d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys/kern
History
Robert Watson ccafe7eb35 Hook up the mac_will_execve_transition() and mac_execve_transition() 
entrypoints, #ifdef MAC.  The supporting logic already existed in
kern_mac.c, so no change there.  This permits MAC policies to cause
a process label change as the result of executing a binary --
typically, as a result of executing a specially labeled binary.

For example, the SEBSD port of SELinux/FLASK uses this functionality
to implement TE type transitions on processes using transitioning
binaries, in a manner similar to setuid.  Policies not implementing
a notion of transition (all the ones in the tree right now) require
no changes, since the old label data is copied to the new label
via mac_create_cred() even if a transition does occur.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-05 14:57:49 +00:00
..
bus_if.m
Add two interfaces to allow for busses to report the pnpinfo for
2002-10-07 05:06:38 +00:00
clock_if.m
Add a generic implementation of inittodr() and resettodr(), as well as
2002-04-04 23:39:10 +00:00
device_if.m
genassym.sh
imgact_aout.c
Use the fields in the sysentvec and in the vm map header in place of the
2002-09-21 22:07:17 +00:00
imgact_elf32.c
Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable
2002-07-20 02:56:12 +00:00
imgact_elf64.c
Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable
2002-07-20 02:56:12 +00:00
imgact_elf.c
Remove reference to struct execve_args from struct imgact, which
2002-11-05 01:59:56 +00:00
imgact_elfN.c
Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable
2002-07-20 02:56:12 +00:00
imgact_gzip.c
Use the fields in the sysentvec and in the vm map header in place of the
2002-09-21 22:07:17 +00:00
imgact_shell.c
Remove reference to struct execve_args from struct imgact, which
2002-11-05 01:59:56 +00:00
inflate.c
Modernize my email address.
2002-03-25 13:52:45 +00:00
init_main.c
Use strlcpy() instead of strncpy() to copy NUL terminated strings
2002-10-17 20:03:38 +00:00
init_sysent.c
Regen from yesterday's system call placeholder rename.
2002-11-02 23:54:36 +00:00
kern_acct.c
Typo in comment: commmand -> command
2002-11-05 14:54:07 +00:00
kern_acl.c
Introduce support for Mandatory Access Control and extensible
2002-08-01 01:04:16 +00:00
kern_alq.c
- Export the alq daemon thread pointer.
2002-09-26 07:38:56 +00:00
kern_clock.c
- Create a new scheduler api that is defined in sys/sched.h
2002-10-12 05:32:24 +00:00
kern_condvar.c
More work on the interaction between suspending and sleeping threads.
2002-10-25 07:11:12 +00:00
kern_conf.c
Don't allow dev_stdclone(9) to accept minors larger than the system is
2002-10-05 17:10:28 +00:00
kern_descrip.c
Change the way support for asynchronous I/O is indicated to applications
2002-10-27 18:07:41 +00:00
kern_environment.c
Add MAC checks for various kenv() operations: dump, get, set, unset,
2002-11-01 20:46:53 +00:00
kern_event.c
Minor comment typo fix.
2002-10-29 20:51:44 +00:00
kern_exec.c
Hook up the mac_will_execve_transition() and mac_execve_transition()
2002-11-05 14:57:49 +00:00
kern_exit.c
- Add a new global mutex 'ppeers_lock' to protect the p_peers list of
2002-10-15 00:14:32 +00:00
kern_fork.c
Do not lock the process when calling fdfree() (this would have recursed on
2002-10-18 17:45:41 +00:00
kern_idle.c
- Create a new scheduler api that is defined in sys/sched.h
2002-10-12 05:32:24 +00:00
kern_intr.c
Instead of (sizeof(source_buffer) - 1) bytes, copy at most
2002-10-17 21:02:02 +00:00
kern_jail.c
Use strlcpy() instead of strncpy() to copy NUL terminated strings
2002-10-17 20:03:38 +00:00
kern_kse.c
KSE-enabled processes only.
2002-10-31 08:00:51 +00:00
kern_kthread.c
Some kernel threads try to do significant work, and the default KSTACK_PAGES
2002-10-02 07:44:29 +00:00
kern_ktr.c
- Export the alq daemon thread pointer.
