freebsd-skq/sys/kern
Robert Watson eca8a663d4 Modify the MAC Framework so that instead of embedding a (struct label)
in various kernel objects to represent security data, we embed a
(struct label *) pointer, which now references labels allocated using
a UMA zone (mac_label.c).  This allows the size and shape of struct
label to be varied without changing the size and shape of these kernel
objects, which become part of the frozen ABI with 5-STABLE.  This opens
the door for boot-time selection of the number of label slots, and hence
changes to the bound on the number of simultaneous labeled policies
at boot-time instead of compile-time.  This also makes it easier to
embed label references in new objects as required for locking/caching
with fine-grained network stack locking, such as inpcb structures.

This change also moves us further in the direction of hiding the
structure of kernel objects from MAC policy modules, not to mention
dramatically reducing the number of '&' symbols appearing in both the
MAC Framework and MAC policy modules, and improving readability.

While this results in minimal performance change with MAC enabled, it
will observably shrink the size of a number of critical kernel data
structures for the !MAC case, and should have a small (but measurable)
performance benefit (i.e., struct vnode, struct socket) do to memory
conservation and reduced cost of zeroing memory.

NOTE: Users of MAC must recompile their kernel and all MAC modules as a
result of this change.  Because this is an API change, third party
MAC modules will also need to be updated to make less use of the '&'
symbol.

Suggestions from:	bmilekic
Obtained from:		TrustedBSD Project
Sponsored by:		DARPA, Network Associates Laboratories
2003-11-12 03:14:31 +00:00
..
bus_if.m Introduce BUS_CONFIG_INTR(). The method allows devices to tell parents 2003-09-10 21:37:10 +00:00
clock_if.m
device_if.m
genassym.sh
imgact_aout.c Add sysentvec->sv_fixlimits() hook so that we can catch cases on 64 bit 2003-09-25 01:10:26 +00:00
imgact_elf32.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_elf64.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_elf.c Add sysentvec->sv_fixlimits() hook so that we can catch cases on 64 bit 2003-09-25 01:10:26 +00:00
imgact_gzip.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
imgact_shell.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
inflate.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
init_main.c Remove the global variable 'cmask', which was used to initialize the 2003-10-02 03:57:59 +00:00
init_sysent.c Regen. 2003-11-07 20:30:30 +00:00
kern_acct.c Add fdidx argument to vn_open() and vn_open_cred() and pass -1 throughout. 2003-07-27 17:04:56 +00:00
kern_acl.c Move more ACL logic from the UFS code (ufs_acl.c) to the central POSIX.1e 2003-08-04 02:13:05 +00:00
kern_alq.c Allow MAC policies to block/revoke kern_alq write access to a file. 2003-10-25 16:10:41 +00:00
kern_clock.c - Update the sched api. sched_{add,rem,clock,pctcpu} now all accept a td 2003-10-16 08:39:15 +00:00
kern_condvar.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
kern_conf.c Retire revoke_and_destroy_dev() with extreme prejudice. 2003-09-28 20:50:36 +00:00
kern_context.c Change the clear_ret argument of get_mcontext() to be a flags argument. 2003-11-09 20:31:04 +00:00
kern_descrip.c falloc allocates a file structure and adds it to the file descriptor 2003-10-19 20:41:07 +00:00
kern_environment.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_event.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
kern_exec.c Modify the MAC Framework so that instead of embedding a (struct label) 2003-11-12 03:14:31 +00:00
kern_exit.c Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
kern_fork.c Removed mostly-dead code for setting switchtime after the idle loop 2003-10-29 15:23:09 +00:00
kern_idle.c Tidy up loose ends in the idle process. Call the MI cpu_idle() function 2003-10-19 02:43:57 +00:00
kern_intr.c Don't require INTR_FAST handlers to be exclusive in the MI layer. Instead, 2003-11-03 22:42:58 +00:00
kern_jail.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_kse.c Add an implementation of turnstiles and change the sleep mutex code to use 2003-11-11 22:07:29 +00:00
kern_kthread.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_ktr.c Update the license on this file to be a bit more sane. 2003-09-10 01:09:32 +00:00
kern_ktrace.c Bound the number of iterations a thread can perform inside 2003-11-11 09:09:26 +00:00
kern_linker.c Avoid NULL pointer dereferencing in modlist_lookup2(). 2003-09-23 14:42:38 +00:00
kern_lock.c Rearrange the SYSINIT order to call lockmgr_init() earlier so that 2003-07-16 01:00:39 +00:00
kern_lockf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_mac.c Modify the MAC Framework so that instead of embedding a (struct label) 2003-11-12 03:14:31 +00:00
kern_malloc.c - Only use UMA to cache malloc requests up to PAGE_SIZE. Values larger than 2003-09-19 04:39:08 +00:00
kern_mib.c Change all SYSCTLS which are readonly and have a related TUNABLE 2003-10-21 18:28:36 +00:00
kern_module.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_mtxpool.c Rearrange the SYSINIT order to call lockmgr_init() earlier so that 2003-07-16 01:00:39 +00:00
kern_mutex.c Add an implementation of turnstiles and change the sleep mutex code to use 2003-11-11 22:07:29 +00:00
kern_ntptime.c During a positive leap second, the tai_time offset should be 2003-06-25 20:56:40 +00:00
kern_physio.c Initialize b_iooffset before calling strategy 2003-10-18 19:48:21 +00:00
kern_poll.c o add a flags parameter to netisr_register that is used to specify 2003-11-08 22:28:40 +00:00
kern_proc.c - Update the sched api. sched_{add,rem,clock,pctcpu} now all accept a td 2003-10-16 08:39:15 +00:00
kern_prot.c Writes to p_flag in __setugid() no longer need Giant. 2003-10-23 21:20:34 +00:00
kern_resource.c - Don't set td_priority directly here, use sched_prio(). 2003-10-27 07:15:47 +00:00
kern_sema.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_shutdown.c Further cleanup <machine/cpu.h> and <machine/md_var.h>: move the MI 2003-08-16 16:57:57 +00:00
kern_sig.c Try to fetch thread mailbox address in page fault trap, so when thread 2003-10-30 02:55:43 +00:00
kern_subr.c Introduce a uiomove_frombuf helper routine that handles computing and 2003-10-02 15:00:55 +00:00
kern_switch.c - Remove the correct thread from the run queue in setrunqueue(). This 2003-10-17 20:53:04 +00:00
kern_sx.c Extend the mutex pool implementation to permit the creation and use of 2003-07-13 01:22:21 +00:00
kern_synch.c Removed mostly-dead code for setting switchtime after the idle loop 2003-10-29 15:23:09 +00:00
kern_syscalls.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_sysctl.c Bring back sysctl_wire_old_buffer(). Fix a bug in sysctl_handle_opaque() 2003-10-05 13:31:33 +00:00
kern_tc.c Use the quality to disable timecounters for which we deem Hz too low. 2003-09-03 08:14:16 +00:00
kern_thr.c Update powerpc to use the (old thread,new thread) calling convention 2003-08-14 03:56:24 +00:00
kern_thread.c Add an implementation of turnstiles and change the sleep mutex code to use 2003-11-11 22:07:29 +00:00
kern_time.c constify the second args to timevaladd() and timevalsub(). 2003-10-26 02:19:00 +00:00
kern_timeout.c Get rid of DIAGNOSTIC that gives false positives on slow CPUs. 2003-11-04 08:03:11 +00:00
kern_umtx.c Return EINVAL if the contested bit is not set on the umtx passed to 2003-09-07 11:14:52 +00:00
kern_uuid.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
kern_xxx.c Correct mostly harmless off-by-one error in getdomainname(). 2003-09-13 17:12:22 +00:00
ksched.c sched_setscheduler: Return EINVAL when a invalid policy is specified, 2003-09-13 18:46:24 +00:00
link_elf_obj.c Add the mlockall() and munlockall() system calls. 2003-08-11 07:14:08 +00:00
link_elf.c Add the mlockall() and munlockall() system calls. 2003-08-11 07:14:08 +00:00
linker_if.m The method link_preload_finish is not static. 2003-09-20 17:39:32 +00:00
Make.tags.inc Finish driving a stake through the heart of netns and the associated 2003-03-05 19:24:24 +00:00
Makefile Finish driving a stake through the heart of netns and the associated 2003-03-05 19:24:24 +00:00
makesyscalls.sh - Include umtx.h in files generated by makesyscalls.sh 2003-04-01 01:12:24 +00:00
md4c.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
md5c.c Revert stuff which accidentally ended up in the previous commit. 2003-07-22 10:36:36 +00:00
p1003_1b.c Use __FBSDID(). 2003-06-11 06:34:30 +00:00
posix4_mib.c Use __FBSDID(). 2003-06-11 06:34:30 +00:00
sched_4bsd.c Quick fix for scaling of statclock ticks in the SMP case. As explained 2003-11-09 13:45:54 +00:00
sched_ule.c - Somehow I botched my last commit. Add an extra ( to fix things up. I'm 2003-11-06 07:56:01 +00:00
subr_acl_posix1e.c Move more ACL logic from the UFS code (ufs_acl.c) to the central POSIX.1e 2003-08-04 02:13:05 +00:00
subr_autoconf.c Revert stuff which accidentally ended up in the previous commit. 2003-07-22 10:36:36 +00:00
subr_blist.c Expand inline the relevant parts of src/COPYRIGHT for Matt Dillon's 2003-08-12 23:24:05 +00:00
subr_bus.c o make debug_mpsafenet globally visible 2003-11-05 23:42:51 +00:00
subr_clist.c Revert stuff which accidentally ended up in the previous commit. 2003-07-22 10:36:36 +00:00
subr_clock.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_devstat.c The present defaults for the open and close for device drivers which 2003-09-27 12:01:01 +00:00
subr_disk.c Report bio_pblkbo instead of bio_blkno. 2003-10-18 17:27:10 +00:00
subr_eventhandler.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_hints.c Add a resource_disabled() helper function that returns true (non-zero) if 2003-07-02 16:01:38 +00:00
subr_kobj.c * Add multiple inheritance to kobj. Each class can have zero or more base 2003-10-16 09:16:28 +00:00
subr_log.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
subr_mbpool.c Add a facility for devices, specifically network interfaces, that require 2003-07-15 08:59:38 +00:00
subr_mbuf.c Change all SYSCTLS which are readonly and have a related TUNABLE 2003-10-21 18:28:36 +00:00
subr_mchain.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_module.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_msgbuf.c Put the message about msgbuf cksum mismatch under bootverbose and tell 2003-09-05 11:12:00 +00:00
subr_param.c More pipe changes: 2003-08-11 05:51:51 +00:00
subr_pcpu.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_power.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_prf.c Revert stuff which accidentally ended up in the previous commit. 2003-07-22 10:36:36 +00:00
subr_prof.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_rman.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_rtc.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_sbuf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_scanf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
subr_smp.c Ensure that mp_ncpus is set to 1 if mp_cpu_probe() fails. 2003-10-30 21:44:01 +00:00
subr_taskqueue.c Fix a bug where the taskqueue kproc was being parented by init 2003-11-10 20:39:44 +00:00
subr_trap.c Log involuntary context switches correctly. 2003-09-05 22:15:26 +00:00
subr_turnstile.c Add an implementation of turnstiles and change the sleep mutex code to use 2003-11-11 22:07:29 +00:00
subr_witness.c Add an implementation of turnstiles and change the sleep mutex code to use 2003-11-11 22:07:29 +00:00
sys_generic.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
sys_pipe.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
sys_process.c Implement preliminary support for the PT_SYSCALL command to ptrace(2). 2003-10-09 10:17:16 +00:00
sys_socket.c Initialize struct fileops with C99 sparse initialization. 2003-06-18 18:16:40 +00:00
syscalls.c Regen. 2003-11-07 20:30:30 +00:00
syscalls.master Mark ptrace(), ktrace(), utrace(), sysarch(), and issetugid() as MP safe. 2003-11-07 20:23:23 +00:00
sysv_ipc.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sysv_msg.c Slight whitespace consistency improvement: 2003-11-07 04:47:14 +00:00
sysv_sem.c When there are no free sem_undo structs available in semu_alloc(), only 2003-11-10 07:22:41 +00:00
sysv_shm.c Slight whitespace consistency improvement: 2003-11-07 04:47:14 +00:00
tty_compat.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_conf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
tty_cons.c I think rwatson got the sign wrong here... 2003-10-18 12:16:17 +00:00
tty_pty.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
tty_subr.c Revert stuff which accidentally ended up in the previous commit. 2003-07-22 10:36:36 +00:00
tty_tty.c The present defaults for the open and close for device drivers which 2003-09-27 12:01:01 +00:00
tty.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
uipc_accf.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_cow.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_domain.c move domain list mutex initialization to earlier in the boot sequence so 2003-09-02 20:59:23 +00:00
uipc_jumbo.c Lock the vm object when removing a page. 2003-06-11 21:23:04 +00:00
uipc_mbuf2.c Introduce the notion of "persistent mbuf tags"; these are tags that stay 2003-10-29 05:40:07 +00:00
uipc_mbuf.c Implement MBUF_STRESS_TEST mark II. 2003-09-01 05:55:37 +00:00
uipc_proto.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_sem.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
uipc_sockbuf.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
uipc_socket2.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
uipc_socket.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
uipc_syscalls.c falloc allocates a file structure and adds it to the file descriptor 2003-10-19 20:41:07 +00:00
uipc_usrreq.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_acl.c Move more ACL logic from the UFS code (ufs_acl.c) to the central POSIX.1e 2003-08-04 02:13:05 +00:00
vfs_aio.c don't allow reading from files that haven't been open'd for reading. 2003-10-24 21:07:53 +00:00
vfs_bio.c - Revision 1.469 of vfs_subr.c resulted in the buf's b_object field being 2003-11-11 04:45:37 +00:00
vfs_cache.c - Apply a big giant lock around the namecache. This has been sitting in 2003-10-05 07:13:50 +00:00
vfs_cluster.c Initialize the buf's b_object in pbgetvp(). Clear it in pbrelvp(). (This 2003-10-20 18:24:38 +00:00
vfs_default.c Remove mntvnode_mtx and replace it with per-mountpoint mutex. 2003-11-05 04:30:08 +00:00
vfs_export.c Guard against MLEN growing larger than a uint8_t due to MSIZE grwoing to a 2003-07-26 07:23:24 +00:00
vfs_extattr.c falloc allocates a file structure and adds it to the file descriptor 2003-10-19 20:41:07 +00:00
vfs_init.c Change all SYSCTLS which are readonly and have a related TUNABLE 2003-10-21 18:28:36 +00:00
vfs_lookup.c Use __FBSDID(). 2003-06-11 00:56:59 +00:00
vfs_mount.c 1. Consolidate mount struct allocation/destruction into a common code in 2003-11-12 02:54:47 +00:00
vfs_subr.c - Implement selwakeuppri() which allows raising the priority of a 2003-11-09 09:17:26 +00:00
vfs_syscalls.c falloc allocates a file structure and adds it to the file descriptor 2003-10-19 20:41:07 +00:00
vfs_vnops.c - If we are called with LK_NOWAIT in vn_lock() we may be holding a mutex 2003-10-04 14:35:22 +00:00
vnode_if.src Rename VOP_RMEXTATTR() to VOP_DELETEEXTATTR() for consistency with the 2003-07-28 18:53:29 +00:00