From owner-svn-src-all@FreeBSD.ORG Tue Jun 2 18:31:09 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5D75B10656C7; Tue, 2 Jun 2009 18:31:09 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 41D518FC1D; Tue, 2 Jun 2009 18:31:09 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n52IV9Sa024604; Tue, 2 Jun 2009 18:31:09 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n52IV8YZ024597; Tue, 2 Jun 2009 18:31:08 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200906021831.n52IV8YZ024597@svn.freebsd.org> From: Robert Watson Date: Tue, 2 Jun 2009 18:31:08 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r193334 - in head/sys: amd64/conf i386/conf ia64/conf pc98/conf powerpc/conf sparc64/conf sun4v/conf X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jun 2009 18:31:09 -0000 Author: rwatson Date: Tue Jun 2 18:31:08 2009 New Revision: 193334 URL: http://svn.freebsd.org/changeset/base/193334 Log: Remove MAC kernel config files and add "options MAC" to GENERIC, with the goal of shipping 8.0 with MAC support in the default kernel. No policies will be compiled in or enabled by default, but it will now be possible to load them at boot or runtime without a kernel recompile. While the framework is not believed to impose measurable overhead when no policies are loaded (a result of optimization over the past few months in HEAD), we'll continue to benchmark and optimize as the release approaches. Please keep an eye out for performance or functionality regressions that could be a result of this change. Approved by: re (kensmith) Obtained from: TrustedBSD Project Deleted: head/sys/amd64/conf/MAC head/sys/i386/conf/MAC head/sys/ia64/conf/MAC head/sys/pc98/conf/MAC head/sys/powerpc/conf/MAC head/sys/sparc64/conf/MAC head/sys/sun4v/conf/MAC Modified: head/sys/amd64/conf/GENERIC head/sys/i386/conf/GENERIC head/sys/ia64/conf/GENERIC head/sys/pc98/conf/GENERIC head/sys/powerpc/conf/GENERIC head/sys/sparc64/conf/GENERIC head/sys/sun4v/conf/GENERIC Modified: head/sys/amd64/conf/GENERIC ============================================================================== --- head/sys/amd64/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/amd64/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -70,6 +70,7 @@ options KBD_INSTALL_CDEV # install a CD options STOP_NMI # Stop CPUS using NMI instead of IPI options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework #options KDTRACE_FRAME # Ensure frames are compiled in #options KDTRACE_HOOKS # Kernel DTrace hooks Modified: head/sys/i386/conf/GENERIC ============================================================================== --- head/sys/i386/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/i386/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -71,6 +71,7 @@ options KBD_INSTALL_CDEV # install a CD options STOP_NMI # Stop CPUS using NMI instead of IPI options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework #options KDTRACE_HOOKS # Kernel DTrace hooks # Debugging for use in -current Modified: head/sys/ia64/conf/GENERIC ============================================================================== --- head/sys/ia64/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/ia64/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -40,6 +40,7 @@ options INVARIANTS # Enable calls of ex options INVARIANT_SUPPORT # required by INVARIANTS options KDB # Enable kernel debugger support options KTRACE # ktrace(1) syscall trace support +options MAC # TrustedBSD MAC Framework options MD_ROOT # MD usable as root device options MSDOSFS # MSDOS Filesystem options NFSCLIENT # Network Filesystem Client Modified: head/sys/pc98/conf/GENERIC ============================================================================== --- head/sys/pc98/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/pc98/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -73,6 +73,7 @@ options _KPOSIX_PRIORITY_SCHEDULING # P options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework # Debugging for use in -current options KDB # Enable kernel debugger support. Modified: head/sys/powerpc/conf/GENERIC ============================================================================== --- head/sys/powerpc/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/powerpc/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -64,6 +64,7 @@ options SYSVSEM #SYSV-style semaphore options _KPOSIX_PRIORITY_SCHEDULING #Posix P1003_1B real-time extensions options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework # Debugging for use in -current options KDB #Enable the kernel debugger Modified: head/sys/sparc64/conf/GENERIC ============================================================================== --- head/sys/sparc64/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/sparc64/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -65,6 +65,7 @@ options SYSVSEM # SYSV-style semaphor options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework # Debugging for use in -current options KDB # Enable kernel debugger support. Modified: head/sys/sun4v/conf/GENERIC ============================================================================== --- head/sys/sun4v/conf/GENERIC Tue Jun 2 18:30:09 2009 (r193333) +++ head/sys/sun4v/conf/GENERIC Tue Jun 2 18:31:08 2009 (r193334) @@ -66,6 +66,7 @@ options AHC_REG_PRETTY_PRINT # Print re options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing +options MAC # TrustedBSD MAC Framework # Debugging for use in -current options KDB # Enable kernel debugger support.