From 3795613d1d4af8aa4ba965db8d81926be7731556 Mon Sep 17 00:00:00 2001 From: Brian Feldman Date: Mon, 19 Nov 2001 22:34:06 +0000 Subject: [PATCH] Import LOMAC preliminary release 2.0.0 in src/sys/security. These files may be modified and do not have to remain on the vendor branch. http://opensource.nailabs.com/lomac/index.html Sponsored by: DARPA, NAI Labs (CBOSS project) --- sys/contrib/lomac/kernel_pipe.h | 45 ---- sys/contrib/lomac/kernel_socket.h | 35 ---- sys/contrib/lomac/lomac.h | 193 ------------------ .../lomac/kernel_interface.c | 13 +- .../lomac/kernel_interface.h | 14 +- sys/{contrib => security}/lomac/kernel_lkm.c | 13 +- sys/{contrib => security}/lomac/kernel_log.c | 13 +- sys/{contrib => security}/lomac/kernel_log.h | 13 +- .../lomac/kernel_mediate.c | 13 +- .../lomac/kernel_mediate.h | 13 +- sys/{contrib => security}/lomac/kernel_mmap.c | 30 ++- .../lomac/kernel_monitor.c | 13 +- .../lomac/kernel_monitor.h | 13 +- sys/{contrib => security}/lomac/kernel_pipe.c | 62 +++--- sys/security/lomac/kernel_pipe.h | 44 ++++ sys/{contrib => security}/lomac/kernel_plm.c | 13 +- sys/{contrib => security}/lomac/kernel_plm.h | 14 +- .../lomac/kernel_socket.c | 56 +++-- sys/security/lomac/kernel_socket.h | 45 ++++ sys/{contrib => security}/lomac/kernel_util.c | 17 +- sys/{contrib => security}/lomac/kernel_util.h | 14 +- sys/security/lomac/lomac.h | 114 +++++++++++ sys/{contrib => security}/lomac/lomacfs.h | 13 +- .../lomac/lomacfs_subr.c | 13 +- .../lomac/lomacfs_vfsops.c | 13 +- .../lomac/lomacfs_vnops.c | 13 +- sys/{contrib => security}/lomac/lomacio.h | 14 +- sys/{contrib => security}/lomac/policy_plm.h | 13 +- .../lomac/syscall_gate.c | 13 +- .../lomac/syscall_gate.h | 13 +- 30 files changed, 521 insertions(+), 384 deletions(-) delete mode 100644 sys/contrib/lomac/kernel_pipe.h delete mode 100644 sys/contrib/lomac/kernel_socket.h delete mode 100644 sys/contrib/lomac/lomac.h rename sys/{contrib => security}/lomac/kernel_interface.c (96%) rename sys/{contrib => security}/lomac/kernel_interface.h (87%) rename sys/{contrib => security}/lomac/kernel_lkm.c (93%) rename sys/{contrib => security}/lomac/kernel_log.c (92%) rename sys/{contrib => security}/lomac/kernel_log.h (85%) rename sys/{contrib => security}/lomac/kernel_mediate.c (95%) rename sys/{contrib => security}/lomac/kernel_mediate.h (83%) rename sys/{contrib => security}/lomac/kernel_mmap.c (94%) rename sys/{contrib => security}/lomac/kernel_monitor.c (93%) rename sys/{contrib => security}/lomac/kernel_monitor.h (82%) rename sys/{contrib => security}/lomac/kernel_pipe.c (78%) create mode 100644 sys/security/lomac/kernel_pipe.h rename sys/{contrib => security}/lomac/kernel_plm.c (95%) rename sys/{contrib => security}/lomac/kernel_plm.h (76%) rename sys/{contrib => security}/lomac/kernel_socket.c (91%) create mode 100644 sys/security/lomac/kernel_socket.h rename sys/{contrib => security}/lomac/kernel_util.c (96%) rename sys/{contrib => security}/lomac/kernel_util.h (79%) create mode 100644 sys/security/lomac/lomac.h rename sys/{contrib => security}/lomac/lomacfs.h (89%) rename sys/{contrib => security}/lomac/lomacfs_subr.c (88%) rename sys/{contrib => security}/lomac/lomacfs_vfsops.c (92%) rename sys/{contrib => security}/lomac/lomacfs_vnops.c (98%) rename sys/{contrib => security}/lomac/lomacio.h (79%) rename sys/{contrib => security}/lomac/policy_plm.h (90%) rename sys/{contrib => security}/lomac/syscall_gate.c (87%) rename sys/{contrib => security}/lomac/syscall_gate.h (79%) diff --git a/sys/contrib/lomac/kernel_pipe.h b/sys/contrib/lomac/kernel_pipe.h deleted file mode 100644 index 5b566f652ed1..000000000000 --- a/sys/contrib/lomac/kernel_pipe.h +++ /dev/null @@ -1,45 +0,0 @@ -#ifndef _KERNEL_PIPE_H_ -#define _KERNEL_PIPE_H_ - -/****************************************************************** - * - * kernel_pipe.h - * - * LOMAC - Low Water-Mark Mandatory Access Control - * Copyright (c) 1999-2001 Networks Associates, Inc. All rights reserved. - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * Neither the name of NAI Labs, Inc. nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $Id: kernel_pipe.h,v 1.1 2001/09/20 21:29:21 tfraser Exp $ - * - * Public interface to kernel_pipe.c, the part of the LOMAC kernel - * interface that takes control of operations on unnamed pipes. - * - */ - -int lomac_initialize_pipes( void ); -int lomac_uninitialize_pipes( void ); - - -#endif /* _KERNEL_PIPE_H_ */ diff --git a/sys/contrib/lomac/kernel_socket.h b/sys/contrib/lomac/kernel_socket.h deleted file mode 100644 index 4da513f40b2e..000000000000 --- a/sys/contrib/lomac/kernel_socket.