Date: Mon, 29 Jul 2002 08:32:59 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15124 for review Message-ID: <200207291532.g6TFWxaw083092@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15124 Change 15124 by rwatson@rwatson_paprika on 2002/07/29 08:32:31 Various entry point naming simplifications: mac_create_vnode_from_vnode -> mac_create_vnode While there are other vnode creation events, this is the standard entry point for creating a vnode, and vnodes are always instantiated in the context of another vnode (parent directory), so remove the from_vnode. mac_create_ipq_from_fragment -> mac_create_ipq IP reassembly queues are always created in the context of an IP fragment, so remove explicit mention of that. mac_create_fragment_from_datagram -> mac_create_fragment IP fragments are always created in the context of an IP datagram, so remove explicit mention of that. mac_fragment_matches_ipq -> mac_fragment_match IP fragment matching only occurs in the context of an IP reassembly queue. Arguably it should be mac_ipq_match, however. mac_update_ipq_from_fragment -> mac_update_ipq IP reassembly queues are only ever updated when a new IP fragment arrives, so don't mention it explicitly. mac_update_devfsdirent_from_vnode -> mac_update_devfsdirent devfs directory entries are only ever updated from vnodes, so don't explicitly mention it. mac_update_procfsvnode_from_cred -> mac_update_procfsvnode procfs entries are only ever updated from credentials when handled explicitly as procfs entries, so don't mention that. Procfs entries can be updated from the mountpoint also, but in that context we use the generic update_vnode_from_mount entry point. Affected files ... .. //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#19 edit .. //depot/projects/trustedbsd/mac/sys/fs/procfs/procfs_mac.c#6 edit .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#218 edit .. //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#16 edit .. //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#15 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#83 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#71 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#58 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#65 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#28 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac.h#135 edit .. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#100 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#19 (text+ko) ==== @@ -823,7 +823,7 @@ de = vp->v_data; mac_relabel_vnode(ap->a_cred, vp, ap->a_label); - mac_update_devfsdirent_from_vnode(de, vp); + mac_update_devfsdirent(de, vp); return (0); } @@ -862,8 +862,8 @@ TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list); devfs_allocv(de, ap->a_dvp->v_mount, ap->a_vpp, 0); #ifdef MAC - mac_create_vnode_from_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp); - mac_update_devfsdirent_from_vnode(de, *ap->a_vpp); + mac_create_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp); + mac_update_devfsdirent(de, *ap->a_vpp); #endif /* MAC */ lockmgr(&dmp->dm_lock, LK_RELEASE, 0, curthread); return (0); ==== //depot/projects/trustedbsd/mac/sys/fs/procfs/procfs_mac.c#6 (text+ko) ==== @@ -60,7 +60,7 @@ mac_update_vnode_from_mount(vp, vp->v_mount); else { PROC_LOCK(p); - mac_update_procfsvnode_from_cred(vp, p->p_ucred); + mac_update_procfsvnode(vp, p->p_ucred); PROC_UNLOCK(p); } ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#218 (text+ko) ==== @@ -482,8 +482,8 @@ mpc->mpc_ops->mpo_stdcreatevnode_ea = mpe->mpe_function; break; - case MAC_CREATE_VNODE_FROM_VNODE: - mpc->mpc_ops->mpo_create_vnode_from_vnode = + case MAC_CREATE_VNODE: + mpc->mpc_ops->mpo_create_vnode = mpe->mpe_function; break; case MAC_CREATE_MOUNT: @@ -498,12 +498,12 @@ mpc->mpc_ops->mpo_relabel_vnode = mpe->mpe_function; break; - case MAC_UPDATE_DEVFSDIRENT_FROM_VNODE: - mpc->mpc_ops->mpo_update_devfsdirent_from_vnode = + case MAC_UPDATE_DEVFSDIRENT: + mpc->mpc_ops->mpo_update_devfsdirent = mpe->mpe_function; break; - case MAC_UPDATE_PROCFSVNODE_FROM_CRED: - mpc->mpc_ops->mpo_update_procfsvnode_from_cred = + case MAC_UPDATE_PROCFSVNODE: + mpc->mpc_ops->mpo_update_procfsvnode = mpe->mpe_function; break; case MAC_UPDATE_VNODE_FROM_EXTATTR: @@ -558,16 +558,16 @@ mpc->mpc_ops->mpo_create_datagram_from_ipq = mpe->mpe_function; break; - case MAC_CREATE_FRAGMENT_FROM_DATAGRAM: - mpc->mpc_ops->mpo_create_fragment_from_datagram = + case MAC_CREATE_FRAGMENT: + mpc->mpc_ops->mpo_create_fragment = mpe->mpe_function; break; case MAC_CREATE_IFNET: mpc->mpc_ops->mpo_create_ifnet = mpe->mpe_function; break; - case MAC_CREATE_IPQ_FROM_FRAGMENT: - mpc->mpc_ops->mpo_create_ipq_from_fragment = + case MAC_CREATE_IPQ: + mpc->mpc_ops->mpo_create_ipq = mpe->mpe_function; break; case MAC_CREATE_MBUF_FROM_MBUF: @@ -594,16 +594,16 @@ mpc->mpc_ops->mpo_create_mbuf_netlayer_from_mbuf = mpe->mpe_function; break; - case MAC_FRAGMENT_MATCHES_IPQ: - mpc->mpc_ops->mpo_fragment_matches_ipq = + case MAC_FRAGMENT_MATCH: + mpc->mpc_ops->mpo_fragment_match = mpe->mpe_function; break; case MAC_RELABEL_IFNET: mpc->mpc_ops->mpo_relabel_ifnet = mpe->mpe_function; break; - case MAC_UPDATE_IPQ_FROM_FRAGMENT: - mpc->mpc_ops->mpo_update_ipq_from_fragment = + case MAC_UPDATE_IPQ: + mpc->mpc_ops->mpo_update_ipq = mpe->mpe_function; break; case MAC_CREATE_CRED: @@ -924,18 +924,17 @@ } void -mac_update_devfsdirent_from_vnode(struct devfs_dirent *de, struct vnode *vp) +mac_update_devfsdirent(struct devfs_dirent *de, struct vnode *vp) { - MAC_PERFORM(update_devfsdirent_from_vnode, de, &de->de_label, vp, - &vp->v_label); + MAC_PERFORM(update_devfsdirent, de, &de->de_label, vp, &vp->v_label); } void -mac_update_procfsvnode_from_cred(struct vnode *vp, struct ucred *cred) +mac_update_procfsvnode(struct vnode *vp, struct ucred *cred) { - MAC_PERFORM(update_procfsvnode_from_cred, vp, &vp->v_label, cred); + MAC_PERFORM(update_procfsvnode, vp, &vp->v_label, cred); } /* @@ -1138,7 +1137,7 @@ * happen except in fairly unusual circumstances (out * of disk, etc). */ - mac_create_vnode_from_vnode(cred, dvp, tvp); + mac_create_vnode(cred, dvp, tvp); error = mac_stdcreatevnode_ea(tvp); if (error) @@ -2244,19 +2243,19 @@ } void -mac_create_fragment_from_datagram(struct mbuf *datagram, struct mbuf *fragment) +mac_create_fragment(struct mbuf *datagram, struct mbuf *fragment) { - MAC_PERFORM(create_fragment_from_datagram, datagram, - &datagram->m_pkthdr.label, fragment, &fragment->m_pkthdr.label); + MAC_PERFORM(create_fragment, datagram, &datagram->m_pkthdr.label, + fragment, &fragment->m_pkthdr.label); } void -mac_create_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq) +mac_create_ipq(struct mbuf *fragment, struct ipq *ipq) { - MAC_PERFORM(create_ipq_from_fragment, fragment, - &fragment->m_pkthdr.label, ipq, &ipq->ipq_label); + MAC_PERFORM(create_ipq, fragment, &fragment->m_pkthdr.label, ipq, + &ipq->ipq_label); } void @@ -2310,23 +2309,23 @@ } int -mac_fragment_matches_ipq(struct mbuf *fragment, struct ipq *ipq) +mac_fragment_match(struct mbuf *fragment, struct ipq *ipq) { int result; result = 1; - MAC_BOOLEAN(fragment_matches_ipq, &&, fragment, - &fragment->m_pkthdr.label, ipq, &ipq->ipq_label); + MAC_BOOLEAN(fragment_match, &&, fragment, &fragment->m_pkthdr.label, + ipq, &ipq->ipq_label); return (result); } void -mac_update_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq) +mac_update_ipq(struct mbuf *fragment, struct ipq *ipq) { - MAC_PERFORM(update_ipq_from_fragment, fragment, - &fragment->m_pkthdr.label, ipq, &ipq->ipq_label); + MAC_PERFORM(update_ipq, fragment, &fragment->m_pkthdr.label, ipq, + &ipq->ipq_label); } void @@ -2662,23 +2661,23 @@ * When a new vnode is created, this call will initialize its label. */ void -mac_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, +mac_create_vnode(struct ucred *cred, struct vnode *parent, struct vnode *child) { int error; - ASSERT_VOP_LOCKED(parent, "mac_create_vnode_from_vnode"); - ASSERT_VOP_LOCKED(child, "mac_create_vnode_from_vnode"); + ASSERT_VOP_LOCKED(parent, "mac_create_vnode"); + ASSERT_VOP_LOCKED(child, "mac_create_vnode"); error = vn_refreshlabel(parent, cred); if (error) { - printf("mac_create_vnode_from_vnode: vn_refreshlabel returned" - " %d\n", error); - printf("mac_create_vnode_from_vnode: using old vnode label\n"); + printf("mac_create_vnode: vn_refreshlabel returned %d\n", + error); + printf("mac_create_vnode: using old vnode label\n"); } - MAC_PERFORM(create_vnode_from_vnode, cred, parent, &parent->v_label, - child, &child->v_label); + MAC_PERFORM(create_vnode, cred, parent, &parent->v_label, child, + &child->v_label); } int ==== //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#16 (text+ko) ==== @@ -696,7 +696,7 @@ ip->ip_src.s_addr == fp->ipq_src.s_addr && ip->ip_dst.s_addr == fp->ipq_dst.s_addr && #ifdef MAC - mac_fragment_matches_ipq(m, fp) && + mac_fragment_match(m, fp) && #endif ip->ip_p == fp->ipq_p) goto found; @@ -909,7 +909,7 @@ fp = mtod(t, struct ipq *); #ifdef MAC mac_init_ipq(fp); - mac_create_ipq_from_fragment(m, fp); + mac_create_ipq(m, fp); #endif TAILQ_INSERT_HEAD(head, fp, ipq_list); nipq++; @@ -927,7 +927,7 @@ goto inserted; } else { #ifdef MAC - mac_update_ipq_from_fragment(m, fp); + mac_update_ipq(m, fp); #endif } ==== //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#15 (text+ko) ==== @@ -1004,7 +1004,7 @@ m->m_pkthdr.len = mhlen + len; m->m_pkthdr.rcvif = (struct ifnet *)0; #ifdef MAC - mac_create_fragment_from_datagram(m0, m); + mac_create_fragment(m0, m); #endif m->m_pkthdr.csum_flags = m0->m_pkthdr.csum_flags; mhip->ip_off = htons(mhip->ip_off); ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#83 (text+ko) ==== @@ -661,9 +661,8 @@ } static void -mac_biba_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, - struct label *parentlabel, struct vnode *child, - struct label *childlabel) +mac_biba_create_vnode(struct ucred *cred, struct vnode *parent, + struct label *parentlabel, struct vnode *child, struct label *childlabel) { struct mac_biba *source, *dest; @@ -712,7 +711,7 @@ } static void -mac_biba_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent, +mac_biba_update_devfsdirent(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { struct mac_biba *source, *dest; @@ -724,8 +723,8 @@ } static void -mac_biba_update_procfsvnode_from_cred(struct vnode *vp, - struct label *vnodelabel, struct ucred *cred) +mac_biba_update_procfsvnode(struct vnode *vp, struct label *vnodelabel, + struct ucred *cred) { struct mac_biba *source, *dest; @@ -946,8 +945,8 @@ } static void -mac_biba_create_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_biba_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { struct mac_biba *source, *dest; @@ -971,9 +970,8 @@ } static void -mac_biba_create_fragment_from_datagram(struct mbuf *datagram, - struct label *datagramlabel, struct mbuf *fragment, - struct label *fragmentlabel) +mac_biba_create_fragment(struct mbuf *datagram, struct label *datagramlabel, + struct mbuf *fragment, struct label *fragmentlabel) { struct