freebsd-skq/sys/kern
rwatson 7f656e6806 Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument connect(), listen(), and bind() system calls to invoke
MAC framework entry points to permit policies to authorize these
requests.  This can be useful for policies that want to limit
the activity of processes involving particular types of IPC and
network activity.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:39:49 +00:00
..
bus_if.m Add bus_child_present and the child_present method to bus_if.m 2002-07-21 03:28:43 +00:00
clock_if.m Add a generic implementation of inittodr() and resettodr(), as well as 2002-04-04 23:39:10 +00:00
device_if.m
genassym.sh Allow one to specify the AWK used in the environment(commandline). 2002-02-11 03:54:30 +00:00
imgact_aout.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_elf32.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_elf64.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_elf.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_elfN.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_gzip.c Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable 2002-07-20 02:56:12 +00:00
imgact_shell.c Return a more meaningful errno when the length of the interpreter 2001-11-28 03:26:58 +00:00
inflate.c Modernize my email address. 2002-03-25 13:52:45 +00:00
init_main.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:11:29 +00:00
init_sysent.c Regen. 2002-07-31 00:16:58 +00:00
kern_acct.c Save flags returned by vn_open and use them when calling vn_close. 2002-07-21 15:22:56 +00:00
kern_acl.c Teach discretionary access control methods for files about VAPPEND 2002-07-22 03:57:07 +00:00
kern_clock.c Fixed breakage of binary compatibility of the kern.clockrate sysctl in 2002-05-05 04:33:09 +00:00
kern_condvar.c Remove code that removes thread from sleep queue before 2002-07-30 20:34:30 +00:00
kern_conf.c Break the following implementation of panic(3): 2002-04-25 13:17:33 +00:00
kern_descrip.c Have the kern.file sysctl export xfiles rather than files. The truth is 2002-07-31 12:26:52 +00:00
kern_environment.c Cosmetic tweaks. Try and keep the style more consistent, catch some stray 2002-05-01 02:51:50 +00:00
kern_event.c More caddr_t removal, make fo_ioctl take a void * instead of a caddr_t. 2002-06-29 01:50:25 +00:00
kern_exec.c For processes which are set-user-ID or set-group-ID, the kernel performs a few 2002-07-30 15:38:29 +00:00
kern_exit.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
kern_fork.c Update docs to reflect change in count of procs reserved for root 2002-07-30 05:37:00 +00:00
kern_idle.c Make sure the process state for the idle proc is set correctly 2002-07-17 19:18:45 +00:00
kern_intr.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
kern_jail.c The jail syscall calls chroot, which is not mpsafe, so put back a 2002-07-01 20:46:01 +00:00
kern_kse.c get suspension counting right. 2002-07-25 03:21:35 +00:00
kern_kthread.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
kern_ktr.c Remove a stale comment. 2002-04-06 08:44:04 +00:00
kern_ktrace.c More caddr_t removal, make fo_ioctl take a void * instead of a caddr_t. 2002-06-29 01:50:25 +00:00
kern_linker.c Pre-wire the output buffer so that sysctl_kern_function_list() doesn't 2002-07-22 08:28:09 +00:00
kern_lock.c Record the file, line, and pid of the last successful shared lock holder. This 2002-05-30 05:55:22 +00:00
kern_lockf.c More caddr_t removal. 2002-06-29 00:29:12 +00:00
