summaryrefslogtreecommitdiff
path: root/sys/kern/kern_pledge.c
AgeCommit message (Expand)Author
2017-10-07In "tty", permitting TIOCSTART is fineTheo de Raadt
2017-10-07permit SYS___set_tcb, upcoming code will require thisTheo de Raadt
2017-09-08If you use sys/param.h, you don't need sys/types.hTheo de Raadt
2017-08-29Remove old deactivated pledge path code. A replacement mechanism isTheo de Raadt
2017-08-21Allow SIOCGIFAFLAG_IN6 and SIOCGIFALIFETIME_IN6 ioctls withFlorian Obser
2017-07-28Allow SIOCGIFDESCR with "route" promise in preparation for pledging snmpd.rob
2017-06-29Due to risks known for decades, TIOCSTI now performs no action, and simplyTheo de Raadt
2017-06-21Permit TIOCSTAT on a tty.Theo de Raadt
2017-06-19Terminate pledge log(9) with newline. This fixes dmesg(8) output.Alexander Bluhm
2017-06-12Pledge is fairly done, so the kernel printf's can be converted to log()Theo de Raadt
2017-06-07Add an acct(5) flag for pledge violations. Then lastcomm(1) showsAlexander Bluhm
2017-06-03Avoid printing garbage when aborting a program that tries to use aTheo Buehler
2017-05-30getrtable() is now permitted in "stdio". It carries no risk factors.Theo de Raadt
2017-05-21Enable radeondrm(4) on loongson to get accelerated graphicsVisa Hankala
2017-05-02Stricter pledge for bpf. ok deraadtMartin Natano
2017-04-29Mark futex(2) as PLEDGE_STDIO like all other thread-related syscalls.Martin Pieuchot
2017-04-28Add futex(2) syscall based on a sane subset of its Linux equivalent.Martin Pieuchot
2017-04-20only 32 bits of the pledgecode were passed up via ktraceTheo de Raadt
2017-04-17matthieu@ observes % pax (without any arguments) hits pledge violation,Theo de Raadt
2017-04-13Delete the getlogin59 syscall, which was last used one year, two releases,Philip Guenther
2017-04-11Add SIOCATMARK to allow pledge("inet") programs to call sockatmark(3).Alexander Bluhm
2017-03-30correct NBPFILTER #ifdef'sTheo de Raadt
2017-03-28Allow the multicast ttl/hops and loop options with the mcast pledge.Alexander Bluhm
2017-03-27wrap bpf pledge code in #if BPFFILTERTheo de Raadt
2017-03-26Inside pledge_ioctl, wrap #if's around the complete sub-blocks.Theo de Raadt
2017-03-26For the tape ioctls, recognize that block devices don't exist anymore.Theo de Raadt
2017-03-18The "ioctl" pledge which was had functionality split out into "tape",Theo de Raadt
2017-03-14Allow SIOCGIFXFLAGS in pledge("route") along side SIOCGIFFLAGS, neededFlorian Obser
2017-03-11pax conversion was missed; give this another weekTheo de Raadt
2017-03-11remove pledge "ioctl" backwards compatTheo de Raadt
2017-01-23Backwards compat for pledge "ioctl" for about a weekTheo de Raadt
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
2017-01-23whitespaceTheo de Raadt
2017-01-21p_comm is the process's command and isn't per thread, so move it fromPhilip Guenther
2016-11-13Fix typo in comment: it's vm.loadavg, not kern.loadavg.Theo Buehler
2016-10-27For consistency, allow symlinkat(2) in the same way as symlink(2);Ingo Schwarze
2016-10-21pledge changes needed to support pledging vmd(8) on i386, forthcoming.Mike Larkin
2016-10-06In pledge_namei_wlpath() if resolvpath() errors out early it will notJonathan Gray
2016-10-05Display the process's PID with p->p_p->ps_pid, not p->p_pid.Philip Guenther
2016-09-17NPF > 0 is a better test than SMALL for presence of pf.Ted Unangst
2016-09-04Remove sys_o58_kill since OpenBSD 6.0 has been tagged/released.Joel Sing
2016-08-31Delete unused ioctls and associated macros. Move macros that are stillAlexandre Ratchov
2016-07-28Revert previous commitMike Belopuhov
2016-07-28Convert ifq_deq_{begin,rollback,commit} dance to a single ifq_dequeueMike Belopuhov
2016-07-12remove more noisy messages in "sendfd" and "recvfd"Theo de Raadt
2016-07-11be less noisy on console in case of "recvfd" refusalTheo de Raadt
2016-07-10pledge: use uint64_t instead of int for temporary storing a 64bit integerSebastien Marie
2016-07-10Paranoia: check KTRPOINT() before calling ktrpledge() to guarantee wePhilip Guenther
2016-07-03introduces new promise "chown" to allow changing owner/group with *chown(2) f...Sebastien Marie
2016-06-28in pledgereq (the array for doing correspondance between textual promise as i...Sebastien Marie