HEADS UP: PERFORCE change 8204 for review (fwd)
Robert Watson
rwatson at FreeBSD.org
Fri Mar 22 16:56:45 GMT 2002
For those interested, SEBSD is a on-going port of the SELinux FLASK and
Type Enforcement implementations to run on top of the TrustedBSD MAC
framework. This work is occurring as part of an extension to the DARPA
CBOSS contract at NAI Labs, and will provide access to NSA FLASK and the
Type Enforcement implementations as pluggable modules on FreeBSD 5.0. With
the current level of funding, we anticipate a workable experimental
implementation when 5.0 is released in November. Obviously, we'd like to
see that become a production-worthy implementation as time and other
resources permit. We began the port a month or two ago and anticipate an
initial round of commits to the Perforce tree within a weeks or two. We
hope to have a usable prototype by June, with features expanding maturing
as time goes by.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org NAI Labs, Safeport Network Services
On Fri, 22 Mar 2002, Brian F. Feldman wrote:
> This will increase the size of struct mac in disk and on memory by an
> additional 4 bytes. (But it shouldn't need to increase again for SEBSD).
>
>
> ------- Forwarded Message
>
> Return-Path: <owner-perforce at freebsd.org>
> Delivered-To: green at freebsd.org
> Received: by hub.freebsd.org (Postfix, from userid 32767)
> id 185E337B419; Fri, 22 Mar 2002 06:53:26 -0800 (PST)
> Delivered-To: perforce at freebsd.org
> Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
> by hub.freebsd.org (Postfix) with ESMTP id 1AD4737B404
> for <perforce at freebsd.org>; Fri, 22 Mar 2002 06:53:25 -0800 (PST)
> Received: (from perforce at localhost)
> by freefall.freebsd.org (8.11.6/8.11.6) id g2MErOB88903
> for perforce at freebsd.org; Fri, 22 Mar 2002 06:53:24 -0800 (PST)
> (envelope-from green at freebsd.org)
> Date: Fri, 22 Mar 2002 06:53:24 -0800 (PST)
> Message-Id: <200203221453.g2MErOB88903 at freefall.freebsd.org>
> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to green at freebsd.org using -f
> From: Brian Feldman <green at FreeBSD.org>
> Subject: PERFORCE change 8204 for review
> To: Perforce Change Reviews <perforce at freebsd.org>
>
> http://people.freebsd.org/~peter/p4db/chv.cgi?CH=8204
> [...]
> ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#87 (text+ko) ====
>
> @@ -180,6 +180,10 @@
> #define MAC_TE_CLASS_BPF 6
> #define MAC_TE_OPERATION_BPF_RECEIVE 1
>
> +struct mac_sebsd {
> + uint32_t ms_psid; /* persistent sid storage */
> +};
> +
> /*
> * Composite structures and constants which combine the various policy
> * elements into common structures to be associated with subjects and
> @@ -190,6 +194,7 @@
> struct mac_biba m_biba;
> struct mac_mls m_mls;
> struct mac_te m_te;
> + struct mac_sebsd m_sebsd;
> };
> typedef struct mac *mac_t;
>
>
>
> --
> Brian Fundakowski Feldman \'[ FreeBSD ]''''''''''\
> <> green at FreeBSD.org <> bfeldman at tislabs.com \ The Power to Serve! \
> Opinions expressed are my own. \,,,,,,,,,,,,,,,,,,,,,,\
>
>
>
> To Unsubscribe: send mail to majordomo at trustedbsd.org
> with "unsubscribe trustedbsd-discuss" in the body of the message
>
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list