| Commit message (Expand) | Author | Age | Files | Lines |
... | |
* | - Add a FEATURE for capsicum (security_capabilities). | Alexander Leidinger | 2011-03-04 | 1 | -1/+1 |
* | Add ECAPMODE, "Not permitted in capability mode", a new kernel errno | Robert Watson | 2011-03-01 | 1 | -0/+14 |
* | Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/ | Alexander Leidinger | 2011-02-25 | 2 | -0/+5 |
* | Unless "cnt" exceeds MAX_COMMIT_COUNT, nfsrv_commit() and nfsvno_fsync() are | Alan Cox | 2011-02-05 | 1 | -5/+2 |
* | sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. | Matthew D Fleming | 2011-01-12 | 2 | -2/+2 |
* | Fix typos. | Rebecca Cran | 2010-11-09 | 1 | -1/+1 |
* | Add missing DTrace probe invocation to mac_vnode_check_open; the probe | Robert Watson | 2010-10-23 | 1 | -0/+2 |
* | Replace sbuf_overflowed() with sbuf_error(), which returns any error | Matthew D Fleming | 2010-09-10 | 1 | -1/+1 |
* | Add an extra comment to the SDT probes definition. This allows us to get | Rui Paulo | 2010-08-22 | 2 | -13/+15 |
* | Add a case to make sure that internal audit records get converted | Christian S.J. Peron | 2010-05-04 | 1 | -0/+1 |
* | Update device-labeling logic for Biba, LOMAC, and MLS to recognize new-style | Robert Watson | 2010-03-02 | 3 | -0/+3 |
* | Make sure we convert audit records that were produced as the result of the | Christian S.J. Peron | 2010-01-31 | 1 | -0/+7 |
* | Replace the static NGROUPS=NGROUPS_MAX+1=1024 with a dynamic | Brooks Davis | 2010-01-12 | 1 | -2/+2 |
* | Make mac_lomac(4) able to interpret NFSv4 access bits. | Edward Tomasz Napierala | 2010-01-03 | 1 | -1/+1 |
* | Having thrown the cat out of the house, add a necessary include. | Poul-Henning Kamp | 2009-09-08 | 1 | -0/+1 |
* | Revert previous commit and add myself to the list of people who should | Poul-Henning Kamp | 2009-09-08 | 1 | -1/+0 |
* | Add necessary include. | Poul-Henning Kamp | 2009-09-08 | 1 | -0/+1 |
* | Correctly audit real gids following changes to the audit record argument | Robert Watson | 2009-08-12 | 1 | -1/+1 |
* | Eliminate ARG_UPATH[12] arguments to AUDIT_ARG_UPATH() and instead | Robert Watson | 2009-07-29 | 3 | -89/+89 |
* | Rework vnode argument auditing to follow the same structure, in order | Robert Watson | 2009-07-28 | 3 | -34/+50 |
* | Audit file descriptors passed to fooat(2) system calls, which are used | Robert Watson | 2009-07-28 | 6 | -83/+184 |
* | Import OpenBSM 1.1p1 from vendor branch to 8-CURRENT, populating | Robert Watson | 2009-07-17 | 2 | -8/+121 |
* | Create audit records for AUE_POSIX_OPENPT, currently w/o arguments. | Robert Watson | 2009-07-02 | 1 | -0/+1 |
* | Fix comment misthink. | Robert Watson | 2009-07-02 | 1 | -1/+1 |
* | Clean up a number of aspects of token generation from audit arguments to | Robert Watson | 2009-07-02 | 1 | -69/+55 |
* | For access(2) and eaccess(2), audit the requested access mode. | Robert Watson | 2009-07-01 | 1 | -2/+9 |
* | Define missing audit argument macro AUDIT_ARG_SOCKET(), and | Robert Watson | 2009-07-01 | 1 | -0/+6 |
* | When auditing unmount(2), capture FSID arguments as regular text strings | Robert Watson | 2009-07-01 | 1 | -0/+8 |
* | Audit the file descriptor number passed to lseek(2). | Robert Watson | 2009-07-01 | 1 | -1/+1 |
* | udit the 'options' argument to wait4(2). | Robert Watson | 2009-07-01 | 1 | -0/+4 |
* | Dynamically allocate the gidset field in audit record. | Stacey Son | 2009-06-29 | 3 | -2/+13 |
* | Replace AUDIT_ARG() with variable argument macros with a set more more | Robert Watson | 2009-06-27 | 2 | -15/+174 |
* | Implement global and per-uid accounting of the anonymous memory. Add | Konstantin Belousov | 2009-06-23 | 2 | -0/+4 |
* | Chase the removal of PRIV_TTY_PRISON in the mac(9) modules. | Ed Schouten | 2009-06-20 | 2 | -2/+0 |
* | Adapt vfs kqfilter to the shared vnode lock used by zfs write vop. Use | Konstantin Belousov | 2009-06-10 | 1 | -2/+1 |
* | Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC | Robert Watson | 2009-06-05 | 1 | -2/+0 |
* | Add one further check with mac_policy_count to an mbuf copying case | Robert Watson | 2009-06-03 | 1 | -0/+3 |
* | Continue work to optimize performance of "options MAC" when no MAC policy | Robert Watson | 2009-06-03 | 10 | -94/+328 |
* | By default, label all network interfaces as biba/equal on attach. This | Robert Watson | 2009-06-03 | 1 | -1/+1 |
* | Mark MAC Framework sx and rm locks as NOWITNESS to suppress warnings that | Robert Watson | 2009-06-02 | 1 | -2/+2 |
* | Add internal 'mac_policy_count' counter to the MAC Framework, which is a | Robert Watson | 2009-06-02 | 3 | -22/+70 |
* | Make the rmlock(9) interface a bit more like the rwlock(9) interface: | Robert Watson | 2009-05-29 | 1 | -1/+1 |
* | Add hierarchical jails. A jail may further virtualize its environment | Jamie Gritton | 2009-05-27 | 1 | -2/+2 |
* | Convert the MAC Framework from using rwlocks to rmlocks to stabilize | Robert Watson | 2009-05-27 | 2 | -21/+32 |
* | Remove the thread argument from the FSD (File-System Dependent) parts of | Attilio Rao | 2009-05-11 | 1 | -1/+1 |
* | Rename MAC Framework-internal macros used to invoke policy entry points: | Robert Watson | 2009-05-01 | 18 | -304/+339 |
* | Temporarily relax the constraints on argument size checking for A_GETCOND; | Robert Watson | 2009-04-19 | 1 | -12/+6 |
* | Merge OpenBSM 1.1 changes to the FreeBSD 8.x kernel: | Robert Watson | 2009-04-19 | 7 | -44/+225 |
* | Merge new kernel files from OpenBSM 1.1: audit_fcntl.h and | Robert Watson | 2009-04-16 | 1 | -0/+290 |
* | Remove D_NEEDGIANT from audit pipes. I'm actually not sure why this was | Robert Watson | 2009-04-16 | 1 | -1/+1 |