d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
670cb89bf4
freebsd-dev/sys
History
Robert Watson 670cb89bf4 Bring in two sets of changes: 
(1) Permit userland applications to request a change of label atomic
    with an execve() via mac_execve().  This is required for the
    SEBSD port of SELinux/FLASK.  Attempts to invoke this without
    MAC compiled in result in ENOSYS, as with all other MAC system
    calls.  Complexity, if desired, is present in policy modules,
    rather than the framework.

(2) Permit policies to have access to both the label of the vnode
    being executed as well as the interpreter if it's a shell
    script or related UNIX nonsense.  Because we can't hold both
    vnode locks at the same time, cache the interpreter label.
    SEBSD relies on this because it supports secure transitioning
    via shell script executables.  Other policies might want to
    take both labels into account during an integrity or
    confidentiality decision at execve()-time.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-05 17:51:56 +00:00
..
alpha - Enable the use of UMA_MD_PAGE_ALLOC on alpha. 2002-11-01 03:34:51 +00:00
amd64 Fix typo. ioport_rid should be irq_rid. 2002-11-05 04:03:42 +00:00
arm Add standards visibility conditionals. Change any uses of sigset_t to 2002-10-13 00:31:46 +00:00
boot Correctly recognize both bogus and genuine BSD disklabels. 2002-11-03 21:47:55 +00:00
cam * Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec. 2002-10-18 22:03:39 +00:00
coda Back our kernel support for reliable signal queues. 2002-10-01 17:15:53 +00:00
compat Bring in two sets of changes: 2002-11-05 17:51:56 +00:00
conf Grab 181 for HP/Compaq ProLiant advanced server management driver 2002-11-05 16:12:31 +00:00
contrib Replace aux mbufs with packet tags: 2002-10-16 01:54:46 +00:00
crypto Make this compilable from userland as well. 2002-11-01 08:56:39 +00:00
ddb - Rename the DDB specific %z printf format to %y. 2002-10-25 19:41:32 +00:00
dev Remove undefined variable. 2002-11-05 10:56:14 +00:00
fs Add debug.doslowdown to enable/disable niced slowdown on I/O. Default 2002-11-04 07:29:20 +00:00
geom Polish a bit here and there. 2002-11-04 09:31:02 +00:00
gnu MFufs 1.33: 2002-10-18 21:41:41 +00:00
i4b Don't include the depricated "bpf.h" and always compile in bpf support 2002-10-21 05:05:43 +00:00
i386 - Convert to newbus, bus_space etc. 2002-11-05 09:37:32 +00:00
ia64 o Remove devices that are commented out. 2002-11-05 08:35:37 +00:00
isa Fix compile with options SC_NO_SUSPEND_VTYSWITCH. 2002-10-17 16:09:13 +00:00
isofs/cd9660 Unbreak MNT_UPDATE when running with cd as root. Detect mountroot by 2002-11-02 20:16:55 +00:00
kern Bring in two sets of changes: 2002-11-05 17:51:56 +00:00
libkern Slight overhaul of arc4random() and friends. 2002-10-11 13:13:08 +00:00
modules - Convert to newbus, bus_space etc. 2002-11-05 09:37:32 +00:00
net Don't check IFF_RUNNING in previous change. 2002-10-25 17:31:03 +00:00
netatalk Add more ethernet types and move AppleTalk types into proper location. 2002-09-06 17:02:29 +00:00
netatm Add a field to struct cmn_unit to hold a pointer to the driver's softc. 2002-10-01 22:04:31 +00:00
netgraph Slight redesign for fitting in with -current. 2002-11-05 01:08:11 +00:00
netinet - Consistently update snd_wl1, snd_wl2, and rcv_up in the header 2002-10-31 23:24:13 +00:00
netinet6 plugged memory leakage in some erroneous cases 2002-10-31 19:45:48 +00:00
netipsec "Fast IPsec": this is an experimental IPsec implementation that is derived 2002-10-16 02:10:08 +00:00
netipx Replace aux mbufs with packet tags: 2002-10-16 01:54:46 +00:00
netkey - fixed the order of searching SA table for packets. 2002-07-10 16:39:38 +00:00
netnatm Be consistent about functions being static. 2002-10-16 09:19:17 +00:00
netncp Change iov_base's type from char *' to the standard void *'. All 2002-10-11 14:58:34 +00:00
netns Use m_length() instead of home-rolled versions. 2002-09-18 19:44:14 +00:00
netsmb Some kernel threads try to do significant work, and the default KSTACK_PAGES 2002-10-02 07:44:29 +00:00
nfs Change iov_base's type from char *' to the standard void *'. All 2002-10-11 14:58:34 +00:00
nfsclient Don't examine an un-initialized variable. 2002-10-20 21:52:05 +00:00
nfsserver Permit MAC policies to instrument the access control decisions for 2002-11-04 15:13:36 +00:00
opencrypto Module-ize the 'core' crypto stuff. This may still need to be compiled 2002-10-16 14:31:34 +00:00
pc98 Add hints for wd1, wd2 and wd3. 2002-11-03 06:52:43 +00:00
pccard MFp4: Comment about not assuming INTA# for 6729 2002-10-07 07:02:48 +00:00
pci Don't take out the rl_mtx lock in the attach routine. The only way 2002-10-29 19:02:19 +00:00
posix4 Change the way support for asynchronous I/O is indicated to applications 2002-10-27 18:07:41 +00:00
powerpc Split 4.x and 5.x signal handling so that we can keep 4.x signal 2002-10-25 19:10:58 +00:00
rpc Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and 2001-03-19 12:50:13 +00:00
security Bring in two sets of changes: 2002-11-05 17:51:56 +00:00
sparc64 Don peril sensitive sun glasses and change the default system call vector 2002-10-27 17:22:43 +00:00
sys Bring in two sets of changes: 2002-11-05 17:51:56 +00:00
tools - Move ASSERT_VOP_*LOCK* functionality into functions in vfs_subr.c 2002-09-26 04:48:44 +00:00
ufs Update licenses and wording: NAI has authorized the removal of clause three 2002-11-04 02:35:46 +00:00
vm Export the function vm_page_splay(). 2002-11-04 19:21:39 +00:00
Makefile