summaryrefslogtreecommitdiffstats
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* Add a case to make sure that internal audit records get convertedcsjp2010-05-041-0/+1
* Update device-labeling logic for Biba, LOMAC, and MLS to recognize new-stylerwatson2010-03-023-0/+3
* Make sure we convert audit records that were produced as the result of thecsjp2010-01-311-0/+7
* Replace the static NGROUPS=NGROUPS_MAX+1=1024 with a dynamicbrooks2010-01-121-2/+2
* Make mac_lomac(4) able to interpret NFSv4 access bits.trasz2010-01-031-1/+1
* Having thrown the cat out of the house, add a necessary include.phk2009-09-081-0/+1
* Revert previous commit and add myself to the list of people who shouldphk2009-09-081-1/+0
* Add necessary include.phk2009-09-081-0/+1
* Correctly audit real gids following changes to the audit record argumentrwatson2009-08-121-1/+1
* Eliminate ARG_UPATH[12] arguments to AUDIT_ARG_UPATH() and insteadrwatson2009-07-293-89/+89
* Rework vnode argument auditing to follow the same structure, in orderrwatson2009-07-283-34/+50
* Audit file descriptors passed to fooat(2) system calls, which are usedrwatson2009-07-286-83/+184
* Import OpenBSM 1.1p1 from vendor branch to 8-CURRENT, populatingrwatson2009-07-172-8/+121
* Create audit records for AUE_POSIX_OPENPT, currently w/o arguments.rwatson2009-07-021-0/+1
* Fix comment misthink.rwatson2009-07-021-1/+1
* Clean up a number of aspects of token generation from audit arguments torwatson2009-07-021-69/+55
* For access(2) and eaccess(2), audit the requested access mode.rwatson2009-07-011-2/+9
* Define missing audit argument macro AUDIT_ARG_SOCKET(), andrwatson2009-07-011-0/+6
* When auditing unmount(2), capture FSID arguments as regular text stringsrwatson2009-07-011-0/+8
* Audit the file descriptor number passed to lseek(2).rwatson2009-07-011-1/+1
* udit the 'options' argument to wait4(2).rwatson2009-07-011-0/+4
* Dynamically allocate the gidset field in audit record.sson2009-06-293-2/+13
* Replace AUDIT_ARG() with variable argument macros with a set more morerwatson2009-06-272-15/+174
* Implement global and per-uid accounting of the anonymous memory. Addkib2009-06-232-0/+4
* Chase the removal of PRIV_TTY_PRISON in the mac(9) modules.ed2009-06-202-2/+0
* Adapt vfs kqfilter to the shared vnode lock used by zfs write vop. Usekib2009-06-101-2/+1
* Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERICrwatson2009-06-051-2/+0
* Add one further check with mac_policy_count to an mbuf copying caserwatson2009-06-031-0/+3
* Continue work to optimize performance of "options MAC" when no MAC policyrwatson2009-06-0310-94/+328
* By default, label all network interfaces as biba/equal on attach. Thisrwatson2009-06-031-1/+1
* Mark MAC Framework sx and rm locks as NOWITNESS to suppress warnings thatrwatson2009-06-021-2/+2
* Add internal 'mac_policy_count' counter to the MAC Framework, which is arwatson2009-06-023-22/+70
* Make the rmlock(9) interface a bit more like the rwlock(9) interface:rwatson2009-05-291-1/+1
* Add hierarchical jails. A jail may further virtualize its environmentjamie2009-05-271-2/+2
* Convert the MAC Framework from using rwlocks to rmlocks to stabilizerwatson2009-05-272-21/+32
* Remove the thread argument from the FSD (File-System Dependent) parts ofattilio2009-05-111-1/+1
* Rename MAC Framework-internal macros used to invoke policy entry points:rwatson2009-05-0118-304/+339
* Temporarily relax the constraints on argument size checking for A_GETCOND;rwatson2009-04-191-12/+6
* Merge OpenBSM 1.1 changes to the FreeBSD 8.x kernel:rwatson2009-04-197-44/+225
* Merge new kernel files from OpenBSM 1.1: audit_fcntl.h andrwatson2009-04-161-0/+290
* Remove D_NEEDGIANT from audit pipes. I'm actually not sure why this wasrwatson2009-04-161-1/+1
* Get rid of VSTAT and replace it with VSTAT_PERMS, which is somewhattrasz2009-03-293-6/+6
* - Correct logic in if statement - we want to allocate temporary bufferpjd2009-03-141-1/+3
* Rework MAC Framework synchronization in a number of ways in order torwatson2009-03-1420-327/+410
* Mark the bsdextended rules sysctl as being mpsafe.csjp2009-03-091-2/+2
* Add a new thread-private flag, TDP_AUDITREC, to indicate whether orrwatson2009-03-093-5/+15
* Remove 'uio' argument from MAC Framework and MAC policy entry points forrwatson2009-03-0810-36/+21
* Rename 'ucred' argument to mac_socket_check_bind() to 'cred' to matchrwatson2009-03-081-3/+3
* Improve the consistency of MAC Framework and MAC policy entry pointrwatson2009-03-089-467/+454
* Add static DTrace probes for MAC Framework access control checks andrwatson2009-03-0817-14/+660
OpenPOWER on IntegriCloud