Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 8 Jul 2006 13:25:35 GMT
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 101000 for review
Message-ID:  <200607081325.k68DPZxY020837@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=101000

Change 101000 by rwatson@rwatson_zoo on 2006/07/08 13:24:40

	Rename.

Affected files ...

.. //depot/projects/trustedbsd/mac2/sys/security/mac_lomac/mac_lomac.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/mac2/sys/security/mac_lomac/mac_lomac.c#3 (text+ko) ====

@@ -49,7 +49,7 @@
 #include <sys/conf.h>
 #include <sys/extattr.h>
 #include <sys/kernel.h>
-#include <sys/mac.h>
+#include <sys/mac_framework.h>
 #include <sys/malloc.h>
 #include <sys/mman.h>
 #include <sys/mount.h>
@@ -635,7 +635,7 @@
 }
 
 static void
-mac_lomac_init_proc_label(struct label *label)
+mac_lomac_proc_init_label(struct label *label)
 {
 
 	PSLOT_SET(label, malloc(sizeof(struct mac_lomac_proc), M_MACLOMAC,
@@ -652,7 +652,7 @@
 }
 
 static void
-mac_lomac_destroy_proc_label(struct label *label)
+mac_lomac_proc_destroy_label(struct label *label)
 {
 
 	mtx_destroy(&PSLOT(label)->mtx);
@@ -905,7 +905,7 @@
  * a lot like file system objects.
  */
 static void
-mac_lomac_create_devfs_device(struct ucred *cred, struct mount *mp,
+mac_lomac_devfs_create_device(struct ucred *cred, struct mount *mp,
     struct cdev *dev, struct devfs_dirent *devfs_dirent, struct label *label)
 {
 	struct mac_lomac *mac_lomac;
@@ -928,7 +928,7 @@
 }
 
 static void
-mac_lomac_create_devfs_directory(struct mount *mp, char *dirname,
+mac_lomac_devfs_create_directory(struct mount *mp, char *dirname,
     int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label)
 {
 	struct mac_lomac *mac_lomac;
@@ -938,7 +938,7 @@
 }
 
 static void
-mac_lomac_create_devfs_symlink(struct ucred *cred, struct mount *mp,
+mac_lomac_devfs_create_symlink(struct ucred *cred, struct mount *mp,
     struct devfs_dirent *dd, struct label *ddlabel, struct devfs_dirent *de,
     struct label *delabel)
 {
@@ -951,7 +951,7 @@
 }
 
 static void
-mac_lomac_create_mount(struct ucred *cred, struct mount *mp,
+mac_lomac_mount_create(struct ucred *cred, struct mount *mp,
     struct label *mntlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -962,7 +962,7 @@
 }
 
 static void
-mac_lomac_relabel_vnode(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_relabel(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct label *label)
 {
 	struct mac_lomac *source, *dest;
@@ -974,7 +974,7 @@
 }
 
 static void
-mac_lomac_update_devfsdirent(struct mount *mp,
+mac_lomac_devfs_update(struct mount *mp,
     struct devfs_dirent *devfs_dirent, struct label *direntlabel,
     struct vnode *vp, struct label *vnodelabel)
 {
@@ -987,7 +987,7 @@
 }
 
 static void
-mac_lomac_associate_vnode_devfs(struct mount *mp, struct label *mntlabel,
+mac_lomac_devfs_vnode_associate(struct mount *mp, struct label *mntlabel,
     struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
     struct label *vlabel)
 {
@@ -1000,7 +1000,7 @@
 }
 
 static int
-mac_lomac_associate_vnode_extattr(struct mount *mp, struct label *mntlabel,
+mac_lomac_vnode_associate_extattr(struct mount *mp, struct label *mntlabel,
     struct vnode *vp, struct label *vlabel)
 {
 	struct mac_lomac temp, *source, *dest;
@@ -1023,7 +1023,7 @@
 
 	if (buflen != sizeof(temp)) {
 		if (buflen != sizeof(temp) - sizeof(temp.ml_auxsingle)) {
-			printf("mac_lomac_associate_vnode_extattr: bad size %d\n",
+			printf("mac_lomac_vnode_associate_extattr: bad size %d\n",
 			    buflen);
 			return (EPERM);
 		}
@@ -1034,11 +1034,11 @@
 		    buflen, (char *)&temp, curthread);
 	}
 	if (mac_lomac_valid(&temp) != 0) {
-		printf("mac_lomac_associate_vnode_extattr: invalid\n");
+		printf("mac_lomac_vnode_associate_extattr: invalid\n");
 		return (EPERM);
 	}
 	if ((temp.ml_flags & MAC_LOMAC_FLAGS_BOTH) != MAC_LOMAC_FLAG_SINGLE) {
-		printf("mac_lomac_associate_vnode_extattr: not single\n");
+		printf("mac_lomac_vnode_associate_extattr: not single\n");
 		return (EPERM);
 	}
 
