summaryrefslogtreecommitdiff
path: root/sys/kern/kern_pledge.c
AgeCommit message (Expand)Author
2018-06-20Grab and/or assert for the KERNEL_LOCK() in in ktrace & pledge.Martin Pieuchot
2018-06-16Introduce "wroute" promise.Florian Obser
2018-06-03on i386, libm does sysctl to discover is the system has SSE. WhitelistTheo de Raadt
2018-04-28Remove redundant error checkkn
2018-03-27Make sure that programs violating a pledge(2) promise or some memoryMartin Pieuchot
2018-01-09Change `so_state' and `so_error' to unsigned int such that they canMartin Pieuchot
2018-01-08Allow TIOCUCNTL issued on a pty(4) master in promise "tty".Martin Pieuchot
2017-12-12pledge()'s 2nd argument becomes char *execpromises, which becomes theTheo de Raadt
2017-12-09More precision in pledge sysctl reportTheo de Raadt
2017-11-17permit IPV6_V6ONLY in sockoptAaron Bieber
2017-10-12Print the word pledge in the kernel log when there is a violation.Alexander Bluhm
2017-10-07In "tty", permitting TIOCSTART is fineTheo de Raadt
2017-10-07permit SYS___set_tcb, upcoming code will require thisTheo de Raadt
2017-09-08If you use sys/param.h, you don't need sys/types.hTheo de Raadt
2017-08-29Remove old deactivated pledge path code. A replacement mechanism isTheo de Raadt
2017-08-21Allow SIOCGIFAFLAG_IN6 and SIOCGIFALIFETIME_IN6 ioctls withFlorian Obser
2017-07-28Allow SIOCGIFDESCR with "route" promise in preparation for pledging snmpd.rob
2017-06-29Due to risks known for decades, TIOCSTI now performs no action, and simplyTheo de Raadt
2017-06-21Permit TIOCSTAT on a tty.Theo de Raadt
2017-06-19Terminate pledge log(9) with newline. This fixes dmesg(8) output.Alexander Bluhm
2017-06-12Pledge is fairly done, so the kernel printf's can be converted to log()Theo de Raadt
2017-06-07Add an acct(5) flag for pledge violations. Then lastcomm(1) showsAlexander Bluhm
2017-06-03Avoid printing garbage when aborting a program that tries to use aTheo Buehler
2017-05-30getrtable() is now permitted in "stdio". It carries no risk factors.Theo de Raadt
2017-05-21Enable radeondrm(4) on loongson to get accelerated graphicsVisa Hankala
2017-05-02Stricter pledge for bpf. ok deraadtMartin Natano
2017-04-29Mark futex(2) as PLEDGE_STDIO like all other thread-related syscalls.Martin Pieuchot
2017-04-28Add futex(2) syscall based on a sane subset of its Linux equivalent.Martin Pieuchot
2017-04-20only 32 bits of the pledgecode were passed up via ktraceTheo de Raadt
2017-04-17matthieu@ observes % pax (without any arguments) hits pledge violation,Theo de Raadt
2017-04-13Delete the getlogin59 syscall, which was last used one year, two releases,Philip Guenther
2017-04-11Add SIOCATMARK to allow pledge("inet") programs to call sockatmark(3).Alexander Bluhm
2017-03-30correct NBPFILTER #ifdef'sTheo de Raadt
2017-03-28Allow the multicast ttl/hops and loop options with the mcast pledge.Alexander Bluhm
2017-03-27wrap bpf pledge code in #if BPFFILTERTheo de Raadt
2017-03-26Inside pledge_ioctl, wrap #if's around the complete sub-blocks.Theo de Raadt
2017-03-26For the tape ioctls, recognize that block devices don't exist anymore.Theo de Raadt
2017-03-18The "ioctl" pledge which was had functionality split out into "tape",Theo de Raadt
2017-03-14Allow SIOCGIFXFLAGS in pledge("route") along side SIOCGIFFLAGS, neededFlorian Obser
2017-03-11pax conversion was missed; give this another weekTheo de Raadt
2017-03-11remove pledge "ioctl" backwards compatTheo de Raadt
2017-01-23Backwards compat for pledge "ioctl" for about a weekTheo de Raadt
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
2017-01-23whitespaceTheo de Raadt
2017-01-21p_comm is the process's command and isn't per thread, so move it fromPhilip Guenther
2016-11-13Fix typo in comment: it's vm.loadavg, not kern.loadavg.Theo Buehler
2016-10-27For consistency, allow symlinkat(2) in the same way as symlink(2);Ingo Schwarze
2016-10-21pledge changes needed to support pledging vmd(8) on i386, forthcoming.Mike Larkin
2016-10-06In pledge_namei_wlpath() if resolvpath() errors out early it will notJonathan Gray
2016-10-05Display the process's PID with p->p_p->ps_pid, not p->p_pid.Philip Guenther