| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | In order to maximize the re-usability of kernel code in user space this | Kip Macy | 2011-09-16 | 1 | -20/+20 |
| * | Correct several issues in the integration of POSIX shared memory objects | Robert Watson | 2011-09-02 | 3 | -10/+31 |
| * | Add the fo_chown and fo_chmod methods to struct fileops and use them | Konstantin Belousov | 2011-08-16 | 4 | -0/+88 |
| * | Second-to-last commit implementing Capsicum capabilities in the FreeBSD | Robert Watson | 2011-08-11 | 1 | -2/+3 |
| * | - Add a FEATURE for capsicum (security_capabilities). | Alexander Leidinger | 2011-03-04 | 1 | -1/+1 |
| * | Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/ | Alexander Leidinger | 2011-02-25 | 1 | -0/+3 |
| * | Unless "cnt" exceeds MAX_COMMIT_COUNT, nfsrv_commit() and nfsvno_fsync() are | Alan Cox | 2011-02-05 | 1 | -5/+2 |
| * | sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. | Matthew D Fleming | 2011-01-12 | 1 | -1/+1 |
| * | Add missing DTrace probe invocation to mac_vnode_check_open; the probe | Robert Watson | 2010-10-23 | 1 | -0/+2 |
| * | Add an extra comment to the SDT probes definition. This allows us to get | Rui Paulo | 2010-08-22 | 2 | -13/+15 |
| * | Add one further check with mac_policy_count to an mbuf copying case | Robert Watson | 2009-06-03 | 1 | -0/+3 |
| * | Continue work to optimize performance of "options MAC" when no MAC policy | Robert Watson | 2009-06-03 | 5 | -63/+92 |
| * | Mark MAC Framework sx and rm locks as NOWITNESS to suppress warnings that | Robert Watson | 2009-06-02 | 1 | -2/+2 |
| * | Add internal 'mac_policy_count' counter to the MAC Framework, which is a | Robert Watson | 2009-06-02 | 3 | -22/+70 |
| * | Make the rmlock(9) interface a bit more like the rwlock(9) interface: | Robert Watson | 2009-05-29 | 1 | -1/+1 |
| * | Convert the MAC Framework from using rwlocks to rmlocks to stabilize | Robert Watson | 2009-05-27 | 2 | -21/+32 |
| * | Rename MAC Framework-internal macros used to invoke policy entry points: | Robert Watson | 2009-05-01 | 18 | -304/+339 |
| * | Rework MAC Framework synchronization in a number of ways in order to | Robert Watson | 2009-03-14 | 20 | -326/+409 |
| * | Remove 'uio' argument from MAC Framework and MAC policy entry points for | Robert Watson | 2009-03-08 | 3 | -10/+8 |
| * | Rename 'ucred' argument to mac_socket_check_bind() to 'cred' to match | Robert Watson | 2009-03-08 | 1 | -3/+3 |
| * | Improve the consistency of MAC Framework and MAC policy entry point | Robert Watson | 2009-03-08 | 6 | -215/+196 |
| * | Add static DTrace probes for MAC Framework access control checks and | Robert Watson | 2009-03-08 | 17 | -14/+660 |
| * | Reduce the verbosity of SDT trace points for DTrace by defining several | Robert Watson | 2009-03-03 | 1 | -12/+3 |
| * | Use vm_map_entry_t instead of explicit struct vm_map_entry *. | Konstantin Belousov | 2009-02-24 | 1 | -1/+1 |
| * | Use __FBSDID() for $FreeBSD$ version strings in .c files. | Robert Watson | 2009-01-24 | 2 | -4/+6 |
| * | Begin to add SDT tracing of the MAC Framework: add policy modevent, | Robert Watson | 2009-01-24 | 1 | -1/+24 |
| * | Rather than having MAC policies explicitly declare what object types | Robert Watson | 2009-01-10 | 3 | -37/+77 |
| * | Use MPC_OBJECT_IP6Q to indicate labeling of struct ip6q rather than | Robert Watson | 2009-01-10 | 1 | -1/+1 |
| * | Make preparations for resurrecting shared/read locks on vm maps: | Alan Cox | 2008-12-22 | 1 | -4/+2 |
| * | Break out strictly credential-related portions of mac_process.c into a | Robert Watson | 2008-10-28 | 2 | -141/+213 |
| * | Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary | Edward Tomasz Napierala | 2008-10-28 | 3 | -8/+12 |
| * | Rename mac_cred_mmapped_drop_perms(), which revokes access to virtual | Robert Watson | 2008-10-28 | 3 | -16/+14 |
| * | Rename three MAC entry points from _proc_ to _cred_ to reflect the fact | Robert Watson | 2008-10-28 | 3 | -43/+43 |
| * | Add a MAC label, MAC Framework, and MAC policy entry points for IPv6 | Robert Watson | 2008-10-26 | 3 | -3/+129 |
| * | Add mac_inpcb_check_visible MAC Framework entry point, which is similar | Bjoern A. Zeeb | 2008-10-17 | 3 | -0/+16 |
| * | Introduce two related changes to the TrustedBSD MAC Framework: | Robert Watson | 2008-08-23 | 16 | -144/+318 |
| * | Rework the lifetime management of the kernel implementation of POSIX | John Baldwin | 2008-06-27 | 3 | -15/+45 |
| * | Remove the posixsem_check_destroy() MAC check. It is semantically identical | John Baldwin | 2008-06-23 | 3 | -14/+0 |
| * | The TrustedBSD MAC Framework named struct ipq instances 'ipq', which is the | Robert Watson | 2008-06-13 | 3 | -26/+25 |
| * | Plug a memory leak which can occur when multiple MAC policies are loaded | Christian S.J. Peron | 2008-05-27 | 1 | -0/+4 |
| * | When propagating a MAC label from an inpcb to an mbuf, allow read and | Robert Watson | 2008-04-19 | 1 | -1/+1 |
| * | Convert pcbinfo and inpcb mutexes to rwlocks, and modify macros to | Robert Watson | 2008-04-17 | 1 | -3/+3 |
| * | Make naming of include guards for MAC Framework include files more | Robert Watson | 2008-04-13 | 3 | -9/+9 |
| * | Add the support for the AT_FDCWD and fd-relative name lookups to the | Konstantin Belousov | 2008-03-31 | 1 | -0/+1 |
| * | VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in | Attilio Rao | 2008-01-13 | 2 | -4/+4 |
| * | vn_lock() is currently only used with the 'curthread' passed as argument. | Attilio Rao | 2008-01-10 | 2 | -4/+4 |
| * | Add a new file descriptor type for IPC shared memory objects and use it to | John Baldwin | 2008-01-08 | 3 | -0/+187 |
| * | Fix a MAC label leak for POSIX semaphores, in which per-policy labels | Robert Watson | 2007-12-17 | 1 | -0/+1 |
| * | Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework | Robert Watson | 2007-10-28 | 3 | -22/+0 |
| * | Continue to move from generic network entry points in the TrustedBSD MAC | Robert Watson | 2007-10-28 | 4 | -20/+41 |
