summaryrefslogtreecommitdiff
path: root/sys/security
AgeCommit message (Expand)Author
4 dayskern: add a mac.label jail parameterKyle Evans
4 dayskern: mac: pull mac_label_copyin_string outKyle Evans
4 daysmac_set_fd(3): add support for jail descriptorsKyle Evans
4 dayskern: mac: add various jail MAC hooksKyle Evans
4 daysmac: add macros for 5-argument SDT probesKyle Evans
4 dayskern: mac: add a MAC label to struct prisonKyle Evans
2025-12-04MAC: Rename mac_cred_create_swapper to mac_cred_create_kproc0John Baldwin
2025-11-24MAC: Use the current thread's user ABI to determine the layout of struct macJohn Baldwin
2025-10-29audit(4): Fix a typo in an kernel error messageGordon Bergling
2025-10-27audit: convert audit event class lookup to locklessAndrew Gallatin
2025-10-18knotes: kqueue: handle copy for trivial filtersKonstantin Belousov
2025-10-13MAC: Use proper prototype for SYSINIT functionsZhenlei Huang
2025-10-13audit: Use proper prototype for SYSINIT functionsZhenlei Huang
2025-09-29MAC/do: Check executable path from the current jail's rootOlivier Certner
2025-09-17MAC/do: Restore matching the first supplementary groupOlivier Certner
2025-09-17MAC/bsdextended: Restore matching subjects' effective GIDOlivier Certner
2025-09-16jail: Optionally allow audit session state to be configured in a jailMark Johnston
2025-09-16Revert "jail: Optionally allow audit session state to be configured in a jail"Mark Johnston
2025-09-15jail: Optionally allow audit session state to be configured in a jailMark Johnston
2025-08-21MAC/do: Rename the internal malloc typeKushagra Srivastava
2025-08-03mac: Remove uses of DEBUG_VFS_LOCKSMark Johnston
2025-07-24kern: adopt the cr_gid macro for cr_groups[0] more widelyKyle Evans
2025-06-18audit: move the wait from the queue length from the commit to allocKonstantin Belousov
2025-06-11machine/stdarg.h -> sys/stdarg.hBrooks Davis
2025-05-27MAC/do: Fix a too stringent debug assertion for a target of 'uid=*'Olivier Certner
2025-05-16grantbylabel_syscall check p_textvp != NULLSimon J. Gerraty
2025-04-02MAC/do: Rules: <from> and <to> parts now to be separated by '>'Olivier Certner
2025-04-02MAC/do: parse_single_rule(): Fix herald comment's first lineOlivier Certner
2025-02-09MAC: mac_biba, mac_lomac: Fix setting loader tunablesZhenlei Huang
2025-02-06audit/audit.c: fix typo KERNEL_PANICED->KERNEL_PANICKEDKonstantin Belousov
2025-02-05audit(9): do not touch VFS if panicingKonstantin Belousov
2025-01-14audit: Fix short-circuiting in syscallenter()Mark Johnston
2024-12-17MAC/do: Fix a compilation warning about an unused functionOlivier Certner
2024-12-16MAC/do: Update copyrightOlivier Certner
2024-12-16MAC/do: Apply a rule on real UID/GID instead of effective onesOlivier Certner
2024-12-16MAC/do: Convert internal TAILQs to STAILQsOlivier Certner
2024-12-16MAC/do: parse_rules(): Tolerate blanks around tokensOlivier Certner
2024-12-16MAC/do: toast_rules(): Minor simplificationOlivier Certner
2024-12-16MAC/do: Interpret the new rules specification; Monitor setcred()Olivier Certner
2024-12-16MAC/do: Introduce rules reference countingOlivier Certner
2024-12-16New setcred() system call and associated MAC hooksOlivier Certner
2024-12-16MAC/do: Output errors when parsing rulesOlivier Certner
2024-12-16MAC/do: Support multiple users and groups as single rule's targetsOlivier Certner
2024-12-16MAC/do: Rename private OSD slot by removing 'mac_do_' prefixOlivier Certner
2024-12-16MAC/do: Ease input/output of ID typesOlivier Certner
2024-12-16MAC/do: Better parsing for IDs (strtoui_strict())Olivier Certner
2024-12-16MAC/do: 'struct rule': IDs and types as 'u_int', rename fieldsOlivier Certner
2024-12-16MAC/do: parse_rule_element(): Bug in parsing the origin IDOlivier Certner
2024-12-16MAC/do: parse_rule_element(): Style, more clarityOlivier Certner
2024-12-16MAC/do: jail_check()/jail_set(): RevampOlivier Certner
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 14:38:09 +0000