@@ -1047,7 +1047,7 @@
 }
 
 static void
-mac_lomac_associate_vnode_singlelabel(struct mount *mp,
+mac_lomac_vnode_associate_singlelabel(struct mount *mp,
     struct label *mntlabel, struct vnode *vp, struct label *vlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1059,7 +1059,7 @@
 }
 
 static int
-mac_lomac_create_vnode_extattr(struct ucred *cred, struct mount *mp,
+mac_lomac_vnode_create_extattr(struct ucred *cred, struct mount *mp,
     struct label *mntlabel, struct vnode *dvp, struct label *dlabel,
     struct vnode *vp, struct label *vlabel, struct componentname *cnp)
 {
@@ -1089,7 +1089,7 @@
 }
 
 static int
-mac_lomac_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp,
     struct label *vlabel, struct label *intlabel)
 {
 	struct mac_lomac *source, temp;
@@ -1113,7 +1113,7 @@
  * Labeling event operations: IPC object.
  */
 static void
-mac_lomac_create_inpcb_from_socket(struct socket *so, struct label *solabel,
+mac_lomac_inpcb_create(struct socket *so, struct label *solabel,
     struct inpcb *inp, struct label *inplabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1125,7 +1125,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_from_socket(struct socket *so, struct label *socketlabel,
+mac_lomac_socket_create_mbuf(struct socket *so, struct label *socketlabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1137,7 +1137,7 @@
 }
 
 static void
-mac_lomac_create_socket(struct ucred *cred, struct socket *socket,
+mac_lomac_socket_create(struct ucred *cred, struct socket *socket,
     struct label *socketlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1149,7 +1149,7 @@
 }
 
 static void
-mac_lomac_create_pipe(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_create(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1161,7 +1161,7 @@
 }
 
 static void
-mac_lomac_create_socket_from_socket(struct socket *oldsocket,
+mac_lomac_socket_accept(struct socket *oldsocket,
     struct label *oldsocketlabel, struct socket *newsocket,
     struct label *newsocketlabel)
 {
@@ -1174,7 +1174,7 @@
 }
 
 static void
-mac_lomac_relabel_socket(struct ucred *cred, struct socket *socket,
+mac_lomac_socket_relabel(struct ucred *cred, struct socket *socket,
     struct label *socketlabel, struct label *newlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1186,7 +1186,7 @@
 }
 
 static void
-mac_lomac_relabel_pipe(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_relabel(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel, struct label *newlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1198,7 +1198,7 @@
 }
 
 static void
-mac_lomac_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel,
+mac_lomac_socket_peer_set_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel,
     struct socket *socket, struct label *socketpeerlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1213,7 +1213,7 @@
  * Labeling event operations: network objects.
  */
 static void
-mac_lomac_set_socket_peer_from_socket(struct socket *oldsocket,
+mac_lomac_socket_peer_set_from_socket(struct socket *oldsocket,
     struct label *oldsocketlabel, struct socket *newsocket,
     struct label *newsocketpeerlabel)
 {
@@ -1226,7 +1226,7 @@
 }
 
 static void
-mac_lomac_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d,
+mac_lomac_bpfdesc_create(struct ucred *cred, struct bpf_d *bpf_d,
     struct label *bpflabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1238,7 +1238,7 @@
 }
 
 static void
-mac_lomac_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
+mac_lomac_ifnet_create(struct ifnet *ifnet, struct label *ifnetlabel)
 {
 	char tifname[IFNAMSIZ], *p, *q;
 	char tiflist[sizeof(trusted_interfaces)];
@@ -1296,7 +1296,7 @@
 }
 
 static void
-mac_lomac_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+mac_lomac_ipq_create(struct mbuf *fragment, struct label *fragmentlabel,
     struct ipq *ipq, struct label *ipqlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1308,7 +1308,7 @@
 }
 
 static void
-mac_lomac_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel,
+mac_lomac_ipq_reassemble(struct ipq *ipq, struct label *ipqlabel,
     struct mbuf *datagram, struct label *datagramlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1321,7 +1321,7 @@
 }
 
 static void
-mac_lomac_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+mac_lomac_netinet_fragment(struct mbuf *datagram, struct label *datagramlabel,
     struct mbuf *fragment, struct label *fragmentlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1333,7 +1333,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel,
+mac_lomac_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel,
     struct mbuf *m, struct label *mlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1345,7 +1345,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_lomac_mbuf_create_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
     struct mbuf *mbuf, struct label *mbuflabel)
 {
 	struct mac_lomac *dest;
@@ -1356,7 +1356,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel,
+mac_lomac_bpfdesc_create_mbuf(struct bpf_d *bpf_d, struct label *bpflabel,
     struct mbuf *mbuf, struct label *mbuflabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1368,7 +1368,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_lomac_ifnet_create_mbuf(struct ifnet *ifnet, struct label *ifnetlabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1380,7 +1380,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_multicast_encap(struct mbuf *oldmbuf,
+mac_lomac_mbuf_create_multicast_encap(struct mbuf *oldmbuf,
     struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel,
     struct mbuf *newmbuf, struct label *newmbuflabel)
 {
@@ -1393,7 +1393,7 @@
 }
 
 static void
-mac_lomac_create_mbuf_netlayer(struct mbuf *oldmbuf, struct label *oldmbuflabel,
+mac_lomac_mbuf_create_netlayer(struct mbuf *oldmbuf, struct label *oldmbuflabel,
     struct mbuf *newmbuf, struct label *newmbuflabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1405,7 +1405,7 @@
 }
 
