FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=release%2F9.3.0 2013-03-09T02:36:32Z 2013-03-09T02:36:32Z Marius Strobl marius@FreeBSD.org 2013-03-09T02:36:32Z urn:sha1:7b1b32ed4582e7bcdd416c4718d0d79ebaea192d Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static. 2011-09-02T17:40:39Z Robert Watson rwatson@FreeBSD.org 2011-09-02T17:40:39Z urn:sha1:9b6dd12e5da17c85b9e93f1ed31ec8719e6f40db and the new setmode and setowner fileops in FreeBSD 9.0: - Add new MAC Framework entry point mac_posixshm_check_create() to allow MAC policies to authorise shared memory use. Provide a stub policy and test policy templates. - Add missing Biba and MLS implementations of mac_posixshm_check_setmode() and mac_posixshm_check_setowner(). - Add 'accmode' argument to mac_posixshm_check_open() -- unlike the mac_posixsem_check_open() entry point it was modeled on, the access mode is required as shared memory access can be read-only as well as writable; this isn't true of POSIX semaphores. - Implement full range of POSIX shared memory entry points for Biba and MLS. Sponsored by: Google Inc. Obtained from: TrustedBSD Project Approved by: re (kib) 2011-08-16T20:07:47Z Konstantin Belousov kib@FreeBSD.org 2011-08-16T20:07:47Z urn:sha1:9c00bb9190391479885cfb14ed23fb7003d10109 to implement fchown(2) and fchmod(2) support for several file types that previously lacked it. Add MAC entries for chown/chmod done on posix shared memory and (old) in-kernel posix semaphores. Based on the submission by: glebius Reviewed by: rwatson Approved by: re (bz) 2009-06-03T18:46:28Z Robert Watson rwatson@FreeBSD.org 2009-06-03T18:46:28Z urn:sha1:3de4046939a04576ede9d97f48f6a02d1a2ccc8c modules are loaded by avoiding mbuf label lookups when policies aren't loaded, pushing further socket locking into MAC policy modules, and avoiding locking MAC ifnet locks when no policies are loaded: - Check mac_policies_count before looking for mbuf MAC label m_tags in MAC Framework entry points. We will still pay label lookup costs if MAC policies are present but don't require labels (typically a single mbuf header field read, but perhaps further indirection if IPSEC or other m_tag consumers are in use). - Further push socket locking for socket-related access control checks and events into MAC policies from the MAC Framework, so that sockets are only locked if a policy specifically requires a lock to protect a label. This resolves lock order issues during sonewconn() and also in local domain socket cross-connect where multiple socket locks could not be held at once for the purposes of propagatig MAC labels across multiple sockets. Eliminate mac_policy_count check in some entry points where it no longer avoids locking. - Add mac_policy_count checking in some entry points relating to network interfaces that otherwise lock a global MAC ifnet lock used to protect ifnet labels. Obtained from: TrustedBSD Project 2009-03-08T12:32:06Z Robert Watson rwatson@FreeBSD.org 2009-03-08T12:32:06Z urn:sha1:fefd0ac8a911c1b3b63da1602bb13cee5ffe4311 extended attribute get/set; in the case of get an uninitialized user buffer was passed before the EA was retrieved, making it of relatively little use; the latter was simply unused by any policies. Obtained from: TrustedBSD Project Sponsored by: Google, Inc. 2009-03-08T10:58:37Z Robert Watson rwatson@FreeBSD.org 2009-03-08T10:58:37Z urn:sha1:6f6174a7621e3a97032b067d72d873d1cda60b64 naming by renaming certain "proc" entry points to "cred" entry points, reflecting their manipulation of credentials. For some entry points, the process was passed into the framework but not into policies; in these cases, stop passing in the process since we don't need it. mac_proc_check_setaudit -> mac_cred_check_setaudit mac_proc_check_setaudit_addr -> mac_cred_check_setaudit_addr mac_proc_check_setauid -> mac_cred_check_setauid mac_proc_check_setegid -> mac_cred_check_setegid mac_proc_check_seteuid -> mac_cred_check_seteuid mac_proc_check_setgid -> mac_cred_check_setgid mac_proc_check_setgroups -> mac_cred_ceck_setgroups mac_proc_check_setregid -> mac_cred_check_setregid mac_proc_check_setresgid -> mac_cred_check_setresgid mac_proc_check_setresuid -> mac_cred_check_setresuid mac_proc_check_setreuid -> mac_cred_check_setreuid mac_proc_check_setuid -> mac_cred_check_setuid Obtained from: TrustedBSD Project Sponsored by: Google, Inc. 2009-01-10T10:58:41Z Robert Watson rwatson@FreeBSD.org 2009-01-10T10:58:41Z urn:sha1:9162f64b58d01ec01481d60b6cdc06ffd8e8c7fc they label, derive that information implicitly from the set of label initializers in their policy operations set. This avoids a possible class of programmer errors, while retaining the structure that allows us to avoid allocating labels for objects that don't need them. As before, we regenerate a global mask of labeled objects each time a policy is loaded or unloaded, stored in mac_labeled. Discussed with: csjp Suggested by: Jacques Vidrine <nectar at apple.com> Obtained from: TrustedBSD Project Sponsored by: Apple, Inc. 2009-01-10T09:17:16Z Robert Watson rwatson@FreeBSD.org 2009-01-10T09:17:16Z urn:sha1:dbdcb99498a0007fafce9b8f1b85de424b5d70d7 MPC_OBJECT_IPQ; it was already defined, just not used. Obtained from: TrustedBSD Project Sponsored by: Apple, Inc. 2008-10-28T13:44:11Z Edward Tomasz Napierala trasz@FreeBSD.org 2008-10-28T13:44:11Z urn:sha1:15bc6b2bd8d8c56ad74e57675dde8501bc7f53e1 to add more V* constants, and the variables changed by this patch were often being assigned to mode_t variables, which is 16 bit. Approved by: rwatson (mentor) 2008-10-28T11:33:06Z Robert Watson rwatson@FreeBSD.org 2008-10-28T11:33:06Z urn:sha1:212ab0cfb38a01878cc1bd44eeb4e6fcab384d5d that they operate directly on credentials: mac_proc_create_swapper(), mac_proc_create_init(), and mac_proc_associate_nfsd(). Update policies. Obtained from: TrustedBSD Project