#
303975 |
|
11-Aug-2016 |
gjb |
Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, and rename it to RC1.
Update __FreeBSD_version.
Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and the dvd1.iso packages population.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
302408 |
|
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
#
275073 |
|
25-Nov-2014 |
jamie |
In preparation for using clang's -Wcast-qual:
Use __DECONST (instead of my own attempted re-invention) for the iov parameters to jail_get/set(2). Similarly remove the decost-ish hack from execvp's argv, except the __DECONST is only added at very end.
While I'm at it, remove an unused variable and fix a comment typo.
|
#
241197 |
|
04-Oct-2012 |
jamie |
Fix some memory allocation errors:
* jail_setv will leak a parameter name if jailparam_import fails. * jailparam_all loses the jailparam pointer on realloc error (a clear freshman mistake). * If jailparam_init fails, the caller doesn't need to jailparam_free the buffer. That's not really clear, so set things to NULL allowing jailparam_free to work without error (though it's still not required).
|
#
235799 |
|
22-May-2012 |
jamie |
The fix in r235291 re-broke the "allow.nomount" case. Re-fix it by testing for the right parameter name.
|
#
235291 |
|
11-May-2012 |
jamie |
The linker isn't consistent in the ordering of dynamic sysctls, so don't assume that the unnamed final component of "security.jail.param.foo." is one less than the "foo" component. It might be one greater instead.
|
#
232342 |
|
01-Mar-2012 |
jamie |
Handle the case where a boolean parameter is also a node.
PR: bin/165515 MFC after: 2 weeks
|
#
217616 |
|
19-Jan-2011 |
mdf |
Introduce signed and unsigned version of CTLTYPE_QUAD, renaming existing uses. Rename sysctl_handle_quad() to sysctl_handle_64().
|
#
214434 |
|
27-Oct-2010 |
jamie |
Find a jail's type as part of jailparam_init rather than waiting until it's absolutely necessary.
MFC after: 1 week
|
#
212074 |
|
31-Aug-2010 |
jamie |
Whitespace and comment fixes.
MFC after: 3 days
|
#
212073 |
|
31-Aug-2010 |
jamie |
Don't over-allocate array values in jailparam_export. Fix a little comment typo.
MFC after: 3 days
|
#
210133 |
|
15-Jul-2010 |
jamie |
Don't import parameter values in jail_getv, except for the search key. Remove the internal jailparam_vlist, in favor of using variants of its logic separately in jail_setv and jail_getv. Free the temporary parameter list and exported values in jail_setv and jail_getv.
Noted by: Stanislav Uzunchev MFC after: 3 days
|
#
204008 |
|
17-Feb-2010 |
ru |
realloc() with a proper amount of memory.
MFC after: 3 days
|
#
200623 |
|
17-Dec-2009 |
jamie |
Add a null pointer check so "name" can be used as a key parameter in jailparam_get.
PR: bin/141692 Submitted by: delphij MFC after: 3 days
|
#
195870 |
|
25-Jul-2009 |
jamie |
Some jail parameters (in particular, "ip4" and "ip6" for IP address restrictions) were found to be inadequately described by a boolean. Define a new parameter type with three values (disable, new, inherit) to handle these and future cases.
Approved by: re (kib), bz (mentor) Discussed with: rwatson
|
#
195011 |
|
25-Jun-2009 |
jamie |
Fix dynamic (re)allocation logic in jailparam_set and jailparam_get. Touch up jailparam_import a bit while I'm at it.
Approved by: bz (mentor)
|
#
194869 |
|
24-Jun-2009 |
jamie |
Add libjail, a (somewhat) simpler interface to the jail_set and jail_get system calls and the security.jail.param sysctls.
Approved by: bz (mentor)
|