cvs commit: src/sys/contrib/pf/net pf.c src/sys/netinet ip_fw2.c
ip_icmp.c src/sys/security/mac mac_framework.h mac_inet.c
mac_net.c mac_policy.h src/sys/security/mac_biba mac_biba.c
src/sys/security/mac_lomac mac_lomac.c src/sys/security/mac_mls ...
Robert Watson
rwatson at FreeBSD.org
Sun Oct 28 10:12:48 PDT 2007
rwatson 2007-10-28 17:12:48 UTC
FreeBSD src repository
Modified files:
sys/contrib/pf/net pf.c
sys/netinet ip_fw2.c ip_icmp.c
sys/security/mac mac_framework.h mac_inet.c mac_net.c
mac_policy.h
sys/security/mac_biba mac_biba.c
sys/security/mac_lomac mac_lomac.c
sys/security/mac_mls mac_mls.c
sys/security/mac_stub mac_stub.c
sys/security/mac_test mac_test.c
Log:
Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:
- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
segments in pf and ipfw (etc).
- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
a label in place, but in others we apply the label to a new mbuf.
Obtained from: TrustedBSD Project
Revision Changes Path
1.50 +1 -1 src/sys/contrib/pf/net/pf.c
1.178 +1 -1 src/sys/netinet/ip_fw2.c
1.120 +2 -2 src/sys/netinet/ip_icmp.c
1.94 +3 -2 src/sys/security/mac/mac_framework.h
1.16 +29 -2 src/sys/security/mac/mac_inet.c
1.130 +0 -11 src/sys/security/mac/mac_net.c
1.104 +9 -5 src/sys/security/mac/mac_policy.h
1.115 +26 -13 src/sys/security/mac_biba/mac_biba.c
1.60 +26 -13 src/sys/security/mac_lomac/mac_lomac.c
1.96 +26 -13 src/sys/security/mac_mls/mac_mls.c
1.77 +22 -12 src/sys/security/mac_stub/mac_stub.c
1.87 +14 -15 src/sys/security/mac_test/mac_test.c
More information about the cvs-all
mailing list