kern_mac.c Begin committing support for Mandatory Access Control and extensible 2002-07-30 21:36:05 +00:00
kern_malloc.c - Replace the bandaid introduced in revision 1.110 with 2002-05-31 09:41:09 +00:00
kern_mib.c - Add a mutex to lock the global securelevel value. 2002-04-02 17:43:17 +00:00
kern_module.c - Remove Giant acquisition from modevent(), modfnext(), modstat() and 2002-06-26 00:31:44 +00:00
kern_mtxpool.c Change callers of mtx_init() to pass in an appropriate lock type name. In 2002-04-04 21:03:38 +00:00
kern_mutex.c Disable optimization of spinlocks on UP kernels w/o debugging for now 2002-07-27 16:54:23 +00:00
kern_ntptime.c Hide the private parts of timecounter from a couple of places that don't 2002-04-26 21:31:44 +00:00
kern_physio.c More caddr_t removal, make fo_ioctl take a void * instead of a caddr_t. 2002-06-29 01:50:25 +00:00
kern_poll.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
kern_proc.c Wire the sysctl output buffer before grabbing any locks to prevent 2002-07-28 19:59:31 +00:00
kern_prot.c Introduce support for Mandatory Access Control and extensible 2002-07-31 00:48:24 +00:00
kern_resource.c Widen struct sockbuf's sb_timeo member to int from short. With 2002-07-24 03:02:43 +00:00
kern_sema.c Change callers of mtx_init() to pass in an appropriate lock type name. In 2002-04-04 21:03:38 +00:00
kern_shutdown.c Allow alphas to do crashdumps: Refuse to run anything in choosethread() 2002-07-17 02:23:44 +00:00
kern_sig.c Don't need to hold schedlock specifically for stop() ans it calls wakeup() 2002-07-30 21:13:48 +00:00
kern_subr.c o Lock page queue accesses by vm_page_free(). 2002-07-21 19:06:46 +00:00
kern_switch.c - Optimize wakeup() and its friends; if a thread waken up is being 2002-07-30 06:54:05 +00:00
kern_sx.c Set the lock type equal to the lock name for now as all of the current 2002-04-04 20:49:35 +00:00
kern_synch.c In endtsleep() and cv_timedwait_end(), a thread marked TDF_TIMEOUT may 2002-07-30 10:12:11 +00:00
kern_syscalls.c - Lock down the ``module'' structure by adding an SX lock that is used by 2002-03-18 07:45:30 +00:00
kern_sysctl.c Make a temporary copy of the output data in the generic sysctl handlers 2002-07-28 21:06:14 +00:00
kern_tc.c Use a semicolon at the end of a function-like macro invocation. Kills 2002-07-15 13:13:04 +00:00
kern_thread.c get suspension counting right. 2002-07-25 03:21:35 +00:00
kern_time.c more caddr_t removal. 2002-06-29 02:00:02 +00:00
kern_timeout.c Change callers of mtx_init() to pass in an appropriate lock type name. In 2002-04-04 21:03:38 +00:00
kern_uuid.c Fix a minor whitespace style nit that broke 'grep ^uuidgen'. 2002-07-09 19:36:50 +00:00
kern_xxx.c more caddr_t removal. 2002-06-29 02:00:02 +00:00
ksched.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
link_aout.c Simple p_ucred -> td_ucred changes to start using the per-thread ucred 2002-02-27 18:32:23 +00:00
link_elf_obj.c Don't use the symbol name to lookup the symbol value when we can use 2002-04-25 01:22:16 +00:00
link_elf.c Don't use the symbol name to lookup the symbol value when we can use 2002-04-25 01:22:16 +00:00
linker_if.m Add the sysctl "kern.function_list", which currently exports all 2001-10-30 15:21:45 +00:00
Make.tags.inc Don't hardcode /sys when making tags, instead use ${.CURDIR}/.. this 2002-02-27 10:07:15 +00:00
Makefile Don't generate <sys/syscalls-hide.h> it has never had any users anywhere in 2001-10-13 09:17:49 +00:00
makesyscalls.sh Introduce syscall.master option 'COMPAT4' which allows one to wrap 2002-07-12 06:38:34 +00:00