 static int
-mac_lomac_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+mac_lomac_ipq_match(struct mbuf *fragment, struct label *fragmentlabel,
     struct ipq *ipq, struct label *ipqlabel)
 {
 	struct mac_lomac *a, *b;
@@ -1417,7 +1417,7 @@
 }
 
 static void
-mac_lomac_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet,
+mac_lomac_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet,
     struct label *ifnetlabel, struct label *newlabel)
 {
 	struct mac_lomac *source, *dest;
@@ -1429,7 +1429,7 @@
 }
 
 static void
-mac_lomac_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+mac_lomac_ipq_update(struct mbuf *fragment, struct label *fragmentlabel,
     struct ipq *ipq, struct label *ipqlabel)
 {
 
@@ -1452,7 +1452,7 @@
  * Labeling event operations: processes.
  */
 static void
-mac_lomac_execve_transition(struct ucred *old, struct ucred *new,
+mac_lomac_vnode_execve_transition(struct ucred *old, struct ucred *new,
     struct vnode *vp, struct label *vnodelabel,
     struct label *interpvnodelabel, struct image_params *imgp,
     struct label *execlabel)
@@ -1489,7 +1489,7 @@
 }
 
 static int
-mac_lomac_execve_will_transition(struct ucred *old, struct vnode *vp,
+mac_lomac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
     struct label *vnodelabel, struct label *interpvnodelabel,
     struct image_params *imgp, struct label *execlabel)
 {
@@ -1509,7 +1509,7 @@
 }
 
 static void
-mac_lomac_create_proc0(struct ucred *cred)
+mac_lomac_proc_create_swapper(struct ucred *cred)
 {
 	struct mac_lomac *dest;
 
@@ -1521,7 +1521,7 @@
 }
 
 static void
-mac_lomac_create_proc1(struct ucred *cred)
+mac_lomac_proc_create_init(struct ucred *cred)
 {
 	struct mac_lomac *dest;
 
@@ -1533,7 +1533,7 @@
 }
 
 static void
-mac_lomac_relabel_cred(struct ucred *cred, struct label *newlabel)
+mac_lomac_cred_relabel(struct ucred *cred, struct label *newlabel)
 {
 	struct mac_lomac *source, *dest;
 
@@ -1547,7 +1547,7 @@
  * Access control checks.
  */
 static int
-mac_lomac_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel,
+mac_lomac_bpfdesc_check_receive(struct bpf_d *bpf_d, struct label *bpflabel,
     struct ifnet *ifnet, struct label *ifnetlabel)
 {
 	struct mac_lomac *a, *b;
@@ -1564,7 +1564,7 @@
 }
 
 static int
-mac_lomac_check_cred_relabel(struct ucred *cred, struct label *newlabel)
+mac_lomac_cred_check_relabel(struct ucred *cred, struct label *newlabel)
 {
 	struct mac_lomac *subj, *new;
 	int error;
@@ -1630,7 +1630,7 @@
 }
 
 static int
-mac_lomac_check_cred_visible(struct ucred *u1, struct ucred *u2)
+mac_lomac_cred_check_visible(struct ucred *u1, struct ucred *u2)
 {
 	struct mac_lomac *subj, *obj;
 
@@ -1648,7 +1648,7 @@
 }
 
 static int
-mac_lomac_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet,
+mac_lomac_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifnet,
     struct label *ifnetlabel, struct label *newlabel)
 {
 	struct mac_lomac *subj, *new;
@@ -1703,7 +1703,7 @@
 }
 
 static int
-mac_lomac_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_lomac_ifnet_check_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 	struct mac_lomac *p, *i;
@@ -1718,7 +1718,7 @@
 }
 
 static int
-mac_lomac_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel,
+mac_lomac_inpcb_check_deliver(struct inpcb *inp, struct label *inplabel,
     struct mbuf *m, struct label *mlabel)
 {
 	struct mac_lomac *p, *i;
@@ -1733,7 +1733,7 @@
 }
 
 static int
-mac_lomac_check_kld_load(struct ucred *cred, struct vnode *vp,
+mac_lomac_kld_check_load(struct ucred *cred, struct vnode *vp,
     struct label *label)
 {
 	struct mac_lomac *subj, *obj;
@@ -1754,7 +1754,7 @@
 }
 
 static int
-mac_lomac_check_kld_unload(struct ucred *cred)
+mac_lomac_kld_check_unload(struct ucred *cred)
 {
 	struct mac_lomac *subj;
 
@@ -1770,7 +1770,7 @@
 }
 
 static int
-mac_lomac_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_check_ioctl(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data)
 {
 
