d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f3fa78b0b5
freebsd-dev/sys/kern
History
Robert Watson 8a7d8cc675 - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 
a single kern.security.seeotheruids_permitted, describes as:
  "Unprivileged processes may see subjects/objects with different real uid"
  NOTE: kern.ps_showallprocs exists in -STABLE, and therefore there is
  an API change.  kern.ipc.showallsockets does not.
- Check kern.security.seeotheruids_permitted in cr_cansee().
- Replace visibility calls to socheckuid() with cr_cansee() (retain
  the change to socheckuid() in ipfw, where it is used for rule-matching).
- Remove prison_unpcb() and make use of cr_cansee() against the UNIX
  domain socket credential instead of comparing root vnodes for the
  UDS and the process.  This allows multiple jails to share the same
  chroot() and not see each others UNIX domain sockets.
- Remove unused socheckproc().

Now that cr_cansee() is used universally for socket visibility, a variety
of policies are more consistently enforced, including uid-based
restrictions and jail-based restrictions.  This also better-supports
the introduction of additional MAC models.

Reviewed by:	ps, billf
Obtained from:	TrustedBSD Project
2001-10-09 21:40:30 +00:00
..
bus_if.m Alter the return value and arguments of the GET_RESOURCE_LIST bus method. 2000-11-28 06:49:15 +00:00
device_if.m * Factor out the object system from new-bus so that it can be used by 2000-04-08 14:17:18 +00:00
genassym.sh Improve kernel bootstrapping: 2001-01-28 06:39:56 +00:00
imgact_aout.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
imgact_elf.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
imgact_gzip.c Undo part of the tangle of having sys/lock.h and sys/mutex.h included in 2001-05-01 08:13:21 +00:00
imgact_shell.c Fix #! script exec under linux emulation. If a script is exec'd from a 2000-04-26 20:58:40 +00:00
inflate.c Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 05:07:58 +00:00
init_main.c Don't initialize proc0's mutex twice. It is already done earlier on in the 2001-09-18 22:09:47 +00:00
init_sysent.c o Part two of eaccess(2) commit, rebuilt system call code. 2001-09-21 21:34:06 +00:00
kern_acct.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_acl.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_cap.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_clock.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_condvar.c Add missing ; in last commit 2001-09-19 02:53:59 +00:00
kern_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_descrip.c When FREE()ing kqueue related structures, charge them to the correct bucket. 2001-09-30 17:00:56 +00:00
kern_environment.c Add a pointer to kenv(1). 2001-09-21 02:25:53 +00:00
kern_event.c Have EVFILT_TIMERS allocate their callouts via malloc() instead of using 2001-09-29 17:48:39 +00:00
kern_exec.c proces -> process in a comment. 2001-10-09 17:25:30 +00:00
kern_exit.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_fork.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_idle.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_intr.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_jail.c o Initialize per-jail securelevel from global securelevel as part of 2001-09-26 20:37:15 +00:00
kern_kthread.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_ktr.c - Replace the unused KTR_IDLELOOP trace class with a new KTR_WITNESS trace 2001-06-25 23:09:31 +00:00
kern_ktrace.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_linker.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_lock.c Fix locking on td_flags for TDF_DEADLKTREAT. If the comments in the code 2001-09-13 22:33:37 +00:00
kern_lockf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_malloc.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_mib.c o Introduce an 'options REGRESSION'-dependant sysctl namespaces, 2001-10-07 03:51:22 +00:00
kern_module.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_mutex.c Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
kern_ntptime.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_physio.c Separate the struct bio related stuff out of <sys/buf.h> into 2000-05-05 09:59:14 +00:00
kern_proc.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
kern_prot.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
kern_random.c This patchset fixes a large number of file descriptor race conditions. 2000-11-18 21:01:04 +00:00
kern_resource.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_sema.c Implement kernel semaphores. 2001-08-14 22:13:14 +00:00
kern_shutdown.c decrement the dumping variable after use so we can call it several times 2001-09-20 06:08:53 +00:00
kern_sig.c Fix a typo in do_sigaction() where sa_sigaction and sa_handler were 2001-10-07 16:11:37 +00:00
kern_subr.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
kern_switch.c Change p into ke->ke_proc, this was hidden behind INVARIANTS. 2001-09-18 03:36:21 +00:00
kern_sx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_synch.c GC some #if 0'd code. 2001-09-21 19:21:18 +00:00
kern_syscalls.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_sysctl.c o Modify sysctl access control check to use securelevel_gt(), and 2001-09-26 19:51:25 +00:00
kern_tc.c Remove a bogus #ifdef KTR stanza. 2001-01-01 23:09:53 +00:00
kern_time.c o Modify static settime() to accept the proc * for the process requesting 2001-09-26 19:53:57 +00:00
kern_timeout.c Move most of the kernel submap initialization code, including the 2001-08-22 04:07:27 +00:00
kern_xxx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
ksched.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
link_aout.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
link_elf_obj.c The ia64 kernel is now linked dynamically so parse its _DYNAMIC structure. 2001-09-15 11:02:10 +00:00
link_elf.c The ia64 kernel is now linked dynamically so parse its _DYNAMIC structure. 2001-09-15 11:02:10 +00:00
linker_if.m With this commit, I hereby pronounce gensetdefs past its use-by date. 2001-06-13 10:58:39 +00:00
Make.tags.inc Remove vestiges of MFS. 2001-06-01 10:07:28 +00:00
Makefile Remove vestiges of MFS. 2001-06-01 10:07:28 +00:00
makeobjops.pl revert previous commit (bad style and not needed) 2001-07-22 10:24:31 +00:00
makesyscalls.sh Fix breakage caused by previous commit. The lkmnosys and lkmressys 2001-10-07 00:16:31 +00:00
md4c.c Import kernel part of SMB/CIFS requester. 2001-04-10 07:59:06 +00:00
md5c.c Add ia64 support. 2000-09-29 13:36:47 +00:00
p1003_1b.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
posix4_mib.c Add $FreeBSD$. 2000-04-22 15:13:06 +00:00
subr_acl_posix1e.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_autoconf.c Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
subr_blist.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
subr_bus.c Move the hints gunk to a seperate file. It isn't really part of the 2001-07-14 08:25:18 +00:00
subr_clist.c Make cblock_alloc_cblocks() spell its own name 2001-03-27 10:21:26 +00:00
subr_devstat.c Export the head structure for the device statistics STAILQ in 2001-08-04 18:02:47 +00:00
subr_disk.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_disklabel.c Create a general facility for making dev_t's depend on another 2001-05-26 08:27:58 +00:00
subr_diskmbr.c Create a general facility for making dev_t's depend on another 2001-05-26 08:27:58 +00:00
subr_diskslice.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_eventhandler.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_hints.c Fix a fatal type mismatch (char *static_env; vs char static_env[]). 2001-09-17 21:27:41 +00:00
subr_kobj.c Convert more malloc+bzero to malloc+M_ZERO. 2000-12-08 21:51:06 +00:00
subr_log.c Use the passed in thread to selrecord() instead of curthread. 2001-09-21 22:46:54 +00:00
subr_mbuf.c Re-enable mbtypes statistics in the mbuf allocator. I disabled these 2001-09-30 01:58:39 +00:00
subr_mchain.c Remove superfluous m_pkthdr.rcv_if = NULL assignment following 2001-02-25 06:33:50 +00:00
subr_module.c Preceed/preceeding are not english words. Use precede and preceding. 2001-02-18 10:43:53 +00:00
subr_param.c Conditionalize VM_SWZONE_SIZE_MAX and VM_BCACHE_SIZE_MAX so MD sections 2001-08-20 16:29:13 +00:00
subr_pcpu.c - Split out the support for per-CPU data from the SMP code. UP kernels 2001-05-10 17:45:49 +00:00
