NetBSD/sys
elad 5f7169ccb1 First take at security model abstraction.
- Add a few scopes to the kernel: system, network, and machdep.

- Add a few more actions/sub-actions (requests), and start using them as
  opposed to the KAUTH_GENERIC_ISSUSER place-holders.

- Introduce a basic set of listeners that implement our "traditional"
  security model, called "bsd44". This is the default (and only) model we
  have at the moment.

- Update all relevant documentation.

- Add some code and docs to help folks who want to actually use this stuff:

  * There's a sample overlay model, sitting on-top of "bsd44", for
    fast experimenting with tweaking just a subset of an existing model.

    This is pretty cool because it's *really* straightforward to do stuff
    you had to use ugly hacks for until now...

  * And of course, documentation describing how to do the above for quick
    reference, including code samples.

All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:

	http://kauth.linbsd.org/kauthwiki

NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:

  - Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
  - Checks 'securelevel' directly,
  - Checks a uid/gid directly.

(or if you feel you have to, contact me first)

This is still work in progress; It's far from being done, but now it'll
be a lot easier.

Relevant mailing list threads:

http://mail-index.netbsd.org/tech-security/2006/01/25/0011.html
http://mail-index.netbsd.org/tech-security/2006/03/24/0001.html
http://mail-index.netbsd.org/tech-security/2006/04/18/0000.html
http://mail-index.netbsd.org/tech-security/2006/05/15/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/01/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/25/0000.html

Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).

Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.

Happy birthday Randi! :)
2006-09-08 20:58:56 +00:00
..
altq add missing initializer 2006-09-03 04:28:16 +00:00
arch First take at security model abstraction. 2006-09-08 20:58:56 +00:00
coda fix incomplete initializer 2006-08-29 23:45:23 +00:00
compat Implement Linux's fdatasync, patch from Nicolas Joly 2006-09-06 12:01:23 +00:00
conf First take at security model abstraction. 2006-09-08 20:58:56 +00:00
contrib/dev/ath Fix all the -D*DEBUG* code that it was rotting away and did not even compile. 2006-08-17 17:11:27 +00:00
crypto static comes first 2006-09-03 05:22:36 +00:00
ddb ANSIfy db_error. 2006-09-05 21:56:44 +00:00
dev Typo. 2006-09-08 06:38:55 +00:00
dist First take at security model abstraction. 2006-09-08 20:58:56 +00:00
fs Fix copying too much space from a small buffer. The chances of it actually 2006-09-05 22:30:52 +00:00
gdbscripts merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
ipkdb First take at security model abstraction. 2006-09-08 20:58:56 +00:00
kern First take at security model abstraction. 2006-09-08 20:58:56 +00:00
lib Fix and simplify node removal. Add lots of assertions and comments. 2006-09-08 04:07:15 +00:00
lkm Don't build "linux_ptrace.c" anymore. ptrace(2) support is optional now 2006-08-31 14:00:29 +00:00
miscfs First take at security model abstraction. 2006-09-08 20:58:56 +00:00
net First take at security model abstraction. 2006-09-08 20:58:56 +00:00
net80211 comment out impossible comparisons. 2006-08-30 15:40:41 +00:00
netatalk Fix initializers 2006-08-27 23:49:33 +00:00
netbt add newline to (debug) printf 2006-08-28 08:19:53 +00:00
netinet First take at security model abstraction. 2006-09-08 20:58:56 +00:00
netinet6 Simplify and repair icmp6_input() to stop the kernel from panicking 2006-09-05 16:11:26 +00:00
netipsec Make this compile again (hi xtos!). Switch to C99 structure initializations. 2006-08-31 23:21:54 +00:00
netisdn Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
netiso remove more vestiges of CCITT, LLC, HDLC, NS, and NSIP. 2006-09-07 02:40:31 +00:00
netkey use c99 initializers 2006-09-02 06:44:59 +00:00
netnatm One step closer to loadable domains. Store pointers to a domain's soft 2006-08-25 19:33:50 +00:00
netsmb add missing initializer 2006-09-03 05:27:28 +00:00
nfs nfs_ispublicfh: fix another instance of cast-qual. 2006-09-04 08:38:16 +00:00
opencrypto fix incomplete initializer 2006-08-29 23:45:23 +00:00
secmodel First take at security model abstraction. 2006-09-08 20:58:56 +00:00
stand merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
sys First take at security model abstraction. 2006-09-08 20:58:56 +00:00
ufs add missing initializers 2006-09-02 07:04:01 +00:00
uvm First take at security model abstraction. 2006-09-08 20:58:56 +00:00
Makefile Don't descend into netns and netccitt 2006-08-25 17:40:21 +00:00