Directories ¶
Path | Synopsis |
---|---|
Package arch provides abstractions around architecture-dependent details, such as syscall calling conventions, native types, etc.
|
Package arch provides abstractions around architecture-dependent details, such as syscall calling conventions, native types, etc. |
Package control contains types that expose control server methods, and can be used to configure and interact with a running sandbox process.
|
Package control contains types that expose control server methods, and can be used to configure and interact with a running sandbox process. |
Package device defines reserved virtual kernel devices and structures for managing them.
|
Package device defines reserved virtual kernel devices and structures for managing them. |
devices
|
|
memdev
Package memdev implements "mem" character devices, as implemented in Linux by drivers/char/mem.c and drivers/char/random.c.
|
Package memdev implements "mem" character devices, as implemented in Linux by drivers/char/mem.c and drivers/char/random.c. |
ttydev
Package ttydev implements an unopenable vfs.Device for /dev/tty.
|
Package ttydev implements an unopenable vfs.Device for /dev/tty. |
tundev
Package tundev implements the /dev/net/tun device.
|
Package tundev implements the /dev/net/tun device. |
Package fdimport provides the Import function.
|
Package fdimport provides the Import function. |
Package fs implements a virtual filesystem layer.
|
Package fs implements a virtual filesystem layer. |
anon
Package anon implements an anonymous inode, useful for implementing inodes for pseudo filesystems.
|
Package anon implements an anonymous inode, useful for implementing inodes for pseudo filesystems. |
dev
Package dev provides a filesystem with simple devices.
|
Package dev provides a filesystem with simple devices. |
fdpipe
Package fdpipe implements common namedpipe opening and accessing logic.
|
Package fdpipe implements common namedpipe opening and accessing logic. |
fsutil
Package fsutil provides utilities for implementing fs.InodeOperations and fs.FileOperations: - For embeddable utilities, see inode.go and file.go.
|
Package fsutil provides utilities for implementing fs.InodeOperations and fs.FileOperations: - For embeddable utilities, see inode.go and file.go. |
gofer
Package gofer implements a remote 9p filesystem.
|
Package gofer implements a remote 9p filesystem. |
host
Package host supports file descriptors imported directly.
|
Package host supports file descriptors imported directly. |
lock
Package lock is the API for POSIX-style advisory regional file locks and BSD-style full file locks.
|
Package lock is the API for POSIX-style advisory regional file locks and BSD-style full file locks. |
proc
Package proc implements a partial in-memory file system for profs.
|
Package proc implements a partial in-memory file system for profs. |
proc/device
Package device contains the proc device to avoid dependency loops.
|
Package device contains the proc device to avoid dependency loops. |
proc/seqfile
Package seqfile provides dynamic ordered files.
|
Package seqfile provides dynamic ordered files. |
ramfs
Package ramfs provides the fundamentals for a simple in-memory filesystem.
|
Package ramfs provides the fundamentals for a simple in-memory filesystem. |
sys
Package sys implements a sysfs filesystem.
|
Package sys implements a sysfs filesystem. |
timerfd
Package timerfd implements the semantics of Linux timerfd objects as described by timerfd_create(2).
|
Package timerfd implements the semantics of Linux timerfd objects as described by timerfd_create(2). |
tmpfs
Package tmpfs is a filesystem implementation backed by memory.
|
Package tmpfs is a filesystem implementation backed by memory. |
tty
Package tty provide pseudoterminals via a devpts filesystem.
|
Package tty provide pseudoterminals via a devpts filesystem. |
user
Package user contains methods for resolving filesystem paths based on the user and their environment.
|
Package user contains methods for resolving filesystem paths based on the user and their environment. |
Package fsbridge provides common interfaces to bridge between VFS1 and VFS2 files.
|
Package fsbridge provides common interfaces to bridge between VFS1 and VFS2 files. |
fsimpl
|
|
devpts
Package devpts provides a filesystem implementation that behaves like devpts.
|
Package devpts provides a filesystem implementation that behaves like devpts. |
devtmpfs
Package devtmpfs provides an implementation of /dev based on tmpfs, analogous to Linux's devtmpfs.
|
Package devtmpfs provides an implementation of /dev based on tmpfs, analogous to Linux's devtmpfs. |
eventfd
Package eventfd implements event fds.
|
Package eventfd implements event fds. |
fuse
Package fuse implements fusefs.
|
Package fuse implements fusefs. |
gofer
Package gofer provides a filesystem implementation that is backed by a 9p server, interchangably referred to as "gofers" throughout this package.
