Brian Gianforcaro 
								
							 
						 
						
							
							
								
							
							
	b553a86048  
						 
						
							
							
								
								
								man: Fix minor inconsistencies in pledge(2) man page  
							
							... 
							
							
							
							- tty promise was listed twice.
- Fix a few typos 
							
						 
						
							2020-01-14 08:00:35 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	9513f54932  
						 
						
							
							
								
								
								Base: Document new chroot abilities  
							
							
							
						 
						
							2020-01-12 20:02:11 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	198cd77307  
						 
						
							
							
								
								
								Base: Tweak language in pledge(2) man page  
							
							
							
						 
						
							2020-01-12 19:08:42 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	f3eb06a46f  
						 
						
							
							
								
								
								Base: Add a man page about pledge(2)  
							
							
							
						 
						
							2020-01-12 16:11:12 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	b37bd28053  
						 
						
							
							
								
								
								Base: Document mount(2) and mount(8)  
							
							
							
						 
						
							2020-01-11 18:57:53 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	3f9e4cd24e  
						 
						
							
							
								
								
								chroot: Add a little chroot program  
							
							... 
							
							
							
							This program changes the current filesystem root and spawns a shell. 
							
						 
						
							2020-01-10 23:23:20 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	7dd03b46ee  
						 
						
							
							
								
								
								SystemServer: Allow specifying per-service socket file permissions  
							
							
							
						 
						
							2020-01-09 21:35:33 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	9bd4bf41fb  
						 
						
							
							
								
								
								SystemServer: Explicitly open /dev/null for services without StdIO  
							
							... 
							
							
							
							Spawning services with nothing open at all on the standard I/O fds is
way too harsh. We now open /dev/null for them instead. 
							
						 
						
							2020-01-04 13:15:01 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	c2b7c43f3c  
						 
						
							
							
								
								
								SystemServer: Fetch any extra GIDs and call setgroups() before spawn  
							
							... 
							
							
							
							We now pick up all the user's extra GIDs from /etc/group and make
sure those are set before exec'ing a service.
This means we finally get to enjoy being in more than one group. :^) 
							
						 
						
							2020-01-04 13:11:43 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	7f843ef3b2  
						 
						
							
							
								
								
								Kernel: Make the purge() syscall superuser-only  
							
							... 
							
							
							
							I don't think we need to give unprivileged users access to what is
essentially a kernel testing mechanism. 
							
						 
						
							2020-01-02 13:39:49 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	4fa7146da1  
						 
						
							
							
								
								
								Base: Move the modload and modunload command documentation to man8  
							
							... 
							
							
							
							These are system administration commands, not intended for use by
all users. These tend to go in section 8. 
							
						 
						
							2020-01-02 12:37:19 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	05b004ec64  
						 
						
							
							
								
								
								Base: Remove "idle" priority note from SystemServer(5)  
							
							... 
							
							
							
							The "idle" priority was never meant to be exposed to userspace, as it's
only used by the kernel's internal idle thread. 
							
						 
						
							2020-01-02 12:36:15 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	0c22646e2b  
						 
						
							
							
								
								
								Base: Document EPERM error in module_load(2) and module_unload(2)  
							
							... 
							
							
							
							Only the superuser can use these system calls. 
							
						 
						
							2020-01-02 12:35:19 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	38f93ef13b  
						 
						
							
							
								
								
								Kernel: Disable x86 RDTSC instruction in userspace  
							
							... 
							
							
							
							It's still possible to read the TSC via the read_tsc() syscall, but we
will now clear some of the bottom bits for unprivileged users. 
							
						 
						
							2020-01-01 18:22:20 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	f598bbbb1d  
						 
						
							
							
								
								
								Kernel: Prevent executing I/O instructions in userspace  
							
							... 
							
							
							
							All threads were running with iomapbase=0 in their TSS, which the CPU
interprets as "there's an I/O permission bitmap starting at offset 0
into my TSS".
Because of that, any bits that were 1 inside the TSS would allow the
thread to execute I/O instructions on the port with that bit index.
Fix this by always setting the iomapbase to sizeof(TSS32), and also
setting the TSS descriptor's limit to sizeof(TSS32), effectively making
the I/O permissions bitmap zero-length.
This should make it no longer possible to do I/O from userspace. :^) 
							
						 
						
							2020-01-01 17:31:41 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	9c0836ce97  
						 
						
							
							
								
								
								Kernel: Enable x86 UMIP (User Mode Instruction Prevention) if supported  
							
							... 
							
							
							
							This prevents code running outside of kernel mode from using the
following instructions:
* SGDT - Store Global Descriptor Table
* SIDT - Store Interrupt Descriptor Table
* SLDT - Store Local Descriptor Table
* SMSW - Store Machine Status Word
* STR - Store Task Register
There's no need for userspace to be able to use these instructions so
let's just disable them to prevent information leakage. 
							
						 
						
							2020-01-01 13:21:15 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Shannon Booth 
								
							 
						 
						
							
							
								
							
							
	d0f9906c17  
						 
						
							
							
								
								
								Crash: Add a "Test All Crash Types" option  
							
							... 
							
