Development

docs/ARCHITECTURE.md

@@ -1,4 +1,4 @@
-# The VoidFrame monolithic kernel 💫
+# The VoidFrame monolithic kernel 💫 v0.0.1-beta5.3
 
 ## Table of Contents
 
@@ -314,7 +314,40 @@ Astra runs in a continuous loop, performing a series of checks:
 
 Before the scheduler context-switches to a process, it performs a final, lightweight security check. This check validates the process's token and verifies its privilege flags one last time, ensuring that a compromised process is never allowed to run on the CPU.
 
-### 7. Dynamic Performance Controller: DynamoX
+### 7. Cerberus: Memory Security Agent
+
+While Astra ensures the logical integrity of processes, **Cerberus** acts as the kernel's dedicated memory security guard. Its mission is to detect, classify, and mitigate common and dangerous memory corruption vulnerabilities in real-time. It is enabled via the `VF_CONFIG_USE_CERBERUS` flag and integrates deeply with the process scheduler and memory managers.
+
+Cerberus operates on multiple defensive fronts:
+
+#### Proactive Memory Tracking
+
+1.  **Stack Canary Protection**: To protect against stack buffer overflows (a common attack vector), Cerberus automatically installs a "canary"—a known secret value—at the end of a process's stack when it's registered. Before the scheduler switches to a process, Cerberus checks if this canary is intact. If the value has been overwritten, it signifies a buffer overflow, and a `MEM_VIOLATION_CANARY_CORRUPT` violation is logged.
+
+2.  **Allocation Monitoring**: Cerberus maintains a record of all active memory allocations for monitored processes (`CerberusTrackAlloc`). When memory is freed (`CerberusTrackFree`), Cerberus validates the operation. If a process attempts to free a memory address that isn't actively allocated to it, Cerberus flags it as a potential "double-free" or an attempt to free invalid memory, logging a `MEM_VIOLATION_DOUBLE_FREE`.
+
+#### Reactive Fault Analysis
+
+When a critical memory fault (e.g., a page fault) occurs, Cerberus intercepts the event before it panics the kernel. It analyzes the context of the fault to determine its likely cause, translating a generic CPU exception into a specific security event.
+
+| Violation Type                   | Heuristic / Cause                                                         |
+|:---------------------------------|:--------------------------------------------------------------------------|
+| `MEM_VIOLATION_USE_AFTER_FREE`   | Accessing a `NULL` or very low memory address (`< 0x1000`).               |
+| `MEM_VIOLATION_BUFFER_OVERFLOW`  | Writing to a page that is not present in memory.                          |
+| `MEM_VIOLATION_STACK_CORRUPTION` | Attempting to execute code from a non-executable page (NX bit violation). |
+| `MEM_VIOLATION_BOUNDS_CHECK`     | A user-mode process attempting to access kernel space memory.             |
+
+#### Integration with the Scheduler and Astra
+
+Cerberus's true strength comes from its integration with the rest of the system:
+
+*   **Pre-emptive Threat Mitigation**: The `CerberusPreScheduleCheck` function is called just before a process is scheduled to run. If a process has been marked as `is_compromised` (either due to a canary failure or by exceeding its violation threshold), Cerberus will **block the process from ever running again**. This prevents a corrupted process from doing further damage.
+*   **Violation Threshold**: Cerberus tracks the number of violations per process. If a process accumulates too many violations (`CERBERUS_VIOLATION_THRESHOLD`), it is automatically flagged as compromised, even if the individual violations were not critical.
+*   **Threat Escalation**: When a significant threat is confirmed, `CerberusReportThreat` formats a detailed message and sends it to **Astra** via a VFS file. This allows Astra to take higher-level action, such as shutting down related processes or increasing the system-wide threat level.
+
+By combining proactive checks with intelligent fault analysis, Cerberus provides a robust defense-in-depth security layer, making the entire system more resilient to memory-based attacks.
+
+### 8. Dynamic Performance Controller: DynamoX
 
 DynamoX is a system process that intelligently manages the CPU's operational frequency (simulated via the PIT timer) to deliver performance when needed and conserve power when the system is idle.
 
@@ -389,4 +422,4 @@ The following functions and commands provide interfaces to the process managemen
       ]
       ```
     Quite simple, isn't it?
-> assembler-0 @ voidframe-kernel - 7:05 31/08/2025
+> assembler-0 @ voidframe-kernel - 11:54 01/09/2025

kernel/process/Process.c

@@ -1,5 +1,6 @@
 #include "Process.h"
 #include "Atomics.h"
+#include "KernelHeap.h"
 #ifdef VF_CONFIG_USE_CERBERUS
 #include "Cerberus.h"
 #endif
@@ -284,7 +285,7 @@ static void __attribute__((visibility("hidden"))) TerminateProcess(uint32_t pid,
 #ifdef VF_CONFIG_USE_CERBERUS
     CerberusUnregisterProcess(proc->pid);
 #endif
-    if (proc->ProcINFOPath && VfsIsDir(proc->ProcINFOPath)) VfsDelete(proc->ProcINFOPath, true);
+    if (proc->ProcessRuntimePath && VfsIsDir(proc->ProcessRuntimePath)) VfsDelete(proc->ProcessRuntimePath, true);
     else PrintKernelWarning("ProcINFOPath invalid during termination\n");
 }
 
@@ -329,7 +330,7 @@ static void __attribute__((visibility("hidden"))) ASTerminate(uint32_t pid, cons
 
     SpinUnlockIrqRestore(&scheduler_lock, flags);
 
