d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6bfcd9c37b
freebsd-dev/lib
History
Jonathan Anderson cfb5f76865 Add experimental support for process descriptors 
A "process descriptor" file descriptor is used to manage processes
without using the PID namespace. This is required for Capsicum's
Capability Mode, where the PID namespace is unavailable.

New system calls pdfork(2) and pdkill(2) offer the functional equivalents
of fork(2) and kill(2). pdgetpid(2) allows querying the PID of the remote
process for debugging purposes. The currently-unimplemented pdwait(2) will,
in the future, allow querying rusage/exit status. In the interim, poll(2)
may be used to check (and wait for) process termination.

When a process is referenced by a process descriptor, it does not issue
SIGCHLD to the parent, making it suitable for use in libraries---a common
scenario when using library compartmentalisation from within large
applications (such as web browsers). Some observers may note a similarity
to Mach task ports; process descriptors provide a subset of this behaviour,
but in a UNIX style.

This feature is enabled by "options PROCDESC", but as with several other
Capsicum kernel features, is not enabled by default in GENERIC 9.0.

Reviewed by: jhb, kib
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
2011-08-18 22:51:30 +00:00
..
bind Fixes to make the WITH_BIND_LIBS option functional with BIND 9.8.x 2011-07-17 12:07:22 +00:00
clang Upgrade our copy of llvm/clang to r135360, from upstream's trunk. 2011-07-17 19:51:40 +00:00
csu Build Scrt.o on powerpc64. Its introduction on other platforms got lost 2011-06-27 16:24:36 +00:00
libalias Remove redundant WARNS?=6 overrides and inherit the WARNS setting from 2010-03-02 18:44:08 +00:00
libarchive Merge revision 3554 from libarchive's release/2.8 branch: 2011-08-07 20:24:32 +00:00
libauditd
libbegemot
libblocksruntime Import libcompiler_rt into HEAD and add Makefiles. 2010-11-11 15:13:11 +00:00
libbluetooth Add the following Linux BlueZ compatibility macros: htobs(), htobl(), 2010-09-22 23:41:02 +00:00
libbsm
libbsnmp Unbreak the build by temprorarily not using include directives in 2010-12-20 22:56:50 +00:00
libbz2
libc Add experimental support for process descriptors 2011-08-18 22:51:30 +00:00
libcalendar
libcam Add Serial Management Protocol (SMP) passthrough support to CAM. 2010-11-30 22:39:46 +00:00
libcom_err
libcompat Small style(9) fix: use tabs instead of spaces. 2010-08-08 08:19:23 +00:00
libcompiler_rt Upgrade libcompiler_rt from revision 117047 to 132478. 2011-06-03 17:49:16 +00:00
libcrypt s/shaN_crypt/crypt_shaN/g to be a more consistent with the existing naming. 2011-05-05 01:09:42 +00:00
libdevinfo sys/rman.h now requires sys/types.h. Include it to make the API match 2011-02-10 04:53:09 +00:00
libdevstat Do not increment num_args if strsep(3) returned an empty field. 2011-04-04 09:25:27 +00:00
libdisk Disconnect sun4v architecture from the three. 2011-05-14 01:53:38 +00:00
libdwarf Add the ability to search for all the inlined instances of a given function. 2011-05-07 01:05:31 +00:00
libedit Add $FreeBSD$'s. 2011-04-14 15:42:15 +00:00
libefi Spelling fixes. 2010-08-03 17:40:09 +00:00
libelf Document the behavior of elf_getdata() and elf_rawdata() with 2011-05-07 11:29:48 +00:00
libexpat Fix buildworld -DNO_CLEAN when using with Perforce, which marks files as 2010-08-12 20:46:49 +00:00
libfetch Mark all socket and file descriptors close-on-exec. 2011-05-13 07:21:41 +00:00
libftpio mdoc: consistently spell our email addresses <foo@FreeBSD.org> 2010-05-19 08:57:53 +00:00
