2024-02-29 19:19:01 +00:00
|
|
|
# Implement symbols common to libc and libsys.
|
|
|
|
|
#
|
|
|
|
|
# When dynamically linked, the libc symbols are filtered by the actual
|
|
|
|
|
# implementations in libsys. When statically linked, both libc and
|
|
|
|
|
# libsys contain full implementations to preserve the API of libc.a.
|
|
|
|
|
#
|
|
|
|
|
# The following variable are programmer-defined:
|
|
|
|
|
#
|
|
|
|
|
# MDASM Override the default syscall implementation in MIASM
|
|
|
|
|
# (from syscall.mk below). Each entry is a source file
|
|
|
|
|
# name (e.g., vfork.S).
|
|
|
|
|
# Generally defined in <arch>/Makefile.sys.
|
|
|
|
|
# NOASM Don't generate system call stubs. Each entry is an
|
|
|
|
|
# object file name (e.g., yeild.o). Don't add more of these.
|
|
|
|
|
# PSEUDO Generate _<sys> and __sys_<sys> symbols, but not <sys>.
|
|
|
|
|
# Each entry is a bare syscall name (e.g., "clock_gettime").
|
|
|
|
|
# INTERPOSED Like PSEUDO, but <sys>.c is added to SRCS.
|
|
|
|
|
# Used for syscalls intercepted by the threading library.
|
|
|
|
|
#
|
2023-11-14 17:54:03 +00:00
|
|
|
.PATH: ${LIBSYS_SRCTOP}/${LIBC_ARCH} ${LIBSYS_SRCTOP}
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
|
|
|
|
|
# Include the generated makefile containing the *complete* list
|
|
|
|
|
# of syscall names in MIASM.
|
2017-01-20 03:23:24 +00:00
|
|
|
.include "${SRCTOP}/sys/sys/syscall.mk"
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
|
|
|
|
|
# Include machine dependent definitions.
|
2023-11-14 22:25:24 +00:00
|
|
|
.include "${LIBSYS_SRCTOP}/${LIBC_ARCH}/Makefile.sys"
|
|
|
|
|
.if ${LIBC_ARCH} == "i386" || ${LIBC_ARCH} == "amd64"
|
|
|
|
|
.include "${LIBSYS_SRCTOP}/x86/Makefile.sys"
|
|
|
|
|
.endif
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
|
2012-06-22 07:13:30 +00:00
|
|
|
SRCS+= clock_gettime.c gettimeofday.c __vdso_gettimeofday.c
|
|
|
|
|
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
# Sources common to both syscall interfaces:
|
2015-01-03 18:38:46 +00:00
|
|
|
SRCS+= \
|
|
|
|
|
__error.c \
|
2023-11-17 20:13:40 +00:00
|
|
|
__getosreldate.c \
|
2023-11-17 18:55:25 +00:00
|
|
|
getpagesize.c \
|
|
|
|
|
getpagesizes.c \
|
2024-03-13 17:04:07 +00:00
|
|
|
libsys_sigwait.c
|
2015-01-03 18:38:46 +00:00
|
|
|
|
2024-02-19 22:44:08 +00:00
|
|
|
.if ${LIB} == "c"
|
|
|
|
|
# Trapping stubs in dynamic libc to be filtered by libsys.
|
|
|
|
|
SOBJS+= libc_stubs.pico
|
|
|
|
|
|
|
|
|
|
# Link the full implementation of ELF auxargs for static libc.
|
|
|
|
|
STATICOBJS+= auxv.o
|
2024-04-22 18:24:36 +00:00
|
|
|
|
|
|
|
|
STATICOBJS+= interposing_table.o
|
2024-02-19 22:44:08 +00:00
|
|
|
.endif
|
2024-02-29 19:19:01 +00:00
|
|
|
|
|
|
|
|
NOASM= yield.o
|
|
|
|
|
|
|
|
|
|
PSEUDO= \
|
2024-02-29 19:19:01 +00:00
|
|
|
clock_gettime \
|
|
|
|
|
exit \
|
|
|
|
|
getlogin \
|
|
|
|
|
gettimeofday \
|
|
|
|
|
sched_getcpu
|
2024-02-19 22:44:08 +00:00
|
|
|
|
2015-01-03 18:38:46 +00:00
|
|
|
INTERPOSED = \
|
|
|
|
|
accept \
|
|
|
|
|
accept4 \
|
|
|
|
|
aio_suspend \
|
2017-03-19 00:51:12 +00:00
|
|
|
clock_nanosleep \
|
2015-01-03 18:38:46 +00:00
|
|
|
close \
|
|
|
|
|
connect \
|
|
|
|
|
fcntl \
|
2016-08-16 08:27:03 +00:00
|
|
|
fdatasync \
|
2015-01-03 18:38:46 +00:00
|
|
|
fsync \
|
|
|
|
|
fork \
|
Make kevent(2) a cancellation point.
Note that to cancel blocked kevent(2) call, changelist must be empty,
since we cannot cancel a call which already made changes to the
process state. And in reverse, call which only makes changes to the
kqueue state, without waiting for an event, is not cancellable. This
makes a natural usage model to migrate kqueue loop to support
cancellation, where existing single kevent(2) call must be split into
two: first uncancellable update of kqueue, then cancellable wait for
events.
Note that this is ABI-incompatible change, but it is believed that
there is no cancel-safe code that relies on kevent(2) not being a
cancellation point. Option to preserve the ABI would be to keep
kevent(2) as is, but add new call with flags to specify cancellation
behaviour, which only value seems to add complications.
