Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 14 Apr 2005 16:03:30 +0000 (UTC)
From:      "Christian S.J. Peron" <csjp@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/security/mac mac_vfs.csrc/sys/security/mac_biba mac_biba.c src/sys/security/mac_lomac mac_lomac.c src/sys/security/mac_mls mac_mls.c src/sys/security/mac_stub...
Message-ID:  <200504141603.j3EG3UMm069374@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
csjp        2005-04-14 16:03:30 UTC

  FreeBSD src repository

  Modified files:
    sys/security/mac     mac_vfs.c 
    sys/security/mac_biba mac_biba.c 
    sys/security/mac_lomac mac_lomac.c 
    sys/security/mac_mls mac_mls.c 
    sys/security/mac_stub mac_stub.c 
    sys/security/mac_test mac_test.c 
    sys/sys              mac.h mac_policy.h 
    sys/vm               vm_mmap.c 
  Log:
  Move MAC check_vnode_mmap entry point out from being exclusive to
  MAP_SHARED so that the entry point gets executed un-conditionally.
  This may be useful for security policies which want to perform access
  control checks around run-time linking.
  
  -add the mmap(2) flags argument to the check_vnode_mmap entry point
   so that we can make access control decisions based on the type of
   mapped object.
  -update any dependent API around this parameter addition such as
   function prototype modifications, entry point parameter additions
   and the inclusion of sys/mman.h header file.
  -Change the MLS, BIBA and LOMAC security policies so that subject
   domination routines are not executed unless the type of mapping is
   shared. This is done to maintain compatibility between the old
   vm_mmap_vnode(9) and these policies.
  
  Reviewed by:    rwatson
  MFC after:      1 month
  
  Revision  Changes    Path
  1.108     +3 -2      src/sys/security/mac/mac_vfs.c
  1.84      +3 -2      src/sys/security/mac_biba/mac_biba.c
  1.34      +3 -2      src/sys/security/mac_lomac/mac_lomac.c
  1.69      +3 -2      src/sys/security/mac_mls/mac_mls.c
  1.45      +1 -1      src/sys/security/mac_stub/mac_stub.c
  1.54      +1 -1      src/sys/security/mac_test/mac_test.c
  1.60      +1 -1      src/sys/sys/mac.h
  1.59      +1 -1      src/sys/sys/mac_policy.h
  1.200     +5 -5      src/sys/vm/vm_mmap.c



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504141603.j3EG3UMm069374>