upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-12 15:24:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/lib/libcasper
History
Robert Watson 9612674f64 In libcasper, prefer to send a function index or service name over the IPC 
channel to a zygote process, rather than sending a function pointer or
service pointer.  This avoids transfering pointers between address spaces,
which while robust in this case (due to the zygote being forked() from the
parent) is not generally a good idea, especially in the presence of
increasingly popular control-flow integrity and pointer protection
mitigation schemes.  With this change, ping(8) and other sandboxed tools
using libcasper for DNS resolution now work on architectures with tagged
memory again.

Reviewed by:	oshogbo
MFC after:	1 week
Sponsored by:	DARPA, AFRL
2017-03-23 14:35:21 +00:00
..
libcasper In libcasper, prefer to send a function index or service name over the IPC 2017-03-23 14:35:21 +00:00
services Set SHLIBDIR before .including src.opts.mk in libcapser services 2016-10-24 14:37:18 +00:00
Makefile These can build in parallel. 2016-02-26 22:14:04 +00:00
Makefile.inc Remove unneeded lines. 2016-02-26 22:14:08 +00:00