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * LOMAC - Low Water-Mark Mandatory Access Control - * Copyright (c) 2001 Networks Associates Technology, Inc. - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $Id: kernel_socket.h,v 1.1 2001/09/26 23:00:44 tfraser Exp $ - * - */ - -#ifndef _KERNEL_SOCKET_H_ -#define _KERNEL_SOCKET_H_ - -int lomac_initialize_sockets( void ); -int lomac_uninitialize_sockets( void ); - -#endif /* _KERNEL_SOCKET_H_ */ - diff --git a/sys/contrib/lomac/lomac.h b/sys/contrib/lomac/lomac.h deleted file mode 100644 index b16941ab9fcd..000000000000 --- a/sys/contrib/lomac/lomac.h +++ /dev/null @@ -1,193 +0,0 @@ -/*- - * Copyright (c) 2001 Networks Associates Technology, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id: lomacfs.h,v 1.20 2001/10/17 15:34:29 bfeldman Exp $ - */ - -#ifndef _LOMAC_H_ -#define _LOMAC_H_ - -/* - * This file defines the `lattr_t' type, which represents - * the architecture-independent notion of LOMAC attributes. - * - * Each architecture must associate LOMAC attributes with subjects and - * objects. This association can be implemented in an architecture- - * specific way. However, when it comes time to make a decision by - * comparing two LOMAC attributes, the architecture-specific code should - * construct two instances of the architecture-independent lattr_t type - * and compare them using the lomac_must_demote() and lomac_must_deny() - * functions. - * - * The following two examples demonstrate how architecture-specific code - * might do this construction and comparison: - * - * EXAMPLE USAGE: - * - * Example 1: subject x reads object y. - * (1) a = LOMAC attributes of subject x - * (2) b = LOMAC attributes of object y - * (3) demote_result = lomac_must_demote( a, b ); - * (4) IF demote_result THEN - * (5) IF subject x is running in "deny read instead of demote" mode THEN - * (6) RETURN read denied - * (7) ENDIF - * (8) IF subject x is not running in "never demote" mode THEN - * (9) demote subject x - * (10) ENDIF - * (11) ENDIF - * (12) perform read on object y - * - * - * Example 2: subject x writes object y. - * (50) a = LOMAC attributes of subject x - * (51) b = LOMAC attributes of object y - * (52) IF lomac_must_deny( a, b ) THEN - * (53) return write denied - * (54) ELSE - * (55) perform write operation on object y - * (56) ENDIF - * - * Lines 1, 2, 50, and 51 show the architecture-specific code - * constructing instances of lattr_t. - * - * Lines 5 and 8 ask "is the subject running in some mode?" (See note - * on modes, below.) The architecture-specific code must use these - * modes to determine when to call lomac_must_demote/deny() and when not - * to. - * - * Lines 6, 9, 53 and 55 show the architecture-specific code - * taking different actions depending on the results of calls to - * lomac_must_demote/deny(). The architecture-specific code is responsible - * for calling lomac_must_demote/deny() in the proper places, and carrying - * out the appropriate demotions and denials depending on the result. - * - * - * A NOTE ON LEVELS: - * - * LOMAC presently supports only two levels: 1 and 2. Future versions - * of LOMAC may support more levels. Architecture-specific code may - * assume that the LOWEST and HIGHEST constants defined below will - * always refer to the lowest and highest levels in the range. They - * may also provide support for only two levels for the time being. - * However, architecture-specific code should try to minimize any other - * assumptions about levels, in order to make it easier to increase - * the level range in the future. - * - * - * A