| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Add one further check with mac_policy_count to an mbuf copying case | rwatson | 2009-06-03 | 1 | -0/+3 |
| * | Continue work to optimize performance of "options MAC" when no MAC policy | rwatson | 2009-06-03 | 1 | -0/+15 |
| * | Rename MAC Framework-internal macros used to invoke policy entry points: | rwatson | 2009-05-01 | 1 | -22/+24 |
| * | Rework MAC Framework synchronization in a number of ways in order to | rwatson | 2009-03-14 | 1 | -16/+23 |
| * | Add static DTrace probes for MAC Framework access control checks and | rwatson | 2009-03-08 | 1 | -1/+14 |
| * | Introduce two related changes to the TrustedBSD MAC Framework: | rwatson | 2008-08-23 | 1 | -23/+34 |
| * | Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework | rwatson | 2007-10-28 | 1 | -15/+0 |
| * | Continue to move from generic network entry points in the TrustedBSD MAC | rwatson | 2007-10-28 | 1 | -11/+0 |
| * | Move towards more explicit support for various network protocol stacks | rwatson | 2007-10-28 | 1 | -15/+1 |
| * | Rename 'mac_mbuf_create_from_firewall' to 'mac_netinet_firewall_send' as | rwatson | 2007-10-26 | 1 | -2/+2 |
| * | Merge first in a series of TrustedBSD MAC Framework KPI changes | rwatson | 2007-10-24 | 1 | -48/+52 |
| * | Normalize variable naming in the MAC Framework by adopting the normal | rwatson | 2007-04-22 | 1 | -71/+63 |
| * | Remove an inaccurate comment I added regarding storage for mbuf tag | rwatson | 2006-12-28 | 1 | -7/+0 |
| * | Move src/sys/sys/mac_policy.h, the kernel interface between the MAC | rwatson | 2006-12-22 | 1 | -2/+1 |
| * | Remove mac_enforce_subsystem debugging sysctls. Enforcement on | rwatson | 2006-12-21 | 1 | -15/+0 |
| * | Document that we could allocate the mbuf label as part of the tag rather | rwatson | 2006-12-20 | 1 | -8/+26 |
| * | Externalize local stack copy of the ifnet label, rather than the copy on | rwatson | 2006-12-20 | 1 | -2/+2 |
| * | Sweep kernel replacing suser(9) calls with priv(9) calls, assigning | rwatson | 2006-11-06 | 1 | -4/+5 |
| * | Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h | rwatson | 2006-10-22 | 1 | -0/+1 |
| * | Remove MAC_DEBUG label counters, which were used to debug leaks and | rwatson | 2006-09-20 | 1 | -18/+0 |
| * | Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is | rwatson | 2005-07-05 | 1 | -12/+11 |
| * | Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on | rwatson | 2004-06-24 | 1 | -0/+38 |
| * | If the mbuf pointer passed to mac_mbuf_to_label() is NULL, or the tag | rwatson | 2004-05-03 | 1 | -1/+4 |
| * | Define BPFD_LOCK_ASSERT() to assert the BPF descriptor lock. | rwatson | 2004-02-29 | 1 | -0/+4 |
| * | Move inet and inet6 related MAC Framework entry points from mac_net.c | rwatson | 2004-02-26 | 1 | -654/+23 |
| * | Update my personal copyrights and NETA copyrights in the kernel | rwatson | 2004-02-22 | 1 | -2/+2 |
| * | Switch TCP over to using the inpcb label when responding in timed | rwatson | 2003-12-17 | 1 | -0/+11 |
| * | Introduce a MAC label reference in 'struct inpcb', which caches | rwatson | 2003-11-18 | 1 | -1/+96 |
| * | Implement sockets support for __mac_get_fd() and __mac_set_fd() | rwatson | 2003-11-16 | 1 | -7/+11 |
| * | Abstract the label checking and setting logic from | rwatson | 2003-11-16 | 1 | -13/+21 |
| * | Reduce gratuitous redundancy and length in function names: | rwatson | 2003-11-16 | 1 | -5/+3 |
| * | Whitespace fix. | rwatson | 2003-11-16 | 1 | -2/+2 |
| * | Modify the MAC Framework so that instead of embedding a (struct label) | rwatson | 2003-11-12 | 1 | -104/+155 |
| * | When allocation of a socket peer label fails, scrub what was | rwatson | 2003-11-07 | 1 | -1/+1 |
| * | Remove the flags argument from mac_externalize_*_label(), as it's not | rwatson | 2003-11-06 | 1 | -6/+6 |
| * | Make MAC_EXTERNALIZE() and MAC_INTERNALIZE() simply take the object | rwatson | 2003-10-25 | 1 | -5/+5 |
| * | Remove non-network related contents from mac_net.c. Leave: | rwatson | 2003-10-22 | 1 | -3027/+3 |
| * | If the struct mac copied into the kernel has a negative length, return | rwatson | 2003-09-29 | 1 | -1/+2 |
| * | Fix a mac_policy_list reference to be a mac_static_policy_list | rwatson | 2003-08-26 | 1 | -1/+1 |
| * | Introduce two new MAC Framework and MAC policy entry points: | rwatson | 2003-08-21 | 1 | -0/+19 |
| * | Add mac_check_vnode_deleteextattr() and mac_check_vnode_listextattr(): | rwatson | 2003-08-21 | 1 | -0/+32 |
| * | Remove about 40 lines of #ifdef/#endif by using new macros | rwatson | 2003-08-20 | 1 | -70/+31 |
| * | Attempt to simplify #ifdef logic for MAC_ALWAYS_LABEL_MBUF. | rwatson | 2003-08-01 | 1 | -28/+18 |
| * | Redesign the externalization APIs from the MAC Framework to | rwatson | 2003-06-23 | 1 | -40/+20 |
| * | Add a f_vnode field to struct file. | phk | 2003-06-22 | 1 | -2/+2 |
| * | Use __FBSDID(). | obrien | 2003-06-11 | 1 | -4/+4 |
| * | Rename MAC_MAX_POLICIES to MAC_MAX_SLOTS, since the variables and | rwatson | 2003-05-08 | 1 | -8/+8 |
| * | Clean up locking for the MAC Framework: | rwatson | 2003-05-07 | 1 | -78/+180 |
| * | - Acquire the vm_object's lock when performing vm_object_page_clean(). | alc | 2003-04-24 | 1 | -0/+2 |
| * | Update NAI copyright to 2003, missed in earlier commits and merges. | rwatson | 2003-04-18 | 1 | -1/+1 |
