import <LindChain/ProcEnvironment/Surface/tty/def.h>
+#import <LindChain/Private/mach/fileport.h>
 
-ksurface_return_t tty_for_handle(uint64_t handle, ksurface_tty_t **tty);
+ksurface_return_t tty_for_port(fileport_t port, ksurface_tty_t **tty);
 
 #endif /* TTY_LOOKUP_H */

Nyxian/LindChain/ProcEnvironment/Surface/tty/lookup.m

@@ -19,19 +19,41 @@
 
 #import <LindChain/ProcEnvironment/Surface/surface.h>
 #import <LindChain/ProcEnvironment/Surface/tty/lookup.h>
+#import <LindChain/LiveContainer/Tweaks/libproc.h>
 
-ksurface_return_t tty_for_handle(uint64_t handle,
-                                 ksurface_tty_t **tty)
+ksurface_return_t tty_for_port(fileport_t port,
+                               ksurface_tty_t **tty)
 {
     /* sanity check */
     if(tty == NULL)
     {
         return SURFACE_NULLPTR;
     }
 
-    /* tty lookup */
+    /* getting file descriptor */
+    int fd = fileport_makefd(port);
+    
+    /* validating file descriptor */
+    if(fd < 0)
+    {
+        return SURFACE_FAILED;
+    }
+    
+    /* getting unique object pointer */
+    struct socket_fdinfo si;
+    
+    if(proc_pidfdinfo(getpid(), fd, PROC_PIDFDSOCKETINFO, &si, sizeof(si)) <= 0)
+    {
+        close(fd);
+        return SURFACE_FAILED;
+    }
+    
+    /* disposing that fd, not needed rn */
+    close(fd);
+    
+    /* tty tree lookup */
     tty_table_rdlock();
-    *tty = radix_lookup(&(ksurface->tty_info.tty), handle);
+    *tty = radix_lookup(&(ksurface->tty_info.tty), si.psi.soi_proto.pri_kern_ctl.kcsi_id);
     tty_table_unlock();
 
     /*