-    if (proc->ProcINFOPath && VfsIsDir(proc->ProcINFOPath)) VfsDelete(proc->ProcINFOPath, true);
+    if (proc->ProcessRuntimePath && VfsIsDir(proc->ProcessRuntimePath)) VfsDelete(proc->ProcessRuntimePath, true);
     else PrintKernelWarning("ProcINFOPath invalid during termination");
 }
 
@@ -686,7 +687,7 @@ static void SmartAging(void) {
 }
 
 static inline __attribute__((visibility("hidden"))) __attribute__((always_inline)) int ProcINFOPathValidation(const ProcessControlBlock * proc) {
-    if (FastStrCmp(proc->ProcINFOPath, FormatS("%s/%d", RuntimeProcesses, proc->pid)) != 0) return 0;
+    if (FastStrCmp(proc->ProcessRuntimePath, FormatS("%s/%d", RuntimeProcesses, proc->pid)) != 0) return 0;
     return 1;
 }
 
@@ -716,7 +717,7 @@ static inline __attribute__((visibility("hidden"))) __attribute__((always_inline
     }
 
     if (ProcINFOPathValidation(proc) != 1) {
-        PrintKernelErrorF("[AS-PREFLIGHT] ProcINFOPath tampering detected for PID: %d (%s)\n", proc->pid, proc->ProcINFOPath);
+        PrintKernelErrorF("[AS-PREFLIGHT] ProcINFOPath tampering detected for PID: %d (%s)\n", proc->pid, proc->ProcessRuntimePath);
         ASTerminate(proc->pid, "ProcINFOPath tampering detected");
         return 0; // Do not schedule this process.
     }
@@ -1071,16 +1072,15 @@ static __attribute__((visibility("hidden"))) uint32_t CreateSecureProcess(void (
     processes[slot].io_operations = 0;
     processes[slot].preemption_count = 0;
     processes[slot].wait_time = 0;
-    processes[slot].ProcINFOPath = FormatS("%s/%d", RuntimeProcesses, new_pid);
-
+    processes[slot].ProcessRuntimePath = FormatS("%s/%d", RuntimeProcesses, new_pid);
 #ifdef VF_CONFIG_USE_CERBERUS
     CerberusRegisterProcess(new_pid, (uint64_t)stack, STACK_SIZE);
 #endif
 
 #ifdef VF_CONFIG_PROCINFO_CREATE_DEFAULT
-    if (!VfsIsDir(processes[slot].ProcINFOPath)) {
-        int rc = VfsCreateDir(processes[slot].ProcINFOPath);
-        if (rc != 0 && !VfsIsDir(processes[slot].ProcINFOPath)) {
+    if (!VfsIsDir(processes[slot].ProcessRuntimePath)) {
+        int rc = VfsCreateDir(processes[slot].ProcessRuntimePath);
+        if (rc != 0 && !VfsIsDir(processes[slot].ProcessRuntimePath)) {
             PrintKernelError("ProcINFO: failed to create dir for PID ");
             PrintKernelInt(processes[slot].pid);
             PrintKernel("\n");
@@ -1472,7 +1472,7 @@ static void Astra(void) {
     // register
     security_manager_pid = current->pid;
 
-    FormatA(astra_path, sizeof(astra_path), "%s/astra", current->ProcINFOPath);
+    FormatA(astra_path, sizeof(astra_path), "%s/astra", current->ProcessRuntimePath);
     if (VfsCreateFile(astra_path) != 0) PANIC("Failed to create Astra process info file");
 
     PrintKernelSuccess("Astra: Astra active.\n");
@@ -1664,8 +1664,8 @@ int ProcessInit(void) {
     idle_proc->privilege_level = PROC_PRIV_SYSTEM;
     idle_proc->scheduler_node = NULL;
     idle_proc->creation_time = GetSystemTicks();
-    idle_proc->ProcINFOPath = FormatS("%s/%d", RuntimeServices, idle_proc->pid);
-    if (VfsCreateDir(idle_proc->ProcINFOPath) != 0) PANIC("Failed to create ProcINFO directory");
+    idle_proc->ProcessRuntimePath = FormatS("%s/%d", RuntimeServices, idle_proc->pid);
+    if (VfsCreateDir(idle_proc->ProcessRuntimePath) != 0) PANIC("Failed to create ProcINFO directory");
     // Securely initialize the token for the Idle Process
     SecurityToken* token = &idle_proc->token;
     token->magic = SECURITY_MAGIC;

kernel/process/Process.h

@@ -166,7 +166,7 @@ typedef struct {
     ProcessContext context;
     SchedulerNode* scheduler_node;
     uint64_t creation_time;
-    char* ProcINFOPath;
+    char* ProcessRuntimePath;
 } ProcessControlBlock;
 
 typedef struct {

meson.build

@@ -1,5 +1,5 @@
 project('voidframe', 'c',
-        version : '0.0.1-beta5',
+        version : '0.0.1-beta5.3',
         default_options : [
             'c_std=c11',
             'optimization=2',
@@ -140,7 +140,7 @@ vf_config_flags =  [
     '-DVF_CONFIG_USE_VFSHELL',
     '-DVF_CONFIG_USE_DYNAMOX',
     '-DVF_CONFIG_USE_ASTRA',
-#    '-DVF_CONFIG_USE_CERBERUS',
+    '-DVF_CONFIG_USE_CERBERUS',
 #    '-DVF_CONFIG_PANIC_OVERRIDE',
 ]