d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5591b2131a
freebsd-dev/sys/kern
History
Robert Watson f51e58036e Redesign the externalization APIs from the MAC Framework to 
the MAC policy modules to improve robustness against C string
bugs and vulnerabilities.  Following these revisions, all
string construction of labels for export to userspace (or
elsewhere) is performed using the sbuf API, which prevents
the consumer from having to perform laborious and intricate
pointer and buffer checks.  This substantially simplifies
the externalization logic, both at the MAC Framework level,
and in individual policies; this becomes especially useful
when policies export more complex label data, such as with
compartments in Biba and MLS.

Bundled in here are some other minor fixes associated with
externalization: including avoiding malloc while holding the
process mutex in mac_lomac, and hence avoid a failure mode
when printing labels during a downgrade operation due to
the removal of the M_NOWAIT case.

This has been running in the MAC development tree for about
three weeks without problems.

Obtained from:	TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
2003-06-23 01:26:34 +00:00
..
bus_if.m Give print_child a default method. 2003-03-25 04:32:52 +00:00
clock_if.m Add a generic implementation of inittodr() and resettodr(), as well as 2002-04-04 23:39:10 +00:00
device_if.m
genassym.sh Allow one to specify the AWK used in the environment(commandline). 2002-02-11 03:54:30 +00:00
imgact_aout.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_elf32.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_elf64.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_elf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_gzip.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_shell.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
inflate.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
init_main.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
init_sysent.c Regen from syscalls.master:1.149, addition of extended attribute 2003-06-04 03:50:20 +00:00
kern_acct.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_acl.c Add a f_vnode field to struct file. 2003-06-22 08:41:43 +00:00
kern_alq.c Add an explicit credential argument to alq_open() to allow the caller to 2003-06-22 22:28:56 +00:00
kern_clock.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_condvar.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_conf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_context.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_descrip.c Add a f_vnode field to struct file. 2003-06-22 08:41:43 +00:00
kern_environment.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_event.c Initialize struct fileops with C99 sparse initialization. 2003-06-18 18:16:40 +00:00
kern_exec.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_exit.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_fork.c Add a ratelimited message of the form 2003-06-19 05:57:25 +00:00
kern_idle.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_intr.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_jail.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_kse.c cpu_set_upcall_kse needs to access userspace, release schedule lock 2003-06-20 09:12:12 +00:00
kern_kthread.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_ktr.c Add an explicit credential argument to alq_open() to allow the caller to 2003-06-22 22:28:56 +00:00
kern_ktrace.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_linker.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_lock.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_lockf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_mac.c Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
kern_malloc.c Don't overflow when calculating vm_kmem_size. This fixes kmem_map 2003-06-11 05:18:59 +00:00
kern_mib.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_module.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_mtxpool.c Style(9). 2003-06-13 19:39:21 +00:00
kern_mutex.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_ntptime.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_physio.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_poll.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_proc.c Drop the proc lock around SYSCTL_OUT in the no-threads case. 2003-06-17 19:14:00 +00:00
kern_prot.c Various cr*() calls believed to be MPSAFE, since the uidinfo 2003-06-15 15:57:42 +00:00
kern_resource.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_sema.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_shutdown.c Don't overwrite the static panicstr buffer for secondary and further 2003-06-15 11:43:00 +00:00
kern_sig.c When a STOP signal is being sent to a process, it is possible all 2003-06-20 03:36:45 +00:00
kern_subr.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_switch.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_sx.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_synch.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_syscalls.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_sysctl.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_tc.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_thr.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_thread.c cpu_set_upcall_kse needs to access userspace, release schedule lock 2003-06-20 09:12:12 +00:00
kern_time.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_timeout.c Don't put callout_lock under #ifdef DIAGNOSTIC despite the fact that it 2003-06-20 08:39:04 +00:00
kern_umtx.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_uuid.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_xxx.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
ksched.c Use __FBSDID(). 2003-06-11 06:34:30 +00:00
link_elf_obj.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
link_elf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
linker_if.m Add the sysctl "kern.function_list", which currently exports all 2001-10-30 15:21:45 +00:00
Make.tags.inc Finish driving a stake through the heart of netns and the associated 2003-03-05 19:24:24 +00:00
