d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys/kern
History
rwatson 7c21db8ed3 Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which 
may be jointly referenced via the mask CTLFLAG_CAPRW.  Sysctls with these
flags are available in Capsicum's capability mode; other sysctl nodes are
not.

Flag several useful sysctls as available in capability mode, such as memory
layout sysctls required by the run-time linker and malloc(3).  Also expose
access to randomness and available kernel features.

A few sysctls are enabled to support name->MIB conversion; these may leak
information to capability mode by virtue of providing resolution on names
not flagged for access in capability mode.  This is, generally, not a huge
problem, but might be something to resolve in the future.  Flag these cases
with XXX comments.

Submitted by:	jonathan
Sponsored by:	Google, Inc.
2011-07-17 23:05:24 +00:00
..
bus_if.m
Add a new bus method, BUS_ADJUST_RESOURCE() that is intended to be a
2011-04-29 21:36:45 +00:00
capabilities.conf
Continue to introduce Capsicum Capability Mode support:
2011-03-01 13:28:27 +00:00
clock_if.m
cpufreq_if.m
device_if.m
Update comments for DEVICE_PROBE() to reflect that BUS_PROBE_DEFAULT is
2011-05-24 13:22:40 +00:00
genassym.sh
imgact_aout.c
Do not trash the argv[0] pointer for an a.out process on amd64.
2011-06-16 22:00:59 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c
All the racct_*() calls need to happen with the proc locked. Fixing this
2011-07-06 20:06:44 +00:00
imgact_gzip.c
Add accounting for most of the memory-related resources.
2011-04-05 20:23:59 +00:00
imgact_shell.c
The execution of the shebang script requires putting interpreter path,
2011-03-06 22:59:30 +00:00
inflate.c
init_main.c
Enable accounting for RACCT_NPROC and RACCT_NTHR.
2011-03-31 19:22:11 +00:00
init_sysent.c
Auto-generated system call code with cap_new(), cap_getrights().
2011-07-15 18:33:12 +00:00
kern_acct.c
kern_alq.c
kern_clock.c
Fix several places to ignore processes that are not yet fully constructed.
2011-04-06 17:47:22 +00:00
kern_clocksource.c
Set negative quality to TSC timecounter when C3 state is enabled for Intel
2011-06-22 16:40:45 +00:00
kern_condvar.c
kern_conf.c
sys/sys/conf.h:
2011-06-14 16:29:43 +00:00
kern_cons.c
Add descriptions to a handful of sysctl nodes.
2010-08-09 14:48:31 +00:00
kern_context.c
Clear the padding when returning context to the usermode, for
2011-02-05 15:10:27 +00:00
kern_cpu.c
cpufreq: allocate long-lived buffer for handling of sysctl requests
2010-07-23 16:46:42 +00:00
kern_cpuset.c
Fix KTR_CPUMASK in order to accept a string representing a cpuset_t.
2011-05-31 20:48:58 +00:00
kern_ctf.c
kern_descrip.c
Add implementation for capabilities.
2011-07-15 09:37:14 +00:00
kern_dtrace.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
kern_environment.c
MFC
2011-05-23 23:58:02 +00:00
kern_et.c
sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly.
2011-01-12 19:54:19 +00:00
kern_event.c
After the r219999 is merged to stable/8, rename fallocf(9) to falloc(9)
2011-04-01 13:28:34 +00:00
kern_exec.c
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
2011-07-17 23:05:24 +00:00
kern_exit.c
All the racct_*() calls need to happen with the proc locked. Fixing this
2011-07-06 20:06:44 +00:00
kern_fail.c
Add an option to have a fail point term only execute when run by a
2011-07-08 20:41:12 +00:00
kern_fork.c
Implement an RFTSIGZMB flag to rfork(2) to specify a signal that is
2011-07-12 20:37:18 +00:00
kern_gzio.c
kern_hhook.c
Staticize malloc types.
2011-04-13 11:28:46 +00:00
kern_idle.c
MFC
2011-05-31 21:22:44 +00:00
kern_intr.c
- Catch up to falloc() changes.
2011-04-26 07:30:52 +00:00
kern_jail.c
Add infrastructure to allow all frames/packets received on an interface
2011-07-03 12:22:02 +00:00
kern_khelp.c
Use the full and proper company name for Swinburne University of Technology
2011-04-12 08:13:18 +00:00
kern_kthread.c
- Properly initialize the base priority (td_base_pri) of thread0 to PVM
2011-01-06 22:26:00 +00:00
kern_ktr.c
Fix KTR_CPUMASK in order to accept a string representing a cpuset_t.
2011-05-31 20:48:58 +00:00
kern_ktrace.c
Fix several places to ignore processes that are not yet fully constructed.
