d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9e4f5968dc
freebsd-dev/sys
History
Robert Watson 2087a58ca2 Add static DTrace probes for MAC Framework access control checks and 
privilege grants so that dtrace can be more easily used to monitor
the security decisions being generated by the MAC Framework following
policy invocation.

Successful access control checks will be reported by:

  mac_framework:kernel:<entrypoint>:mac_check_ok

Failed access control checks will be reported by:

  mac_framework:kernel:<entrypoint>:mac_check_err

Successful privilege grants will be reported by:

  mac_framework:kernel:priv_grant:mac_grant_ok

Failed privilege grants will be reported by:

  mac_framework:kernel:priv_grant:mac_grant_err

In all cases, the return value (always 0 for _ok, otherwise an errno
for _err) will be reported via arg0 on the probe, and subsequent
arguments will hold entrypoint-specific data, in a style similar to
privilege tracing.

Obtained from:	TrustedBSD Project
Sponsored by:	Google, Inc.
2009-03-08 00:50:37 +00:00
..
amd64 Reenable ndis in the LINT build now that it has been updated for USB. Thanks to 2009-03-07 19:54:30 +00:00
arm Cleanup virtual device mapping some more: 2009-03-06 23:32:45 +00:00
boot Revert the part of change 107879 that employs the unused bytes after 2009-03-07 22:05:58 +00:00
bsm Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both 2009-03-02 13:29:18 +00:00
cam GCC attacks! 2009-02-16 18:02:32 +00:00
cddl Extend the "vfsopt" mount options for more general use. Make struct 2009-03-02 23:26:30 +00:00
compat o port NDIS USB support from USB1 to the new usb(USB2). 2009-03-07 07:26:22 +00:00
conf Import support for ATI Radeon R600 and R700 series chips. 2009-03-07 21:36:57 +00:00
contrib For all files including net/vnet.h directly include opt_route.h and 2009-02-27 14:12:05 +00:00
crypto identify routine takes driver_t *, not device_t *. 2009-02-05 19:30:28 +00:00
ddb
dev Import support for ATI Radeon R600 and R700 series chips. 2009-03-07 21:36:57 +00:00
fs Extract the no_poll() and vop_nopoll() code into the common routine 2009-03-06 15:35:37 +00:00
gdb
geom o When creating the EBR scheme, set the number of entries 2009-02-21 19:25:13 +00:00
gnu Add memmove() to the kernel, making the kernel compile with Clang. 2009-02-28 16:21:25 +00:00
i386 Reenable ndis in the LINT build now that it has been updated for USB. Thanks to 2009-03-07 19:54:30 +00:00
ia64 Change over the usb kernel options to the new stack (retaining existing 2009-02-23 18:34:56 +00:00
isa Allow syscons to work on amd64 and i386 without any hints: 2009-03-05 19:10:17 +00:00
kern Extract the no_poll() and vop_nopoll() code into the common routine 2009-03-06 15:35:37 +00:00
kgssapi
legacy/dev This copy of usbdevs is unused. 2009-02-24 17:26:37 +00:00
libkern Add memmove() to the kernel, making the kernel compile with Clang. 2009-02-28 16:21:25 +00:00
mips make loop clearer that it isn't a mistake... 2009-03-03 19:22:24 +00:00
modules Import support for ATI Radeon R600 and R700 series chips. 2009-03-07 21:36:57 +00:00
net When resetting a BPF descriptor, properly check that zero-copy buffers 2009-03-07 22:17:44 +00:00
net80211 add the desired channel to the scan list if not already present and 2009-03-04 22:05:25 +00:00
netatalk Remove local variable 'ddp' from DDP's attach and detach routines; they 2009-02-04 20:04:32 +00:00
netgraph Make Netgraph compile with Clang. 2009-03-03 18:47:33 +00:00
netinet On architectures with strict alignment requirements compensate 2009-03-07 19:08:58 +00:00
netinet6 On architectures with strict alignment requirements compensate 2009-03-07 19:08:58 +00:00
netipsec SAs are valid (but dying) when they reached soft lifetime, 2009-03-05 16:22:32 +00:00
netipx Add missing "goto set_head" for SO_IPX_CHECKSUM; otherwise we fall through 2008-12-11 10:29:35 +00:00
netnatm
netncp
netsmb
nfs
nfs4client Last step of splitting up minor and unit numbers: remove minor(). 2009-01-28 17:57:16 +00:00
nfsclient For all files including net/vnet.h directly include opt_route.h and 2009-02-27 14:12:05 +00:00
nfsserver Include audit.h so that the system call path protected by NFS_LEGACYRPC 2009-02-23 23:04:15 +00:00
nlm
opencrypto Fix return type for detach routine (should be int) 2009-02-05 17:43:12 +00:00
pc98 MFi386: 189423 2009-03-06 11:15:24 +00:00
pci The callback takes a void *, not a caddr_t * (sic). 2009-03-03 18:54:57 +00:00
powerpc Add memmove() to the kernel, making the kernel compile with Clang. 2009-02-28 16:21:25 +00:00
rpc Use the correct creds when reconnecting so that we have enough privilege to 2009-02-05 11:48:10 +00:00
security Add static DTrace probes for MAC Framework access control checks and 2009-03-08 00:50:37 +00:00
sparc64 Change over the usb kernel options to the new stack (retaining existing 2009-02-23 18:34:56 +00:00
sun4v Change over the usb kernel options to the new stack (retaining existing 2009-02-23 18:34:56 +00:00
sys Extract the no_poll() and vop_nopoll() code into the common routine 2009-03-06 15:35:37 +00:00
tools
ufs Right now, when trying to unmount a device that's already gone, 2009-02-23 21:09:28 +00:00
vm Prior to r188331 a map entry's last read offset was only updated by a hard 2009-02-25 07:52:53 +00:00
xdr Add memmove() to the kernel, making the kernel compile with Clang. 2009-02-28 16:21:25 +00:00
xen merge 186535, 186537, and 186538 from releng_7_xen 2008-12-29 06:31:03 +00:00
Makefile Removal pccard directory requires removing it from the list of things 2009-02-15 18:19:24 +00:00