You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Support elimination of the ability to make system calls outside trusted code in the runtime linker and `libsys`.
This work was initially inspired by a compartmentalization prototype in CheriBSD in 2016.
Ali Mashtizadeh and Tal Garfinkel picked that work up and attempted to upstream it link:https://reviews.freebsd.org/D14609[D14609].
Ali Mashtizadeh and Tal Garfinkel picked that work up and attempted to upstream it (link:https://reviews.freebsd.org/D14609[D14609]).
Unfortunately we couldn't figure out how to review and land the massive reorganization required through a phabricator review so it languished.
Last year the CHERI project once again found a need for system call seperation in a new library-based compartmentalization framework in CheriBSD so I rebuilt the patch from scratch, committing dozens of libc cleanups along the way.
Last year the CHERI project once again found a need for system call separation in a new library-based compartmentalization framework in CheriBSD so I rebuilt the patch from scratch, committing dozens of libc cleanups along the way.
I landed the first batch of changes on February 5th.
Since then I've made a number of refinements to the way we link libsys as well as which symbols are provided in which library.
Thanks to Konstantin Belousov <[email protected]> for many round of review and feedback as well as runtime linker fixes.
Thanks to Konstantin Belousov <[email protected]> for many rounds of review and feedback as well as runtime linker fixes.
