From owner-cvs-src@FreeBSD.ORG Sun Oct 28 17:12:48 2007
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id D316316A417;
Sun, 28 Oct 2007 17:12:48 +0000 (UTC)
(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
[IPv6:2001:4f8:fff6::29])
by mx1.freebsd.org (Postfix) with ESMTP id C060D13C48E;
Sun, 28 Oct 2007 17:12:48 +0000 (UTC)
(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l9SHCmAW015818;
Sun, 28 Oct 2007 17:12:48 GMT
(envelope-from rwatson@repoman.freebsd.org)
Received: (from rwatson@localhost)
by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l9SHCmK5015817;
Sun, 28 Oct 2007 17:12:48 GMT (envelope-from rwatson)
Message-Id: <200710281712.l9SHCmK5015817@repoman.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sun, 28 Oct 2007 17:12:48 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc:
Subject: cvs commit: src/sys/contrib/pf/net pf.c src/sys/netinet ip_fw2.c
ip_icmp.c src/sys/security/mac mac_framework.h mac_inet.c
mac_net.c mac_policy.h src/sys/security/mac_biba mac_biba.c
src/sys/security/mac_lomac mac_lomac.c src/sys/security/mac_mls ...
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Oct 2007 17:12:48 -0000
rwatson 2007-10-28 17:12:48 UTC
FreeBSD src repository
Modified files:
sys/contrib/pf/net pf.c
sys/netinet ip_fw2.c ip_icmp.c
sys/security/mac mac_framework.h mac_inet.c mac_net.c
mac_policy.h
sys/security/mac_biba mac_biba.c
sys/security/mac_lomac mac_lomac.c
sys/security/mac_mls mac_mls.c
sys/security/mac_stub mac_stub.c
sys/security/mac_test mac_test.c
Log:
Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:
- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
segments in pf and ipfw (etc).
- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
a label in place, but in others we apply the label to a new mbuf.
Obtained from: TrustedBSD Project
Revision Changes Path
1.50 +1 -1 src/sys/contrib/pf/net/pf.c
1.178 +1 -1 src/sys/netinet/ip_fw2.c
1.120 +2 -2 src/sys/netinet/ip_icmp.c
1.94 +3 -2 src/sys/security/mac/mac_framework.h
1.16 +29 -2 src/sys/security/mac/mac_inet.c
1.130 +0 -11 src/sys/security/mac/mac_net.c
1.104 +9 -5 src/sys/security/mac/mac_policy.h
1.115 +26 -13 src/sys/security/mac_biba/mac_biba.c
1.60 +26 -13 src/sys/security/mac_lomac/mac_lomac.c
1.96 +26 -13 src/sys/security/mac_mls/mac_mls.c
1.77 +22 -12 src/sys/security/mac_stub/mac_stub.c
1.87 +14 -15 src/sys/security/mac_test/mac_test.c