From owner-p4-projects Tue Mar 26 17:13: 6 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6348D37B404; Tue, 26 Mar 2002 17:12:47 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id D9DE937B400; Tue, 26 Mar 2002 17:12:43 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.6) with SMTP id g2R1Cdw22942; Tue, 26 Mar 2002 20:12:40 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Tue, 26 Mar 2002 20:12:39 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Chris Vance Cc: Perforce Change Reviews Subject: Re: PERFORCE change 8447 for review In-Reply-To: <200203261844.g2QIigs36322@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Great! I'll have to update my MAC tree and prepare for a whole new brand of suffering. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Tue, 26 Mar 2002, Chris Vance wrote: > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=8447 > > Change 8447 by cvance@cvance_laptop on 2002/03/26 10:44:13 > > Initial import of SEBSD sources. The security server will boot and > initialize properly - assuming you have a valid policy located at > /ss_policy, otherwise it will cause a panic at boot time. > > Affected files ... > > ... //depot/projects/trustedbsd/mac/sys/conf/files#22 edit > ... //depot/projects/trustedbsd/mac/sys/conf/options#13 edit > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/av_inherit.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/av_perm_to_string.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/av_permissions.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc-selinux.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/avc_ss.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/class_to_string.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/avc/common_perm_to_string.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/flask.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/flask_types.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/linux-compat.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/avtab.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/constraint.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/context.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/ebitmap.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/fileutils.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/global.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/hashtab.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/init.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/initial_sid_to_string.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/mls.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/mls.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/mls_types.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/policydb.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/policydb.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/queue.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/queue.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/security.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/services.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/services.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/services_private.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/sidtab.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/sidtab.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/symtab.c#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/symtab.h#1 add > ... //depot/projects/trustedbsd/mac/sys/security/sebsd/ss/syscalls.c#1 add > > Differences ... > > ==== //depot/projects/trustedbsd/mac/sys/conf/files#22 (text+ko) ==== > > @@ -1270,6 +1270,20 @@ > security/mac_mls/mac_mls.c optional mac_mls > security/mac_none/mac_none.c optional mac_none > security/mac_te/mac_te.c optional mac_te > + > +security/sebsd/sebsd.c optional sebsd > +security/sebsd/avc/avc.c optional sebsd > +security/sebsd/ss/avtab.c optional sebsd > +security/sebsd/ss/ebitmap.c optional sebsd > +security/sebsd/ss/hashtab.c optional sebsd > +security/sebsd/ss/init.c optional sebsd > +security/sebsd/ss/policydb.c optional sebsd > +security/sebsd/ss/queue.c optional sebsd > +security/sebsd/ss/services.c optional sebsd > +security/sebsd/ss/sidtab.c optional sebsd > +security/sebsd/ss/symtab.c optional sebsd > +security/sebsd/ss/fileutils.c optional sebsd > + > ufs/ffs/ffs_alloc.c optional ffs > ufs/ffs/ffs_alloc.c optional ifs > ufs/ffs/ffs_balloc.c optional ffs > > ==== //depot/projects/trustedbsd/mac/sys/conf/options#13 (text+ko) ==== > > @@ -112,6 +112,7 @@ > MAC_MLS opt_mac.h > MAC_NONE opt_mac.h > MAC_TE opt_mac.h > +SEBSD opt_mac.h > > # Do we want the config file compiled into the kernel? > INCLUDE_CONFIG_FILE opt_config.h > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message