Suggested and reviewed by: jilles
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
2015-03-29 19:14:41 +00:00
|
|
|
kevent \
|
2015-01-03 18:38:46 +00:00
|
|
|
msync \
|
|
|
|
|
nanosleep \
|
|
|
|
|
open \
|
|
|
|
|
openat \
|
2021-12-06 23:02:25 +00:00
|
|
|
pdfork \
|
2015-01-03 18:38:46 +00:00
|
|
|
poll \
|
2015-04-18 21:35:41 +00:00
|
|
|
ppoll \
|
2015-01-03 18:38:46 +00:00
|
|
|
pselect \
|
2016-08-29 18:47:51 +00:00
|
|
|
ptrace \
|
2015-01-03 18:38:46 +00:00
|
|
|
read \
|
|
|
|
|
readv \
|
|
|
|
|
recvfrom \
|
|
|
|
|
recvmsg \
|
|
|
|
|
select \
|
|
|
|
|
sendmsg \
|
|
|
|
|
sendto \
|
|
|
|
|
setcontext \
|
2020-02-26 18:55:09 +00:00
|
|
|
sigaction \
|
2015-01-03 18:38:46 +00:00
|
|
|
sigprocmask \
|
|
|
|
|
sigsuspend \
|
|
|
|
|
sigtimedwait \
|
|
|
|
|
sigwait \
|
|
|
|
|
sigwaitinfo \
|
|
|
|
|
swapcontext \
|
|
|
|
|
wait4 \
|
2015-04-18 21:35:41 +00:00
|
|
|
wait6 \
|
2015-01-03 18:38:46 +00:00
|
|
|
write \
|
|
|
|
|
writev
|
|
|
|
|
|
2024-02-29 19:19:01 +00:00
|
|
|
PSEUDO+= ${INTERPOSED}
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
|
|
|
|
|
# Add machine dependent asm sources:
|
|
|
|
|
SRCS+=${MDASM}
|
|
|
|
|
|
|
|
|
|
# Look though the complete list of syscalls (MIASM) for names that are
|
2024-02-29 19:19:01 +00:00
|
|
|
# not defined with machine dependent implementations (MDASM), not declared
|
|
|
|
|
# without a trival <sys> symbol (PSEUDO). Add each syscall that satisfies
|
|
|
|
|
# these conditions to the ASM list.
|
2000-08-01 18:50:29 +00:00
|
|
|
.for _asm in ${MIASM}
|
2024-02-29 19:19:01 +00:00
|
|
|
.if !${MDASM:R:M${_asm:R}} && !${NOASM:R:M${_asm:R}} && !${PSEUDO:M${_asm:R}}
|
Yikes, this is the worst of the lot. Bruce suggested doing this (!).
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
1998-03-09 07:22:12 +00:00
|
|
|
ASM+=$(_asm)
|
|
|
|
|
.endif
|
|
|
|
|
.endfor
|
|
|
|
|
|
1997-04-23 10:49:54 +00:00
|
|
|
SASM= ${ASM:S/.o/.S/}
|
1994-08-28 17:34:16 +00:00
|
|
|
|
2024-02-29 19:19:01 +00:00
|
|
|
SPSEUDO= ${PSEUDO:C/^.*$/_&.S/}
|
1994-08-28 17:34:16 +00:00
|
|
|
|
2001-01-29 03:23:46 +00:00
|
|
|
SRCS+= ${SASM} ${SPSEUDO}
|
1994-05-27 05:00:24 +00:00
|
|
|
|
2023-11-21 18:30:00 +00:00
|
|
|
SYM_MAPS+= ${LIBSYS_SRCTOP}/syscalls.map
|
2023-11-14 17:54:03 +00:00
|
|
|
SYM_MAPS+= ${LIBSYS_SRCTOP}/Symbol.sys.map
|
2023-11-15 21:48:45 +00:00
|
|
|
.if exists(${LIBSYS_SRCTOP}/${LIBC_ARCH}/Symbol.sys.map)
|
|
|
|
|
SYM_MAPS+= ${LIBSYS_SRCTOP}/${LIBC_ARCH}/Symbol.sys.map
|
|
|
|
|
.endif
|
2006-03-13 01:15:01 +00:00
|
|
|
|
1997-05-12 09:59:25 +00:00
|
|
|
# Generated files
|
2001-01-29 03:23:46 +00:00
|
|
|
CLEANFILES+= ${SASM} ${SPSEUDO}
|
1997-05-12 09:59:25 +00:00
|
|
|
|
2011-01-25 21:06:49 +00:00
|
|
|
.if ${MACHINE_CPUARCH} == "amd64" || ${MACHINE_CPUARCH} == "i386" || \
|
2023-02-14 16:48:51 +00:00
|
|
|
${MACHINE_CPUARCH} == "powerpc" || ${MACHINE_CPUARCH} == "arm"
|
2011-01-25 21:06:49 +00:00
|
|
|
NOTE_GNU_STACK='\t.section .note.GNU-stack,"",%%progbits\n'
|
|
|
|
|
.else
|
|
|
|
|
NOTE_GNU_STACK=''
|
|
|
|
|
.endif
|
2023-10-12 14:22:18 +00:00
|
|
|
.if ${MACHINE_CPUARCH} == "aarch64"
|
2024-03-07 00:58:29 +00:00
|
|
|
FEATURE_NOTE='\#include <sys/elf_common.h>\nGNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)\n'
|
2023-10-12 14:22:18 +00:00
|
|
|
.else
|
|
|
|
|
FEATURE_NOTE=''
|
|
|
|
|
.endif
|
2011-01-25 21:06:49 +00:00
|
|
|
|
1997-04-23 10:49:54 +00:00
|
|
|
${SASM}:
|
2019-08-16 14:14:57 +00:00
|
|
|
printf '/* %sgenerated by libc/sys/Makefile.inc */\n' @ > ${.TARGET}
|
|
|
|
|
printf '#include "compat.h"\n' >> ${.TARGET}
|
2009-06-24 21:10:52 +00:00
|
|
|
printf '#include "SYS.h"\nRSYSCALL(${.PREFIX})\n' >> ${.TARGET}
|
2011-01-25 21:06:49 +00:00
|
|
|
printf ${NOTE_GNU_STACK} >>${.TARGET}
|
2023-10-12 14:22:18 +00:00
|
|
|
printf ${FEATURE_NOTE} >> ${.TARGET}
|
1994-08-28 17:34:16 +00:00
|
|
|
|
1997-04-23 10:49:54 +00:00
|
|
|
${SPSEUDO}:
|
2019-08-16 14:14:57 +00:00
|
|
|
printf '/* %sgenerated by libc/sys/Makefile.inc */\n' @ > ${.TARGET}
|
|
|
|
|
printf '#include "compat.h"\n' >> ${.TARGET}
|
2001-01-29 03:23:46 +00:00
|
|
|
printf '#include "SYS.h"\nPSEUDO(${.PREFIX:S/_//})\n' \
|
2009-06-24 21:10:52 +00:00
|
|
|
>> ${.TARGET}
|
2011-01-25 21:06:49 +00:00
|
|
|
printf ${NOTE_GNU_STACK} >>${.TARGET}
|
2023-10-12 14:22:18 +00:00
|
|
|
printf ${FEATURE_NOTE} >> ${.TARGET}
|
1997-05-03 03:50:06 +00:00
|
|
|
|
2023-11-15 23:31:57 +00:00
|
|
|
.if ${LIB} == "sys"
|
2013-02-16 22:21:46 +00:00
|
|
|
MAN+= abort2.2 \
|
|
|
|
|
accept.2 \
|
|
|
|
|
access.2 \
|
|
|
|
|
acct.2 \
|
|
|
|
|
adjtime.2 \
|
|
|
|
|
aio_cancel.2 \
|
|
|
|
|
aio_error.2 \
|
2013-12-26 19:16:30 +00:00
|
|
|
aio_fsync.2 \
|
2013-06-08 13:27:57 +00:00
|
|
|
aio_mlock.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
aio_read.2 \
|
|
|
|
|
aio_return.2 \
|
|
|
|
|
aio_suspend.2 \
|
|
|
|
|
aio_waitcomplete.2 \
|
|
|
|
|
aio_write.2 \
|
2023-11-15 20:53:28 +00:00
|
|
|
auxv.3 \
|
2013-02-16 22:21:46 +00:00
|
|
|
bind.2 \
|
2013-03-02 21:11:30 +00:00
|
|
|
bindat.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
brk.2 \
|
|
|
|
|
cap_enter.2 \
|
Merge Capsicum overhaul:
- Capability is no longer separate descriptor type. Now every descriptor
has set of its own capability rights.