2002-09-26 07:38:56 +00:00
kern_ktrace.c
Some kernel threads try to do significant work, and the default KSTACK_PAGES
2002-10-02 07:44:29 +00:00
kern_linker.c
fix kldload error return when a module is rejected because it's statically
2002-10-17 17:28:57 +00:00
kern_lock.c
Have lockinit() initialize the debugging fields of a lock
2002-10-18 01:34:10 +00:00
kern_lockf.c
Remove a conditional #include <sys/kernel.h>, it is already
2002-09-14 14:44:41 +00:00
kern_mac.c
Permit MAC policies to instrument the access control decisions for
2002-11-04 15:13:36 +00:00
kern_malloc.c
Introduce malloc_last_fail() which returns the number of seconds since
2002-11-01 18:58:12 +00:00
kern_mib.c
Update a sysctl to use _POSIX_VERSION from <sys/unistd.h>, instead of
2002-10-13 14:26:29 +00:00
kern_module.c
- Remove Giant acquisition from modevent(), modfnext(), modstat() and
2002-06-26 00:31:44 +00:00
kern_mtxpool.c
Change callers of mtx_init() to pass in an appropriate lock type name. In
2002-04-04 21:03:38 +00:00
kern_mutex.c
Disable the kernacc() check in mtx_validate() until such time that kernacc
2002-10-25 08:40:20 +00:00
kern_ntptime.c
Remove an unused variable.
2002-10-11 10:36:22 +00:00
kern_physio.c
Change iov_base's type from char *' to the standard void *'. All
2002-10-11 14:58:34 +00:00
kern_poll.c
Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
2002-08-18 07:05:00 +00:00
kern_proc.c
Move thread related code from kern_proc.c to kern_thread.c.
2002-10-24 08:46:34 +00:00
kern_prot.c
Include file cleanup; mac.h and malloc.h at one point had ordering
2002-08-01 17:47:56 +00:00
kern_resource.c
- Create a new scheduler api that is defined in sys/sched.h
2002-10-12 05:32:24 +00:00
kern_sema.c
Change callers of mtx_init() to pass in an appropriate lock type name. In
2002-04-04 21:03:38 +00:00
kern_shutdown.c
Hook up mac_check_system_reboot(), a MAC Framework entry point that
2002-10-27 07:03:29 +00:00
kern_sig.c
Split 4.x and 5.x signal handling so that we can keep 4.x signal
2002-10-25 19:10:58 +00:00
kern_subr.c
- Create a new scheduler api that is defined in sys/sched.h
2002-10-12 05:32:24 +00:00
kern_switch.c
Did you ever notice how stupid bugs show up much clearer
2002-10-14 20:43:02 +00:00
kern_sx.c
Set the lock type equal to the lock name for now as all of the current
2002-04-04 20:49:35 +00:00
kern_synch.c
Add an actual implementation of kse_thr_interrupt()
2002-10-30 02:28:41 +00:00
kern_syscalls.c
- Lock down the ``module'' structure by adding an SX lock that is used by
2002-03-18 07:45:30 +00:00
kern_sysctl.c
Implement mac_check_system_sysctl(), a MAC Framework entry point to
2002-10-27 07:12:34 +00:00
kern_tc.c
Introduce a "time_uptime" global variable which holds the time since boot
2002-11-01 18:52:20 +00:00
kern_thread.c
KSE-enabled processes only.
2002-10-31 08:00:51 +00:00
kern_time.c
Introduce mac_check_system_settime(), a MAC check allowing policies to
2002-11-03 02:39:42 +00:00
kern_timeout.c
Fix a format buglet.
2002-09-05 11:42:03 +00:00
kern_uuid.c
Include <sys/systm.h> for the declarations of many things instead of
2002-08-22 12:47:22 +00:00
kern_xxx.c
more caddr_t removal.
2002-06-29 02:00:02 +00:00
ksched.c
Tidy up the scheduler's code for changing the priority of a thread.
2002-10-14 20:34:31 +00:00
link_elf_obj.c
Add two hooks to signal module load and module unload to MD code.
2002-10-19 19:16:03 +00:00
link_elf.c
Add two hooks to signal module load and module unload to MD code.
2002-10-19 19:16:03 +00:00
linker_if.m
Make.tags.inc
Don't hardcode /sys when making tags, instead use ${.CURDIR}/.. this
2002-02-27 10:07:15 +00:00
Makefile
makesyscalls.sh
The syscall names are string constants, so make them consts.
2002-10-29 15:47:06 +00:00
md4c.c
md5c.c
We have memset() and memcpy() in the kernel now, so we don't need to
2002-10-20 22:33:42 +00:00
p1003_1b.c
Change p_can{debug,see,sched,signal}()'s first argument to be a thread
2002-05-19 00:14:50 +00:00
posix4_mib.c
Change the way support for asynchronous I/O is indicated to applications
2002-10-27 18:07:41 +00:00
sched_4bsd.c
Tidy up the scheduler's code for changing the priority of a thread.
