#
2b3f93ea |
| 13-Oct-2023 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - Add per-process capability-based restrictions
* This new system allows userland to set capability restrictions which turns off numerous kernel features and root accesses. These restricti
kernel - Add per-process capability-based restrictions
* This new system allows userland to set capability restrictions which turns off numerous kernel features and root accesses. These restrictions are inherited by sub-processes recursively. Once set, restrictions cannot be removed.
Basic restrictions that mimic an unadorned jail can be enabled without creating a jail, but generally speaking real security also requires creating a chrooted filesystem topology, and a jail is still needed to really segregate processes from each other. If you do so, however, you can (for example) disable mount/umount and most global root-only features.
* Add new system calls and a manual page for syscap_get(2) and syscap_set(2)
* Add sys/caps.h
* Add the "setcaps" userland utility and manual page.
* Remove priv.9 and the priv_check infrastructure, replacing it with a newly designed caps infrastructure.
* The intention is to add path restriction lists and similar features to improve jailess security in the near future, and to optimize the priv_check code.
show more ...
|
Revision tags: v6.4.0, v6.4.0rc1, v6.5.0, v6.2.2, v6.2.1, v6.2.0, v6.3.0, v6.0.1 |
|
#
74fa2560 |
| 11-Sep-2021 |
Tomohiro Kusumi <tkusumi@netbsd.org> |
sys/kern: Add fdatasync(2)
Based on the following FreeBSD commits in 2016. 295af703a0d7987c6cf4987e7b7f5f07b3ca1221 1c1cc89580f0fbfabaf6f6c7f0f6440eef0c128e
Add the syscall and also add it to pthre
sys/kern: Add fdatasync(2)
Based on the following FreeBSD commits in 2016. 295af703a0d7987c6cf4987e7b7f5f07b3ca1221 1c1cc89580f0fbfabaf6f6c7f0f6440eef0c128e
Add the syscall and also add it to pthread's cancellation point. The default behavior is same as fsync(2), which is fine but inefficient.
show more ...
|
#
09d96b9c |
| 08-Sep-2021 |
Tomohiro Kusumi <tkusumi@netbsd.org> |
sys/kern: Add posix_fallocate(2)
Based on the initial posix_fallocate(2) implementation in FreeBSD from d91f88f7f38078ac6dd4b0f0e77470d605d1518e in 2011.
There is nothing special or efficient about
sys/kern: Add posix_fallocate(2)
Based on the initial posix_fallocate(2) implementation in FreeBSD from d91f88f7f38078ac6dd4b0f0e77470d605d1518e in 2011.
There is nothing special or efficient about the default behavior. VFS has no knowledge of fs details.
show more ...
|
#
5229377c |
| 07-Sep-2021 |
Sascha Wildner <saw@online.de> |
kernel/libc: Remove the old vmm code.
Removes the kernel code and two system calls.
Bump __DragonFly_version too.
Reviewed-by: aly, dillon
|
Revision tags: v6.0.0, v6.0.0rc1, v6.1.0 |
|
#
337acc44 |
| 17-Feb-2021 |
Aaron LI <aly@aaronly.me> |
Implement the fexecve(2) system call
The fexecve(2) function is equivalent to execve(2), except that the file to be executed is determined by the file descriptor fd instead of a pathname.
The purpo
Implement the fexecve(2) system call
The fexecve(2) function is equivalent to execve(2), except that the file to be executed is determined by the file descriptor fd instead of a pathname.
The purpose of fexecve(2) is to enable executing a file which has been verified to be the intended file. It is possible to actively check the file by reading from the file descriptor and be sure that the file is not exchanged for another between the reading and the execution.
See https://pubs.opengroup.org/onlinepubs/9699919799/functions/fexecve.html
This work is partially based on swildner's patch and FreeBSD's implementation (revisions 177787, 182191, 238220).
XXX: We're missing O_EXEC support in open(2).