NOTE ON CATEGORIES: - * - * The lattr_t structure's `flags' field is intended to be a bitfield - * which architecture-specific code can use to implement categories. - * The lomac_must_deny() function interprets the bits in the flags field - * as categories. A clear flags field means no categories. - * - * A NOTE ON MODES: - * - * LOMAC allows subjects to run in many modes, such as "never demote" - * or "no demote on IPC reads". Support for these modes is entirely - * the responsibility of the architecture-specific code, because the - * architecture-independent code doesn't know about operations like - * "read" or "read on an IPC object". - * - *************************************************************************/ - -typedef enum { - LOMAC_LOWEST_LEVEL = 1, - LOMAC_HIGHEST_LEVEL = 2 -} level_t; - - -typedef struct { - level_t level; /* level (an integer range) */ - unsigned int flags; /* category flags */ -} lattr_t; /* lomac attribute structure type */ - - -/* lomac_must_demote() - * - * in: actor - attributes of a subject that has or will perform an - * operation that may require LOMAC to demote it. - * target - attributes of the object that is or was the operand. - * out: nothing - * return: value condition - * ----- --------- - * 0 LOMAC should not demote the subject - * 1 LOMAC should demote the subject - * - * This function is a predicate which decides whether or not LOMAC should - * demote the subject with attributes `actor' after it performs an operation - * (probably some kind of a read operation) on the object with attributes - * `target'. - * - */ - -static __inline int lomac_must_demote( const lattr_t *actor, - const lattr_t *target ) { - return( ( actor->level > target->level ) ); -} - - -/* lomac_must_deny() - * - * in: actor - attributes of a subject that wants to perform some - * operation that requires LOMAC to make an allow/deny - * decision. - * target - attributes of the subject or object the above subject - * will operate upon. - * out: nothing - * return: value condition - * ----- --------- - * 0 LOMAC should allow the operation - * 1 LOMAC should deny the operation - * - * This function is a predicate which decides whether or not LOMAC should - * allow the subject with attributes `actor' to perform some operation - * (probably some kind of write or kill operation) on the subject or object - * with attributes `target'. - * - * The flags are two words: the low word is to be used for categories, - * and the high word is meant to hold implementation-dependent flags that - * are not category-related. - * - */ - -static __inline int lomac_must_deny( const lattr_t *actor, - const lattr_t *target ) { - - if( actor->level >= target->level ) { - return 0; /* allow */ - } - if( target->flags & 0xffff ) { - if( ( actor->flags & target->flags & 0xffff ) == - ( target->flags & 0xffff ) ) { - return 0; /* allow */ - } - } - - return 1; /* deny */ -} - -#endif /* lomac.h */ diff --git a/sys/contrib/lomac/kernel_interface.c b/sys/security/lomac/kernel_interface.c similarity index 96% rename from sys/contrib/lomac/kernel_interface.c rename to sys/security/lomac/kernel_interface.c index a825f3af251c..d617523bc0af 100644 --- a/sys/contrib/lomac/kernel_interface.c +++ b/sys/security/lomac/kernel_interface.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_interface.c,v 1.25 2001/10/25 21:21:59 tfraser Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/kernel_interface.h b/sys/security/lomac/kernel_interface.h similarity index 87% rename from sys/contrib/lomac/kernel_interface.h rename to sys/security/lomac/kernel_interface.h index 751bc59912df..f9db05eaec76 100644 --- a/sys/contrib/lomac/kernel_interface.h +++ b/sys/security/lomac/kernel_interface.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,8 +31,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_interface.h,v 1.21 2001/10/15 17:58:32 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ + #ifndef KERNEL_INTERFACE_H #define KERNEL_INTERFACE_H diff --git a/sys/contrib/lomac/kernel_lkm.c b/sys/security/lomac/kernel_lkm.c similarity index 93% rename from sys/contrib/lomac/kernel_lkm.c rename to sys/security/lomac/kernel_lkm.c index 15addcd61a53..3da6816ca4f7 100644 --- a/sys/contrib/lomac/kernel_lkm.c +++ b/sys/security/lomac/kernel_lkm.