upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-14 08:13:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/lib/libcasper/libcasper
History
Robert Watson 9612674f64 In libcasper, prefer to send a function index or service name over the IPC 
channel to a zygote process, rather than sending a function pointer or
service pointer.  This avoids transfering pointers between address spaces,
which while robust in this case (due to the zygote being forked() from the
parent) is not generally a good idea, especially in the presence of
increasingly popular control-flow integrity and pointer protection
mitigation schemes.  With this change, ping(8) and other sandboxed tools
using libcasper for DNS resolution now work on architectures with tagged
memory again.

Reviewed by:	oshogbo
MFC after:	1 week
Sponsored by:	DARPA, AFRL
2017-03-23 14:35:21 +00:00
..
libcasper.3 Fix naming in Casper man page. 2016-10-05 16:23:02 +00:00
libcasper.c
libcasper.h
libcasper_impl.c
libcasper_impl.h
libcasper_service.c In libcasper, prefer to send a function index or service name over the IPC 2017-03-23 14:35:21 +00:00
libcasper_service.h
Makefile
Makefile.depend
service.c Don't close fd if it's lower then stderr, otherwise we can close 2016-06-13 00:03:55 +00:00
zygote.c In libcasper, prefer to send a function index or service name over the IPC 2017-03-23 14:35:21 +00:00
zygote.h In libcasper, prefer to send a function index or service name over the IPC 2017-03-23 14:35:21 +00:00