freebsd-skq/sys
Robert Watson 6fac927ccc Add an additional MAC check to the UNIX domain socket connect path:
check that the subject has read/write access to the vnode using the
vnode MAC check.

MFC after:	3 weeks
Submitted by:	Spencer Minear <spencer_minear at securecomputing dot com>
Obtained from:	TrustedBSD Project
2007-02-22 09:37:44 +00:00
..
amd64 MFi386 rev. 1.544 of i386/i386/pmap.c: 2007-02-19 10:55:16 +00:00
arm Add two new options, FLASHADDR, which defines the address the flash is 2007-02-19 01:03:08 +00:00
boot Document the init_chroot and init_script variables. 2007-02-04 06:35:10 +00:00
bsm Merge OpenBSM 1.0 alpha 12 import changes into src/sys/bsm. New events 2006-09-25 12:22:07 +00:00
cam Reduce the noise when plugging in (USB) mass storage devices, like a 4 port 2007-02-21 07:45:02 +00:00
coda coda_vptofh is never defined nor used. 2007-02-02 15:47:28 +00:00
compat Remove extern int hz; use proper include file instead. 2007-02-02 08:58:16 +00:00
conf Add two new options, FLASHADDR, which defines the address the flash is 2007-02-19 01:03:08 +00:00
contrib Clean up pfr_kentry_pl2 as well. This fixes a kernel panic in the vm.zone 2007-01-01 16:51:11 +00:00
crypto Initialize T1 to silent gcc warning. 2006-10-22 02:19:33 +00:00
ddb Use FOREACH_PROC_IN_SYSTEM instead of using its unrolled form. 2007-01-17 15:05:52 +00:00
dev Improve readability of the version string. 2007-02-22 05:59:23 +00:00
fs Check that the error returned by vfs_getopts() is not ENOENT before assuming 2007-02-21 00:30:09 +00:00
gdb
geom Reduce the noise when plugging in (USB) mass storage devices, like a 4 port 2007-02-21 07:45:02 +00:00
gnu Move vnode-to-file-handle translation from vfs_vptofh to vop_vptofh method. 2007-02-15 22:08:35 +00:00
i4b Fix fat-fingering in previous commit. 2006-12-29 16:38:22 +00:00
i386 Unbreak ddb stepping over special frames after the following commit: 2007-02-19 10:57:47 +00:00
ia64 Change pmap_protect() so that execute access can be removed without 2007-02-21 06:00:46 +00:00
isa Cleaned up declaration and initialization of clock_lock. It is only 2007-01-23 08:01:20 +00:00
kern Add an additional MAC check to the UNIX domain socket connect path: 2007-02-22 09:37:44 +00:00
libkern Add strstr() function to the libkern. 2006-08-12 15:28:39 +00:00
modules Makefile changes to reflect moving sys/isofs/cd9660 to sys/fs/cd9660. 2007-02-11 14:01:32 +00:00
net Fix a bug in if_findmulti(), whereby it would not find (and thus delete) 2007-02-22 00:14:02 +00:00
net80211 clear/reclaim challenge text when switching auth mode and operating as an ap 2007-02-04 05:49:16 +00:00
netatalk Use privilege PRIV_NET_ADDIFADDR rather than suser() to authorize 2007-02-19 22:40:02 +00:00
netatm Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
netgraph In the output path, mask off M_BCAST|M_MCAST so as to prevent incorrect 2007-02-09 12:35:29 +00:00
netinet Rename two identically named log_in_vain variables: tcp_input.c's static 2007-02-20 10:20:03 +00:00
netinet6 Rename two identically named log_in_vain variables: tcp_input.c's static 2007-02-20 10:20:03 +00:00
netipsec s,#if INET6,#ifdef INET6, 2006-12-14 17:33:46 +00:00
netipx Factor out UCB and my copyrights from copyrights of Mike Mitchell; 2007-01-08 22:14:00 +00:00
netkey With exception of the if_name() macro, all definitions in net_osdep.h 2006-08-04 21:27:40 +00:00
netnatm Factor out my copyrights + licenses from Charles D. Cranor and 2007-01-08 22:30:39 +00:00
netncp Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
netsmb Backing out the wrong fix which could possibly trash the memory if devfs 2007-02-09 17:22:10 +00:00
nfs NFSv4 client: 2006-11-28 19:33:28 +00:00
nfs4client Rename some functions and variables from nfs_* to nfs4_* to avoid 2007-01-25 14:33:13 +00:00
nfsclient Backing out an earlier change. It seems harmless for NFS to miss the "force 2007-02-16 03:46:55 +00:00
nfsserver Move vnode-to-file-handle translation from vfs_vptofh to vop_vptofh method. 2007-02-15 22:08:35 +00:00
opencrypto
pc98 Include GEOM_LABEL in GENERIC. It's very useful and not well publicized 2007-02-09 19:03:18 +00:00
pccard
pci Change the remainder of the drivers for DMA'ing devices enabled in the 2007-01-21 19:32:51 +00:00
powerpc The table of known CPU models ends with an entry that has a version 2007-02-18 17:40:09 +00:00
rpc
security Update auditing of socket information for the inpcb new world order: 2007-02-20 13:38:11 +00:00
sparc64 Include GEOM_LABEL in GENERIC. It's very useful and not well publicized 2007-02-09 19:03:18 +00:00
sun4v Include GEOM_LABEL in GENERIC. It's very useful and not well publicized 2007-02-09 19:03:18 +00:00
sys Remove unnecessary privilege and privilege check for WITNESS sysctl. 2007-02-20 23:49:31 +00:00
tools Cleanup and document the implementation of firmware(9) based on 2007-02-15 17:21:31 +00:00
ufs The functions that set and delete external attributes must check 2007-02-21 08:50:06 +00:00
vm Change the page's CLEANCHK flag from being a page queue mutex synchronized 2007-02-22 06:15:52 +00:00
Makefile o Add cam to a list of cscope dirs. 2006-11-26 18:27:16 +00:00