syscall(2) removed from -current

The work described in Theo de Raadt's post (see our previous article) continues:

  • pinsyscalls(2) has been committed.
  • syscall(2) has been removed from -current:
    CVSROOT:	/cvs
    Module name:	src
    Changes by:	2023/12/12 08:30:56
    Modified files:
    	sys/kern       : kern_ktrace.c syscalls.master 
    	sys/sys        : ktrace.h syscall_mi.h 
    	usr.bin/kdump  : kdump.c 
    	include        : unistd.h 
    	lib/libc       : Symbols.list 
    	lib/libc/hidden: unistd.h 
    	lib/libc/sys   : syscall.2 
    	sys/arch/alpha/alpha: trap.c 
    	sys/arch/amd64/amd64: locore.S trap.c 
    	sys/arch/arm/arm: syscall.c 
    	sys/arch/arm64/arm64: syscall.c 
    	sys/arch/hppa/hppa: trap.c 
    	sys/arch/i386/i386: trap.c 
    	sys/arch/m88k/m88k: trap.c 
    	sys/arch/mips64/mips64: trap.c 
    	sys/arch/powerpc/powerpc: trap.c 
    	sys/arch/powerpc64/powerpc64: syscall.c 
    	sys/arch/riscv64/riscv64: syscall.c 
    	sys/arch/sh/sh : trap.c 
    	sys/arch/sparc64/sparc64: trap.c 
    Log message:
    remove support for syscall(2) -- the "indirection system call" because
    it is a dangerous alternative entry point for all system calls, and thus
    incompatible with the precision system call entry point scheme we are
    heading towards.  This has been a 3-year mission:
    First perl needed a code-generated wrapper to fake syscall(2) as a giant
    switch table, then all the ports were cleaned with relatively minor fixes,
    except for "go".  "go" required two fixes -- 1) a framework issue with
    old library versions, and 2) like perl, a fake syscall(2) wrapper to
    handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over
    the place in the "go" ecosystem because the "go developers" are plan9-loving
    unix-hating folk who tried to build an ecosystem without allowing "ioctl".
    ok kettenis, jsing, afresh1, sthen

Note that with a change in the major (version) number of libc, new packages will be required.

  1. By brynet (Brynet) on

    > pinsyscalls(2) has been committed.

    Not yet, but some things such as the man page have been added, it's being done in steps to make the transition easier.


