| Commit message (Expand) | Author | Age | Files | Lines |
* | Exempt the superuser from mac_seeotheruids checks. | rwatson | 2005-01-03 | 1 | -0/+3 |
* | Add a new sysctl/tunable to mac_portacl: | rwatson | 2004-12-08 | 1 | -0/+23 |
* | Switch from using an sx lock to a mutex for the mac_portacl rule chain: | rwatson | 2004-12-06 | 1 | -26/+19 |
* | Implement MAC entry points relating to System V IPC, calling into the | rwatson | 2004-11-17 | 3 | -0/+592 |
* | Define new MAC framework and policy entry points for System V IPC | rwatson | 2004-11-17 | 2 | -1/+129 |
* | Bump MAC Framework version to 2 in preparation for the upcoming API/ABI | rwatson | 2004-11-09 | 3 | -3/+3 |
* | Disable use of synchronization early in the boot by the MAC Framework; | rwatson | 2004-10-30 | 2 | -0/+42 |
* | /%x/%s/ -- mismerged DEBUGGER() printf() format stirng from the | rwatson | 2004-10-23 | 1 | -1/+1 |
* | Expand comments on various sections of the MAC Framework Policy API, | rwatson | 2004-10-22 | 1 | -4/+15 |
* | Replace direct reference to kdb_enter() with a DEBUGGER() macro that | rwatson | 2004-10-22 | 1 | -28/+34 |
* | Minor white space synchronization and line wrapping. | rwatson | 2004-10-22 | 2 | -1/+3 |
* | In the MAC label zone destructor, assert that the label is only | rwatson | 2004-10-22 | 1 | -1/+3 |
* | Remove extern declaration of mac_enforce_sysv, as it's not present in | rwatson | 2004-10-22 | 1 | -1/+0 |
* | Bump copyright dates for NETA on these files. | rwatson | 2004-10-21 | 2 | -2/+2 |
* | Modify mac_bsdextended policy so that it defines its own vnode access | rwatson | 2004-10-21 | 2 | -33/+74 |
* | Remove the debugging tunable, it was not being used. | trhodes | 2004-09-10 | 1 | -10/+1 |
* | Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIV | trhodes | 2004-08-21 | 1 | -5/+19 |
* | Give the mac_bsdextended(4) policy the ability to match and apply on a first | trhodes | 2004-08-21 | 1 | -2/+21 |
* | * Add a "how" argument to uma_zone constructors and initialization functions | green | 2004-08-02 | 1 | -3/+4 |
* | Introduce SLOT_SET macro and use it in place of casts as lvalues. | kan | 2004-07-28 | 3 | -12/+16 |
* | Allow an effective uid of root to bypass mac_bsdextended rules; the MAC | rwatson | 2004-07-23 | 1 | -0/+3 |
* | Rename Biba and MLS _single label elements to _effective, which more | rwatson | 2004-07-16 | 4 | -353/+353 |
* | Do a pass over all modules in the kernel and make them return EOPNOTSUPP | phk | 2004-07-15 | 2 | -0/+2 |
* | Update for the KDB framework: | marcel | 2004-07-10 | 1 | -28/+29 |
* | Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on | rwatson | 2004-06-24 | 7 | -0/+53 |
* | Do the dreaded s/dev_t/struct cdev */ | phk | 2004-06-16 | 8 | -8/+9 |
* | Socket MAC labels so_label and so_peerlabel are now protected by | rwatson | 2004-06-13 | 1 | -8/+57 |
* | add missing #include <sys/module.h> | phk | 2004-05-30 | 2 | -0/+2 |
* | Remove dead code. (This loop counted the number of rules, but the count | cperciva | 2004-05-15 | 1 | -7/+0 |
* | Improve consistency of include file guards in src/sys/sys by terminating | rwatson | 2004-05-10 | 2 | -6/+6 |
* | If the mbuf pointer passed to mac_mbuf_to_label() is NULL, or the tag | rwatson | 2004-05-03 | 1 | -1/+4 |
* | Add /* !MAC */ to final #endif. | rwatson | 2004-05-03 | 2 | -2/+2 |
* | Update copyright. | rwatson | 2004-05-03 | 1 | -1/+1 |
* | When performing label assertions on an mbuf header label in mac_test, | rwatson | 2004-05-03 | 1 | -2/+3 |
* | Bump copyright date for NETA to 2004. | rwatson | 2004-05-03 | 2 | -2/+2 |
* | Add MAC_STATIC, a kernel option that disables internal MAC Framework | rwatson | 2004-05-03 | 2 | -0/+50 |
* | Define BPFD_LOCK_ASSERT() to assert the BPF descriptor lock. | rwatson | 2004-02-29 | 1 | -0/+4 |
* | Forward declare struct proc, struct sockaddr, and struct thread, which | rwatson | 2004-02-26 | 1 | -0/+3 |
* | Forward declare struct bpf_d, struct ifnet, struct image_params, and | rwatson | 2004-02-26 | 1 | -1/+5 |
* | Move inet and inet6 related MAC Framework entry points from mac_net.c | rwatson | 2004-02-26 | 4 | -655/+807 |
* | Reimplement sysctls handling by MAC framework. | pjd | 2004-02-22 | 7 | -36/+26 |
* | Update my personal copyrights and NETA copyrights in the kernel | rwatson | 2004-02-22 | 23 | -46/+46 |
* | Commit file missed in last pass: MAC api uses 'struct pipepair', not | rwatson | 2004-02-01 | 1 | -8/+8 |
* | Coalesce pipe allocations and frees. Previously, the pipe code | rwatson | 2004-02-01 | 9 | -93/+95 |
* | Pay attention to mac_portacl_enabled. | rwatson | 2004-01-20 | 1 | -1/+5 |
* | Switch TCP over to using the inpcb label when responding in timed | rwatson | 2003-12-17 | 8 | -0/+72 |
* | interpvnodelabel can be NULL in mac_test_execve_transition(). This | rwatson | 2003-12-10 | 1 | -1/+3 |
* | Rename mac_create_cred() MAC Framework entry point to mac_copy_cred(), | rwatson | 2003-12-06 | 9 | -68/+26 |
* | Use UMA zone allocator for Biba and MLS labels rather than MALLOC(9). | rwatson | 2003-11-18 | 2 | -12/+12 |
* | Introduce a MAC label reference in 'struct inpcb', which caches | rwatson | 2003-11-18 | 9 | -1/+362 |