- The cap_new(2) system call is left, but it is no longer documented and
should not be used in new code.
- The new syscall cap_rights_limit(2) should be used instead of
cap_new(2), which limits capability rights of the given descriptor
without creating a new one.
- The cap_getrights(2) syscall is renamed to cap_rights_get(2).
- If CAP_IOCTL capability right is present we can further reduce allowed
ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed
ioctls can be retrived with cap_ioctls_get(2) syscall.
- If CAP_FCNTL capability right is present we can further reduce fcntls
that can be used with the new cap_fcntls_limit(2) syscall and retrive
them with cap_fcntls_get(2).
- To support ioctl and fcntl white-listing the filedesc structure was
heavly modified.
- The audit subsystem, kdump and procstat tools were updated to
recognize new syscalls.
- Capability rights were revised and eventhough I tried hard to provide
backward API and ABI compatibility there are some incompatible changes
that are described in detail below:
CAP_CREATE old behaviour:
- Allow for openat(2)+O_CREAT.
- Allow for linkat(2).
- Allow for symlinkat(2).
CAP_CREATE new behaviour:
- Allow for openat(2)+O_CREAT.
Added CAP_LINKAT:
- Allow for linkat(2). ABI: Reuses CAP_RMDIR bit.
- Allow to be target for renameat(2).
Added CAP_SYMLINKAT:
- Allow for symlinkat(2).
Removed CAP_DELETE. Old behaviour:
- Allow for unlinkat(2) when removing non-directory object.
- Allow to be source for renameat(2).
Removed CAP_RMDIR. Old behaviour:
- Allow for unlinkat(2) when removing directory.
Added CAP_RENAMEAT:
- Required for source directory for the renameat(2) syscall.
Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR):
- Allow for unlinkat(2) on any object.
- Required if target of renameat(2) exists and will be removed by this
call.
Removed CAP_MAPEXEC.
CAP_MMAP old behaviour:
- Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and
PROT_WRITE.
CAP_MMAP new behaviour:
- Allow for mmap(2)+PROT_NONE.
Added CAP_MMAP_R:
- Allow for mmap(PROT_READ).
Added CAP_MMAP_W:
- Allow for mmap(PROT_WRITE).
Added CAP_MMAP_X:
- Allow for mmap(PROT_EXEC).
Added CAP_MMAP_RW:
- Allow for mmap(PROT_READ | PROT_WRITE).
Added CAP_MMAP_RX:
- Allow for mmap(PROT_READ | PROT_EXEC).
Added CAP_MMAP_WX:
- Allow for mmap(PROT_WRITE | PROT_EXEC).
Added CAP_MMAP_RWX:
- Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC).
Renamed CAP_MKDIR to CAP_MKDIRAT.
Renamed CAP_MKFIFO to CAP_MKFIFOAT.
Renamed CAP_MKNODE to CAP_MKNODEAT.
CAP_READ old behaviour:
- Allow pread(2).
- Disallow read(2), readv(2) (if there is no CAP_SEEK).
CAP_READ new behaviour:
- Allow read(2), readv(2).
- Disallow pread(2) (CAP_SEEK was also required).
CAP_WRITE old behaviour:
- Allow pwrite(2).
- Disallow write(2), writev(2) (if there is no CAP_SEEK).
CAP_WRITE new behaviour:
- Allow write(2), writev(2).
- Disallow pwrite(2) (CAP_SEEK was also required).
