d2a70789f056fc6c9ce3ab047b52126d80b0e3da 16-Apr-2014 Richard Lowe <richlowe@richlowe.net> 7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
3869a9385c1f62e5437e1f099f68a3130c89b318 17-Aug-2010 jv227347 <Jordan.Vaughan@Sun.com> 6897938 zonecfg(1M) hemorrhages memory after Yacc processes commands with syntax errors
550b6e4083768ca350e9e7c3a1ebbf720b23dcad 01-Jul-2010 Sowmini Varadhan <Sowmini.Varadhan@oracle.COM> PSARC 2010/166 layer-3 net properties for exclusive-IP zones
6944327 need to support address and defrouter resources for exclusive-IP zones
6e1ae2a33c618c4c2b14aec7d2f21743ddea5837 30-Jun-2010 Gary Pennington <gary.pennington@oracle.com> 6939693 zones no longer needs the inherit-pkg-dir property
ff19e029e81c950f4e0f40f1f1ee1f7d8f8d8041 29-Jun-2010 Menno Lageman <Menno.Lageman@Sun.COM> PSARC 2009/042 max-processes rctl
6631612 non-global zone can overrun the process table of the system
6466380 Project resource set callbacks are needlessly called on every fork()
6516818 task resource callbacks are needlessly called on every fork()
0fbb751d81ab0a7c7ddfd8d4e447e075a9f7024f 16-Jun-2010 John Levon <john.levon@sun.com> PSARC 2010/144 lofi(7D) in non global zones
6354954 lofi support in non-global zones
6942891 prof_lookup_globaldev() leaks rootdir refs
6945005 lofiadm -a /dev/lofi/1: recursive mutex enter
6946486 lofi_ioctl() shouldn't allow disk ioctl()s on /dev/lofictl
a20ee4162885a4dc8273c6b6903dcb7e0e525704 08-Jun-2010 Glenn Faden <Glenn.Faden@Sun.COM> 4963290 RFE: implement flexible zone administration that doesn't require uid=0 (fix copyright)
cb8a054b1ab30d5caa746e6c44f29d4c9d3071c1 07-Jun-2010 Glenn Faden <Glenn.Faden@Sun.COM> 4963290 RFE: implement flexible zone administration that doesn't require uid=0
PSARC/2010/132 Delegated Administration for Zones
c94c1ef04ec0f34ea2c56ad7cde335368c9be152 10-Nov-2009 jv227347 <Jordan.Vaughan@Sun.com> 6893156 zonecfg(1M)'s grammar rejects property names and resource types where it expects property values
5679c89fcd2facbb4334df8870d3d7a4d2b11673 30-Jan-2009 jv227347 <Jordan.Vaughan@Sun.com> PSARC/2008/647 Configurable Hostids for Non-Global Zones
6580939 RFE: provide unique hostid for each non-global zone
bbec428e3a4860f4c1dd3a128c6b10c5bcd81ca4 18-Mar-2008 gjelinek <none@none> 6527047 zonecfg shouldn't use two different boolean types
Contributed by Rishi Nair (rishi.bugs@gmail.com) and Jazarine Jamal (jazarine@gmail.com)
de860bd9529e1034e1666f74f7bc0ec8cd5ca701 26-Feb-2008 gfaden <none@none> 6583565 need a mechanism to configure a per zone default route in shared IP stack for TX
c97ad5cdc75eb73e3cc38542ca3ba783574b0a7a 09-Mar-2007 akolb <none@none> PSARC/2004/402 CPU Caps
6327235 PSARC/2004/402 CPU caps
6464161 Dead KSLICE code should be removed
6514387 FX class contains dead code to keep list of member threads
6518395 kstat_zone_add performs KM_SLEEP allocation when it should not
f4b3ec61df05330d25f55a36b975b4d7519fdeb1 20-Jan-2007 dh155122 <none@none> PSARC 2006/366 IP Instances
6289221 RFE: Need virtualized ip-stack for each local zone
6512601 panic in ipsec_in_tag - allocation failure
6514637 error message from dhcpagent: add_pkt_opt: option type 60 is missing required value
6364643 RFE: allow persistent setting of interface flags per zone
6307539 RFE: Invalid network address causes zone boot failure
5041214 Allow IPMP configuration with zones
5005887 RFE: zoneadmd should support plumbing an interface via DHCP
4991139 RFE: zones should provide a mechanism to configure a defaultrouter for a zone
6218378 zoneadmd doesn't set the netmask for non-loopback addresses hosted on lo0
4963280 zones: need to virtualize the IPv6 default address selection mechanism
4963285 zones: need support of stateless address autoconfiguration for IPv6
5048068 zones don't boot if one of its interfaces has failed
5057154 RFE: ability to change interface status from within a zone
