From nobody Wed Apr 24 10:41:49 2024
X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VPbC244Q1z5H4nw
	for <dev-commits-doc-all@mlmmj.nyi.freebsd.org>; Wed, 24 Apr 2024 10:41:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4VPbC21mM1z46rt;
	Wed, 24 Apr 2024 10:41:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1713955310;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xxXOunVgO/D8Q8rgG1lVD+h53tYS4xfPGKFgx5o+0B4=;
	b=uofHu3CCVZBbsJ/3LA/ERmswPXfwlqMz9kOrp3A7XntP3bevUZg1pNxj3LR+NF2OAV0AQs
	E0BYAWaAJt82TOzOX63f+Mk7yU8kLLbQoMd/j1LPw74m22NYxEK1UbB4NcOVsKLyD9Uavl
	vNLY4W/8Ej4L535saCt9MHI23yc5GmMSXQ3IgB3s7KGlrSGCcLoAU8vKUaMsQvfaPkd9gx
	7NTKVKkRc6/VyFPmuQ9sg5yqziCwMTkNOq/RLEqnwC87KYIJ2PLBkxAmEbKCSzQQW7oSWn
	Y7SUUo3b/Y+ufM7PGeRaurLCakXaoX3P7cj04dQNW/dLpwxr/ZxBgZFvwWDdYw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1713955310; a=rsa-sha256; cv=none;
	b=sNB9SrED/R5ZpktukuhNGJTkVFHgHA/D5tczlgf7mjM/k7hOm7ZuYABYihMRj4ubHxdquO
	/1GSHpravQ6FeeWAptwhR9gKkZWE9EVWTrbiSiCLTK4cQz7bKqNAKscCshDm9MI/jggKXt
	YWCh22qTeufGzi3KlsKQGGD70kVQCDX9QFTYoSFn9rl+tz5SwwObRh0EXemVHkVRfsLUST
	ieAKnEcolK65lJAgQPQqbGN5O3BMBOuCJMDBnb0KYxNbL/j0LR43S+sxGxIs5q2GQM2CsF
	hg40Al8GKXJggUqXfE+efr7ZP2zc0DBzsED1eSRr7JUc+F1eQfJhLWc0ZmBvtQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1713955310;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xxXOunVgO/D8Q8rgG1lVD+h53tYS4xfPGKFgx5o+0B4=;
	b=pX4qrvh70uxeF8B3Zh8lsVORh+WIQ6+bFkc3tAiC3O4aKATmhnCuBBxyIjoEklLwF/gr1T
	y4tUx/uyi2/HYnRnNPxmi4mHd17UyX6FXcH3q6jGh09XuSjJ/12g+vK5SIFxacShBG/Nbt
	i4bDJbpMDm6bCUVqYbKh67B3Zq4rIl5oEh+s5CTlATU+wQliIXUqcW49g/8fETnh3oHJMv
	BnooWExLG0DytaTBTdwCQ+IfnjSePhzyADQtdDu4G+sNbjI6svaBWebGBox+MavYJ2tSqx
	8N+sXbydD7SZ/H3O9A21am0Z3NyffmjdQfRzteojlsW7ZLaAPQWW2Yps7f4uyQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VPbC16C0nz1BlB;
	Wed, 24 Apr 2024 10:41:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 43OAfni0096314;
	Wed, 24 Apr 2024 10:41:49 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 43OAfnDN096311;
	Wed, 24 Apr 2024 10:41:49 GMT
	(envelope-from git)
Date: Wed, 24 Apr 2024 10:41:49 GMT
Message-Id: <202404241041.43OAfnDN096311@gitrepo.freebsd.org>
To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
From: Lorenzo Salvadore <salvadore@FreeBSD.org>
Subject: git: 980d2c57df - main - Status/2024Q1/libsys.adoc: Add
  report
List-Id: Commit messages for all branches of the doc repository <dev-commits-doc-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all
List-Help: <mailto:dev-commits-doc-all+help@freebsd.org>
List-Post: <mailto:dev-commits-doc-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-doc-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-doc-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-doc-all@freebsd.org
Sender: owner-dev-commits-doc-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: salvadore
X-Git-Repository: doc
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 980d2c57df3c5842a282fa57a3bc7ee4a4f031fe
Auto-Submitted: auto-generated

