Date: Wed, 31 Jul 2002 11:30:34 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/netinet raw_ip.c Message-ID: <200207311830.g6VIUYbl021313@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2002/07/31 11:30:34 PDT
Modified files:
sys/netinet raw_ip.c
Log:
Introduce support for Mandatory Access Control and extensible
kernel access control.
Instrument the raw IP socket code for packet generation and delivery:
label outgoing mbufs with the label of the socket, and check the
socket and mbuf labels before permitting delivery to a socket,
permitting MAC policies to selectively allow delivery of raw IP mbufs
to various raw IP sockets that may be open. Restructure the policy
checking code to compose IPsec and MAC results in a more readable
manner.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Revision Changes Path
1.98 +40 -16 src/sys/netinet/raw_ip.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207311830.g6VIUYbl021313>