@@ -1783,7 +1783,7 @@
 }
 
 static int
-mac_lomac_check_pipe_read(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_check_read(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel)
 {
 	struct mac_lomac *subj, *obj;
@@ -1801,7 +1801,7 @@
 }
 
 static int
-mac_lomac_check_pipe_relabel(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_check_relabel(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel, struct label *newlabel)
 {
 	struct mac_lomac *subj, *obj, *new;
@@ -1852,7 +1852,7 @@
 }
 
 static int
-mac_lomac_check_pipe_write(struct ucred *cred, struct pipepair *pp,
+mac_lomac_pipe_check_write(struct ucred *cred, struct pipepair *pp,
     struct label *pipelabel)
 {
 	struct mac_lomac *subj, *obj;
@@ -1870,7 +1870,7 @@
 }
 
 static int
-mac_lomac_check_proc_debug(struct ucred *cred, struct proc *proc)
+mac_lomac_proc_check_debug(struct ucred *cred, struct proc *proc)
 {
 	struct mac_lomac *subj, *obj;
 
@@ -1890,7 +1890,7 @@
 }
 
 static int
-mac_lomac_check_proc_sched(struct ucred *cred, struct proc *proc)
+mac_lomac_proc_check_sched(struct ucred *cred, struct proc *proc)
 {
 	struct mac_lomac *subj, *obj;
 
@@ -1910,7 +1910,7 @@
 }
 
 static int
-mac_lomac_check_proc_signal(struct ucred *cred, struct proc *proc, int signum)
+mac_lomac_proc_check_signal(struct ucred *cred, struct proc *proc, int signum)
 {
 	struct mac_lomac *subj, *obj;
 
@@ -1930,7 +1930,7 @@
 }
 
 static int
-mac_lomac_check_socket_deliver(struct socket *so, struct label *socketlabel,
+mac_lomac_socket_check_deliver(struct socket *so, struct label *socketlabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 	struct mac_lomac *p, *s;
@@ -1945,7 +1945,7 @@
 }
 
 static int
-mac_lomac_check_socket_relabel(struct ucred *cred, struct socket *socket,
+mac_lomac_socket_check_relabel(struct ucred *cred, struct socket *socket,
     struct label *socketlabel, struct label *newlabel)
 {
 	struct mac_lomac *subj, *obj, *new;
@@ -1996,7 +1996,7 @@
 }
 
 static int
-mac_lomac_check_socket_visible(struct ucred *cred, struct socket *socket,
+mac_lomac_socket_check_visible(struct ucred *cred, struct socket *socket,
     struct label *socketlabel)
 {
 	struct mac_lomac *subj, *obj;
@@ -2014,7 +2014,7 @@
 }
 
 static int
-mac_lomac_check_system_swapon(struct ucred *cred, struct vnode *vp,
+mac_lomac_system_check_swapon(struct ucred *cred, struct vnode *vp,
     struct label *label)
 {
 	struct mac_lomac *subj, *obj;
@@ -2035,7 +2035,7 @@
 }
 
 static int
-mac_lomac_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
+mac_lomac_system_check_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
     void *arg1, int arg2, struct sysctl_req *req)
 {
 	struct mac_lomac *subj;
@@ -2063,7 +2063,7 @@
 }
 
 static int
-mac_lomac_check_vnode_create(struct ucred *cred, struct vnode *dvp,
+mac_lomac_vnode_check_create(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct componentname *cnp, struct vattr *vap)
 {
 	struct mac_lomac *subj, *obj;
@@ -2084,7 +2084,7 @@
 }
 
 static int
-mac_lomac_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
+mac_lomac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct vnode *vp, struct label *label,
     struct componentname *cnp)
 {
@@ -2108,7 +2108,7 @@
 }
 
 static int
-mac_lomac_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_deleteacl(struct ucred *cred, struct vnode *vp,
     struct label *label, acl_type_t type)
 {
 	struct mac_lomac *subj, *obj;
@@ -2126,7 +2126,7 @@
 }
 
 static int
-mac_lomac_check_vnode_link(struct ucred *cred, struct vnode *dvp,
+mac_lomac_vnode_check_link(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct vnode *vp, struct label *label,
     struct componentname *cnp)
 {
@@ -2150,7 +2150,7 @@
 }
 
 static int
-mac_lomac_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_mmap(struct ucred *cred, struct vnode *vp,
     struct label *label, int prot, int flags)
 {
 	struct mac_lomac *subj, *obj;
@@ -2178,7 +2178,7 @@
 }
 
 static void
-mac_lomac_check_vnode_mmap_downgrade(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp,
     struct label *label, /* XXX vm_prot_t */ int *prot)
 {
 	struct mac_lomac *subj, *obj;
@@ -2198,7 +2198,7 @@
 }
 
 static int
-mac_lomac_check_vnode_open(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_open(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, int acc_mode)
 {
 	struct mac_lomac *subj, *obj;
@@ -2219,7 +2219,7 @@
 }
 
 static int
-mac_lomac_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
+mac_lomac_vnode_check_read(struct ucred *active_cred, struct ucred *file_cred,
     struct vnode *vp, struct label *label)
 {
 	struct mac_lomac *subj, *obj;
@@ -2237,7 +2237,7 @@
 }
 
 static int
-mac_lomac_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_relabel(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct label *newlabel)
 {
 	struct mac_lomac *old, *new, *subj;
@@ -2313,7 +2313,7 @@
 }
 
 static int
-mac_lomac_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
+mac_lomac_vnode_check_rename_from(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct vnode *vp, struct label *label,
     struct componentname *cnp)
 {
@@ -2337,7 +2337,7 @@
 }
 
