| Commit message (Expand) | Author | Age | Files | Lines |
* | When returning early from audit_arg_file() due to so->so_pcb being NULL | rwatson | 2007-01-06 | 1 | -2/+3 |
* | Teach the stub policy about some of the more recent entry points that have | csjp | 2007-01-01 | 1 | -0/+57 |
* | Remove conditional return of 1. For the MAC_STATIC case at this point in | csjp | 2007-01-01 | 1 | -3/+0 |
* | Only signal the CV indicating that the MAC Framework is available for | rwatson | 2006-12-31 | 1 | -6/+23 |
* | Slightly resort functions in file so that no forward function prototypes | rwatson | 2006-12-29 | 1 | -49/+46 |
* | Re-add include of opt_mac.h in mac_framework.c, which was improperly | rwatson | 2006-12-29 | 1 | -0/+2 |
* | Remove two XXX comments that no longer apply. | rwatson | 2006-12-29 | 1 | -5/+0 |
* | Use p_cansee() to check that a target process for an audit state | rwatson | 2006-12-29 | 1 | -3/+9 |
* | Add a witness sleep warning to canon_path(), which invokes vput() and hence | rwatson | 2006-12-29 | 2 | -3/+3 |
* | Add missing include guards to mac_internal.h, update include guards in | rwatson | 2006-12-28 | 2 | -3/+8 |
* | Update a number of comments: | rwatson | 2006-12-28 | 4 | -23/+22 |
* | Remove XXX comments about EA transaction support and provide a more | rwatson | 2006-12-28 | 1 | -6/+11 |
* | Remove an inaccurate comment I added regarding storage for mbuf tag | rwatson | 2006-12-28 | 1 | -7/+0 |
* | In mac_inpcb_sosetlabel(), assert the socket lock rather than commenting | rwatson | 2006-12-28 | 1 | -1/+1 |
* | Centralize definition of MAC_VERSION in mac_policy.h, as it defines the | rwatson | 2006-12-28 | 3 | -6/+19 |
* | Move mac_init_label() and mac_destroy_label() from mac_framework.c to | rwatson | 2006-12-28 | 2 | -29/+31 |
* | Trim unneeded includes. | rwatson | 2006-12-28 | 2 | -48/+0 |
* | Break contents of kern_mac.c out into two files following a repo-copy: | rwatson | 2006-12-28 | 2 | -1209/+0 |
* | Update MAC Framework general comments, referencing various interfaces it | rwatson | 2006-12-28 | 2 | -24/+80 |
* | Re-wrap comments following de-indentation. | rwatson | 2006-12-23 | 1 | -13/+11 |
* | Move src/sys/sys/mac_policy.h, the kernel interface between the MAC | rwatson | 2006-12-22 | 25 | -43/+25 |
* | Minor style fixes. | rwatson | 2006-12-21 | 4 | -20/+20 |
* | Remove mac_enforce_subsystem debugging sysctls. Enforcement on | rwatson | 2006-12-21 | 14 | -397/+2 |
* | Comment LABEL_TO_SLOT() macro, including observing that we'd like to improve | rwatson | 2006-12-20 | 1 | -0/+8 |
* | Trim trailing white space, clean up comment line wrapping and formatting. | rwatson | 2006-12-20 | 1 | -10/+21 |
* | Trim trailing white space. | rwatson | 2006-12-20 | 2 | -7/+7 |
* | Document socket labeling model. | rwatson | 2006-12-20 | 1 | -15/+27 |
* | Clean up comment white space and line wrapping. | rwatson | 2006-12-20 | 1 | -15/+14 |
* | Additional comments regarding the interaction between the kernel privilege | rwatson | 2006-12-20 | 1 | -0/+18 |
* | Document that we could allocate the mbuf label as part of the tag rather | rwatson | 2006-12-20 | 1 | -8/+26 |
* | Staticize and comment zone_label. | rwatson | 2006-12-20 | 1 | -1/+7 |
* | Clean up comments, trailing white space. | rwatson | 2006-12-20 | 1 | -17/+27 |
* | Re-wrap comment at 77 character columns. | rwatson | 2006-12-20 | 1 | -7/+7 |
* | Comment and white space cleanup. | rwatson | 2006-12-20 | 1 | -15/+17 |
* | Externalize local stack copy of the ifnet label, rather than the copy on | rwatson | 2006-12-20 | 1 | -2/+2 |
* | Expand commenting on label slots, justification for the MAC Framework locking | rwatson | 2006-12-20 | 2 | -108/+158 |
* | Teach the MAC policies which utilize mbuf labeling the new syncache | csjp | 2006-12-13 | 3 | -0/+75 |
* | Fix LOR between the syncache and inpcb locks when MAC is present in the | csjp | 2006-12-13 | 3 | -0/+68 |
* | Merge posix4/* into normal kernel hierarchy. | trhodes | 2006-11-11 | 5 | -10/+5 |
* | Add stub entry point implementations of mpo_priv_check and mpo_priv_grant to | rwatson | 2006-11-06 | 1 | -0/+16 |
* | Sweep kernel replacing suser(9) calls with priv(9) calls, assigning | rwatson | 2006-11-06 | 11 | -21/+45 |
* | Add a new priv(9) kernel interface for checking the availability of | rwatson | 2006-11-06 | 3 | -0/+100 |
* | Change the type of ar_arg_sockaddr from struct sockaddr to struct | csjp | 2006-11-06 | 2 | -3/+2 |
* | Forward declare struct cdev, since arguments of this type are used in | rwatson | 2006-10-30 | 1 | -0/+1 |
* | Remove extra _MAC_ from #ifdef guard. | rwatson | 2006-10-25 | 1 | -1/+1 |
* | Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h | rwatson | 2006-10-22 | 17 | -76/+32 |
* | Do allow jailed superuser to override the port ACL. | rwatson | 2006-10-10 | 1 | -1/+1 |
* | Mark the audit system calls as being un-implemented in jails. Currently we do | csjp | 2006-10-10 | 1 | -0/+19 |
* | Add BSM conversion switch entries for a number of system calls, many | rwatson | 2006-10-03 | 1 | -7/+43 |
* | Trim some no longer XXX comments. | rwatson | 2006-10-02 | 1 | -22/+5 |