feffd68602
The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi