| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2008-09-12 | Remove bzero/memset calls after pool_gets by passing the PR_ZERO | Bret Lambert | |
| flag to the pool_get call. ok art@, krw@ | |||
| 2008-01-05 | return with ENOTTY instead of EINVAL for unknown ioctl requests. | Brad Smith | |
| ok krw@ deraadt@ dlg@ | |||
| 2007-09-11 | KNF | Gilles Chehade | |
| prompted and "much better" by marco@, ok pyr@ | |||
| 2007-09-10 | more MALLOC/FREE -> malloc/free and M_ZERO changes | Gilles Chehade | |
| ok pyr@ | |||
| 2007-03-15 | Since p_flag is often manipulated in interrupts and without biglock | Artur Grabowski | |
| it's a good idea to use atomic.h operations on it. This mechanic change updates all bit operations on p_flag to atomic_{set,clear}bits_int. Only exception is that P_OWEUPC is set by MI code before calling need_proftick and it's automatically cleared by ADDUPC. There's no reason for MD handling of that flag since everyone handles it the same way. kettenis@ ok | |||
| 2006-10-06 | fix an exploitable integer overflow found by Chris Evans of Google | Damien Miller | |
| Security; ok deraadt | |||
| 2006-05-28 | Allow len == 1 in systrace_fname(), so systraced processes can proceed | Pedro Martelletto | |
| their *stat() calls, for example, and get ENOENT, which is expected for "", instead of a forced EINVAL. Fixes the spurious 'rm: : Invalid argument' warnings when building with option USE_SYSTRACE, reported on ports@. Okay provos@ sturm@ deraadt@ | |||
| 2006-05-23 | Replace lockmgr with rwlock; 'i think so' tedu@, ok sturm@ | Aleksander Piotrowski | |
| 2005-12-11 | Replace procfs_domem() with a similar interface, process_domem(), which lives | Miod Vallat | |
| out of procfs and gets a ptrace request PT_{READ,WRITE}_{I,D} as argument; also procfs_checkioperm() becomes process_checkioperm(). From art@ some time ago; ok kettenis@ pedro@ | |||
| 2005-11-19 | Remove unnecessary lockmgr() archaism that was costing too much in terms | Pedro Martelletto | |
| of panics and bugfixes. Access curproc directly, do not expect a process pointer as an argument. Should fix many "process context required" bugs. Incentive and okay millert@, okay marc@. Various testing, thanks. | |||
| 2005-04-17 | Intermediate cast of strio_offs -> uio_offset should be u_long not long | Todd C. Miller | |
| since otherwise a very high kernel address would be stored as a negative offset. From NetBSD (christos). | |||
| 2004-11-07 | add a new message: inject. this allows the tracer to to inject buffers into | marius eriksen | |
| the stackgap. this in turn allows for argument replacement with indirection. for example replacing an entire envp or struct pollfd. ok provos@ millert@ | |||
| 2004-07-07 | fix an issue when scripts are exec'd under systrace where | marius eriksen | |
| the argv[0] would be normalized, and hence break scripts that depend on how they were called. this fixes an issue in the ports builds. ok provos@ deraadt@; lots of testing during hackathon sturm@ naddy@ | |||
| 2004-06-23 | a few fixes to systrace | marius eriksen | |
| - add an exec message so that whenever a set-uid/gid process exec's a new image which we may control, the exec does not go by unnoticed. - take special care to check for P_SUGIDEXEC as well as P_SUGID, corresponding to the same changes that were made in the ptrace code a while ago ok niels@, sturm@; thanks to naddy for testing | |||
| 2003-10-21 | typos from Tom Cosgrove; | Jason McIntyre | |
| 2003-10-08 | originally from cb@netbsd.org, adapted by provos | Nikolay Sturm | |
| itojun@ ok fix a race condition between path resolution in userland and the subsequent namei(): inform the kernel portion of valid filenames and then disallow symlink lookups for those filenames by means of a hook in namei(). with suggestions from provos@ also, add (currently unused) seqnr field to struct systrace_replace, from provos@ | |||
| 2003-09-23 | Replace select backends with poll backends. selscan() and pollscan() | Todd C. Miller | |
| now call the poll backend. With this change we implement greater poll(2) functionality instead of emulating it via the select backend. Adapted from NetBSD and including some changes from FreeBSD. Tested by many, deraadt@ OK | |||
| 2003-08-15 | change arguments to suser. suser now takes the process, and a flags | Ted Unangst | |
| argument. old cred only calls user suser_ucred. this will allow future work to more flexibly implement the idea of a root process. looks like something i saw in freebsd, but a little different. use of suser_ucred vs suser in file system code should be looked at again, for the moment semantics remain unchanged. review and input from art@ testing and further review miod@ | |||
| 2003-06-16 | - limited number of processes per systrace | Jun-ichiro itojun Hagino | |
| - escape fixes for special characters markus, sturm ok. from provos | |||
| 2003-03-28 | unbreak | Henning Brauer | |
| STRIOCCLONE and SYSTR_CLONE have the same value now ok mickey@ | |||
| 2003-02-20 | Fix a crash in the systrace found by form@ | Artur Grabowski | |
| One is a kernel fix that changes the lockin and one is a userland fix that prevents dereferencing a freed pointer. From provos deraadt@ ok | |||
| 2002-12-12 | statement after label. | Artur Grabowski | |
| 2002-12-04 | rename the clone ioctl to avoid clashing w/ the sockio; provos@ ok | Michael Shalayeff | |
| 2002-11-10 | Be more careful with illegal syscall numbers. | Artur Grabowski | |
| 2002-10-25 | add id tags. | Federico G. Schwindt | |
| 2002-10-16 | support for privilege elevation. | Jun-ichiro itojun Hagino | |
| with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos | |||
| 2002-10-09 | new message to track uid/gid changes | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-08-28 | cast size_t to u_long on printing. from netbsd | Jun-ichiro itojun Hagino | |
| 2002-08-07 | return EBUSY in processready | Niels Provos | |
| 2002-07-30 | minor KNF. pid_t is unsigned. | Jun-ichiro itojun Hagino | |
| 2002-07-30 | whitespace at EOL | Jun-ichiro itojun Hagino | |
| 2002-07-24 | better uid/gid tracking; okay deraadt@ | Niels Provos | |
| 2002-07-23 | prevent double free in some error conditions; from xs@kittenz.org | Niels Provos | |
| 2002-07-22 | add seqnr to message from kernel, userland needs to quote correct seqnr. | Niels Provos | |
| avoids problems where tsleep has been interrupted by a signal. | |||
| 2002-07-21 | two more missing systrace_lock | Jun-ichiro itojun Hagino | |
| 2002-07-21 | need systrace_lock/unlock around lockmgr lock operation. provos ok | Jun-ichiro itojun Hagino | |
| 2002-07-20 | comment clarification. niels ok | Jun-ichiro itojun Hagino | |
| 2002-07-19 | minor KNF | Jun-ichiro itojun Hagino | |
| 2002-07-19 | whitespace | Jun-ichiro itojun Hagino | |
| 2002-07-19 | tabify | Jun-ichiro itojun Hagino | |
| 2002-07-13 | do not call unlock when the lock is not locked; found by millert@ | Niels Provos | |
| 2002-07-12 | in the error case, just remove an installed argument replacement, it is not | Niels Provos | |
| needed | |||
| 2002-06-21 | system call argument rewriting framework via stackgap; okay art@ | Niels Provos | |
| 2002-06-10 | more __FUNCTION__ slaughter | Marc Espie | |
| 2002-06-10 | new ioctl that reports the current emulation a process uses; needed for | Niels Provos | |
| attaching to a running process | |||
| 2002-05-19 | make fsystrace available in systrace.h; keep some more stats. | Niels Provos | |
| 2002-05-18 | when detaching form a process don't forget to remove posted messages. | Niels Provos | |
| 2002-05-16 | systrace facility, used to enforce and generate policies for system calls | Niels Provos | |
| okay deraadt@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |