aboutsummaryrefslogtreecommitdiff
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* kern: mac: add a prison_cleanup entry pointKyle Evans2026-02-144-0/+22
* audit: handle AUE_PDWAITKonstantin Belousov2026-01-251-0/+10
* sys: add AUE_PDRFORKKonstantin Belousov2026-01-251-0/+18
* jail(3): fix common usage after mac.label supportKyle Evans2026-01-201-6/+2
* kern: add a mac.label jail parameterKyle Evans2026-01-162-0/+164
* kern: mac: pull mac_label_copyin_string outKyle Evans2026-01-161-18/+30
* mac_set_fd(3): add support for jail descriptorsKyle Evans2026-01-166-2/+90
* kern: mac: add various jail MAC hooksKyle Evans2026-01-165-0/+368
* mac: add macros for 5-argument SDT probesKyle Evans2026-01-161-5/+13
* kern: mac: add a MAC label to struct prisonKyle Evans2026-01-165-0/+180
* MAC: Rename mac_cred_create_swapper to mac_cred_create_kproc0John Baldwin2025-12-049-19/+19
* MAC: Use the current thread's user ABI to determine the layout of struct macJohn Baldwin2025-11-242-28/+6
* audit(4): Fix a typo in an kernel error messageGordon Bergling2025-10-291-1/+1
* audit: convert audit event class lookup to locklessAndrew Gallatin2025-10-271-13/+15
* knotes: kqueue: handle copy for trivial filtersKonstantin Belousov2025-10-181-0/+1
* MAC: Use proper prototype for SYSINIT functionsZhenlei Huang2025-10-131-2/+2
* audit: Use proper prototype for SYSINIT functionsZhenlei Huang2025-10-131-1/+1
* MAC/do: Check executable path from the current jail's rootOlivier Certner2025-09-291-1/+5
* MAC/do: Restore matching the first supplementary groupOlivier Certner2025-09-171-1/+1
* MAC/bsdextended: Restore matching subjects' effective GIDOlivier Certner2025-09-171-1/+3
* jail: Optionally allow audit session state to be configured in a jailMark Johnston2025-09-161-18/+29
* Revert "jail: Optionally allow audit session state to be configured in a jail"Mark Johnston2025-09-161-0/+12
* jail: Optionally allow audit session state to be configured in a jailMark Johnston2025-09-151-12/+0
* MAC/do: Rename the internal malloc typeKushagra Srivastava2025-08-211-24/+24
* mac: Remove uses of DEBUG_VFS_LOCKSMark Johnston2025-08-032-2/+2
* kern: adopt the cr_gid macro for cr_groups[0] more widelyKyle Evans2025-07-242-2/+2
* audit: move the wait from the queue length from the commit to allocKonstantin Belousov2025-06-181-16/+11
* machine/stdarg.h -> sys/stdarg.hBrooks Davis2025-06-112-4/+2
* MAC/do: Fix a too stringent debug assertion for a target of 'uid=*'Olivier Certner2025-05-271-1/+2
* grantbylabel_syscall check p_textvp != NULLSimon J. Gerraty2025-05-161-0/+4
* MAC/do: Rules: <from> and <to> parts now to be separated by '>'Olivier Certner2025-04-021-5/+6
* MAC/do: parse_single_rule(): Fix herald comment's first lineOlivier Certner2025-04-021-1/+1
* MAC: mac_biba, mac_lomac: Fix setting loader tunablesZhenlei Huang2025-02-092-2/+4
* audit/audit.c: fix typo KERNEL_PANICED->KERNEL_PANICKEDKonstantin Belousov2025-02-051-1/+1
* audit(9): do not touch VFS if panicingKonstantin Belousov2025-02-051-1/+2
* audit: Fix short-circuiting in syscallenter()Mark Johnston2025-01-141-1/+4
* MAC/do: Fix a compilation warning about an unused functionOlivier Certner2024-12-171-1/+1
* MAC/do: Update copyrightOlivier Certner2024-12-161-1/+6
* MAC/do: Apply a rule on real UID/GID instead of effective onesOlivier Certner2024-12-161-2/+2
* MAC/do: Convert internal TAILQs to STAILQsOlivier Certner2024-12-161-18/+18
* MAC/do: parse_rules(): Tolerate blanks around tokensOlivier Certner2024-12-161-8/+53
* MAC/do: toast_rules(): Minor simplificationOlivier Certner2024-12-161-3/+2
* MAC/do: Interpret the new rules specification; Monitor setcred()Olivier Certner2024-12-161-94/+618
* MAC/do: Introduce rules reference countingOlivier Certner2024-12-161-5/+58
* New setcred() system call and associated MAC hooksOlivier Certner2024-12-165-2/+110
* MAC/do: Output errors when parsing rulesOlivier Certner2024-12-161-40/+191
* MAC/do: Support multiple users and groups as single rule's targetsOlivier Certner2024-12-161-77/+659
* MAC/do: Rename private OSD slot by removing 'mac_do_' prefixOlivier Certner2024-12-161-10/+10
* MAC/do: Ease input/output of ID typesOlivier Certner2024-12-161-5/+44
* MAC/do: Better parsing for IDs (strtoui_strict())Olivier Certner2024-12-161-6/+49
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-21 20:06:52 +0000