Reviewed-by: dillon
show more ...
|
#
86ccdacb |
| 17-Jan-2021 |
Aaron LI <aly@aaronly.me> |
Implement clock_nanosleep(2) system call
* Extend the nanosleep1() function in kern_time.c to support the clock_nanosleep(2) system call. Add {kern,sys}_clock_nanosleep() functions and update k
Implement clock_nanosleep(2) system call
* Extend the nanosleep1() function in kern_time.c to support the clock_nanosleep(2) system call. Add {kern,sys}_clock_nanosleep() functions and update kern_nanosleep() accordingly.
* Add clock_nanosleep() syscall to syscalls.master and regenerate syscall-related files.
* Update libc symbols with the new syscall.
* Add clock_nanosleep() warpper in libthread_xu.
* Update nanosleep.2 man page to describe clock_nanosleep().
* Update <time.h> and bump __DragonFly_version.
This work is loosely based on the FreeBSD implementation: https://reviews.freebsd.org/rS315526
This clock_nanosleep(2) syscall passed all tests in the Open POSIX Test Suite [0]:
conformance/interfaces/clock_nanosleep/1-1: execution: PASS conformance/interfaces/clock_nanosleep/1-2: execution: PASS conformance/interfaces/clock_nanosleep/1-3: execution: PASS conformance/interfaces/clock_nanosleep/1-4: execution: PASS conformance/interfaces/clock_nanosleep/1-5: execution: PASS conformance/interfaces/clock_nanosleep/2-1: execution: PASS conformance/interfaces/clock_nanosleep/2-2: execution: PASS conformance/interfaces/clock_nanosleep/2-3: execution: PASS conformance/interfaces/clock_nanosleep/3-1: execution: PASS conformance/interfaces/clock_nanosleep/4-1: execution: PASS conformance/interfaces/clock_nanosleep/5-1: execution: PASS conformance/interfaces/clock_nanosleep/6-1: execution: PASS conformance/interfaces/clock_nanosleep/9-1: execution: PASS conformance/interfaces/clock_nanosleep/8-1: execution: PASS conformance/interfaces/clock_nanosleep/10-1: execution: PASS conformance/interfaces/clock_nanosleep/11-1: execution: PASS conformance/interfaces/clock_nanosleep/13-1: execution: PASS conformance/interfaces/clock_nanosleep/15-1: execution: PASS
[0] Open POSIX Test Suite: http://posixtest.sourceforge.net/
Reviewed-by: swildner, dillon, tuxillo, zach
show more ...
|
Revision tags: v5.8.3, v5.8.2 |
|
#
ec5a6ba7 |
| 26-Jul-2020 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - more cleanup of syscall2()
* Implement an actual SYS___nosys system call.
* Convert one conditional to something that can use CMOV, using the new SYS___nosys system call code.
* Get rid
kernel - more cleanup of syscall2()
* Implement an actual SYS___nosys system call.
* Convert one conditional to something that can use CMOV, using the new SYS___nosys system call code.
* Get rid of special checks for SYS_syscall and SYS___syscall. Instead, provide real vectors for these functions. This also cleans up a few other bits of code in syscall2().
show more ...
|
Revision tags: v5.8.1 |
|
#
b14285e2 |
| 13-Apr-2020 |
Sascha Wildner <saw@online.de> |
kernel: GC a few old system calls which are libc functions in DragonFly.
Namely, getdomainname, setdomainname, and uname, all of which were deprecated in early FreeBSD but never really phased out. T
kernel: GC a few old system calls which are libc functions in DragonFly.
Namely, getdomainname, setdomainname, and uname, all of which were deprecated in early FreeBSD but never really phased out. They were likely never used (as system calls) in DragonFly at all.
For more information on the FreeBSD history, see FreeBSD's r184789.
show more ...
|
Revision tags: v5.8.0, v5.9.0, v5.8.0rc1, v5.6.3 |
|
#
fa0a7960 |
| 02-Feb-2020 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - Add __realpath() and getrandom() system calls
* Add a kernel __realpath() system call. libc must still implement the realpath() function to handle NULL buffers (malloc()d buffer return
kernel - Add __realpath() and getrandom() system calls
* Add a kernel __realpath() system call. libc must still implement the realpath() function to handle NULL buffers (malloc()d buffer returned).
