Date: Sat, 10 Jan 2009 10:58:41 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/security/mac mac_framework.c mac_internal.h mac_policy.h src/sys/security/mac_biba mac_biba.c src/sys/security/mac_bsdextended mac_bsdextended.c src/sys/security/mac_ifoff mac_ifoff.c src/sys/security/mac_lomac mac_lomac.c ... Message-ID: <200901101058.n0AAwv9c038452@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2009-01-10 10:58:41 UTC
FreeBSD src repository
Modified files:
sys/security/mac mac_framework.c mac_internal.h
mac_policy.h
sys/security/mac_biba mac_biba.c
sys/security/mac_bsdextended mac_bsdextended.c
sys/security/mac_ifoff mac_ifoff.c
sys/security/mac_lomac mac_lomac.c
sys/security/mac_mls mac_mls.c
sys/security/mac_none mac_none.c
sys/security/mac_partition mac_partition.c
sys/security/mac_portacl mac_portacl.c
sys/security/mac_seeotheruids mac_seeotheruids.c
sys/security/mac_stub mac_stub.c
sys/security/mac_test mac_test.c
Log:
SVN rev 187016 on 2009-01-10 10:58:41Z by rwatson
Rather than having MAC policies explicitly declare what object types
they label, derive that information implicitly from the set of label
initializers in their policy operations set. This avoids a possible
class of programmer errors, while retaining the structure that
allows us to avoid allocating labels for objects that don't need
them. As before, we regenerate a global mask of labeled objects
each time a policy is loaded or unloaded, stored in mac_labeled.
Discussed with: csjp
Suggested by: Jacques Vidrine <nectar at apple.com>
Obtained from: TrustedBSD Project
Sponsored by: Apple, Inc.
Revision Changes Path
1.138 +45 -7 src/sys/security/mac/mac_framework.c
1.126 +29 -0 src/sys/security/mac/mac_internal.h
1.116 +3 -30 src/sys/security/mac/mac_policy.h
1.128 +1 -22 src/sys/security/mac_biba/mac_biba.c
1.54 +1 -1 src/sys/security/mac_bsdextended/mac_bsdextended.c
1.18 +1 -1 src/sys/security/mac_ifoff/mac_ifoff.c
1.74 +1 -22 src/sys/security/mac_lomac/mac_lomac.c
1.110 +1 -22 src/sys/security/mac_mls/mac_mls.c
1.39 +1 -1 src/sys/security/mac_none/mac_none.c
1.30 +1 -1 src/sys/security/mac_partition/mac_partition.c
1.20 +1 -1 src/sys/security/mac_portacl/mac_portacl.c
1.21 +1 -1 src/sys/security/mac_seeotheruids/mac_seeotheruids.c
1.92 +1 -22 src/sys/security/mac_stub/mac_stub.c
1.105 +1 -22 src/sys/security/mac_test/mac_test.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901101058.n0AAwv9c038452>