mac_biba *source, *dest; @@ -1058,8 +1056,8 @@ } static int -mac_biba_fragment_matches_ipq(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_biba_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { struct mac_biba *a, *b; @@ -1083,8 +1081,8 @@ } static void -mac_biba_update_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_biba_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { /* NOOP: we only accept matching labels, so no need to update */ @@ -2068,18 +2066,18 @@ (macop_t)mac_biba_create_devfs_directory }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_biba_create_devfs_vnode }, - { MAC_CREATE_VNODE_FROM_VNODE, - (macop_t)mac_biba_create_vnode_from_vnode }, + { MAC_CREATE_VNODE, + (macop_t)mac_biba_create_vnode }, { MAC_CREATE_MOUNT, (macop_t)mac_biba_create_mount }, { MAC_CREATE_ROOT_MOUNT, (macop_t)mac_biba_create_root_mount }, { MAC_RELABEL_VNODE, (macop_t)mac_biba_relabel_vnode }, - { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE, - (macop_t)mac_biba_update_devfsdirent_from_vnode }, - { MAC_UPDATE_PROCFSVNODE_FROM_CRED, - (macop_t)mac_biba_update_procfsvnode_from_cred }, + { MAC_UPDATE_DEVFSDIRENT, + (macop_t)mac_biba_update_devfsdirent }, + { MAC_UPDATE_PROCFSVNODE, + (macop_t)mac_biba_update_procfsvnode }, { MAC_UPDATE_VNODE_FROM_EXTERNALIZED, (macop_t)mac_biba_update_vnode_from_externalized }, { MAC_UPDATE_VNODE_FROM_MOUNT, @@ -2104,12 +2102,12 @@ (macop_t)mac_biba_create_bpfdesc }, { MAC_CREATE_DATAGRAM_FROM_IPQ, (macop_t)mac_biba_create_datagram_from_ipq }, - { MAC_CREATE_FRAGMENT_FROM_DATAGRAM, - (macop_t)mac_biba_create_fragment_from_datagram }, + { MAC_CREATE_FRAGMENT, + (macop_t)mac_biba_create_fragment }, { MAC_CREATE_IFNET, (macop_t)mac_biba_create_ifnet }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_biba_create_ipq_from_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_biba_create_ipq }, { MAC_CREATE_MBUF_FROM_MBUF, (macop_t)mac_biba_create_mbuf_from_mbuf }, { MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET, @@ -2122,12 +2120,12 @@ (macop_t)mac_biba_create_mbuf_multicast_encap_from_mbuf }, { MAC_CREATE_MBUF_NETLAYER_FROM_MBUF, (macop_t)mac_biba_create_mbuf_netlayer_from_mbuf }, - { MAC_FRAGMENT_MATCHES_IPQ, - (macop_t)mac_biba_fragment_matches_ipq }, + { MAC_FRAGMENT_MATCH, + (macop_t)mac_biba_fragment_match }, { MAC_RELABEL_IFNET, (macop_t)mac_biba_relabel_ifnet }, - { MAC_UPDATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_biba_update_ipq_from_fragment }, + { MAC_UPDATE_IPQ, + (macop_t)mac_biba_update_ipq }, { MAC_CREATE_CRED, (macop_t)mac_biba_create_cred }, { MAC_EXECVE_TRANSITION, ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#71 (text+ko) ==== @@ -646,9 +646,8 @@ } static void -mac_mls_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, - struct label *parentlabel, struct vnode *child, - struct label *childlabel) +mac_mls_create_vnode(struct ucred *cred, struct vnode *parent, + struct label *parentlabel, struct vnode *child, struct label *childlabel) { struct mac_mls *source, *dest; @@ -697,7 +696,7 @@ } static void -mac_mls_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent, +mac_mls_update_devfsdirent(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { struct mac_mls *source, *dest; @@ -709,8 +708,8 @@ } static void -mac_mls_update_procfsvnode_from_cred(struct vnode *vp, - struct label *vnodelabel, struct ucred *cred) +mac_mls_update_procfsvnode(struct vnode *vp, struct label *vnodelabel, + struct ucred *cred) { struct mac_mls *source, *dest; @@ -895,8 +894,8 @@ } static void -mac_mls_create_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_mls_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { struct