beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-22 15:40:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
ladybird/Kernel/Syscalls
History
Liav A 718ae68621 Kernel+LibCore+LibC: Implement support for forcing unveil on exec 
To accomplish this, we add another VeilState which is called
LockedInherited. The idea is to apply exec unveil data, similar to
execpromises of the pledge syscall, on the current exec'ed program
during the execve sequence. When applying the forced unveil data, the
veil state is set to be locked but the special state of LockedInherited
ensures that if the new program tries to unveil paths, the request will
silently be ignored, so the program will continue running without
receiving an error, but is still can only use the paths that were
unveiled before the exec syscall. This in turn, allows us to use the
unveil syscall with a special utility to sandbox other userland programs
in terms of what is visible to them on the filesystem, and is usable on
both programs that use or don't use the unveil syscall in their code.
2022-11-26 12:42:15 -07:00
..
access.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
alarm.cpp Kernel: Make self-contained locking smart pointers their own classes 2022-08-20 17:20:43 +02:00
anon_create.cpp Kernel/Syscall: Make anon_create to not use Process::allocate_fd method 2022-08-21 10:56:48 +01:00
beep.cpp Kernel: Move PCSpeaker code to the x86-specific architecture directory 2022-09-20 18:43:05 +01:00
chdir.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
chmod.cpp Kernel: Make File::{chown,chmod} take credentials as input 2022-08-21 16:15:29 +02:00
chown.cpp Kernel/FileSystem: Add a few missing includes 2022-10-22 16:57:52 -04:00
clock.cpp Kernel: Wrap process address spaces in SpinlockProtected 2022-08-24 14:57:51 +02:00
debug.cpp Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
disown.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
dup2.cpp Kernel: Mark sys$dup2() as not needing the big lock 2022-03-09 16:43:00 +01:00
emuctl.cpp Kernel: Mark sys$emuctl() as not needing the big lock 2022-03-09 16:43:00 +01:00
execve.cpp Kernel+LibCore+LibC: Implement support for forcing unveil on exec 2022-11-26 12:42:15 -07:00
exit.cpp Kernel: Guard Process "protected data" with a spinlock 2022-08-21 12:25:14 +02:00
fallocate.cpp Kernel+LibC: Add posix_fallocate syscall 2022-07-15 12:42:43 +02:00
fcntl.cpp Kernel: Support F_SETLKW in fcntl 2022-07-21 16:39:22 +02:00
fork.cpp Kernel+LibCore+LibC: Implement support for forcing unveil on exec 2022-11-26 12:42:15 -07:00
fsync.cpp Kernel: Mark sys$fsync() as not needing the big lock 2022-03-08 00:19:49 +01:00
ftruncate.cpp Kernel: Mark sys$ftruncate() as not needing the big lock 2022-03-09 16:43:00 +01:00
futex.cpp Kernel: Wrap process address spaces in SpinlockProtected 2022-08-24 14:57:51 +02:00
get_dir_entries.cpp Kernel: Convert process file descriptor table to a SpinlockProtected 2022-01-29 02:17:06 +01:00
get_stack_bounds.cpp Kernel: Wrap process address spaces in SpinlockProtected 2022-08-24 14:57:51 +02:00
getrandom.cpp Kernel: Handle promise violations in the syscall handler 2021-12-29 18:08:15 +01:00
getuid.cpp Kernel: Use Process::credentials() and remove user ID/group ID helpers 2022-08-22 12:46:32 +02:00
hostname.cpp Kernel: Use Process::credentials() and remove user ID/group ID helpers 2022-08-22 12:46:32 +02:00
inode_watcher.cpp Kernel/FileSystem: Add a few missing includes 2022-10-22 16:57:52 -04:00
ioctl.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
jail.cpp Kernel: Disallow jail creation from a process within a jail 2022-11-13 16:58:54 -07:00
keymap.cpp Kernel: Use Process::credentials() and remove user ID/group ID helpers 2022-08-22 12:46:32 +02:00
kill.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
link.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
lseek.cpp Kernel: Mark sys$lseek() as not needing the big lock 2022-03-09 16:43:00 +01:00
mkdir.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
mknod.cpp Kernel: Make sys$mknod() not take the big lock 2022-08-22 17:56:03 +02:00
mmap.cpp Kernel: Make sys$msyscall() not take the big lock 2022-11-05 18:54:39 +01:00
mount.cpp Kernel: Split the Ext2FileSystem.{cpp,h} files into smaller components 2022-11-08 02:54:48 -07:00
open.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
perf_event.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
pipe.cpp Kernel: Use Process::credentials() and remove user ID/group ID helpers 2022-08-22 12:46:32 +02:00
pledge.cpp AK+Everywhere: Turn bool keep_empty to an enum in split* functions 2022-10-24 23:29:18 +01:00
poll.cpp Kernel: Make self-contained locking smart pointers their own classes 2022-08-20 17:20:43 +02:00
prctl.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
process.cpp Kernel: Make sys$getppid() not take the big lock 2022-08-21 13:29:36 +02:00
profiling.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
ptrace.cpp Kernel: Wrap process address spaces in SpinlockProtected 2022-08-24 14:57:51 +02:00
purge.cpp Kernel: Use Process::credentials() and remove user ID/group ID helpers 2022-08-22 12:46:32 +02:00
read.cpp Kernel: Make self-contained locking smart pointers their own classes 2022-08-20 17:20:43 +02:00
readlink.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
realpath.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
rename.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
resource.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
rmdir.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
sched.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
sendfd.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
setpgid.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
setuid.cpp Kernel: Guard Process "protected data" with a spinlock 2022-08-21 12:25:14 +02:00
sigaction.cpp Kernel: Move InterruptDisabler out of Arch directory 2022-10-17 20:11:31 +02:00
socket.cpp Kernel: Add support for MSG_NOSIGNAL and properly send SIGPIPE 2022-10-24 15:49:39 +02:00
stat.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
statvfs.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
sync.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
sysconf.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
thread.cpp Kernel: Wrap process address spaces in SpinlockProtected 2022-08-24 14:57:51 +02:00
times.cpp Kernel: Require semicolon after VERIFY_{NO_,}PROCESS_BIG_LOCK_ACQUIRED 2022-08-17 22:56:51 +02:00
umask.cpp Kernel: Guard Process "protected data" with a spinlock 2022-08-21 12:25:14 +02:00
uname.cpp Kernel: Read version and git commit hash from baked-in version info 2022-10-14 13:45:33 +02:00
unlink.cpp Kernel: Make VirtualFileSystem functions take credentials as input 2022-08-21 16:02:24 +02:00
unveil.cpp Kernel+LibCore+LibC: Implement support for forcing unveil on exec 2022-11-26 12:42:15 -07:00
utime.cpp Kernel: Make sys$utime() and sys$utimensat() not take the big lock 2022-08-22 17:56:03 +02:00
utimensat.cpp Kernel: Update tv_nsec field when using utimensat() with UTIME_NOW 2022-11-24 16:56:27 +01:00
waitid.cpp Kernel: Add support for jails 2022-11-05 18:00:58 -06:00
write.cpp Kernel: Add support for MSG_NOSIGNAL and properly send SIGPIPE 2022-10-24 15:49:39 +02:00