aboutsummaryrefslogtreecommitdiff
path: root/sys/sys/mac_policy.h
Commit message (Expand)AuthorAgeFilesLines
* Modify the mac_init_ipq() MAC Framework entry point to accept anRobert Watson2003-03-261-1/+1
* Instrument sysarch() MD privileged I/O access interfaces with a MACRobert Watson2003-03-061-0/+1
* Provide a mac_check_system_swapoff() entry point, which permits MACRobert Watson2003-03-051-0/+2
* Remove dm_root entry from struct devfs_mount. It's never set, and isRobert Watson2002-12-091-6/+9
* Introduce p_label, extensible security label storage for the MAC frameworkRobert Watson2002-11-201-0/+2
* Merge kld access control checks from the MAC tree: these access controlRobert Watson2002-11-191-0/+4
* Garbage collect mac_create_devfs_vnode() -- it hasn't been used sinceRobert Watson2002-11-121-3/+0
* Add an explicit execlabel argument to exec-related MAC policy entryRobert Watson2002-11-081-3/+4
* Bring in two sets of changes:Robert Watson2002-11-051-3/+7
* Permit MAC policies to instrument the access control decisions forRobert Watson2002-11-041-0/+3
* License clarification and wording changes: NAI has approved removal ofRobert Watson2002-11-041-7/+4
* Introduce mac_check_system_settime(), a MAC check allowing policies toRobert Watson2002-11-031-0/+1
* Add MAC checks for various kenv() operations: dump, get, set, unset,Robert Watson2002-11-011-0/+5
* Move to C99 sparse structure initialization for the mac_policy_opsRobert Watson2002-10-301-155/+4
* While 'mode_t' seemed like a good idea for the access mode argument forRobert Watson2002-10-301-2/+2
* Implement mac_check_system_sysctl(), a MAC Framework entry point toRobert Watson2002-10-271-0/+4
* Hook up mac_check_system_reboot(), a MAC Framework entry point thatRobert Watson2002-10-271-0/+2
* Merge from MAC tree: rename mac_check_vnode_swapon() toRobert Watson2002-10-271-3/+3
* Slightly change the semantics of vnode labels for MAC: rather thanRobert Watson2002-10-261-24/+23
* Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies toRobert Watson2002-10-221-0/+3
* Revised APIs for user process label management; the existing APIs reliedRobert Watson2002-10-221-10/+49
* Integrate mac_check_socket_send() and mac_check_socket_receive()Robert Watson2002-10-061-0/+6
* Sync from MAC tree: break out the single mmap entry point intoRobert Watson2002-10-061-3/+9
* Modify label allocation semantics for sockets: pass in soalloc's mallocRobert Watson2002-10-051-2/+2
* Integrate a devfs/MAC fix from the MAC tree: avoid a race condition duringRobert Watson2002-10-051-0/+4
* Merge support for mac_check_vnode_link(), a MAC framework/policy entryRobert Watson2002-10-051-0/+4
* Begin another merge from the TrustedBSD MAC branch:Robert Watson2002-10-051-50/+53
* Add a new MAC entry point, mac_thread_userret(td), which permits policyRobert Watson2002-10-021-0/+2
* Pass active_cred and file_cred into the MAC framework explicitlyRobert Watson2002-08-191-4/+8
* Provide an implementation of mac_syscall() so that security modulesRobert Watson2002-08-191-0/+8
* Break out mac_check_pipe_op() into component check entry points:Robert Watson2002-08-191-3/+12
* Break out mac_check_vnode_op() into three seperate checks:Robert Watson2002-08-191-3/+9
* Rename mac_check_socket_receive() to mac_check_socket_deliver() so thatRobert Watson2002-08-151-4/+4
* Declare a module service "kernel_mac_support" when MAC support isRobert Watson2002-08-121-0/+1
* Improve ordering of MAC entry points in mac_policy_op structure.Robert Watson2002-08-021-6/+6
* Change macop_t to const, use macop_t in MAC policy entry point definitionRobert Watson2002-08-011-2/+2
* Begin committing support for Mandatory Access Control and extensibleRobert Watson2002-07-301-0/+491
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-14 18:38:51 +0000