Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-09-01 | Export machdep.cpufeature in hex, to avoid - values which made | Theo de Raadt | |
yuo@ grumpy. ok tom guenther yuo | |||
2016-08-27 | Pull in <sys/time.h> for struct timespec | Philip Guenther | |
ok deraadt@ | |||
2016-08-14 | Use int64_t and %ll for CTLTYPE_QUAD nodes. | Philip Guenther | |
Use memcpy() instead of up-casting from char* to long long* ok krw@ | |||
2016-07-27 | correct syntax for baddynamic example. from Holger Mikolon | Ted Unangst | |
2016-07-27 | increase the size of forkstat fields to accomodate large values | Ted Unangst | |
2016-07-20 | Make the size for the syn cache hash array tunable. As we are | Alexander Bluhm | |
swapping between two syn caches for random reseeding anyway, this feature can be added easily. When the cache is empty, there is an opportunity to change the hash size. This allows an admin under SYN flood attack to defend his machine. Suggested by claudio@; OK jung@ claudio@ jmc@ | |||
2016-07-05 | Remove kern.random remnants; OK deraadt@ | Tim van der Molen | |
2016-06-30 | ntpys sysctl was removed | Ted Unangst | |
2016-06-29 | Document arptimeout, arpdown. Prodded by and ok jmc@ | Chris Cappuccio | |
2016-06-18 | Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports | Vincent Gross | |
cannot be bound to by non-root users. Ok millert@ bluhm@ | |||
2016-06-07 | Document the net.inet.tcp.synuselimit sysctl; OK bluhm@ jmc@ | Tim van der Molen | |
2016-06-01 | Kill sysctl net.inet6.ip6.rr_prune | Jeremie Courreges-Anglas | |
We don't support Router Renumbering and there are no plans to change that. ok mpi@ | |||
2016-05-29 | wxabort bits; ok deraadt | Jason McIntyre | |
2016-05-23 | remove the sysctl kern.random counters, since none of the remaining | Theo de Raadt | |
ones are capable of giving valuable works vs does-not-work evidence. ok tedu | |||
2016-05-23 | VOP_REALLOCBLKS() and related code is unused since the removal of | Martin Natano | |
cluster_write(). ok beck zhuk | |||
2016-05-19 | Remove sysctl net.inet6.ip6.v6only | Jeremie Courreges-Anglas | |
This sysctl is a no-op, read-only since it was introduced. There are no plans to support IPv4-mapped addresses on OpenBSD, thus this sysctl is meaningless. Noticed by djm@, ok claudio@ mpi@ sthen@ henning@ | |||
2016-05-04 | Kill #ifdef INET6 occurrences in userland. | Jeremie Courreges-Anglas | |
Prompted by and ok millert@ (tcpdump and libpcap left untouched, the #ifdef force is too strong with those) | |||
2016-03-31 | Don't use .Aq for syntax elements that require ASCII "<>". | Ingo Schwarze | |
Patch from Christian Heckendorf <mbie at ulmus dot me>. OK jmc@ bentley@ | |||
2016-03-03 | Remove option USER_LDT and everything depending on it. | Christian Weisgerber | |
Remove machdep.userldt sysctl. Remove i386_[gs]et_ldt syscall stub from libi386. Remove i386_[gs]et_ldt regression test. ok mlarkin@ millert@ guenther@ | |||
2016-02-29 | delete the kern.emul/KERN_EMUL sysctl bits since there are no | Christian Weisgerber | |
emulations left; ok millert@ deraadt@, jmc@ (man pages) | |||
2015-11-05 | document the other two net.inet6.ip6.ifq variables, ok logan mikeb | Stuart Henderson | |
2015-11-05 | Correct my mistake in the previous patch: | Loganaden Velvindron | |
net.inet6.ip6.ifq -> net.inet6.ip6.ifq.len Pointed out by Mike Belopuhov | |||
2015-11-05 | Add an entry for net.inet6.ip6.ifq that dlg@ committed a while ago. | Loganaden Velvindron | |
OK dlg@ | |||
2015-10-03 | If we care about placing core files from SUID programs in a safe place, | Vadim Zhukov | |
lets do not suggest to provoke races and use -m option of mkdir(1). ok guenther@, "don't care" deraadt@ :) | |||
2015-04-18 | Convert many atoi() calls to strtonum(), adding range checks and failure | Theo de Raadt | |
handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert | |||
2015-02-13 | Direct people to netstat for the new multicast routing sysctls. | Philip Guenther | |
