PERFORCE change 15124 for review
Robert Watson
rwatson at freebsd.org
Mon Jul 29 15:32:59 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15124
Change 15124 by rwatson at rwatson_paprika on 2002/07/29 08:32:31
Various entry point naming simplifications:
mac_create_vnode_from_vnode -> mac_create_vnode
While there are other vnode creation events, this is
the standard entry point for creating a vnode, and vnodes
are always instantiated in the context of another vnode
(parent directory), so remove the from_vnode.
mac_create_ipq_from_fragment -> mac_create_ipq
IP reassembly queues are always created in the context
of an IP fragment, so remove explicit mention of that.
mac_create_fragment_from_datagram -> mac_create_fragment
IP fragments are always created in the context of an
IP datagram, so remove explicit mention of that.
mac_fragment_matches_ipq -> mac_fragment_match
IP fragment matching only occurs in the context of an
IP reassembly queue. Arguably it should be
mac_ipq_match, however.
mac_update_ipq_from_fragment -> mac_update_ipq
IP reassembly queues are only ever updated when a new
IP fragment arrives, so don't mention it explicitly.
mac_update_devfsdirent_from_vnode -> mac_update_devfsdirent
devfs directory entries are only ever updated from
vnodes, so don't explicitly mention it.
mac_update_procfsvnode_from_cred -> mac_update_procfsvnode
procfs entries are only ever updated from credentials
when handled explicitly as procfs entries, so don't
mention that. Procfs entries can be updated from
the mountpoint also, but in that context we use the
generic update_vnode_from_mount entry point.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#19 edit
.. //depot/projects/trustedbsd/mac/sys/fs/procfs/procfs_mac.c#6 edit
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#218 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#16 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#15 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#83 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#71 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#58 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#65 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#28 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac.h#135 edit
.. //depot/projects/trustedbsd/mac/sys/sys/mac_policy.h#100 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c#19 (text+ko) ====
@@ -823,7 +823,7 @@
de = vp->v_data;
mac_relabel_vnode(ap->a_cred, vp, ap->a_label);
- mac_update_devfsdirent_from_vnode(de, vp);
+ mac_update_devfsdirent(de, vp);
return (0);
}
@@ -862,8 +862,8 @@
TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list);
devfs_allocv(de, ap->a_dvp->v_mount, ap->a_vpp, 0);
#ifdef MAC
- mac_create_vnode_from_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp);
- mac_update_devfsdirent_from_vnode(de, *ap->a_vpp);
+ mac_create_vnode(ap->a_cnp->cn_cred, ap->a_dvp, *ap->a_vpp);
+ mac_update_devfsdirent(de, *ap->a_vpp);
#endif /* MAC */
