freebsd-skq/sys/security/mac
Robert Watson 2220907b6e Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on
network interfaces.  This global mutex will protect all ifnet labels.
Acquire the mutex across various MAC activities on interfaces, such
as security checks, propagating interface labels to mbufs generated
from the interface, retrieving and setting the interface label.

Introduce mpo_copy_ifnet_label MAC policy entry point to copy the
value of an interface label from one label to another.  Use this
to avoid performing a label externalize while holding mac_ifnet_mtx;
copy the label to a temporary ifnet label and then externalize that.

Implement mpo_copy_ifnet_label for various MAC policies that
implement interface labeling using generic label copying routines.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-06-24 03:34:46 +00:00
..
mac_framework.c Add /* !MAC */ to final #endif. 2004-05-03 22:54:46 +00:00
mac_framework.h Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
mac_inet.c Move inet and inet6 related MAC Framework entry points from mac_net.c 2004-02-26 03:51:04 +00:00
mac_internal.h Move inet and inet6 related MAC Framework entry points from mac_net.c 2004-02-26 03:51:04 +00:00
mac_label.c Modify the MAC Framework so that instead of embedding a (struct label) 2003-11-12 03:14:31 +00:00
mac_net.c Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on 2004-06-24 03:34:46 +00:00
mac_pipe.c add missing #include <sys/module.h> 2004-05-30 20:27:19 +00:00
mac_policy.h Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on 2004-06-24 03:34:46 +00:00
mac_process.c Update my personal copyrights and NETA copyrights in the kernel 2004-02-22 00:33:12 +00:00
mac_socket.c Socket MAC labels so_label and so_peerlabel are now protected by 2004-06-13 02:50:07 +00:00
mac_syscalls.c Add /* !MAC */ to final #endif. 2004-05-03 22:54:46 +00:00
mac_system.c add missing #include <sys/module.h> 2004-05-30 20:27:19 +00:00
mac_vfs.c Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00