Added convinient defines:
#define CAP_PREAD (CAP_SEEK | CAP_READ)
#define CAP_PWRITE (CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ)
#define CAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL)
#define CAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W)
#define CAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X)
#define CAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X)
#define CAP_MMAP_RWX (CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X)
#define CAP_RECV CAP_READ
#define CAP_SEND CAP_WRITE
#define CAP_SOCK_CLIENT \
(CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN)
#define CAP_SOCK_SERVER \
(CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \
CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \
CAP_SETSOCKOPT | CAP_SHUTDOWN)
Added defines for backward API compatibility:
#define CAP_MAPEXEC CAP_MMAP_X
#define CAP_DELETE CAP_UNLINKAT
#define CAP_MKDIR CAP_MKDIRAT
#define CAP_RMDIR CAP_UNLINKAT
#define CAP_MKFIFO CAP_MKFIFOAT
#define CAP_MKNOD CAP_MKNODAT
#define CAP_SOCK_ALL (CAP_SOCK_CLIENT | CAP_SOCK_SERVER)
Sponsored by: The FreeBSD Foundation
Reviewed by: Christoph Mallon <christoph.mallon@gmx.de>
Many aspects discussed with: rwatson, benl, jonathan
ABI compatibility discussed with: kib
2013-03-02 00:53:12 +00:00
|
|
|
cap_fcntls_limit.2 \
|
|
|
|
|
cap_ioctls_limit.2 \
|
|
|
|
|
cap_rights_limit.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
chdir.2 \
|
|
|
|
|
chflags.2 \
|
|
|
|
|
chmod.2 \
|
|
|
|
|
chown.2 \
|
|
|
|
|
chroot.2 \
|
|
|
|
|
clock_gettime.2 \
|
|
|
|
|
close.2 \
|
|
|
|
|
closefrom.2 \
|
|
|
|
|
connect.2 \
|
2013-03-02 21:11:30 +00:00
|
|
|
connectat.2 \
|
2019-07-25 06:05:49 +00:00
|
|
|
copy_file_range.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
cpuset.2 \
|
|
|
|
|
cpuset_getaffinity.2 \
|
2018-03-24 23:58:44 +00:00
|
|
|
cpuset_getdomain.2 \
|
2024-01-16 22:25:07 +00:00
|
|
|
creat.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
dup.2 \
|
2020-12-23 14:16:35 +00:00
|
|
|
eventfd.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
execve.2 \
|
|
|
|
|
_exit.2 \
|
|
|
|
|
extattr_get_file.2 \
|
|
|
|
|
fcntl.2 \
|
|
|
|
|
ffclock.2 \
|
2018-12-07 15:17:29 +00:00
|
|
|
fhlink.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
fhopen.2 \
|
2018-12-07 15:17:29 +00:00
|
|
|
fhreadlink.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
flock.2 \
|
|
|
|
|
fork.2 \
|
2021-08-05 15:20:42 +00:00
|
|
|
fspacectl.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
fsync.2 \
|
|
|
|
|
getdirentries.2 \
|
|
|
|
|
getdtablesize.2 \
|
|
|
|
|
getfh.2 \
|
|
|
|
|
getfsstat.2 \
|
|
|
|
|
getgid.2 \
|
|
|
|
|
getgroups.2 \
|
|
|
|
|
getitimer.2 \
|
|
|
|
|
getlogin.2 \
|
|
|
|
|
getloginclass.2 \
|
|
|
|
|
getpeername.2 \
|
|
|
|
|
getpgrp.2 \
|
|
|
|
|
getpid.2 \
|
|
|
|
|
getpriority.2 \
|
2018-03-21 01:15:45 +00:00
|
|
|
getrandom.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
getrlimit.2 \
|
|
|
|
|
getrusage.2 \
|
|
|
|
|
getsid.2 \
|
|
|
|
|
getsockname.2 \
|
|
|
|
|
getsockopt.2 \
|
|
|
|
|
gettimeofday.2 \
|
|
|
|
|
getuid.2 \
|
|
|
|
|
intro.2 \
|
|
|
|
|
ioctl.2 \
|
|
|
|
|
issetugid.2 \
|
|
|
|
|
jail.2 \
|
2024-01-24 14:41:31 +00:00
|
|
|
kcmp.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
kenv.2 \
|
|
|
|
|
kill.2 \
|
|
|
|
|
kldfind.2 \
|
|
|
|
|
kldfirstmod.2 \
|
|
|
|
|
kldload.2 \
|
|
|
|
|
kldnext.2 \
|
|
|
|
|
kldstat.2 \
|
|
|
|
|
kldsym.2 \
|
|
|
|
|
kldunload.2 \
|
|
|
|
|
kqueue.2 \
|
|
|
|
|
ktrace.2 \
|
|
|
|
|
link.2 \
|
|
|
|
|
lio_listio.2 \
|
|
|
|
|
listen.2 \
|
2003-01-12 09:28:16 +00:00
|
|
|
lseek.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
madvise.2 \
|
|
|
|
|
mincore.2 \
|
|
|
|
|
minherit.2 \
|
|
|
|
|
mkdir.2 \
|
|
|
|
|
mkfifo.2 \
|
|
|
|
|
mknod.2 \
|
|
|
|
|
mlock.2 \
|
|
|
|
|
mlockall.2 \
|
|
|
|
|
mmap.2 \
|
|
|
|
|
modfind.2 \
|
|
|
|
|
modnext.2 \
|
|
|
|
|
modstat.2 \
|
|
|
|
|
mount.2 \
|
|
|
|
|
mprotect.2 \
|
|
|
|
|
mq_close.2 \
|
|
|
|
|
mq_getattr.2 \
|
|
|
|
|
mq_notify.2 \
|
|
|
|
|
mq_open.2 \
|
|
|
|
|
mq_receive.2 \
|
|
|
|
|
mq_send.2 \
|
2005-11-30 04:12:37 +00:00
|
|
|
mq_setattr.2 \
|
2021-02-18 17:53:06 +00:00
|
|
|
mq_unlink.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
msgctl.2 \
|
|
|
|
|
msgget.2 \
|
|
|
|
|
msgrcv.2 \
|
|
|
|
|
msgsnd.2 \
|
|
|
|
|
msync.2 \
|
|
|
|
|
munmap.2 \
|
|
|
|
|
nanosleep.2 \
|
|
|
|
|
nfssvc.2 \
|
|
|
|
|
ntp_adjtime.2 \
|
|
|
|
|
open.2 \
|
|
|
|
|
pathconf.2 \
|
|
|
|
|
pdfork.2 \
|
|
|
|
|
pipe.2 \
|
|
|
|
|
poll.2 \
|
|
|
|
|
posix_fadvise.2 \
|
|
|
|
|
posix_fallocate.2 \
|
|
|
|
|
posix_openpt.2 \
|
2013-09-19 18:53:42 +00:00
|
|
|
procctl.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
profil.2 \
|
|
|
|
|
pselect.2 \
|
|
|
|
|
ptrace.2 \
|
|
|
|
|
quotactl.2 \
|
2016-09-19 02:25:30 +00:00
|
|
|
rctl_add_rule.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
read.2 \
|
|
|
|
|
readlink.2 \
|
|
|
|
|
reboot.2 \
|
|
|
|
|
recv.2 \
|
|
|
|
|
rename.2 \
|
|
|
|
|
revoke.2 \
|
|
|
|
|
rfork.2 \
|
|
|
|
|
rmdir.2 \
|
2021-12-07 00:18:34 +00:00
|
|
|
rtprio.2 \
|
|
|
|
|
sched_get_priority_max.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
sched_setparam.2 \
|
|
|
|
|
sched_setscheduler.2 \
|
2021-12-07 00:18:34 +00:00
|
|
|
sched_yield.2 \
|
|
|
|
|
sctp_generic_recvmsg.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
sctp_generic_sendmsg.2 \
|
|
|
|
|
sctp_peeloff.2 \
|
|
|
|
|
select.2 \
|
|
|
|
|
semctl.2 \
|
|
|
|
|
semget.2 \
|
|
|
|
|
semop.2 \
|
|
|
|
|
send.2 \
|
|
|
|
|
setfib.2 \
|
|
|
|
|
sendfile.2 \
|
|
|
|
|
setgroups.2 \
|
|
|
|
|
setpgid.2 \
|
|
|
|
|
setregid.2 \
|
|
|
|
|
setresuid.2 \
|
|
|
|
|
setreuid.2 \
|
|
|
|
|
setsid.2 \
|
|
|
|
|
setuid.2 \
|
|
|
|
|
shmat.2 \
|
|
|
|
|
shmctl.2 \
|
|
|
|
|
shmget.2 \
|
|
|
|
|
shm_open.2 \
|
|
|
|
|
shutdown.2 \
|
|
|
|
|
sigaction.2 \
|
|
|
|
|
sigaltstack.2 \
|
Add a way to manage thread signal mask using shared word, instead of syscall.
