freebsd-nq/sys
Robert Watson c488362e1a Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument the TCP socket code for packet generation and delivery:
label outgoing mbufs with the label of the socket, and check socket and
mbuf labels before permitting delivery to a socket.  Assign labels
to newly accepted connections when the syncache/cookie code has done
its business.  Also set peer labels as convenient.  Currently,
MAC policies cannot influence the PCB matching algorithm, so cannot
implement polyinstantiation.  Note that there is at least one case
where a PCB is not available due to the TCP packet not being associated
with any socket, so we don't label in that case, but need to handle
it in a special manner.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 19:06:49 +00:00
..
alpha Create a new header <machine/_stdint.h> for storing MD parts of 2002-07-29 17:41:23 +00:00
amd64 o Setting PG_MAPPED and PG_WRITEABLE on pages that are mapped and unmapped 2002-07-31 18:46:47 +00:00
arm Create a new header <machine/_stdint.h> for storing MD parts of 2002-07-29 17:41:23 +00:00
boot Drop support for COPY, -c has been the default mode of install(1) 2002-07-29 09:40:17 +00:00
cam Correct spelling of 'supplied'. 2002-06-19 20:44:48 +00:00
coda More s/file system/filesystem/g 2002-05-16 21:28:32 +00:00
compat Regenerate 2002-07-20 02:56:34 +00:00
conf Finally first shot at a driver for the Promise SuperTrak SX6000 ATA RAID 2002-07-31 18:27:30 +00:00
contrib Resolve conflicts arising from the ACPI CA 20020725 import. 2002-07-30 19:35:32 +00:00
crypto Fix some really pedantic GCC warnings. 2002-07-15 13:45:15 +00:00
ddb Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
dev Byteswap the serial # 2002-07-31 18:29:34 +00:00
fs Introduce support for Mandatory Access Control and extensible 2002-07-31 15:45:16 +00:00
geom Don't use the static thread.. it is going away. 2002-06-29 07:47:20 +00:00
gnu Use hashdestroy() now that it exists. 2002-06-30 03:01:44 +00:00
i4b Remote pci.h/NPCI usage from i4b code. 2002-06-13 06:04:28 +00:00
i386 o Setting PG_MAPPED and PG_WRITEABLE on pages that are mapped and unmapped 2002-07-31 18:46:47 +00:00
ia64 Resolve conflicts arising from the ACPI CA 20020725 import. 2002-07-30 19:35:32 +00:00
isa Clock frequencies reported by sysctl should be unsigned values. Discovered 2002-06-22 16:30:18 +00:00
isofs/cd9660 Quick fix for non-unique inode numbers for hard links. We use the 2002-05-22 08:50:18 +00:00
kern Introduce support for Mandatory Access Control and extensible 2002-07-31 16:39:49 +00:00
libkern Convert GNU variadic macros to the ISO 9X variety. 2002-07-15 13:34:50 +00:00
modules Resolve conflicts arising from the ACPI CA 20020725 import. 2002-07-30 19:35:32 +00:00
net Introduce support for Mandatory Access Control and extensible 2002-07-31 16:23:42 +00:00
netatalk Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
netatm - Remove UM_* user land memory macros since they are no longer used. 2002-06-24 22:31:17 +00:00
netgraph NUL terminate the ACNAME passed to userland. 2002-06-22 21:00:53 +00:00
netinet Introduce support for Mandatory Access Control and extensible 2002-07-31 19:06:49 +00:00
netinet6 correct comment for setsockopt arg size. 2002-07-25 20:40:09 +00:00
netipx Make spxnames a const char * to quieten some warnings in netstat. 2002-07-27 23:15:08 +00:00
netkey - fixed the order of searching SA table for packets. 2002-07-10 16:39:38 +00:00
netnatm Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
netncp Wire the sysctl output buffer before grabbing any locks to prevent 2002-07-28 19:59:31 +00:00
netns Fix bug which has been there since rev 1.1 where && was used instead of &. 2002-06-09 03:57:34 +00:00
netsmb Wire the sysctl output buffer before grabbing any locks to prevent 2002-07-28 19:59:31 +00:00
nfs
nfsclient o Lock page queue accesses in nfs_getpages(). 2002-07-21 20:01:32 +00:00
nfsserver Oops, another unused arg to nfssvc_nfsd(). *blush* 2002-07-24 23:10:34 +00:00
pc98 gethints.awk is a machine-specific 4.x->5.x transition aid. We cannot 2002-07-26 03:52:30 +00:00
pccard MFp4: 2002-07-26 08:07:55 +00:00
pci If we get 0xffff back when reading the status register, assume the card 2002-07-30 17:31:42 +00:00
posix4 Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
powerpc Create a new header <machine/_stdint.h> for storing MD parts of 2002-07-29 17:41:23 +00:00
rpc
security Introduce support for Mandatory Access Control and extensible 2002-07-31 18:07:45 +00:00
sparc64 These file are no longer used (moved to userland and/or merged into 2002-07-31 16:23:27 +00:00
sys Add pathconf/fpathconf entries from POSIX.1e indicating support for 2002-07-31 15:54:03 +00:00
tools - Add automatic post vop debug checks. These work in both the success and 2002-07-30 08:52:00 +00:00
ufs Introduce support for Mandatory Access Control and extensible 2002-07-31 16:05:30 +00:00
vm o Setting PG_MAPPED and PG_WRITEABLE on pages that are mapped and unmapped 2002-07-31 18:46:47 +00:00
Makefile Milestone #1 in cross-arch make releases. 2002-04-26 17:55:27 +00:00