summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_prot.c
Commit message (Expand)AuthorAgeFilesLines
* o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]glebius2016-01-141-2/+1
* MFC r277322:kib2015-01-251-0/+7
* [SA-14:25] Fix kernel stack disclosure in setlogin(2) / getlogin(2).des2014-11-041-15/+16
* Style fixbapt2012-11-141-1/+1
* return ERANGE if the buffer is too small to contain the login as documented inbapt2012-11-141-0/+2
* Fix a typo. (s/nessesary/necessary/)hrs2012-01-081-1/+1
* In order to maximize the re-usability of kernel code in user space thiskmacy2011-09-161-27/+27
* Notify racct when process credentials change.trasz2011-03-311-0/+10
* Add two new system calls, setloginclass(2) and getloginclass(2). This makestrasz2011-03-051-0/+4
* Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/netchild2011-02-251-0/+5
* Revert r210225 - turns out I was wrong; the "/*-" is not license-onlytrasz2010-07-181-16/+16
* The "/*-" comment marker is supposed to denote copyrights. Remove non-copyrighttrasz2010-07-181-16/+16
* Only allocate the space we need before calling kern_getgroups insteadbrooks2010-01-151-1/+7
* Replace the static NGROUPS=NGROUPS_MAX+1=1024 with a dynamicbrooks2010-01-121-6/+6
* Remove the interim vimage containers, struct vimage and struct procg,jamie2009-07-171-15/+1
* Remove crcopy call from seteuid now that it calls crcopysafe.jamie2009-07-081-1/+0
* Replace AUDIT_ARG() with variable argument macros with a set more morerwatson2009-06-271-15/+15
* Change crsetgroups_locked() (called by crsetgroups()) to sort thebrooks2009-06-201-10/+45
* Rework the credential code to support larger values of NGROUPS andbrooks2009-06-191-35/+135
* Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERICrwatson2009-06-051-1/+0
* Add internal 'mac_policy_count' counter to the MAC Framework, which is arwatson2009-06-021-2/+0
* Introduce an interm userland-kernel API for creating vnets andzec2009-05-311-1/+5
* Add hierarchical jails. A jail may further virtualize its environmentjamie2009-05-271-19/+10
* Introduce a new virtualization container, provisionally named vprocg, to holdzec2009-05-081-0/+10
* Improve the consistency of MAC Framework and MAC policy entry pointrwatson2009-03-081-9/+9
* The userland_sysctl() function retries sysctl_root() until returnedkib2008-12-121-1/+1
* Retire the MALLOC and FREE macros. They are an abomination unto style(9).des2008-10-231-8/+8
* Add cr_canseeinpcb() doing checks using the cached socketbz2008-10-171-0/+35
* Merge first in a series of TrustedBSD MAC Framework KPI changesrwatson2007-10-241-18/+18
* Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); inrwatson2007-06-121-39/+20
* Move per-process audit state from a pointer in the proc structure torwatson2007-06-071-0/+9
* Further system call comment cleanup:rwatson2007-03-051-6/+4
* Remove 'MPSAFE' annotations from the comments above most system calls: allrwatson2007-03-041-97/+3
* Sort copyrights together.rwatson2007-01-081-2/+4
* Add a new priv(9) kernel interface for checking the availability ofrwatson2006-11-061-89/+58
* Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.hrwatson2006-10-221-1/+1
* Declare security and security.bsd sysctl hierarchies in sysctl.h alongrwatson2006-09-171-3/+1
* Add kern_setgroups() and kern_getgroups() and use them to implementjhb2006-07-061-25/+42
* Audit the arguments (user/group IDs) for the system calls that set these IDs.wsalamon2006-02-061-0/+17
* Use the refcount API to manage the reference count for user credentialsjhb2005-09-271-16/+6
* Introduce p_canwait() and MAC Framework and MAC Policy entry pointsrwatson2005-04-181-0/+31
* Introduce new MAC Framework and MAC Policy entry points to control the userwatson2005-04-161-53/+137
* Impose the upper limit on signals that are allowed between kernel threadssobomax2005-03-181-2/+2
* Linuxthreads uses not only signal 32 but several signals >= 32.sobomax2005-03-181-5/+5
* In linux emulation layer try to detect attempt to use linux_clone() tosobomax2005-03-031-0/+12
* Backout addition of SIGTHR into the list of signals allowed to be deliveredsobomax2005-02-131-1/+0
* Backout previous change (disabling of security checks for signals deliveredsobomax2005-02-131-4/+5
* Split out kill(2) syscall service routine into user-level and kernel part, thesobomax2005-02-131-5/+4
* Add SIGTHR (32) into list of signals permitted to be delivered to thesobomax2005-02-111-0/+1
* Style cleanup: with removal of mutex operations, we can also removerwatson2005-01-231-4/+2
OpenPOWER on IntegriCloud