| Commit message (Expand) | Author | Age | Files | Lines |
* | Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary | Edward Tomasz Napierala | 2008-10-28 | 1 | -3/+3 |
* | Rename three MAC entry points from _proc_ to _cred_ to reflect the fact | Robert Watson | 2008-10-28 | 1 | -38/+38 |
* | Implement MAC policy support for IPv6 fragment reassembly queues, | Robert Watson | 2008-10-26 | 1 | -1/+53 |
* | Add a mac_inpcb_check_visible implementation to all MAC policies | Bjoern A. Zeeb | 2008-10-17 | 1 | -0/+19 |
* | Introduce two related changes to the TrustedBSD MAC Framework: | Robert Watson | 2008-08-23 | 1 | -1/+21 |
* | Minor style tweaks. | Robert Watson | 2008-08-02 | 1 | -9/+4 |
* | Rework the lifetime management of the kernel implementation of POSIX | John Baldwin | 2008-06-27 | 1 | -6/+25 |
* | Remove the posixsem_check_destroy() MAC check. It is semantically identical | John Baldwin | 2008-06-23 | 1 | -1/+0 |
* | The TrustedBSD MAC Framework named struct ipq instances 'ipq', which is the | Robert Watson | 2008-06-13 | 1 | -10/+10 |
* | Properly return the error from mls_subject_privileged() in the ifnet | Robert Watson | 2008-01-28 | 1 | -3/+1 |
* | Resort TrustedBSD MAC Framework policy entry point implementations and | Robert Watson | 2007-10-29 | 1 | -897/+904 |
* | Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework | Robert Watson | 2007-10-28 | 1 | -14/+0 |
* | Continue to move from generic network entry points in the TrustedBSD MAC | Robert Watson | 2007-10-28 | 1 | -13/+26 |
* | Move towards more explicit support for various network protocol stacks | Robert Watson | 2007-10-28 | 1 | -13/+49 |
* | Rename 'mac_mbuf_create_from_firewall' to 'mac_netinet_firewall_send' as | Robert Watson | 2007-10-26 | 1 | -4/+4 |
* | Normalize TCP syncache-related MAC Framework entry points to match most | Robert Watson | 2007-10-25 | 1 | -6/+6 |
* | Rename mac_associate_nfsd_label() to mac_proc_associate_nfsd(), and move | Robert Watson | 2007-10-25 | 1 | -12/+12 |
* | Consistently name functions for mac_<policy> as <policy>_whatever rather | Robert Watson | 2007-10-25 | 1 | -729/+720 |
* | Merge first in a series of TrustedBSD MAC Framework KPI changes | Robert Watson | 2007-10-24 | 1 | -293/+298 |
* | Canonicalize naming of local variables for struct ksem and associated | Robert Watson | 2007-10-21 | 1 | -9/+9 |
* | Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry | Robert Watson | 2007-09-10 | 1 | -25/+25 |
* | When checking labels during a vnode link operation in MLS, use the file | Robert Watson | 2007-07-23 | 1 | -1/+1 |
* | Rename mac*devfsdirent*() to mac*devfs*() to synchronize with SEDarwin, | Robert Watson | 2007-04-23 | 1 | -4/+5 |
* | Apply variable name normalization to MAC policies: adopt global conventions | Robert Watson | 2007-04-23 | 1 | -216/+213 |
* | In the MAC Framework implementation, file systems have two per-mountpoint | Robert Watson | 2007-04-22 | 1 | -12/+8 |
* | Allow MAC policy modules to control access to audit configuration system | Robert Watson | 2007-04-21 | 1 | -0/+40 |
* | Introduce accessor functions mac_label_get() and mac_label_set() to replace | Robert Watson | 2007-02-06 | 1 | -2/+2 |
* | Continue 7-CURRENT MAC Framework rearrangement and cleanup: | Robert Watson | 2007-02-06 | 1 | -1/+0 |
* | Move src/sys/sys/mac_policy.h, the kernel interface between the MAC | Robert Watson | 2006-12-22 | 1 | -2/+1 |
* | Teach the MAC policies which utilize mbuf labeling the new syncache | Christian S.J. Peron | 2006-12-13 | 1 | -0/+25 |
* | Merge posix4/* into normal kernel hierarchy. | Tom Rhodes | 2006-11-11 | 1 | -2/+1 |
* | Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point | Christian S.J. Peron | 2006-09-12 | 1 | -0/+12 |
* | Fix panic associated with file creation via RPC/NFS when the MLS policy | Christian S.J. Peron | 2006-08-26 | 1 | -0/+12 |
* | Add #include <sys/sx.h>, devfs is going to require this shortly. | Poul-Henning Kamp | 2005-09-19 | 1 | -0/+1 |
* | Remove mac_create_root_mount() and mpo_create_root_mount(), which | Robert Watson | 2005-09-19 | 1 | -14/+0 |
* | When devfs cloning takes place, provide access to the credential of the | Robert Watson | 2005-07-14 | 1 | -2/+2 |
* | Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is | Robert Watson | 2005-07-05 | 1 | -22/+0 |
* | Gratuitous renaming of four System V Semaphore MAC Framework entry | Robert Watson | 2005-06-07 | 1 | -6/+6 |
* | Introduce MAC Framework and MAC Policy entry points to label and control | Robert Watson | 2005-05-04 | 1 | -0/+59 |
* | Move MAC check_vnode_mmap entry point out from being exclusive to | Christian S.J. Peron | 2005-04-14 | 1 | -2/+3 |
* | Remove policy references to mpo_check_vnode_mprotect(), which is | Robert Watson | 2005-01-26 | 1 | -1/+0 |
* | Implement MLS confidentiality protection for System V IPC objects | Robert Watson | 2005-01-22 | 1 | -5/+391 |
* | Introduce SLOT_SET macro and use it in place of casts as lvalues. | Alexander Kabaev | 2004-07-28 | 1 | -3/+4 |
* | Rename Biba and MLS _single label elements to _effective, which more | Robert Watson | 2004-07-16 | 2 | -173/+173 |
* | Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on | Robert Watson | 2004-06-24 | 1 | -0/+1 |
* | Do the dreaded s/dev_t/struct cdev */ | Poul-Henning Kamp | 2004-06-16 | 1 | -1/+1 |
* | Update my personal copyrights and NETA copyrights in the kernel | Robert Watson | 2004-02-22 | 2 | -4/+4 |
* | Coalesce pipe allocations and frees. Previously, the pipe code | Robert Watson | 2004-02-01 | 1 | -8/+8 |
* | Switch TCP over to using the inpcb label when responding in timed | Robert Watson | 2003-12-17 | 1 | -0/+13 |
* | Rename mac_create_cred() MAC Framework entry point to mac_copy_cred(), | Robert Watson | 2003-12-06 | 1 | -13/+1 |