| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-10-18 | Tweak previous: call fatal(), not err(3), for consistency. err.h goes away. | Jeremie Courreges-Anglas | |
| 2015-10-18 | regress pledge: test kill() | Sebastien Marie | |
| since "inet" has PLEDGE_SELF, and now calling kill() to self is permitted with PLEDGE_SELF, try this with "fattr" | |||
| 2015-10-18 | regress pledge: remove cmsg | Sebastien Marie | |
| it has no sens to keep it. | |||
| 2015-10-18 | regress pledge: cpath test | Sebastien Marie | |
| you need to read the directory before creating something in. add rpath | |||
| 2015-10-18 | regress pledge: cmsg is deprecated | Sebastien Marie | |
| 2015-10-18 | regress pledge: tweak a bit the manner to grab hte syscall number | Sebastien Marie | |
| permit debug string be present on the line | |||
| 2015-10-18 | Need native-pledge for id. | Doug Hogan | |
| 2015-10-18 | ld.so no longer needs or uses a bind lock, so stop setting it. This | Philip Guenther | |
| eliminates a chunk of complexity from the libpthread init and the fork wrapper, as it was the bind lock that needed prebinding before use. | |||
| 2015-10-18 | Tadpole/Sun Voyager IIi reported to work via dmesg@ | Jonathan Gray | |
| 2015-10-18 | move SS_DNS socket check from kern_plegde.c to sys_generic.c | Sebastien Marie | |
| this check has nothing to do with pledge(2). make it lives in sys_ioctl() call. while here, move the (fp == NULL) check early and remove duplicate check from pledge_ioctl_check(). ok guenther@ deraadt@ | |||
| 2015-10-18 | Use offsetof() instead of adding the sizes of the preceeding struct members | Philip Guenther | |
| ok millert@ | |||
| 2015-10-18 | Make sure sm_rotate_bak() is only run once. | Antoine Jacoutot | |
| 2015-10-18 | getting sloppy, lost a } | Theo de Raadt | |
| 2015-10-18 | sorry, sdiff -o interactive mode does another spawn | Theo de Raadt | |
| 2015-10-18 | Add "dns" to the pledges. Previously these worked because of "inet", | Theo de Raadt | |
| alas "dns" is now a mandatory statement if you want to do dns! | |||
| 2015-10-18 | Forcibly delete /var/run/ypbind.lock to prepare for the worst cases. | Theo de Raadt | |
| ok aja | |||
| 2015-10-18 | unrelated commit; not ready yet | Theo de Raadt | |
| 2015-10-18 | First casualty of making pledge "dns" mandatory for dns users. | Theo de Raadt | |
| "dns" was missing, and this was relying on "inet" support.. | |||
| 2015-10-18 | Move your drink further away... When a program pledged "getpw" fails to | Theo de Raadt | |
| get a response from a YP server, it will open "/dev/tty" and spit out: 'YP server for domain %s not responding, still trying' For now allow open of /dev/tty for "getpw". I hope to re-architect the libc:YP communication protocol (strategy similar to syslog->sendsyslog, isatty->fcntl, dnssocket/dnsconnect) and then we can reevaluate this. | |||
| 2015-10-18 | after kmem is open and setup, pledge "stdio rpath wpath cpath" | Theo de Raadt | |
| seems to be working. commiting to get feedback from people who crash. | |||
| 2015-10-18 | Collapse some strange programmer style with too much abstraction. | Theo de Raadt | |
| 2015-10-18 | With TIOCSTI supported in pledge "tty proc", csh is good enough to run | Theo de Raadt | |
| with pledge "stdio rpath wpath cpath fattr getpw proc exec tty". (Note that ksh "emacs mode" is also a abus^Wconsumer of TIOCSTI, but we had let that slide for a week since noone uses it...) | |||
| 2015-10-18 | A whole buncha unsigned char casts for ctype function arguments. | mmcc | |
| ok guenther@ | |||
| 2015-10-18 | Use explicit_bzero() when the memory is freed directly afterward. | mmcc | |
| ok deraadt@ | |||
| 2015-10-18 | Use explicit_bzero() when the memory is freed directly afterward. | mmcc | |
| ok deraadt@ | |||
| 2015-10-18 | TIOCSTI and TIOCSCTTY; oops got the condition backwards. | Theo de Raadt | |
