freebsd-nq/sys/kern
Robert Watson 8a7d8cc675 - Combine kern.ps_showallprocs and kern.ipc.showallsockets into
a single kern.security.seeotheruids_permitted, describes as:
  "Unprivileged processes may see subjects/objects with different real uid"
  NOTE: kern.ps_showallprocs exists in -STABLE, and therefore there is
  an API change.  kern.ipc.showallsockets does not.
- Check kern.security.seeotheruids_permitted in cr_cansee().
- Replace visibility calls to socheckuid() with cr_cansee() (retain
  the change to socheckuid() in ipfw, where it is used for rule-matching).
- Remove prison_unpcb() and make use of cr_cansee() against the UNIX
  domain socket credential instead of comparing root vnodes for the
  UDS and the process.  This allows multiple jails to share the same
  chroot() and not see each others UNIX domain sockets.
- Remove unused socheckproc().

Now that cr_cansee() is used universally for socket visibility, a variety
of policies are more consistently enforced, including uid-based
restrictions and jail-based restrictions.  This also better-supports
the introduction of additional MAC models.

Reviewed by:	ps, billf
Obtained from:	TrustedBSD Project
2001-10-09 21:40:30 +00:00
..
bus_if.m
device_if.m
genassym.sh
imgact_aout.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
imgact_elf.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
imgact_gzip.c
imgact_shell.c
inflate.c
init_main.c Don't initialize proc0's mutex twice. It is already done earlier on in the 2001-09-18 22:09:47 +00:00
init_sysent.c o Part two of eaccess(2) commit, rebuilt system call code. 2001-09-21 21:34:06 +00:00
kern_acct.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_acl.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_cap.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_clock.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_condvar.c Add missing ; in last commit 2001-09-19 02:53:59 +00:00
kern_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_descrip.c When FREE()ing kqueue related structures, charge them to the correct bucket. 2001-09-30 17:00:56 +00:00
kern_environment.c Add a pointer to kenv(1). 2001-09-21 02:25:53 +00:00
kern_event.c Have EVFILT_TIMERS allocate their callouts via malloc() instead of using 2001-09-29 17:48:39 +00:00
kern_exec.c proces -> process in a comment. 2001-10-09 17:25:30 +00:00
kern_exit.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_fork.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_idle.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_intr.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_jail.c o Initialize per-jail securelevel from global securelevel as part of 2001-09-26 20:37:15 +00:00
kern_kthread.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_ktr.c
kern_ktrace.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_linker.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_lock.c Fix locking on td_flags for TDF_DEADLKTREAT. If the comments in the code 2001-09-13 22:33:37 +00:00
kern_lockf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_malloc.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_mib.c o Introduce an 'options REGRESSION'-dependant sysctl namespaces, 2001-10-07 03:51:22 +00:00
kern_module.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_mutex.c Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
kern_ntptime.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_physio.c
kern_proc.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
kern_prot.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
kern_random.c
kern_resource.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_sema.c Implement kernel semaphores. 2001-08-14 22:13:14 +00:00
kern_shutdown.c decrement the dumping variable after use so we can call it several times 2001-09-20 06:08:53 +00:00
kern_sig.c Fix a typo in do_sigaction() where sa_sigaction and sa_handler were 2001-10-07 16:11:37 +00:00
kern_subr.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
kern_switch.c Change p into ke->ke_proc, this was hidden behind INVARIANTS. 2001-09-18 03:36:21 +00:00
kern_sx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_synch.c GC some #if 0'd code. 2001-09-21 19:21:18 +00:00
kern_syscalls.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
kern_sysctl.c o Modify sysctl access control check to use securelevel_gt(), and 2001-09-26 19:51:25 +00:00
kern_tc.c
kern_time.c o Modify static settime() to accept the proc * for the process requesting 2001-09-26 19:53:57 +00:00
kern_timeout.c Move most of the kernel submap initialization code, including the 2001-08-22 04:07:27 +00:00
kern_xxx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
ksched.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
link_aout.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
link_elf_obj.c The ia64 kernel is now linked dynamically so parse its _DYNAMIC structure. 2001-09-15 11:02:10 +00:00
link_elf.c The ia64 kernel is now linked dynamically so parse its _DYNAMIC structure. 2001-09-15 11:02:10 +00:00
linker_if.m
Make.tags.inc
Makefile
makeobjops.pl revert previous commit (bad style and not needed) 2001-07-22 10:24:31 +00:00