md4c.c
md5c.c Bring sys/kern/md5c.c in sync with the userland version. 2002-06-24 14:15:25 +00:00
p1003_1b.c Change p_can{debug,see,sched,signal}()'s first argument to be a thread 2002-05-19 00:14:50 +00:00
posix4_mib.c
subr_acl_posix1e.c Teach discretionary access control methods for files about VAPPEND 2002-07-22 03:57:07 +00:00
subr_autoconf.c Remove __P. 2002-03-19 21:25:46 +00:00
subr_blist.c Now that daddr_t has grown up, use %lld to printf it and cast it to long 2002-05-18 23:46:04 +00:00
subr_bus.c Add bus_child_present and the child_present method to bus_if.m 2002-07-21 03:28:43 +00:00
subr_clist.c Remove __P. 2002-03-19 21:25:46 +00:00
subr_clock.c Add a generic implementation of inittodr() and resettodr(), as well as 2002-04-04 23:39:10 +00:00
subr_devstat.c GC: BIO_ORDERED, various infrastructure dealing with BIO_ORDERED. 2002-02-22 09:26:35 +00:00
subr_disk.c Implement DIOCGFRONTSTUFF ioctl which reports how many bytes from the start 2002-04-09 15:43:32 +00:00
subr_disklabel.c more caddr_t removal. 2002-06-29 02:00:02 +00:00
subr_diskmbr.c Remove __P. 2002-03-19 21:25:46 +00:00
subr_diskslice.c Fix DIOCGMEDIASIZE and DIOCGSECTORSIZE ioctls to work for all 2002-07-23 14:30:27 +00:00
subr_eventhandler.c Wrap a line longer than 80 characters. 2002-07-19 17:44:44 +00:00
subr_hints.c Cosmetic tweaks. Try and keep the style more consistent, catch some stray 2002-05-01 02:51:50 +00:00
subr_kobj.c Convert hit and miss counters to unsigned values. Surely negative values 2002-06-10 22:40:26 +00:00
subr_log.c more caddr_t removal. 2002-06-29 02:00:02 +00:00
subr_mbuf.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:42:19 +00:00
subr_mchain.c Convert GNU-styled variadic macros to ISO(9x) style. 2002-07-15 13:15:31 +00:00
subr_module.c
subr_param.c Improve the implementation of adjtime(2). 2002-04-15 12:23:11 +00:00
subr_pcpu.c Add a per-cpu variable, cpumask, the preshifted equivalent of 1 << cpuid. 2002-01-05 09:35:50 +00:00
subr_power.c Use ISO 9X variadic macro format; arguments are not optional, just 2002-07-15 17:17:56 +00:00
subr_prf.c dd %i as an alias for %d for greater compatibility with our *BSD bretheren 2002-07-05 18:36:49 +00:00
subr_prof.c more caddr_t removal. 2002-06-29 02:00:02 +00:00
subr_rman.c Change callers of mtx_init() to pass in an appropriate lock type name. In 2002-04-04 21:03:38 +00:00
subr_rtc.c Add a generic implementation of inittodr() and resettodr(), as well as 2002-04-04 23:39:10 +00:00
subr_sbuf.c Fix warnings on gcc-3.1+ where __func__ is a const char * instead of a 2002-03-19 10:56:46 +00:00
subr_scanf.c
subr_smp.c Part 1 of KSE-III 2002-06-29 17:26:22 +00:00
subr_taskqueue.c Change callers of mtx_init() to pass in an appropriate lock type name. In 2002-04-04 21:03:38 +00:00
subr_trap.c Revert removal of cred_free_thread(): It is used to ensure that a thread's 2002-07-11 02:18:33 +00:00
subr_turnstile.c Disable optimization of spinlocks on UP kernels w/o debugging for now 2002-07-27 16:54:23 +00:00
subr_witness.c Silence compiler warnings when DDB is not defined. 2002-07-15 02:03:17 +00:00
subr_xxx.c Here follows the new kernel dumping infrastructure. 2002-03-31 22:37:00 +00:00
sys_generic.c Attempt to clarify comment in selrecord. 2002-07-24 00:29:22 +00:00
sys_pipe.c Remove unneeded caddr_t casts. 2002-07-22 19:05:44 +00:00
sys_process.c Do preserve the error result from calling p_cansee() and use that when 2002-07-20 22:44:39 +00:00
