As of Go 1.21 syscall.Setrlimit and syscall.prlimit can affect
starting a new process, by restoring the original NOFILE rlimit.
That is recorded locally in the syscall package, so just always
call the syscall functions.
For golang/go#46279
Change-Id: I2f3dafe5562a7dde1297bad6f5d34a80af5d620b
Reviewed-on: https://go-review.googlesource.com/c/sys/+/476695
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
SYS_ALARM is not defined for arm* or riscv, but is available for all other
Linux GOARCH values. Ian suggested I create a new file with build tags
matching these constraints.
In order to handle special case files such as this one (which don't match the
existing syscall_linux_goarch.go scheme), I've added logic to the Linux build
system which can evaluate the build constraints in a given file to determine
whether that file should be appended to the arguments for a given target.
Change-Id: I0136534522a26a0ce495308f63953546ea6bb8e5
Reviewed-on: https://go-review.googlesource.com/c/sys/+/383734
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Trust: Daniel Martí <mvdan@mvdan.cc>
Android's Bionic libc installs a seccomp filter that allows ppoll but
not poll. This has been fine for arm64, where we already implement poll
in terms of ppoll, but not the other architectures, such as amd64, which
runs on Chromebooks, and currently leads to crashes.
This commit implements poll in terms of ppoll on the remaining
architectures and makes this common code, so that everyone uses the more
modern syscall.
Change-Id: Ic01a32b5abe48ab53a2549f592a41561f1684c30
Reviewed-on: https://go-review.googlesource.com/c/sys/+/352310
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Trust: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Most architectures currently already implement Pipe using the pipe2
syscall. Only 386, amd64, mips{,le}, ppc and sparc64 still use the pipe
syscall. However, some systems (e.g. Android seccomp policies) block
that syscall, see golang/go#40828 for an example.
The pipe2 syscall was added in Linux kernel version 2.6.27. The minimum
required Linux kernel version for Go 1.18 will be changed to 2.6.32
per golang/go#45964 so it is possible to unify the implementation of
Pipe using the pipe2 syscall.
Same as CL 350530 did for package syscall.
For golang/go#45964Fixesgolang/go#40828
Change-Id: I07d84d3ea06a54e37d9ff6b72702fe5d96efef7b
Reviewed-on: https://go-review.googlesource.com/c/sys/+/350549
Trust: Tobias Klauser <tobias.klauser@gmail.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Matt Layher <mdlayher@gmail.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
For linux and *bsd, implement func fcntl in fcntl.go instead of
generating it. Implement it using fcntl64Syscall, so SYS_FCNTL64 is used
on 32-bit linux.
For aix, darwin and solaris continue generate func fcntl as before.
Change-Id: I3750b88d1ee5573daaee2b75c369f723fde8834a
Reviewed-on: https://go-review.googlesource.com/c/sys/+/212337
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Asymmetric keyrings can require key payloads to be X.509 certificates
signed by a key in a different keyring. This can be helpful for rotating
keys on a live machines for subsystems like IMA while preventing local
tampering.
Tested locally by applying the "key_or_keyring:<id>" restriction to a
keyring.
Change-Id: Ia8dcb343abc5f405d374c357d5cac3d5181d7159
Reviewed-on: https://go-review.googlesource.com/c/sys/+/178400
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
The kernel raw syscall takes an additional parameter specifying
the size of the Sigset_t parameter, returns a file descriptor and sets errno.
Add a uintptr maxSize parameter, adjust the return to be (newfd int, err error).
Add the _NSIG #define and a wrapper to call with maxSize set to _C__NSIG/8 as done
in glibc/musl.
Change-Id: I277db0aab5c12364533c26ea800b7f394ec83ae4
Reviewed-on: https://go-review.googlesource.com/c/sys/+/178858
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This teaches unix/mksyscall.go about mapping uint64 to syscall
arguments, similar to existing handling of int64.
Change-Id: I536b4b09bbf6a8e3016565a4a04d2b9d32cbc624
Reviewed-on: https://go-review.googlesource.com/c/164664
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
On linux/riscv64, the renameat syscall no longer exists and has been
superseded by renameat2. Use Renameat2 to implement Renameat on
linux/riscv64.
Based on a patch by Ryan O'Leary.
Updates golang/go#27532
Change-Id: I7c60c7f824750408265f67397b8ac1fa7226f425
Reviewed-on: https://go-review.googlesource.com/c/157899
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Port mksyscall.pl Perl script to mksyscall.go.
mkall scripts are modified to run mksyscall.go.
Running ./mkall.sh does not generate any git diff besides
the command name in comments of generated files.
Updates golang/go#27779
Change-Id: I8c6eb852e6821f4a91dc03cc042d8d343f1bcf66
Reviewed-on: https://go-review.googlesource.com/c/150217
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
On linux/arm64 we used to manually define syscall numbers for some
deprecated syscalls. Most of them are unused by now anyhow. Convert the
remaining syscall wrappers using them to implement the respective
functionality using a non-deprecated syscall (in the same way glibc does
it):
- Implement EpollCreate using EpollCreate1 and additionally check
that the passed size argument is larger than 0.
- Implement Futimesat and utimes using utimensat. Also change futimesat
on the other geese to take a string instead of *byte and let the
generated wrapper do the BytePtrFromString conversion.
- Return ENOSYS from Ustat. The ustat syscall has been deprecated for a
long time in favor of fstatfs and statfs. Even glibc will deprecate
ustat in the upcoming 2.28 release [1].
[1] https://sourceware.org/git/?p=glibc.git;a=blob;f=NEWS;h=d51fa09544f03899b7ff5a80569db088c3c23c28;hb=HEAD#l90
Change-Id: I7ea38a3cd394b0875f17443b14e107fd9c70350d
Reviewed-on: https://go-review.googlesource.com/119655
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Introduces the CopyFileRange syscall which first appears in Linux 4.5.
Allows copying file content between file descriptors within the kernel
without transferring data to user space. This syscall also allows the
kernel to take advantage of reflinking or other fast copy methods on
supported file systems.
http://man7.org/linux/man-pages/man2/copy_file_range.2.html
Change-Id: Id365f1e5d4d5ddf7159478e3a13084c9576ebd5c
Reviewed-on: https://go-review.googlesource.com/39992
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This CL introduces the Getrandom syscall. Allowing users of
sufficiently new kernels (3.17) to detect when the operating system
lacks enough entropy to generate cryptographic random data. See:
http://man7.org/linux/man-pages/man2/getrandom.2.html
As we have updated the syscall numbers, the Getrandom function can
just be generated normally. The only other change is to mkerrors.sh
to include the GRND_* flags for getrandom from <linux/random.h>.
It is important to note that currently the mkerrors.sh script cannot
actually be run as it has fallen behind the 4.10 kernel. The GRND_*
flags were added manually.
This was originally part of a larger commit that was split up.
See CL: https://go-review.googlesource.com/37570
Change-Id: I464088a9c9f7224abdcdae476b30a4f2f412d9f5
Reviewed-on: https://go-review.googlesource.com/37589
Reviewed-by: Matt Layher <mdlayher@gmail.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Matt Layher <mdlayher@gmail.com>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This fixes I8dc87401bb1025c2404e7304ecc4561edd67a452, which failed to
include the changes for s390x and sparc64, breaking the build for them.
Change-Id: I4899350580c36e4efbec9801345b5e32d624c849
Reviewed-on: https://go-review.googlesource.com/31185
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