Makefile Finish driving a stake through the heart of netns and the associated 2003-03-05 19:24:24 +00:00
makesyscalls.sh - Include umtx.h in files generated by makesyscalls.sh 2003-04-01 01:12:24 +00:00
md4c.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
md5c.c Use le32dec() instead of le32toh() because we are not guaranteed to have 2003-05-05 07:22:35 +00:00
p1003_1b.c Use __FBSDID(). 2003-06-11 06:34:30 +00:00
posix4_mib.c Use __FBSDID(). 2003-06-11 06:34:30 +00:00
sched_4bsd.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
sched_ule.c - lticks was erroneously being updated in sched_pctcpu(). This was causing 2003-06-21 02:31:49 +00:00
subr_acl_posix1e.c Add a f_vnode field to struct file. 2003-06-22 08:41:43 +00:00
subr_autoconf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_blist.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_bus.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_clist.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_clock.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_devstat.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_disk.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_eventhandler.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_hints.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_kobj.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_log.c Replace the code for reading and writing the kernel message buffer 2003-06-22 02:18:31 +00:00
subr_mbuf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_mchain.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_module.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_msgbuf.c Replace the code for reading and writing the kernel message buffer 2003-06-22 02:18:31 +00:00
subr_param.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_pcpu.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_power.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_prf.c When DDB is active, always send printf() output directly to the 2003-06-22 03:20:24 +00:00
subr_prof.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_rman.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_rtc.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_sbuf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_scanf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_smp.c Document some sysctl variables. 2003-06-12 19:46:51 +00:00
subr_taskqueue.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_trap.c 1. Add code to support bound thread. when blocked, a bound thread never 2003-06-15 12:51:26 +00:00
subr_turnstile.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_witness.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_xxx.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sys_generic.c Introduce a new flag on a file descriptor: DFLAG_SEEKABLE and use that 2003-06-18 19:53:59 +00:00
sys_pipe.c Initialize struct fileops with C99 sparse initialization. 2003-06-18 18:16:40 +00:00
sys_process.c Add vm object locking. 2003-06-11 06:43:48 +00:00
sys_socket.c Initialize struct fileops with C99 sparse initialization. 2003-06-18 18:16:40 +00:00
syscalls.c Regen from syscalls.master:1.149, addition of extended attribute 2003-06-04 03:50:20 +00:00
syscalls.master Add system calls to explicitly list extended attributes on a 2003-06-04 03:49:31 +00:00
sysv_ipc.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sysv_msg.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sysv_sem.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sysv_shm.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_compat.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_conf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_cons.c Use a new message buffer `consmsgbuf' to forward messages to a 2003-06-22 02:54:33 +00:00
tty_pty.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_subr.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_tty.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty.c Use a new message buffer `consmsgbuf' to forward messages to a 2003-06-22 02:54:33 +00:00
uipc_accf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_cow.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_domain.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_jumbo.c Lock the vm object when removing a page. 2003-06-11 21:23:04 +00:00
uipc_mbuf2.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_mbuf.c Hide the m_defrag* statistics under MBUF_STRESS_TEST, there seems 2003-06-17 02:34:40 +00:00
uipc_proto.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_sem.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_sockbuf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_socket2.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_socket.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_syscalls.c VOP_GETVOBJECT() wants to be called with the vnode lock held. 2003-06-19 03:55:01 +00:00
uipc_usrreq.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_acl.c Add a f_vnode field to struct file. 2003-06-22 08:41:43 +00:00
vfs_aio.c Add a f_vnode field to struct file. 2003-06-22 08:41:43 +00:00
vfs_bio.c Initialize b_saveaddr when we hand out buffers 2003-06-20 08:26:38 +00:00
vfs_cache.c Make the VFS cache use zones instead of malloc(9). This results in a 2003-06-13 08:46:13 +00:00
vfs_cluster.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_default.c I have not had any reports of trouble for a long time, so remove the 2003-06-15 19:49:14 +00:00
vfs_export.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_extattr.c Prefer the vop_rmextattr() vnode operation for removing extended 2003-06-22 23:03:07 +00:00
vfs_init.c Initialize struct vfsops C99-sparsely. 2003-06-12 20:48:38 +00:00
vfs_lookup.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_mount.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_subr.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_syscalls.c Prefer the vop_rmextattr() vnode operation for removing extended 2003-06-22 23:03:07 +00:00
vfs_vnops.c Prefer the vop_rmextattr() vnode operation for removing extended 2003-06-22 23:03:07 +00:00
vnode_if.src Expose vop_rmextattr as an explicit operation at the vnode operation 2003-06-22 22:45:24 +00:00