upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-11 09:41:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys
History
Robert Watson 2220907b6e Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on 
network interfaces.  This global mutex will protect all ifnet labels.
Acquire the mutex across various MAC activities on interfaces, such
as security checks, propagating interface labels to mbufs generated
from the interface, retrieving and setting the interface label.

Introduce mpo_copy_ifnet_label MAC policy entry point to copy the
value of an interface label from one label to another.  Use this
to avoid performing a label externalize while holding mac_ifnet_mtx;
copy the label to a temporary ifnet label and then externalize that.

Implement mpo_copy_ifnet_label for various MAC policies that
implement interface labeling using generic label copying routines.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-06-24 03:34:46 +00:00
..
alpha - Remove unused definitions. 2004-06-23 08:06:52 +00:00
amd64 Fetch the actual acpi0 device_t and use device_is_attached() to see if 2004-06-23 17:59:01 +00:00
arm Fix compilation for Xscale. 2004-06-19 20:50:50 +00:00
boot Throw out pfsync and pflog, the modules were removed 2004-06-22 22:57:13 +00:00
cam Revert rev 1.140, it was a bit pre-mature. 2004-06-21 19:01:55 +00:00
coda Second half of the dev_t cleanup. 2004-06-17 17:16:53 +00:00
compat Cast variable-sized (based on platform) quantities before printing out. 2004-06-24 02:21:17 +00:00
conf Better OFW console support on Sun Ultra2 machines. 2004-06-24 02:57:11 +00:00
contrib Major overhaul of pseudo-interface cloning. Highlights include: 2004-06-22 20:13:25 +00:00
crypto Use __FBSDID(). 2004-06-14 00:38:54 +00:00
ddb Fixed DDB_NOKLDSYM on amd64's: 2004-05-18 05:30:06 +00:00
dev Better OFW console support on Sun Ultra2 machines. 2004-06-24 02:57:11 +00:00
fs Remove spls from portal_open(). Acquire socket lock while sleeping 2004-06-24 00:47:23 +00:00
geom Currently, if the drives specified for volume creation are 2004-06-24 02:40:34 +00:00
gnu Fixed misformatting of code and breaking of a comment in previous commit. 2004-06-20 03:36:31 +00:00
i4b Be BURN_BRIDGES compliant 2004-06-21 21:59:00 +00:00
i386 Add casts so all these quantities are a constant type. 2004-06-24 02:24:39 +00:00
ia64 - Remove unused definitions. 2004-06-23 08:06:52 +00:00
isa Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
isofs/cd9660 Second half of the dev_t cleanup. 2004-06-17 17:16:53 +00:00
kern Acquire socket lock in the "waiting for connection" loop in 2004-06-24 01:43:23 +00:00
libkern Import libkern arm specific bits. 2004-05-14 12:28:31 +00:00
modules Clean CLEANFILES. 2004-06-23 14:22:14 +00:00
net Major overhaul of pseudo-interface cloning. Highlights include: 2004-06-22 20:13:25 +00:00
net80211 Link ALTQ to the build and break with ABI for struct ifnet. Please recompile 2004-06-13 17:29:10 +00:00
netatalk Socket MAC labels so_label and so_peerlabel are now protected by 2004-06-13 02:50:07 +00:00
netatm The socket field so_state is used to hold a variety of socket related 2004-06-14 18:16:22 +00:00
netgraph Clean up use of ng_hdhasb_mtx a little: 2004-06-24 01:47:31 +00:00
netinet Broaden scope of the socket buffer lock when processing an ACK so that 2004-06-24 03:07:27 +00:00
netinet6 Link ALTQ to the build and break with ABI for struct ifnet. Please recompile 2004-06-13 17:29:10 +00:00
netipsec Add required includes for post-sorwakeup() change to fix FAST_IPSEC 2004-06-23 01:58:22 +00:00
netipx Improve source-code compatibility with Linux applications using the 2004-06-22 21:46:49 +00:00
netkey Merge next step in socket buffer locking: 2004-06-21 00:20:43 +00:00
netnatm Constify send and receive space constants in natm. 2004-06-24 03:11:29 +00:00
netncp Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
netsmb Merge additional socket buffer locking from rwatson_netperf: 2004-06-17 22:48:11 +00:00
nfs Remove advertising clause from University of California Regent's 2004-04-07 05:00:01 +00:00
nfs4client Second half of the dev_t cleanup. 2004-06-17 17:16:53 +00:00
nfsclient When updating sb_flags, acquire the socket buffer lock to prevent 2004-06-24 03:12:13 +00:00
nfsserver Merge additional socket buffer locking from rwatson_netperf: 2004-06-17 22:48:11 +00:00
opencrypto Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
pc98 Remove the TIOCDCDTIMESTAMP option. 2004-06-22 20:32:17 +00:00
pccard Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
pci Be BURN_BRIDGES compliant. 2004-06-21 21:57:31 +00:00
posix4 The sem_timedwait() and ksem_timedwait() functions both 2004-02-03 22:27:03 +00:00
powerpc Do the dreaded s/dev_t/struct cdev */ 2004-06-16 09:47:26 +00:00
rpc Remove advertising clause from University of California Regent's 2004-04-07 05:00:01 +00:00
security Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on 2004-06-24 03:34:46 +00:00
sparc64 Better OFW console support on Sun Ultra2 machines. 2004-06-24 02:57:11 +00:00
sys Introduce a temporary mutex, mac_ifnet_mtx, to lock MAC labels on 2004-06-24 03:34:46 +00:00
tools devlist2h.awk is too generic a name for what it does. It really 2004-05-26 00:19:39 +00:00
ufs Backed out previous commit. The dev_t -> `struct cdev *' changes have 2004-06-20 03:11:19 +00:00
vm Remove spl calls. 2004-06-24 03:13:30 +00:00
Makefile Try harder not to compile anything in sys/boot for arm. 2004-05-16 00:19:12 +00:00