summaryrefslogtreecommitdiff
path: root/sys/kern/kern_pledge.c
AgeCommit message (Expand)Author
2019-06-26allow more video(4) ioctls for the video pledge (required by chromium)Robert Nagy
2019-06-16SYS___realpath is legitimately PLEDGE_STDIO, because the other pledgeTheo de Raadt
2019-05-13Add a kernel implementation of realpath() as __realpath().Bob Beck
2019-02-14Allow *at variant of mkfifo and mknod, too.Florian Obser
2019-01-22#ifdef video junk as required.Theo de Raadt
2019-01-21Add "video" promise.Landry Breuil
2019-01-18delete vmm(4) in i386pd
2019-01-06the pledge handing for access(2) of /var/run/ypbind.lock is artificiallyTheo de Raadt
2019-01-06fold a bunch of similar sysctl cases into a switch.Ted Unangst
2018-11-17Add new KERN_CPUSTATS sysctl(2) so we can identify offline CPUs.cheloha
2018-11-06new sysctl for userland malloc flags, kernel part. ok millert@ deraadt@Otto Moerbeek
2018-09-13When unveil(2) was introduced one break from SYS_access case was removedRicardo Mestre
2018-08-20Preparations for arm64 radeondrm(4) support.Mark Kettenis
2018-08-13The first panic in pledge_namei should only be for ni_pledge == 0Theo de Raadt
2018-08-11Get rid of PLEDGE_STAT, which was a hack used for unveil.Bob Beck
2018-08-02Grammar fix in comment.rob
2018-07-27Add SIOCSIFMTU to the wroute pledge.bket
2018-07-15Restore correct behaviour to pledge for access and stat, which was brokenBob Beck
2018-07-13Unveiling unveil(2).Bob Beck
2018-07-12Add hw.ncpuonline to count the number of online CPUs.cheloha
2018-06-25Implement DRI3/prime support. This allows graphics buffers to be passedMark Kettenis
2018-06-20Grab and/or assert for the KERNEL_LOCK() in in ktrace & pledge.Martin Pieuchot
2018-06-16Introduce "wroute" promise.Florian Obser
2018-06-03on i386, libm does sysctl to discover is the system has SSE. WhitelistTheo de Raadt
2018-04-28Remove redundant error checkkn
2018-03-27Make sure that programs violating a pledge(2) promise or some memoryMartin Pieuchot
2018-01-09Change `so_state' and `so_error' to unsigned int such that they canMartin Pieuchot
2018-01-08Allow TIOCUCNTL issued on a pty(4) master in promise "tty".Martin Pieuchot
2017-12-12pledge()'s 2nd argument becomes char *execpromises, which becomes theTheo de Raadt
2017-12-09More precision in pledge sysctl reportTheo de Raadt
2017-11-17permit IPV6_V6ONLY in sockoptAaron Bieber
2017-10-12Print the word pledge in the kernel log when there is a violation.Alexander Bluhm
2017-10-07In "tty", permitting TIOCSTART is fineTheo de Raadt
2017-10-07permit SYS___set_tcb, upcoming code will require thisTheo de Raadt
2017-09-08If you use sys/param.h, you don't need sys/types.hTheo de Raadt
2017-08-29Remove old deactivated pledge path code. A replacement mechanism isTheo de Raadt
2017-08-21Allow SIOCGIFAFLAG_IN6 and SIOCGIFALIFETIME_IN6 ioctls withFlorian Obser
2017-07-28Allow SIOCGIFDESCR with "route" promise in preparation for pledging snmpd.rob
2017-06-29Due to risks known for decades, TIOCSTI now performs no action, and simplyTheo de Raadt
2017-06-21Permit TIOCSTAT on a tty.Theo de Raadt
2017-06-19Terminate pledge log(9) with newline. This fixes dmesg(8) output.Alexander Bluhm
2017-06-12Pledge is fairly done, so the kernel printf's can be converted to log()Theo de Raadt
2017-06-07Add an acct(5) flag for pledge violations. Then lastcomm(1) showsAlexander Bluhm
2017-06-03Avoid printing garbage when aborting a program that tries to use aTheo Buehler
2017-05-30getrtable() is now permitted in "stdio". It carries no risk factors.Theo de Raadt
2017-05-21Enable radeondrm(4) on loongson to get accelerated graphicsVisa Hankala
2017-05-02Stricter pledge for bpf. ok deraadtMartin Natano
2017-04-29Mark futex(2) as PLEDGE_STDIO like all other thread-related syscalls.Martin Pieuchot
2017-04-28Add futex(2) syscall based on a sane subset of its Linux equivalent.Martin Pieuchot
2017-04-20only 32 bits of the pledgecode were passed up via ktraceTheo de Raadt