d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cfb5f76865
freebsd-dev/lib/libc/sys
History
Jonathan Anderson cfb5f76865 Add experimental support for process descriptors 
A "process descriptor" file descriptor is used to manage processes
without using the PID namespace. This is required for Capsicum's
Capability Mode, where the PID namespace is unavailable.

New system calls pdfork(2) and pdkill(2) offer the functional equivalents
of fork(2) and kill(2). pdgetpid(2) allows querying the PID of the remote
process for debugging purposes. The currently-unimplemented pdwait(2) will,
in the future, allow querying rusage/exit status. In the interim, poll(2)
may be used to check (and wait for) process termination.

When a process is referenced by a process descriptor, it does not issue
SIGCHLD to the parent, making it suitable for use in libraries---a common
scenario when using library compartmentalisation from within large
applications (such as web browsers). Some observers may note a similarity
to Mach task ports; process descriptors provide a subset of this behaviour,
but in a UNIX style.

This feature is enabled by "options PROCDESC", but as with several other
Capsicum kernel features, is not enabled by default in GENERIC 9.0.

Reviewed by: jhb, kib
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
2011-08-18 22:51:30 +00:00
..
__error.c Fix many "function declaration isn't a prototype" warnings in libc. 2009-12-05 19:31:38 +00:00
_exit.2
abort2.2
accept.2 Attempt to reduce accidental foot-shooting by pointing out that 2009-11-02 07:21:13 +00:00
access.2 mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
acct.2
adjtime.2
aio_cancel.2
aio_error.2
aio_read.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
aio_return.2
aio_suspend.2
aio_waitcomplete.2 mdoc(7) police: Tidy up the syscall language. 2002-12-18 09:22:32 +00:00
aio_write.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
bind.2 Document EINVAL for bind(2). 2009-06-01 09:32:12 +00:00
brk.2
cap_enter.2 Make cap_new(2) and cap_getmode(2) symbols from libc public so applications 2011-03-03 11:31:08 +00:00
cap_new.2 Add experimental support for process descriptors 2011-08-18 22:51:30 +00:00
chdir.2
chflags.2 - Note that non-superusers are not allowed to set the SF_ARCHIVED 2010-10-29 15:03:29 +00:00
chmod.2 Update sticky(7) cross references. 2011-05-13 16:29:57 +00:00
chown.2
chroot.2
clock_gettime.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
close.2 Add a new 'void closefrom(int lowfd)' system call. When called, it closes 2009-06-15 20:38:55 +00:00
closefrom.2 Add a new 'void closefrom(int lowfd)' system call. When called, it closes 2009-06-15 20:38:55 +00:00
connect.2 Add ECONNRESET to list of possible errors in connect(2). 2010-09-06 21:39:54 +00:00
cpuset_getaffinity.2 Bump dates in dbopen(3) and cpuset_getaffinity(2) from r212441 and 2010-09-12 14:04:05 +00:00
cpuset.2 Add a set of manual pages for pthread[_attr]_[sg]etaffinity(3). 2010-01-09 12:31:11 +00:00
dup.2 Cross-reference cap_new(2) from dup(2), as they have similar functionality. 2011-08-14 12:41:44 +00:00
execve.2 Fix exec_imgact_shell()'s handling of two error cases: (1) Previously, if 2010-09-21 16:24:51 +00:00
extattr_get_file.2
fcntl.2 Update xrefs from 4.3BSD to modern signal functions in various man pages. 2010-05-06 22:49:54 +00:00
fcntl.c
fhopen.2
flock.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
fork.2
fsync.2
ftruncate.c
getdirentries.2
getdtablesize.2
getfh.2 getfh(2): Add xrefs for fhopen(2), open(2), stat(2). 2011-04-14 22:06:11 +00:00
getfsstat.2
getgid.2
getgroups.2 getgroups(2): Remove mention of <sys/param.h> and refer to sysconf(3). 2011-01-21 22:15:17 +00:00
getitimer.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
