| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
This commit introduces the system call for mounting filesystems. As of
now, only the fstype and target params are supported
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Introduce a feature where a program with the correct rights may get
information about a MAC object
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
This commit introduces initial support for mandatory access control. As
one may recall, L5 follows "everything is memory". In order to interact
with a resource, a process must request it from the kernel in the form
of a (sometimes) syncable memory buffer.
Each resource as well as processes have an access level, if a process
attempts to request a resource with a higher access level than it, the
request is rejected by the kernel. However, if a process has a greater
than or equal access level as a resource, the request can be granted.
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Here we add a write(2) stub and add it to the UNIX syscall interface. We
also move the UNIX syscall numbers into compat/unix/syscall.h
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
Signed-off-by: Ian Moffett <ian@osmora.org>
|
|
A syscall domain in the L5 kernel is a fixed list of "syscall windows",
each syscall window represents a specific platform and/or syscall model.
A platform latch within each domain determines which window / platform
should be visible. Since syscall domains are per-process, these changes
are local to their respective processes.
Signed-off-by: Ian Moffett <ian@osmora.org>
|
