| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Jails: Optionally prevent jailed root from binding to privileged ports | Allan Jude | 2017-06-06 | 1 | -3/+14 |
| * | Use inet_ntoa_r() instead of inet_ntoa() throughout the kernel | Eric van Gyzen | 2017-02-16 | 1 | -1/+4 |
| * | Move IPv4-specific jail functions to new file netinet/in_jail.c | Stephen J. Kiernan | 2016-08-09 | 1 | -738/+8 |
| * | Fix a vnode leak when giving a child jail a too-long path when | Jamie Gritton | 2016-06-09 | 1 | -0/+1 |
| * | Re-order some jail parameter reading to prevent a vnode leak. | Jamie Gritton | 2016-06-09 | 1 | -40/+40 |
| * | Clean up some logic in jail error messages, replacing a missing test and | Jamie Gritton | 2016-06-09 | 1 | -12/+10 |
| * | Make sure the OSD methods for jail set and remove can't run concurrently, | Jamie Gritton | 2016-06-09 | 1 | -9/+13 |
| * | Mark jail(2), and the sysctls that it (and only it) uses as deprecated. | Jamie Gritton | 2016-05-30 | 1 | -17/+17 |
| * | sys/kern: spelling fixes in comments. | Pedro F. Giffuni | 2016-04-29 | 1 | -2/+2 |
| * | Delay revmoing the last jail reference in prison_proc_free, and instead | Jamie Gritton | 2016-04-27 | 1 | -10/+34 |
| * | Use crcopysafe in jail_attach. | Jamie Gritton | 2016-04-26 | 1 | -7/+5 |
| * | Pass the current/new jail to PR_METHOD_CHECK, which pushes the call | Jamie Gritton | 2016-04-25 | 1 | -47/+58 |
| * | Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is | Jamie Gritton | 2016-04-25 | 1 | -8/+41 |
| * | Remove the PR_REMOVE flag, which was meant as a temporary marker for | Jamie Gritton | 2016-04-25 | 1 | -3/+1 |
| * | kernel: use our nitems() macro when it is available through param.h. | Pedro F. Giffuni | 2016-04-19 | 1 | -24/+13 |
| * | Fix jail name checking that disallowed anything that starts with '0'. | Jamie Gritton | 2015-12-15 | 1 | -3/+6 |
| * | Speed up rctl operation with large rulesets, by holding the lock | Edward Tomasz Napierala | 2015-11-15 | 1 | -1/+6 |
| * | Add support to the jail framework to be able to mount linsysfs(5) and | Marcelo Araujo | 2015-07-19 | 1 | -0/+16 |
| * | Move chdir/chroot-related fdp manipulation to kern_descrip.c | Mateusz Guzik | 2015-07-11 | 1 | -1/+1 |
| * | Initialise pr_enforce_statfs from the "default" sysctl value and | Bjoern A. Zeeb | 2015-06-17 | 1 | -1/+1 |
| * | Add kern.racct.enable tunable and RACCT_DISABLED config option. | Edward Tomasz Napierala | 2015-04-29 | 1 | -4/+18 |
| * | Do not include if_var.h and in6_var.h into kern_jail.c. It is now possible | Gleb Smirnoff | 2015-03-24 | 1 | -4/+0 |
| * | cred: add proc_set_cred helper | Mateusz Guzik | 2015-03-16 | 1 | -1/+1 |
| * | Format the line properly (wrap before column 80). | Ian Lepore | 2015-02-28 | 1 | -1/+2 |
| * | Export the new osreldate and osrelease jail parms in jail_get(2). | Ian Lepore | 2015-02-28 | 1 | -0/+6 |
| * | Allow the kern.osrelease and kern.osreldate sysctl values to be set in a | Ian Lepore | 2015-02-27 | 1 | -2/+69 |
| * | Add allow.mount.fdescfs jail flag. | Jamie Gritton | 2015-01-28 | 1 | -0/+8 |
| * | Remove the prison flags PR_IP4_DISABLE and PR_IP6_DISABLE, which have been | Jamie Gritton | 2015-01-14 | 1 | -18/+10 |
| * | Don't set prison's pr_ip4s or pr_ip6s to -1. | Jamie Gritton | 2015-01-14 | 1 | -2/+2 |
| * | Avoid unlocking unlocked mutex in RCTL jail code. Specific test case | Edward Tomasz Napierala | 2014-09-09 | 1 | -2/+4 |
| * | Remove AppleTalk support. | Gleb Smirnoff | 2014-03-14 | 1 | -5/+0 |
| * | Remove IPX support. | Gleb Smirnoff | 2014-03-14 | 1 | -6/+0 |
| * | Back out r261266 pending security buy-in. | Jamie Gritton | 2014-01-31 | 1 | -25/+0 |
| * | Add a jail parameter, allow.kmem, which lets jailed processes access | Jamie Gritton | 2014-01-29 | 1 | -0/+25 |
| * | Fix copy/paste typo. | Andrey V. Elsukov | 2013-12-17 | 1 | -1/+1 |
| * | jail_v0.ip_number was always in host byte order. This was handled | Peter Wemm | 2013-11-28 | 1 | -1/+1 |
| * | prison_check_ip4() can take const arguments. | Gleb Smirnoff | 2013-11-01 | 1 | -3/+3 |
| * | The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare | Gleb Smirnoff | 2013-10-26 | 1 | -0/+1 |
| * | Keep PRIV_KMEM_READ permitted inside jails as it is on the outside. | Jamie Gritton | 2013-09-06 | 1 | -0/+7 |
| * | Allow tmpfs be mounted inside jail. | Xin LI | 2013-08-23 | 1 | -0/+8 |
| * | Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't | Jamie Gritton | 2013-05-19 | 1 | -0/+20 |
| * | prison_racct_detach can be called for not fully initialized jail, so make it ... | Mateusz Guzik | 2012-12-18 | 1 | -0/+2 |
| * | Remove the support for using non-mpsafe filesystem modules. | Konstantin Belousov | 2012-10-22 | 1 | -21/+6 |
| * | Fix use-after-free in kern_jail_set() triggered e.g. by attempts | Edward Tomasz Napierala | 2012-05-22 | 1 | -6/+10 |
| * | Don't leak locks in prison_racct_modify(). | Edward Tomasz Napierala | 2012-05-22 | 1 | -1/+4 |
| * | Make racct and rctl correctly handle jail renaming. Previously | Edward Tomasz Napierala | 2012-03-06 | 1 | -8/+71 |
| * | Add procfs to jail-mountable filesystems. | Martin Matuska | 2012-02-29 | 1 | -0/+8 |
| * | Analogous to r232059, add a parameter for the ZFS file system: | Martin Matuska | 2012-02-26 | 1 | -4/+12 |
| * | To improve control over the use of mount(8) inside a jail(8), introduce | Martin Matuska | 2012-02-23 | 1 | -11/+26 |
| * | Add support for mounting devfs inside jails. | Martin Matuska | 2012-02-09 | 1 | -2/+55 |
