psx

package module
v0.2.40 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 19, 2020 License: GPL-2.0 Imports: 2 Imported by: 10

README 

Package psx provides a CGo backed API for invoking system calls in a
way that each system call is mirrored on all pthreads of the combined
Go/CGo runtime. Since the Go runtime treats all pthreads as
interchangeable, a feature like this is needed to meaningfully change
process privilege (including dropping privilege) in a Go program
running on Linux. This package is required by:

   "kernel.org/pub/linux/libs/security/libcap/cap"

The functionality is implemented by a C library: libpsx, which is
distributed with the libcap. The official release announcement site
for libcap and libpsx is:

   https://sites.google.com/site/fullycapable/

Like libcap/libpsx itself, the psx package is distributed with a "you
choose" License. Specifically: BSD three clause, or GPL2. See the
LICENSE file.

Andrew G. Morgan <morgan@kernel.org>

Documentation

Overview

Package psx provides support for system calls that are run simultanously on all pthreads.

The package works via CGo wrappers for system call functions that call the C libpsx functions of these names. This ensures that the system calls execute symultaneously on all the pthreads of the Go (and CGo) combined runtime. Since Go's runtime freely migrates code execution between pthreads, support of this type is required for any successful attempt to fully drop or modify user privilege of a Go program under Linux. More info on how privilege works can be found here: 

https://sites.google.com/site/fullycapable

Correct compilation of this package may require an extra step:

If your Go compiler is older than go1.15, a workaround may be required to be able to link this package. In order to do what it needs to, this package employs some unusual linking flags. You will need to do this for any Go toolchain that that does not include this patch: 

https://go-review.googlesource.com/c/go/+/236139/

As of the time of writing, that is all release tags prior to go1.15beta1 .

The workaround is to build with the following CGO_LDFLAGS_ALLOW in effect: 

export CGO_LDFLAGS_ALLOW="-Wl,-?-wrap[=,][^-.@][^,]*"

Copyright (c) 2019,20 Andrew G. Morgan <morgan@kernel.org>

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Syscall3 

func Syscall3(syscallnr, arg1, arg2, arg3 uintptr) (uintptr, uintptr, syscall.Errno)

Syscall3 performs a 3 argument syscall using the libpsx C function psx_syscall3().

func Syscall6 

func Syscall6(syscallnr, arg1, arg2, arg3, arg4, arg5, arg6 uintptr) (uintptr, uintptr, syscall.Errno)

Syscall6 performs a 6 argument syscall using the libpsx C function psx_syscall6()

Types

This section is empty.

Source Files

  • psx.go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.