| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | audit: rework AUDIT_SYSCLOSE | Mateusz Guzik | 2020-12-17 | 2 | -8/+4 |
| * | pipe: allow for lockless pipe_stat | Mateusz Guzik | 2020-11-19 | 3 | -3/+30 |
| * | mac_framework.h: fix build with DEBUG_VFS_LOCKS and !MAC | Andriy Gapon | 2020-09-03 | 1 | -1/+1 |
| * | security: clean up empty lines in .c and .h files | Mateusz Guzik | 2020-09-01 | 13 | -22/+4 |
| * | cache: drop the always curthread argument from reverse lookup routines | Mateusz Guzik | 2020-08-24 | 1 | -1/+1 |
| * | vfs: add VOP_STAT | Mateusz Guzik | 2020-08-07 | 1 | -1/+1 |
| * | mac: even up all entry points to the same scheme | Mateusz Guzik | 2020-08-06 | 1 | -7/+38 |
| * | vfs: add a cheaper entry for mac_vnode_check_access | Mateusz Guzik | 2020-08-05 | 3 | -2/+17 |
| * | Fix tinderbox build after r363714 | Mateusz Guzik | 2020-07-30 | 1 | -0/+8 |
| * | vfs: elide MAC-induced locking on rename if there are no relevant hoooks | Mateusz Guzik | 2020-07-29 | 2 | -0/+7 |
| * | vfs: add the infrastructure for lockless lookup | Mateusz Guzik | 2020-07-25 | 1 | -1/+2 |
| * | vfs: fix vn_poll performance with either MAC or AUDIT | Mateusz Guzik | 2020-07-16 | 2 | -1/+16 |
| * | vfs: fix MAC/AUDIT mismatch in vn_poll | Mateusz Guzik | 2020-07-16 | 1 | -0/+10 |
| * | audit: provide AUDITING_TD for !AUDIT case | Mateusz Guzik | 2020-07-04 | 1 | -0/+2 |
| * | mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers | Simon J. Gerraty | 2020-06-12 | 1 | -1/+1 |
| * | Deduplicate fsid comparisons | Ryan Moeller | 2020-05-21 | 2 | -4/+3 |
| * | Add BSM record conversion for a number of syscalls: | Christian S.J. Peron | 2020-05-16 | 1 | -0/+34 |
| * | audit_canon_path_vp: don't panic if cdir == NULL | Kyle Evans | 2020-04-17 | 1 | -2/+7 |
| * | mac_policy: Remove mac_policy_sx | Jason A. Harmening | 2020-04-04 | 1 | -8/+3 |
| * | Make sure we convert internal audit records for thr_new | Christian S.J. Peron | 2020-03-30 | 1 | -0/+3 |
| * | In r358471, we interrupted the case block that would eventually lead | Christian S.J. Peron | 2020-03-03 | 1 | -9/+10 |
| * | fd: move vnodes out of filedesc into a dedicated structure | Mateusz Guzik | 2020-03-01 | 1 | -15/+12 |
| * | Currently kernel audit events for jail_set(2), jail_get(2), jail_attach(2), | Christian S.J. Peron | 2020-02-29 | 1 | -0/+16 |
| * | Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) | Pawel Biernacki | 2020-02-26 | 15 | -19/+36 |
| * | audit: provide audit_canon_path variant which accepts vnodes | Mateusz Guzik | 2020-02-21 | 4 | -23/+103 |
| * | audit: simplify path resolving logic | Mateusz Guzik | 2020-02-21 | 1 | -49/+26 |
| * | audit: rely on use count instead of hold count in audit_canon_path | Mateusz Guzik | 2020-02-21 | 1 | -9/+6 |
| * | vfs: add realpathat syscall | Mateusz Guzik | 2020-02-20 | 1 | -0/+1 |
| * | Merge audit and systrace checks | Mateusz Guzik | 2020-02-14 | 1 | -3/+6 |
| * | Annotate branches in the syscall path | Mateusz Guzik | 2020-02-14 | 1 | -1/+1 |
| * | vfs: use mac fastpath for lookup, open, read, write, mmap | Mateusz Guzik | 2020-02-13 | 3 | -15/+124 |
| * | mac: implement fast path for checks | Mateusz Guzik | 2020-02-13 | 3 | -4/+118 |
| * | vfs: eliminate v_tag from struct vnode | Mateusz Guzik | 2020-01-07 | 1 | -9/+22 |
| * | vfs: drop the mostly unused flags argument from VOP_UNLOCK | Mateusz Guzik | 2020-01-03 | 7 | -13/+13 |
| * | mac: use a sleepable rmlock instead of an sx lock | Mateusz Guzik | 2019-12-27 | 1 | -2/+6 |
| * | Instead of looking up a predecessor or successor to the current map | Doug Moore | 2019-11-20 | 1 | -4/+5 |
| * | Jail and capability mode for shm_rename; add audit support for shm_rename | David Bright | 2019-11-18 | 1 | -0/+10 |
| * | Define wrapper functions vm_map_entry_{succ,pred} to act as wrappers | Doug Moore | 2019-11-13 | 1 | -1/+2 |
| * | Define macro VM_MAP_ENTRY_FOREACH for enumerating the entries in a vm_map. | Doug Moore | 2019-10-08 | 1 | -1/+1 |
| * | vm_map_simplify_entry considers merging an entry with its two | Doug Moore | 2019-08-25 | 1 | -1/+1 |
| * | Fix mac_veriexec_parser build after r347938 | Marcin Wojtas | 2019-08-08 | 1 | -1/+3 |
| * | Extract eventfilter declarations to sys/_eventfilter.h | Conrad Meyer | 2019-05-20 | 2 | -0/+3 |
| * | Add a new ioctl for the larger params struct that includes the label. | Stephen J. Kiernan | 2019-05-17 | 3 | -53/+117 |
| * | Obtain a shared lock instead of exclusive in the MAC/veriexec | Stephen J. Kiernan | 2019-05-17 | 1 | -1/+2 |
| * | sysctls which should be restricted when securelevel is raised should also | Stephen J. Kiernan | 2019-05-17 | 1 | -2/+20 |
| * | Fix format strings for some debug messages that could have arguments that | Stephen J. Kiernan | 2019-05-17 | 1 | -9/+12 |
| * | Ensure we have obtained a lock on the process before calling | Stephen J. Kiernan | 2019-05-17 | 1 | -1/+10 |
| * | When MAC is enabled and a policy module is loaded, don't unconditionally | Robert Watson | 2019-05-03 | 3 | -26/+51 |
| * | Create kernel module to parse Veriexec manifest based on envs | Marcin Wojtas | 2019-04-03 | 1 | -0/+474 |
| * | Create new EINTEGRITY error with message "Integrity check failed". | Kirk McKusick | 2019-01-17 | 1 | -0/+7 |
