summaryrefslogtreecommitdiff
path: root/usr/src/uts/common/c2
AgeCommit message (Collapse)AuthorFilesLines
2016-10-157029 want per-process exploit mitigation features (secflags)Richard Lowe6-16/+115
7030 want basic address space layout randomization (ASLR) 7031 noexec_user_stack should be a security-flag 7032 want a means to forbid mappings around NULL Reviewed by: Robert Mustacchi <rm@joyent.com> Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net> Reviewed by: Patrick Mooney <pmooney@joyent.com> Approved by: Dan McDonald <danmcd@omniti.com>
2011-09-151073 migrate kernel modules from ancient _depends_on to true ELF dependenciesBayard Bell1-3/+1
Reviewed by: Adam Leventhal <ahl@delphix.com> Reviewed by: Garrett D'Amore <garrett@nexenta.com> Approved by: Richard Lowe <richlowe@richlowe.net>
2010-08-166925150 audit_closef() may reference unintialized variable 'getattr_ret'Marek Pospisil1-12/+12
2010-08-166925149 auf_accept() may reference unintialized variable 'fd'Marek Pospisil1-4/+14
2010-08-166925147 au_doorio() may reference unintialized variable 'error'Marek Pospisil1-1/+1
2010-08-166925146 audit_cryptoadm() tests if an unsigned value is less than zeroMarek Pospisil1-3/+1
2010-07-296863313 $SRC/uts/common/c2/{adr,audit,audit_mem}.c aren't cstyle cleanMarek Pospisil1-10/+7
2010-07-27PSARC/2009/636 Obsolete getacinfo(3bsm)Jan Friedel5-7/+35
PSARC/2009/642 audit_control(4) EOL and removal PSARC/2010/218 Audit subsystem Rights Profiles PSARC/2010/220 svc:/system/auditset service 6875456 Solaris Audit configuration in SMF - phase 2 (PSARC/2009/636, PSARC/2009/642) 6942035 audit_binfile(5) leaves unfinished audit logs. 6942041 auditd(1) says "auditd refreshed" on startup. 6943275 audit_remote(5) leaks memory on audit service refresh 6955077 adt_get_mask_from_user() should regard _SC_GETPW_R_SIZE_MAX 6955117 $SRC/lib/libbsm/common/audit_ftpd.c shouldn't hardcode the lenght of usernames (8) 6956169 adt_audit_state() returns non-boolean values --HG-- rename : usr/src/cmd/auditconfig/auditconfig_impl.h => usr/src/lib/libbsm/common/audit_policy.h rename : usr/src/cmd/auditconfig/audit_scf.c => usr/src/lib/libbsm/common/audit_scf.c rename : usr/src/cmd/auditconfig/audit_scf.h => usr/src/lib/libbsm/common/audit_scf.h
2010-07-07PSARC 2010/235 POSIX 1003.1-2008 *at(2) syscallsRoger A. Faulkner3-22/+185
6910251 need support for all POSIX.1-2008 *at(2) syscalls 6964835 mknod(2) auditing omits the pathname for invalid arguments
2010-06-246949768 fsattr(5) auditing can incorrectly record some open(2) paths as ↵Brent Paulson3-18/+40
extended attribute paths 6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later 6951840 openat(2) doesn't ignore the fd argument when path argument is absolute 6952651 pathnames can be excluded from audit records for extended attribute syscalls in some scenarios 6958299 getattrat(3C) and setattrat(3C) generate audit records with duplicate pathnames 6959020 auditing of getattrat(3C) and setattrat(3C) doesn't handle absolute pathnames correctly
2010-06-17PSARC/2009/590 Socket Filter FrameworkAnders Persson1-21/+43
6939085 Socket Filter Framework 6802067 connect_failed kernel socket callback is not triggered 6776450 time spent in tcp_close could be reduced/deferred to a worker thread 6828586 assertion failed: family == 26, file: ../../common/fs/sockfs/socksyscalls.c, line: 1608 6802078 kernel socket 'newconn' callback is passing rcv queue size as an argument
2010-06-146625545 auditd Generates Plethora Events due to Missing System Files ↵Marek Pospisil7-265/+119
(AUE_OPEN_R, AUE_OPENAT_R, AUE_EXECVE) 6631622 The tad_ctrl (PAD_) stuff is a mess
2010-04-28PSARC 2009/377 In-kernel pfexec implementation.Casper H.S. Dik5-20/+66
PSARC 2009/378 Basic File Privileges PSARC 2010/072 RBAC update: user attrs from profiles 4912090 pfzsh(1) should exist 4912093 pfbash(1) should exist 4912096 pftcsh(1) should exist 6440298 Expand the basic privilege set in order to restrict file access 6859862 Move pfexec into the kernel 6919171 cred_t sidesteps kmem_debug; we need to be able to detect bad hold/free when they occur 6923721 The new SYS_SMB privilege is not backward compatible 6937562 autofs doesn't remove its door when the zone shuts down 6937727 Zones stuck on deathrow; netstack_zone keeps a credential reference to the zone 6940159 Implement PSARC 2010/072
