| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Don't allow creating a socket with a protocol family that the current | jamie | 2009-02-05 | 1 | -0/+42 |
| * | Standardize the various prison_foo_ip[46] functions and prison_if to | jamie | 2009-02-05 | 1 | -70/+74 |
| * | Mark most often used sysctl's as MPSAFE. | ed | 2009-01-28 | 1 | -4/+6 |
| * | For consistency with prison_{local,remote,check}_ipN rename | bz | 2009-01-25 | 1 | -2/+2 |
| * | Back out r186615; the sanitizing of the pointers in the error case | bz | 2009-01-04 | 1 | -2/+0 |
| * | Added missing second part of cleaning j->ip[46] as requested by bz | pho | 2008-12-30 | 1 | -0/+2 |
| * | Make sure that unused j->ip[46] are cleared | pho | 2008-12-30 | 1 | -2/+4 |
| * | Correctly check the number of prison states to not access anything | bz | 2008-12-11 | 1 | -2/+2 |
| * | Unbreak the no-networks (no INET/6) build that I broke with | bz | 2008-11-29 | 1 | -0/+2 |
| * | MFp4: | bz | 2008-11-29 | 1 | -60/+848 |
| * | With the permissions of phk@ change the license on kern_jail.c | bz | 2008-11-28 | 1 | -6/+22 |
| * | Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes. | pjd | 2008-11-17 | 1 | -234/+28 |
| * | Retire the MALLOC and FREE macros. They are an abomination unto style(9). | des | 2008-10-23 | 1 | -6/+6 |
| * | Step 1.5 of importing the network stack virtualization infrastructure | zec | 2008-10-02 | 1 | -0/+1 |
| * | Commit step 1 of the vimage project, (network stack) | bz | 2008-08-17 | 1 | -1/+2 |
| * | MFp4 144659: | bz | 2008-07-07 | 1 | -0/+4 |
| * | Introduce a new lock, hostname_mtx, and use it to synchronize access | rwatson | 2008-07-05 | 1 | -1/+4 |
| * | Revert rev. 178124 as requested by kris@. Having jail id not being | delphij | 2008-06-19 | 1 | -18/+24 |
| * | Instead of rolling our own jail number allocation procedure, use | delphij | 2008-04-11 | 1 | -24/+18 |
| * | Add the support for the AT_FDCWD and fd-relative name lookups to the | kib | 2008-03-31 | 1 | -0/+1 |
| * | Replace the last susers calls in netinet6/ with privilege checks. | bz | 2008-01-24 | 1 | -0/+6 |
| * | VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in | attilio | 2008-01-13 | 1 | -3/+3 |
| * | vn_lock() is currently only used with the 'curthread' passed as argument. | attilio | 2008-01-10 | 1 | -1/+1 |
| * | Merge first in a series of TrustedBSD MAC Framework KPI changes | rwatson | 2007-10-24 | 1 | -1/+1 |
| * | Add PRIV_VFS_STAT privilege, which will allow overriding policy limits on | rwatson | 2007-10-21 | 1 | -0/+1 |
| * | Fix jails and jail-friendly file systems handling: | pjd | 2007-04-13 | 1 | -0/+1 |
| * | Allow PRIV_NETINET_REUSEPORT in jail. | rwatson | 2007-04-10 | 1 | -1/+3 |
| * | prison_free() can be called with a mutex held. This wasn't a problem until | pjd | 2007-04-08 | 1 | -11/+16 |
| * | Only use prison mutex to protect the fields that need to be protected by it. | pjd | 2007-04-08 | 1 | -2/+2 |
| * | pr_list is protected by the allprison_lock. | pjd | 2007-04-08 | 1 | -1/+1 |
| * | Implement functionality I called 'jail services'. | pjd | 2007-04-05 | 1 | -27/+244 |
| * | Make prison_find() globally accessible. | pjd | 2007-04-05 | 1 | -2/+1 |
| * | Add security.jail.mount_allowed sysctl, which allows to mount and | pjd | 2007-04-05 | 1 | -0/+17 |
| * | Minor simplification. | pjd | 2007-03-09 | 1 | -3/+1 |
| * | White space nits. | pjd | 2007-03-07 | 1 | -4/+4 |
| * | Remove 'MPSAFE' annotations from the comments above most system calls: all | rwatson | 2007-03-04 | 1 | -4/+0 |
| * | Rename PRIV_VFS_CLEARSUGID to PRIV_VFS_RETAINSUGID, which seems to better | pjd | 2007-03-01 | 1 | -1/+1 |
| * | Remove unused PRIV_IPC_EXEC. Renumbers System V IPC privilege. | rwatson | 2007-02-20 | 1 | -1/+0 |
| * | Rename three quota privileges from the UFS privilege namespace to the | rwatson | 2007-02-19 | 1 | -2/+2 |
| * | Limit quota privileges in jail to PRIV_UFS_GETQUOTA and | rwatson | 2007-02-19 | 1 | -5/+2 |
| * | For now, reflect practical reality that Audit system calls aren't | rwatson | 2007-02-19 | 1 | -0/+2 |
| * | Add a new priv(9) kernel interface for checking the availability of | rwatson | 2006-11-06 | 1 | -1/+168 |
| * | Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h | rwatson | 2006-10-22 | 1 | -1/+2 |
| * | Declare security and security.bsd sysctl hierarchies in sysctl.h along | rwatson | 2006-09-17 | 1 | -1/+0 |
| * | Push Giant down in jails. Pass the MPSAFE flag to NDINIT, and keep track | csjp | 2005-09-28 | 1 | -16/+15 |
| * | Actually only protect mount-point if security.jail.enforce_statfs is set to 2. | pjd | 2005-06-23 | 1 | -1/+0 |
| * | Rename sysctl security.jail.getfsstatroot_only to security.jail.enforce_statfs | pjd | 2005-06-09 | 1 | -11/+86 |
| * | - Use taskqueue_thread rather than taskqueue_swi since our task is going | jeff | 2005-04-05 | 1 | -1/+1 |
| * | Drop a bogus mp_fixme(). Adding a lock would do nothing to reduce userland | jhb | 2005-03-31 | 1 | -2/+0 |
| * | Add a new sysctl, "security.jail.chflags_allowed", which controls the | cperciva | 2005-02-08 | 1 | -0/+5 |