lockmgr(&dmp->dm_lock, LK_RELEASE, 0, curthread);
return (0);
==== //depot/projects/trustedbsd/mac/sys/fs/procfs/procfs_mac.c#6 (text+ko) ====
@@ -60,7 +60,7 @@
mac_update_vnode_from_mount(vp, vp->v_mount);
else {
PROC_LOCK(p);
- mac_update_procfsvnode_from_cred(vp, p->p_ucred);
+ mac_update_procfsvnode(vp, p->p_ucred);
PROC_UNLOCK(p);
}
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#218 (text+ko) ====
@@ -482,8 +482,8 @@
mpc->mpc_ops->mpo_stdcreatevnode_ea =
mpe->mpe_function;
break;
- case MAC_CREATE_VNODE_FROM_VNODE:
- mpc->mpc_ops->mpo_create_vnode_from_vnode =
+ case MAC_CREATE_VNODE:
+ mpc->mpc_ops->mpo_create_vnode =
mpe->mpe_function;
break;
case MAC_CREATE_MOUNT:
@@ -498,12 +498,12 @@
mpc->mpc_ops->mpo_relabel_vnode =
mpe->mpe_function;
break;
- case MAC_UPDATE_DEVFSDIRENT_FROM_VNODE:
- mpc->mpc_ops->mpo_update_devfsdirent_from_vnode =
+ case MAC_UPDATE_DEVFSDIRENT:
+ mpc->mpc_ops->mpo_update_devfsdirent =
mpe->mpe_function;
break;
- case MAC_UPDATE_PROCFSVNODE_FROM_CRED:
- mpc->mpc_ops->mpo_update_procfsvnode_from_cred =
+ case MAC_UPDATE_PROCFSVNODE:
+ mpc->mpc_ops->mpo_update_procfsvnode =
mpe->mpe_function;
break;
case MAC_UPDATE_VNODE_FROM_EXTATTR:
@@ -558,16 +558,16 @@
mpc->mpc_ops->mpo_create_datagram_from_ipq =
mpe->mpe_function;
break;
- case MAC_CREATE_FRAGMENT_FROM_DATAGRAM:
- mpc->mpc_ops->mpo_create_fragment_from_datagram =
+ case MAC_CREATE_FRAGMENT:
+ mpc->mpc_ops->mpo_create_fragment =
mpe->mpe_function;
break;
case MAC_CREATE_IFNET:
mpc->mpc_ops->mpo_create_ifnet =
mpe->mpe_function;
break;
- case MAC_CREATE_IPQ_FROM_FRAGMENT:
- mpc->mpc_ops->mpo_create_ipq_from_fragment =
+ case MAC_CREATE_IPQ:
+ mpc->mpc_ops->mpo_create_ipq =
mpe->mpe_function;
break;
case MAC_CREATE_MBUF_FROM_MBUF:
@@ -594,16 +594,16 @@
mpc->mpc_ops->mpo_create_mbuf_netlayer_from_mbuf =
mpe->mpe_function;
break;
- case MAC_FRAGMENT_MATCHES_IPQ:
- mpc->mpc_ops->mpo_fragment_matches_ipq =
+ case MAC_FRAGMENT_MATCH:
+ mpc->mpc_ops->mpo_fragment_match =
mpe->mpe_function;
break;
case MAC_RELABEL_IFNET:
mpc->mpc_ops->mpo_relabel_ifnet =
mpe->mpe_function;
break;
- case MAC_UPDATE_IPQ_FROM_FRAGMENT:
- mpc->mpc_ops->mpo_update_ipq_from_fragment =
+ case MAC_UPDATE_IPQ:
+ mpc->mpc_ops->mpo_update_ipq =
mpe->mpe_function;
break;
case MAC_CREATE_CRED:
@@ -924,18 +924,17 @@
}
void
-mac_update_devfsdirent_from_vnode(struct devfs_dirent *de, struct vnode *vp)
+mac_update_devfsdirent(struct devfs_dirent *de, struct vnode *vp)
{
- MAC_PERFORM(update_devfsdirent_from_vnode, de, &de->de_label, vp,
- &vp->v_label);
+ MAC_PERFORM(update_devfsdirent, de, &de->de_label, vp, &vp->v_label);
}
void
-mac_update_procfsvnode_from_cred(struct vnode *vp, struct ucred *cred)
+mac_update_procfsvnode(struct vnode *vp, struct ucred *cred)
{
- MAC_PERFORM(update_procfsvnode_from_cred, vp, &vp->v_label, cred);
+ MAC_PERFORM(update_procfsvnode, vp, &vp->v_label, cred);
}
/*
@@ -1138,7 +1137,7 @@
* happen except in fairly unusual circumstances (out
* of disk, etc).
