| Commit message (Expand) | Author | Age | Files | Lines |
* | Declare security and security.bsd sysctl hierarchies in sysctl.h along | rwatson | 2006-09-17 | 1 | -3/+1 |
* | Add kern_setgroups() and kern_getgroups() and use them to implement | jhb | 2006-07-06 | 1 | -25/+42 |
* | Audit the arguments (user/group IDs) for the system calls that set these IDs. | wsalamon | 2006-02-06 | 1 | -0/+17 |
* | Use the refcount API to manage the reference count for user credentials | jhb | 2005-09-27 | 1 | -16/+6 |
* | Introduce p_canwait() and MAC Framework and MAC Policy entry points | rwatson | 2005-04-18 | 1 | -0/+31 |
* | Introduce new MAC Framework and MAC Policy entry points to control the use | rwatson | 2005-04-16 | 1 | -53/+137 |
* | Impose the upper limit on signals that are allowed between kernel threads | sobomax | 2005-03-18 | 1 | -2/+2 |
* | Linuxthreads uses not only signal 32 but several signals >= 32. | sobomax | 2005-03-18 | 1 | -5/+5 |
* | In linux emulation layer try to detect attempt to use linux_clone() to | sobomax | 2005-03-03 | 1 | -0/+12 |
* | Backout addition of SIGTHR into the list of signals allowed to be delivered | sobomax | 2005-02-13 | 1 | -1/+0 |
* | Backout previous change (disabling of security checks for signals delivered | sobomax | 2005-02-13 | 1 | -4/+5 |
* | Split out kill(2) syscall service routine into user-level and kernel part, the | sobomax | 2005-02-13 | 1 | -5/+4 |
* | Add SIGTHR (32) into list of signals permitted to be delivered to the | sobomax | 2005-02-11 | 1 | -0/+1 |
* | Style cleanup: with removal of mutex operations, we can also remove | rwatson | 2005-01-23 | 1 | -4/+2 |
* | When reading pr_securelevel from a prison, perform a lockless read, | rwatson | 2005-01-23 | 1 | -4/+0 |
* | /* -> /*- for copyright notices, minor format tweaks as necessary | imp | 2005-01-06 | 1 | -1/+1 |
* | Remove sched_free_thread() which was only used | julian | 2004-08-31 | 1 | -13/+0 |
* | Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is | cperciva | 2004-07-26 | 1 | -21/+21 |
* | In setpgid(), since td is passed in as a system call argument, use it | rwatson | 2004-07-23 | 1 | -1/+1 |
* | suser() accepts a thread argument; as suser() dereferences td_ucred, a | rwatson | 2004-07-22 | 1 | -0/+12 |
* | Add a SUSER_RUID flag to suser_cred. This flag indicates that we want to | cperciva | 2004-07-16 | 1 | -3/+2 |
* | Socket MAC labels so_label and so_peerlabel are now protected by | rwatson | 2004-06-13 | 1 | -0/+2 |
* | Deorbit COMPAT_SUNOS. | phk | 2004-06-11 | 1 | -3/+3 |
* | Remove advertising clause from University of California Regent's license, | imp | 2004-04-05 | 1 | -4/+0 |
* | Don't grab Giant in crfree(), since prison_free() no longer requires it. | rwatson | 2004-01-23 | 1 | -3/+1 |
* | Rename mac_create_cred() MAC Framework entry point to mac_copy_cred(), | rwatson | 2003-12-06 | 1 | -1/+1 |
* | Add a sysctl, security.bsd.see_other_gids, similar in semantics | rwatson | 2003-11-17 | 1 | -2/+51 |
* | Writes to p_flag in __setugid() no longer need Giant. | jhb | 2003-10-23 | 1 | -4/+0 |
* | Add a new sysctl, security.bsd.conservative_signals, to disable | rwatson | 2003-09-14 | 1 | -1/+16 |
* | Extend the mutex pool implementation to permit the creation and use of | truckman | 2003-07-13 | 1 | -1/+1 |
* | In setpgrp(), don't assume a pgrp won't exist if the provided pgid is the same | cognet | 2003-07-04 | 1 | -12/+13 |
* | At this point targp will always be NULL, so remove the useless if. | cognet | 2003-06-25 | 1 | -2/+0 |
* | Various cr*() calls believed to be MPSAFE, since the uidinfo | rwatson | 2003-06-15 | 1 | -0/+8 |
* | Use __FBSDID(). | obrien | 2003-06-11 | 1 | -1/+3 |
* | The issetugid() function is MPSAFE. | jhb | 2003-06-09 | 1 | -1/+1 |
* | Remove Giant from the setuid(), seteuid(), setgid(), setegid(), | jhb | 2003-05-01 | 1 | -30/+0 |
* | Remove Giant from getpgid() and getsid() and tweak the logic to more | jhb | 2003-04-25 | 1 | -30/+28 |
* | Back out M_* changes, per decision of the TRB. | imp | 2003-02-19 | 1 | -4/+4 |
* | Remove mtx_lock_giant from functions which are mp-safe. | jake | 2003-02-10 | 1 | -9/+0 |
* | Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. | alfred | 2003-01-21 | 1 | -4/+4 |
* | Include file cleanup; mac.h and malloc.h at one point had ordering | rwatson | 2002-08-01 | 1 | -1/+1 |
* | Introduce support for Mandatory Access Control and extensible | rwatson | 2002-07-31 | 1 | -3/+21 |
* | Introduce support for Mandatory Access Control and extensible | rwatson | 2002-07-31 | 1 | -0/+11 |
* | Revert removal of cred_free_thread(): It is used to ensure that a thread's | mini | 2002-07-11 | 1 | -0/+13 |
* | More caddr_t removal, make fo_ioctl take a void * instead of a caddr_t. | alfred | 2002-06-29 | 1 | -20/+17 |
* | Remove unused diagnostic function cread_free_thread(). | mini | 2002-06-24 | 1 | -13/+0 |
* | Squish the "could sleep with process lock" messages caused by calling | alfred | 2002-06-19 | 1 | -14/+40 |
* | setsugid() touches p->p_flag so assert that the proc is locked. | alfred | 2002-06-18 | 1 | -0/+2 |
* | Change p_can{debug,see,sched,signal}()'s first argument to be a thread | jhb | 2002-05-19 | 1 | -60/+69 |
* | As malloc(9) and free(9) are now Giant-free, remove the Giant lock | tanimura | 2002-05-03 | 1 | -16/+5 |