mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-02-07 15:03:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cosmopolitan/test
History
Gabriel Ravier d5b8b644c2
unveil: Added truncate support on Linux 6.2+ (#803) 
Right now, cosmopolitan uses Linux Landlock ABI version 2 on Linux,
meaning that the polyfill for unveil() cannot restrict operations such
as truncate() (a limitation of Landlock's ABI from then). This means
that to restrict truncation operations Cosmopolitan instead has to ban
the syscall through a SECCOMP BPF filter, meaning that completely
legitimate truncate() calls are blocked

However, the newest version of the Landlock ABI (version 3) introduced
in Linux 6.2, released in February 2023, implements support for controlling truncation
operations. As such, the previous SECCOMP BPF truncate() filtering is
no longer needed when the new ABI is available

This patch implements unveil truncate support for Linux Landlock ABI
version 3
2023-04-17 16:17:02 -07:00
..
dsp Rename hidden keyword to _Hide 2022-11-08 12:55:28 -08:00
libc unveil: Added truncate support on Linux 6.2+ (#803) 2023-04-17 16:17:02 -07:00
net Allow HTTP range past EOF 2022-11-07 05:52:24 -08:00
tool Update tests and CPU detection for Blink 2023-01-18 00:56:09 -08:00
test.mk Support malloc() on bare metal 2021-02-24 00:53:24 -08:00