1*2810ac1bSKiyoung Kim// Package psx provides support for system calls that are run 2*2810ac1bSKiyoung Kim// simultaneously on all threads under Linux. 3*2810ac1bSKiyoung Kim// 4*2810ac1bSKiyoung Kim// This property can be used to work around a historical lack of 5*2810ac1bSKiyoung Kim// native Go support for such a feature. Something that is the subject 6*2810ac1bSKiyoung Kim// of: 7*2810ac1bSKiyoung Kim// 8*2810ac1bSKiyoung Kim// https://github.com/golang/go/issues/1435 9*2810ac1bSKiyoung Kim// 10*2810ac1bSKiyoung Kim// The package works differently depending on whether or not 11*2810ac1bSKiyoung Kim// CGO_ENABLED is 0 or 1. 12*2810ac1bSKiyoung Kim// 13*2810ac1bSKiyoung Kim// In the former case, psx is a low overhead wrapper for the two 14*2810ac1bSKiyoung Kim// native go calls: syscall.AllThreadsSyscall() and 15*2810ac1bSKiyoung Kim// syscall.AllThreadsSyscall6() introduced in go1.16. We provide this 16*2810ac1bSKiyoung Kim// wrapping to minimize client source code changes when compiling with 17*2810ac1bSKiyoung Kim// or without CGo enabled. 18*2810ac1bSKiyoung Kim// 19*2810ac1bSKiyoung Kim// In the latter case, and toolchains prior to go1.16, it works via 20*2810ac1bSKiyoung Kim// CGo wrappers for system call functions that call the C [lib]psx 21*2810ac1bSKiyoung Kim// functions of these names. This ensures that the system calls 22*2810ac1bSKiyoung Kim// execute simultaneously on all the pthreads of the Go (and CGo) 23*2810ac1bSKiyoung Kim// combined runtime. 24*2810ac1bSKiyoung Kim// 25*2810ac1bSKiyoung Kim// With CGo, the psx support works in the following way: the pthread 26*2810ac1bSKiyoung Kim// that is first asked to execute the syscall does so, and determines 27*2810ac1bSKiyoung Kim// if it succeeds or fails. If it fails, it returns immediately 28*2810ac1bSKiyoung Kim// without attempting the syscall on other pthreads. If the initial 29*2810ac1bSKiyoung Kim// attempt succeeds, however, then the runtime is stopped in order for 30*2810ac1bSKiyoung Kim// the same system call to be performed on all the remaining pthreads 31*2810ac1bSKiyoung Kim// of the runtime. Once all pthreads have completed the syscall, the 32*2810ac1bSKiyoung Kim// return codes are those obtained by the first pthread's invocation 33*2810ac1bSKiyoung Kim// of the syscall. 34*2810ac1bSKiyoung Kim// 35*2810ac1bSKiyoung Kim// Note, there is no need to use this variant of syscall where the 36*2810ac1bSKiyoung Kim// syscalls only read state from the kernel. However, since Go's 37*2810ac1bSKiyoung Kim// runtime freely migrates code execution between pthreads, support of 38*2810ac1bSKiyoung Kim// this type is required for any successful attempt to fully drop or 39*2810ac1bSKiyoung Kim// modify the privilege of a running Go program under Linux. 40*2810ac1bSKiyoung Kim// 41*2810ac1bSKiyoung Kim// More info on how Linux privilege works and examples of using this 42*2810ac1bSKiyoung Kim// package can be found here: 43*2810ac1bSKiyoung Kim// 44*2810ac1bSKiyoung Kim// https://sites.google.com/site/fullycapable 45*2810ac1bSKiyoung Kim// 46*2810ac1bSKiyoung Kim// WARNING: For older go toolchains (prior to go1.15), correct 47*2810ac1bSKiyoung Kim// compilation of this package may require an extra workaround step: 48*2810ac1bSKiyoung Kim// 49*2810ac1bSKiyoung Kim// The workaround is to build with the following CGO_LDFLAGS_ALLOW in 50*2810ac1bSKiyoung Kim// effect (here the syntax is that of bash for defining an environment 51*2810ac1bSKiyoung Kim// variable): 52*2810ac1bSKiyoung Kim// 53*2810ac1bSKiyoung Kim// export CGO_LDFLAGS_ALLOW="-Wl,-?-wrap[=,][^-.@][^,]*" 54*2810ac1bSKiyoung Kim// 55*2810ac1bSKiyoung Kim// 56*2810ac1bSKiyoung Kim// Copyright (c) 2019,20 Andrew G. Morgan <[email protected]> 57*2810ac1bSKiyoung Kim// 58*2810ac1bSKiyoung Kim// The psx package is licensed with a (you choose) BSD 3-clause or 59*2810ac1bSKiyoung Kim// GPL2. See LICENSE file for details. 60*2810ac1bSKiyoung Kimpackage psx // import "kernel.org/pub/linux/libs/security/libcap/psx" 61