2011-04-06 17:47:22 +00:00
kern_linker.c
Fix a LOR between hwpmc and the kernel linker. When a system-wide
2011-07-17 21:53:42 +00:00
kern_lock.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
kern_lockf.c
kern_lockstat.c
kern_loginclass.c
Add racct. It's an API to keep per-process, per-jail, per-loginclass
2011-03-29 17:47:25 +00:00
kern_malloc.c
Modestly increase the maximum allowed size of the kmem map on i386.
2011-03-23 16:38:29 +00:00
kern_mbuf.c
kern_mib.c
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
2011-07-17 23:05:24 +00:00
kern_module.c
Style fix.
2010-11-22 15:28:54 +00:00
kern_mtxpool.c
kern_mutex.c
- Remove <machine/mutex.h>. Most of the headers were empty, and the
2010-11-09 20:46:41 +00:00
kern_ntptime.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
kern_osd.c
kern_physio.c
Account i/o done on cdevs.
2010-11-25 20:05:11 +00:00
kern_pmc.c
Commit the support for removing cpumask_t and replacing it directly with
2011-05-05 14:39:14 +00:00
kern_poll.c
kern_priv.c
Add an extra comment to the SDT probes definition. This allows us to get
2010-08-22 11:18:57 +00:00
kern_proc.c
- Commit work from libprocstat project. These patches add support for runtime
2011-05-12 10:11:39 +00:00
kern_prot.c
Notify racct when process credentials change.
2011-03-31 18:12:04 +00:00
kern_racct.c
Rename resource names to match these in login.conf.
2011-07-14 19:18:17 +00:00
kern_rctl.c
Rename resource names to match these in login.conf.
2011-07-14 19:18:17 +00:00
kern_resource.c
Fix several places to ignore processes that are not yet fully constructed.
2011-04-06 17:47:22 +00:00
kern_rmlock.c
With retirement of cpumask_t and usage of cpuset_t for representing a
2011-07-04 12:04:52 +00:00
kern_rwlock.c
kern_sdt.c
kern_sema.c
kern_shutdown.c
In the current code, a double panic condition may lead to dumps
2011-06-08 19:28:59 +00:00
kern_sig.c
Fix support for RACCT_CORE by merging forgotten file.
2011-05-26 18:54:07 +00:00
kern_switch.c
kern_sx.c
- Merge changes to the base system to support OFED. These include
2011-03-21 09:40:01 +00:00
kern_synch.c
Simplify a stale assertion. We have not called mi_switch() from a nested
2011-05-24 13:17:08 +00:00
kern_syscalls.c
Call chainevh callback when we are invoked with neither MOD_LOAD nor
2010-10-21 20:31:50 +00:00
kern_sysctl.c
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
2011-07-17 23:05:24 +00:00
kern_tc.c
If TSC stops ticking in C3, disable deep sleep when the user forcefully
2011-07-14 21:00:26 +00:00
kern_thr.c
All the racct_*() calls need to happen with the proc locked. Fixing this
2011-07-06 20:06:44 +00:00
kern_thread.c
Fix some locking nits with the p_state field of struct proc:
2011-03-24 18:40:11 +00:00
kern_time.c
Create a global thread hash table to speed up thread lookup, use
2010-10-09 02:50:23 +00:00
kern_timeout.c
Reintroduce the fix already discussed in r216805 (please check its history
2011-04-08 18:48:57 +00:00
kern_umtx.c
Expose the umtx_key structure and API to the rest of the kernel.
2011-02-23 13:19:14 +00:00
kern_uuid.c
kern_xxx.c
ksched.c
Use p4prio_to_tsprio to calculate TS priority instead of using
2011-06-07 02:50:14 +00:00
link_elf_obj.c
Remove malloc(9) return value checks when M_WAITOK is used.
2011-04-16 16:20:51 +00:00
link_elf.c
Even if the loaded module has no symbols, we still need to notify
2011-06-16 17:41:21 +00:00
linker_if.m
Make.tags.inc
Update tags build script
2011-07-10 00:53:04 +00:00
Makefile
Continue to introduce Capsicum Capability Mode support:
2011-03-01 13:28:27 +00:00
makesyscalls.sh
add DTrace systrace support for linux32 and freebsd32 on amd64 syscalls
2011-03-12 08:51:43 +00:00
md4c.c
md5c.c
p1003_1b.c
Set various POSIX capability sysctls to the version of the API that is
2010-11-19 17:56:16 +00:00
posix4_mib.c
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
2011-07-17 23:05:24 +00:00
sched_4bsd.c
With retirement of cpumask_t and usage of cpuset_t for representing a
2011-07-04 12:04:52 +00:00
sched_ule.c
Commit the support for removing cpumask_t and replacing it directly with
2011-05-05 14:39:14 +00:00
serdev_if.m
stack_protector.c
subr_acl_nfs4.c
Make UFS use PSARC/2010/029 NFSv4 ACL semantics by default, bringing
2011-03-22 19:52:29 +00:00
subr_acl_posix1e.c
execve(2) has a special check for file permissions: a file must have at
2010-08-30 16:30:18 +00:00
subr_autoconf.c
Retire PCONFIG and leave the priority of thread0 alone when waiting for
2011-01-06 22:09:37 +00:00
subr_blist.c
subr_bufring.c
subr_bus.c
Add a new bus method, BUS_ADJUST_RESOURCE() that is intended to be a
2011-04-29 21:36:45 +00:00
subr_clock.c
Improve style and wording of comments and sysctl descriptions [1].
2011-01-09 14:34:56 +00:00
subr_devstat.c
Instead of using an atomic operation to determine whether the devstat(9)
2011-06-13 22:08:24 +00:00
subr_disk.c
Correct bioq_disksort so that bioq_insert_tail() offers barrier semantic.
2010-09-02 19:40:28 +00:00
subr_eventhandler.c
subr_fattime.c
subr_firmware.c
subr_hash.c
subr_hints.c
subr_kdb.c
With retirement of cpumask_t and usage of cpuset_t for representing a
2011-07-04 12:04:52 +00:00
subr_kobj.c
sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly.
2011-01-12 19:54:19 +00:00
subr_lock.c
Explicitly wire the user buffer rather than doing it implicitly in
2011-01-27 00:34:12 +00:00
subr_log.c
Finish r210923, 210926. Mark some devices as eternal.
2011-01-04 10:59:38 +00:00
subr_mbpool.c
subr_mchain.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
subr_module.c
Provide convenience function for obtaining MODINFO_ADDR and MODINFO_SIZE
2011-02-09 19:08:21 +00:00
subr_msgbuf.c
MFC
2011-06-01 16:54:33 +00:00
subr_param.c
Modestly increase the maximum allowed size of the kmem map on i386.
2011-03-23 16:38:29 +00:00
subr_pcpu.c
With retirement of cpumask_t and usage of cpuset_t for representing a
2011-07-04 12:04:52 +00:00
subr_power.c
subr_prf.c
Set pca.p_bufr to NULL when we haven't allocated a buffer.
2011-06-07 05:04:37 +00:00
subr_prof.c
Revert r210225 - turns out I was wrong; the "/*-" is not license-only
2010-07-18 20:57:53 +00:00
subr_rman.c
Clear the device_t pointer in 'struct resource' when releasing a device
2011-06-06 13:12:56 +00:00
subr_rtc.c
Add the half of time-of-day clock resolution when we adjust system time from
2010-08-12 17:17:05 +00:00
subr_sbuf.c
Use memset() instead of bzero() and memcpy() instead of bcopy(), there
2011-05-17 11:04:50 +00:00
subr_scanf.c
subr_sglist.c
subr_sleepqueue.c
Explicitly wire the user buffer rather than doing it implicitly in
2011-01-27 00:34:12 +00:00
subr_smp.c
Define two new sysctl node flags: CTLFLAG_CAPRD and CTLFLAG_CAPRW, which
2011-07-17 23:05:24 +00:00
subr_stack.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
subr_taskqueue.c
Implement the delayed task execution extension to the taskqueue
2011-04-26 11:39:56 +00:00
subr_trap.c
We may split today's CAPABILITIES into CAPABILITY_MODE (which has
2011-06-29 13:03:05 +00:00
subr_turnstile.c
Always assert that the turnstile chain lock is held in turnstile_wait()
2011-02-04 14:16:41 +00:00
subr_uio.c
Add a facility to disable processing page faults. When activated,
2011-07-09 15:21:10 +00:00
subr_unit.c
Fix typos - remove duplicate "the".
2011-02-21 09:01:34 +00:00
subr_witness.c
Fix typos - remove duplicate "the".
2011-02-21 09:01:34 +00:00
sys_capability.c
Add cap_new() and cap_getrights() system calls.
2011-07-15 18:26:19 +00:00
sys_generic.c
For some file types, select code registers two selfd structures. E.g.,
2010-08-28 17:42:08 +00:00
sys_pipe.c
After the r219999 is merged to stable/8, rename fallocf(9) to falloc(9)
2011-04-01 13:28:34 +00:00
sys_process.c
Add comment from CSRG rev 7.27 (1992/06/23 19:56:55; author: mckusick)
2011-06-17 21:44:13 +00:00
sys_socket.c
Mfp4 CH=177274,177280,177284-177285,177297,177324-177325
2011-02-16 21:29:13 +00:00
syscalls.c
Auto-generated system call code with cap_new(), cap_getrights().