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_lkm.c,v 1.26 2001/11/14 16:30:17 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/kernel_log.c b/sys/security/lomac/kernel_log.c similarity index 92% rename from sys/contrib/lomac/kernel_log.c rename to sys/security/lomac/kernel_log.c index 59a7d7cd1cf7..a43e70c8f2a2 100644 --- a/sys/contrib/lomac/kernel_log.c +++ b/sys/security/lomac/kernel_log.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_log.c,v 1.12 2001/10/17 15:19:26 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/kernel_log.h b/sys/security/lomac/kernel_log.h similarity index 85% rename from sys/contrib/lomac/kernel_log.h rename to sys/security/lomac/kernel_log.h index 66cf562e47d3..c88c12484f96 100644 --- a/sys/contrib/lomac/kernel_log.h +++ b/sys/security/lomac/kernel_log.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_log.h,v 1.5 2001/09/20 21:29:21 tfraser Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef _KERNEL_LOG_H_ diff --git a/sys/contrib/lomac/kernel_mediate.c b/sys/security/lomac/kernel_mediate.c similarity index 95% rename from sys/contrib/lomac/kernel_mediate.c rename to sys/security/lomac/kernel_mediate.c index c28ce002e259..472dea6c258d 100644 --- a/sys/contrib/lomac/kernel_mediate.c +++ b/sys/security/lomac/kernel_mediate.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_mediate.c,v 1.9 2001/10/17 15:19:40 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ /* diff --git a/sys/contrib/lomac/kernel_mediate.h b/sys/security/lomac/kernel_mediate.h similarity index 83% rename from sys/contrib/lomac/kernel_mediate.h rename to sys/security/lomac/kernel_mediate.h index 2721292d6803..23c24e2a1add 100644 --- a/sys/contrib/lomac/kernel_mediate.h +++ b/sys/security/lomac/kernel_mediate.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_mediate.h,v 1.5 2001/09/26 21:18:00 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef _KERNEL_MEDIATE_H_ diff --git a/sys/contrib/lomac/kernel_mmap.c b/sys/security/lomac/kernel_mmap.c similarity index 94% rename from sys/contrib/lomac/kernel_mmap.c rename to sys/security/lomac/kernel_mmap.c index c0217fb30895..cc91383e4bf5 100644 --- a/sys/contrib/lomac/kernel_mmap.c +++ b/sys/security/lomac/kernel_mmap.c @@ -1,12 +1,13 @@ -/* - * Copyright (c) 2001 Networks Associates Technology, Inc. +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. * Copyright (c) 1988 University of Utah. * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * - * This code is derived from software contributed to Berkeley by - * the Systems Programming Group of the University of Utah Computer - * Science Department. + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -16,18 +17,14 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) @@ -36,11 +33,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * from: Utah $Hdr: vm_mmap.c 1.6 91/10/21$ - * * @(#)vm_mmap.c 8.4 (Berkeley) 1/12/94 * $FreeBSD$ - * $Id: kernel_mmap.c,v 1.12 2001/10/17 15:34:29 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/kernel_monitor.c b/sys/security/lomac/kernel_monitor.c similarity index 93% rename from sys/contrib/lomac/kernel_monitor.c rename to sys/security/lomac/kernel_monitor.c index 199b8a08ef39..3568680a6720 100644 --- a/sys/contrib/lomac/kernel_monitor.c +++ b/sys/security/lomac/kernel_monitor.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_monitor.c,v 1.12 2001/10/16 15:25:02 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ /* diff --git a/sys/contrib/lomac/kernel_monitor.h b/sys/security/lomac/kernel_monitor.h similarity index 82% rename from sys/contrib/lomac/kernel_monitor.h rename to sys/security/lomac/kernel_monitor.h index e2bab4725161..a429465ce150 100644 --- a/sys/contrib/lomac/kernel_monitor.h +++ b/sys/security/lomac/kernel_monitor.