4963287 zones should support the plumbing of the first (and only) logical interface
4978517 TCP privileged port space should be partitioned per zone
5023347 zones don't work well with network routes other than default
4963372 investigate whether global zone can act as a router for local zones
6378364 RFE: Allow each zone to have its own virtual IPFilter
0209230bf1261579beab4f55226bb509e6b850cb 14-Dec-2006 gjelinek <none@none> PSARC 2006/496 Improved Zones/RM Integration
PSARC 2006/598 Swap resource control; locked memory RM improvements
PSARC 2006/660 rcapadm zone option
4754856 *prstat* prstat -atJTZ should count shared segments only once
4970603 RFE: should be able to persistently specify global zone's cpu shares
5026227 RFE: ability to rcap zones from global zone
5103071 RFE: local zones can run the global zone out of swap
6222025 RFE: simplify rctl syntax and improve cpu-shares/FSS interaction
6420985 rcapstat is broken on amd64
6421202 RFE: simplify and improve zones/pool integration
6442252 zonecfg's "unset" syntax is not documented and confusing
6490516 schedctl pages should not reserve swap
6490938 setproject can bind to the wrong pool
6498635 zone attach failure leaves zone in installed state
6500877 tmpfs syslogs incorrect path when non-global zone tmpfs mounts become full
9acbbeaf2a1ffe5c14b244867d427714fab43c5c 12-Sep-2006 nn35248 <none@none> PSARC/2005/471 BrandZ: Support for non-native zones
6374606 ::nm -D without an object may not work on processes in zones
6409350 BrandZ project integration into Solaris
6455289 pthread_setschedparam() should return EPERM rather than panic libc
6455591 setpriority(3C) gets errno wrong for deficient privileges failure
6458178 fifofs doesn't support lofs mounts of fifos
6460380 Attempted open() of a symlink with the O_NOFOLLOW flag set returns EINVAL, not ELOOP
6463857 renice(1) errors erroneously

rename : usr/src/lib/libzonecfg/zones/SUNWblank.xml => usr/src/lib/brand/native/zone/SUNWblank.xml
rename : usr/src/lib/libzonecfg/zones/SUNWdefault.xml => usr/src/lib/brand/native/zone/SUNWdefault.xml
3f2f09c1efd66f6d2995998ea72c5df8c70c9a97 22-Jun-2006 dp <none@none> PSARC/2006/269 Zone Boot Arguments II
4943812 init improperly respawning stuff during reboot
4994285 RFE: zones should support boot arguments
6315349 halt.c contains an uninitialized variable
6395642 missing global zone checks for menu updates in uadmin(2)
6415633 krtld calls printf(), goes boom
6421372 libc's lintlib doesn't include <sys/uadmin.h>
6433526 zoneadm should use statvfs64
ffbafc5382b8d46def826aec8c419ad31dff8ebd 19-Mar-2006 comay <none@none> PSARC 2006/124 Configurable Privileges for Zones
4966416 RFE: zone privileges should be configurable
5008923 zoneadm halt message is a little illogical when run from the target zone
5049028 Makefiles that hacked around libpool errors now need cleanup
6345758 zonecfg rctl help doesn't mention 'remove'
6397853 zone console doesn't report failures to boot
6399963 get_zone_pool() isn't consistent with its return values
fa9e4066f08beec538e775443c5be79dd423fcab 31-Oct-2005 ahrens <none@none> PSARC 2002/240 ZFS
6338653 Integrate ZFS
5096886 Write caching disks need mechanism to flush cache to physical media
087719fdb025870aa55ae7d42f46547e050208ec 16-Sep-2005 dp <none@none> PSARC 2005/485 Zone Rename
4963365 zonecfg is unhelpful if /etc/zones not present
4971371 zonecfg should be more paranoid when saving a zone for the first time
5022506 RFE: ability to rename zones
6231612 zonecfg messaging should be improved.
6305400 when zone metadata gets confused, removing configured zones can fail
6318536 zonecfg sometimes seen spinning during certain STC test cases
6321858 zonecfg tab completion could complete slightly more
7c478bd95313f5f23a4c958a745db2134aa03244 14-Jun-2005 stevel@tonic-gate <none@none> OpenSolaris Launch