| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Rename tame() to pledge(). This fairly interface has evolved to be more |   deraadt | 2015-10-09 | 1 | -4/+4 |
| * | track sizes for free in sysctl_diskinit(); ok krw | deraadt | 2015-09-28 | 1 | -3/+7 |
| * | Rename __sysctl syscall to just sysctl, as the userland wrapper is no longer |   guenther | 2015-09-13 | 1 | -3/+3 |
| * | Convert _TM_ flags to TAME_ flags, collapsing the entire mapping | deraadt | 2015-09-11 | 1 | -2/+2 |
| * | Only include <sys/tame.h> in the .c files that need it | guenther | 2015-09-11 | 1 | -1/+2 |
| * | sizes for free(); ok sthen | deraadt | 2015-09-10 | 1 | -4/+5 |
| * | Fix !INET6 build. |   mpi | 2015-09-03 | 1 | -2/+5 |
| * | Rework the UNIX domain socket garbage collector, including ideas from | guenther | 2015-08-28 | 1 | -2/+2 |
| * | Move to tame(int flags, char *paths[]) API/ABI. | deraadt | 2015-08-22 | 1 | -2/+1 |
| * | Unfortunately netstat did not show sockets without file descriptors |   bluhm | 2015-08-03 | 1 | -19/+59 |
| * | tame(2) is a subsystem which restricts programs into a "reduced feature | deraadt | 2015-07-19 | 1 | -1/+5 |
| * | For each file in sysctl(KERN_FILE_BYFILE), FILLIT() calls fill_file(), | bluhm | 2015-05-18 | 1 | -9/+21 |
| * | Replace the hand-crafted list of datagram unix domain sockets with | bluhm | 2015-03-28 | 1 | -3/+5 |
| * | Extend struct kinfo_file a bit so that netstat has all the info it needs. |   claudio | 2015-02-11 | 1 | -1/+21 |
| * | Prefer arg != 0 over arg for non-boolean. nitted kettenis@ | guenther | 2015-02-11 | 1 | -2/+2 |
| * | sysctl({CTL_KERN, KERN_FILE, KERN_FILE_BYFILE}) previously required | guenther | 2015-02-11 | 1 | -6/+3 |
| * | Change the way stackgap_random is applied. Instead of applying it within the |   miod | 2015-02-09 | 1 | -2/+1 |
| * | Move ps_strings "after" the random stackgap. This makes its location a |   kettenis | 2015-01-20 | 1 | -3/+5 |
| * | Add dmesg -s support, to view the output of rc(8) system startup messages. |   mpf | 2015-01-13 | 1 | -7/+18 |
| * | sysctl kern.global_ptrace. |   tedu | 2014-12-12 | 1 | -1/+8 |
| * | sysctl_proc_vmmap(): Allow retrieving "self" VM mapping without privilege. |   uebayasi | 2014-12-12 | 1 | -7/+11 |
| * | convert bcopy to memcpy. ok millert | tedu | 2014-12-10 | 1 | -3/+3 |
| * | Allow only root to use KERN_PROC_VMMAP until it is really proven safe. | uebayasi | 2014-12-05 | 1 | -1/+6 |
| * | Introduce a new sysctl to retrieve VM map entries | uebayasi | 2014-12-05 | 1 | -1/+101 |
| * | missed a file when removing KERN_VNODE. | tedu | 2014-11-19 | 1 | -3/+1 |
| * | delete the KERN_VNODE sysctl. it fails to provide any isolation from the | tedu | 2014-11-19 | 1 | -3/+1 |
| * | Replace a plethora of historical protection options with just | deraadt | 2014-11-16 | 1 | -2/+2 |
| * | Put the socket splicing fields into a seperate struct sosplice that | bluhm | 2014-11-03 | 1 | -5/+6 |
| * | add a few sizes to free | tedu | 2014-11-01 | 1 | -7/+7 |
| * | redo the performance throttling in the kernel. | tedu | 2014-10-17 | 1 | -20/+9 |
| * | back out; does not even compile | deraadt | 2014-10-11 | 1 | -83/+9 |
| * | resurrect a many year old diff. move CPU throttling into the kernel, | tedu | 2014-10-11 | 1 | -9/+83 |
| * | Remove non-standard <sys/dkstat.h> header. It has not contained anything | miod | 2014-09-15 | 1 | -3/+2 |
| * | Remove global cp_time[] array; no longer used now that all arches implement | miod | 2014-09-04 | 1 | -2/+2 |
| * | Bye bye /dev/crypto |   mikeb | 2014-08-20 | 1 | -16/+1 |
| * | dont rely on mbuf.h to provide pool.h. |   dlg | 2014-08-18 | 1 | -1/+2 |
| * | Fewer <netinet/in_systm.h> ! | mpi | 2014-07-22 | 1 | -2/+1 |
| * | zero random buf for sysctl too, just in case | tedu | 2014-07-17 | 1 | -1/+2 |
| * | Introduce PS_NOBROADCASTKILL a process flag that excludes processes from | claudio | 2014-07-13 | 1 | -1/+48 |
| * | use mallocarray where arguments are multipled. ok deraadt | tedu | 2014-07-13 | 1 | -2/+2 |
| * | add a size argument to free. will be used soon, but for now default to 0. | tedu | 2014-07-12 | 1 | -10/+10 |
| * | decouple struct uvmexp into a new file, so that uvm_extern.h and sysctl.h | deraadt | 2014-07-08 | 1 | -2/+1 |
| * | pull the rx ring accounting out of the mbuf layer now that its all done | dlg | 2014-07-08 | 1 | -3/+3 |
| * | Track whether a process is a zombie or not yet fully built via flags | guenther | 2014-07-04 | 1 | -50/+59 |
| * | Rather than truncating KERN_ARND requests silently, return EINVAL | deraadt | 2014-06-14 | 1 | -2/+2 |
| * | temporarily (maybe 3 weeks?) crank KERN_ARND maximum buffer from 256 | deraadt | 2014-06-14 | 1 | -2/+2 |
| * | Add bounds checks for CTL_DEBUG sysctl variable. |   matthew | 2014-06-11 | 1 | -1/+3 |
| * | When looking at another process, use the data from struct process | guenther | 2014-05-17 | 1 | -21/+21 |
| * | Add PS_SYSTEM, the process-level mirror of the thread-level P_SYSTEM, | guenther | 2014-05-04 | 1 | -15/+9 |
| * | If P_ZOMBIE(pr->ps_mainproc) is true, then (pr->ps_flags & PS_EXITING) | guenther | 2014-05-03 | 1 | -8/+8 |
