1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
freebsd/sys/security
Robert Watson f51e58036e Redesign the externalization APIs from the MAC Framework to
the MAC policy modules to improve robustness against C string
bugs and vulnerabilities.  Following these revisions, all
string construction of labels for export to userspace (or
elsewhere) is performed using the sbuf API, which prevents
the consumer from having to perform laborious and intricate
pointer and buffer checks.  This substantially simplifies
the externalization logic, both at the MAC Framework level,
and in individual policies; this becomes especially useful
when policies export more complex label data, such as with
compartments in Biba and MLS.

Bundled in here are some other minor fixes associated with
externalization: including avoiding malloc while holding the
process mutex in mac_lomac, and hence avoid a failure mode
when printing labels during a downgrade operation due to
the removal of the M_NOWAIT case.

This has been running in the MAC development tree for about
three weeks without problems.

Obtained from:	TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
2003-06-23 01:26:34 +00:00
..
mac Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_biba Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_bsdextended Trim "trustedbsd_" from the front of the policy module "short names"; 2003-03-27 19:26:39 +00:00
mac_ifoff Rather than check for M_PKTHDR and conditionally perform access control, 2003-04-18 20:22:23 +00:00
mac_lomac Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_mls Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_none Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_partition Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_portacl Including <sys/stdint.h> is (almost?) universally only to be able to use 2003-03-18 08:45:25 +00:00
mac_seeotheruids Trim "trustedbsd_" from the front of the policy module "short names"; 2003-03-27 19:26:39 +00:00
mac_stub Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00
mac_test Redesign the externalization APIs from the MAC Framework to 2003-06-23 01:26:34 +00:00