A new syscall sigfastblock(2) is added which registers a uint32_t
variable as containing the count of blocks for signal delivery. Its
content is read by kernel on each syscall entry and on AST processing,
non-zero count of blocks is interpreted same as the signal mask
blocking all signals.
The biggest downside of the feature that I see is that memory
corruption that affects the registered fast sigblock location, would
cause quite strange application misbehavior. For instance, the process
would be immune to ^C (but killable by SIGKILL).
With consumers (rtld and libthr added), benchmarks do not show a
slow-down of the syscalls in micro-measurements, and macro benchmarks
like buildworld do not demonstrate a difference. Part of the reason is
that buildworld time is dominated by compiler, and clang already links
to libthr. On the other hand, small utilities typically used by shell
scripts have the total number of syscalls cut by half.
The syscall is not exported from the stable libc version namespace on
purpose. It is intended to be used only by our C runtime
implementation internals.
Tested by: pho
Disscussed with: cem, emaste, jilles
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D12773
2020-02-09 11:53:12 +00:00
|
|
|
sigfastblock.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
sigpending.2 \
|
|
|
|
|
sigprocmask.2 \
|
|
|
|
|
sigqueue.2 \
|
|
|
|
|
sigreturn.2 \
|
|
|
|
|
sigstack.2 \
|
|
|
|
|
sigsuspend.2 \
|
|
|
|
|
sigwait.2 \
|
|
|
|
|
sigwaitinfo.2 \
|
|
|
|
|
socket.2 \
|
|
|
|
|
socketpair.2 \
|
|
|
|
|
stat.2 \
|
|
|
|
|
statfs.2 \
|
|
|
|
|
swapon.2 \
|
|
|
|
|
symlink.2 \
|
|
|
|
|
sync.2 \
|
|
|
|
|
sysarch.2 \
|
|
|
|
|
syscall.2 \
|
2016-05-14 09:43:28 +00:00
|
|
|
thr_exit.2 \
|
|
|
|
|
thr_kill.2 \
|
|
|
|
|
thr_new.2 \
|
|
|
|
|
thr_self.2 \
|
|
|
|
|
thr_set_name.2 \
|
2016-09-26 08:18:34 +00:00
|
|
|
thr_suspend.2 \
|
|
|
|
|
thr_wake.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
timer_create.2 \
|
|
|
|
|
timer_delete.2 \
|
|
|
|
|
timer_settime.2 \
|
2023-08-24 19:59:20 +00:00
|
|
|
timerfd.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
truncate.2 \
|
|
|
|
|
umask.2 \
|
|
|
|
|
undelete.2 \
|
|
|
|
|
unlink.2 \
|
2015-01-23 21:07:08 +00:00
|
|
|
utimensat.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
utimes.2 \
|
|
|
|
|
utrace.2 \
|
|
|
|
|
uuidgen.2 \
|
|
|
|
|
vfork.2 \
|
|
|
|
|
wait.2 \
|
2016-05-14 09:43:28 +00:00
|
|
|
write.2 \
|
|
|
|
|
_umtx_op.2
|
2013-02-16 22:21:46 +00:00
|
|
|
|
2024-01-16 22:25:07 +00:00
|
|
|
MAN+= \
|
2023-11-17 18:55:25 +00:00
|
|
|
getpagesize.3 \
|
|
|
|
|
getpagesizes.3 \
|
2024-01-16 22:25:07 +00:00
|
|
|
lockf.3 \
|
2023-11-15 21:44:43 +00:00
|
|
|
rfork_thread.3 \
|
2024-01-16 22:25:07 +00:00
|
|
|
sleep.3 \
|
|
|
|
|
usleep.3
|
|
|
|
|
|
2024-02-03 18:12:59 +00:00
|
|
|
MLINKS+=aio_read.2 aio_readv.2 \
|
|
|
|
|
aio_read.2 aio_read2.2
|
|
|
|
|
MLINKS+=aio_write.2 aio_writev.2 \
|
|
|
|
|
aio_write.2 aio_write2.2
|
2013-05-01 20:10:21 +00:00
|
|
|
MLINKS+=accept.2 accept4.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=access.2 eaccess.2 \
|
|
|
|
|
access.2 faccessat.2
|
2023-11-15 20:53:28 +00:00
|
|
|
MLINKS+=auxv.3 elf_aux_info.3
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=brk.2 sbrk.2
|
2011-03-03 11:31:08 +00:00
|
|
|
MLINKS+=cap_enter.2 cap_getmode.2
|
Merge Capsicum overhaul:
- Capability is no longer separate descriptor type. Now every descriptor
has set of its own capability rights.
