freebsd-nq/sys at 5264841183cc5312cd097028c7cb00b39f56874b - freebsd-nq - Quacker.org Git Repositories

d/freebsd-nq

History

Robert Watson 5264841183 Introduce MAC Framework and MAC Policy entry points to label and control

access to POSIX Semaphores:

mac_init_posix_sem()            Initialize label for POSIX semaphore
mac_create_posix_sem()          Create POSIX semaphore
mac_destroy_posix_sem()         Destroy POSIX semaphore
mac_check_posix_sem_destroy()   Check whether semaphore may be destroyed
mac_check_posix_sem_getvalue()  Check whether semaphore may be queried
mac_check_possix_sem_open()     Check whether semaphore may be opened
mac_check_posix_sem_post()      Check whether semaphore may be posted to
mac_check_posix_sem_unlink()    Check whether semaphore may be unlinked
mac_check_posix_sem_wait()      Check whether may wait on semaphore

Update Biba, MLS, Stub, and Test policies to implement these entry points.
For information flow policies, most semaphore operations are effectively
read/write.

Submitted by:	Dandekar Hrishikesh <rishi_dandekar at sbcglobal dot net>
Sponsored by:	DARPA, McAfee, SPARTA
Obtained from:	TrustedBSD Project

2005-05-04 10:39:15 +00:00

..

Change cpu_set_kse_upcall to more generic style, so we can reuse it

2005-04-23 02:32:32 +00:00

Implement an alternate method to stop CPUs when entering DDB. Normally we use

2005-04-30 20:01:00 +00:00

Allocating the memory for the kernel stack one time is enough.

2005-04-27 13:29:54 +00:00

Allow BOOT_BOOT0_COMCONSOLE_SPEED to be derived from BOOT_COMCONSOLE_SPEED

2005-04-25 17:41:35 +00:00

…

Make sure we look at the correct sub op codes when

2005-04-14 04:51:18 +00:00

- Change all filesystems and vfs_cache to relock the dvp once the child is

2005-04-13 10:59:09 +00:00

- Pass the ISOPEN flag to namei so filesystems will know we're about to

2005-04-27 09:05:19 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

Resolve conflicts created during the import of pf 3.7 Some features are

2005-05-03 16:43:32 +00:00

gbde(8) is also rejndael user.

2005-03-11 22:07:04 +00:00

Don't enter the debugger if KDB_UNATTENDED is set or if

2005-04-20 20:52:46 +00:00

A patch to support Palm Tungsten T via USB-Cradle.

2005-05-04 00:46:24 +00:00

…

- Set the v_object pointer after a successful VOP_OPEN(). This isn't a

2005-05-03 11:05:33 +00:00

check return value of gdb_rx_varhex

2005-03-28 18:31:18 +00:00

Fix signed vs unsigned warning.

2005-05-01 09:44:50 +00:00

- Change all filesystems and vfs_cache to relock the dvp once the child is

2005-04-13 10:59:09 +00:00

Don't use 'i386/include' directly.

2005-04-08 03:37:20 +00:00

Add convenience APIs pmc_width() and pmc_capabilities() to -lpmc.

2005-05-01 14:11:49 +00:00

Change cpu_set_kse_upcall to more generic style, so we can reuse it

2005-04-23 02:32:32 +00:00

Add ISACFGATTR_HINTS flag to allow detection of a device that was created

2005-04-13 03:26:24 +00:00

- Change all filesystems and vfs_cache to relock the dvp once the child is

2005-04-13 10:59:09 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

Update comment to direct the reader to libkern.h instead of systm.h.

2005-04-28 05:50:18 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

-introduce net.bpf sysctl instead of the less intuitive debug.*

2005-05-04 03:09:28 +00:00

Revise crypto api lightly to improve group key handling:

2005-04-12 17:55:13 +00:00

When generating a phase II ARP lookup from aarpwhohas(), use a

2005-02-22 14:37:22 +00:00

In the current world order, solisten() implements the state transition of

2005-02-21 21:58:17 +00:00

- Initialize interface as UP when hook is connected.

2005-04-20 14:22:13 +00:00

Remove now unused inirw variable from previous use of COMMON_END().

2005-05-01 14:01:38 +00:00

Add IPv6 support to IPFW and Dummynet.

2005-04-18 18:35:05 +00:00

correct space check

2005-03-09 15:28:48 +00:00

Update copyright: parts of the netipx implementation are covered by a

2005-04-10 18:05:46 +00:00

…

Mark netatm and netnatm explicitly as requiring Giant, as they still do.

2005-02-17 14:21:22 +00:00

avoid potential null ptr derefs

2005-02-23 22:44:38 +00:00

Explicitly hold a reference to the cdev we have just cloned. This

2005-03-31 12:19:44 +00:00

…

- We want if (mrep != NULL) not if (m_freem != NULL). m_freem will never

2005-04-25 05:11:19 +00:00

Don't copy the NFSMNT_* flags into struct statfs's f_flags field,

2005-05-02 15:57:10 +00:00

NFS write gathering defers execution of NFS server write requests to wait

2005-04-17 16:25:36 +00:00

just use crypto/rijndael, and nuke opencrypto/rindael.[ch].

2005-03-11 17:24:46 +00:00

MFi386: revision 1.1198 (add KDB_STOP_NMI option).

2005-05-01 04:00:12 +00:00

Remove more deadwood that never got implemented in NEWCARD, since NEWCARD

2005-02-15 02:54:53 +00:00

Deal with failed malloc calls[1].

2005-04-25 10:18:24 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

- move to SCHED_4BSD per jeffr's comments on SCHED_ULE's state

2005-05-03 11:56:05 +00:00

- Don't call rpcclnt_realign() if we don't have any mbufs to realign.

2005-03-19 01:16:25 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

Slightly reformat apb_alloc_resource() to create some horizontal space

2005-04-28 03:33:46 +00:00

Introduce MAC Framework and MAC Policy entry points to label and control

2005-05-04 10:39:15 +00:00

- Add the character "E" to the understood lock types. This means

2005-04-11 15:15:03 +00:00

- Don't restrict the softdep stats to DEBUG kernels, they cost nothing to

2005-05-03 11:03:29 +00:00

- Add a new object flag "OBJ_NEEDSGIANT". We set this flag if the

2005-05-03 11:11:26 +00:00

Makefile

When building cscopnamefile, default architecture to ${MACHINE}, not i386.

2005-03-08 00:09:41 +00:00