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_monitor.h,v 1.5 2001/09/26 23:00:44 tfraser Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef _LOMAC_MONITOR_H_ diff --git a/sys/contrib/lomac/kernel_pipe.c b/sys/security/lomac/kernel_pipe.c similarity index 78% rename from sys/contrib/lomac/kernel_pipe.c rename to sys/security/lomac/kernel_pipe.c index c85b0cabc4a1..4df9f086b127 100644 --- a/sys/contrib/lomac/kernel_pipe.c +++ b/sys/security/lomac/kernel_pipe.c @@ -1,35 +1,41 @@ -/************************************************************************* +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. + * All rights reserved. * - * kernel_pipe.c - * - * LOMAC - Low Water-Mark Mandatory Access Control - * Copyright (c) 1999-2001 Networks Associates, Inc. All rights reserved. - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * Neither the name of NAI Labs, Inc. nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * + * $Id$ + * $FreeBSD$ + */ + +/* * This file contains part of LOMAC's interface to the kernel. This * part allows LOMAC to monitor (unnamed) pipe read and write * operations by interposing control on the kernel's pipeops vector. diff --git a/sys/security/lomac/kernel_pipe.h b/sys/security/lomac/kernel_pipe.h new file mode 100644 index 000000000000..de1d01ca95db --- /dev/null +++ b/sys/security/lomac/kernel_pipe.h @@ -0,0 +1,44 @@ +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id$ + * $FreeBSD$ + */ + +#ifndef _KERNEL_PIPE_H_ +#define _KERNEL_PIPE_H_ + +int lomac_initialize_pipes( void ); +int lomac_uninitialize_pipes( void ); + +#endif /* _KERNEL_PIPE_H_ */ diff --git a/sys/contrib/lomac/kernel_plm.c b/sys/security/lomac/kernel_plm.c similarity index 95% rename from sys/contrib/lomac/kernel_plm.c rename to sys/security/lomac/kernel_plm.c index 38777c3ee533..138670444a7e 100644 --- a/sys/contrib/lomac/kernel_plm.c +++ b/sys/security/lomac/kernel_plm.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_plm.c,v 1.9 2001/10/17 15:20:09 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/kernel_plm.h b/sys/security/lomac/kernel_plm.h similarity index 76% rename from sys/contrib/lomac/kernel_plm.h rename to sys/security/lomac/kernel_plm.h index 16db2dd57023..8676d06a0cf7 100644 --- a/sys/contrib/lomac/kernel_plm.h +++ b/sys/security/lomac/kernel_plm.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,8 +31,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_plm.h,v 1.4 2001/09/20 17:47:46 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ + #ifndef KERNEL_PLM_H #define KERNEL_PLM_H diff --git a/sys/contrib/lomac/kernel_socket.c b/sys/security/lomac/kernel_socket.c similarity index 91% rename from sys/contrib/lomac/kernel_socket.c rename to sys/security/lomac/kernel_socket.c index ebaf15deefdf..7cf666961048 100644 --- a/sys/contrib/lomac/kernel_socket.c +++ b/sys/security/lomac/kernel_socket.c @@ -1,30 +1,42 @@ -/* - * LOMAC - Low Water-Mark Mandatory Access Control - * Copyright (c) 2001 Networks Associates Technology, Inc. +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. * Copyright (c) 1982, 1986, 1989, 1991, 1993 * The Regents of the University of California. All rights reserved. * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. * - * $Id: kernel_socket.c,v 1.9 2001/11/05 20:57:41 tfraser Exp $ + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id$ + * $FreeBSD$ + */ + +/* * This file implements LOMAC controls over socket operations. LOMAC * gains control of socket operations by interposing on the `struct * pr_usrreqs' operations vectors of each `struct protosw'. This code diff --git a/sys/security/lomac/kernel_socket.h b/sys/security/lomac/kernel_socket.h new file mode 100644 index 000000000000..4343c19b6f43 --- /dev/null +++ b/sys/security/lomac/kernel_socket.h @@ -0,0 +1,45 @@ +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id$ + * $FreeBSD$ + */ + +#ifndef _KERNEL_SOCKET_H_ +#define _KERNEL_SOCKET_H_ + +int lomac_initialize_sockets( void ); +int lomac_uninitialize_sockets( void ); + +#endif /* _KERNEL_SOCKET_H_ */ + diff --git a/sys/contrib/lomac/kernel_util.c b/sys/security/lomac/kernel_util.c similarity index 96% rename from sys/contrib/lomac/kernel_util.c rename to sys/security/lomac/kernel_util.c index 3a46070e66ab..b80bdfde2bbf 100644 --- a/sys/contrib/lomac/kernel_util.c +++ b/sys/security/lomac/kernel_util.c @@ -1,9 +1,14 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. - * All rights reserved. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * Copyright (c) 1982, 1986, 1989, 1991, 1993 * The Regents of the University of California. All rights reserved. * (c) UNIX System Laboratories, Inc. + + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph * Co. or Unix System Laboratories, Inc. and are reproduced herein with @@ -17,6 +22,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -30,7 +38,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_util.c,v 1.22 2001/11/15 20:51:13 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include @@ -61,7 +70,7 @@ #include "kernel_monitor.h" #include "lomacfs.h" -#include "syscall_gate/syscall_gate.h" +#include "syscall_gate.h" #define AS(name) (sizeof(struct name) / sizeof(register_t)) diff --git a/sys/contrib/lomac/kernel_util.h b/sys/security/lomac/kernel_util.h similarity index 79% rename from sys/contrib/lomac/kernel_util.h rename to sys/security/lomac/kernel_util.h index 46a9ec9585c7..f3480ed5d911 100644 --- a/sys/contrib/lomac/kernel_util.h +++ b/sys/security/lomac/kernel_util.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,8 +31,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kernel_util.h,v 1.4 2001/11/14 16:30:17 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ + #ifndef KERNEL_UTIL_H #define KERNEL_UTIL_H diff --git a/sys/security/lomac/lomac.h b/sys/security/lomac/lomac.h new file mode 100644 index 000000000000..b891fb1bf850 --- /dev/null +++ b/sys/security/lomac/lomac.h @@ -0,0 +1,114 @@ +/*- + * Copyright (c) 2001 Networks Associates Technologies, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef LOMAC_H_ +#define LOMAC_H_ + +typedef enum { + LOMAC_LOWEST_LEVEL = 1, + LOMAC_HIGHEST_LEVEL = 2 +} level_t; + + +typedef struct { + level_t level; /* level (an integer range) */ + unsigned int flags; /* category flags */ +} lattr_t; /* lomac attribute structure type */ + + +/* lomac_must_demote() + * + * in: actor - attributes of a subject that has or will perform an + * operation that may require LOMAC to demote it. + * target - attributes of the object that is or was the operand. + * out: nothing + * return: value condition + * ----- --------- + * 0 LOMAC should not demote the subject + * 1 LOMAC should demote the subject + * + * This function is a predicate which decides whether or not LOMAC should + * demote the subject with attributes `actor' after it performs an operation + * (probably some kind of a read operation) on the object with attributes + * `target'. + * + */ + +static __inline int +lomac_must_demote(const lattr_t *actor, const lattr_t *target) { + return (actor->level > target->level); +} + + +/* lomac_must_deny() + * + * in: actor - attributes of a subject that wants to perform some + * operation that requires LOMAC to make an allow/deny + * decision. + * target - attributes of the subject or object the above subject + * will operate upon. + * out: nothing + * return: value condition + * ----- --------- + * 0 LOMAC should allow the operation + * 1 LOMAC should deny the operation + * + * This function is a predicate which decides whether or not LOMAC should + * allow the subject with attributes `actor' to perform some operation + * (probably some kind of write or kill operation) on the subject or object + * with attributes `target'. + * + * The flags are two words: the low word is to be used for categories, + * and the high word is meant to hold implementation-dependent flags that + * are not category-related. + * + */ + +static __inline int +lomac_must_deny(const lattr_t *actor, const lattr_t *target) { + + if (actor->level >= target->level) + return 0; /* allow */ + if (target->flags & 0xffff) { + if ((actor->flags & target->flags & 0xffff) == + (target->flags & 0xffff)) { + return 0; /* allow */ + } + } + return 1; /* deny */ +} + +#endif /* LOMAC_H */ diff --git a/sys/contrib/lomac/lomacfs.h b/sys/security/lomac/lomacfs.h similarity index 89% rename from sys/contrib/lomac/lomacfs.h rename to sys/security/lomac/lomacfs.h index 621761a78ffe..b14414685b74 100644 --- a/sys/contrib/lomac/lomacfs.h +++ b/sys/security/lomac/lomacfs.