Document the following MAC policies:

o Biba: A data integrity policy
o BSD Extended: Support for the firewall-like access controls (ugidfw(8))
o MLS: Multi-level security, a confidentiality policy

(These files originally lived in src/share/man/man9)

Approved by:	re (blanket)
Sponsored by:	DARPA, Network Associates Labs
Obtained from:	TrustedBSD Project

5 files changed, 16 insertions, 13 deletions

diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
index 808acd1..1fe8ba3 100644
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -95,6 +95,9 @@ MAN=	aac.4 \
 	mem.4 \
 	mlx.4 \
 	mly.4 \
+	mac_biba.4 \
+	mac_bsdextended.4 \
+	mac_mls.4 \
 	mouse.4 \
 	mtio.4 \
 	natm.4 \
diff --git a/share/man/man9/mac_biba.9 b/share/man/man4/mac_biba.4
index b301bdf..3d2dc6f 100644
--- a/share/man/man9/mac_biba.9
+++ b/share/man/man4/mac_biba.4
@@ -31,7 +31,7 @@
 .\" $FreeBSD$
 .Dd NOVEMBER 18, 2002
 .Os
-.Dt MAC_BIBA 9
+.Dt MAC_BIBA 4
 .Sh NAME
 .Nm mac_biba
 .Nd Biba data integrity policy
@@ -149,7 +149,7 @@ In traditional trusted operating systems, the Biba integrity model is used
 to protect the Trusted Code Base (TCB).
 .Pp
 The Biba integrity model is similar to
-.Xr LOMAC 9 ,
+.Xr lomac 4 ,
 with the exception that LOMAC permits access by a higher integrity subject
 to a lower integrity object, but downgrades the integrity level of the subject
 to prevent integrity rules from being violated.
@@ -157,16 +157,16 @@ Biba is a fixed label policy in that all subject and object label changes are
 explicit, whereas LOMAC is a floating label policy.
 .Pp
 The Biba integrity model is also similar to
-.Xr mac_mls 9 ,
+.Xr mac_mls 4 ,
 with the exception that the dominance operator and access rules are reversed,
 preventing the downward flow of information rather than the upward flow of
 information.
 Multi-Level Security (MLS) protects the confentiality, rather than the
 integrity, of subjects and objects.
 .Sh SEE ALSO
-.Xr LOMAC 9 ,
-.Xr mac 9 ,
-.Xr mac_mls 9
+.Xr LOMAC 4 ,
+.Xr mac_mls 4 ,
+.Xr mac 9
 .Sh HISTORY
 The
 .Nm
diff --git a/share/man/man9/mac_bsdextended.9 b/share/man/man4/mac_bsdextended.4
index ec76d97..03bc34a 100644
--- a/share/man/man9/mac_bsdextended.9
+++ b/share/man/man4/mac_bsdextended.4
@@ -34,7 +34,7 @@
 .\" $FreeBSD$
 .Dd OCTOBER 16, 2002
 .Os
-.Dt MAC_BSDEXTENDED 9
+.Dt MAC_BSDEXTENDED 4
 .Sh NAME
 .Nm mac_bsdextended
 .Nd subject-object interaction rules policy
diff --git a/share/man/man9/mac_mls.9 b/share/man/man4/mac_mls.4
index 15ffba8..306070d 100644
--- a/share/man/man9/mac_mls.9
+++ b/share/man/man4/mac_mls.4
@@ -31,7 +31,7 @@
 .\" $FreeBSD$
 .Dd DECEMBER 1, 2002
 .Os
-.Dt MAC_MLS 9
+.Dt MAC_MLS 4
 .Sh NAME
 .Nm mac_mls
 .Nd Multi-Level Security confidentiality policy
@@ -119,7 +119,7 @@ accidental or malicious leaking of information, and subjects of lower
 clearance from observing subjects of higher clearance altogether.
 In traditional trusted operating systems, the MLS confidentiality model is
 used in concert with the Biba integrity model
-.Xr ( mac_biba 9 )
+.Xr ( mac_biba 4 )
 in order to protect the Trusted Code Base (TCB).
 .Ss Label Format
 Almost all system objects are tagged with a single, active label element,
@@ -167,14 +167,14 @@ the interface.
 Currently, the
 .Nm
 policy relies on superuser status
-.Xr ( suser_cred 9 )
+.Xr ( suser 9 )
 in order to change network interface MLS labels.
 This will eventually go away, but it is currently a liability and may
 allow the superuser to bypass MLS protections.
 .Sh SEE ALSO
 .Xr maclabel 7 ,
-.Xr mac 9 ,
-.Xr mac_biba 9
+.Xr mac_biba 4 ,
+.Xr mac 9
 .Sh HISTORY
 The
 .Nm
diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 8451c74..7abdb28 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -48,7 +48,7 @@ MAN=	BUF_LOCK.9 BUF_LOCKFREE.9 BUF_LOCKINIT.9 BUF_REFCNT.9 \
 	jumbo.9 \
 	kernacc.9 kobj.9 kthread.9 ktr.9 \
 	lock.9 \
-	mac.9 mac_biba.9 mac_bsdextended.9 mac_mls.9 \
+	mac.9 \
 	make_dev.9 malloc.9 mbchain.9 mbuf.9 mdchain.9 \
 	mi_switch.9 microseq.9 microtime.9 microuptime.9 \
 	module.9 mtx_pool.9 mutex.9 \