summaryrefslogtreecommitdiffstats
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* When returning early from audit_arg_file() due to so->so_pcb being NULLrwatson2007-01-061-2/+3
* Teach the stub policy about some of the more recent entry points that havecsjp2007-01-011-0/+57
* Remove conditional return of 1. For the MAC_STATIC case at this point incsjp2007-01-011-3/+0
* Only signal the CV indicating that the MAC Framework is available forrwatson2006-12-311-6/+23
* Slightly resort functions in file so that no forward function prototypesrwatson2006-12-291-49/+46
* Re-add include of opt_mac.h in mac_framework.c, which was improperlyrwatson2006-12-291-0/+2
* Remove two XXX comments that no longer apply.rwatson2006-12-291-5/+0
* Use p_cansee() to check that a target process for an audit staterwatson2006-12-291-3/+9
* Add a witness sleep warning to canon_path(), which invokes vput() and hencerwatson2006-12-292-3/+3
* Add missing include guards to mac_internal.h, update include guards inrwatson2006-12-282-3/+8
* Update a number of comments:rwatson2006-12-284-23/+22
* Remove XXX comments about EA transaction support and provide a morerwatson2006-12-281-6/+11
* Remove an inaccurate comment I added regarding storage for mbuf tagrwatson2006-12-281-7/+0
* In mac_inpcb_sosetlabel(), assert the socket lock rather than commentingrwatson2006-12-281-1/+1
* Centralize definition of MAC_VERSION in mac_policy.h, as it defines therwatson2006-12-283-6/+19
* Move mac_init_label() and mac_destroy_label() from mac_framework.c torwatson2006-12-282-29/+31
* Trim unneeded includes.rwatson2006-12-282-48/+0
* Break contents of kern_mac.c out into two files following a repo-copy:rwatson2006-12-282-1209/+0
* Update MAC Framework general comments, referencing various interfaces itrwatson2006-12-282-24/+80
* Re-wrap comments following de-indentation.rwatson2006-12-231-13/+11
* Move src/sys/sys/mac_policy.h, the kernel interface between the MACrwatson2006-12-2225-43/+25
* Minor style fixes.rwatson2006-12-214-20/+20
* Remove mac_enforce_subsystem debugging sysctls. Enforcement onrwatson2006-12-2114-397/+2
* Comment LABEL_TO_SLOT() macro, including observing that we'd like to improverwatson2006-12-201-0/+8
* Trim trailing white space, clean up comment line wrapping and formatting.rwatson2006-12-201-10/+21
* Trim trailing white space.rwatson2006-12-202-7/+7
* Document socket labeling model.rwatson2006-12-201-15/+27
* Clean up comment white space and line wrapping.rwatson2006-12-201-15/+14
* Additional comments regarding the interaction between the kernel privilegerwatson2006-12-201-0/+18
* Document that we could allocate the mbuf label as part of the tag ratherrwatson2006-12-201-8/+26
* Staticize and comment zone_label.rwatson2006-12-201-1/+7
* Clean up comments, trailing white space.rwatson2006-12-201-17/+27
* Re-wrap comment at 77 character columns.rwatson2006-12-201-7/+7
* Comment and white space cleanup.rwatson2006-12-201-15/+17
* Externalize local stack copy of the ifnet label, rather than the copy onrwatson2006-12-201-2/+2
* Expand commenting on label slots, justification for the MAC Framework lockingrwatson2006-12-202-108/+158
* Teach the MAC policies which utilize mbuf labeling the new syncachecsjp2006-12-133-0/+75
* Fix LOR between the syncache and inpcb locks when MAC is present in thecsjp2006-12-133-0/+68
* Merge posix4/* into normal kernel hierarchy.trhodes2006-11-115-10/+5
* Add stub entry point implementations of mpo_priv_check and mpo_priv_grant torwatson2006-11-061-0/+16
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-0611-21/+45
* Add a new priv(9) kernel interface for checking the availability ofrwatson2006-11-063-0/+100
* Change the type of ar_arg_sockaddr from struct sockaddr to structcsjp2006-11-062-3/+2
* Forward declare struct cdev, since arguments of this type are used inrwatson2006-10-301-0/+1
* Remove extra _MAC_ from #ifdef guard.rwatson2006-10-251-1/+1
* Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.hrwatson2006-10-2217-76/+32
* Do allow jailed superuser to override the port ACL.rwatson2006-10-101-1/+1
* Mark the audit system calls as being un-implemented in jails. Currently we docsjp2006-10-101-0/+19
* Add BSM conversion switch entries for a number of system calls, manyrwatson2006-10-031-7/+43
* Trim some no longer XXX comments.rwatson2006-10-021-22/+5
OpenPOWER on IntegriCloud