 static int
-mac_lomac_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
+mac_lomac_vnode_check_rename_to(struct ucred *cred, struct vnode *dvp,
     struct label *dlabel, struct vnode *vp, struct label *label, int samedir,
     struct componentname *cnp)
 {
@@ -2363,7 +2363,7 @@
 }
 
 static int
-mac_lomac_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_revoke(struct ucred *cred, struct vnode *vp,
     struct label *label)
 {
 	struct mac_lomac *subj, *obj;
@@ -2381,7 +2381,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setacl(struct ucred *cred, struct vnode *vp,
     struct label *label, acl_type_t type, struct acl *acl)
 {
 	struct mac_lomac *subj, *obj;
@@ -2399,7 +2399,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setextattr(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, int attrnamespace, const char *name,
     struct uio *uio)
 {
@@ -2420,7 +2420,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setflags(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, u_long flags)
 {
 	struct mac_lomac *subj, *obj;
@@ -2438,7 +2438,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setmode(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, mode_t mode)
 {
 	struct mac_lomac *subj, *obj;
@@ -2456,7 +2456,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setowner(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, uid_t uid, gid_t gid)
 {
 	struct mac_lomac *subj, *obj;
@@ -2474,7 +2474,7 @@
 }
 
 static int
-mac_lomac_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
+mac_lomac_vnode_check_setutimes(struct ucred *cred, struct vnode *vp,
     struct label *vnodelabel, struct timespec atime, struct timespec mtime)
 {
 	struct mac_lomac *subj, *obj;
@@ -2492,7 +2492,7 @@
 }
 