sys_socket.c More caddr_t removal, make fo_ioctl take a void * instead of a caddr_t. 2002-06-29 01:50:25 +00:00
syscalls.c Regen. 2002-07-31 00:16:58 +00:00
syscalls.master Introduce support for Mandatory Access Control and extensible 2002-07-30 22:43:20 +00:00
sysv_ipc.c Change the suser() API to take advantage of td_ucred as well as do a 2002-04-01 21:31:13 +00:00
sysv_msg.c Cleanup: 2002-07-22 18:27:54 +00:00
sysv_sem.c Cleanup: 2002-07-22 18:27:54 +00:00
sysv_shm.c Change struct vmspace->vm_shm from void * to struct shmmap_state *, this 2002-07-22 16:22:27 +00:00
tty_compat.c Fixed some style bugs in the removal of __P(()). The main ones were 2002-03-24 05:09:11 +00:00
tty_conf.c
tty_cons.c Change the suser() API to take advantage of td_ucred as well as do a 2002-04-01 21:31:13 +00:00
tty_pty.c - Lock proctree_lock instead of pgrpsess_lock. 2002-04-16 17:09:22 +00:00
tty_subr.c Remove __P. 2002-03-19 21:25:46 +00:00
tty_tty.c Remove __P. 2002-03-19 21:25:46 +00:00
tty.c Clear up confusion in ugly code. ^T gave wrong results for RSS. 2002-07-18 21:19:56 +00:00
uipc_accf.c
uipc_cow.c Lock accesses to the page queues. 2002-07-13 04:37:22 +00:00
uipc_domain.c Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
uipc_jumbo.c o Lock page queue accesses by vm_page_free(). 2002-07-21 19:06:46 +00:00
uipc_mbuf2.c In m_aux_delete, no need to chase beyond victim. 2002-05-23 15:59:48 +00:00
uipc_mbuf.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:51:34 +00:00
uipc_proto.c
uipc_sockbuf.c Introduce support for Mandatory Access Control and extensible 2002-07-31 03:03:22 +00:00
uipc_socket2.c Introduce support for Mandatory Access Control and extensible 2002-07-31 03:03:22 +00:00
uipc_socket.c Introduce support for Mandatory Access Control and extensible 2002-07-31 03:03:22 +00:00
uipc_syscalls.c Introduce support for Mandatory Access Control and extensible 2002-07-31 16:39:49 +00:00
uipc_usrreq.c Introduce support for Mandatory Access Control and extensible 2002-07-31 03:03:22 +00:00
vfs_acl.c Teach discretionary access control methods for files about VAPPEND 2002-07-22 03:57:07 +00:00
vfs_aio.c Back out my lats commit of locking down a socket, it conflicts with hsu's work. 2002-05-31 11:52:35 +00:00
vfs_bio.c o Replace vm_page_sleep_busy() with vm_page_sleep_if_busy() 2002-07-30 20:41:10 +00:00
vfs_cache.c nuke caddr_t. 2002-06-28 23:17:36 +00:00
vfs_cluster.c o Lock page accesses by vm_page_io_start() with the page queues lock. 2002-07-31 07:27:08 +00:00
vfs_default.c - The default for lock, unlock, and islocked is now std* instead of no*. 2002-07-27 05:16:20 +00:00
vfs_export.c Partial backout of 1.318, remove error handling added because it may be 2002-06-30 05:23:58 +00:00
vfs_extattr.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:27:33 +00:00
vfs_init.c We don't need to check the return value of malloc() against 2002-06-22 21:44:11 +00:00
vfs_lookup.c Under #ifdef DIAGNOSTIC, NULL out componentname pointers if we free the 2002-07-24 15:42:22 +00:00
vfs_mount.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:11:29 +00:00
vfs_subr.c Nit in previous commit: the correct sysctl type is "S,xvnode" 2002-07-31 12:25:28 +00:00
vfs_syscalls.c Introduce support for Mandatory Access Control and extensible 2002-07-31 01:27:33 +00:00
vfs_vnops.c Introduce struct xvnode, which will be used instead of struct vnode for 2002-07-31 12:19:49 +00:00
vnode_if.src Begin committing support for Mandatory Access Control and extensible 2002-07-30 22:15:09 +00:00