d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
25abfdf02f
freebsd-skq/sys/kern
History
Robert Watson ff66f6a404 Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 
may be jointly referenced via the mask CTLFLAG_CAPRW.  Sysctls with these
flags are available in Capsicum's capability mode; other sysctl nodes are
not.

Flag several useful sysctls as available in capability mode, such as memory
layout sysctls required by the run-time linker and malloc(3).  Also expose
access to randomness and available kernel features.

A few sysctls are enabled to support name->MIB conversion; these may leak
information to capability mode by virtue of providing resolution on names
not flagged for access in capability mode.  This is, generally, not a huge
problem, but might be something to resolve in the future.  Flag these cases
with XXX comments.

Submitted by:	jonathan
Sponsored by:	Google, Inc.
2011-07-17 23:05:24 +00:00
..
bus_if.m
capabilities.conf
clock_if.m
cpufreq_if.m
device_if.m Update comments for DEVICE_PROBE() to reflect that BUS_PROBE_DEFAULT is 2011-05-24 13:22:40 +00:00
genassym.sh
imgact_aout.c Do not trash the argv[0] pointer for an a.out process on amd64. 2011-06-16 22:00:59 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c All the racct_*() calls need to happen with the proc locked. Fixing this 2011-07-06 20:06:44 +00:00
imgact_gzip.c
imgact_shell.c
inflate.c
init_main.c
init_sysent.c Auto-generated system call code with cap_new(), cap_getrights(). 2011-07-15 18:33:12 +00:00
kern_acct.c
kern_alq.c
kern_clock.c
kern_clocksource.c Set negative quality to TSC timecounter when C3 state is enabled for Intel 2011-06-22 16:40:45 +00:00
kern_condvar.c
kern_conf.c MFC 2011-06-15 07:20:22 +00:00
kern_cons.c
kern_context.c
kern_cpu.c
kern_cpuset.c Fix KTR_CPUMASK in order to accept a string representing a cpuset_t. 2011-05-31 20:48:58 +00:00
kern_ctf.c
kern_descrip.c Add implementation for capabilities. 2011-07-15 09:37:14 +00:00
kern_dtrace.c
kern_environment.c In init_dynamic_kenv(), ignore environment strings exceeding the 2011-05-23 16:40:44 +00:00
kern_et.c
kern_event.c
kern_exec.c Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 2011-07-17 23:05:24 +00:00
kern_exit.c All the racct_*() calls need to happen with the proc locked. Fixing this 2011-07-06 20:06:44 +00:00
kern_fail.c Add an option to have a fail point term only execute when run by a 2011-07-08 20:41:12 +00:00
kern_fork.c Implement an RFTSIGZMB flag to rfork(2) to specify a signal that is 2011-07-12 20:37:18 +00:00
kern_gzio.c
kern_hhook.c
kern_idle.c On multi-core, multi-threaded PPC systems, it is important that the threads 2011-05-31 15:11:43 +00:00
kern_intr.c
kern_jail.c Add infrastructure to allow all frames/packets received on an interface 2011-07-03 12:22:02 +00:00
kern_khelp.c
kern_kthread.c
kern_ktr.c Fix KTR_CPUMASK in order to accept a string representing a cpuset_t. 2011-05-31 20:48:58 +00:00
kern_ktrace.c
kern_linker.c Fix a LOR between hwpmc and the kernel linker. When a system-wide 2011-07-17 21:53:42 +00:00
kern_lock.c
kern_lockf.c
kern_lockstat.c
kern_loginclass.c
kern_malloc.c
kern_mbuf.c
kern_mib.c Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 2011-07-17 23:05:24 +00:00
kern_module.c
kern_mtxpool.c
kern_mutex.c
kern_ntptime.c
kern_osd.c
kern_physio.c
kern_pmc.c
kern_poll.c
kern_priv.c
kern_proc.c
kern_prot.c
kern_racct.c Rename resource names to match these in login.conf. 2011-07-14 19:18:17 +00:00
kern_rctl.c Rename resource names to match these in login.conf. 2011-07-14 19:18:17 +00:00
kern_resource.c
kern_rmlock.c Remove pc_cpumask and pc_other_cpus usage from MI code. 2011-06-13 13:28:31 +00:00
kern_rwlock.c
kern_sdt.c
kern_sema.c
kern_shutdown.c In the current code, a double panic condition may lead to dumps 2011-06-08 19:28:59 +00:00
kern_sig.c Fix support for RACCT_CORE by merging forgotten file. 2011-05-26 18:54:07 +00:00
kern_switch.c
kern_sx.c
kern_synch.c Simplify a stale assertion. We have not called mi_switch() from a nested 2011-05-24 13:17:08 +00:00
kern_syscalls.c
kern_sysctl.c Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 2011-07-17 23:05:24 +00:00
kern_tc.c If TSC stops ticking in C3, disable deep sleep when the user forcefully 2011-07-14 21:00:26 +00:00
kern_thr.c All the racct_*() calls need to happen with the proc locked. Fixing this 2011-07-06 20:06:44 +00:00
kern_thread.c
kern_time.c
kern_timeout.c
kern_umtx.c
kern_uuid.c
kern_xxx.c
ksched.c Use p4prio_to_tsprio to calculate TS priority instead of using 2011-06-07 02:50:14 +00:00
