Age | Commit message (Expand) | Author |
2015-11-01 | refactor pledge_*_check and pledge_fail functions | Sebastien Marie |
2015-10-25 | Fold "malloc" into "stdio" and -- recognizing that no program so far has | Theo de Raadt |
2015-10-09 | Rename tame() to pledge(). This fairly interface has evolved to be more | Theo de Raadt |
2015-09-28 | track sizes for free in sysctl_diskinit(); ok krw | Theo de Raadt |
2015-09-13 | Rename __sysctl syscall to just sysctl, as the userland wrapper is no longer | Philip Guenther |
2015-09-11 | Convert _TM_ flags to TAME_ flags, collapsing the entire mapping | Theo de Raadt |
2015-09-11 | Only include <sys/tame.h> in the .c files that need it | Philip Guenther |
2015-09-10 | sizes for free(); ok sthen | Theo de Raadt |
2015-09-03 | Fix !INET6 build. | Martin Pieuchot |
2015-08-28 | Rework the UNIX domain socket garbage collector, including ideas from | Philip Guenther |
2015-08-22 | Move to tame(int flags, char *paths[]) API/ABI. | Theo de Raadt |
2015-08-03 | Unfortunately netstat did not show sockets without file descriptors | Alexander Bluhm |
2015-07-19 | tame(2) is a subsystem which restricts programs into a "reduced feature | Theo de Raadt |
2015-05-18 | For each file in sysctl(KERN_FILE_BYFILE), FILLIT() calls fill_file(), | Alexander Bluhm |
2015-03-28 | Replace the hand-crafted list of datagram unix domain sockets with | Alexander Bluhm |
2015-02-11 | Extend struct kinfo_file a bit so that netstat has all the info it needs. | Claudio Jeker |
2015-02-11 | Prefer arg != 0 over arg for non-boolean. nitted kettenis@ | Philip Guenther |
2015-02-11 | sysctl({CTL_KERN, KERN_FILE, KERN_FILE_BYFILE}) previously required | Philip Guenther |
2015-02-09 | Change the way stackgap_random is applied. Instead of applying it within the | Miod Vallat |
2015-01-20 | Move ps_strings "after" the random stackgap. This makes its location a | Mark Kettenis |
2015-01-13 | Add dmesg -s support, to view the output of rc(8) system startup messages. | Marco Pfatschbacher |
2014-12-12 | sysctl kern.global_ptrace. | Ted Unangst |
2014-12-12 | sysctl_proc_vmmap(): Allow retrieving "self" VM mapping without privilege. | Masao Uebayashi |
2014-12-10 | convert bcopy to memcpy. ok millert | Ted Unangst |
2014-12-05 | Allow only root to use KERN_PROC_VMMAP until it is really proven safe. | Masao Uebayashi |
2014-12-05 | Introduce a new sysctl to retrieve VM map entries | Masao Uebayashi |
2014-11-19 | missed a file when removing KERN_VNODE. | Ted Unangst |
2014-11-19 | delete the KERN_VNODE sysctl. it fails to provide any isolation from the | Ted Unangst |
2014-11-16 | Replace a plethora of historical protection options with just | Theo de Raadt |
2014-11-03 | Put the socket splicing fields into a seperate struct sosplice that | Alexander Bluhm |
2014-11-01 | add a few sizes to free | Ted Unangst |
2014-10-17 | redo the performance throttling in the kernel. | Ted Unangst |
2014-10-11 | back out; does not even compile | Theo de Raadt |
2014-10-11 | resurrect a many year old diff. move CPU throttling into the kernel, | Ted Unangst |
2014-09-15 | Remove non-standard <sys/dkstat.h> header. It has not contained anything | Miod Vallat |
2014-09-04 | Remove global cp_time[] array; no longer used now that all arches implement | Miod Vallat |
2014-08-20 | Bye bye /dev/crypto | Mike Belopuhov |
2014-08-18 | dont rely on mbuf.h to provide pool.h. | David Gwynne |
2014-07-22 | Fewer <netinet/in_systm.h> ! | Martin Pieuchot |
2014-07-17 | zero random buf for sysctl too, just in case | Ted Unangst |
2014-07-13 | Introduce PS_NOBROADCASTKILL a process flag that excludes processes from | Claudio Jeker |
2014-07-13 | use mallocarray where arguments are multipled. ok deraadt | Ted Unangst |
2014-07-12 | add a size argument to free. will be used soon, but for now default to 0. | Ted Unangst |
2014-07-08 | decouple struct uvmexp into a new file, so that uvm_extern.h and sysctl.h | Theo de Raadt |
2014-07-08 | pull the rx ring accounting out of the mbuf layer now that its all done | David Gwynne |
2014-07-04 | Track whether a process is a zombie or not yet fully built via flags | Philip Guenther |
2014-06-14 | Rather than truncating KERN_ARND requests silently, return EINVAL | Theo de Raadt |
2014-06-14 | temporarily (maybe 3 weeks?) crank KERN_ARND maximum buffer from 256 | Theo de Raadt |
2014-06-11 | Add bounds checks for CTL_DEBUG sysctl variable. | Matthew Dempsky |
2014-05-17 | When looking at another process, use the data from struct process | Philip Guenther |