| Age | Commit message (Expand) | Author |
|---|
| 2021-06-29 | remove arch ifdefs around drm.h include | Jonathan Gray |
| 2021-06-26 | Add powerpc64 and riscv64 to the list of architectures that have DRM. | Mark Kettenis |
| 2021-06-09 | unveil: small cleanup for UNVEIL_INSPECT | Sebastien Marie |
| 2021-04-30 | When terminating via pledge_fail() stop all threads, before issuing a | Theo de Raadt |
| 2021-03-25 | Permit kern.somaxconn when the unix pledge is used. Previously this was only | Aaron Bieber |
| 2021-02-03 | Add SIOCAIFADDR_IN and SIOCDIFADDR_IN to the wroute pledge | tobhe |
| 2021-01-20 | If pledge "wroute" is missing for setsockopt SO_RTABLE, print failure | Alexander Bluhm |
| 2021-01-19 | /etc/malloc.conf path-approval in pledge is no longer needed since 6.5 | Theo de Raadt |
| 2020-10-29 | Add feature to force the selection of source IP address | denis |
| 2020-09-16 | Move duplicated code to send an uncatchable SIGABRT into a function. | Martin Pieuchot |
| 2020-09-16 | put HW_PHYSMEM64 case under CTL_HW not CTL_KERN | Jonathan Gray |
| 2020-09-16 | As discovered by kettenis, recent mesa wants sysctl hw.physmem64, and | Theo de Raadt |
| 2020-07-17 | Allow setsockopt SO_RTABLE when pleding "wroute" soon to be needed | Florian Obser |
| 2020-04-05 | Declare pledgenames[] as const. | Visa Hankala |
| 2020-02-15 | Consistently perform atomic writes to the ps_flags field of struct | anton |
| 2020-02-11 | the pledge_ioctl() rule checker is written in a style which could read | Theo de Raadt |
| 2020-02-05 | Allow programs with the "audio" promise to use the AUDIO_MIXER_xxx ioctls. | Alexandre Ratchov |
| 2020-02-04 | allow reading of sysctl kern.somaxconn in "inet", due to | Theo de Raadt |
| 2020-01-23 | add /etc/protocols to the magic unveil whitelist that the dns pledge has | David Gwynne |
| 2019-12-08 | msyscall(2) is like kbind(2), and should be always permitted. it does | Theo de Raadt |
| 2019-08-25 | Add SIOCDIFADDR_IN6 to the wroute pledge to allow removal of IPv6 addresses | pamela |
| 2019-06-26 | allow more video(4) ioctls for the video pledge (required by chromium) | Robert Nagy |
| 2019-06-16 | SYS___realpath is legitimately PLEDGE_STDIO, because the other pledge | Theo de Raadt |
| 2019-05-13 | Add a kernel implementation of realpath() as __realpath(). | Bob Beck |
| 2019-02-14 | Allow *at variant of mkfifo and mknod, too. | Florian Obser |
| 2019-01-22 | #ifdef video junk as required. | Theo de Raadt |
| 2019-01-21 | Add "video" promise. | Landry Breuil |
| 2019-01-18 | delete vmm(4) in i386 | pd |
| 2019-01-06 | the pledge handing for access(2) of /var/run/ypbind.lock is artificially | Theo de Raadt |
| 2019-01-06 | fold a bunch of similar sysctl cases into a switch. | Ted Unangst |
| 2018-11-17 | Add new KERN_CPUSTATS sysctl(2) so we can identify offline CPUs. | cheloha |
| 2018-11-06 | new sysctl for userland malloc flags, kernel part. ok millert@ deraadt@ | Otto Moerbeek |
| 2018-09-13 | When unveil(2) was introduced one break from SYS_access case was removed | Ricardo Mestre |
| 2018-08-20 | Preparations for arm64 radeondrm(4) support. | Mark Kettenis |
| 2018-08-13 | The first panic in pledge_namei should only be for ni_pledge == 0 | Theo de Raadt |
| 2018-08-11 | Get rid of PLEDGE_STAT, which was a hack used for unveil. | Bob Beck |
| 2018-08-02 | Grammar fix in comment. | rob |
| 2018-07-27 | Add SIOCSIFMTU to the wroute pledge. | bket |
| 2018-07-15 | Restore correct behaviour to pledge for access and stat, which was broken | Bob Beck |
| 2018-07-13 | Unveiling unveil(2). | Bob Beck |
| 2018-07-12 | Add hw.ncpuonline to count the number of online CPUs. | cheloha |
| 2018-06-25 | Implement DRI3/prime support. This allows graphics buffers to be passed | Mark Kettenis |
| 2018-06-20 | Grab and/or assert for the KERNEL_LOCK() in in ktrace & pledge. | Martin Pieuchot |
| 2018-06-16 | Introduce "wroute" promise. | Florian Obser |
| 2018-06-03 | on i386, libm does sysctl to discover is the system has SSE. Whitelist | Theo de Raadt |
| 2018-04-28 | Remove redundant error check | kn |
| 2018-03-27 | Make sure that programs violating a pledge(2) promise or some memory | Martin Pieuchot |
| 2018-01-09 | Change `so_state' and `so_error' to unsigned int such that they can | Martin Pieuchot |
| 2018-01-08 | Allow TIOCUCNTL issued on a pty(4) master in promise "tty". | Martin Pieuchot |
| 2017-12-12 | pledge()'s 2nd argument becomes char *execpromises, which becomes the | Theo de Raadt |
