aboutsummaryrefslogtreecommitdiff
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* Convert remaining cap_rights_init users to cap_rights_init_oneMateusz Guzik2021-01-122-4/+6
* mac: cheaper check for mac_vnode_check_readlinkMateusz Guzik2021-01-083-2/+20
* cache: combine fast path enabled status into one flagMateusz Guzik2021-01-061-0/+3
* audit: rework AUDIT_SYSCLOSEMateusz Guzik2020-12-172-8/+4
* pipe: allow for lockless pipe_statMateusz Guzik2020-11-193-3/+30
* mac_framework.h: fix build with DEBUG_VFS_LOCKS and !MACAndriy Gapon2020-09-031-1/+1
* security: clean up empty lines in .c and .h filesMateusz Guzik2020-09-0113-22/+4
* cache: drop the always curthread argument from reverse lookup routinesMateusz Guzik2020-08-241-1/+1
* vfs: add VOP_STATMateusz Guzik2020-08-071-1/+1
* mac: even up all entry points to the same schemeMateusz Guzik2020-08-061-7/+38
* vfs: add a cheaper entry for mac_vnode_check_accessMateusz Guzik2020-08-053-2/+17
* Fix tinderbox build after r363714Mateusz Guzik2020-07-301-0/+8
* vfs: elide MAC-induced locking on rename if there are no relevant hoooksMateusz Guzik2020-07-292-0/+7
* vfs: add the infrastructure for lockless lookupMateusz Guzik2020-07-251-1/+2
* vfs: fix vn_poll performance with either MAC or AUDITMateusz Guzik2020-07-162-1/+16
* vfs: fix MAC/AUDIT mismatch in vn_pollMateusz Guzik2020-07-161-0/+10
* audit: provide AUDITING_TD for !AUDIT caseMateusz Guzik2020-07-041-0/+2
* mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writersSimon J. Gerraty2020-06-121-1/+1
* Deduplicate fsid comparisonsRyan Moeller2020-05-212-4/+3
* Add BSM record conversion for a number of syscalls:Christian S.J. Peron2020-05-161-0/+34
* audit_canon_path_vp: don't panic if cdir == NULLKyle Evans2020-04-171-2/+7
* mac_policy: Remove mac_policy_sxJason A. Harmening2020-04-041-8/+3
* Make sure we convert internal audit records for thr_newChristian S.J. Peron2020-03-301-0/+3
* In r358471, we interrupted the case block that would eventually leadChristian S.J. Peron2020-03-031-9/+10
* fd: move vnodes out of filedesc into a dedicated structureMateusz Guzik2020-03-011-15/+12
* Currently kernel audit events for jail_set(2), jail_get(2), jail_attach(2),Christian S.J. Peron2020-02-291-0/+16
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-2615-19/+36
* audit: provide audit_canon_path variant which accepts vnodesMateusz Guzik2020-02-214-23/+103
* audit: simplify path resolving logicMateusz Guzik2020-02-211-49/+26
* audit: rely on use count instead of hold count in audit_canon_pathMateusz Guzik2020-02-211-9/+6
* vfs: add realpathat syscallMateusz Guzik2020-02-201-0/+1
* Merge audit and systrace checksMateusz Guzik2020-02-141-3/+6
* Annotate branches in the syscall pathMateusz Guzik2020-02-141-1/+1
* vfs: use mac fastpath for lookup, open, read, write, mmapMateusz Guzik2020-02-133-15/+124
* mac: implement fast path for checksMateusz Guzik2020-02-133-4/+118
* vfs: eliminate v_tag from struct vnodeMateusz Guzik2020-01-071-9/+22
* vfs: drop the mostly unused flags argument from VOP_UNLOCKMateusz Guzik2020-01-037-13/+13
* mac: use a sleepable rmlock instead of an sx lockMateusz Guzik2019-12-271-2/+6
* Instead of looking up a predecessor or successor to the current mapDoug Moore2019-11-201-4/+5
* Jail and capability mode for shm_rename; add audit support for shm_renameDavid Bright2019-11-181-0/+10
* Define wrapper functions vm_map_entry_{succ,pred} to act as wrappersDoug Moore2019-11-131-1/+2
* Define macro VM_MAP_ENTRY_FOREACH for enumerating the entries in a vm_map.Doug Moore2019-10-081-1/+1
* vm_map_simplify_entry considers merging an entry with its twoDoug Moore2019-08-251-1/+1
* Fix mac_veriexec_parser build after r347938Marcin Wojtas2019-08-081-1/+3
* Extract eventfilter declarations to sys/_eventfilter.hConrad Meyer2019-05-202-0/+3
* Add a new ioctl for the larger params struct that includes the label.Stephen J. Kiernan2019-05-173-53/+117
* Obtain a shared lock instead of exclusive in the MAC/veriexecStephen J. Kiernan2019-05-171-1/+2
* sysctls which should be restricted when securelevel is raised should alsoStephen J. Kiernan2019-05-171-2/+20
* Fix format strings for some debug messages that could have arguments thatStephen J. Kiernan2019-05-171-9/+12
* Ensure we have obtained a lock on the process before callingStephen J. Kiernan2019-05-171-1/+10
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 18:45:30 +0000