summaryrefslogtreecommitdiff
path: root/sys/kern/vfs_syscalls.c
AgeCommit message (Expand)Author
2017-01-23Avoid curproc dance in dupfdopen(), by passing a struct proc *Theo de Raadt
2017-01-15When traversing the mount list, the current mount point is lockedAlexander Bluhm
2017-01-10Fix white spaces. No binary change.Alexander Bluhm
2017-01-10Remove the unused olddp parameter from function dounmount().Alexander Bluhm
2016-09-10Add a noperm mount flag for FFS to be used for building release setsMartin Natano
2016-09-07Remove usermount remnants. ok teduMartin Natano
2016-07-14kern.usermount=1 is unsafe for everyone, since it allows any non-pledgedTheo de Raadt
2016-07-12The only valid flag for unmount(2) is MNT_FORCE, ignore any others.Todd C. Miller
2016-07-06Return EINVAL for mknod/mknodat when dev is -1 (aka VNOVAL).Todd C. Miller
2016-07-03introduces new promise "chown" to allow changing owner/group with *chown(2) f...Sebastien Marie
2016-06-27dovutimens: call vrele(9) before returning EINVALSebastien Marie
2016-06-27sys_revoke: call vrele() before returning ENOTTYSebastien Marie
2016-06-26use error code path instead of return early without calling VOP_ABORTOP() andSebastien Marie
2016-06-01rmdir(2) should return EINVAL not EBUSY when trying to remove ".".Todd C. Miller
2016-05-27W^X violations are no longer permitted by default. A kernel log messageTheo de Raadt
2016-05-15remove chroot(2) from allowed syscalls under pledge(2).Sebastien Marie
2016-03-27When pulling and unmounting an umass USB stick, the file systemAlexander Bluhm
2016-03-19Remove the unused flags argument from VOP_UNLOCK().natano
2016-01-06remove unnecessary casts where the incoming type is void *.Ted Unangst
2016-01-02mmcc noticed that nd.ni_pledge was uninitialized in doopenat() for theTheo de Raadt
2015-12-16in pledged process, setuid/setgid/sticky bits should be ignored.Sebastien Marie
2015-12-16in pledged process, setuid/setgid/sticky bits should be ignored.Sebastien Marie
2015-12-05remove stale lint annotationsTed Unangst
2015-12-04Add pledge "dpath", which provides access to mknod(2) and mkfifo(2).Theo de Raadt
2015-11-20VISTTY check in revoke() is not working well for the non-indirectedTheo de Raadt
2015-11-20Fix whitespace. No binary change.Jonathan Gray
2015-11-18In sys_revoke, inspect the VISTTY flag on the backside of VOP_GETATTR,Theo de Raadt
2015-11-16Permit revoke(2) for a pledge "rpath tty"Theo de Raadt
2015-11-16Only perform revoke(2) on tty cdevs. Others paths return ENOTTY.Theo de Raadt
2015-11-14Add pathconf() to pledge "rpath"; ok guentherTheo de Raadt
2015-11-02move the pledgenote annotation from `struct proc' to `struct nameidata'Sebastien Marie
2015-11-01refactor pledge_*_check and pledge_fail functionsSebastien Marie
2015-10-28mkdir is PLEDGE_CPATH, not PLEDGE_CPATH | PLEDGE_RPATH...Theo de Raadt
2015-10-28remove duplicate setting of p_pledgenote:Sebastien Marie
2015-10-28make sys_chroot() only allowed to be used when pledged, with "rpath id proc".Sebastien Marie
2015-10-28Set pledgenote to PLEDGE_RPATH in chdir & chrootTheo de Raadt
2015-10-25Fold "malloc" into "stdio" and -- recognizing that no program so far hasTheo de Raadt
2015-10-20clear whitelisted-paths view in pledge.Sebastien Marie
2015-10-16Implement real "flock" request and add it to userland programs thatTodd C. Miller
2015-10-14When pledged with "fattr", allow chown to supplimentary groups. ThisTheo de Raadt
2015-10-09Rename tame() to pledge(). This fairly interface has evolved to be moreTheo de Raadt
2015-10-06rmdir() is just a CPATH operation; remove RPATH marker that snuck in.Theo de Raadt
2015-08-31In tame mode, return EPERM for *chown if uid/gid change is not towardsTheo de Raadt
2015-08-31Rather than killing when *chmod is asked to do setuid/setgid, clearTheo de Raadt
2015-08-31KNFTheo de Raadt
2015-08-30For *chmod, allow S_ISTXT in tame mode. I am evaluating what toTheo de Raadt
2015-08-22Move to tame(int flags, char *paths[]) API/ABI.Theo de Raadt
2015-07-20Move the construction of p_tamenote from sys_open() to doopenat(), so thatTheo de Raadt
2015-07-19tame(2) is a subsystem which restricts programs into a "reduced featureTheo de Raadt
2015-05-07Pass a thread pointer instead of its file descriptor table to getvnode(9).Martin Pieuchot