getlogin.2
getloginclass.2 Add manual page for getloginclass(2) and setloginclass(2). 2011-03-06 08:35:50 +00:00
getpeername.2
getpgrp.2
getpid.2
getpriority.2 mdoc: make pages render with mandoc 2010-10-21 12:27:13 +00:00
getrlimit.2 Update xrefs from 4.3BSD to modern signal functions in various man pages. 2010-05-06 22:49:54 +00:00
getrusage.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
getsid.2
getsockname.2
getsockopt.2 This commit implements the SO_USER_COOKIE socket option, which lets 2010-11-12 13:02:26 +00:00
gettimeofday.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
getuid.2
intro.2 Add description of ECAPMODE to errno(2) man page. 2011-03-03 11:29:48 +00:00
ioctl.2 Document FIONREAD, FIONWRITE and FIONSPACE. 2010-05-11 17:02:12 +00:00
issetugid.2
jail.2 Spelling fixes. 2010-08-02 16:01:45 +00:00
kenv.2
kill.2
kldfind.2
kldfirstmod.2
kldload.2
kldnext.2
kldstat.2 - Clarification on kld_file_stat.size 2011-04-23 20:59:58 +00:00
kldsym.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
kldunload.2 Document that kldunloadf can return EINVAL. 2008-12-25 09:15:31 +00:00
kqueue.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
kse.2
ktrace.2
link.2 Correct AT_SYMLINK_FOLLOW flag name in linkat(2) man page. 2009-07-19 16:48:25 +00:00
lio_listio.2
listen.2
lseek.2
lseek.c
madvise.2
Makefile.inc Add experimental support for process descriptors 2011-08-18 22:51:30 +00:00
mincore.2
minherit.2
mkdir.2
mkfifo.2
mknod.2 mknod(2): The required include is <sys/stat.h>, not <unistd.h>. 2011-01-16 21:59:50 +00:00
mlock.2 Update mlockall(2) to mention that it's superuser-only syscall, just 2010-07-27 20:34:37 +00:00
mlockall.2 Update mlockall(2) to mention that it's superuser-only syscall, just 2010-07-27 20:34:37 +00:00
mmap.2 Remove sysctl vm.max_proc_mmap used to protect from KVA space exhaustion. 2011-02-24 09:22:56 +00:00
mmap.c
modfind.2
modnext.2
modstat.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
mount.2 Change the current working directory to be inside the jail created by 2010-05-27 03:15:04 +00:00
mprotect.2
mq_close.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_getattr.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_notify.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_open.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_receive.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_send.2 mdoc: remove literal tabs where they don't belong 2010-06-08 16:48:59 +00:00
mq_setattr.2 mq_setattr(2): Add missing const to man page. 2011-05-17 21:03:34 +00:00
msgctl.2 Move msg{snd,recv,get,ctl} manual pages from section 3 to 2. 2009-07-13 12:53:43 +00:00
msgget.2 Move msg{snd,recv,get,ctl} manual pages from section 3 to 2. 2009-07-13 12:53:43 +00:00
msgrcv.2 Move msg{snd,recv,get,ctl} manual pages from section 3 to 2. 2009-07-13 12:53:43 +00:00
msgsnd.2 Move msg{snd,recv,get,ctl} manual pages from section 3 to 2. 2009-07-13 12:53:43 +00:00
msync.2
munmap.2
nanosleep.2 In nanosleep(2), note that the calling thread is put to sleep, not the 2009-10-11 16:23:11 +00:00
nfssvc.2
ntp_adjtime.2 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
open.2 Fix mdoc errors. 2011-04-01 19:57:27 +00:00
pathconf.2 mdoc: make pages render with mandoc 2010-10-21 12:27:13 +00:00
pdfork.2 Add experimental support for process descriptors 2011-08-18 22:51:30 +00:00
pipe.2 Several cleanups related to pipe(2). 2008-11-11 14:55:59 +00:00
poll.2
posix_fallocate.2 Add the posix_fallocate(2) syscall. The default implementation in 2011-04-18 16:32:22 +00:00
posix_openpt.2 Integrate the new MPSAFE TTY layer to the FreeBSD operating system. 2008-08-20 08:31:58 +00:00
pread.c
profil.2
pselect.2 Move pselect(3) man page to section 2. 2009-10-28 11:14:32 +00:00
