From owner-cvs-all Tue Jul 30 14:36:10 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E4F837B406; Tue, 30 Jul 2002 14:36:06 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83E4443E67; Tue, 30 Jul 2002 14:36:05 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6ULa5JU074708; Tue, 30 Jul 2002 14:36:05 -0700 (PDT) (envelope-from rwatson@freefall.freebsd.org) Received: (from rwatson@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6ULa53W074707; Tue, 30 Jul 2002 14:36:05 -0700 (PDT) Message-Id: <200207302136.g6ULa53W074707@freefall.freebsd.org> From: Robert Watson Date: Tue, 30 Jul 2002 14:36:05 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_mac.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG rwatson 2002/07/30 14:36:05 PDT Modified files: sys/kern kern_mac.c Log: Begin committing support for Mandatory Access Control and extensible kernel access control. The MAC framework permits loadable kernel modules to link to the kernel at compile-time, boot-time, or run-time, and augment the system security policy. This commit includes the initial kernel implementation, although the interface with the userland components of the oeprating system is still under work, and not all kernel subsystems are supported. Later in this commit sequence, documentation of which kernel subsystems will not work correctly with a kernel compiled with MAC support will be added. kern_mac.c contains the body of the MAC framework. Kernel and user APIs defined in mac.h are implemented here, providing a front end to loaded security modules. This code implements a module registration service, state (label) management, security configuration and policy composition. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Revision Changes Path 1.2 +3016 -0 src/sys/kern/kern_mac.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message