summaryrefslogtreecommitdiffstats
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* Update introductory comment for audit pipes.rwatson2008-11-021-4/+4
* Remove stale comment about filtering in audit pipe ioctl routine: we dorwatson2008-11-021-3/+0
* Add comment for per-pipe stats.rwatson2008-11-011-0/+3
* We only allow a partial read of the first record in an audit piperwatson2008-11-011-15/+28
* Allow a single read(2) system call on an audit pipe to retrieve data fromrwatson2008-11-011-40/+32
* Since there is no longer the opportunity for record truncation, justrwatson2008-10-311-2/+1
* Historically, /dev/auditpipe has allows only whole records to be read viarwatson2008-10-311-58/+86
* When we drop an audit record going to and audit pipe because the auditrwatson2008-10-301-13/+9
* Break out single audit_pipe_mtx into two types of locks: a global rwlockrwatson2008-10-301-83/+127
* Protect the event->class lookup database using an rwlock instead of arwatson2008-10-301-8/+15
* The V* flags passed using an accmode_t to the access() and open()rwatson2008-10-303-12/+26
* Commit part of accmode_t changes that I missed in previous commit.trasz2008-10-281-1/+1
* Break out strictly credential-related portions of mac_process.c into arwatson2008-10-282-141/+213
* Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessarytrasz2008-10-2810-25/+37
* Rename mac_cred_mmapped_drop_perms(), which revokes access to virtualrwatson2008-10-284-20/+18
* Rename three MAC entry points from _proc_ to _cred_ to reflect the factrwatson2008-10-289-201/+202
* Extended comment on why we consider a partition relabel request of "0" torwatson2008-10-281-1/+7
* Rename label_on_label() to partition_check(), which is far morerwatson2008-10-281-7/+7
* Improve alphabetical sort order of stub entry points.rwatson2008-10-281-32/+32
* When the mac_bsdextended policy is unloaded, free rule memory.rwatson2008-10-271-0/+5
* Add TrustedBSD credit to new ugidfw_internal.h file.rwatson2008-10-271-0/+2
* Break mac_bsdextended.c out into multiple .c files, with the base accessrwatson2008-10-274-1451/+149
* Copy mac_bsdextended.c to two object-specific files as a prototype for howrwatson2008-10-272-0/+1536
* Implement MAC policy support for IPv6 fragment reassembly queues,rwatson2008-10-265-5/+275
* Add a MAC label, MAC Framework, and MAC policy entry points for IPv6rwatson2008-10-263-3/+129
* Fix a number of style issues in the MALLOC / FREE commit. I've tried todes2008-10-231-1/+2
* Retire the MALLOC and FREE macros. They are an abomination unto style(9).des2008-10-232-4/+3
* Add a mac_inpcb_check_visible implementation to all MAC policiesbz2008-10-177-0/+111
* Add mac_inpcb_check_visible MAC Framework entry point, which is similarbz2008-10-173-0/+16
* Use the label from the socket credential rather than thebz2008-10-171-1/+2
* Remove unit2minor() use from kernel code.ed2008-09-261-1/+1
* Remove the suser(9) interface from the kernel. It has been replaced fromattilio2008-09-171-8/+24
* Remove VSVTX, VSGID and VSUID. This should be a no-op,trasz2008-09-101-2/+3
* Unbreak the build.des2008-09-041-2/+2
* If the process id specified is invalid, the system call returns ESRCHkevlo2008-09-041-10/+10
* Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed threadattilio2008-08-284-5/+4
* More fully audit fexecve(2) and its arguments.rwatson2008-08-251-0/+7
* Use ERANGE instead of EOVERFLOW selected in r182059, this seems morerwatson2008-08-241-1/+1
* Use sbuf_putc instead of sbuf_cat. This makes more sense, since we arecsjp2008-08-241-1/+1
* Introduce two related changes to the TrustedBSD MAC Framework:rwatson2008-08-2327-161/+456
* When getaudit(2) is unable to fit the terminal IPv6 address into therwatson2008-08-231-1/+1
* Make sure we check the preselection masks present for all audit pipes.csjp2008-08-111-1/+2
* Add sbuf_new_auto as a shortcut for the very common case of creating ades2008-08-091-1/+1
* Minor style tweaks.rwatson2008-08-023-24/+15
* Rename mac_partition_enabled to partition_enabled to synchronize withrwatson2008-08-021-3/+3
* In mac_bsdextended's auditctl and acct policy access control checks,rwatson2008-07-311-11/+8
* Currently, BSM audit pathname token generation for chrooted or jailedcsjp2008-07-311-55/+93
* Further synchronization of copyrights, licenses, white space, etc fromrwatson2008-07-319-11/+10
* Minor white space tweak.rwatson2008-07-231-1/+1
* If an AUE_SYSCTL_NONADMIN audit event is selected, generate a recordrwatson2008-07-221-0/+1
OpenPOWER on IntegriCloud