freebsd-skq/sys/security
rwatson 5743072acf Rather than having MAC policies explicitly declare what object types
they label, derive that information implicitly from the set of label
initializers in their policy operations set.  This avoids a possible
class of programmer errors, while retaining the structure that
allows us to avoid allocating labels for objects that don't need
them.  As before, we regenerate a global mask of labeled objects
each time a policy is loaded or unloaded, stored in mac_labeled.

Discussed with:   csjp
Suggested by:     Jacques Vidrine <nectar at apple.com>
Obtained from:    TrustedBSD Project
Sponsored by:     Apple, Inc.
2009-01-10 10:58:41 +00:00
..
audit Do a lockless read of the audit pipe list before grabbing the audit pipe 2009-01-06 14:15:38 +00:00
mac Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_biba Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_bsdextended Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_ifoff Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_lomac Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_mls Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_none Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_partition Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_portacl Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_seeotheruids Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_stub Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00
mac_test Rather than having MAC policies explicitly declare what object types 2009-01-10 10:58:41 +00:00