| Age | Commit message (Collapse) | Author | 
|---|
|  | Signed-off-by: Ian Moffett <ian@osmora.org> | 
|  | This commit introduces initial support for mandatory access control. As
one may recall, L5 follows "everything is memory". In order to interact
with a resource, a process must request it from the kernel in the form
of a (sometimes) syncable memory buffer.
Each resource as well as processes have an access level, if a process
attempts to request a resource with a higher access level than it, the
request is rejected by the kernel. However, if a process has a greater
than or equal access level as a resource, the request can be granted.
Signed-off-by: Ian Moffett <ian@osmora.org> | 
|  | Here we add a write(2) stub and add it to the UNIX syscall interface. We
also move the UNIX syscall numbers into compat/unix/syscall.h
Signed-off-by: Ian Moffett <ian@osmora.org> | 
|  | Signed-off-by: Ian Moffett <ian@osmora.org> | 
|  | A syscall domain in the L5 kernel is a fixed list of "syscall windows",
each syscall window represents a specific platform and/or syscall model.
A platform latch within each domain determines which window / platform
should be visible. Since syscall domains are per-process, these changes
are local to their respective processes.
Signed-off-by: Ian Moffett <ian@osmora.org> |