2011-07-15 18:33:12 +00:00
syscalls.master
Add cap_new() and cap_getrights() system calls.
2011-07-15 18:26:19 +00:00
systrace_args.c
Auto-generated system call code with cap_new(), cap_getrights().
2011-07-15 18:33:12 +00:00
sysv_ipc.c
sysv_msg.c
All the racct_*() calls need to happen with the proc locked. Fixing this
2011-07-06 20:06:44 +00:00
sysv_sem.c
Remove semaphore map entry count "semmap" field and its tuning
2011-07-14 14:18:14 +00:00
sysv_shm.c
All the racct_*() calls need to happen with the proc locked. Fixing this
2011-07-06 20:06:44 +00:00
tty_compat.c
tty_info.c
tty_inq.c
Fix whitespace inconsistencies in the TTY layer and its drivers owned by me.
2011-06-26 18:26:20 +00:00
tty_outq.c
Fix whitespace inconsistencies in the TTY layer and its drivers owned by me.
2011-06-26 18:26:20 +00:00
tty_pts.c
Fix whitespace inconsistencies in the TTY layer and its drivers owned by me.
2011-06-26 18:26:20 +00:00
tty_tty.c
Finish r210923, 210926. Mark some devices as eternal.
2011-01-04 10:59:38 +00:00
tty_ttydisc.c
Fix whitespace inconsistencies in the TTY layer and its drivers owned by me.
2011-06-26 18:26:20 +00:00
tty.c
Reintroduce the cioctl() hook in the TTY layer for digi(4).
2011-07-02 13:54:20 +00:00
uipc_accf.c
uipc_cow.c
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/
2011-02-25 10:11:01 +00:00
uipc_debug.c
uipc_domain.c
uipc_mbuf2.c
uipc_mbuf.c
Fix typos - remove duplicate "the".
2011-02-21 09:01:34 +00:00
uipc_mqueue.c
After the r219999 is merged to stable/8, rename fallocf(9) to falloc(9)
2011-04-01 13:28:34 +00:00
uipc_sem.c
After the r219999 is merged to stable/8, rename fallocf(9) to falloc(9)
2011-04-01 13:28:34 +00:00
uipc_shm.c
Add some checks to ensure that Capsicum is behaving correctly, and add some
2011-06-30 10:56:02 +00:00
uipc_sockbuf.c
Revert r194662, since it breaks ng_ksocket(4) and may break
2011-04-14 14:54:22 +00:00
uipc_socket.c
In the experimental soreceive_stream():
2011-07-08 10:50:13 +00:00
uipc_syscalls.c
Add some checks to ensure that Capsicum is behaving correctly, and add some
2011-06-30 10:56:02 +00:00
uipc_usrreq.c
Mfp4 CH=177274,177280,177284-177285,177297,177324-177325
2011-02-16 21:29:13 +00:00
vfs_acl.c
vfs_aio.c
Create a global thread hash table to speed up thread lookup, use
2010-10-09 02:50:23 +00:00
vfs_bio.c
Call pmap_qremove() before freeing or unwiring the pages, otherwise
2011-07-05 18:40:37 +00:00
vfs_cache.c
Fix some more style(9) issues.
2010-11-14 16:10:15 +00:00
vfs_cluster.c
The hardware has caught up; improvements are now observed even at 128,
2011-03-16 16:22:59 +00:00
vfs_default.c
Add a lock flags argument to the VFS_FHTOVP() file system
2011-05-22 01:07:54 +00:00
vfs_export.c
vfs_extattr.c
Revert r210225 - turns out I was wrong; the "/*-" is not license-only
2010-07-18 20:57:53 +00:00
vfs_hash.c
vfs_init.c
vfs_lookup.c
Add an extra comment to the SDT probes definition. This allows us to get
2010-08-22 11:18:57 +00:00
vfs_mount.c
Include sys/sbuf.h directly.
2011-07-11 05:17:46 +00:00
vfs_mountroot.c
Include sys/sbuf.h directly.
2011-07-11 05:17:46 +00:00
vfs_subr.c
Add a new option, OBJPR_NOTMAPPED, to vm_object_page_remove(). Passing this
2011-06-29 16:40:41 +00:00
vfs_syscalls.c
Add a lock flags argument to the VFS_FHTOVP() file system
2011-05-22 01:07:54 +00:00
vfs_vnops.c
MFC
2011-05-13 15:20:57 +00:00
vnode_if.src
MFC
2011-05-13 15:20:57 +00:00