- The cap_new(2) system call is left, but it is no longer documented and
should not be used in new code.
- The new syscall cap_rights_limit(2) should be used instead of
cap_new(2), which limits capability rights of the given descriptor
without creating a new one.
- The cap_getrights(2) syscall is renamed to cap_rights_get(2).
- If CAP_IOCTL capability right is present we can further reduce allowed
ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed
ioctls can be retrived with cap_ioctls_get(2) syscall.
- If CAP_FCNTL capability right is present we can further reduce fcntls
that can be used with the new cap_fcntls_limit(2) syscall and retrive
them with cap_fcntls_get(2).
- To support ioctl and fcntl white-listing the filedesc structure was
heavly modified.
- The audit subsystem, kdump and procstat tools were updated to
recognize new syscalls.
- Capability rights were revised and eventhough I tried hard to provide
backward API and ABI compatibility there are some incompatible changes
that are described in detail below:
CAP_CREATE old behaviour:
- Allow for openat(2)+O_CREAT.
- Allow for linkat(2).
- Allow for symlinkat(2).
CAP_CREATE new behaviour:
- Allow for openat(2)+O_CREAT.
Added CAP_LINKAT:
- Allow for linkat(2). ABI: Reuses CAP_RMDIR bit.
- Allow to be target for renameat(2).
Added CAP_SYMLINKAT:
- Allow for symlinkat(2).
Removed CAP_DELETE. Old behaviour:
- Allow for unlinkat(2) when removing non-directory object.
- Allow to be source for renameat(2).
Removed CAP_RMDIR. Old behaviour:
- Allow for unlinkat(2) when removing directory.
Added CAP_RENAMEAT:
- Required for source directory for the renameat(2) syscall.
Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR):
- Allow for unlinkat(2) on any object.
- Required if target of renameat(2) exists and will be removed by this
call.
Removed CAP_MAPEXEC.
CAP_MMAP old behaviour:
- Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and
PROT_WRITE.
CAP_MMAP new behaviour:
- Allow for mmap(2)+PROT_NONE.
Added CAP_MMAP_R:
- Allow for mmap(PROT_READ).
Added CAP_MMAP_W:
- Allow for mmap(PROT_WRITE).
Added CAP_MMAP_X:
- Allow for mmap(PROT_EXEC).
Added CAP_MMAP_RW:
- Allow for mmap(PROT_READ | PROT_WRITE).
Added CAP_MMAP_RX:
- Allow for mmap(PROT_READ | PROT_EXEC).
Added CAP_MMAP_WX:
- Allow for mmap(PROT_WRITE | PROT_EXEC).
Added CAP_MMAP_RWX:
- Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC).
Renamed CAP_MKDIR to CAP_MKDIRAT.
Renamed CAP_MKFIFO to CAP_MKFIFOAT.
Renamed CAP_MKNODE to CAP_MKNODEAT.
CAP_READ old behaviour:
- Allow pread(2).
- Disallow read(2), readv(2) (if there is no CAP_SEEK).
CAP_READ new behaviour:
- Allow read(2), readv(2).
- Disallow pread(2) (CAP_SEEK was also required).
CAP_WRITE old behaviour:
- Allow pwrite(2).
- Disallow write(2), writev(2) (if there is no CAP_SEEK).
CAP_WRITE new behaviour:
- Allow write(2), writev(2).
- Disallow pwrite(2) (CAP_SEEK was also required).
Added convinient defines:
#define CAP_PREAD (CAP_SEEK | CAP_READ)
#define CAP_PWRITE (CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ)
#define CAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE)
#define CAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL)
#define CAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W)
#define CAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X)
#define CAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X)
#define CAP_MMAP_RWX (CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X)
#define CAP_RECV CAP_READ
#define CAP_SEND CAP_WRITE
#define CAP_SOCK_CLIENT \
(CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN)
#define CAP_SOCK_SERVER \
(CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \
CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \
CAP_SETSOCKOPT | CAP_SHUTDOWN)
Added defines for backward API compatibility:
#define CAP_MAPEXEC CAP_MMAP_X
#define CAP_DELETE CAP_UNLINKAT
#define CAP_MKDIR CAP_MKDIRAT
#define CAP_RMDIR CAP_UNLINKAT
#define CAP_MKFIFO CAP_MKFIFOAT
#define CAP_MKNOD CAP_MKNODAT
#define CAP_SOCK_ALL (CAP_SOCK_CLIENT | CAP_SOCK_SERVER)
Sponsored by: The FreeBSD Foundation
Reviewed by: Christoph Mallon <christoph.mallon@gmx.de>
Many aspects discussed with: rwatson, benl, jonathan
ABI compatibility discussed with: kib
2013-03-02 00:53:12 +00:00
|
|
|
MLINKS+=cap_fcntls_limit.2 cap_fcntls_get.2
|
|
|
|
|
MLINKS+=cap_ioctls_limit.2 cap_ioctls_get.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=chdir.2 fchdir.2
|
2013-03-21 23:05:44 +00:00
|
|
|
MLINKS+=chflags.2 chflagsat.2 \
|
|
|
|
|
chflags.2 fchflags.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
chflags.2 lchflags.2
|
|
|
|
|
MLINKS+=chmod.2 fchmod.2 \
|
|
|
|
|
chmod.2 fchmodat.2 \
|
|
|
|
|
chmod.2 lchmod.2
|
|
|
|
|
MLINKS+=chown.2 fchown.2 \
|
|
|
|
|
chown.2 fchownat.2 \
|
|
|
|
|
chown.2 lchown.2
|
|
|
|
|
MLINKS+=clock_gettime.2 clock_getres.2 \
