From owner-cvs-all  Sat Oct  5  8:10: 8 2002
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 53B8D37B404; Sat,  5 Oct 2002 08:10:01 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 09FA443E6A; Sat,  5 Oct 2002 08:10:01 -0700 (PDT)
	(envelope-from rwatson@FreeBSD.org)
Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g95FA0Co097547;
	Sat, 5 Oct 2002 08:10:00 -0700 (PDT)
	(envelope-from rwatson@freefall.freebsd.org)
Received: (from rwatson@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g95FA0uD097546;
	Sat, 5 Oct 2002 08:10:00 -0700 (PDT)
Message-Id: <200210051510.g95FA0uD097546@freefall.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sat, 5 Oct 2002 08:10:00 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/sys/kern kern_mac.c src/sys/security/mac_biba
         mac_biba.c src/sys/security/mac_mls mac_mls.c
         src/sys/security/mac_none mac_none.c src/sys/security/mac_test
         mac_test.c src/sys/sys mac_policy.h
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

rwatson     2002/10/05 08:10:00 PDT

  Modified files:
    sys/kern             kern_mac.c 
    sys/security/mac_biba mac_biba.c 
    sys/security/mac_mls mac_mls.c 
    sys/security/mac_none mac_none.c 
    sys/security/mac_test mac_test.c 
    sys/sys              mac_policy.h 
  Log:
  Begin another merge from the TrustedBSD MAC branch:
  
  - Change mpo_init_foo(obj, label) and mpo_destroy_foo(obj, label) policy
    entry points to mpo_init_foo_label(label) and
    mpo_destroy_foo_label(label).  This will permit the use of the same
    entry points for holding temporary type-specific label during
    internalization and externalization, as well as for caching purposes.
  - Because of this, break out mpo_{init,destroy}_socket() and
    mpo_{init,destroy}_mount() into seperate entry points for socket
    main/peer labels and mount main/fs labels.
  - Since the prototype for label initialization is the same across almost
    all entry points, implement these entry points using common
    implementations for Biba, MLS, and Test, reducing the number of
    almost identical looking functions.
  
  This simplifies policy implementation, as well as preparing us for the
  merge of the new flexible userland API for managing labels on objects.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   DARPA, Network Associates Laboratories
  
  Revision  Changes    Path
  1.28      +86 -68    src/sys/kern/kern_mac.c
  1.13      +58 -205   src/sys/security/mac_biba/mac_biba.c
  1.11      +58 -205   src/sys/security/mac_mls/mac_mls.c
  1.8       +55 -167   src/sys/security/mac_none/mac_none.c
  1.7       +140 -84   src/sys/security/mac_test/mac_test.c
  1.11      +53 -50    src/sys/sys/mac_policy.h

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message