2002-10-14 20:34:31 +00:00
subr_acl_posix1e.c
Introduce support for Mandatory Access Control and extensible
2002-08-01 01:04:16 +00:00
subr_autoconf.c
Remove __P.
2002-03-19 21:25:46 +00:00
subr_blist.c
Now that daddr_t has grown up, use %lld to printf it and cast it to long
2002-05-18 23:46:04 +00:00
subr_bus.c
Use ; not , as statement separator in PDEBUG() macro.
2002-10-15 18:56:13 +00:00
subr_clist.c
Remove __P.
2002-03-19 21:25:46 +00:00
subr_clock.c
Use the CPU_* OID constants instead of OID_AUTO for the clock-related
2002-08-07 19:43:54 +00:00
subr_devstat.c
Use strlcpy() instead of strncpy() to copy NUL terminated strings
2002-10-17 20:03:38 +00:00
subr_disk.c
This checkin reimplements the io-request priority hack in a way
2002-10-22 00:59:49 +00:00
subr_disklabel.c
(This commit touches about 15 disk device drivers in a very consistent
2002-09-20 19:36:05 +00:00
subr_diskmbr.c
Split MBR and PC98 on-disk sliceformats out from disklabel.h, step 1:
2002-10-01 07:24:55 +00:00
subr_diskslice.c
Use strlcpy() instead of strncpy() to copy NUL terminated strings
2002-10-17 20:03:38 +00:00
subr_eventhandler.c
Wrap a line longer than 80 characters.
2002-07-19 17:44:44 +00:00
subr_hints.c
Cosmetic tweaks. Try and keep the style more consistent, catch some stray
2002-05-01 02:51:50 +00:00
subr_kobj.c
Convert hit and miss counters to unsigned values. Surely negative values
2002-06-10 22:40:26 +00:00
subr_log.c
Fix the calculations of the length of the unread message buffer
2002-10-20 23:13:05 +00:00
subr_mbuf.c
Fix a fairly subtle bug in mbuf_init() where the reference counter
2002-10-16 19:59:08 +00:00
subr_mchain.c
Don't dereference the 'x' pointer if it is NULL, instead skip the
2002-10-22 18:44:59 +00:00
subr_module.c
subr_param.c
Change hw.physmem and hw.usermem to unsigned long like they used to be
2002-08-30 04:04:37 +00:00
subr_pcpu.c
subr_power.c
Use ISO 9X variadic macro format; arguments are not optional, just
2002-07-15 17:17:56 +00:00
subr_prf.c
- Rename the DDB specific %z printf format to %y.
2002-10-25 19:41:32 +00:00
subr_prof.c
Don't #error if we are lint.
2002-10-01 13:15:11 +00:00
subr_rman.c
Add debug.rman_debug sysctl MIB and loader tunable instead of broken
2002-09-05 11:45:02 +00:00
subr_rtc.c
Use the CPU_* OID constants instead of OID_AUTO for the clock-related
2002-08-07 19:43:54 +00:00
subr_sbuf.c
Add the new function "sbuf_done()" which returns non-zero if the sbuf is
2002-10-04 09:58:17 +00:00
subr_scanf.c
Fix mis-indentation.
2002-10-02 09:09:25 +00:00
subr_smp.c
Completely redo thread states.
2002-09-11 08:13:56 +00:00
subr_taskqueue.c
If we fail to write to a vnode during a ktrace write, then we drop all
2002-08-01 13:35:38 +00:00
subr_trap.c
iBack out david's last commit. the suspension code needs to be called
2002-10-26 04:44:17 +00:00
subr_turnstile.c
Disable the kernacc() check in mtx_validate() until such time that kernacc
2002-10-25 08:40:20 +00:00
subr_witness.c
Catch up with the removal of the vm page buckets spin mutex.
2002-11-02 22:42:18 +00:00
subr_xxx.c
Here follows the new kernel dumping infrastructure.
2002-03-31 22:37:00 +00:00
sys_generic.c
Be consistent about "static" functions: if the function is marked
2002-09-28 17:15:38 +00:00
sys_pipe.c
Remove a KASSERT I added in 1.73 to catch uninitialized pipes.
2002-10-14 21:15:04 +00:00
sys_process.c
Add a missing PROC_UNLOCK in ptrace() for the PT_IO case.
2002-10-16 16:28:33 +00:00
sys_socket.c
Update the st_size reported via stat(2) to accurately reflect the amount
2002-11-01 21:31:13 +00:00
syscalls.c
Regen from yesterday's system call placeholder rename.