|
|
|
|
|
clock_gettime.2 clock_settime.2
|
2020-04-12 21:23:19 +00:00
|
|
|
MLINKS+=closefrom.2 close_range.2
|
2017-03-19 00:51:12 +00:00
|
|
|
MLINKS+=nanosleep.2 clock_nanosleep.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=cpuset.2 cpuset_getid.2 \
|
|
|
|
|
cpuset.2 cpuset_setid.2
|
2008-03-29 10:26:29 +00:00
|
|
|
MLINKS+=cpuset_getaffinity.2 cpuset_setaffinity.2
|
2018-03-24 23:58:44 +00:00
|
|
|
MLINKS+=cpuset_getdomain.2 cpuset_setdomain.2
|
1999-07-31 22:00:09 +00:00
|
|
|
MLINKS+=dup.2 dup2.2
|
2020-12-23 14:16:35 +00:00
|
|
|
MLINKS+=eventfd.2 eventfd_read.3 \
|
|
|
|
|
eventfd.2 eventfd_write.3
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=execve.2 fexecve.2
|
2007-04-29 21:38:25 +00:00
|
|
|
MLINKS+=extattr_get_file.2 extattr.2 \
|
|
|
|
|
extattr_get_file.2 extattr_delete_fd.2 \
|
2001-04-08 06:58:48 +00:00
|
|
|
extattr_get_file.2 extattr_delete_file.2 \
|
2013-11-09 00:36:09 +00:00
|
|
|
extattr_get_file.2 extattr_delete_link.2 \
|
2001-04-08 06:58:48 +00:00
|
|
|
extattr_get_file.2 extattr_get_fd.2 \
|
2013-11-09 00:36:09 +00:00
|
|
|
extattr_get_file.2 extattr_get_link.2 \
|
2007-04-29 21:38:25 +00:00
|
|
|
extattr_get_file.2 extattr_list_fd.2 \
|
|
|
|
|
extattr_get_file.2 extattr_list_file.2 \
|
|
|
|
|
extattr_get_file.2 extattr_list_link.2 \
|
2001-04-08 06:58:48 +00:00
|
|
|
extattr_get_file.2 extattr_set_fd.2 \
|
2007-04-29 21:38:25 +00:00
|
|
|
extattr_get_file.2 extattr_set_file.2 \
|
|
|
|
|
extattr_get_file.2 extattr_set_link.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=ffclock.2 ffclock_getcounter.2 \
|
|
|
|
|
ffclock.2 ffclock_getestimate.2 \
|
2011-11-21 01:26:10 +00:00
|
|
|
ffclock.2 ffclock_setestimate.2
|
2019-05-22 01:11:21 +00:00
|
|
|
MLINKS+=fhlink.2 fhlinkat.2
|
1999-09-11 14:20:18 +00:00
|
|
|
MLINKS+=fhopen.2 fhstat.2 fhopen.2 fhstatfs.2
|
2023-07-28 08:54:20 +00:00
|
|
|
MLINKS+=fork.2 _Fork.2
|
2016-08-17 10:16:42 +00:00
|
|
|
MLINKS+=fsync.2 fdatasync.2
|
1999-07-30 11:32:08 +00:00
|
|
|
MLINKS+=getdirentries.2 getdents.2
|
2018-12-07 15:17:29 +00:00
|
|
|
MLINKS+=getfh.2 lgetfh.2 \
|
|
|
|
|
getfh.2 getfhat.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=getgid.2 getegid.2
|
|
|
|
|
MLINKS+=getitimer.2 setitimer.2
|
1999-12-23 16:12:24 +00:00
|
|
|
MLINKS+=getlogin.2 getlogin_r.3
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=getlogin.2 setlogin.2
|
2011-03-06 08:35:50 +00:00
|
|
|
MLINKS+=getloginclass.2 setloginclass.2
|
1997-08-19 07:00:53 +00:00
|
|
|
MLINKS+=getpgrp.2 getpgid.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=getpid.2 getppid.2
|
|
|
|
|
MLINKS+=getpriority.2 setpriority.2
|
|
|
|
|
MLINKS+=getrlimit.2 setrlimit.2
|
|
|
|
|
MLINKS+=getsockopt.2 setsockopt.2
|
|
|
|
|
MLINKS+=gettimeofday.2 settimeofday.2
|
|
|
|
|
MLINKS+=getuid.2 geteuid.2
|
|
|
|
|
MLINKS+=intro.2 errno.2
|
2009-04-29 21:14:15 +00:00
|
|
|
MLINKS+=jail.2 jail_attach.2 \
|
|
|
|
|
jail.2 jail_get.2 \
|
|
|
|
|
jail.2 jail_remove.2 \
|
|
|
|
|
jail.2 jail_set.2
|
2008-03-10 09:54:13 +00:00
|
|
|
MLINKS+=kldunload.2 kldunloadf.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=kqueue.2 kevent.2 \
|
2023-03-31 22:27:00 +00:00
|
|
|
kqueue.2 kqueuex.2 \
|
2013-02-16 22:21:46 +00:00
|
|
|
kqueue.2 EV_SET.3
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=link.2 linkat.2
|
2003-08-09 03:23:24 +00:00
|
|
|
MLINKS+=madvise.2 posix_madvise.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=mkdir.2 mkdirat.2
|
|
|
|
|
MLINKS+=mkfifo.2 mkfifoat.2
|
|
|
|
|
MLINKS+=mknod.2 mknodat.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=mlock.2 munlock.2
|
2003-08-11 07:14:08 +00:00
|
|
|
MLINKS+=mlockall.2 munlockall.2
|
2000-09-28 22:39:59 +00:00
|
|
|
MLINKS+=modnext.2 modfnext.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=mount.2 nmount.2 \
|
|
|
|
|
mount.2 unmount.2
|
2005-11-30 04:14:53 +00:00
|
|
|
MLINKS+=mq_receive.2 mq_timedreceive.2
|
2008-04-16 14:57:40 +00:00
|
|
|
MLINKS+=mq_send.2 mq_timedsend.2
|
2007-09-15 14:33:55 +00:00
|
|
|
MLINKS+=ntp_adjtime.2 ntp_gettime.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=open.2 openat.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=pathconf.2 fpathconf.2
|
2009-07-08 15:23:18 +00:00
|
|
|
MLINKS+=pathconf.2 lpathconf.2
|
Add experimental support for process descriptors
A "process descriptor" file descriptor is used to manage processes
without using the PID namespace. This is required for Capsicum's
Capability Mode, where the PID namespace is unavailable.
New system calls pdfork(2) and pdkill(2) offer the functional equivalents
of fork(2) and kill(2). pdgetpid(2) allows querying the PID of the remote
process for debugging purposes. The currently-unimplemented pdwait(2) will,
in the future, allow querying rusage/exit status. In the interim, poll(2)
may be used to check (and wait for) process termination.