makesyscalls.sh Fix breakage caused by previous commit. The lkmnosys and lkmressys 2001-10-07 00:16:31 +00:00
md4c.c
md5c.c
p1003_1b.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
posix4_mib.c
subr_acl_posix1e.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_autoconf.c
subr_blist.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
subr_bus.c Move the hints gunk to a seperate file. It isn't really part of the 2001-07-14 08:25:18 +00:00
subr_clist.c
subr_devstat.c Export the head structure for the device statistics STAILQ in 2001-08-04 18:02:47 +00:00
subr_disk.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_disklabel.c
subr_diskmbr.c
subr_diskslice.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_eventhandler.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_hints.c Fix a fatal type mismatch (char *static_env; vs char static_env[]). 2001-09-17 21:27:41 +00:00
subr_kobj.c
subr_log.c Use the passed in thread to selrecord() instead of curthread. 2001-09-21 22:46:54 +00:00
subr_mbuf.c Re-enable mbtypes statistics in the mbuf allocator. I disabled these 2001-09-30 01:58:39 +00:00
subr_mchain.c
subr_module.c
subr_param.c Conditionalize VM_SWZONE_SIZE_MAX and VM_BCACHE_SIZE_MAX so MD sections 2001-08-20 16:29:13 +00:00
subr_pcpu.c
subr_prf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_prof.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_rman.c
subr_sbuf.c Add a couple of API functions I need for my pseudofs WIP. Documentation 2001-09-29 00:32:46 +00:00
subr_scanf.c
subr_smp.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
subr_taskqueue.c
subr_trap.c Remove a bogus comment. "atomic" doesn't mean that the operation is done 2001-09-21 19:26:57 +00:00
subr_turnstile.c Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
subr_witness.c Replace 'curproc' with 'td->td_proc'. 2001-10-08 21:05:46 +00:00
subr_xxx.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
sys_generic.c The P_SELECT flag was moved from p->p_flag to td->td_flags, but p_flag 2001-09-21 22:06:22 +00:00
sys_pipe.c Use the passed in thread to selrecord() instead of curthread. 2001-09-21 22:46:54 +00:00
sys_process.c Dissociate ptrace from procfs. 2001-10-07 20:08:42 +00:00
sys_socket.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
syscalls.c o Part two of eaccess(2) commit, rebuilt system call code. 2001-09-21 21:34:06 +00:00
syscalls.master o Introduce eaccess(2), a version of access(2) that uses the effective 2001-09-21 21:33:22 +00:00
sysv_ipc.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
sysv_msg.c Make msgseg, msgssz (->msgmax) and msgmni TUNABLE. 2001-09-21 09:25:17 +00:00
sysv_sem.c PR: kern/29698 (part) 2001-09-13 21:06:41 +00:00
sysv_shm.c PR: kern/29698 (part) 2001-09-13 20:20:09 +00:00
tty_compat.c
tty_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty_cons.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty_pty.c Use the passed in thread pointer instead of curthread in calls to 2001-09-21 22:22:25 +00:00
tty_subr.c
tty_tty.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
tty.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
uipc_accf.c
uipc_domain.c
uipc_mbuf2.c
uipc_mbuf.c Forgot to remove this un-needed test. (M_WAITOK won't fail) 2001-08-19 04:30:13 +00:00
uipc_proto.c Implement a LOCAL_PEERCRED socket option which returns a 2001-08-17 22:01:18 +00:00
uipc_sockbuf.c Allow sbcreatecontrol to make cluster sized control messages. 2001-10-04 12:59:53 +00:00
uipc_socket2.c Allow sbcreatecontrol to make cluster sized control messages. 2001-10-04 12:59:53 +00:00
uipc_socket.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
uipc_syscalls.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
uipc_usrreq.c - Combine kern.ps_showallprocs and kern.ipc.showallsockets into 2001-10-09 21:40:30 +00:00
vfs_acl.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_aio.c The aio kthreads start off with a root credential just like all other 2001-10-05 17:55:11 +00:00
vfs_bio.c Enable vmiodirenable by default. Remove incorrect comment from sysctl.conf. 2001-09-26 19:35:04 +00:00
vfs_cache.c After extensive testing it has been determined that adding complexity 2001-10-01 04:33:35 +00:00
vfs_cluster.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
vfs_conf.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_default.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_export.c Fix some signed/unsigned integer confusion, and add bounds checking of 2001-09-10 11:28:07 +00:00
vfs_extattr.c o Complete the migration from suser error checking in the following form 2001-10-01 20:01:07 +00:00
vfs_init.c
vfs_lookup.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_mount.c KSE Milestone 2 2001-09-12 08:38:13 +00:00
vfs_subr.c WS Cleanup 2001-10-08 19:51:13 +00:00
vfs_syscalls.c o Complete the migration from suser error checking in the following form 2001-10-01 20:01:07 +00:00
vfs_vnops.c Make uio_yield() a global. Call uio_yield() between chunks 2001-09-26 06:54:32 +00:00
vnode_if.pl KSE Milestone 2 2001-09-12 08:38:13 +00:00
vnode_if.src KSE Milestone 2 2001-09-12 08:38:13 +00:00