| Commit message (Expand) | Author | Age | Files | Lines |
* | Introduce accessor functions mac_label_get() and mac_label_set() to replace | rwatson | 2007-02-06 | 4 | -10/+46 |
* | Continue 7-CURRENT MAC Framework rearrangement and cleanup: | rwatson | 2007-02-06 | 11 | -9/+10 |
* | Remove conditional return of 1. For the MAC_STATIC case at this point in | csjp | 2007-01-01 | 1 | -3/+0 |
* | Only signal the CV indicating that the MAC Framework is available for | rwatson | 2006-12-31 | 1 | -6/+23 |
* | Slightly resort functions in file so that no forward function prototypes | rwatson | 2006-12-29 | 1 | -49/+46 |
* | Re-add include of opt_mac.h in mac_framework.c, which was improperly | rwatson | 2006-12-29 | 1 | -0/+2 |
* | Add missing include guards to mac_internal.h, update include guards in | rwatson | 2006-12-28 | 2 | -3/+8 |
* | Remove XXX comments about EA transaction support and provide a more | rwatson | 2006-12-28 | 1 | -6/+11 |
* | Remove an inaccurate comment I added regarding storage for mbuf tag | rwatson | 2006-12-28 | 1 | -7/+0 |
* | In mac_inpcb_sosetlabel(), assert the socket lock rather than commenting | rwatson | 2006-12-28 | 1 | -1/+1 |
* | Centralize definition of MAC_VERSION in mac_policy.h, as it defines the | rwatson | 2006-12-28 | 3 | -6/+19 |
* | Move mac_init_label() and mac_destroy_label() from mac_framework.c to | rwatson | 2006-12-28 | 2 | -29/+31 |
* | Trim unneeded includes. | rwatson | 2006-12-28 | 2 | -48/+0 |
* | Break contents of kern_mac.c out into two files following a repo-copy: | rwatson | 2006-12-28 | 2 | -1209/+0 |
* | Update MAC Framework general comments, referencing various interfaces it | rwatson | 2006-12-28 | 2 | -24/+80 |
* | Re-wrap comments following de-indentation. | rwatson | 2006-12-23 | 1 | -13/+11 |
* | Move src/sys/sys/mac_policy.h, the kernel interface between the MAC | rwatson | 2006-12-22 | 14 | -27/+14 |
* | Minor style fixes. | rwatson | 2006-12-21 | 4 | -20/+20 |
* | Remove mac_enforce_subsystem debugging sysctls. Enforcement on | rwatson | 2006-12-21 | 14 | -397/+2 |
* | Comment LABEL_TO_SLOT() macro, including observing that we'd like to improve | rwatson | 2006-12-20 | 1 | -0/+8 |
* | Trim trailing white space, clean up comment line wrapping and formatting. | rwatson | 2006-12-20 | 1 | -10/+21 |
* | Trim trailing white space. | rwatson | 2006-12-20 | 2 | -7/+7 |
* | Document socket labeling model. | rwatson | 2006-12-20 | 1 | -15/+27 |
* | Clean up comment white space and line wrapping. | rwatson | 2006-12-20 | 1 | -15/+14 |
* | Additional comments regarding the interaction between the kernel privilege | rwatson | 2006-12-20 | 1 | -0/+18 |
* | Document that we could allocate the mbuf label as part of the tag rather | rwatson | 2006-12-20 | 1 | -8/+26 |
* | Staticize and comment zone_label. | rwatson | 2006-12-20 | 1 | -1/+7 |
* | Clean up comments, trailing white space. | rwatson | 2006-12-20 | 1 | -17/+27 |
* | Re-wrap comment at 77 character columns. | rwatson | 2006-12-20 | 1 | -7/+7 |
* | Comment and white space cleanup. | rwatson | 2006-12-20 | 1 | -15/+17 |
* | Externalize local stack copy of the ifnet label, rather than the copy on | rwatson | 2006-12-20 | 1 | -2/+2 |
* | Expand commenting on label slots, justification for the MAC Framework locking | rwatson | 2006-12-20 | 2 | -108/+158 |
* | Fix LOR between the syncache and inpcb locks when MAC is present in the | csjp | 2006-12-13 | 3 | -0/+68 |
* | Merge posix4/* into normal kernel hierarchy. | trhodes | 2006-11-11 | 1 | -2/+1 |
* | Sweep kernel replacing suser(9) calls with priv(9) calls, assigning | rwatson | 2006-11-06 | 3 | -4/+15 |
* | Add a new priv(9) kernel interface for checking the availability of | rwatson | 2006-11-06 | 3 | -0/+100 |
* | Forward declare struct cdev, since arguments of this type are used in | rwatson | 2006-10-30 | 1 | -0/+1 |
* | Remove extra _MAC_ from #ifdef guard. | rwatson | 2006-10-25 | 1 | -1/+1 |
* | Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h | rwatson | 2006-10-22 | 16 | -75/+31 |
* | Remove MAC_DEBUG label counters, which were used to debug leaks and | rwatson | 2006-09-20 | 13 | -161/+0 |
* | Declare security and security.bsd sysctl hierarchies in sysctl.h along | rwatson | 2006-09-17 | 1 | -1/+0 |
* | Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point | csjp | 2006-09-12 | 3 | -0/+14 |
* | Add struct msg to the forwarded declared data structures in mac_policy.h. | rwatson | 2006-09-09 | 1 | -0/+1 |
* | Make mpo_associate_nfsd_label() return void, not int, to match | rwatson | 2006-08-06 | 1 | -1/+1 |
* | Remove the NDEVFSINO and NDEVFSOVERFLOW options which no longer exists in | phk | 2006-07-17 | 3 | -3/+0 |
* | Reconstitute struct mac_policy_ops by breaking out individual function | rwatson | 2006-04-26 | 1 | -296/+575 |
* | Introduce a new MAC entry point for label initialization of the NFS daemon's | csjp | 2006-04-06 | 3 | -0/+9 |
* | Don't call vn_finished_write() if vn_start_write() failed. | tegge | 2006-03-19 | 2 | -8/+12 |
* | Eliminate a deadlock when creating snapshots. Blocking vn_start_write() must | tegge | 2006-03-02 | 1 | -0/+3 |
* | Lock object while we iterate through it's backing objects. | csjp | 2005-10-09 | 1 | -6/+7 |