| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Rename MAC_MAX_POLICIES to MAC_MAX_SLOTS, since the variables and | rwatson | 2003-05-08 | 8 | -64/+64 |
| * | Clean up locking for the MAC Framework: | rwatson | 2003-05-07 | 8 | -624/+1440 |
| * | - Acquire the vm_object's lock when performing vm_object_page_clean(). | alc | 2003-04-24 | 8 | -0/+16 |
| * | Update NAI copyright to 2003, missed in earlier commits and merges. | rwatson | 2003-04-18 | 10 | -10/+10 |
| * | mac_init_mbuf_tag() accepts malloc flags, not mbuf allocator flags, so | rwatson | 2003-04-15 | 8 | -24/+16 |
| * | Move MAC label storage for mbufs into m_tags from the m_pkthdr structure, | rwatson | 2003-04-14 | 10 | -138/+952 |
| * | Abstract access to the mbuf header label behind a new function, | rwatson | 2003-04-14 | 8 | -200/+640 |
| * | Introduce an M_ASSERTPKTHDR() macro which performs the very common task | des | 2003-04-08 | 8 | -16/+16 |
| * | Modify the mac_init_ipq() MAC Framework entry point to accept an | rwatson | 2003-03-26 | 10 | -34/+98 |
| * | Garbage collect FREEBSD_MAC_EXTATTR_NAME and FREEBSD_MAC_EXTATTR_NAMESPACE, | rwatson | 2003-03-23 | 1 | -8/+0 |
| * | Instrument sysarch() MD privileged I/O access interfaces with a MAC | rwatson | 2003-03-06 | 10 | -0/+98 |
| * | Provide a mac_check_system_swapoff() entry point, which permits MAC | rwatson | 2003-03-05 | 10 | -0/+115 |
| * | Replace calls to WITNESS_SLEEP() and witness_list() with equivalent calls | jhb | 2003-03-04 | 8 | -16/+24 |
| * | Back out M_* changes, per decision of the TRB. | imp | 2003-02-19 | 8 | -272/+272 |
| * | Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. | alfred | 2003-01-21 | 8 | -272/+272 |
| * | Bow to the whining masses and change a union back into void *. Retain | dillon | 2003-01-13 | 8 | -32/+32 |
| * | Change struct file f_data to un_data, a union of the correct struct | dillon | 2003-01-12 | 8 | -32/+32 |
| * | SCARGS removal take II. | alfred | 2002-12-14 | 8 | -40/+40 |
| * | Backout removal SCARGS, the code freeze is only "selectively" over. | alfred | 2002-12-13 | 8 | -40/+40 |
| * | Remove SCARGS. | alfred | 2002-12-13 | 8 | -40/+40 |
| * | Remove dm_root entry from struct devfs_mount. It's never set, and is | rwatson | 2002-12-09 | 10 | -83/+104 |
| * | Un-staticize mac_cred_mmapped_drop_perms() so that it may be used | rwatson | 2002-11-26 | 9 | -8/+9 |
| * | Introduce p_label, extensible security label storage for the MAC framework | rwatson | 2002-11-20 | 10 | -8/+204 |
| * | Merge kld access control checks from the MAC tree: these access control | rwatson | 2002-11-19 | 10 | -0/+375 |
| * | Introduce a condition variable to avoid returning EBUSY when | rwatson | 2002-11-13 | 8 | -232/+416 |
| * | Garbage collect mac_create_devfs_vnode() -- it hasn't been used since | rwatson | 2002-11-12 | 10 | -60/+0 |
| * | Garbage collect definition of M_MACOPVEC -- we no longer perform a | rwatson | 2002-11-11 | 8 | -16/+0 |
| * | Add an explicit execlabel argument to exec-related MAC policy entry | rwatson | 2002-11-08 | 9 | -27/+36 |
| * | Bring in two sets of changes: | rwatson | 2002-11-05 | 10 | -55/+467 |
| * | Assert that appropriate vnodes are locked in mac_execve_will_transition(). | rwatson | 2002-11-05 | 8 | -0/+64 |
| * | Permit MAC policies to instrument the access control decisions for | rwatson | 2002-11-04 | 10 | -0/+253 |
| * | Remove mac_cache_fslabel_in_vnode sysctl -- with the new VFS/MAC | rwatson | 2002-11-04 | 8 | -48/+0 |
| * | License clarification and wording changes: NAI has approved removal of | rwatson | 2002-11-04 | 10 | -70/+40 |
| * | Introduce mac_check_system_settime(), a MAC check allowing policies to | rwatson | 2002-11-03 | 10 | -0/+106 |
| * | Add MAC checks for various kenv() operations: dump, get, set, unset, | rwatson | 2002-11-01 | 10 | -0/+425 |
| * | Move to C99 sparse structure initialization for the mac_policy_ops | rwatson | 2002-10-30 | 9 | -4819/+4 |
| * | While 'mode_t' seemed like a good idea for the access mode argument for | rwatson | 2002-10-30 | 10 | -28/+28 |
| * | Remove all reference to 'struct oldmac', since it's no longer required | rwatson | 2002-10-28 | 1 | -49/+2 |
| * | An inappropriate ASSERT slipped in during the recent merge of the | rwatson | 2002-10-28 | 8 | -16/+0 |
| * | Centrally manage enforcement of {reboot,swapon,sysctl} using the | rwatson | 2002-10-27 | 8 | -104/+72 |
| * | Implement mac_check_system_sysctl(), a MAC Framework entry point to | rwatson | 2002-10-27 | 10 | -0/+231 |
| * | Hook up mac_check_system_reboot(), a MAC Framework entry point that | rwatson | 2002-10-27 | 10 | -0/+187 |
| * | Merge from MAC tree: rename mac_check_vnode_swapon() to | rwatson | 2002-10-27 | 10 | -148/+148 |
| * | Slightly change the semantics of vnode labels for MAC: rather than | rwatson | 2002-10-26 | 10 | -3919/+752 |
| * | Comment describing the semantics of mac_late. | rwatson | 2002-10-25 | 8 | -8/+48 |
| * | Remove the mac_te policy bits from 'struct oldmac' -- we're not going | rwatson | 2002-10-22 | 1 | -6/+0 |
| * | Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies to | rwatson | 2002-10-22 | 10 | -0/+180 |
| * | Missed in previous merge: export sizeof(struct oldmac) rather than | rwatson | 2002-10-22 | 8 | -8/+8 |
| * | Support the new MAC user API in kernel: modify existing system calls | rwatson | 2002-10-22 | 8 | -1352/+7336 |
| * | Revised APIs for user process label management; the existing APIs relied | rwatson | 2002-10-22 | 2 | -97/+108 |
