d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4a58340e98
freebsd-dev/sys
History
Robert Watson 4a58340e98 Introduce support for Mandatory Access Control and extensible 
kernel access control

Invoke appropriate MAC framework entry points to authorize a number
of vnode operations, including read, write, stat, poll.  This permits
MAC policies to revoke access to files following label changes,
and to limit information spread about the file to user processes.

Note: currently the file cached credential is used for some of
these authorization check.  We will need to expand some of the
MAC entry point APIs to permit multiple creds to be passed to
the access control check to allow diverse policy behavior.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 17:23:22 +00:00
..
alpha Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
amd64 Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
arm Create a new header <machine/_stdint.h> for storing MD parts of 2002-07-29 17:41:23 +00:00
boot Stash various networking paramters in the environment for the kernel 2002-07-31 20:17:06 +00:00
cam Correct spelling of 'supplied'. 2002-06-19 20:44:48 +00:00
coda More s/file system/filesystem/g 2002-05-16 21:28:32 +00:00
compat Regenerate 2002-07-20 02:56:34 +00:00
conf Remove duplicate 'modules-tags' rule 2002-08-01 03:13:10 +00:00
contrib Resolve conflicts arising from the ACPI CA 20020725 import. 2002-07-30 19:35:32 +00:00
crypto Fix some really pedantic GCC warnings. 2002-07-15 13:45:15 +00:00
ddb Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
dev Don't set the IFF_PROMISC bit when in hostap mode like the previous 2002-08-01 07:37:52 +00:00
fs Introduce support for Mandatory Access Control and extensible 2002-08-01 02:03:21 +00:00
geom Don't use the static thread.. it is going away. 2002-06-29 07:47:20 +00:00
gnu Use hashdestroy() now that it exists. 2002-06-30 03:01:44 +00:00
i4b Remote pci.h/NPCI usage from i4b code. 2002-06-13 06:04:28 +00:00
i386 Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
ia64 Resolve conflicts arising from the ACPI CA 20020725 import. 2002-07-30 19:35:32 +00:00
isa Clock frequencies reported by sysctl should be unsigned values. Discovered 2002-06-22 16:30:18 +00:00
isofs/cd9660 Quick fix for non-unique inode numbers for hard links. We use the 2002-05-22 08:50:18 +00:00
kern Introduce support for Mandatory Access Control and extensible 2002-08-01 17:23:22 +00:00
libkern Convert GNU variadic macros to the ISO 9X variety. 2002-07-15 13:34:50 +00:00
modules Introduce support for Mandatory Access Control and extensible 2002-08-01 02:03:21 +00:00
net Introduce support for Mandatory Access Control and extensible 2002-07-31 16:23:42 +00:00
netatalk Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
netatm - Remove UM_* user land memory macros since they are no longer used. 2002-06-24 22:31:17 +00:00
netgraph NUL terminate the ACNAME passed to userland. 2002-06-22 21:00:53 +00:00
netinet Document the undocumented assumption that at least one of the PCB 2002-08-01 03:54:43 +00:00
netinet6 correct comment for setsockopt arg size. 2002-07-25 20:40:09 +00:00
netipx Make spxnames a const char * to quieten some warnings in netstat. 2002-07-27 23:15:08 +00:00
netkey - fixed the order of searching SA table for packets. 2002-07-10 16:39:38 +00:00
netnatm Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
netncp Wire the sysctl output buffer before grabbing any locks to prevent 2002-07-28 19:59:31 +00:00
netns Fix bug which has been there since rev 1.1 where && was used instead of &. 2002-06-09 03:57:34 +00:00
netsmb Wire the sysctl output buffer before grabbing any locks to prevent 2002-07-28 19:59:31 +00:00
nfs
nfsclient o Lock page queue accesses in nfs_getpages(). 2002-07-21 20:01:32 +00:00
nfsserver Oops, another unused arg to nfssvc_nfsd(). *blush* 2002-07-24 23:10:34 +00:00
pc98 Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
pccard Add 16-bit before bus to keep the words card and bus apart. 2002-07-31 20:01:11 +00:00
pci Make sure to set both sets of registers which control the RX and TX buffer 2002-07-31 19:58:36 +00:00
posix4 Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
powerpc Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
rpc
security Introduce support for Mandatory Access Control and extensible 2002-07-31 18:07:45 +00:00
sparc64 Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
sys Add pathconf/fpathconf entries from POSIX.1e indicating support for 2002-07-31 15:54:03 +00:00
tools - Add automatic post vop debug checks. These work in both the success and 2002-07-30 08:52:00 +00:00
ufs Introduce support for Mandatory Access Control and extensible 2002-07-31 16:05:30 +00:00
vm o Setting PG_MAPPED and PG_WRITEABLE on pages that are mapped and unmapped 2002-07-31 18:46:47 +00:00
Makefile