*/
- mac_create_vnode_from_vnode(cred, dvp, tvp);
+ mac_create_vnode(cred, dvp, tvp);
error = mac_stdcreatevnode_ea(tvp);
if (error)
@@ -2244,19 +2243,19 @@
}
void
-mac_create_fragment_from_datagram(struct mbuf *datagram, struct mbuf *fragment)
+mac_create_fragment(struct mbuf *datagram, struct mbuf *fragment)
{
- MAC_PERFORM(create_fragment_from_datagram, datagram,
- &datagram->m_pkthdr.label, fragment, &fragment->m_pkthdr.label);
+ MAC_PERFORM(create_fragment, datagram, &datagram->m_pkthdr.label,
+ fragment, &fragment->m_pkthdr.label);
}
void
-mac_create_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq)
+mac_create_ipq(struct mbuf *fragment, struct ipq *ipq)
{
- MAC_PERFORM(create_ipq_from_fragment, fragment,
- &fragment->m_pkthdr.label, ipq, &ipq->ipq_label);
+ MAC_PERFORM(create_ipq, fragment, &fragment->m_pkthdr.label, ipq,
+ &ipq->ipq_label);
}
void
@@ -2310,23 +2309,23 @@
}
int
-mac_fragment_matches_ipq(struct mbuf *fragment, struct ipq *ipq)
+mac_fragment_match(struct mbuf *fragment, struct ipq *ipq)
{
int result;
result = 1;
- MAC_BOOLEAN(fragment_matches_ipq, &&, fragment,
- &fragment->m_pkthdr.label, ipq, &ipq->ipq_label);
+ MAC_BOOLEAN(fragment_match, &&, fragment, &fragment->m_pkthdr.label,
+ ipq, &ipq->ipq_label);
return (result);
}
void
-mac_update_ipq_from_fragment(struct mbuf *fragment, struct ipq *ipq)
+mac_update_ipq(struct mbuf *fragment, struct ipq *ipq)
{
- MAC_PERFORM(update_ipq_from_fragment, fragment,
- &fragment->m_pkthdr.label, ipq, &ipq->ipq_label);
+ MAC_PERFORM(update_ipq, fragment, &fragment->m_pkthdr.label, ipq,
+ &ipq->ipq_label);
}
void
@@ -2662,23 +2661,23 @@
* When a new vnode is created, this call will initialize its label.
*/
void
-mac_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
+mac_create_vnode(struct ucred *cred, struct vnode *parent,
struct vnode *child)
{
int error;
- ASSERT_VOP_LOCKED(parent, "mac_create_vnode_from_vnode");
- ASSERT_VOP_LOCKED(child, "mac_create_vnode_from_vnode");
+ ASSERT_VOP_LOCKED(parent, "mac_create_vnode");
+ ASSERT_VOP_LOCKED(child, "mac_create_vnode");
error = vn_refreshlabel(parent, cred);
if (error) {
- printf("mac_create_vnode_from_vnode: vn_refreshlabel returned"
- " %d\n", error);
- printf("mac_create_vnode_from_vnode: using old vnode label\n");
+ printf("mac_create_vnode: vn_refreshlabel returned %d\n",
+ error);
+ printf("mac_create_vnode: using old vnode label\n");
}
- MAC_PERFORM(create_vnode_from_vnode, cred, parent, &parent->v_label,
- child, &child->v_label);
+ MAC_PERFORM(create_vnode, cred, parent, &parent->v_label, child,
+ &child->v_label);
}
int
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#16 (text+ko) ====
@@ -696,7 +696,7 @@
ip->ip_src.s_addr == fp->ipq_src.s_addr &&
ip->ip_dst.s_addr == fp->ipq_dst.s_addr &&
#ifdef MAC
- mac_fragment_matches_ipq(m, fp) &&
+ mac_fragment_match(m, fp) &&
#endif
ip->ip_p == fp->ipq_p)
goto found;
@@ -909,7 +909,7 @@
fp = mtod(t, struct ipq *);
#ifdef MAC
mac_init_ipq(fp);
- mac_create_ipq_from_fragment(m, fp);
+ mac_create_ipq(m, fp);
#endif
TAILQ_INSERT_HEAD(head, fp, ipq_list);
nipq++;
@@ -927,7 +927,7 @@
goto inserted;
} else {
#ifdef MAC
- mac_update_ipq_from_fragment(m, fp);
+ mac_update_ipq(m, fp);
#endif
}