 static int
-mac_lomac_check_vnode_write(struct ucred *active_cred,
+mac_lomac_vnode_check_write(struct ucred *active_cred,
     struct ucred *file_cred, struct vnode *vp, struct label *label)
 {
 	struct mac_lomac *subj, *obj;
@@ -2558,132 +2558,132 @@
 static struct mac_policy_ops mac_lomac_ops =
 {
 	.mpo_policy_init = mac_lomac_policy_init,
-	.mpo_init_bpfdesc_label = mac_lomac_init_label,
-	.mpo_init_cred_label = mac_lomac_init_label,
-	.mpo_init_devfsdirent_label = mac_lomac_init_label,
-	.mpo_init_ifnet_label = mac_lomac_init_label,
-	.mpo_init_inpcb_label = mac_lomac_init_label_waitcheck,
-	.mpo_init_ipq_label = mac_lomac_init_label_waitcheck,
-	.mpo_init_mbuf_label = mac_lomac_init_label_waitcheck,
-	.mpo_init_mount_label = mac_lomac_init_label,
-	.mpo_init_pipe_label = mac_lomac_init_label,
-	.mpo_init_proc_label = mac_lomac_init_proc_label,
-	.mpo_init_socket_label = mac_lomac_init_label_waitcheck,
-	.mpo_init_socket_peer_label = mac_lomac_init_label_waitcheck,
-	.mpo_init_vnode_label = mac_lomac_init_label,
-	.mpo_destroy_bpfdesc_label = mac_lomac_destroy_label,
-	.mpo_destroy_cred_label = mac_lomac_destroy_label,
-	.mpo_destroy_devfsdirent_label = mac_lomac_destroy_label,
-	.mpo_destroy_ifnet_label = mac_lomac_destroy_label,
-	.mpo_destroy_inpcb_label = mac_lomac_destroy_label,
-	.mpo_destroy_ipq_label = mac_lomac_destroy_label,
-	.mpo_destroy_mbuf_label = mac_lomac_destroy_label,
-	.mpo_destroy_mount_label = mac_lomac_destroy_label,
-	.mpo_destroy_pipe_label = mac_lomac_destroy_label,
-	.mpo_destroy_proc_label = mac_lomac_destroy_proc_label,
-	.mpo_destroy_socket_label = mac_lomac_destroy_label,
-	.mpo_destroy_socket_peer_label = mac_lomac_destroy_label,
-	.mpo_destroy_vnode_label = mac_lomac_destroy_label,
-	.mpo_copy_cred_label = mac_lomac_copy_label,
-	.mpo_copy_ifnet_label = mac_lomac_copy_label,
-	.mpo_copy_mbuf_label = mac_lomac_copy_label,
-	.mpo_copy_pipe_label = mac_lomac_copy_label,
-	.mpo_copy_socket_label = mac_lomac_copy_label,
-	.mpo_copy_vnode_label = mac_lomac_copy_label,
-	.mpo_externalize_cred_label = mac_lomac_externalize_label,
-	.mpo_externalize_ifnet_label = mac_lomac_externalize_label,
-	.mpo_externalize_pipe_label = mac_lomac_externalize_label,
-	.mpo_externalize_socket_label = mac_lomac_externalize_label,
-	.mpo_externalize_socket_peer_label = mac_lomac_externalize_label,
-	.mpo_externalize_vnode_label = mac_lomac_externalize_label,
-	.mpo_internalize_cred_label = mac_lomac_internalize_label,
-	.mpo_internalize_ifnet_label = mac_lomac_internalize_label,
-	.mpo_internalize_pipe_label = mac_lomac_internalize_label,
-	.mpo_internalize_socket_label = mac_lomac_internalize_label,
-	.mpo_internalize_vnode_label = mac_lomac_internalize_label,
-	.mpo_create_devfs_device = mac_lomac_create_devfs_device,
-	.mpo_create_devfs_directory = mac_lomac_create_devfs_directory,
-	.mpo_create_devfs_symlink = mac_lomac_create_devfs_symlink,
-	.mpo_create_mount = mac_lomac_create_mount,
-	.mpo_relabel_vnode = mac_lomac_relabel_vnode,
-	.mpo_update_devfsdirent = mac_lomac_update_devfsdirent,
-	.mpo_associate_vnode_devfs = mac_lomac_associate_vnode_devfs,
-	.mpo_associate_vnode_extattr = mac_lomac_associate_vnode_extattr,
-	.mpo_associate_vnode_singlelabel =
-	    mac_lomac_associate_vnode_singlelabel,
-	.mpo_create_vnode_extattr = mac_lomac_create_vnode_extattr,
-	.mpo_setlabel_vnode_extattr = mac_lomac_setlabel_vnode_extattr,
-	.mpo_create_mbuf_from_socket = mac_lomac_create_mbuf_from_socket,
-	.mpo_create_pipe = mac_lomac_create_pipe,
-	.mpo_create_socket = mac_lomac_create_socket,
-	.mpo_create_socket_from_socket = mac_lomac_create_socket_from_socket,
-	.mpo_relabel_pipe = mac_lomac_relabel_pipe,
-	.mpo_relabel_socket = mac_lomac_relabel_socket,
-	.mpo_set_socket_peer_from_mbuf = mac_lomac_set_socket_peer_from_mbuf,
-	.mpo_set_socket_peer_from_socket =
-	    mac_lomac_set_socket_peer_from_socket,
-	.mpo_create_bpfdesc = mac_lomac_create_bpfdesc,
-	.mpo_create_datagram_from_ipq = mac_lomac_create_datagram_from_ipq,
-	.mpo_create_fragment = mac_lomac_create_fragment,
-	.mpo_create_ifnet = mac_lomac_create_ifnet,
-	.mpo_create_inpcb_from_socket = mac_lomac_create_inpcb_from_socket,
-	.mpo_create_ipq = mac_lomac_create_ipq,
-	.mpo_create_mbuf_from_inpcb = mac_lomac_create_mbuf_from_inpcb,
-	.mpo_create_mbuf_linklayer = mac_lomac_create_mbuf_linklayer,
-	.mpo_create_mbuf_from_bpfdesc = mac_lomac_create_mbuf_from_bpfdesc,
-	.mpo_create_mbuf_from_ifnet = mac_lomac_create_mbuf_from_ifnet,
