freebsd-skq/sys
Jamie Gritton 0e5c6bd436 Make it easier for filesystems to count themselves as jail-enabled,
by doing most of the work in a new function prison_add_vfs in kern_jail.c
Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and
the rest is taken care of.  This includes adding a jail parameter like
allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed.
Both of these used to be a static list of known filesystems, with
predefined permission bits.

Reviewed by:	kib
Differential Revision:	D14681
2018-05-04 20:54:27 +00:00
..
amd64 amd64: get rid of the pessimized bcopy in syscall arg copy 2018-05-04 04:05:07 +00:00
arm Properly support the GPIO_PIN_PRESET_{LOW,HIGH} options when configuring 2018-05-04 19:28:05 +00:00
arm64 Print the dump progress indicator after calling dump_start(). 2018-05-01 17:32:43 +00:00
bsm
cam Refactor dadone(). There was no useful code sharing in it; it was just 2018-05-01 21:42:27 +00:00
cddl Make it easier for filesystems to count themselves as jail-enabled, 2018-05-04 20:54:27 +00:00
compat Make it easier for filesystems to count themselves as jail-enabled, 2018-05-04 20:54:27 +00:00
conf % WITHOUT_FORMAT_EXTENSIONS= XCC=/usr/local/bin/gcc8 make -j96 buildkernel KERNCONF=GENERIC-NODEBUG -s >& log 2018-05-04 19:31:28 +00:00
contrib MFV: r333077 2018-05-01 19:17:38 +00:00
crypto opencrypto: Integrate Chacha20 algorithm into OCF 2018-03-29 04:02:50 +00:00
ddb Restore db_radix on parse error, otherwise we'll silently change it to 2018-04-17 15:44:05 +00:00
dev fix case where pidx_last might be used uninitialized 2018-05-04 18:59:01 +00:00
dts arm: overlays: Update to new path-based sugar format 2018-05-04 14:38:48 +00:00
fs Make it easier for filesystems to count themselves as jail-enabled, 2018-05-04 20:54:27 +00:00
gdb amd64: Protect the kernel text, data, and BSS by setting the RW/NX bits 2018-03-06 14:28:37 +00:00
geom gpart: add fat32lba MBR partition type 2018-05-04 00:34:27 +00:00
gnu gnu/dts: Update our copy of arm dts from Linux 4.16 2018-04-20 19:37:08 +00:00
i386 Implement support for ifuncs in the kernel linker. 2018-05-03 21:37:46 +00:00
isa Revert r330780, it was improperly tested and results in taking a spin 2018-03-11 20:13:15 +00:00
kern Make it easier for filesystems to count themselves as jail-enabled, 2018-05-04 20:54:27 +00:00
kgssapi kgssapi: Remove trivial deadcode 2018-02-14 00:12:03 +00:00
libkern iconv uses strlen directly on user supplied memory 2018-02-26 18:23:36 +00:00
mips Print the dump progress indicator after calling dump_start(). 2018-05-01 17:32:43 +00:00
modules dtb/allwinner: Add a83t-sid overlay 2018-05-03 19:45:48 +00:00
net fix gcc8 warnings 2018-05-04 18:57:05 +00:00
net80211 Use an accessor function to access ifr_data. 2018-03-30 18:50:13 +00:00
netgraph Correct pseudo misspelling in sys/ comments 2018-02-23 18:15:50 +00:00
netinet Immediately propagate EACCES error code to application from tcp_output. 2018-05-04 09:28:12 +00:00
netinet6 Send an ICMPv6 PacketTooBig message in case of forwading a packet which 2018-05-02 22:11:16 +00:00
netipsec Merge r1.22-1.23 from NetBSD: 2018-04-26 12:23:31 +00:00
netpfil Retire ixgb(4) 2018-05-02 15:59:15 +00:00
netsmb Unsign some values related to allocation. 2018-01-22 02:08:10 +00:00
nfs Remove support for FDDI networks. 2018-04-11 17:28:24 +00:00
nfsclient style: Remove remaining deprecated MALLOC/FREE macros 2018-01-25 22:25:13 +00:00
nfsserver
nlm Use syscall_helper_register() to register syscalls and initialize though 2018-02-10 01:09:22 +00:00
ofed Improve copy-and-pasted versions of SIOCGIFADDR. 2018-03-27 20:51:49 +00:00
opencrypto cryptosoft: Do not exceed crd_len around *crypt_multi 2018-04-19 15:24:21 +00:00
powerpc Allow __builtin_memmove instead of bcopy for small buffers of known size 2018-05-04 04:00:48 +00:00
riscv Remove the unused fuwintr() and suiwintr() functions. 2018-04-17 18:04:28 +00:00
rpc
security Use an accessor function to access ifr_data. 2018-03-30 18:50:13 +00:00
sparc64 Retire ixgb(4) 2018-05-02 15:59:15 +00:00
sys Make it easier for filesystems to count themselves as jail-enabled, 2018-05-04 20:54:27 +00:00
teken Pedantic polishing of code to please FlexeLint. 2018-04-08 19:23:50 +00:00
tests
tools Add dtb overlays support 2018-03-24 21:30:24 +00:00
ufs Renumber soft-update types starting at 1 instead of 0 to avoid confusion 2018-04-05 00:32:01 +00:00
vm Fix some races introduced in r332974. 2018-05-04 17:17:30 +00:00
x86 Add helper macros to hide some boring repeatable ceremonies to define 2018-05-03 21:45:59 +00:00
xdr
xen xen: fix gntdev 2018-05-02 10:19:17 +00:00
Makefile