2010-04-126935410 setting audit context when audit is not enabled should be more ↵gww1-8/+8
tolerant of getaddrinfo failure
2010-03-226932958 kernel heap corruption detected panic while running zoneadmMarek Pospisil1-3/+5
2010-03-166890083 fcntl(2) should generate an additional argument token when F_SETFL ↵Marek Pospisil1-3/+7
is used
2010-03-156934538 assert in audit_async_done() points out improper setup of ↵Marek Pospisil1-3/+4
asynchronous auditing
2010-03-116914628 Implement the user object audit token PSARC/2010/001 User object ↵gww1-5/+5
audit token PSARC/2010/001 User object audit token 6580704 passwd gww produces a less optimal audit record.
2010-03-09PSARC/2009/613 auditon(2) clarificationMarek Pospisil1-2/+2
6884238 The audit_policy variable should be a uint32_t.
2010-03-086545618 exit audit records could include process return valueMarek Pospisil1-1/+16
2010-03-05PSARC/2009/354 Always on / no reboot Solaris AuditMarek Pospisil11-2179/+180
6192139 Solaris auditing should be able to start collecting audit records without a reboot
2010-02-28PSARC 2009/657 delete obsolete system call trapsRoger A. Faulkner4-377/+330
6906485 delete obsolete system call traps --HG-- rename : usr/src/cmd/truss/xstat.c => usr/src/cmd/truss/stat.c rename : usr/src/lib/libc/port/gen/dup2.c => usr/src/lib/libc/port/gen/dup.c rename : usr/src/lib/libc/port/sys/libc_fcntl.c => usr/src/lib/libc/port/sys/fcntl.c rename : usr/src/lib/libc/port/sys/libc_open.c => usr/src/lib/libc/port/sys/open.c
2010-02-196901249 AUDIT_WINDATA needs review.Jan Friedel1-4/+2
2009-11-266898247 The definition BSM_AUDITON is never used.Marek Pospisil3-4/+1
2009-11-20PSARC 2009/542 Increase the maximum value of NGROUPS_MAX to 1024Casper H.S. Dik3-6/+6
4088757 Customer would like to increase ngroups_max more than 32 6853435 Many files incorrectly include the private <sys/cred_impl.h>
2009-11-13PSARC/2009/396 Tickless Kernel Architecture / lbolt decouplingRafael Vanoni1-4/+4
6860030 tickless clock requires a clock() decoupled lbolt / lbolt64 Portions contributed by Chad Mynhier <cmynhier@gmail.com>
2009-10-07PSARC/2009/447 Kernel Cryptographic Framework support for FIPS 140-2Anthony Scarpino1-0/+5
6703950 Solaris cryptographic framework needs to implement changes for FIPS-140-2 compliance
2009-09-146228975 Need IPv6 support for KSSLKrishna Yenduri1-6/+8
6627569 need kssl_sid_cached kstat counter 6846333 ksslcfg no longer displays version 6668826 missing curly brackets in kssl_release_ent 6873066 cleanup unused code in ksslproto.h and ksslapi.h
2009-08-206823462 AUE_CRYPTOADM, AUE_CONFIGKSSL, AUE_PF_POLICY* don't properly include ↵Marek Pospisil1-22/+22
au_emod information
2009-07-30PSARC 2007/701 EOF and removal of auditconfig -[gs]etfsizePaul M Roberts4-68/+3
6704828 PSARC/2007/701: kernel-based audit statistic feature (-[gs]etfsize) should be EOF'd and removed
2009-07-236795688 fsattr(5) auditing needs to be more careful with certain fad_aupathsBrent Paulson1-2/+9
6816071 fsattr(5) auditing shouldn't attempt to record pathnames for invalid fds
2009-06-16PSARC/2009/284 faccessat(2) - determine accessibility of a file using file ↵Sumanth Naropanth2-1/+5
descriptors 6536147 accessat() should become a public interface after an agreement is reached on the function name
2009-04-281231968 lots of dead code in audit_record.hMarek Pospisil1-316/+1
2009-03-204987752 setpgrp(2) audit record seems to show failure. (fix lint)Jan Friedel1-0/+1
2009-03-194987752 setpgrp(2) audit record seems to show failure.Jan Friedel2-40/+107
2009-03-196750410 audit configuration files do not alignJan Friedel1-27/+26
2009-03-196757391 c2audit incorrectly interprets acl(2)/ACE_GETACL as acl(2)/SETACL.Jan Friedel1-1/+2
2009-03-196785167 audit_event.c:aus_msgsys() and audit_event.c:aus_semsys() could be ↵Jan Friedel1-6/+2
optimized.