| 2015-10-18 | better placement for dnssocket/dnsconnect | Theo de Raadt | |
| 2015-10-18 | Describe dnssocket / dnsconnect arguments | Theo de Raadt | |
| 2015-10-18 | Allow read/write access to /dev/tty when using "tty" pledge. | Doug Hogan | |
| Without this change, you need "rpath" and "wpath" to open /dev/tty. Some applications explicitly open /dev/tty, but deraadt@ found the most common use is indirectly via readpassphrase(). tweak and ok deraadt@ pre-tweak ok millert@, semarie@ | |||
| 2015-10-18 | create libc stubs for dnssocket() and dnsconnect() | Theo de Raadt | |
| 2015-10-18 | sync | Theo de Raadt | |
| 2015-10-18 | Add two new system calls: dnssocket() and dnsconnect(). This creates a | Theo de Raadt | |
| SS_DNS tagged socket which has limited functionality (for example, you cannot accept on them...) The libc resolver will switch to using these, therefore pledge can identify a DNS transaction better. ok tedu guenther kettenis beck and others | |||
| 2015-10-17 | naddy asks me if __tfork should be allowed by "proc". yes! | Theo de Raadt | |
| We may need a better semantic later ("thread"?), but this allows progress, and people can report their experiences. | |||
| 2015-10-17 | connect() to an AF_UNIX socket is really read/write, so tell pledge this | Theo de Raadt | |
| is a RPATH|WPATH operation. Discussed with doug and millert | |||
| 2015-10-17 | Allow the nasty ioctl TIOCSTI in "tty", but also require the "proc" | Theo de Raadt | |
| permission. For now, we'll tighten it down further later. | |||
| 2015-10-17 | better wording in a comment | Theo de Raadt | |
| 2015-10-17 | Unify TIOCGPGRP/TIOCGWINSZ/TIOCGWINSZ behaviour regarding ENOTTY return. | Theo de Raadt | |
| (both "tty" and "ioctl" allow these; they should behave the same) | |||
| 2015-10-17 | Allow TIOCSCTTY on tty devices, if the pledge says "tty id" | Theo de Raadt | |
| worked out with nicm | |||
| 2015-10-17 | whitespace | Theo de Raadt | |
| 2015-10-17 | Rename SYSEXIT() to SYSCALL_END() for consistency with most other archs. | Philip Guenther | |
| No change in resulting object files ok millert@ | |||
| 2015-10-17 | mailaddr_match() allows comparing two struct mailaddr taking into account | Gilles Chehade | |
| catchall and +-tags ok millert@ and jung@ for util.c | |||
| 2015-10-17 | Move the last of the __DBINTERFACE_PRIVATE bits from <db.h> to libc's wrapper | Philip Guenther | |
| and eliminate the now superfluous -D option ok kettenis@ millert@ | |||
| 2015-10-17 | Fix the code that sets up the MCH BAR on systems where the (buggy) BIOS | Mark Kettenis | |
| doesn't do this for us. The code was poking registers on the wrong PCI device. We were just lucky that it worked on most systems. This should fix machines such as the Asus EeePC 701 and get rid of the error: [drm:pid0:i915_gem_detect_bit_6_swizzle] *ERROR* Couldn't read from MC HBAR. Disabling tiling. messages on that machine. | |||
| 2015-10-17 | Tighten pledge: We only write to stdio and never to any files if | Christian Weisgerber | |
| in cat mode (-c, zcat), or in test mode (-t), or if there are no file arguments and there is no -o outfile. Due to fts(3) we require rpath even for compress <in >out. "seems sound" deraadt@ | |||
| 2015-10-17 | Spell all "unexpected mode %u" panics in lower case, not just one of them. | Stefan Sperling | |
| 2015-10-17 | remove some unneccessary macros; from michael reed | Jason McIntyre | |
| 2015-10-17 | add missing underscore; from theo buehler | Jason McIntyre | |
| 2015-10-17 | Fix build with IFMEDIA_DEBUG defined; ok sthen@ | Stefan Sperling | |
| 2015-10-17 | PROTO_NORMAL for pledge(); ok guenther | Theo de Raadt | |
| 2015-10-17 | login_token needs pledge "flock" now. | Alexander Bluhm | |
| OK millert@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |