Author: jonathan
Date: Sat Aug 13 09:21:16 2011
New Revision: 224810
URL: http://svn.freebsd.org/changeset/base/224810
Log:
Allow Capsicum capabilities to delegate constrained
access to file system subtrees to sandboxed processes.
- Use of absolute paths and '..' are limited in
Author: jonathan
Date: Sat Aug 13 10:43:21 2011
New Revision: 224812
URL: http://svn.freebsd.org/changeset/base/224812
Log:
Allow openat(2), fstatat(2), etc. in capability mode.
namei() and lookup() can now perform strictly relative lookups.
Such lookups, performed when in capability
Author: mm
Date: Sat Aug 13 10:58:53 2011
New Revision: 224814
URL: http://svn.freebsd.org/changeset/base/224814
Log:
Fix race between dmu_objset_prefetch() invoked from
zfs_ioc_dataset_list_next() and dsl_dir_destroy_check() indirectly
invoked from dmu_recv_existing_end() via
Author: rwatson
Date: Sat Aug 13 12:14:40 2011
New Revision: 224815
URL: http://svn.freebsd.org/changeset/base/224815
Log:
Regenerate system call files following r224812 changes to capabilities.conf.
A no-op for non-Capsicum kernels; for Capsicum kernels, completes the
enabling of fooat(2)
Author: rwatson
Date: Sat Aug 13 13:11:28 2011
New Revision: 224834
URL: http://svn.freebsd.org/changeset/base/224834
Log:
Bump __FreeBSD_version to reflect the availability of capabilities, but
also capability-related changes to fget(9). This is likely not part of
a formal KPI, but the
Author: rwatson
Date: Sat Aug 13 13:26:40 2011
New Revision: 224839
URL: http://svn.freebsd.org/changeset/base/224839
Log:
Now that capability support has been committed, update and expand the
comment at the type of sys_capability.c to describe its new contents.
Approved by: re (xxx)
Author: rwatson
Date: Sat Aug 13 13:34:01 2011
New Revision: 224840
URL: http://svn.freebsd.org/changeset/base/224840
Log:
Update use of the FEATURE() macro in sys_capability.c to reflect the move
to two different kernel options for capability mode vs. capabilities.
Approved by: re (bz)
Author: bz
Date: Sat Aug 13 13:49:11 2011
New Revision: 224841
URL: http://svn.freebsd.org/changeset/base/224841
Log:
Fix jls backward compat mode broken in r222465, correctly
displaying addresses in verbose mode (jls -v) again.
Submitted by: jamie
MFC after:3 days
Approved by:
Author: rwatson
Date: Sat Aug 13 16:03:40 2011
New Revision: 224842
URL: http://svn.freebsd.org/changeset/base/224842
Log:
When falloc() was broken into separate falloc_noinstall() and finstall(),
a bug was introduced in kern_openat() such that the error from the vnode
open operation was
Author: attilio
Date: Sat Aug 13 17:17:04 2011
New Revision: 224845
URL: http://svn.freebsd.org/changeset/base/224845
Log:
Fix a typo in cb_dumpdata() about wrongly calling wdog_kern_pat().
Submitted by: Andrew Boyer aboyer at averesystems dot com
Approved by: re (kib)
Modified:
Author: rwatson
Date: Sat Aug 13 17:22:16 2011
New Revision: 224852
URL: http://svn.freebsd.org/changeset/base/224852
Log:
Trim some warnings and notes from capabilities.conf -- these are left over
from Capsicum development, and no longer apply.
Approved by: re (kib)
Sponsored by:
Author: mm
Date: Sat Aug 13 21:35:22 2011
New Revision: 224855
URL: http://svn.freebsd.org/changeset/base/224855
Log:
zfs_ioctl.c: improve code readability in zfs_ioc_dataset_list_next()
zvol.c: fix calling of dmu_objset_prefetch() in zvol_create_minors()
by passing full instead of
Author: mjacob
Date: Sat Aug 13 23:34:17 2011
New Revision: 224856
URL: http://svn.freebsd.org/changeset/base/224856
Log:
Most of these changes to isp are to allow for isp.ko unloading.
We also revive loop down freezes. We also externaliz within isp
isp_prt_endcmd so something outside the
Author: nwhitehorn
Date: Sun Aug 14 00:20:37 2011
New Revision: 224857
URL: http://svn.freebsd.org/changeset/base/224857
Log:
Add support for the Blu-Ray drive found in the Sony Playstation 3 and fix
some realted minor bugs in PS3 internal storage support.
Submitted by: glevand
Author: rwatson
Date: Sun Aug 14 00:42:09 2011
New Revision: 224859
URL: http://svn.freebsd.org/changeset/base/224859
Log:
Updates to libprocstat(3) and procstat(1) to allow monitoring Capsicum
capability mode and capabilities.
Right now no attempt is made to unwrap capabilities when
15 matches
Mail list logo