|
Package gofer provides a filesystem implementation that is backed by a 9p server, interchangably referred to as "gofers" throughout this package. |
host
Package host provides a filesystem implementation for host files imported as file descriptors.
|
Package host provides a filesystem implementation for host files imported as file descriptors. |
kernfs
Package kernfs provides the tools to implement inode-based filesystems.
|
Package kernfs provides the tools to implement inode-based filesystems. |
overlay
Package overlay provides an overlay filesystem implementation, which synthesizes a filesystem by composing one or more immutable filesystems ("lower layers") with an optional mutable filesystem ("upper layer").
|
Package overlay provides an overlay filesystem implementation, which synthesizes a filesystem by composing one or more immutable filesystems ("lower layers") with an optional mutable filesystem ("upper layer"). |
pipefs
Package pipefs provides the filesystem implementation backing Kernel.PipeMount.
|
Package pipefs provides the filesystem implementation backing Kernel.PipeMount. |
proc
Package proc implements a partial in-memory file system for procfs.
|
Package proc implements a partial in-memory file system for procfs. |
signalfd
Package signalfd provides basic signalfd file implementations.
|
Package signalfd provides basic signalfd file implementations. |
sockfs
Package sockfs provides a filesystem implementation for anonymous sockets.
|
Package sockfs provides a filesystem implementation for anonymous sockets. |
sys
Package sys implements sysfs.
|
Package sys implements sysfs. |
timerfd
Package timerfd implements timer fds.
|
Package timerfd implements timer fds. |
tmpfs
Package tmpfs provides an in-memory filesystem whose contents are application-mutable, consistent with Linux's tmpfs.
|
Package tmpfs provides an in-memory filesystem whose contents are application-mutable, consistent with Linux's tmpfs. |
Package fsmetric defines filesystem metrics that are used by both VFS1 and VFS2.
|
Package fsmetric defines filesystem metrics that are used by both VFS1 and VFS2. |
Package hostcpu provides utilities for working with CPU information provided by a host Linux kernel.
|
Package hostcpu provides utilities for working with CPU information provided by a host Linux kernel. |
Package hostfd provides efficient I/O with host file descriptors.
|
Package hostfd provides efficient I/O with host file descriptors. |
Package hostmm provides tools for interacting with the host Linux kernel's virtual memory management subsystem.
|
Package hostmm provides tools for interacting with the host Linux kernel's virtual memory management subsystem. |
Package inet defines semantics for IP stacks.
|
Package inet defines semantics for IP stacks. |
Package kernel provides an emulation of the Linux kernel.
|
Package kernel provides an emulation of the Linux kernel. |
auth
Package auth implements an access control model that is a subset of Linux's.
|
Package auth implements an access control model that is a subset of Linux's. |
epoll
Package epoll provides an implementation of Linux's IO event notification facility.
|
Package epoll provides an implementation of Linux's IO event notification facility. |
eventfd
Package eventfd provides an implementation of Linux's file-based event notification.
|
Package eventfd provides an implementation of Linux's file-based event notification. |
fasync
Package fasync provides FIOASYNC related functionality.
|
Package fasync provides FIOASYNC related functionality. |
futex
Package futex provides an implementation of the futex interface as found in the Linux kernel.
|
Package futex provides an implementation of the futex interface as found in the Linux kernel. |
memevent
Package memevent implements the memory usage events controller, which periodically emits events via the eventchannel.
|
Package memevent implements the memory usage events controller, which periodically emits events via the eventchannel. |
pipe
Package pipe provides a pipe implementation.
|
Package pipe provides a pipe implementation. |
sched
Package sched implements scheduler related features.
|
Package sched implements scheduler related features. |
semaphore
Package semaphore implements System V semaphores.
|
Package semaphore implements System V semaphores. |
shm
Package shm implements sysv shared memory segments.
|
Package shm implements sysv shared memory segments. |
signalfd
Package signalfd provides an implementation of signal file descriptors.
|
Package signalfd provides an implementation of signal file descriptors. |
time
Package time defines the Timer type, which provides a periodic timer that works by sampling a user-provided clock.
|
Package time defines the Timer type, which provides a periodic timer that works by sampling a user-provided clock. |
Package limits provides resource limits.
|
Package limits provides resource limits. |
Package loader loads an executable file into a MemoryManager.
|
Package loader loads an executable file into a MemoryManager. |
vdsodata
Package vdsodata contains a compiled VDSO object.
|
Package vdsodata contains a compiled VDSO object. |
Package memmap defines semantics for memory mappings.
|
Package memmap defines semantics for memory mappings. |
Package mm provides a memory management subsystem.
