| Commit message (Expand) | Author | Age | Files | Lines |
* | Continue work to optimize performance of "options MAC" when no MAC policy | rwatson | 2009-06-03 | 1 | -4/+44 |
* | Remove 'uio' argument from MAC Framework and MAC policy entry points for | rwatson | 2009-03-08 | 1 | -4/+2 |
* | Improve the consistency of MAC Framework and MAC policy entry point | rwatson | 2009-03-08 | 1 | -149/+152 |
* | Rather than having MAC policies explicitly declare what object types | rwatson | 2009-01-10 | 1 | -22/+1 |
* | Use MPC_OBJECT_IP6Q to indicate labeling of struct ip6q rather than | rwatson | 2009-01-10 | 1 | -0/+1 |
* | Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary | trasz | 2008-10-28 | 1 | -2/+2 |
* | Rename three MAC entry points from _proc_ to _cred_ to reflect the fact | rwatson | 2008-10-28 | 1 | -20/+20 |
* | Implement MAC policy support for IPv6 fragment reassembly queues, | rwatson | 2008-10-26 | 1 | -1/+79 |
* | Add a mac_inpcb_check_visible implementation to all MAC policies | bz | 2008-10-17 | 1 | -0/+14 |
* | Introduce two related changes to the TrustedBSD MAC Framework: | rwatson | 2008-08-23 | 1 | -1/+22 |
* | Rework the lifetime management of the kernel implementation of POSIX | jhb | 2008-06-27 | 1 | -9/+26 |
* | Add missing counter increments for posix shm checks. | jhb | 2008-06-26 | 1 | -0/+5 |
* | Remove the posixsem_check_destroy() MAC check. It is semantically identical | jhb | 2008-06-23 | 1 | -14/+0 |
* | The TrustedBSD MAC Framework named struct ipq instances 'ipq', which is the | rwatson | 2008-06-13 | 1 | -9/+9 |
* | Add a new file descriptor type for IPC shared memory objects and use it to | jhb | 2008-01-08 | 1 | -0/+96 |
* | Add a new 'why' argument to kdb_enter(), and a set of constants to use | rwatson | 2007-12-25 | 1 | -1/+1 |
* | Implement per-object type consistency checks for labels passed to | rwatson | 2007-10-30 | 1 | -20/+65 |
* | Canonicalize names of local variables. | rwatson | 2007-10-29 | 1 | -66/+66 |
* | Resort TrustedBSD MAC Framework policy entry point implementations and | rwatson | 2007-10-29 | 1 | -1243/+1256 |
* | Add missing mac_test labeling and sleep checks for the syncache. | rwatson | 2007-10-28 | 1 | -0/+48 |
* | Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework | rwatson | 2007-10-28 | 1 | -14/+0 |
* | Continue to move from generic network entry points in the TrustedBSD MAC | rwatson | 2007-10-28 | 1 | -15/+14 |
* | Move towards more explicit support for various network protocol stacks | rwatson | 2007-10-28 | 1 | -12/+48 |
* | Perform explicit label type checks for externalize entry points, rather than | rwatson | 2007-10-28 | 1 | -10/+70 |
* | Give each posixsem MAC Framework entry point its own counter and test case | rwatson | 2007-10-27 | 1 | -9/+74 |
* | Rename 'mac_mbuf_create_from_firewall' to 'mac_netinet_firewall_send' as | rwatson | 2007-10-26 | 1 | -4/+4 |
* | Consistently name functions for mac_<policy> as <policy>_whatever rather | rwatson | 2007-10-25 | 1 | -414/+414 |
* | Further MAC Framework cleanup: normalize some local variable names and | rwatson | 2007-10-25 | 1 | -18/+18 |
* | Merge first in a series of TrustedBSD MAC Framework KPI changes | rwatson | 2007-10-24 | 1 | -797/+802 |
* | Canonicalize naming of local variables for struct ksem and associated | rwatson | 2007-10-21 | 1 | -6/+6 |
* | Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry | rwatson | 2007-09-10 | 1 | -16/+16 |
* | Add a new MAC framework and policy entry point, | rwatson | 2007-06-26 | 1 | -0/+13 |
* | Rename mac*devfsdirent*() to mac*devfs*() to synchronize with SEDarwin, | rwatson | 2007-04-23 | 1 | -14/+13 |
* | Apply variable name normalization to MAC policies: adopt global conventions | rwatson | 2007-04-23 | 1 | -151/+153 |
* | In the MAC Framework implementation, file systems have two per-mountpoint | rwatson | 2007-04-22 | 1 | -30/+9 |
* | Remove MAC Framework access control check entry points made redundant with | rwatson | 2007-04-22 | 1 | -36/+0 |
* | Further MAC test policy cleanup and enhancement: | rwatson | 2007-04-22 | 1 | -141/+478 |
* | Perform overdue clean up mac_test policy: | rwatson | 2007-04-22 | 1 | -719/+476 |
* | Allow MAC policy modules to control access to audit configuration system | rwatson | 2007-04-21 | 1 | -3/+60 |
* | More unnecessary include reduction. | rwatson | 2007-02-23 | 1 | -12/+4 |
* | Remove empty entry point functions (init, destroy, syscall) from | rwatson | 2007-02-23 | 1 | -25/+0 |
* | Introduce accessor functions mac_label_get() and mac_label_set() to replace | rwatson | 2007-02-06 | 1 | -40/+41 |
* | Continue 7-CURRENT MAC Framework rearrangement and cleanup: | rwatson | 2007-02-06 | 1 | -1/+0 |
* | Move src/sys/sys/mac_policy.h, the kernel interface between the MAC | rwatson | 2006-12-22 | 1 | -1/+1 |
* | Merge posix4/* into normal kernel hierarchy. | trhodes | 2006-11-11 | 1 | -2/+1 |
* | Add #include <sys/sx.h>, devfs is going to require this shortly. | phk | 2005-09-19 | 1 | -0/+1 |
* | Remove mac_create_root_mount() and mpo_create_root_mount(), which | rwatson | 2005-09-19 | 1 | -11/+0 |
* | When devfs cloning takes place, provide access to the credential of the | rwatson | 2005-07-14 | 1 | -2/+5 |
* | Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is | rwatson | 2005-07-05 | 1 | -11/+0 |
* | Gratuitous renaming of four System V Semaphore MAC Framework entry | rwatson | 2005-06-07 | 1 | -18/+18 |