| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Add a kernel implementation of realpath() as __realpath(). |   beck | 2019-05-13 | 1 | -1/+2 |
| * | Allow *at variant of mkfifo and mknod, too. |   florian | 2019-02-14 | 1 | -1/+3 |
| * | #ifdef video junk as required. |   deraadt | 2019-01-22 | 1 | -2/+4 |
| * | Add "video" promise. |   landry | 2019-01-21 | 1 | -1/+31 |
| * | delete vmm(4) in i386 |   pd | 2019-01-18 | 1 | -2/+2 |
| * | the pledge handing for access(2) of /var/run/ypbind.lock is artificially | deraadt | 2019-01-06 | 1 | -2/+3 |
| * | fold a bunch of similar sysctl cases into a switch. |   tedu | 2019-01-06 | 1 | -53/+43 |
| * | Add new KERN_CPUSTATS sysctl(2) so we can identify offline CPUs. |   cheloha | 2018-11-17 | 1 | -1/+4 |
| * | new sysctl for userland malloc flags, kernel part. ok millert@ deraadt@ |   otto | 2018-11-06 | 1 | -1/+4 |
| * | When unveil(2) was introduced one break from SYS_access case was removed |   mestre | 2018-09-13 | 1 | -1/+2 |
| * | Preparations for arm64 radeondrm(4) support. |   kettenis | 2018-08-20 | 1 | -4/+4 |
| * | The first panic in pledge_namei should only be for ni_pledge == 0 | deraadt | 2018-08-13 | 1 | -3/+3 |
| * | Get rid of PLEDGE_STAT, which was a hack used for unveil. | beck | 2018-08-11 | 1 | -7/+7 |
| * | Grammar fix in comment. |   rob | 2018-08-02 | 1 | -2/+2 |
| * | Add SIOCSIFMTU to the wroute pledge. |   bket | 2018-07-27 | 1 | -1/+5 |
| * | Restore correct behaviour to pledge for access and stat, which was broken | beck | 2018-07-15 | 1 | -12/+8 |
| * | Unveiling unveil(2). | beck | 2018-07-13 | 1 | -17/+68 |
| * | Add hw.ncpuonline to count the number of online CPUs. | cheloha | 2018-07-12 | 1 | -3/+3 |
| * | Implement DRI3/prime support. This allows graphics buffers to be passed | kettenis | 2018-06-25 | 1 | -1/+3 |
| * | Grab and/or assert for the KERNEL_LOCK() in in ktrace & pledge. |   mpi | 2018-06-20 | 1 | -1/+3 |
| * | Introduce "wroute" promise. | florian | 2018-06-16 | 1 | -1/+18 |
| * | on i386, libm does sysctl to discover is the system has SSE. Whitelist | deraadt | 2018-06-03 | 1 | -1/+6 |
| * | Remove redundant error check |   kn | 2018-04-28 | 1 | -2/+2 |
| * | Make sure that programs violating a pledge(2) promise or some memory | mpi | 2018-03-27 | 1 | -1/+3 |
| * | Change `so_state' and `so_error' to unsigned int such that they can | mpi | 2018-01-09 | 1 | -2/+2 |
| * | Allow TIOCUCNTL issued on a pty(4) master in promise "tty". | mpi | 2018-01-08 | 1 | -1/+9 |
| * | pledge()'s 2nd argument becomes char *execpromises, which becomes the | deraadt | 2017-12-12 | 1 | -48/+81 |
| * | More precision in pledge sysctl report | deraadt | 2017-12-09 | 1 | -2/+2 |
| * | permit IPV6_V6ONLY in sockopt |   abieber | 2017-11-17 | 1 | -3/+1 |
| * | Print the word pledge in the kernel log when there is a violation. |   bluhm | 2017-10-12 | 1 | -3/+3 |
| * | In "tty", permitting TIOCSTART is fine | deraadt | 2017-10-07 | 1 | -1/+2 |
| * | permit SYS___set_tcb, upcoming code will require this | deraadt | 2017-10-07 | 1 | -1/+2 |
| * | If you use sys/param.h, you don't need sys/types.h | deraadt | 2017-09-08 | 1 | -2/+1 |
| * | Remove old deactivated pledge path code. A replacement mechanism is | deraadt | 2017-08-29 | 1 | -335/+2 |
| * | Allow SIOCGIFAFLAG_IN6 and SIOCGIFALIFETIME_IN6 ioctls with | florian | 2017-08-21 | 1 | -1/+3 |
| * | Allow SIOCGIFDESCR with "route" promise in preparation for pledging snmpd. | rob | 2017-07-28 | 1 | -1/+2 |
| * | Due to risks known for decades, TIOCSTI now performs no action, and simply | deraadt | 2017-06-29 | 1 | -6/+1 |
| * | Permit TIOCSTAT on a tty. | deraadt | 2017-06-21 | 1 | -1/+2 |
| * | Terminate pledge log(9) with newline. This fixes dmesg(8) output. | bluhm | 2017-06-19 | 1 | -3/+3 |
| * | Pledge is fairly done, so the kernel printf's can be converted to log() | deraadt | 2017-06-12 | 1 | -7/+12 |
| * | Add an acct(5) flag for pledge violations. Then lastcomm(1) shows | bluhm | 2017-06-07 | 1 | -1/+3 |
| * | Avoid printing garbage when aborting a program that tries to use a |   tb | 2017-06-03 | 1 | -4/+8 |
| * | getrtable() is now permitted in "stdio". It carries no risk factors. | deraadt | 2017-05-30 | 1 | -1/+2 |
| * | Enable radeondrm(4) on loongson to get accelerated graphics |   visa | 2017-05-21 | 1 | -2/+3 |
| * | Stricter pledge for bpf. ok deraadt |   natano | 2017-05-02 | 1 | -2/+4 |
| * | Mark futex(2) as PLEDGE_STDIO like all other thread-related syscalls. | mpi | 2017-04-29 | 1 | -2/+2 |
| * | Add futex(2) syscall based on a sane subset of its Linux equivalent. | mpi | 2017-04-28 | 1 | -1/+2 |
| * | only 32 bits of the pledgecode were passed up via ktrace | deraadt | 2017-04-20 | 1 | -2/+2 |
| * | matthieu@ observes % pax (without any arguments) hits pledge violation, | deraadt | 2017-04-17 | 1 | -4/+7 |
| * | Delete the getlogin59 syscall, which was last used one year, two releases, |   guenther | 2017-04-13 | 1 | -2/+1 |