-	.mpo_create_mbuf_multicast_encap =
-	    mac_lomac_create_mbuf_multicast_encap,
-	.mpo_create_mbuf_netlayer = mac_lomac_create_mbuf_netlayer,
-	.mpo_fragment_match = mac_lomac_fragment_match,
-	.mpo_relabel_ifnet = mac_lomac_relabel_ifnet,
-	.mpo_update_ipq = mac_lomac_update_ipq,
+	.mpo_bpfdesc_init_label = mac_lomac_init_label,
+	.mpo_cred_init_label = mac_lomac_init_label,
+	.mpo_devfs_init_label = mac_lomac_init_label,
+	.mpo_ifnet_init_label = mac_lomac_init_label,
+	.mpo_inpcb_init_label = mac_lomac_init_label_waitcheck,
+	.mpo_ipq_init_label = mac_lomac_init_label_waitcheck,
+	.mpo_mbuf_init_label = mac_lomac_init_label_waitcheck,
+	.mpo_mount_init_label = mac_lomac_init_label,
+	.mpo_pipe_init_label = mac_lomac_init_label,
+	.mpo_proc_init_label = mac_lomac_proc_init_label,
+	.mpo_socket_init_label = mac_lomac_init_label_waitcheck,
+	.mpo_socket_peer_init_label = mac_lomac_init_label_waitcheck,
+	.mpo_vnode_init_label = mac_lomac_init_label,
+	.mpo_bpfdesc_destroy_label = mac_lomac_destroy_label,
+	.mpo_cred_destroy_label = mac_lomac_destroy_label,
+	.mpo_devfs_destroy_label = mac_lomac_destroy_label,
+	.mpo_ifnet_destroy_label = mac_lomac_destroy_label,
+	.mpo_inpcb_destroy_label = mac_lomac_destroy_label,
+	.mpo_ipq_destroy_label = mac_lomac_destroy_label,
+	.mpo_mbuf_destroy_label = mac_lomac_destroy_label,
+	.mpo_mount_destroy_label = mac_lomac_destroy_label,
+	.mpo_pipe_destroy_label = mac_lomac_destroy_label,
+	.mpo_proc_destroy_label = mac_lomac_proc_destroy_label,
+	.mpo_socket_destroy_label = mac_lomac_destroy_label,
+	.mpo_socket_peer_destroy_label = mac_lomac_destroy_label,
+	.mpo_vnode_destroy_label = mac_lomac_destroy_label,
+	.mpo_cred_copy_label = mac_lomac_copy_label,
+	.mpo_ifnet_copy_label = mac_lomac_copy_label,
+	.mpo_mbuf_copy_label = mac_lomac_copy_label,
+	.mpo_pipe_copy_label = mac_lomac_copy_label,
+	.mpo_socket_copy_label = mac_lomac_copy_label,
+	.mpo_vnode_copy_label = mac_lomac_copy_label,
+	.mpo_cred_externalize_label = mac_lomac_externalize_label,
+	.mpo_ifnet_externalize_label = mac_lomac_externalize_label,
+	.mpo_pipe_externalize_label = mac_lomac_externalize_label,
+	.mpo_socket_externalize_label = mac_lomac_externalize_label,
+	.mpo_socket_peer_externalize_label = mac_lomac_externalize_label,
+	.mpo_vnode_externalize_label = mac_lomac_externalize_label,
+	.mpo_cred_internalize_label = mac_lomac_internalize_label,
+	.mpo_ifnet_internalize_label = mac_lomac_internalize_label,
+	.mpo_pipe_internalize_label = mac_lomac_internalize_label,
+	.mpo_socket_internalize_label = mac_lomac_internalize_label,
+	.mpo_vnode_internalize_label = mac_lomac_internalize_label,
+	.mpo_devfs_create_device = mac_lomac_devfs_create_device,
+	.mpo_devfs_create_directory = mac_lomac_devfs_create_directory,
+	.mpo_devfs_create_symlink = mac_lomac_devfs_create_symlink,
+	.mpo_mount_create = mac_lomac_mount_create,
+	.mpo_vnode_relabel = mac_lomac_vnode_relabel,
+	.mpo_devfs_update = mac_lomac_devfs_update,
+	.mpo_devfs_vnode_associate = mac_lomac_devfs_vnode_associate,
+	.mpo_vnode_associate_extattr = mac_lomac_vnode_associate_extattr,
+	.mpo_vnode_associate_singlelabel =
+	    mac_lomac_vnode_associate_singlelabel,
+	.mpo_vnode_create_extattr = mac_lomac_vnode_create_extattr,
+	.mpo_vnode_setlabel_extattr = mac_lomac_vnode_setlabel_extattr,
+	.mpo_socket_create_mbuf = mac_lomac_socket_create_mbuf,
+	.mpo_pipe_create = mac_lomac_pipe_create,
+	.mpo_socket_create = mac_lomac_socket_create,
+	.mpo_socket_accept = mac_lomac_socket_accept,
+	.mpo_pipe_relabel = mac_lomac_pipe_relabel,
+	.mpo_socket_relabel = mac_lomac_socket_relabel,
+	.mpo_socket_peer_set_from_mbuf = mac_lomac_socket_peer_set_from_mbuf,
+	.mpo_socket_peer_set_from_socket =
+	    mac_lomac_socket_peer_set_from_socket,
+	.mpo_bpfdesc_create = mac_lomac_bpfdesc_create,
+	.mpo_ipq_reassemble = mac_lomac_ipq_reassemble,
+	.mpo_netinet_fragment = mac_lomac_netinet_fragment,
+	.mpo_ifnet_create = mac_lomac_ifnet_create,
+	.mpo_inpcb_create = mac_lomac_inpcb_create,
+	.mpo_ipq_create = mac_lomac_ipq_create,
+	.mpo_inpcb_create_mbuf = mac_lomac_inpcb_create_mbuf,
+	.mpo_mbuf_create_linklayer = mac_lomac_mbuf_create_linklayer,
+	.mpo_bpfdesc_create_mbuf = mac_lomac_bpfdesc_create_mbuf,
+	.mpo_ifnet_create_mbuf = mac_lomac_ifnet_create_mbuf,
+	.mpo_mbuf_create_multicast_encap =
+	    mac_lomac_mbuf_create_multicast_encap,
+	.mpo_mbuf_create_netlayer = mac_lomac_mbuf_create_netlayer,
