| Commit message (Expand) | Author | Age | Files | Lines |
* | Fix mac_veriexec_parser build after r347938 | Marcin Wojtas | 2019-08-08 | 1 | -1/+3 |
* | Extract eventfilter declarations to sys/_eventfilter.h | Conrad Meyer | 2019-05-20 | 2 | -0/+3 |
* | Add a new ioctl for the larger params struct that includes the label. | Stephen J. Kiernan | 2019-05-17 | 3 | -53/+117 |
* | Obtain a shared lock instead of exclusive in the MAC/veriexec | Stephen J. Kiernan | 2019-05-17 | 1 | -1/+2 |
* | sysctls which should be restricted when securelevel is raised should also | Stephen J. Kiernan | 2019-05-17 | 1 | -2/+20 |
* | Fix format strings for some debug messages that could have arguments that | Stephen J. Kiernan | 2019-05-17 | 1 | -9/+12 |
* | Ensure we have obtained a lock on the process before calling | Stephen J. Kiernan | 2019-05-17 | 1 | -1/+10 |
* | When MAC is enabled and a policy module is loaded, don't unconditionally | Robert Watson | 2019-05-03 | 3 | -26/+51 |
* | Create kernel module to parse Veriexec manifest based on envs | Marcin Wojtas | 2019-04-03 | 1 | -0/+474 |
* | Create new EINTEGRITY error with message "Integrity check failed". | Kirk McKusick | 2019-01-17 | 1 | -0/+7 |
* | mac: reduce pessimization of sdt probe handling | Mateusz Guzik | 2018-12-19 | 1 | -12/+16 |
* | Remove unused argument to priv_check_cred. | Mateusz Guzik | 2018-12-11 | 7 | -14/+13 |
* | audi: replace open-coded TDP_AUDITREC checks with the macro | Mateusz Guzik | 2018-12-11 | 1 | -2/+2 |
* | audit: predict AUDITING_TD as false | Mateusz Guzik | 2018-11-29 | 1 | -1/+1 |
* | audit: change audit_syscalls_enabled type to bool | Mateusz Guzik | 2018-11-29 | 2 | -6/+6 |
* | Add const to input-only char * arguments. | Brooks Davis | 2018-11-02 | 2 | -2/+2 |
* | Rework the logic around quick checks for auditing that take place at | Robert Watson | 2018-10-02 | 6 | -44/+103 |
* | The kernel DTrace audit provider (dtaudit) relies on auditd(8) to load | Robert Watson | 2018-09-03 | 1 | -8/+83 |
* | Require that MAC label buffers be able to store a non-empty string. | Mark Johnston | 2018-08-01 | 1 | -1/+3 |
* | fix incorrect operator in the AUDITPIPE_SET_QLIMIT bounds check | Andriy Gapon | 2018-07-23 | 1 | -1/+1 |
* | Fix audit of chflagsat, lgetfh, and setfib | Alan Somers | 2018-07-22 | 1 | -0/+3 |
* | Make it possible to run ntpd as a non-root user, add ntpd uid and gid. | Ian Lepore | 2018-07-19 | 1 | -0/+77 |
* | auditon(2): fix A_SETPOLICY with 64-bit values | Alan Somers | 2018-07-15 | 1 | -1/+1 |
* | Add mpo_vnode_check_setmode MAC method to MAC/veriexec. | Stephen J. Kiernan | 2018-07-14 | 1 | -0/+33 |
* | Fix a typo which could cause a build breakage when building with MAC/veriexec | Stephen J. Kiernan | 2018-07-14 | 2 | -2/+1 |
* | Remove RIPEMD-160 fingerprint modules for veriexec, since it has very | Stephen J. Kiernan | 2018-07-14 | 1 | -45/+0 |
* | Fix build breakage in veriexec for 32-bit architectures. | Stephen J. Kiernan | 2018-06-20 | 2 | -23/+28 |
* | MAC/veriexec implements a verified execution environment using the MAC | Stephen J. Kiernan | 2018-06-20 | 10 | -0/+2454 |
* | audit(4): fix the definition of ARG_TERMID_ADDR | Alan Somers | 2018-06-13 | 1 | -1/+1 |
* | #include <bsm/audit.h> in security/audit/audit_ioctl.h | Alan Somers | 2018-05-30 | 1 | -0/+2 |
* | Fix "Bad tailq" panic when auditing auditon(A_SETCLASS, ...) | Alan Somers | 2018-05-28 | 1 | -1/+0 |
* | Use an accessor function to access ifr_data. | Brooks Davis | 2018-03-30 | 1 | -2/+2 |
* | audit(4): fix a typo in a comment | Alan Somers | 2018-03-17 | 1 | -1/+1 |
* | mac_portacl(4): stop panicing INVARIANTS-enabled kernel by loading .ko | Eugene Grosbein | 2018-02-25 | 1 | -0/+1 |
* | Reduce duplication in __mac_*_(file|link)(2) implementation. | Brooks Davis | 2018-02-15 | 1 | -97/+27 |
* | Do pass removing some write-only variables from the kernel. | Alexander Kabaev | 2017-12-25 | 1 | -2/+0 |
* | sys: further adoption of SPDX licensing ID tags. | Pedro F. Giffuni | 2017-11-20 | 13 | -1/+27 |
* | Sprinkle __read_frequently on few obvious places. | Mateusz Guzik | 2017-09-06 | 1 | -1/+1 |
* | Correct bitwise test in mac_bsdextended ugidfw_rule_valid() | Ed Maste | 2017-06-13 | 1 | -1/+1 |
* | Commit the 64-bit inode project. | Konstantin Belousov | 2017-05-23 | 1 | -4/+4 |
* | Break audit_bsm_klib.c into two files: one (audit_bsm_klib.c) | Robert Watson | 2017-04-03 | 2 | -271/+330 |
* | Correct macro names and signatures for !AUDIT versions of canonical | Robert Watson | 2017-03-31 | 1 | -2/+2 |
* | Audit arguments to POSIX message queues, semaphores, and shared memory. | Robert Watson | 2017-03-31 | 2 | -0/+56 |
* | Audit arguments to System V IPC system calls implementing sempahores, | Robert Watson | 2017-03-30 | 1 | -0/+30 |
* | Various BSM generation improvements when auditing AUE_ACCEPT, | Robert Watson | 2017-03-30 | 1 | -6/+68 |
* | Don't ifdef KDTRACE_HOOKS struct, variable, and function prototype | Robert Watson | 2017-03-30 | 1 | -8/+0 |
* | When handling msgsys(2), semsys(2), and shmsys(2) multiplex system calls, | Robert Watson | 2017-03-29 | 5 | -3/+118 |
* | Add an experimental DTrace audit provider, which allows users of DTrace to | Robert Watson | 2017-03-29 | 5 | -15/+700 |
* | Introduce an audit event identifier -> audit event name mapping | Robert Watson | 2017-03-27 | 4 | -1/+216 |
* | Extend comment describing path canonicalisation in audit. | Robert Watson | 2017-03-27 | 1 | -1/+2 |