source-changes: CVS commit: src

Subject: CVS commit: src
To: None <source-changes@NetBSD.org>
From: Elad Efrat <elad@netbsd.org>
List: source-changes
Date: 01/23/2008 15:04:41
Module Name:	src
Committed By:	elad
Date:		Wed Jan 23 15:04:41 UTC 2008

Modified Files:
	src/share/examples/secmodel: secmodel_example.c
	src/share/man/man9: kauth.9
	src/sys/compat/freebsd: freebsd_sched.c
	src/sys/compat/ibcs2: ibcs2_misc.c
	src/sys/compat/irix: irix_prctl.c
	src/sys/compat/linux/common: linux_sched.c
	src/sys/kern: init_sysctl.c kern_event.c kern_resource.c sys_process.c
	    tty.c
	src/sys/miscfs/procfs: procfs_ctl.c procfs_subr.c procfs_vnops.c
	src/sys/secmodel/bsd44: secmodel_bsd44_suser.c
	src/sys/secmodel/securelevel: secmodel_securelevel.c
	src/sys/sys: kauth.h

Log Message:
Tons of process scope changes.

  - Add a KAUTH_PROCESS_SCHEDULER action, to handle scheduler related
    requests, and add specific requests for set/get scheduler policy and
    set/get scheduler parameters.

  - Add a KAUTH_PROCESS_KEVENT_FILTER action, to handle kevent(2) related
    requests.

  - Add a KAUTH_DEVICE_TTY_STI action to handle requests to TIOCSTI.

  - Add requests for the KAUTH_PROCESS_CANSEE action, indicating what
    process information is being looked at (entry itself, args, env,
    open files).

  - Add requests for the KAUTH_PROCESS_RLIMIT action indicating set/get.

  - Add requests for the KAUTH_PROCESS_CORENAME action indicating set/get.

  - Make bsd44 secmodel code handle the newly added rqeuests appropriately.

All of the above make it possible to issue finer-grained kauth(9) calls in
many places, removing some KAUTH_GENERIC_ISSUSER requests.

  - Remove the "CAN" from KAUTH_PROCESS_CAN{KTRACE,PROCFS,PTRACE,SIGNAL}.

Discussed with christos@ and yamt@.


To generate a diff of this commit:
cvs rdiff -r1.18 -r1.19 src/share/examples/secmodel/secmodel_example.c
cvs rdiff -r1.62 -r1.63 src/share/man/man9/kauth.9
cvs rdiff -r1.12 -r1.13 src/sys/compat/freebsd/freebsd_sched.c
cvs rdiff -r1.97 -r1.98 src/sys/compat/ibcs2/ibcs2_misc.c
cvs rdiff -r1.44 -r1.45 src/sys/compat/irix/irix_prctl.c
cvs rdiff -r1.46 -r1.47 src/sys/compat/linux/common/linux_sched.c
cvs rdiff -r1.119 -r1.120 src/sys/kern/init_sysctl.c
cvs rdiff -r1.45 -r1.46 src/sys/kern/kern_event.c
cvs rdiff -r1.130 -r1.131 src/sys/kern/kern_resource.c
cvs rdiff -r1.134 -r1.135 src/sys/kern/sys_process.c
cvs rdiff -r1.211 -r1.212 src/sys/kern/tty.c
cvs rdiff -r1.42 -r1.43 src/sys/miscfs/procfs/procfs_ctl.c
cvs rdiff -r1.83 -r1.84 src/sys/miscfs/procfs/procfs_subr.c
cvs rdiff -r1.164 -r1.165 src/sys/miscfs/procfs/procfs_vnops.c
cvs rdiff -r1.45 -r1.46 src/sys/secmodel/bsd44/secmodel_bsd44_suser.c
cvs rdiff -r1.7 -r1.8 src/sys/secmodel/securelevel/secmodel_securelevel.c
cvs rdiff -r1.45 -r1.46 src/sys/sys/kauth.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.