2002-11-02 23:54:36 +00:00
syscalls.master
Rename __execve_mac() to __mac_execve() for increased consistency
2002-11-01 21:00:02 +00:00
sysv_ipc.c
Change the suser() API to take advantage of td_ucred as well as do a
2002-04-01 21:31:13 +00:00
sysv_msg.c
Make SYSVMSG mpsafe. Right now there is a global lock over the
2002-08-13 08:00:36 +00:00
sysv_sem.c
Don't leak memory in semop(2). (Fix a bug I introduced in rev 1.55.)
2002-10-19 02:07:35 +00:00
sysv_shm.c
return foo -> return (foo)
2002-08-15 02:10:12 +00:00
tty_compat.c
Fixed some style bugs in the removal of __P(()). The main ones were
2002-03-24 05:09:11 +00:00
tty_conf.c
tty_cons.c
Use strlcpy() instead of strncpy() to copy NUL terminated strings
2002-10-17 20:03:38 +00:00
tty_pty.c
- Lock proctree_lock instead of pgrpsess_lock.
2002-04-16 17:09:22 +00:00
tty_subr.c
Remove __P.
2002-03-19 21:25:46 +00:00
tty_tty.c
Pass active_cred and file_cred into the MAC framework explicitly
2002-08-19 19:04:53 +00:00
tty.c
In an SMP environment post-Giant it is no longer safe to blindly
2002-10-03 02:13:00 +00:00
uipc_accf.c
uipc_cow.c
Change iov_base's type from char *' to the standard void *'. All
2002-10-11 14:58:34 +00:00
uipc_domain.c
Back out my lats commit of locking down a socket, it conflicts with hsu's work.
2002-05-31 11:52:35 +00:00
uipc_jumbo.c
o Lock page queue accesses by vm_page_free().
2002-07-21 19:06:46 +00:00
uipc_mbuf2.c
Replace aux mbufs with packet tags:
2002-10-16 01:54:46 +00:00
uipc_mbuf.c
Replace aux mbufs with packet tags:
2002-10-16 01:54:46 +00:00
uipc_proto.c
uipc_sem.c
Be consistent about funtions being static.
2002-10-16 10:42:13 +00:00
uipc_sockbuf.c
Revert the change in revision 1.77 of kern/uipc_socket2.c. It is causing
2002-11-02 05:14:31 +00:00
uipc_socket2.c
Revert the change in revision 1.77 of kern/uipc_socket2.c. It is causing
2002-11-02 05:14:31 +00:00
uipc_socket.c
Revert the change in revision 1.77 of kern/uipc_socket2.c. It is causing
2002-11-02 05:14:31 +00:00
uipc_syscalls.c
Integrate mac_check_socket_send() and mac_check_socket_receive()
2002-10-06 14:39:15 +00:00
uipc_usrreq.c
Trim extraneous #else and #endif MAC comments per style(9).
2002-10-28 21:17:53 +00:00
vfs_acl.c
Introduce support for Mandatory Access Control and extensible
2002-08-01 01:04:16 +00:00
vfs_aio.c
Change the way support for asynchronous I/O is indicated to applications
2002-10-27 18:07:41 +00:00
vfs_bio.c
When the number of dirty buffers rises too high, the buf_daemon runs
2002-10-18 01:29:59 +00:00
vfs_cache.c
Split up __getcwd so that kernel callers of the internal version
2002-09-02 22:40:30 +00:00
vfs_cluster.c
- Use incore() where no other interlock locking is necessary.
2002-09-25 02:12:32 +00:00
vfs_default.c
Don't try to be cute and save a call/return by implementing a degenerate
2002-10-24 17:55:49 +00:00
vfs_export.c
Partial backout of 1.318, remove error handling added because it may be
2002-06-30 05:23:58 +00:00
vfs_extattr.c
Fix a case in kern_rename() where a vn_finished_write() call was
2002-10-27 23:23:51 +00:00
vfs_init.c
We don't need to check the return value of malloc() against
2002-06-22 21:44:11 +00:00
vfs_lookup.c
Add a new 'NOMACCHECK' flag to namei() NDINIT flags, which permits the
2002-10-19 21:25:51 +00:00
vfs_mount.c
#include <geom/geom.h> to get proper prototypes. Contrary to my fears we
2002-10-25 18:44:42 +00:00
vfs_subr.c
Slightly change the semantics of vnode labels for MAC: rather than
2002-10-26 14:38:24 +00:00
vfs_syscalls.c
Fix a case in kern_rename() where a vn_finished_write() call was
2002-10-27 23:23:51 +00:00
vfs_vnops.c
Within ufs, the ffs_sync and ffs_fsync functions did not always
2002-10-25 00:20:37 +00:00
vnode_if.src
- We don't need any automated lock checking for vop_islocked.
2002-09-26 00:31:16 +00:00