Google Git
Sign in
chromium / chromiumos / third_party / kernel-capsicum / refs/heads/capsicum
commit9dba5a28bb41071780da7984e256952def231d30[log] [tgz]
authorMeredydd Luff <meredydd@chromium.org>Tue Jul 03 04:03:26 2012
committerMeredydd Luff <meredydd@chromium.org>Tue Jul 03 23:31:58 2012
treed751cbe1de7d9bcc51f28d2c9838f8096b944115
parent5111125125b218e669fc866fb25970ec4e516816 [diff]
capsicum: Add an fexecve() system call.

Currently, fexecve() on Linux is implemented in glibc, as a hack that
calls execve("/proc/self/fd/NN", ...). This is not compatible with
Capsicum, which forbids absolute path lookups, and in any case is not
suitable for use in environments without /proc mounted (eg chroots).
This patch introduces a dedicated fexecve() system call for x86-64
(and UML).

BUG=none
TEST=run-test fexecve_syscall.test; run-test -vm fexecve_syscall.test

Signed-off-by: Meredydd Luff <meredydd@chromium.org>
Change-Id: Ib5fe92bc59fd04a35c882186c770c02d0da042b8
Reviewed-on: https://gerrit.chromium.org/gerrit/26645
Reviewed-by: Kees Cook <keescook@chromium.org>
14 files changed
tree: d751cbe1de7d9bcc51f28d2c9838f8096b944115
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. CAPSICUM_BUILD_HOWTO
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS