freebsd-skq/sys/security
rwatson 4be0d09ad3 Add a new MAC entry point, mac_thread_userret(td), which permits policy
modules to perform MAC-related events when a thread returns to user
space.  This is required for policies that have floating process labels,
as it's not always possible to acquire the process lock at arbitrary
points in the stack during system call processing; process labels might
represent traditional authentication data, process history information,
or other data.

LOMAC will use this entry point to perform the process label update
prior to the thread returning to userspace, when plugged into the MAC
framework.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-02 02:42:38 +00:00
..
lomac - Use vrefcnt() instead of v_usecount. 2002-09-25 02:42:43 +00:00
mac Add a new MAC entry point, mac_thread_userret(td), which permits policy 2002-10-02 02:42:38 +00:00
mac_biba Remove another missed trailing space. 2002-09-21 19:50:28 +00:00
mac_bsdextended Pass active_cred and file_cred into the MAC framework explicitly 2002-08-19 19:04:53 +00:00
mac_ifoff Rename mac_check_socket_receive() to mac_check_socket_deliver() so that 2002-08-15 18:51:27 +00:00
mac_mls Trim trailing whitespace from the ends of lines. 2002-09-21 19:26:59 +00:00
mac_none Prefer NULL to 0 when passing a NULL pointer. 2002-08-20 02:54:09 +00:00
mac_seeotheruids Introduce support for Mandatory Access Control and extensible 2002-07-31 18:07:45 +00:00
mac_stub Prefer NULL to 0 when passing a NULL pointer. 2002-08-20 02:54:09 +00:00
mac_test Provide stub mpo_syscall() implementations for mac_none and mac_test. 2002-08-20 02:53:35 +00:00