link_elf_obj.c
link_elf.c Even if the loaded module has no symbols, we still need to notify 2011-06-16 17:41:21 +00:00
linker_if.m
Make.tags.inc Update tags build script 2011-07-10 00:53:04 +00:00
Makefile
makesyscalls.sh
md4c.c
md5c.c
p1003_1b.c
posix4_mib.c Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 2011-07-17 23:05:24 +00:00
sched_4bsd.c Remove pc_cpumask and pc_other_cpus usage from MI code. 2011-06-13 13:28:31 +00:00
sched_ule.c
serdev_if.m
stack_protector.c
subr_acl_nfs4.c
subr_acl_posix1e.c
subr_autoconf.c
subr_blist.c
subr_bufring.c
subr_bus.c
subr_clock.c
subr_devstat.c Instead of using an atomic operation to determine whether the devstat(9) 2011-06-13 22:08:24 +00:00
subr_disk.c
subr_eventhandler.c
subr_fattime.c
subr_firmware.c
subr_hash.c
subr_hints.c
subr_kdb.c Fix a mismerge. 2011-06-27 13:02:23 +00:00
subr_kobj.c
subr_lock.c
subr_log.c
subr_mbpool.c
subr_mchain.c
subr_module.c
subr_msgbuf.c Fix a bug introduced in revision 222537. 2011-05-31 22:39:32 +00:00
subr_param.c
subr_pcpu.c Completely remove now unused pc_other_cpus, pc_cpumask. 2011-07-04 10:45:54 +00:00
subr_power.c
subr_prf.c Set pca.p_bufr to NULL when we haven't allocated a buffer. 2011-06-07 05:04:37 +00:00
subr_prof.c
subr_rman.c Clear the device_t pointer in 'struct resource' when releasing a device 2011-06-06 13:12:56 +00:00
subr_rtc.c
subr_sbuf.c Use memset() instead of bzero() and memcpy() instead of bcopy(), there 2011-05-17 11:04:50 +00:00
subr_scanf.c
subr_sglist.c
subr_sleepqueue.c
subr_smp.c Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 2011-07-17 23:05:24 +00:00
subr_stack.c
subr_taskqueue.c
subr_trap.c We may split today's CAPABILITIES into CAPABILITY_MODE (which has 2011-06-29 13:03:05 +00:00
subr_turnstile.c
subr_uio.c Add a facility to disable processing page faults. When activated, 2011-07-09 15:21:10 +00:00
subr_unit.c
subr_witness.c
sys_capability.c Add cap_new() and cap_getrights() system calls. 2011-07-15 18:26:19 +00:00
sys_generic.c
sys_pipe.c
sys_process.c Add comment from CSRG rev 7.27 (1992/06/23 19:56:55; author: mckusick) 2011-06-17 21:44:13 +00:00
sys_socket.c
syscalls.c Auto-generated system call code with cap_new(), cap_getrights(). 2011-07-15 18:33:12 +00:00
syscalls.master Add cap_new() and cap_getrights() system calls. 2011-07-15 18:26:19 +00:00
systrace_args.c Auto-generated system call code with cap_new(), cap_getrights(). 2011-07-15 18:33:12 +00:00
sysv_ipc.c
sysv_msg.c All the racct_*() calls need to happen with the proc locked. Fixing this 2011-07-06 20:06:44 +00:00
sysv_sem.c Remove semaphore map entry count "semmap" field and its tuning 2011-07-14 14:18:14 +00:00
sysv_shm.c All the racct_*() calls need to happen with the proc locked. Fixing this 2011-07-06 20:06:44 +00:00
tty_compat.c
tty_info.c
tty_inq.c Fix whitespace inconsistencies in the TTY layer and its drivers owned by me. 2011-06-26 18:26:20 +00:00
tty_outq.c Fix whitespace inconsistencies in the TTY layer and its drivers owned by me. 2011-06-26 18:26:20 +00:00
tty_pts.c Fix whitespace inconsistencies in the TTY layer and its drivers owned by me. 2011-06-26 18:26:20 +00:00
tty_tty.c
tty_ttydisc.c Fix whitespace inconsistencies in the TTY layer and its drivers owned by me. 2011-06-26 18:26:20 +00:00
tty.c Reintroduce the cioctl() hook in the TTY layer for digi(4). 2011-07-02 13:54:20 +00:00
uipc_accf.c
uipc_cow.c
uipc_debug.c
uipc_domain.c
uipc_mbuf2.c
uipc_mbuf.c
uipc_mqueue.c
uipc_sem.c
uipc_shm.c Add some checks to ensure that Capsicum is behaving correctly, and add some 2011-06-30 10:56:02 +00:00
uipc_sockbuf.c
uipc_socket.c In the experimental soreceive_stream(): 2011-07-08 10:50:13 +00:00
uipc_syscalls.c Add some checks to ensure that Capsicum is behaving correctly, and add some 2011-06-30 10:56:02 +00:00
uipc_usrreq.c
vfs_acl.c
vfs_aio.c
vfs_bio.c Call pmap_qremove() before freeing or unwiring the pages, otherwise 2011-07-05 18:40:37 +00:00
vfs_cache.c
vfs_cluster.c
vfs_default.c Add a lock flags argument to the VFS_FHTOVP() file system 2011-05-22 01:07:54 +00:00
vfs_export.c
vfs_extattr.c
vfs_hash.c
vfs_init.c
vfs_lookup.c
vfs_mount.c Include sys/sbuf.h directly. 2011-07-11 05:17:46 +00:00
vfs_mountroot.c Include sys/sbuf.h directly. 2011-07-11 05:17:46 +00:00
vfs_subr.c Add a new option, OBJPR_NOTMAPPED, to vm_object_page_remove(). Passing this 2011-06-29 16:40:41 +00:00
vfs_syscalls.c Add a lock flags argument to the VFS_FHTOVP() file system 2011-05-22 01:07:54 +00:00
vfs_vnops.c
vnode_if.src