From owner-cvs-all Tue Jul 30 14:32:39 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6005D37B400; Tue, 30 Jul 2002 14:32:35 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 26A7543E3B; Tue, 30 Jul 2002 14:32:35 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6ULWZJU074455; Tue, 30 Jul 2002 14:32:35 -0700 (PDT) (envelope-from rwatson@freefall.freebsd.org) Received: (from rwatson@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6ULWYEq074454; Tue, 30 Jul 2002 14:32:34 -0700 (PDT) Message-Id: <200207302132.g6ULWYEq074454@freefall.freebsd.org> From: Robert Watson Date: Tue, 30 Jul 2002 14:32:34 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/sys mac.h mac_policy.h X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG rwatson 2002/07/30 14:32:34 PDT Added files: sys/sys mac.h mac_policy.h Log: Begin committing support for Mandatory Access Control and extensible kernel access control. The MAC framework permits loadable kernel modules to link to the kernel at compile-time, boot-time, or run-time, and augment the system security policy. This commit includes the initial kernel implementation, although the interface with the userland components of the oeprating system is still under work, and not all kernel subsystems are supported. Later in this commit sequence, documentation of which kernel subsystems will not work correctly with a kernel compiled with MAC support will be added. Include files to declare MAC userland interface (mac.h), MAC subsystem entry points (mac.h), and MAC policy entry points (mac_policy.h). These files define the interface between the kernel and the MAC framework, and between the MAC framework and each registered policy module. These APIs and ABIs may not be assumed to be stable until following FreeBSD 5.1-RELEASE. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Revision Changes Path 1.1 +407 -0 src/sys/sys/mac.h (new) 1.1 +491 -0 src/sys/sys/mac_policy.h (new) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message