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: lomacfs.h,v 1.20 2001/10/17 15:34:29 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef LOMACFS_H diff --git a/sys/contrib/lomac/lomacfs_subr.c b/sys/security/lomac/lomacfs_subr.c similarity index 88% rename from sys/contrib/lomac/lomacfs_subr.c rename to sys/security/lomac/lomacfs_subr.c index b58abc188219..fd7df03049f0 100644 --- a/sys/contrib/lomac/lomacfs_subr.c +++ b/sys/security/lomac/lomacfs_subr.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: lomacfs_subr.c,v 1.24 2001/11/05 20:57:41 tfraser Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/lomacfs_vfsops.c b/sys/security/lomac/lomacfs_vfsops.c similarity index 92% rename from sys/contrib/lomac/lomacfs_vfsops.c rename to sys/security/lomac/lomacfs_vfsops.c index 381ad2e9ca97..c7ee93afc5b5 100644 --- a/sys/contrib/lomac/lomacfs_vfsops.c +++ b/sys/security/lomac/lomacfs_vfsops.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: lomacfs_vfsops.c,v 1.16 2001/10/17 19:36:39 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/lomacfs_vnops.c b/sys/security/lomac/lomacfs_vnops.c similarity index 98% rename from sys/contrib/lomac/lomacfs_vnops.c rename to sys/security/lomac/lomacfs_vnops.c index 35c0c84f32bb..4a2e3c10cc3e 100644 --- a/sys/contrib/lomac/lomacfs_vnops.c +++ b/sys/security/lomac/lomacfs_vnops.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: lomacfs_vnops.c,v 1.44 2001/11/15 20:52:54 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/lomacio.h b/sys/security/lomac/lomacio.h similarity index 79% rename from sys/contrib/lomac/lomacio.h rename to sys/security/lomac/lomacio.h index d8ddc25cb6f5..33328e990b77 100644 --- a/sys/contrib/lomac/lomacio.h +++ b/sys/security/lomac/lomacio.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,8 +31,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: lomacio.h,v 1.4 2001/09/26 21:18:00 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ + #ifndef LOMACIO_H #define LOMACIO_H diff --git a/sys/contrib/lomac/policy_plm.h b/sys/security/lomac/policy_plm.h similarity index 90% rename from sys/contrib/lomac/policy_plm.h rename to sys/security/lomac/policy_plm.h index abbd0ad26be0..533d4c3f03a6 100644 --- a/sys/contrib/lomac/policy_plm.h +++ b/sys/security/lomac/policy_plm.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: policy_plm.h,v 1.20 2001/11/15 20:55:05 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef LOMAC_PLM_H diff --git a/sys/contrib/lomac/syscall_gate.c b/sys/security/lomac/syscall_gate.c similarity index 87% rename from sys/contrib/lomac/syscall_gate.c rename to sys/security/lomac/syscall_gate.c index d9792637485e..56817fc86446 100644 --- a/sys/contrib/lomac/syscall_gate.c +++ b/sys/security/lomac/syscall_gate.c @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: syscall_gate.c,v 1.4 2001/11/05 21:23:12 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #include diff --git a/sys/contrib/lomac/syscall_gate.h b/sys/security/lomac/syscall_gate.h similarity index 79% rename from sys/contrib/lomac/syscall_gate.h rename to sys/security/lomac/syscall_gate.h index c6df862dd2b4..9546bea5c90f 100644 --- a/sys/contrib/lomac/syscall_gate.h +++ b/sys/security/lomac/syscall_gate.h @@ -1,7 +1,12 @@ /*- - * Copyright (c) 2001 Networks Associates Technology, Inc. + * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. * + * This software was developed for the FreeBSD Project by NAI Labs, the + * Security Research Division of Network Associates, Inc. under + * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA + * CHATS research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -10,6 +15,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -23,7 +31,8 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: syscall_gate.h,v 1.2 2001/09/20 17:47:46 bfeldman Exp $ + * $Id$ + * $FreeBSD$ */ #ifndef SYSCALL_GATE_H