d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8a744de27e
freebsd-dev/sys/security/mac_veriexec
History
Wojciech Macek 15c362aeb7 mac_veriexec: Authorize reads of secured sysctls 
Writes to sysctls flagged with CTLFLAG_SECURE are blocked if the appropriate secure level is set. mac_veriexec does not behave this way, it blocks such sysctls in read-only mode as well.

This change aims to make mac_veriexec behave like secure levels, as it was meant by the original commit ed377cf41.

Reviewed by:		sjg
Differential revision:	https://reviews.freebsd.org/D34327
Obtained from:		Stormshield
2022-06-29 10:48:01 +02:00
..
mac_veriexec_internal.h
mac_veriexec_sha1.c
mac_veriexec_sha256.c
mac_veriexec_sha384.c
mac_veriexec_sha512.c
mac_veriexec.c mac_veriexec: Authorize reads of secured sysctls 2022-06-29 10:48:01 +02:00
mac_veriexec.h
veriexec_fingerprint.c
veriexec_metadata.c