subr_prf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_prof.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_rman.c Handle NULL struct device *s 2001-05-28 01:00:03 +00:00
subr_sbuf.c Add a couple of API functions I need for my pseudofs WIP. Documentation 2001-09-29 00:32:46 +00:00
subr_scanf.c
subr_smp.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_taskqueue.c remove include of ipl.h because it no longer exists 2001-05-16 02:52:06 +00:00
subr_trap.c Remove a bogus comment. "atomic" doesn't mean that the operation is done 2001-09-21 19:26:57 +00:00
subr_turnstile.c Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
subr_witness.c Replace 'curproc' with 'td->td_proc'. 2001-10-08 21:05:46 +00:00
subr_xxx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
sys_generic.c The P_SELECT flag was moved from p->p_flag to td->td_flags, but p_flag 2001-09-21 22:06:22 +00:00
sys_pipe.c Use the passed in thread to selrecord() instead of curthread. 2001-09-21 22:46:54 +00:00
sys_process.c Dissociate ptrace from procfs. 2001-10-07 20:08:42 +00:00
sys_socket.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
syscalls.c o Part two of eaccess(2) commit, rebuilt system call code. 2001-09-21 21:34:06 +00:00
syscalls.master o Introduce eaccess(2), a version of access(2) that uses the effective 2001-09-21 21:33:22 +00:00
sysv_ipc.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
sysv_msg.c Make msgseg, msgssz (->msgmax) and msgmni TUNABLE. 2001-09-21 09:25:17 +00:00
sysv_sem.c PR: kern/29698 (part) 2001-09-13 21:06:41 +00:00
sysv_shm.c PR: kern/29698 (part) 2001-09-13 20:20:09 +00:00
tty_compat.c
tty_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty_cons.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty_pty.c Use the passed in thread pointer instead of curthread in calls to 2001-09-21 22:22:25 +00:00
tty_subr.c Make cblock_alloc_cblocks() spell its own name 2001-03-27 10:21:26 +00:00
tty_tty.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
uipc_accf.c Revert the last bits of my bogus move of NMBCLUSTERS 2001-06-01 21:47:34 +00:00
uipc_domain.c Sync with recent KAME. 2001-06-11 12:39:29 +00:00
uipc_mbuf2.c Sync with recent KAME. 2001-06-11 12:39:29 +00:00
uipc_mbuf.c Forgot to remove this un-needed test. (M_WAITOK won't fail) 2001-08-19 04:30:13 +00:00
uipc_proto.c Implement a LOCAL_PEERCRED socket option which returns a 2001-08-17 22:01:18 +00:00
uipc_sockbuf.c Allow sbcreatecontrol to make cluster sized control messages. 2001-10-04 12:59:53 +00:00
uipc_socket2.c Allow sbcreatecontrol to make cluster sized control messages. 2001-10-04 12:59:53 +00:00
uipc_socket.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
uipc_syscalls.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
uipc_usrreq.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
vfs_acl.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_aio.c The aio kthreads start off with a root credential just like all other 2001-10-05 17:55:11 +00:00
vfs_bio.c Enable vmiodirenable by default. Remove incorrect comment from sysctl.conf. 2001-09-26 19:35:04 +00:00
vfs_cache.c After extensive testing it has been determined that adding complexity 2001-10-01 04:33:35 +00:00
vfs_cluster.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
vfs_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_default.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_export.c Fix some signed/unsigned integer confusion, and add bounds checking of 2001-09-10 11:28:07 +00:00
vfs_extattr.c o Complete the migration from suser error checking in the following form 2001-10-01 20:01:07 +00:00
vfs_init.c Revert consequences of changes to mount.h, part 2. 2001-04-29 02:45:39 +00:00
vfs_lookup.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_mount.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_subr.c WS Cleanup 2001-10-08 19:51:13 +00:00
vfs_syscalls.c o Complete the migration from suser error checking in the following form 2001-10-01 20:01:07 +00:00
vfs_vnops.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
vnode_if.pl KSE Milestone 2 2001-09-12 08:38:13 +00:00
vnode_if.src KSE Milestone 2 2001-09-12 08:38:13 +00:00