29 lines
1.1 KiB
Plaintext
29 lines
1.1 KiB
Plaintext
Package "psx" provides an API for invoking system calls in a way that
|
|
each system call is mirrored on all OS threads of the combined Go/CGo
|
|
runtime. Since the Go runtime treats OS threads as interchangeable, a
|
|
feature like this is needed to meaningfully change process privilege
|
|
(including dropping privilege) in a Go program running on Linux. This
|
|
package is required by:
|
|
|
|
"kernel.org/pub/linux/libs/security/libcap/cap"
|
|
|
|
When compiled CGO_ENABLED=0, the functionality requires go1.16+ to
|
|
build. That release of Go introduced syscall.AllThreadsSyscall*()
|
|
APIs. When compiled this way, the "psx" package functions
|
|
psx.Syscall3() and psx.Syscall6() are aliased to
|
|
syscall.AllThreadsSyscall() and syscall.AllThreadsSyscall6()
|
|
respectively.
|
|
|
|
When compiled CGO_ENABLED=1, the functionality is implemented by C
|
|
code, [lib]psx, which is distributed with libcap.
|
|
|
|
The official release announcement site for libcap and libpsx is:
|
|
|
|
https://sites.google.com/site/fullycapable/
|
|
|
|
Like libcap/libpsx itself, the "psx" package is distributed with a
|
|
"you choose" License. Specifically: BSD three clause, or GPL2. See the
|
|
LICENSE file.
|
|
|
|
Andrew G. Morgan <morgan@kernel.org>
|