|
Revision tags: release/11.0.0 |
|
| #
643f6f47 |
| 21-Sep-2016 |
Konstantin Belousov <kib@FreeBSD.org> |
Add PROC_TRAPCAP procctl(2) controls and global sysctl kern.trap_enocap.
Both can be used to cause processes in capability mode to receive
SIGTRAP when ENOTCAPABLE or ECAPMODE errors are returned fr
Add PROC_TRAPCAP procctl(2) controls and global sysctl kern.trap_enocap.
Both can be used to cause processes in capability mode to receive
SIGTRAP when ENOTCAPABLE or ECAPMODE errors are returned from
syscalls.
Idea by: emaste
Reviewed by: oshogbo (previous version), emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D7965
show more ...
|
| #
8f1f370d |
| 01-Sep-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r305087 through r305219.
|
| #
f8fd1a95 |
| 01-Sep-2016 |
Enji Cooper <ngie@FreeBSD.org> |
MFhead @ r305170
|
| #
61bd7ae0 |
| 31-Aug-2016 |
Allan Jude <allanjude@FreeBSD.org> |
Eliminate unnecessary loop in _cap_check()
Calling cap_rights_contains() several times with the same inputs is not
going to produce a different output. The variable being iterated, i, is
never used
Eliminate unnecessary loop in _cap_check()
Calling cap_rights_contains() several times with the same inputs is not
going to produce a different output. The variable being iterated, i, is
never used inside the for loop.
The loop is actually done in cap_rights_contains()
Submitted by: Ryan Moeller <ryan@freqlabs.com>
Reviewed by: oshogbo, ed
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D7369
show more ...
|
|
Revision tags: release/10.3.0 |
|
| #
11d38a57 |
| 28-Oct-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
Sponsored by: Gandi.net
|
| #
f94594b3 |
| 12-Sep-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Finish merging from head, messed up in previous attempt
|
| #
23a32822 |
| 25-Aug-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from HEAD
|
| #
ab875b71 |
| 14-Aug-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Catch up with head, primarily for the 1.14.4.0 firmware.
|
| #
f98ee844 |
| 12-Aug-2015 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r286422 through r286684.
|
|
Revision tags: release/10.2.0 |
|
| #
aa04a06d |
| 11-Aug-2015 |
Ed Schouten <ed@FreeBSD.org> |
Introduce kern_cap_rights_limit().
The existing sys_cap_rights_limit() expects that a cap_rights_t object
lives in userspace. It is therefore hard to call into it from
kernelspace.
Move the interes
Introduce kern_cap_rights_limit().
The existing sys_cap_rights_limit() expects that a cap_rights_t object
lives in userspace. It is therefore hard to call into it from
kernelspace.
Move the interesting bits of sys_cap_rights_limit() into
kern_cap_rights_limit(), so that we can call into it from the CloudABI
compatibility layer.
Obtained from: https://github.com/NuxiNL/freebsd
Differential Revision: https://reviews.freebsd.org/D3314
show more ...
|
| #
98e0ffae |
| 27-May-2015 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge sync of head
|
| #
e6e746bf |
| 25-Mar-2015 |
Glen Barber <gjb@FreeBSD.org> |
MFH: r278968-r280640
Sponsored by: The FreeBSD Foundation
|
| #
c14aafed |
| 18-Mar-2015 |
Navdeep Parhar <np@FreeBSD.org> |
Merge r278538 through r280226.
|
| #
59fa1525 |
| 17-Mar-2015 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Merge from head
|
| #
daf63fd2 |
| 16-Mar-2015 |
Mateusz Guzik <mjg@FreeBSD.org> |
cred: add proc_set_cred helper
The goal here is to provide one place altering process credentials.
This eases debugging and opens up posibilities to do additional work when such
an action is perfor
cred: add proc_set_cred helper
The goal here is to provide one place altering process credentials.
This eases debugging and opens up posibilities to do additional work when such
an action is performed.
show more ...
|
| #
51dd214c |
| 19-Jan-2015 |
Enji Cooper <ngie@FreeBSD.org> |
MFhead @ r277403
|
| #
d899be7d |
| 19-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head: r274132-r277384
Sponsored by: The FreeBSD Foundation
|
| #
8f0ea33f |
| 13-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head revisions r273096-r277147
Sponsored by: The FreeBSD Foundation
|
| #
bbd685e3 |
| 06-Jan-2015 |
Mark Johnston <markj@FreeBSD.org> |
Use crcopysafe(9) to make a copy of a process' credential struct. crcopy(9)
may perform a blocking memory allocation, which is unsafe when holding a
mutex.
Differential Revision: https://reviews.fre
Use crcopysafe(9) to make a copy of a process' credential struct. crcopy(9)
may perform a blocking memory allocation, which is unsafe when holding a
mutex.
Differential Revision: https://reviews.freebsd.org/D1443
Reviewed by: rwatson
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
show more ...
|
|
Revision tags: release/10.1.0 |
|
| #
246e7a2b |
| 02-Sep-2014 |
Neel Natu <neel@FreeBSD.org> |
IFC @r269962
Submitted by: Anish Gupta (akgupt3@gmail.com)
|
| #
ee7b0571 |
| 19-Aug-2014 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge head from 7/28
|
| #
1b833d53 |
| 13-Aug-2014 |
Alexander V. Chernikov <melifaro@FreeBSD.org> |
Sync to HEAD@r269943.
|
| #
a1bf8115 |
| 23-Jul-2014 |
Mateusz Guzik <mjg@FreeBSD.org> |
Prepare fget_unlocked for reading fd table only once.
Some capsicum functions accept fdp + fd and lookup fde based on that.
Add variants which accept fde.
Reviewed by: pjd
MFC after: 1 week
|
|
Revision tags: release/9.3.0 |
|
| #
6cec9cad |
| 03-Jun-2014 |
Peter Grehan <grehan@FreeBSD.org> |
MFC @ r266724
An SVM update will follow this.
|
| #
3b8f0845 |
| 28-Apr-2014 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge head
|