aboutsummaryrefslogtreecommitdiff
path: root/sys/kern/kern_jail.c
Commit message (Expand)AuthorAgeFilesLines
* base: remove if_wg(4) and associated utilities, manpageKyle Evans2021-03-171-1/+0
* if_wg: import latest fixup work from the wireguard-freebsd projectKyle Evans2021-03-151-0/+1
* jail: Add safety around prison_deref() flags.Jamie Gritton2021-02-261-2/+8
* jail: Fix locking on an early jail_set error.Jamie Gritton2021-02-261-1/+1
* jail: re-commit 811e27fa3c44 with fixesJamie Gritton2021-02-251-94/+168
* jail: back out 811e27fa3c44 until it doesn't break JenkinsJamie Gritton2021-02-251-165/+93
* jail: Don't allow jails under dying parentsJamie Gritton2021-02-231-23/+17
* jail: Fix a LOR introduced in 1158508a8086Jamie Gritton2021-02-221-0/+4
* jail: Add PD_KILL to remove a prison in prison_deref().Jamie Gritton2021-02-221-93/+165
* jail: Add pr_state to struct prisonJamie Gritton2021-02-211-47/+55
* jail: fix build after the previous commitMateusz Guzik2021-02-211-1/+1
* jail: Change the locking around pr_ref and pr_urefJamie Gritton2021-02-211-212/+211
* jail: Improve locking when removing prisonsJamie Gritton2021-02-201-28/+41
* jail: Change both root and working directories in jail_attach(2)Jamie Gritton2021-02-191-1/+1
* jail: Handle a possible race between jail_remove(2) and fork(2)Jamie Gritton2021-02-161-3/+21
* jail: Handle a parent jail when a child is added to itJamie Gritton2021-01-291-2/+20
* jail: fix dangling reference bug from 6754ae2572ebJamie Gritton2021-01-221-9/+1
* jail: A jail could be removed without calling OSD methodsJamie Gritton2021-01-221-1/+1
* jail: Use refcount(9) for prison references.Jamie Gritton2021-01-201-59/+86
* jail: Clean up some function placement and improve comments.Jamie Gritton2021-01-191-61/+96
* jail: Fix a stray mutex from 76ad42abf9d4.Jamie Gritton2021-01-181-2/+2
* jail: Add prison_isvalid() and prison_isalive()Jamie Gritton2021-01-181-38/+66
* jail: Simplify handling of prison_deref()Jamie Gritton2021-01-101-163/+161
* jail: revert the attachment part of b4e87a632955Jamie Gritton2021-01-011-8/+2
* jail: Clean up allprison_lock handing in kern_jail_setJamie Gritton2020-12-311-12/+18
* jail: add a missing lock around an osd_jail_call().Jamie Gritton2020-12-271-3/+9
* jail: Consistently handle the pr_allow bitmaskJamie Gritton2020-12-271-19/+58
* jail: Fix lock-free access to dynamic pr.allow flagsJamie Gritton2020-12-261-24/+32
* jail: Fix an O(n^2) loop when adding jailsJamie Gritton2020-12-261-49/+114
* jail: introduce per jail suser_enabled settingMariusz Zaborski2020-11-181-1/+5
* Fix style nits.Mariusz Zaborski2020-11-181-2/+2
* kern: clean up empty lines in .c and .h filesMateusz Guzik2020-09-011-1/+0
* vfs: respect PRIV_VFS_LOOKUP in vaccess_smrMateusz Guzik2020-08-251-1/+1
* [net80211] Add new privileges; restrict what can be done in a jail.Adrian Chadd2020-07-191-4/+2
* vfs: add restrictions to read(2) of a directory [2/2]Kyle Evans2020-06-041-0/+8
* ethersubr: Make the mac address generation more robustKristof Provost2020-04-181-0/+9
* Preload hostuuid for early-boot useKyle Evans2020-04-161-0/+31
* kern_jail: missing \0 termination check on osrelease parameterBjoern A. Zeeb2020-03-141-3/+9
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-261-3/+3
* Partially decompose priv_check by adding priv_check_cred_vfs_generationMateusz Guzik2020-02-131-0/+10
* Inline jailed().Mateusz Guzik2020-02-131-10/+0
* vfs: remove now useless ENODEV handling from vn_fullpath consumersMateusz Guzik2020-02-081-23/+2
* Remove duplicated empty lines from kern/*.cMateusz Guzik2020-01-301-6/+0
* vfs: drop the mostly unused flags argument from VOP_UNLOCKMateusz Guzik2020-01-031-3/+3
* Split gigantic rtsock route_output() into smaller functions.Alexander V. Chernikov2019-12-311-5/+5
* Replace hand-rolled unrefs if > 1 with refcount_release_if_not_lastMateusz Guzik2018-12-071-3/+1
* In hardened systems, where the security.bsd.unprivileged_proc_debug sysctlJamie Gritton2018-11-271-2/+16
* Allow set ether/vlan PCP operation from the VNET jails.Konstantin Belousov2018-11-121-0/+1
* Fix typos from r339409.Jamie Gritton2018-10-181-1/+1
* Add a new jail permission, allow.read_msgbuf. When true, jailed processesJamie Gritton2018-10-171-0/+12