| Commit message (Expand) | Author | Age | Files | Lines |
* | Gratuitous renaming of four System V Semaphore MAC Framework entry | rwatson | 2005-06-07 | 1 | -4/+4 |
* | Introduce MAC Framework and MAC Policy entry points to label and control | rwatson | 2005-05-04 | 1 | -0/+21 |
* | Introduce p_canwait() and MAC Framework and MAC Policy entry points | rwatson | 2005-04-18 | 1 | -0/+2 |
* | Introduce three additional MAC Framework and MAC Policy entry points to | rwatson | 2005-04-16 | 1 | -1/+7 |
* | Introduce new MAC Framework and MAC Policy entry points to control the use | rwatson | 2005-04-16 | 1 | -0/+14 |
* | Move MAC check_vnode_mmap entry point out from being exclusive to | csjp | 2005-04-14 | 1 | -1/+1 |
* | Define new MAC framework and policy entry points for System V IPC | rwatson | 2004-11-17 | 1 | -1/+65 |
* | Bump MAC Framework version to 2 in preparation for the upcoming API/ABI | rwatson | 2004-11-09 | 1 | -1/+1 |
* | Expand comments on various sections of the MAC Framework Policy API, | rwatson | 2004-10-22 | 1 | -4/+15 |
* | Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on | rwatson | 2004-06-24 | 1 | -0/+2 |
* | Do the dreaded s/dev_t/struct cdev */ | phk | 2004-06-16 | 1 | -1/+1 |
* | Improve consistency of include file guards in src/sys/sys by terminating | rwatson | 2004-05-10 | 1 | -3/+3 |
* | Forward declare struct proc, struct sockaddr, and struct thread, which | rwatson | 2004-02-26 | 1 | -0/+3 |
* | Forward declare struct bpf_d, struct ifnet, struct image_params, and | rwatson | 2004-02-26 | 1 | -1/+5 |
* | Reimplement sysctls handling by MAC framework. | pjd | 2004-02-22 | 1 | -3/+5 |
* | Update my personal copyrights and NETA copyrights in the kernel | rwatson | 2004-02-22 | 1 | -2/+2 |
* | Coalesce pipe allocations and frees. Previously, the pipe code | rwatson | 2004-02-01 | 1 | -14/+15 |
* | Switch TCP over to using the inpcb label when responding in timed | rwatson | 2003-12-17 | 1 | -0/+3 |
* | Rename mac_create_cred() MAC Framework entry point to mac_copy_cred(), | rwatson | 2003-12-06 | 1 | -2/+2 |
* | Introduce a MAC label reference in 'struct inpcb', which caches | rwatson | 2003-11-18 | 1 | -0/+12 |
* | Implement sockets support for __mac_get_fd() and __mac_set_fd() | rwatson | 2003-11-16 | 1 | -0/+2 |
* | Introduce two new MAC Framework and MAC policy entry points: | rwatson | 2003-08-21 | 1 | -0/+3 |
* | Add mac_check_vnode_deleteextattr() and mac_check_vnode_listextattr(): | rwatson | 2003-08-21 | 1 | -0/+5 |
* | Redesign the externalization APIs from the MAC Framework to | rwatson | 2003-06-23 | 1 | -12/+7 |
* | Forward declare a boatload of structures referenced in the MAC | rwatson | 2003-06-22 | 1 | -0/+12 |
* | Update NAI copyright to 2003, missed in earlier commits and merges. | rwatson | 2003-04-18 | 1 | -1/+1 |
* | Move MAC label storage for mbufs into m_tags from the m_pkthdr structure, | rwatson | 2003-04-14 | 1 | -0/+3 |
* | Modify the mac_init_ipq() MAC Framework entry point to accept an | rwatson | 2003-03-26 | 1 | -1/+1 |
* | Instrument sysarch() MD privileged I/O access interfaces with a MAC | rwatson | 2003-03-06 | 1 | -0/+1 |
* | Provide a mac_check_system_swapoff() entry point, which permits MAC | rwatson | 2003-03-05 | 1 | -0/+2 |
* | Remove dm_root entry from struct devfs_mount. It's never set, and is | rwatson | 2002-12-09 | 1 | -6/+9 |
* | Introduce p_label, extensible security label storage for the MAC framework | rwatson | 2002-11-20 | 1 | -0/+2 |
* | Merge kld access control checks from the MAC tree: these access control | rwatson | 2002-11-19 | 1 | -0/+4 |
* | Garbage collect mac_create_devfs_vnode() -- it hasn't been used since | rwatson | 2002-11-12 | 1 | -3/+0 |
* | Add an explicit execlabel argument to exec-related MAC policy entry | rwatson | 2002-11-08 | 1 | -3/+4 |
* | Bring in two sets of changes: | rwatson | 2002-11-05 | 1 | -3/+7 |
* | Permit MAC policies to instrument the access control decisions for | rwatson | 2002-11-04 | 1 | -0/+3 |
* | License clarification and wording changes: NAI has approved removal of | rwatson | 2002-11-04 | 1 | -7/+4 |
* | Introduce mac_check_system_settime(), a MAC check allowing policies to | rwatson | 2002-11-03 | 1 | -0/+1 |
* | Add MAC checks for various kenv() operations: dump, get, set, unset, | rwatson | 2002-11-01 | 1 | -0/+5 |
* | Move to C99 sparse structure initialization for the mac_policy_ops | rwatson | 2002-10-30 | 1 | -155/+4 |
* | While 'mode_t' seemed like a good idea for the access mode argument for | rwatson | 2002-10-30 | 1 | -2/+2 |
* | Implement mac_check_system_sysctl(), a MAC Framework entry point to | rwatson | 2002-10-27 | 1 | -0/+4 |
* | Hook up mac_check_system_reboot(), a MAC Framework entry point that | rwatson | 2002-10-27 | 1 | -0/+2 |
* | Merge from MAC tree: rename mac_check_vnode_swapon() to | rwatson | 2002-10-27 | 1 | -3/+3 |
* | Slightly change the semantics of vnode labels for MAC: rather than | rwatson | 2002-10-26 | 1 | -24/+23 |
* | Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies to | rwatson | 2002-10-22 | 1 | -0/+3 |
* | Revised APIs for user process label management; the existing APIs relied | rwatson | 2002-10-22 | 1 | -10/+49 |
* | Integrate mac_check_socket_send() and mac_check_socket_receive() | rwatson | 2002-10-06 | 1 | -0/+6 |
* | Sync from MAC tree: break out the single mmap entry point into | rwatson | 2002-10-06 | 1 | -3/+9 |