mac_mls *source, *dest; @@ -920,9 +919,8 @@ } static void -mac_mls_create_fragment_from_datagram(struct mbuf *datagram, - struct label *datagramlabel, struct mbuf *fragment, - struct label *fragmentlabel) +mac_mls_create_fragment(struct mbuf *datagram, struct label *datagramlabel, + struct mbuf *fragment, struct label *fragmentlabel) { struct mac_mls *source, *dest; @@ -1007,8 +1005,8 @@ } static int -mac_mls_fragment_matches_ipq(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_mls_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { struct mac_mls *a, *b; @@ -1032,8 +1030,8 @@ } static void -mac_mls_update_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_mls_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { /* NOOP: we only accept matching labels, so no need to update */ @@ -2019,18 +2017,18 @@ (macop_t)mac_mls_create_devfs_directory }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_mls_create_devfs_vnode }, - { MAC_CREATE_VNODE_FROM_VNODE, - (macop_t)mac_mls_create_vnode_from_vnode }, + { MAC_CREATE_VNODE, + (macop_t)mac_mls_create_vnode }, { MAC_CREATE_MOUNT, (macop_t)mac_mls_create_mount }, { MAC_CREATE_ROOT_MOUNT, (macop_t)mac_mls_create_root_mount }, { MAC_RELABEL_VNODE, (macop_t)mac_mls_relabel_vnode }, - { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE, - (macop_t)mac_mls_update_devfsdirent_from_vnode }, - { MAC_UPDATE_PROCFSVNODE_FROM_CRED, - (macop_t)mac_mls_update_procfsvnode_from_cred }, + { MAC_UPDATE_DEVFSDIRENT, + (macop_t)mac_mls_update_devfsdirent }, + { MAC_UPDATE_PROCFSVNODE, + (macop_t)mac_mls_update_procfsvnode }, { MAC_UPDATE_VNODE_FROM_EXTERNALIZED, (macop_t)mac_mls_update_vnode_from_externalized }, { MAC_UPDATE_VNODE_FROM_MOUNT, @@ -2055,12 +2053,12 @@ (macop_t)mac_mls_create_bpfdesc }, { MAC_CREATE_DATAGRAM_FROM_IPQ, (macop_t)mac_mls_create_datagram_from_ipq }, - { MAC_CREATE_FRAGMENT_FROM_DATAGRAM, - (macop_t)mac_mls_create_fragment_from_datagram }, + { MAC_CREATE_FRAGMENT, + (macop_t)mac_mls_create_fragment }, { MAC_CREATE_IFNET, (macop_t)mac_mls_create_ifnet }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_mls_create_ipq_from_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_mls_create_ipq }, { MAC_CREATE_MBUF_FROM_MBUF, (macop_t)mac_mls_create_mbuf_from_mbuf }, { MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET, @@ -2073,12 +2071,12 @@ (macop_t)mac_mls_create_mbuf_multicast_encap_from_mbuf }, { MAC_CREATE_MBUF_NETLAYER_FROM_MBUF, (macop_t)mac_mls_create_mbuf_netlayer_from_mbuf }, - { MAC_FRAGMENT_MATCHES_IPQ, - (macop_t)mac_mls_fragment_matches_ipq }, + { MAC_FRAGMENT_MATCH, + (macop_t)mac_mls_fragment_match }, { MAC_RELABEL_IFNET, (macop_t)mac_mls_relabel_ifnet }, - { MAC_UPDATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_mls_update_ipq_from_fragment }, + { MAC_UPDATE_IPQ, + (macop_t)mac_mls_update_ipq }, { MAC_CREATE_CRED, (macop_t)mac_mls_create_cred }, { MAC_EXECVE_TRANSITION, ==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#58 (text+ko) ==== @@ -280,7 +280,7 @@ } static void -mac_none_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, +mac_none_create_vnode(struct ucred *cred, struct vnode *parent, struct label *parentlabel, struct vnode *child, struct label *childlabel) { @@ -416,9 +416,8 @@ } static void -mac_none_create_fragment_from_datagram(struct mbuf *datagram, - struct label *datagramlabel, struct mbuf *fragment, - struct label *fragmentlabel) +mac_none_create_fragment(struct mbuf *datagram, struct label *datagramlabel, + struct mbuf *fragment, struct label *fragmentlabel) { } @@ -430,8 +429,8 @@ } static void -mac_none_create_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_none_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { } @@ -482,8 +481,8 @@ } static int -mac_none_fragment_matches_ipq(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_none_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { return (1); @@ -497,8 +496,8 @@ } static void -mac_none_update_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_none_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { } @@ -942,8 +941,8 @@ (macop_t)mac_none_create_devfs_directory }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_none_create_devfs_vnode }, - { MAC_CREATE_VNODE_FROM_VNODE, - (macop_t)mac_none_create_vnode_from_vnode }, + { MAC_CREATE_VNODE, + (macop_t)mac_none_create_vnode }, { MAC_CREATE_MOUNT, (macop_t)mac_none_create_mount }, { MAC_CREATE_ROOT_MOUNT, @@ -978,14 +977,14 @@ (macop_t)mac_none_create_bpfdesc }, { MAC_CREATE_IFNET, (macop_t)mac_none_create_ifnet }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_none_create_ipq_from_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_none_create_ipq }, { MAC_CREATE_DATAGRAM_FROM_IPQ, (macop_t)mac_none_create_datagram_from_ipq }, - { MAC_CREATE_FRAGMENT_FROM_DATAGRAM, - (macop_t)mac_none_create_fragment_from_datagram }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_none_create_ipq_from_fragment }, + { MAC_CREATE_FRAGMENT, + (macop_t)mac_none_create_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_none_create_ipq }, { MAC_CREATE_MBUF_FROM_MBUF, (macop_t)mac_none_create_mbuf_from_mbuf }, { MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET, @@ -998,12 +997,12 @@ (macop_t)mac_none_create_mbuf_multicast_encap_from_mbuf }, { MAC_CREATE_MBUF_NETLAYER_FROM_MBUF, (macop_t)mac_none_create_mbuf_netlayer_from_mbuf }, - { MAC_FRAGMENT_MATCHES_IPQ, - (macop_t)mac_none_fragment_matches_ipq }, + { MAC_FRAGMENT_MATCH, + (macop_t)mac_none_fragment_match }, { MAC_RELABEL_IFNET, (macop_t)mac_none_relabel_ifnet }, - { MAC_UPDATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_none_update_ipq_from_fragment }, + { MAC_UPDATE_IPQ, + (macop_t)mac_none_update_ipq }, { MAC_CREATE_CRED, (macop_t)mac_none_create_cred }, { MAC_EXECVE_TRANSITION, ==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#65 (text+ko) ==== @@ -857,9 +857,8 @@ } static void -mac_te_create_fragment_from_datagram(struct mbuf *datagram, - struct label *datagramlabel, struct mbuf *fragment, - struct label *fragmentlabel) +mac_te_create_fragment(struct mbuf *datagram, struct label *datagramlabel, + struct mbuf *fragment, struct label *fragmentlabel) { mac_te_init_label(SLOT(fragmentlabel)); @@ -867,8 +866,8 @@ } static void -mac_te_create_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct mbuf *ipq, struct label *ipqlabel) +mac_te_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct mbuf *ipq, struct label *ipqlabel) { mac_te_copy_label(SLOT(fragmentlabel), SLOT(ipqlabel)); @@ -917,8 +916,8 @@ } static int -mac_te_fragment_matches_ipq(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_te_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { return (mac_te_equal(fragmentlabel, ipqlabel)); @@ -1083,7 +1082,7 @@ } static void -mac_te_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, +mac_te_create_vnode(struct ucred *cred, struct vnode *parent, struct label *parentlabel, struct vnode *child, struct label *childlabel) { @@ -1634,7 +1633,7 @@ } static void -mac_te_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent, +mac_te_update_devfsdirent(struct devfs_dirent *devfs_dirent, struct label *direntlabel, struct vnode *vp, struct label *vnodelabel) { @@ -1642,7 +1641,7 @@ } static void -mac_te_update_procfsvnode_from_cred(struct vnode *vp, struct label *vnodelabel, +mac_te_update_procfsvnode(struct vnode *vp, struct label *vnodelabel, struct ucred *cred) { @@ -1666,8 +1665,8 @@ } static void -mac_te_update_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_te_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { mac_te_copy_label(SLOT(fragmentlabel), SLOT(ipqlabel)); @@ -1700,8 +1699,8 @@ { MAC_CREATE_DEVFS_DEVICE, (macop_t)mac_te_create_devfs_device }, { MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_te_create_devfs_directory }, { MAC_CREATE_DEVFS_VNODE, (macop_t)mac_te_create_devfs_vnode }, - { MAC_CREATE_VNODE_FROM_VNODE, - (macop_t)mac_te_create_vnode_from_vnode }, + { MAC_CREATE_VNODE, + (macop_t)mac_te_create_vnode }, { MAC_CREATE_MOUNT, (macop_t)mac_te_create_mount }, { MAC_CREATE_ROOT_MOUNT, (macop_t)mac_te_create_root_mount }, { MAC_CREATE_MBUF_FROM_SOCKET, @@ -1720,10 +1719,10 @@ { MAC_CREATE_IFNET, (macop_t)mac_te_create_ifnet }, { MAC_CREATE_DATAGRAM_FROM_IPQ, (macop_t)mac_te_create_datagram_from_ipq }, - { MAC_CREATE_FRAGMENT_FROM_DATAGRAM, - (macop_t)mac_te_create_fragment_from_datagram }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_te_create_ipq_from_fragment }, + { MAC_CREATE_FRAGMENT, + (macop_t)mac_te_create_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_te_create_ipq }, { MAC_CREATE_MBUF_FROM_MBUF, (macop_t)mac_te_create_mbuf_from_mbuf }, { MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET, @@ -1736,7 +1735,8 @@ (macop_t)mac_te_create_mbuf_multicast_encap_from_mbuf }, { MAC_CREATE_MBUF_NETLAYER_FROM_MBUF, (macop_t)mac_te_create_mbuf_netlayer_from_mbuf }, - { MAC_FRAGMENT_MATCHES_IPQ, (macop_t)mac_te_fragment_matches_ipq }, + { MAC_FRAGMENT_MATCH, + (macop_t)mac_te_fragment_match }, { MAC_RELABEL_IFNET, (macop_t)mac_te_relabel_ifnet }, { MAC_CREATE_CRED, (macop_t)mac_te_create_cred }, { MAC_EXECVE_TRANSITION, (macop_t)mac_te_execve_transition }, @@ -1834,16 +1834,16 @@ (macop_t)mac_te_check_vnode_op }, { MAC_EXTERNALIZE, (macop_t)mac_te_externalize }, { MAC_INTERNALIZE, (macop_t)mac_te_internalize }, - { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE, - (macop_t)mac_te_update_devfsdirent_from_vnode }, - { MAC_UPDATE_PROCFSVNODE_FROM_CRED, - (macop_t)mac_te_update_procfsvnode_from_cred }, + { MAC_UPDATE_DEVFSDIRENT, + (macop_t)mac_te_update_devfsdirent }, + { MAC_UPDATE_PROCFSVNODE, + (macop_t)mac_te_update_procfsvnode }, { MAC_UPDATE_VNODE_FROM_EXTERNALIZED, (macop_t)mac_te_update_vnode_from_externalized }, { MAC_UPDATE_VNODE_FROM_MOUNT, (macop_t)mac_te_update_vnode_from_mount }, - { MAC_UPDATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_te_update_ipq_from_fragment }, + { MAC_UPDATE_IPQ, + (macop_t)mac_te_update_ipq }, { MAC_OP_LAST, NULL } }; ==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#28 (text+ko) ==== @@ -488,9 +488,8 @@ } static void -mac_test_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, - struct label *parentlabel, struct vnode *child, - struct label *childlabel) +mac_test_create_vnode(struct ucred *cred, struct vnode *parent, + struct label *parentlabel, struct vnode *child, struct label *childlabel) { } @@ -517,15 +516,15 @@ } static void -mac_test_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent, +mac_test_update_devfsdirent(struct devfs_dirent *devfs_dirent, struct vnode *vp) { } static void -mac_test_update_procfsvnode_from_cred(struct vnode *vp, - struct label *vnodelabel, struct ucred *cred) +mac_test_update_procfsvnode(struct vnode *vp, struct label *vnodelabel, + struct ucred *cred) { } @@ -624,9 +623,8 @@ } static void -mac_test_create_fragment_from_datagram(struct mbuf *datagram, - struct label *datagramlabel, struct mbuf *fragment, - struct label *fragmentlabel) +mac_test_create_fragment(struct mbuf *datagram, struct label *datagramlabel, + struct mbuf *fragment, struct label *fragmentlabel) { } @@ -638,8 +636,8 @@ } static void -mac_test_create_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_test_create_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { } @@ -690,8 +688,8 @@ } static int -mac_test_fragment_matches_ipq(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_test_fragment_match(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { return (1); @@ -705,8 +703,8 @@ } static void -mac_test_update_ipq_from_fragment(struct mbuf *fragment, - struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel) +mac_test_update_ipq(struct mbuf *fragment, struct label *fragmentlabel, + struct ipq *ipq, struct label *ipqlabel) { } @@ -1158,10 +1156,10 @@ (macop_t)mac_test_create_root_mount }, { MAC_RELABEL_VNODE, (macop_t)mac_test_relabel_vnode }, - { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE, - (macop_t)mac_test_update_devfsdirent_from_vnode }, - { MAC_UPDATE_PROCFSVNODE_FROM_CRED, - (macop_t)mac_test_update_procfsvnode_from_cred }, + { MAC_UPDATE_DEVFSDIRENT, + (macop_t)mac_test_update_devfsdirent }, + { MAC_UPDATE_PROCFSVNODE, + (macop_t)mac_test_update_procfsvnode }, { MAC_UPDATE_VNODE_FROM_EXTERNALIZED, (macop_t)mac_test_update_vnode_from_externalized }, { MAC_UPDATE_VNODE_FROM_MOUNT, @@ -1188,10 +1186,10 @@ (macop_t)mac_test_create_ifnet }, { MAC_CREATE_DATAGRAM_FROM_IPQ, (macop_t)mac_test_create_datagram_from_ipq }, - { MAC_CREATE_FRAGMENT_FROM_DATAGRAM, - (macop_t)mac_test_create_fragment_from_datagram }, - { MAC_CREATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_test_create_ipq_from_fragment }, + { MAC_CREATE_FRAGMENT, + (macop_t)mac_test_create_fragment }, + { MAC_CREATE_IPQ, + (macop_t)mac_test_create_ipq }, { MAC_CREATE_MBUF_FROM_MBUF, (macop_t)mac_test_create_mbuf_from_mbuf }, { MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET, @@ -1204,12 +1202,12 @@ (macop_t)mac_test_create_mbuf_multicast_encap_from_mbuf }, { MAC_CREATE_MBUF_NETLAYER_FROM_MBUF, (macop_t)mac_test_create_mbuf_netlayer_from_mbuf }, - { MAC_FRAGMENT_MATCHES_IPQ, - (macop_t)mac_test_fragment_matches_ipq }, + { MAC_FRAGMENT_MATCH, + (macop_t)mac_test_fragment }, { MAC_RELABEL_IFNET, (macop_t)mac_test_relabel_ifnet }, - { MAC_UPDATE_IPQ_FROM_FRAGMENT, - (macop_t)mac_test_update_ipq_from_fragment }, + { MAC_UPDATE_IPQ, + (macop_t)mac_test_update_ipq }, { MAC_CREATE_CRED, (macop_t)mac_test_create_cred }, { MAC_EXECVE_TRANSITION, ==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#135 (text+ko) ==== @@ -262,15 +262,14 @@ void mac_create_devfs_directory(char *dirname, int dirnamelen, struct devfs_dirent *de); void mac_create_devfs_vnode(struct devfs_dirent *de, struct vnode *vp); -void mac_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent, +void mac_create_vnode(struct ucred *cred, struct vnode *parent, struct vnode *child); void mac_create_mount(struct ucred *cred, struct mount *mp); void mac_create_root_mount(struct ucred *cred, struct mount *mp); void mac_relabel_vnode(struct ucred *cred, struct vnode *vp, struct label *newlabel); -void mac_update_devfsdirent_from_vnode(struct devfs_dirent *de, - struct vnode *vp); -void mac_update_procfsvnode_from_cred(struct vnode *vp, struct ucred *cred); +void mac_update_devfsdirent(struct devfs_dirent *de, struct vnode *vp); +void mac_update_procfsvnode(struct vnode *vp, struct ucred *cred); void mac_update_vnode_from_mount(struct vnode *vp, struct mount *mp); @@ -292,10 +291,9 @@ */ void mac_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d); >>> TRUNCATED FOR MAIL (1000 lines) <<< To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207291532.g6TFWxaw083092>