When a process is referenced by a process descriptor, it does not issue
SIGCHLD to the parent, making it suitable for use in libraries---a common
scenario when using library compartmentalisation from within large
applications (such as web browsers). Some observers may note a similarity
to Mach task ports; process descriptors provide a subset of this behaviour,
but in a UNIX style.
This feature is enabled by "options PROCDESC", but as with several other
Capsicum kernel features, is not enabled by default in GENERIC 9.0.
Reviewed by: jhb, kib
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
2011-08-18 22:51:30 +00:00
|
|
|
MLINKS+=pdfork.2 pdgetpid.2\
|
2017-06-17 17:32:40 +00:00
|
|
|
pdfork.2 pdkill.2
|
2013-05-01 22:42:42 +00:00
|
|
|
MLINKS+=pipe.2 pipe2.2
|
2014-11-13 05:26:14 +00:00
|
|
|
MLINKS+=poll.2 ppoll.2
|
2016-09-19 02:25:30 +00:00
|
|
|
MLINKS+=rctl_add_rule.2 rctl_get_limits.2 \
|
|
|
|
|
rctl_add_rule.2 rctl_get_racct.2 \
|
|
|
|
|
rctl_add_rule.2 rctl_get_rules.2 \
|
|
|
|
|
rctl_add_rule.2 rctl_remove_rule.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=read.2 pread.2 \
|
|
|
|
|
read.2 preadv.2 \
|
|
|
|
|
read.2 readv.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=readlink.2 readlinkat.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=recv.2 recvfrom.2 \
|
|
|
|
|
recv.2 recvmsg.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=rename.2 renameat.2
|
2011-12-27 10:34:00 +00:00
|
|
|
MLINKS+=rtprio.2 rtprio_thread.2
|
2008-04-16 14:57:40 +00:00
|
|
|
MLINKS+=sched_get_priority_max.2 sched_get_priority_min.2 \
|
|
|
|
|
sched_get_priority_max.2 sched_rr_get_interval.2
|
|
|
|
|
MLINKS+=sched_setparam.2 sched_getparam.2
|
|
|
|
|
MLINKS+=sched_setscheduler.2 sched_getscheduler.2
|
2023-10-18 14:05:44 +00:00
|
|
|
MLINKS+=sctp_generic_sendmsg.2 sctp_generic_sendmsg_iov.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=select.2 FD_CLR.3 \
|
|
|
|
|
select.2 FD_ISSET.3 \
|
|
|
|
|
select.2 FD_SET.3 \
|
2006-10-12 13:46:33 +00:00
|
|
|
select.2 FD_ZERO.3
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=send.2 sendmsg.2 \
|
|
|
|
|
send.2 sendto.2
|
1995-05-27 04:17:04 +00:00
|
|
|
MLINKS+=setpgid.2 setpgrp.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=setresuid.2 getresgid.2 \
|
|
|
|
|
setresuid.2 getresuid.2 \
|
|
|
|
|
setresuid.2 setresgid.2
|
|
|
|
|
MLINKS+=setuid.2 setegid.2 \
|
|
|
|
|
setuid.2 seteuid.2 \
|
|
|
|
|
setuid.2 setgid.2
|
1995-10-03 19:17:21 +00:00
|
|
|
MLINKS+=shmat.2 shmdt.2
|
2019-09-25 18:03:18 +00:00
|
|
|
MLINKS+=shm_open.2 memfd_create.3 \
|
2023-02-03 15:55:30 +00:00
|
|
|
shm_open.2 shm_create_largepage.3 \
|
2019-09-26 15:32:28 +00:00
|
|
|
shm_open.2 shm_unlink.2 \
|
2019-09-26 16:13:17 +00:00
|
|
|
shm_open.2 shm_rename.2
|
2005-11-11 03:13:25 +00:00
|
|
|
MLINKS+=sigwaitinfo.2 sigtimedwait.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=stat.2 fstat.2 \
|
|
|
|
|
stat.2 fstatat.2 \
|
|
|
|
|
stat.2 lstat.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=statfs.2 fstatfs.2
|
2002-12-15 19:17:57 +00:00
|
|
|
MLINKS+=swapon.2 swapoff.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=symlink.2 symlinkat.2
|
2008-04-16 14:57:40 +00:00
|
|
|
MLINKS+=syscall.2 __syscall.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=timer_settime.2 timer_getoverrun.2 \
|
|
|
|
|
timer_settime.2 timer_gettime.2
|
2023-08-24 19:59:20 +00:00
|
|
|
MLINKS+=timerfd.2 timerfd_create.2 \
|
|
|
|
|
timerfd.2 timerfd_gettime.2 \
|
|
|
|
|
timerfd.2 timerfd_settime.2
|
2016-05-14 09:43:28 +00:00
|
|
|
MLINKS+=thr_kill.2 thr_kill2.2
|
1994-05-27 05:00:24 +00:00
|
|
|
MLINKS+=truncate.2 ftruncate.2
|
2008-04-16 14:44:43 +00:00
|
|
|
MLINKS+=unlink.2 unlinkat.2
|
2019-04-06 09:34:26 +00:00
|
|
|
MLINKS+=unlink.2 funlinkat.2
|
2015-01-23 21:07:08 +00:00
|
|
|
MLINKS+=utimensat.2 futimens.2
|
2013-02-16 22:21:46 +00:00
|
|
|
MLINKS+=utimes.2 futimes.2 \
|
|
|
|
|
utimes.2 futimesat.2 \
|
|
|
|
|
utimes.2 lutimes.2
|
|
|
|
|
MLINKS+=wait.2 wait3.2 \
|
|
|
|
|
wait.2 wait4.2 \
|
|
|
|
|
wait.2 waitpid.2 \
|
|
|
|
|
wait.2 waitid.2 \
|
|
|
|
|
wait.2 wait6.2
|
|
|
|
|
MLINKS+=write.2 pwrite.2 \
|
|
|
|
|
write.2 pwritev.2 \
|
|
|
|
|
write.2 writev.2
|
2023-11-15 23:31:57 +00:00
|
|
|
.endif # ${LIB} == "sys"
|