2009-03-186412948 There's cruft in the libbsm files that needs to be removed.Jan Friedel3-19/+15
2009-03-186753388 AUE_PORTFS should really be PORTFS_ASSOCIATE and PORTFS_DISSOCIATEJan Friedel2-10/+19
2009-03-186753025 port_associate_fop() generates double path/attribute token into the ↵Jan Friedel1-2/+2
AUE_PORTFS audit record.
2008-12-11PSARC 2007/587 Volo -- Low Latency Socket FrameworkYu Xiangning1-182/+92
PSARC 2008/694 Volo Interfaces Amendment 6765829 Integration of project Volo PSARC/2007/587 6644935 mblk cred_t reference counting limits scalability 6693633 TCP receive does not scale because of heavy refcounting of cred structures 4764841 connect/accept is slow on Solaris when compared to Linux 5105708 socket creation retains hold on accessvp 4764836 setsockopt is slow on Solaris when compared to Linux 4772191 socket close(2) is slow on Solaris when compared to Linux --HG-- rename : usr/src/uts/common/fs/sockfs/socksctp.c => usr/src/uts/common/inet/sockmods/socksctp.c rename : usr/src/uts/common/fs/sockfs/socksctp.h => usr/src/uts/common/inet/sockmods/socksctp.h rename : usr/src/uts/common/fs/sockfs/socksctpsubr.c => usr/src/uts/common/inet/sockmods/socksctpsubr.c rename : usr/src/uts/common/fs/sockfs/socksdp.c => usr/src/uts/common/inet/sockmods/socksdp.c rename : usr/src/uts/common/fs/sockfs/socksdp.h => usr/src/uts/common/inet/sockmods/socksdp.h
2008-11-166738808 c2audit routines set{u,s}mask can reference processes they shouldn'tBrent Paulson1-0/+32
2008-09-291207395 au_event_t is a currently a short. It should be redefined to be a ↵Tony Nguyen9-39/+30
u_short
2008-09-156747227 c2_bsm/kernel audit_pf_policy() may leak zone holdsPaul Wernau1-5/+8
2008-09-086743863 *c2audit* panics system when flushing non-existent policyPaul Wernau1-5/+8
2008-08-206415507 audit TX code review issuesRic Aleshire3-12/+9
6706438 bsmrecord make will not rebuild root audit_record_attr 6724030 SYS_labelsys auditing has one or two nits which could be tidied up 6724031 au_to_in_addr_ex() mixes and matches between in_addr_t and 'struct in_addr' 6724032 /etc/name_to_sysnum should reference labelsys instead of tsolsys
2008-07-01PSARC 2008/208 Flexible Credentials and Result Limits for Kernel Door Upcallsjwadams1-1/+2
6687107 upcall clients should properly handle results
2008-06-186451652 c2/audit_kernel.h: AUDIT_SETSUBJ could be betterjf2067061-14/+10
2008-05-226680957 labelsys appears to be making policy decisions, but doesn't appear ↵rica3-12/+181
to be auditable 6701744 kernel au_to_in_addr_ex() bug in handling v4-mapped addresses
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-26 22:15:45 +0000