The libc implementation checks the osversion for backwards compatibility before attempting to use the new system call.
* Add a kernel getrandom() system call.
* Bump __DragonFly_version to 500710.
Suggested-by: tuxillo, mjg
show more ...
|
#
2bebe3e9 |
| 14-Nov-2019 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - Add lwp_getname() system call
* Add a new system call to support pthread_get_name_np().
|
Revision tags: v5.6.2, v5.6.1, v5.6.0, v5.6.0rc1, v5.7.0, v5.4.3, v5.4.2, v5.4.1, v5.4.0, v5.5.0, v5.4.0rc1 |
|
#
5da8dff1 |
| 11-Oct-2018 |
Sascha Wildner <saw@online.de> |
kernel: Clean up syscalls.master a bit more.
All this and also f29ea48f7a62b011be75119d46acd81bee2dd8ee could have been cleaned up in d6e8ab2d2508bde32ad7b7daaf86d44ec7330986.
While here, also remo
kernel: Clean up syscalls.master a bit more.
All this and also f29ea48f7a62b011be75119d46acd81bee2dd8ee could have been cleaned up in d6e8ab2d2508bde32ad7b7daaf86d44ec7330986.
While here, also remove some obsolete comments.
show more ...
|
#
533f1ebb |
| 11-Oct-2018 |
Sascha Wildner <saw@online.de> |
syscalls.master: Remove a leftover semicolon.
|
#
f29ea48f |
| 11-Oct-2018 |
Sascha Wildner <saw@online.de> |
kernel/libc: Remove sigstack() remains.
There is no sigstack() syscall anymore in DragonFly, besides being obsolete, so remove some remains like the manual page and prototype, and do some related cl
kernel/libc: Remove sigstack() remains.
There is no sigstack() syscall anymore in DragonFly, besides being obsolete, so remove some remains like the manual page and prototype, and do some related cleanup.
show more ...
|
#
33b81dc9 |
| 30-Sep-2018 |
Matthew Dillon <dillon@apollo.backplane.com> |
system - Add wait6(), waitid(), and si_pid/si_uid siginfo support
* Add the wait6() system call (header definitions taken from FreeBSD). This required rearranging kern_wait() a bit. In particular
system - Add wait6(), waitid(), and si_pid/si_uid siginfo support
* Add the wait6() system call (header definitions taken from FreeBSD). This required rearranging kern_wait() a bit. In particular, we now maintain a hold count of 1 on the process during processing instead of releasing the hold count early.
* Add waitid() to libc (waitid.c taken from FreeBSD).
* Adjust manual pages (taken from FreeBSD).
* Add siginfo si_pid and si_uid support. This basically allows a process taking a signal to determine where the signal came from. The fields already existed in siginfo but were not implemented.
Implemented using a non-queued per-process array of signal numbers. The last originator sending any given signal is recorded and passed through to userland in the siginfo.
* Fixes the 'lightdm' X display manager. lightdm relies on si_pid support. In addition, note that avoiding long lightdm related latencies and timeouts require a softlink from libmozjs-52.so to libmozjs-52.so.0 (must be addressed in dports, not addressed in this commit).
Loosely-taken-from: FreeBSD (wait6, waitid support only) Reviewed-by: swildner
show more ...
|
Revision tags: v5.2.2, v5.2.1, v5.2.0, v5.3.0, v5.2.0rc, v5.0.2, v5.0.1, v5.0.0, v5.0.0rc2, v5.1.0, v5.0.0rc1, v4.8.1 |
|
#
725edadf |
| 26-Jul-2017 |
Sascha Wildner <saw@online.de> |
libc/libpthread: Add clock_getcpuclockid() and pthread_getcpuclockid().
* Adjust clock_gettime() and clock_getres() to accept values obtained this way.
