aboutsummaryrefslogtreecommitdiff
path: root/sys/sys/mac.h
Commit message (Expand)AuthorAgeFilesLines
* Reimplement sysctls handling by MAC framework.Pawel Jakub Dawidek2004-02-221-3/+4
* Update my personal copyrights and NETA copyrights in the kernelRobert Watson2004-02-221-2/+2
* Coalesce pipe allocations and frees. Previously, the pipe codeRobert Watson2004-02-011-10/+10
* Switch TCP over to using the inpcb label when responding in timedRobert Watson2003-12-171-0/+1
* Rename mac_create_cred() MAC Framework entry point to mac_copy_cred(),Robert Watson2003-12-061-1/+1
* Introduce a MAC label reference in 'struct inpcb', which cachesRobert Watson2003-11-181-0/+7
* Implement mac_get_peer(3) using getsockopt() with SOL_SOCKET andRobert Watson2003-11-161-0/+1
* Reduce gratuitous redundancy and length in function names:Robert Watson2003-11-161-3/+3
* GC prototype for mac_destroy_vnode_label(), missed in last commit.Robert Watson2003-11-121-1/+0
* Modify the MAC Framework so that instead of embedding a (struct label)Robert Watson2003-11-121-4/+7
* Use __BEGIN_DECLS and __END_DECLS around userland function prototypesRobert Watson2003-10-021-0/+2
* Remove extra tabs indenting MAC library calls; they were there toRobert Watson2003-08-291-21/+20
* Make the elements argument to mac_prepare() be const.Robert Watson2003-08-221-1/+1
* Add prototype for new libc function mac_prepare_type().Robert Watson2003-08-221-0/+1
* Introduce two new MAC Framework and MAC policy entry points:Robert Watson2003-08-211-0/+2
* Add mac_check_vnode_deleteextattr() and mac_check_vnode_listextattr():Robert Watson2003-08-211-0/+4
* Update NAI copyright to 2003, missed in earlier commits and merges.Robert Watson2003-04-181-1/+1
* Move MAC label storage for mbufs into m_tags from the m_pkthdr structure,Robert Watson2003-04-141-2/+5
* Modify the mac_init_ipq() MAC Framework entry point to accept anRobert Watson2003-03-261-1/+1
* Garbage collect FREEBSD_MAC_EXTATTR_NAME and FREEBSD_MAC_EXTATTR_NAMESPACE,Robert Watson2003-03-231-8/+0
* Instrument sysarch() MD privileged I/O access interfaces with a MACRobert Watson2003-03-061-0/+1
* Provide a mac_check_system_swapoff() entry point, which permits MACRobert Watson2003-03-051-0/+1
* Remove dm_root entry from struct devfs_mount. It's never set, and isRobert Watson2002-12-091-5/+7
* Un-staticize mac_cred_mmapped_drop_perms() so that it may be usedRobert Watson2002-11-261-0/+1
* Introduce p_label, extensible security label storage for the MAC frameworkRobert Watson2002-11-201-0/+2
* Merge kld access control checks from the MAC tree: these access controlRobert Watson2002-11-191-0/+3
* Garbage collect mac_create_devfs_vnode() -- it hasn't been used sinceRobert Watson2002-11-121-1/+0
* Bring in two sets of changes:Robert Watson2002-11-051-4/+12
* Permit MAC policies to instrument the access control decisions forRobert Watson2002-11-041-0/+2
* License clarification and wording changes: NAI has approved removal ofRobert Watson2002-11-041-7/+4
* Introduce mac_check_system_settime(), a MAC check allowing policies toRobert Watson2002-11-031-0/+1
* Add MAC checks for various kenv() operations: dump, get, set, unset,Robert Watson2002-11-011-0/+4
* While 'mode_t' seemed like a good idea for the access mode argument forRobert Watson2002-10-301-2/+2
* Remove all reference to 'struct oldmac', since it's no longer requiredRobert Watson2002-10-281-49/+2
* Implement mac_check_system_sysctl(), a MAC Framework entry point toRobert Watson2002-10-271-0/+3
* Hook up mac_check_system_reboot(), a MAC Framework entry point thatRobert Watson2002-10-271-0/+1
* Merge from MAC tree: rename mac_check_vnode_swapon() toRobert Watson2002-10-271-1/+1
* Slightly change the semantics of vnode labels for MAC: rather thanRobert Watson2002-10-261-7/+9
* Remove the mac_te policy bits from 'struct oldmac' -- we're not goingRobert Watson2002-10-221-6/+0
* Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies toRobert Watson2002-10-221-0/+1
* Revised APIs for user process label management; the existing APIs reliedRobert Watson2002-10-221-87/+59
* Add compartment support to Biba and MLS policies. The logic of theRobert Watson2002-10-211-0/+4
* Integrate mac_check_socket_send() and mac_check_socket_receive()Robert Watson2002-10-061-0/+2
* Sync from MAC tree: break out the single mmap entry point intoRobert Watson2002-10-061-3/+4
* Modify label allocation semantics for sockets: pass in soalloc's mallocRobert Watson2002-10-051-2/+2
* Integrate a devfs/MAC fix from the MAC tree: avoid a race condition duringRobert Watson2002-10-051-0/+2
* Merge support for mac_check_vnode_link(), a MAC framework/policy entryRobert Watson2002-10-051-0/+2
* Add a new MAC entry point, mac_thread_userret(td), which permits policyRobert Watson2002-10-021-0/+2
* Pass active_cred and file_cred into the MAC framework explicitlyRobert Watson2002-08-191-4/+8
* Provide an implementation of mac_syscall() so that security modulesRobert Watson2002-08-191-1/+6
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 07:59:28 +0000