freebsd-skq/sys/security
Robert Watson 5264841183 Introduce MAC Framework and MAC Policy entry points to label and control
access to POSIX Semaphores:

mac_init_posix_sem()            Initialize label for POSIX semaphore
mac_create_posix_sem()          Create POSIX semaphore
mac_destroy_posix_sem()         Destroy POSIX semaphore
mac_check_posix_sem_destroy()   Check whether semaphore may be destroyed
mac_check_posix_sem_getvalue()  Check whether semaphore may be queried
mac_check_possix_sem_open()     Check whether semaphore may be opened
mac_check_posix_sem_post()      Check whether semaphore may be posted to
mac_check_posix_sem_unlink()    Check whether semaphore may be unlinked
mac_check_posix_sem_wait()      Check whether may wait on semaphore

Update Biba, MLS, Stub, and Test policies to implement these entry points.
For information flow policies, most semaphore operations are effectively
read/write.

Submitted by:	Dandekar Hrishikesh <rishi_dandekar at sbcglobal dot net>
Sponsored by:	DARPA, McAfee, SPARTA
Obtained from:	TrustedBSD Project
2005-05-04 10:39:15 +00:00
..
mac Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00
mac_biba Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00
mac_bsdextended Add locking support to mac_bsdextended: 2005-04-22 18:49:30 +00:00
mac_ifoff
mac_lomac Move MAC check_vnode_mmap entry point out from being exclusive to 2005-04-14 16:03:30 +00:00
mac_mls Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00
mac_none
mac_partition
mac_portacl Add a new sysctl/tunable to mac_portacl: 2004-12-08 11:46:44 +00:00
mac_seeotheruids Exempt the superuser from mac_seeotheruids checks. 2005-01-03 12:08:18 +00:00
mac_stub Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00
mac_test Introduce MAC Framework and MAC Policy entry points to label and control 2005-05-04 10:39:15 +00:00