* Also set _POSIX_CPUTIME and _POSIX_THREAD
libc/libpthread: Add clock_getcpuclockid() and pthread_getcpuclockid().
* Adjust clock_gettime() and clock_getres() to accept values obtained this way.
* Also set _POSIX_CPUTIME and _POSIX_THREAD_CPUTIME, although we should really support values obtained by these functions in clock_settime() too.
Based on and taken from FreeBSD's code.
Reviewed-by: sephe
show more ...
|
Revision tags: v4.8.0, v4.6.2, v4.9.0, v4.8.0rc |
|
#
1eb8c611 |
| 14-Jan-2017 |
Sepherosa Ziehau <sephe@dragonflybsd.org> |
lwp: Add lwp_create2 syscll, which takes cpumask for scheduling.
|
#
8f95cc34 |
| 09-Jan-2017 |
Sepherosa Ziehau <sephe@dragonflybsd.org> |
lwp: Add two syscalls to set/get lwp's CPU affinity mask.
|
#
5192011a |
| 24-Oct-2016 |
Sascha Wildner <saw@online.de> |
kernel: Mark some syscalls obsolete which are really libc functions.
|
Revision tags: v4.6.1, v4.6.0, v4.6.0rc2, v4.6.0rc, v4.7.0, v4.4.3, v4.4.2 |
|
#
6d2444c4 |
| 12-Dec-2015 |
Imre Vadasz <imre@vdsz.com> |
kernel - Implement ppoll system call with precise microseconds timeout.
* Implement a maximum timeout of 2000s, because systimer(9) just accepts an int timeout in microseconds.
* Add kern.kv_slee
kernel - Implement ppoll system call with precise microseconds timeout.
* Implement a maximum timeout of 2000s, because systimer(9) just accepts an int timeout in microseconds.
* Add kern.kv_sleep_threshold sysctl variable for tuning the threshold for the ppoll sleep duration (in nanoseconds), below which we will busy-loop with DELAY instead of using tsleep for waiting.
show more ...
|
#
3087e737 |
| 19-Mar-2016 |
Sascha Wildner <saw@online.de> |
Add a kenv(2) system call for better handling of the kernel environment.
|
Revision tags: v4.4.1, v4.4.0, v4.5.0, v4.4.0rc |
|
#
0ca59c34 |
| 19-Nov-2015 |
Sepherosa Ziehau <sephe@dragonflybsd.org> |
pthread: Add lwp_setname(2) and implement pthread_set_name_np(3)
- Return thread name through kinfo. - Show thread name in ps(1) for 'Hc'. - Show thread name in top(1), if it is different from proce
pthread: Add lwp_setname(2) and implement pthread_set_name_np(3)
- Return thread name through kinfo. - Show thread name in ps(1) for 'Hc'. - Show thread name in top(1), if it is different from process name.
show more ...
|
#
2883bac1 |
| 16-Nov-2015 |
Sascha Wildner <saw@online.de> |
kernel: Fix three declarations of (obsolete) syscalls.
This mainly fixes some comments and strings in generated files.
|
#
73610d44 |
| 29-Oct-2015 |
Sepherosa Ziehau <sephe@dragonflybsd.org> |
socket: Add accept4 syscall and bump __DragonFly_version
Suggested-by: zrj on #dragonflybsd@efnet
|
Revision tags: v4.2.4, v4.3.1, v4.2.3, v4.2.1, v4.2.0 |
|
#
16c99e62 |
| 22-Jun-2015 |
Sascha Wildner <saw@online.de> |
i386 removal, part 8/x: Remove i386 DragonFly 1.2 compat kernel code.
Reclaim all the COMPAT_DF12 type syscalls since they never existed on x86_64.
|
Revision tags: v4.0.6, v4.3.0, v4.2.0rc |
|
#
8edf56c9 |
| 26-May-2015 |
Matthew Dillon <dillon@apollo.backplane.com> |
kernel - Add futimens()
* Add futimens()
* Consolidate the support function to kern_futimens().
|