mirror of
https://github.com/opnsense/src.git
synced 2026-02-24 18:30:55 -05:00
0cd95859c8
Now that flags may be set on posixshm, add an argument to kern_shm_open() for the initial seals. To maintain past behavior where callers of shm_open(2) are guaranteed to not have any seals applied to the fd they're given, apply F_SEAL_SEAL for existing callers of kern_shm_open. A special flag could be opened later for shm_open(2) to indicate that sealing should be allowed. We currently restrict initial seals to F_SEAL_SEAL. We cannot error out if F_SEAL_SEAL is re-applied, as this would easily break shm_open() twice to a shmfd that already existed. A note's been added about the assumptions we've made here as a hint towards anyone wanting to allow other seals to be applied at creation. Reviewed by: kib, markj Differential Revision: https://reviews.freebsd.org/D21392 |
||
|---|---|---|
| .. | ||
| cloudabi_clock.c | ||
| cloudabi_errno.c | ||
| cloudabi_fd.c | ||
| cloudabi_file.c | ||
| cloudabi_futex.c | ||
| cloudabi_mem.c | ||
| cloudabi_proc.c | ||
| cloudabi_proto.h | ||
| cloudabi_random.c | ||
| cloudabi_sock.c | ||
| cloudabi_thread.c | ||
| cloudabi_util.h | ||
| cloudabi_vdso.c | ||
| cloudabi_vdso.lds | ||