The branch main has been updated by salvadore:

URL: https://cgit.FreeBSD.org/doc/commit/?id=980d2c57df3c5842a282fa57a3bc7ee4a4f031fe

commit 980d2c57df3c5842a282fa57a3bc7ee4a4f031fe
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2024-04-24 10:39:45 +0000
Commit:     Lorenzo Salvadore <salvadore@FreeBSD.org>
CommitDate: 2024-04-24 10:39:45 +0000

    Status/2024Q1/libsys.adoc: Add report
    
    Reviewed by:    status (Pau Amma <pauamma@gundo.com>)
    Pull Request:   https://github.com/freebsd/freebsd-doc/pull/372
---
 .../en/status/report-2024-01-2024-03/libsys.adoc   | 41 ++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/website/content/en/status/report-2024-01-2024-03/libsys.adoc b/website/content/en/status/report-2024-01-2024-03/libsys.adoc
new file mode 100644
index 0000000000..46275eb7aa
--- /dev/null
+++ b/website/content/en/status/report-2024-01-2024-03/libsys.adoc
@@ -0,0 +1,41 @@
+=== libsys
+
+Contact: Brooks Davis <brooks@FreeBSD.org>
+
+The libsys project removes direct system calls from [.filename]#libc.so# and [.filename]#libpthread.so# (aka [.filename]#libthr.so#) to a separate [.filename]#libsys.so#.
+This will:
+
+ * Isolate language runtimes from the details of system call implementations.
+ * Better support logging and replay frameworks for systems calls.
+ * Support elimination of the ability to make system calls outside trusted code in the runtime linker and `libsys`.
+
+This work was initially inspired by a compartmentalization prototype in CheriBSD in 2016.
+Ali Mashtizadeh and Tal Garfinkel picked that work up and attempted to upstream it (link:https://reviews.freebsd.org/D14609[D14609]).
+Unfortunately we could not figure out how to review and land the massive reorganization required through a phabricator review so it languished.
+Last year the CHERI project once again found a need for system call separation in a new library-based compartmentalization framework in CheriBSD so I rebuilt the patch from scratch, committing dozens of `libc` cleanups along the way.
+I landed the first batch of changes on February 5th.
+Since then I have made a number of refinements to the way we link `libsys` as well as which symbols are provided in which library.
+
+Thanks to mailto:kib@FreeBSD.org[Konstantin Belousov] for many rounds of review and feedback as well as runtime linker fixes.
+Thanks to mailto:markj@FreeBSD.org[Mark Johnston] for runtime linker debugging and mailto:dim@FreeBSD.org[Dimitry Andric] for sanitizer fixes.  
+Thanks also to everyone who reported bugs and helped debug issues.
+
+==== Known issues (as of the end of the reporting period)
+
+ * The `libsys` ABI is not yet considered stable (it is safe to assume `__sys_foo()` will be supported so language runtimes can use it now).
+ * Programs using the address sanitizer must be linked with `-lsys` (resolved in base at publication time).
+
+==== TODO
+
+ * Add a [.filename]#libsys.h#.  (See link:https://reviews.freebsd.org/D44387[D44387] and other reviews in the stack.)
+ * Update man:intro[2] for `libsys`.
+ * Finalize the ABI.
+   I am likely to reduce the set of `_` (underscore) prefixed symbols we expose.
+ * MFC the existence of `libsys`?  It is not clear this is practical, but it might be possible to MFC something useful for language runtimes.
+
+==== Help wanted
+
+ * Port language runtimes that do not use `libc` to use `libsys` for system calls rather than rolling their own interfaces.
+ * Explore limitations on where system calls can be made similar to OpenBSD's link:https://man.openbsd.org/OpenBSD-7.3/msyscall[msyscall(2)] (now obsolete) and link:https://man.openbsd.org/pinsyscalls[pinsyscalls(2)] (not an obvious match to our `libsys`).
+
+Sponsor: AFRL, DARPA