libgeom Remove stale link. 2010-12-04 08:44:56 +00:00
libgpib Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
libgssapi mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
libiconv Remove redundant assignments to WARNS. 2011-06-06 20:24:17 +00:00
libiconv_modules Add the BSD-licensed Citrus iconv to the base system with default off 2011-02-25 00:04:39 +00:00
libipsec The use of snprintf() to append to a buffer is not valid according to C99 2010-12-11 08:07:21 +00:00
libipx Fix incorrect usage of 'assure' and 'insure'. 2010-08-28 16:32:01 +00:00
libjail Introduce signed and unsigned version of CTLTYPE_QUAD, renaming 2011-01-19 23:00:25 +00:00
libkiconv
libkse Merge from tbemd: 2010-06-13 01:27:29 +00:00
libkvm Add support for PBVM addresses. In a nutshell this means: 2011-08-06 15:59:54 +00:00
liblzma Update xz to git snapshot of v5.0 branch as of 20110711 (post-5.0.3) 2011-07-11 14:15:27 +00:00
libmagic Use CFLAGS and LDFLAGS when compiling mkmagic. This ensures that all the 2010-08-01 12:10:32 +00:00
libmd Rewrite HISTORY: The SHA256 code first appeared in 6.0, and the SHA512 2011-06-27 02:10:10 +00:00
libmemstat Get rid of MAXCPU knowledge used for internal needs only. Switch to 2011-08-01 09:43:35 +00:00
libmilter
libmp
libncp
libnetgraph
libngatm
libopie
libpam Mention the name of the module in warning messages. 2011-03-12 11:26:37 +00:00
libpcap Regenerate our lib/libpcap/config.h for libpcap 1.1.1. 2010-10-29 22:57:14 +00:00
libpmc Revert last commit: CPUTYPE will be defined here 2011-02-11 02:34:26 +00:00
libproc fix a serious bug in libproc's proc_attach 2011-08-03 09:55:59 +00:00
libprocstat Updates to libprocstat(3) and procstat(1) to allow monitoring Capsicum 2011-08-14 00:42:09 +00:00
libradius Add links for libradius(3) functions. 2010-10-18 12:35:10 +00:00
librpcsec_gss Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
librpcsvc
librt Fix the 32-bit build stage on amd64 when WITH_CTF is enabled. It seems 2011-02-23 21:17:38 +00:00
librtld_db Spelling fixes. 2010-08-03 17:40:09 +00:00
libsbuf Ok, so we use different comment conventions in Symbol.map and Version.def 2011-05-17 19:20:32 +00:00
libsdp Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
libsm Enable the use of nanosleep() instead of using pause() and signals. 2010-03-04 05:53:06 +00:00
libsmb
libsmdb
libsmutil
libstand - Removing some unneeded definitions of NULL(cruft related to 1970's C). 2011-07-10 07:25:34 +00:00
libtacplus mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
libtelnet
libthr Do not set thread name to less than informative 'initial thread'. 2011-06-19 13:35:36 +00:00
libthread_db Change lwp to int64_t as thr_pread_long() always uses a 64-bit value 2011-08-07 15:52:13 +00:00
libufs Replace ERROR() macro with inline function. In-tree gcc cannot tolerate 2011-02-12 12:46:00 +00:00
libugidfw Quiet clang warnings by using string literal format strings. 2011-01-04 13:02:52 +00:00
libulog Fix reference to nonexistent manpage getuid(3). 2010-10-11 20:30:57 +00:00
libusb Update LibUSB v1.0 manual page: 2011-08-16 21:04:04 +00:00
libusbhid MFprojects/hid: 2011-07-30 13:22:44 +00:00
libutil Add missing "swapuse" resource limit. 2011-07-09 08:42:23 +00:00
libvgl Change libvgl's set4pixels() and set2lines() functions from plain 2010-10-04 18:16:38 +00:00
libwrap
liby
libypclnt
libz Disable gvmat64.S, the assembler version of longest_match for now. 2011-07-18 19:23:50 +00:00
msun In the libm access macros for the double type, z can sometimes 2011-06-19 17:07:58 +00:00
ncurses
Makefile Vendor import of clang trunk r135360: 2011-07-17 15:40:56 +00:00
Makefile.inc