aboutsummaryrefslogtreecommitdiff
path: root/sys/security/mac_veriexec
Commit message (Expand)AuthorAgeFilesLines
* MAC: mac_policy.h: Declare common MAC sysctl and jail parameters' nodesOlivier Certner2024-12-161-2/+0
* procfs require PRIV_PROC_MEM_WRITE to write memSimon J. Gerraty2024-09-191-0/+1
* veriexec: Simplify the initialization of loader tunableZhenlei Huang2023-11-031-6/+2
* mac_veriexec ensure label fields are initializedSimon J. Gerraty2023-07-061-4/+2
* veriexec: Do not save error from file info in fingerprint statusStephen J. Kiernan2023-06-091-3/+3
* veriexec: Add function to get label associated with a fileSteve Kiernan2023-04-172-0/+27
* veriexec: Add option MAC_VERIEXEC_DEBUGSteve Kiernan2023-04-173-5/+6
* veriexec: mac_veriexec_syscall compat32 supportSimon J. Gerraty2023-04-171-0/+62
* veriexec: Additional functionality for MAC/veriexecSteve Kiernan2023-04-174-32/+144
* veriexec: Add SPDX-License-IdentifierStephen J. Kiernan2023-04-179-18/+18
* mac_veriexec: add mac_priv_grant check for NODEVSimon J. Gerraty2023-04-162-1/+38
* veriexec: Improve commentsWarner Losh2023-03-151-14/+15
* Increase protection provided by veriexec with new unlink/rename hooks.dl2023-03-141-8/+155
* mac_veriexec: Authorize reads of secured sysctlsWojciech Macek2022-06-291-1/+1
* mac_veriexec: Fix a typo in a source code commentGordon Bergling2022-03-271-1/+1
* vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd)Mateusz Guzik2022-03-241-1/+1
* vfs: remove the unused thread argument from NDINIT*Mateusz Guzik2021-11-251-1/+1
* Fix mac_veriexec version mismatchWojciech Macek2021-07-291-1/+1
* Convert remaining cap_rights_init users to cap_rights_init_oneMateusz Guzik2021-01-121-2/+2
* security: clean up empty lines in .c and .h filesMateusz Guzik2020-09-011-1/+0
* mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writersSimon J. Gerraty2020-06-121-1/+1
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-262-4/+7
* vfs: eliminate v_tag from struct vnodeMateusz Guzik2020-01-071-9/+22
* vfs: drop the mostly unused flags argument from VOP_UNLOCKMateusz Guzik2020-01-031-1/+1
* Add a new ioctl for the larger params struct that includes the label.Stephen J. Kiernan2019-05-173-53/+117
* Obtain a shared lock instead of exclusive in the MAC/veriexecStephen J. Kiernan2019-05-171-1/+2
* sysctls which should be restricted when securelevel is raised should alsoStephen J. Kiernan2019-05-171-2/+20
* Fix format strings for some debug messages that could have arguments thatStephen J. Kiernan2019-05-171-9/+12
* Ensure we have obtained a lock on the process before callingStephen J. Kiernan2019-05-171-1/+10
* Add mpo_vnode_check_setmode MAC method to MAC/veriexec.Stephen J. Kiernan2018-07-141-0/+33
* Fix a typo which could cause a build breakage when building with MAC/veriexecStephen J. Kiernan2018-07-142-2/+1
* Remove RIPEMD-160 fingerprint modules for veriexec, since it has veryStephen J. Kiernan2018-07-141-45/+0
* Fix build breakage in veriexec for 32-bit architectures.Stephen J. Kiernan2018-06-202-23/+28
* MAC/veriexec implements a verified execution environment using the MACStephen J. Kiernan2018-06-2010-0/+2454
generated by cgit v1.3 (git 2.53.0) at 2026-04-16 20:27:58 +0000