d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
db2661ce96
freebsd-skq/sys
History
Robert Watson db2661ce96 Import an implementation of LOMAC (Low-Watermark Mandatory Access 
Control) as a MAC Framework policy module.  Unlike the existing
src/sys/security/lomac implementation, this one has its fingers out
of the kernel lock order and doesn't make use of flags in existing
kernel structures.  This greatly reduces the quantity of replicated
code with src/sys/kern, simplifies the implementation (3000 vs 8500
lines), and correctes a number of known stability problems with
the existing LOMAC implementation, which will be removed.  A bit
more hooking up to do here.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-26 17:26:06 +00:00
..
alpha Under certain circumstances, we were calling kmem_free() from 2002-11-22 23:57:02 +00:00
amd64 Assert that the page queues lock is held in pmap_remove_pages(). 2002-11-25 04:45:03 +00:00
arm Add standards visibility conditionals. Change any uses of sigset_t to 2002-10-13 00:31:46 +00:00
boot Eliminate references to defunct kernel tunables. 2002-11-26 13:55:50 +00:00
cam Remove unnecessary includes and add sys/{lock,mutex}.h 2002-11-25 19:28:05 +00:00
coda Back our kernel support for reliable signal queues. 2002-10-01 17:15:53 +00:00
compat Regenerate after adding syscalls. 2002-11-16 23:48:14 +00:00
conf Add ITANIUM2 as a global option. 2002-11-24 19:50:15 +00:00
contrib network interface and link layer changes: 2002-11-15 00:00:15 +00:00
crypto Make this compilable from userland as well. 2002-11-01 08:56:39 +00:00
ddb - Rename the DDB specific %z printf format to %y. 2002-10-25 19:41:32 +00:00
dev - Assume a bus number of zero if evaluating _BBN fails, not if it succeeds. 2002-11-25 21:55:04 +00:00
fs Fix instances of macros with improperly parenthasized arguments. 2002-11-09 12:55:07 +00:00
geom Remember to update the providers idea of its size when we reconfigure 2002-11-20 20:12:52 +00:00
gnu MFufs 1.33: 2002-10-18 21:41:41 +00:00
i4b network interface and link layer changes: 2002-11-15 00:00:15 +00:00
i386 Assert that the page queues lock is held in pmap_remove_pages(). 2002-11-25 04:45:03 +00:00
ia64 MFp4: 2002-11-24 20:15:08 +00:00
isa Capitalize the first letter of device descriptions 2002-11-11 15:26:08 +00:00
isofs/cd9660 Unbreak MNT_UPDATE when running with cd as root. Detect mountroot by 2002-11-02 20:16:55 +00:00
kern If the file descriptors passed into do_dup() are negative, return EBADF 2002-11-26 17:22:15 +00:00
libkern Fix instances of macros with improperly parenthasized arguments. 2002-11-09 12:55:07 +00:00
modules New SCSI target emulator code 2002-11-22 22:55:51 +00:00
net Move fw_one_pass from ip_fw2.c to ip_input.c so that neither 2002-11-20 19:07:27 +00:00
netatalk Add more ethernet types and move AppleTalk types into proper location. 2002-09-06 17:02:29 +00:00
netatm - Change the ATM stack functions to use intptr_t instead of int for opaque 2002-11-08 18:27:30 +00:00
netgraph The second try a committing the bluetooth code 2002-11-20 23:01:59 +00:00
netinet Move fw_one_pass from ip_fw2.c to ip_input.c so that neither 2002-11-20 19:07:27 +00:00
netinet6 plugged memory leakage in some erroneous cases 2002-10-31 19:45:48 +00:00
netipsec FAST_IPSEC fixups: 2002-11-08 23:37:50 +00:00
netipx Fix a sizeof(int) != sizeof(void *) warning. 2002-11-08 21:16:27 +00:00
netkey - fixed the order of searching SA table for packets. 2002-07-10 16:39:38 +00:00
netnatm Be consistent about functions being static. 2002-10-16 09:19:17 +00:00
netncp - Change mb_copy_t to take a size_t as the length argument instead of an 2002-11-08 21:26:32 +00:00
netns Use m_length() instead of home-rolled versions. 2002-09-18 19:44:14 +00:00
netsmb - Change mb_copy_t to take a size_t as the length argument instead of an 2002-11-08 21:26:32 +00:00
nfs Change iov_base's type from char *' to the standard void *'. All 2002-10-11 14:58:34 +00:00
nfsclient reapply 1.26 through 1.28. 2002-11-20 15:21:06 +00:00
nfsserver Permit MAC policies to instrument the access control decisions for 2002-11-04 15:13:36 +00:00
opencrypto correct minor # in make_dev call 2002-11-08 23:07:41 +00:00
pc98 MFi386: revision 1.550. 2002-11-17 02:57:06 +00:00
pccard MFp4: Comment about not assuming INTA# for 6729 2002-10-07 07:02:48 +00:00
pci Fix handling of IFF_ALLMULTI. The same bug in various forms affects 2002-11-25 19:28:01 +00:00
posix4 Rework the sysconf(3) interaction with aio: 2002-11-17 04:15:34 +00:00
powerpc Under certain circumstances, we were calling kmem_free() from 2002-11-22 23:57:02 +00:00
rpc
security Import an implementation of LOMAC (Low-Watermark Mandatory Access 2002-11-26 17:26:06 +00:00
sparc64 Add page queues locking to vunmapbuf(). 2002-11-24 21:13:34 +00:00
sys Un-staticize mac_cred_mmapped_drop_perms() so that it may be used 2002-11-26 17:11:57 +00:00
tools - Move ASSERT_VOP_*LOCK* functionality into functions in vfs_subr.c 2002-09-26 04:48:44 +00:00
ufs The target for the maximum number of dependencies has been cut 2002-11-20 05:16:11 +00:00
vm Acquire and release the page queues lock around calls to pmap_protect() 2002-11-25 22:00:31 +00:00
Makefile