|
Package mm provides a memory management subsystem. |
Package pgalloc contains the page allocator subsystem, which manages memory that may be mapped into application address spaces.
|
Package pgalloc contains the page allocator subsystem, which manages memory that may be mapped into application address spaces. |
Package platform provides a Platform abstraction.
|
Package platform provides a Platform abstraction. |
interrupt
Package interrupt provides an interrupt helper.
|
Package interrupt provides an interrupt helper. |
kvm
Package kvm provides a kvm-based implementation of the platform interface.
|
Package kvm provides a kvm-based implementation of the platform interface. |
ptrace
Package ptrace provides a ptrace-based implementation of the platform interface.
|
Package ptrace provides a ptrace-based implementation of the platform interface. |
ring0
Package ring0 provides basic operating system-level stubs.
|
Package ring0 provides basic operating system-level stubs. |
ring0/pagetables
Package pagetables provides a generic implementation of pagetables.
|
Package pagetables provides a generic implementation of pagetables. |
Package sighandling contains helpers for handling signals to applications.
|
Package sighandling contains helpers for handling signals to applications. |
Package socket provides the interfaces that need to be provided by socket implementations and providers, as well as per family demultiplexing of socket creation.
|
Package socket provides the interfaces that need to be provided by socket implementations and providers, as well as per family demultiplexing of socket creation. |
control
Package control provides internal representations of socket control messages.
|
Package control provides internal representations of socket control messages. |
hostinet
Package hostinet implements AF_INET and AF_INET6 sockets using the host's network stack.
|
Package hostinet implements AF_INET and AF_INET6 sockets using the host's network stack. |
netfilter
Package netfilter helps the sentry interact with netstack's netfilter capabilities.
|
Package netfilter helps the sentry interact with netstack's netfilter capabilities. |
netlink
Package netlink provides core functionality for netlink sockets.
|
Package netlink provides core functionality for netlink sockets. |
netlink/port
Package port provides port ID allocation for netlink sockets.
|
Package port provides port ID allocation for netlink sockets. |
netlink/route
Package route provides a NETLINK_ROUTE socket protocol.
|
Package route provides a NETLINK_ROUTE socket protocol. |
netlink/uevent
Package uevent provides a NETLINK_KOBJECT_UEVENT socket protocol.
|
Package uevent provides a NETLINK_KOBJECT_UEVENT socket protocol. |
netstack
Package netstack provides an implementation of the socket.Socket interface that is backed by a tcpip.Endpoint.
|
Package netstack provides an implementation of the socket.Socket interface that is backed by a tcpip.Endpoint. |
unix
Package unix provides an implementation of the socket.Socket interface for the AF_UNIX protocol family.
|
Package unix provides an implementation of the socket.Socket interface for the AF_UNIX protocol family. |
unix/transport
Package transport contains the implementation of Unix endpoints.
|
Package transport contains the implementation of Unix endpoints. |
Package state provides high-level state wrappers.
|
Package state provides high-level state wrappers. |
Package strace implements the logic to print out the input and the return value of each traced syscall.
|
Package strace implements the logic to print out the input and the return value of each traced syscall. |
Package syscalls is the interface from the application to the kernel.
|
Package syscalls is the interface from the application to the kernel. |
linux
Package linux provides syscall tables for amd64 Linux.
|
Package linux provides syscall tables for amd64 Linux. |
linux/vfs2
Package vfs2 provides syscall implementations that use VFS2.
|
Package vfs2 provides syscall implementations that use VFS2. |
Package time provides a calibrated clock synchronized to a system reference clock.
|
Package time provides a calibrated clock synchronized to a system reference clock. |
Package unimpl contains interface to emit events about unimplemented features.
|
Package unimpl contains interface to emit events about unimplemented features. |
Package uniqueid defines context.Context keys for obtaining system-wide unique identifiers.
|
Package uniqueid defines context.Context keys for obtaining system-wide unique identifiers. |
Package usage provides representations of resource usage.
|
Package usage provides representations of resource usage. |
Package vfs implements a virtual filesystem layer.
|
Package vfs implements a virtual filesystem layer. |
memxattr
Package memxattr provides a default, in-memory extended attribute implementation.
|
Package memxattr provides a default, in-memory extended attribute implementation. |
Package watchdog is responsible for monitoring the sentry for tasks that may potentially be stuck or looping inderterminally causing hard to debug hungs in the untrusted app.
|
Package watchdog is responsible for monitoring the sentry for tasks that may potentially be stuck or looping inderterminally causing hard to debug hungs in the untrusted app. |
Click to show internal directories.
Click to hide internal directories.