+	.mpo_ipq_match = mac_lomac_ipq_match,
+	.mpo_ifnet_relabel = mac_lomac_ifnet_relabel,
+	.mpo_ipq_update = mac_lomac_ipq_update,
 	.mpo_inpcb_sosetlabel = mac_lomac_inpcb_sosetlabel,
-	.mpo_execve_transition = mac_lomac_execve_transition,
-	.mpo_execve_will_transition = mac_lomac_execve_will_transition,
-	.mpo_create_proc0 = mac_lomac_create_proc0,
-	.mpo_create_proc1 = mac_lomac_create_proc1,
-	.mpo_relabel_cred = mac_lomac_relabel_cred,
-	.mpo_check_bpfdesc_receive = mac_lomac_check_bpfdesc_receive,
-	.mpo_check_cred_relabel = mac_lomac_check_cred_relabel,
-	.mpo_check_cred_visible = mac_lomac_check_cred_visible,
-	.mpo_check_ifnet_relabel = mac_lomac_check_ifnet_relabel,
-	.mpo_check_ifnet_transmit = mac_lomac_check_ifnet_transmit,
-	.mpo_check_inpcb_deliver = mac_lomac_check_inpcb_deliver,
-	.mpo_check_kld_load = mac_lomac_check_kld_load,
-	.mpo_check_kld_unload = mac_lomac_check_kld_unload,
-	.mpo_check_pipe_ioctl = mac_lomac_check_pipe_ioctl,
-	.mpo_check_pipe_read = mac_lomac_check_pipe_read,
-	.mpo_check_pipe_relabel = mac_lomac_check_pipe_relabel,
-	.mpo_check_pipe_write = mac_lomac_check_pipe_write,
-	.mpo_check_proc_debug = mac_lomac_check_proc_debug,
-	.mpo_check_proc_sched = mac_lomac_check_proc_sched,
-	.mpo_check_proc_signal = mac_lomac_check_proc_signal,
-	.mpo_check_socket_deliver = mac_lomac_check_socket_deliver,
-	.mpo_check_socket_relabel = mac_lomac_check_socket_relabel,
-	.mpo_check_socket_visible = mac_lomac_check_socket_visible,
-	.mpo_check_system_swapon = mac_lomac_check_system_swapon,
-	.mpo_check_system_sysctl = mac_lomac_check_system_sysctl,
-	.mpo_check_vnode_access = mac_lomac_check_vnode_open,
-	.mpo_check_vnode_create = mac_lomac_check_vnode_create,
-	.mpo_check_vnode_delete = mac_lomac_check_vnode_delete,
-	.mpo_check_vnode_deleteacl = mac_lomac_check_vnode_deleteacl,
-	.mpo_check_vnode_link = mac_lomac_check_vnode_link,
-	.mpo_check_vnode_mmap = mac_lomac_check_vnode_mmap,
-	.mpo_check_vnode_mmap_downgrade = mac_lomac_check_vnode_mmap_downgrade,
-	.mpo_check_vnode_open = mac_lomac_check_vnode_open,
-	.mpo_check_vnode_read = mac_lomac_check_vnode_read,
-	.mpo_check_vnode_relabel = mac_lomac_check_vnode_relabel,
-	.mpo_check_vnode_rename_from = mac_lomac_check_vnode_rename_from,
-	.mpo_check_vnode_rename_to = mac_lomac_check_vnode_rename_to,
-	.mpo_check_vnode_revoke = mac_lomac_check_vnode_revoke,
-	.mpo_check_vnode_setacl = mac_lomac_check_vnode_setacl,
-	.mpo_check_vnode_setextattr = mac_lomac_check_vnode_setextattr,
-	.mpo_check_vnode_setflags = mac_lomac_check_vnode_setflags,
-	.mpo_check_vnode_setmode = mac_lomac_check_vnode_setmode,
-	.mpo_check_vnode_setowner = mac_lomac_check_vnode_setowner,
-	.mpo_check_vnode_setutimes = mac_lomac_check_vnode_setutimes,
-	.mpo_check_vnode_write = mac_lomac_check_vnode_write,
+	.mpo_vnode_execve_transition = mac_lomac_vnode_execve_transition,
+	.mpo_vnode_execve_will_transition = mac_lomac_vnode_execve_will_transition,
+	.mpo_proc_create_swapper = mac_lomac_proc_create_swapper,
+	.mpo_proc_create_init = mac_lomac_proc_create_init,
+	.mpo_cred_relabel = mac_lomac_cred_relabel,
+	.mpo_bpfdesc_check_receive = mac_lomac_bpfdesc_check_receive,
+	.mpo_cred_check_relabel = mac_lomac_cred_check_relabel,
+	.mpo_cred_check_visible = mac_lomac_cred_check_visible,
+	.mpo_ifnet_check_relabel = mac_lomac_ifnet_check_relabel,
+	.mpo_ifnet_check_transmit = mac_lomac_ifnet_check_transmit,
+	.mpo_inpcb_check_deliver = mac_lomac_inpcb_check_deliver,
+	.mpo_kld_check_load = mac_lomac_kld_check_load,
+	.mpo_kld_check_unload = mac_lomac_kld_check_unload,
+	.mpo_pipe_check_ioctl = mac_lomac_pipe_check_ioctl,
+	.mpo_pipe_check_read = mac_lomac_pipe_check_read,
+	.mpo_pipe_check_relabel = mac_lomac_pipe_check_relabel,
+	.mpo_pipe_check_write = mac_lomac_pipe_check_write,
+	.mpo_proc_check_debug = mac_lomac_proc_check_debug,
+	.mpo_proc_check_sched = mac_lomac_proc_check_sched,
+	.mpo_proc_check_signal = mac_lomac_proc_check_signal,
+	.mpo_socket_check_deliver = mac_lomac_socket_check_deliver,
+	.mpo_socket_check_relabel = mac_lomac_socket_check_relabel,
+	.mpo_socket_check_visible = mac_lomac_socket_check_visible,
+	.mpo_system_check_swapon = mac_lomac_system_check_swapon,
+	.mpo_system_check_sysctl = mac_lomac_system_check_sysctl,
+	.mpo_vnode_check_access = mac_lomac_vnode_check_open,

>>> TRUNCATED FOR MAIL (1000 lines) <<<



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200607081325.k68DPZxY020837>