ptrace.2 Document PT_FLAG_FORKED, PT_FOLLOW_FORK, pl_tdname and pl_child_pid. 2011-01-25 11:02:12 +00:00
pwrite.c
quotactl.2 Debugging nits found while testing the new 64-bit quota code. 2010-03-16 06:12:30 +00:00
read.2
readlink.2
reboot.2
recv.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
rename.2 Add one more EACCES clause to rename.2. 2008-11-07 15:01:40 +00:00
revoke.2 Add revoke(1). 2009-06-15 21:52:27 +00:00
rfork.2 Document RFTSIGZMB. Fix spelling of SIGCHLD. Note that signals are 2011-07-12 20:38:42 +00:00
rmdir.2
rtprio.2
sched_get_priority_max.2
sched_setparam.2
sched_setscheduler.2 mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
sched_yield.2
sctp_generic_recvmsg.2 Miscellaneous mdoc, spelling and inconsistency fixes. 2010-01-12 21:45:03 +00:00
sctp_generic_sendmsg.2 Miscellaneous mdoc, spelling and inconsistency fixes. 2010-01-12 21:45:03 +00:00
sctp_peeloff.2 Fix a couple of typos. 2010-07-30 11:58:18 +00:00
select.2
semctl.2 Make the structure definitions in the man pages match the real code, and 2009-06-29 18:54:17 +00:00
semget.2
semop.2 Fix incorrect usage of 'assure' and 'insure'. 2010-08-28 16:32:01 +00:00
send.2 Standardize the various prison_foo_ip[46] functions and prison_if to 2009-02-05 14:06:09 +00:00
sendfile.2 Further fix grammar. 2010-01-07 21:14:46 +00:00
setfib.2 Fix setfib(1) section number. 2009-09-18 14:17:00 +00:00
setgroups.2 In preparation for raising NGROUPS and NGROUPS_MAX, change base 2009-06-19 15:58:24 +00:00
setpgid.2 Describe what setpgid(2) does when pgid=0. The text has been 2009-12-01 06:12:31 +00:00
setregid.2
setresuid.2
setreuid.2
setsid.2
setuid.2 mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
shm_open.2 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
shmat.2 Update shmget(2) with POSIX access permissions and remove non-standard SHM_R, 2010-12-17 21:10:08 +00:00
shmctl.2 Update shmget(2) with POSIX access permissions and remove non-standard SHM_R, 2010-12-17 21:10:08 +00:00
shmget.2 Sort cross references by section. 2010-12-18 10:09:07 +00:00
shutdown.2
sigaction.2 Update xrefs from 4.3BSD to modern signal functions in various man pages. 2010-05-06 22:49:54 +00:00
sigaltstack.2 Use NULL instead of 0 for pointer in example. 2010-08-29 16:38:08 +00:00
sigpending.2
sigprocmask.2 sigprocmask(2): pthread_sigmask(3) must be used in threaded processes. 2010-05-07 20:46:22 +00:00
sigqueue.2
sigreturn.2 Update xrefs from 4.3BSD to modern signal functions in various man pages. 2010-05-06 22:49:54 +00:00
sigstack.2
sigsuspend.2
sigwait.2
sigwait.c Because POSIX does not allow EINTR to be returned from sigwait(), 2010-09-10 01:47:37 +00:00
sigwaitinfo.2
socket.2 Note that the protocol argument can be set to 0. 2009-01-05 12:18:46 +00:00
socketpair.2
stack_protector_compat.c Move the __stack_chk_fail_local@FBSD_1.0 compat symbol definition into 2010-08-24 12:58:54 +00:00
stack_protector.c Clang related fixes: 2010-10-13 16:57:06 +00:00
stat.2 Update sticky(7) cross references. 2011-05-13 16:29:57 +00:00
statfs.2
swapon.2
Symbol.map Add experimental support for process descriptors 2011-08-18 22:51:30 +00:00
symlink.2
sync.2
sysarch.2
syscall.2
timer_create.2 - add missing include 2009-01-12 13:12:02 +00:00
timer_delete.2
timer_settime.2
truncate.2
truncate.c
umask.2
undelete.2
unlink.2 unlinkat(2): unlinkat(AT_REMOVEDIR) fails with ENOTEMPTY like rmdir() 2010-04-25 13:55:52 +00:00
utimes.2
utrace.2 The NetBSD Foundation has granted permission to remove clause 3 and 4 from 2010-03-02 17:20:04 +00:00
uuidgen.2
vfork.2 Update xrefs from 4.3BSD to modern signal functions in various man pages. 2010-05-06 22:49:54 +00:00
wait.2 Note how wait(3) is implemented. 2011-06-18 00:53:51 +00:00
write.2