problem noted by dcoppa@ ok claudio@ | |||
2015-02-09 | provide a net.inet6.ip6.ifq sysctl so people can see and fiddle | David Gwynne | |
with the ip6intrq. ok claudio@ | |||
2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt | |
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol) | |||
2015-01-14 | pathconf(1) never happened. | Theo de Raadt | |
ok guenther | |||
2014-12-12 | put global_ptrace here too so users know how to spell it. poke by jmc | Ted Unangst | |
2014-11-19 | delete the KERN_VNODE sysctl. it fails to provide any isolation from the | Ted Unangst | |
kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi | |||
2014-10-26 | Add a format specifier for the printf. | Brad Smith | |
ok guenther@ | |||
2014-10-25 | Remove unnecessary netinet/in_systm.h include. | Lawrence Teo | |
ok millert@ | |||
2014-10-23 | mention hw.perfpolicy; Daniel Jakots | Theo de Raadt | |
2014-09-15 | Remove non-standard <sys/dkstat.h> header. It has not contained anything | Miod Vallat | |
related to disk stastics for almost 17 years, and the remaining userland-visible defines duplicate those found in <sys/sched.h>. Move the remaining _KERNEL defines to <sys/tty.h> where they belong, and update all users to cope with this. ok kettenis@ | |||
2014-08-27 | Nuke net.inet6.icmp6.rediraccept and allow redirects on interfaces | Florian Obser | |
with autoconf enabled. If one is doing SLAAC one does already trust link local icmp6 so the policy for icmp6 redirects should be the same. pointed out by & OK bluhm@; OK henning@ | |||
2014-08-20 | Remove userland bits related to the crypto(4) interface; ok deraadt | Mike Belopuhov | |
2014-08-16 | repair operation of kern.arandom, which will only allow a buffer of | Theo de Raadt | |
512 bytes. As a result, it stopped working... ok miod | |||
2014-07-11 | net.inet6.ip6.accept_rtadv bit the bucket | Henning Brauer | |
ok florian bluhm benno stsp | |||
2014-07-11 | Remove rfc 4620 Node Information Query support (from the kernel). | Sebastian Benoit | |
ok henning@ stu@, Yay! weerd@ | |||
2014-05-07 | Kill the {nd6_,}useloopback buttons, using the loopback interface for | Martin Pieuchot | |
local traffic is not optional. ok mikeb@, stsp@, jca@ | |||
2014-05-07 | missing word in error message. ok millert | Ted Unangst | |
2014-05-07 | delete some crusty casts | Ted Unangst | |
2014-05-04 | tweak previous; | Jason McIntyre | |
2014-05-04 | When kern.nosuidcoredump=3, act like =2 but try to dump cores into | Theo de Raadt | |
the /var/crash/programname/ directory, as root. For instance, # mkdir /var/crash/bgpd/ # chmod 700 /var/crash/bgpd/ # If you skip this step, you are a moron # sysctl kern.nosuidcoredump=3 # bgpd # pkill -ABRT bgpd # ls /var/crash/bgpd/ 14764.core 23207.core 6423.core Of course, in real life the idea is that you don't kill the daemon but it crashes and you collect parallel cores. Careful you don't fill your /var. Further tuneables are being considered. Sorry to be picking on bgpd for this example. I've watched the "too difficult to debug privsep code" angst for far too long. ok guenther | |||
2014-04-27 | sort the ip6 sysctls; | Jason McIntyre | |
2014-04-27 | Document net.inet6.ip6.dad_pending. | Loganaden Velvindron | |
OK from jmc@, and thanks to sthen@ for pointing out my mistake in the first version of the diff. | |||
2014-04-19 | Add missing description for IPv6 mtudisctimeout sysctl and | logan | |
rework the wording for both IPv4 and IPv6. OK from sthen@, henning@ and claudio@ | |||
2014-04-19 | Add missing man page descriptions for the following IPv6 sysctls: | logan | |
-maxdynroutes -maxifprefixes -maxifdefrouters -neighborgcthresh OK from sthen@, claudio@ and henning@ | |||
2014-04-08 | Use VM_UVMEXP instead of VM_METER for memory usages and directly | Martin Pieuchot | |
include <sys/vmmeter.h> where it is needed instead of relying on it being included by <uvm/uvm_extern.h>. miod@ likes it, ok guenther@ |