upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-10 18:21:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/security/mac
History
Robert Watson 9b6dd12e5d Correct several issues in the integration of POSIX shared memory objects 
and the new setmode and setowner fileops in FreeBSD 9.0:

- Add new MAC Framework entry point mac_posixshm_check_create() to allow
  MAC policies to authorise shared memory use.  Provide a stub policy and
  test policy templates.

- Add missing Biba and MLS implementations of mac_posixshm_check_setmode()
  and mac_posixshm_check_setowner().

- Add 'accmode' argument to mac_posixshm_check_open() -- unlike the
  mac_posixsem_check_open() entry point it was modeled on, the access mode
  is required as shared memory access can be read-only as well as writable;
  this isn't true of POSIX semaphores.

- Implement full range of POSIX shared memory entry points for Biba and MLS.

Sponsored by:   Google Inc.
Obtained from:	TrustedBSD Project
Approved by:    re (kib)
2011-09-02 17:40:39 +00:00
..
mac_atalk.c Continue work to optimize performance of "options MAC" when no MAC policy 2009-06-03 18:46:28 +00:00
mac_audit.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_cred.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_framework.c sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly. 2011-01-12 19:54:14 +00:00
mac_framework.h Correct several issues in the integration of POSIX shared memory objects 2011-09-02 17:40:39 +00:00
mac_inet.c Continue work to optimize performance of "options MAC" when no MAC policy 2009-06-03 18:46:28 +00:00
mac_inet6.c Continue work to optimize performance of "options MAC" when no MAC policy 2009-06-03 18:46:28 +00:00
mac_internal.h Add an extra comment to the SDT probes definition. This allows us to get 2010-08-22 11:18:57 +00:00
mac_label.c Introduce accessor functions mac_label_get() and mac_label_set() to replace 2007-02-06 14:19:25 +00:00
mac_net.c Add one further check with mac_policy_count to an mbuf copying case 2009-06-03 19:41:12 +00:00
mac_pipe.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_policy.h Correct several issues in the integration of POSIX shared memory objects 2011-09-02 17:40:39 +00:00
mac_posix_sem.c Add the fo_chown and fo_chmod methods to struct fileops and use them 2011-08-16 20:07:47 +00:00
mac_posix_shm.c Correct several issues in the integration of POSIX shared memory objects 2011-09-02 17:40:39 +00:00
mac_priv.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_process.c Unless "cnt" exceeds MAX_COMMIT_COUNT, nfsrv_commit() and nfsvno_fsync() are 2011-02-05 21:21:27 +00:00
mac_socket.c Continue work to optimize performance of "options MAC" when no MAC policy 2009-06-03 18:46:28 +00:00
mac_syscalls.c Second-to-last commit implementing Capsicum capabilities in the FreeBSD 2011-08-11 12:30:23 +00:00
mac_system.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_sysv_msg.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_sysv_sem.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_sysv_shm.c Rename MAC Framework-internal macros used to invoke policy entry points: 2009-05-01 21:05:40 +00:00
mac_vfs.c Add missing DTrace probe invocation to mac_vnode_check_open; the probe 2010-10-23 16:59:39 +00:00