summaryrefslogtreecommitdiff
path: root/sys/kern/kern_pledge.c
AgeCommit message (Expand)Author
2017-01-23Backwards compat for pledge "ioctl" for about a weekTheo de Raadt
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
2017-01-23whitespaceTheo de Raadt
2017-01-21p_comm is the process's command and isn't per thread, so move it fromPhilip Guenther
2016-11-13Fix typo in comment: it's vm.loadavg, not kern.loadavg.Theo Buehler
2016-10-27For consistency, allow symlinkat(2) in the same way as symlink(2);Ingo Schwarze
2016-10-21pledge changes needed to support pledging vmd(8) on i386, forthcoming.Mike Larkin
2016-10-06In pledge_namei_wlpath() if resolvpath() errors out early it will notJonathan Gray
2016-10-05Display the process's PID with p->p_p->ps_pid, not p->p_pid.Philip Guenther
2016-09-17NPF > 0 is a better test than SMALL for presence of pf.Ted Unangst
2016-09-04Remove sys_o58_kill since OpenBSD 6.0 has been tagged/released.Joel Sing
2016-08-31Delete unused ioctls and associated macros. Move macros that are stillAlexandre Ratchov
2016-07-28Revert previous commitMike Belopuhov
2016-07-28Convert ifq_deq_{begin,rollback,commit} dance to a single ifq_dequeueMike Belopuhov
2016-07-12remove more noisy messages in "sendfd" and "recvfd"Theo de Raadt
2016-07-11be less noisy on console in case of "recvfd" refusalTheo de Raadt
2016-07-10pledge: use uint64_t instead of int for temporary storing a 64bit integerSebastien Marie
2016-07-10Paranoia: check KTRPOINT() before calling ktrpledge() to guarantee wePhilip Guenther
2016-07-03introduces new promise "chown" to allow changing owner/group with *chown(2) f...Sebastien Marie
2016-06-28in pledgereq (the array for doing correspondance between textual promise as i...Sebastien Marie
2016-06-27Restore the sys_o58_kill system call.Joel Sing
2016-06-27Implement IPV6_MINHOPCOUNT support.Jeremie Courreges-Anglas
2016-06-07per trending style, add continue to empty loops.Ted Unangst
2016-05-31sys_o58_kill is no longer needed for compat.Theo de Raadt
2016-05-31sys_osendsyslog can go away; we have transitioned to the new version withTheo de Raadt
2016-05-27rename(2) operation requires "rpath cpath" at the underlying operationTheo de Raadt
2016-05-15remove chroot(2) from allowed syscalls under pledge(2).Sebastien Marie
2016-04-281) Split pledge whitelist path handling out of pledge_namei() and intoBob Beck
2016-04-25simplifies the check for allowing only promisesSebastien Marie
2016-04-25removes an unneeded check on flags (used historically when tame(2) was usingSebastien Marie
2016-03-30Add getlogin_r syscall that checks and returns errors like userspacePhilip Guenther
2016-03-25Silences compiler warnings, about used uninitialized variables. These lengthsSebastien Marie
2016-03-22allow fpathconf() in stdio mode, since it is an innocuous queryTheo de Raadt
2016-03-21Rename the system call sendsyslog2 to sendsyslog. Keep the old oneAlexander Bluhm
2016-03-16Expose new audio ioctls that do one thing only: start and stop DMA,Alexandre Ratchov
2016-03-15pledge: wl_paths: resolvpath() logic errorSebastien Marie
2016-03-15pledge: wl_paths: corrects a memory leak in error code path and an evaluationSebastien Marie
2016-03-13keep disabled wl_paths for now. the expensiveness impact need to be betterSebastien Marie
2016-03-13reenable wl_paths (whitelisted-paths) in pledge(2)Sebastien Marie
2016-03-13pledge: replace #if 0 printf with DNPRINTF macroSebastien Marie
2016-03-13pledge: let wl_paths works well with chrootSebastien Marie
2016-03-13corrects on off-by-one error in pledge_namei()Sebastien Marie
2016-03-11pledge: define the meaning of passing NULL to one arguments of pledge(2) as "ISebastien Marie
2016-02-17Return ENOTTY for TIOCFLUSH when allowed by pledge but the fd isTodd C. Miller
2016-01-19Check if the vnode type is VBAD (corresponds to disconnectedAlexandre Ratchov
2016-01-18Add SYS_truncate as a "wpath" operation. Omission noticed by tb and sthen.Theo de Raadt
2016-01-09drop "abort" promise, and make it the default behaviour.Sebastien Marie
2016-01-08Add "vmm" pledge to allow restricted ioctl access to /dev/vmm.Reyk Floeter
2016-01-06turn off the whitepath code for now; we're not sure it's ready for releaseTed Unangst
2016-01-06remove unnecessary casts where the incoming type is void *.Ted Unangst