aboutsummaryrefslogtreecommitdiff
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* MAC: Use proper prototype for SYSINIT functionsZhenlei Huang2026-01-311-2/+2
* audit: Use proper prototype for SYSINIT functionsZhenlei Huang2026-01-311-1/+1
* MAC: Use the current thread's user ABI to determine the layout of struct macJohn Baldwin2026-01-292-28/+6
* mac_ipacl: Use IfAPIJustin Hibbits2025-12-261-4/+4
* kern: adopt the cr_gid macro for cr_groups[0] more widelyKyle Evans2025-12-192-2/+2
* audit(4): Fix a typo in an kernel error messageGordon Bergling2025-11-191-1/+1
* MAC/do: Check executable path from the current jail's rootOlivier Certner2025-10-101-1/+5
* MAC/do: Rename the internal malloc typeKushagra Srivastava2025-09-121-24/+24
* mac: Remove uses of DEBUG_VFS_LOCKSMark Johnston2025-08-252-2/+2
* audit: move the wait from the queue length from the commit to allocKonstantin Belousov2025-06-241-16/+11
* MAC/do: Fix a too stringent debug assertion for a target of 'uid=*'Olivier Certner2025-05-271-1/+2
* MAC/do: Rules: <from> and <to> parts now to be separated by '>'Olivier Certner2025-04-081-5/+6
* MAC/do: parse_single_rule(): Fix herald comment's first lineOlivier Certner2025-04-081-1/+1
* MAC/do: Fix a compilation warning about an unused functionOlivier Certner2025-04-031-1/+1
* MAC/do: Update copyrightOlivier Certner2025-04-031-1/+6
* MAC/do: Apply a rule on real UID/GID instead of effective onesOlivier Certner2025-04-031-2/+2
* MAC/do: Convert internal TAILQs to STAILQsOlivier Certner2025-04-031-18/+18
* MAC/do: parse_rules(): Tolerate blanks around tokensOlivier Certner2025-04-031-8/+53
* MAC/do: toast_rules(): Minor simplificationOlivier Certner2025-04-031-3/+2
* MAC/do: Interpret the new rules specification; Monitor setcred()Olivier Certner2025-04-031-94/+618
* MAC/do: Introduce rules reference countingOlivier Certner2025-04-031-5/+58
* New setcred() system call and associated MAC hooksOlivier Certner2025-04-035-2/+110
* MAC/do: Output errors when parsing rulesOlivier Certner2025-04-031-40/+191
* MAC/do: Support multiple users and groups as single rule's targetsOlivier Certner2025-04-031-77/+659
* MAC/do: Rename private OSD slot by removing 'mac_do_' prefixOlivier Certner2025-04-031-10/+10
* MAC/do: Ease input/output of ID typesOlivier Certner2025-04-031-5/+44
* MAC/do: Better parsing for IDs (strtoui_strict())Olivier Certner2025-04-031-6/+49
* MAC/do: 'struct rule': IDs and types as 'u_int', rename fieldsOlivier Certner2025-04-031-59/+43
* MAC/do: parse_rule_element(): Bug in parsing the origin IDOlivier Certner2025-04-031-1/+1
* MAC/do: parse_rule_element(): Style, more clarityOlivier Certner2025-04-031-5/+9
* MAC/do: jail_check()/jail_set(): RevampOlivier Certner2025-04-031-17/+111
* MAC/do: Fix jail_get() (PR_METHOD_GET)Olivier Certner2025-04-031-4/+10
* MAC/do: Sysctl knobs/jail parameters under MAC's common nodesOlivier Certner2025-04-031-10/+8
* MAC/do: Prefix internal functions used as hooks/callbacksOlivier Certner2025-04-031-12/+12
* MAC/do: Re-order jail methods more logically, renameOlivier Certner2025-04-031-42/+45
* MAC/do: parse_rule_element(): Fix a panic, harden, simplifyOlivier Certner2025-04-031-15/+23
* MAC/do: Move destroy() to a better placeOlivier Certner2025-04-031-6/+6
* MAC/do: Remove the 'prison0' special cases in the common pathsOlivier Certner2025-04-031-17/+10
* MAC/do: Enable changing 'security.mac.do.rules' from a jailOlivier Certner2025-04-031-1/+1
* MAC/do: sysctl_rules(): Set the requesting's thread's jail's rulesOlivier Certner2025-04-031-2/+4
* MAC/do: sysctl_rules(): Always copy the rules specification stringOlivier Certner2025-04-031-14/+6
* MAC/do: Remove PR_METHOD_REMOVE methodOlivier Certner2025-04-031-17/+15
* MAC/do: Allocate/deallocate rules as a wholeOlivier Certner2025-04-031-98/+75
* MAC/do: Factor out setting/destroying rule structuresOlivier Certner2025-04-031-79/+156
* MAC/do: find_rules(): Clarify the contractOlivier Certner2025-04-031-8/+16
* MAC/do: Use prison_lock()/prison_unlock()Olivier Certner2025-04-031-23/+23
* MAC/do: Rename internal mac_do_rule_find() => find_rules()Olivier Certner2025-04-031-8/+8
* MAC/do: Rename private struct 'mac_do_rule' => 'rules'Olivier Certner2025-04-031-14/+14
* MAC/do: Rename rule_is_valid() => rule_applies()Olivier Certner2025-04-031-3/+3
* MAC/do: parse_rules(): Copy input string on its ownOlivier Certner2025-04-031-14/+13
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-04 16:45:00 +0000