							
							
							Add an option "-A", that will run all of the crash types in the crash
program. In this mode, all crash tests are run in a child process so
that the crash program does not crash.
Crash uses the return status of the child process to ascertain whether
the crash happened as expected. 
							
						 
						
							2019-12-31 02:14:36 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	b0bbdc53e9  
						 
						
							
							
								
								
								Base: Remove misplaced backtick in syscall(1)  
							
							
							
						 
						
							2019-12-30 14:15:18 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jami Kettunen 
								
							 
						 
						
							
							
								
							
							
	edba444aa9  
						 
						
							
							
								
								
								Base: Add man page for keymap(1)  
							
							
							
						 
						
							2019-12-30 14:02:00 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	e0ec4f89b2  
						 
						
							
							
								
								
								Base: Add man page for purge(8)  
							
							
							
						 
						
							2019-12-29 13:23:21 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	33efeaf71a  
						 
						
							
							
								
								
								crash: Add "-X" option for attempting to execute non-executable memory  
							
							
							
						 
						
							2019-12-25 13:35:57 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Mauri de Souza Nunes 
								
							 
						 
						
							
							
								
							
							
	cb4e51a7a5  
						 
						
							
							
								
								
								Userland: Add syscall -l option and man page  
							
							
							
						 
						
							2019-12-24 20:23:37 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Conrad Pankoff 
								
							 
						 
						
							
							
								
							
							
	033de7efe2  
						 
						
							
							
								
								
								Base: Describe kernel modules, syscalls, and programs  
							
							
							
						 
						
							2019-12-24 11:52:01 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andrés Vieira 
								
							 
						 
						
							
							
								
							
							
	488d755ccd  
						 
						
							
							
								
								
								Docs: Add cal(1) man page  
							
							
							
						 
						
							2019-12-24 11:48:16 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	f41ae755ec  
						 
						
							
							
								
								
								Kernel: Crash on memory access in non-readable regions  
							
							... 
							
							
							
							This patch makes it possible to make memory regions non-readable.
This is enforced using the "present" bit in the page tables.
A process that hits an not-present page fault in a non-readable
region will be crashed. 
							
						 
						
							2019-12-02 19:18:52 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	e56daf547c  
						 
						
							
							
								
								
								Kernel: Disallow syscalls from writeable memory  
							
							... 
							
							
							
							Processes will now crash with SIGSEGV if they attempt making a syscall
from PROT_WRITE memory.
This neat idea comes from OpenBSD. :^) 
							
						 
						
							2019-11-29 16:30:05 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	fe0aa2ca53  
						 
						
							
							
								
								
								Base: Document SystemServer  
							
							
							
						 
						
							2019-11-26 19:58:25 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	6fbe0f17f2  
						 
						
							
							
								
								
								Docs: Add avol(1)  
							
							
							
						 
						
							2019-11-22 21:52:52 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	70e220a81f  
						 
						
							
							
								
								
								Docs: Add note about EINVAL to isatty(3)  
							
							
							
						 
						
							2019-11-17 20:09:12 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	1bb296ea70  
						 
						
							
							
								
								
								Docs: Add isatty(3) man page  
							
							
							
						 
						
							2019-11-17 20:03:42 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	3d558f47b0  
						 
						
							
							
								
								
								Docs: Add uname(1) and uname(2) man pages  
							
							
							
						 
						
							2019-11-17 19:48:11 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	189f234b47  
						 
						
							
							
								
								
								Docs: Add info about -T and -t to crash(1)  
							
							
							
						 
						
							2019-11-17 19:23:35 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	afdc5688ec  
						 
						
							
							
								
								
								LibC: Implement dirname() and basename()  
							
							... 
							
							
							
							And write section 3 man pages for them. 
							
						 
						
							2019-10-03 08:23:54 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	8fbcfa934a  
						 
						
							
							
								
								
								Base: Add some "See also" links to the man pages  
							
							... 
							
							
							
							We can do this now that we have link support in LibMarkdown and LibHTML ^) 
							
						 
						
							2019-10-03 08:23:54 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Larkin Nickle 
								
							 
						 
						
							
							
								
							
							
	3fb88cb76d  
						 
						
							
							
								
								
								Help+man.md: Add man sections  
							
							... 
							
							
							
							Also correct minor formatting mistake in TelnetServer.md. 
							
						 
						
							2019-09-30 21:38:39 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Larkin Nickle 
								
							 
						 
						
							
							
								
							
							
	e7c2467231  
						 
						
							
							
								
								
								Add TelnetServer man page  
							
							
							
						 
						
							2019-09-30 21:38:39 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	dba74abe93  
						 
						
							
							
								
								
								Base: Fix minor typos in man pages  
							
							
							
						 
						
							2019-09-28 23:06:22 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Andreas Kling 
								
							 
						 
						
							
							
								
							
							
	eb18825fce  
						 
						
							
							
								
								
								Base: Add man pages for create_shared_buffer() and share_buffer_with()  
							
							
							
						 
						
							2019-09-28 21:16:26 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Sergey Bugaev 
								
							 
						 
						
							
							
								
							
							
	fed96f455d  
						 
						
							
							
								
								
								Base: Write some initial man pages  
							
							... 
							
							
							
							It ain't much, but it's honest work! 
							
						 
						
							2019-09-28 18:29:42 +02:00