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#15 (text+ko) ====
@@ -1004,7 +1004,7 @@
m->m_pkthdr.len = mhlen + len;
m->m_pkthdr.rcvif = (struct ifnet *)0;
#ifdef MAC
- mac_create_fragment_from_datagram(m0, m);
+ mac_create_fragment(m0, m);
#endif
m->m_pkthdr.csum_flags = m0->m_pkthdr.csum_flags;
mhip->ip_off = htons(mhip->ip_off);
==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#83 (text+ko) ====
@@ -661,9 +661,8 @@
}
static void
-mac_biba_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
- struct label *parentlabel, struct vnode *child,
- struct label *childlabel)
+mac_biba_create_vnode(struct ucred *cred, struct vnode *parent,
+ struct label *parentlabel, struct vnode *child, struct label *childlabel)
{
struct mac_biba *source, *dest;
@@ -712,7 +711,7 @@
}
static void
-mac_biba_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent,
+mac_biba_update_devfsdirent(struct devfs_dirent *devfs_dirent,
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
{
struct mac_biba *source, *dest;
@@ -724,8 +723,8 @@
}
static void
-mac_biba_update_procfsvnode_from_cred(struct vnode *vp,
- struct label *vnodelabel, struct ucred *cred)
+mac_biba_update_procfsvnode(struct vnode *vp, struct label *vnodelabel,
+ struct ucred *cred)
{
struct mac_biba *source, *dest;
@@ -946,8 +945,8 @@
}
static void
-mac_biba_create_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_biba_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
struct mac_biba *source, *dest;
@@ -971,9 +970,8 @@
}
static void
-mac_biba_create_fragment_from_datagram(struct mbuf *datagram,
- struct label *datagramlabel, struct mbuf *fragment,
- struct label *fragmentlabel)
+mac_biba_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+ struct mbuf *fragment, struct label *fragmentlabel)
{
struct mac_biba *source, *dest;
@@ -1058,8 +1056,8 @@
}
static int
-mac_biba_fragment_matches_ipq(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_biba_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
struct mac_biba *a, *b;
@@ -1083,8 +1081,8 @@
}
static void
-mac_biba_update_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_biba_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
/* NOOP: we only accept matching labels, so no need to update */
@@ -2068,18 +2066,18 @@
(macop_t)mac_biba_create_devfs_directory },
{ MAC_CREATE_DEVFS_VNODE,
(macop_t)mac_biba_create_devfs_vnode },
- { MAC_CREATE_VNODE_FROM_VNODE,
- (macop_t)mac_biba_create_vnode_from_vnode },
+ { MAC_CREATE_VNODE,
+ (macop_t)mac_biba_create_vnode },
{ MAC_CREATE_MOUNT,
(macop_t)mac_biba_create_mount },
{ MAC_CREATE_ROOT_MOUNT,
(macop_t)mac_biba_create_root_mount },
{ MAC_RELABEL_VNODE,
(macop_t)mac_biba_relabel_vnode },
- { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE,
- (macop_t)mac_biba_update_devfsdirent_from_vnode },
- { MAC_UPDATE_PROCFSVNODE_FROM_CRED,
- (macop_t)mac_biba_update_procfsvnode_from_cred },
+ { MAC_UPDATE_DEVFSDIRENT,
+ (macop_t)mac_biba_update_devfsdirent },
+ { MAC_UPDATE_PROCFSVNODE,
+ (macop_t)mac_biba_update_procfsvnode },
{ MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
(macop_t)mac_biba_update_vnode_from_externalized },
{ MAC_UPDATE_VNODE_FROM_MOUNT,
@@ -2104,12 +2102,12 @@
(macop_t)mac_biba_create_bpfdesc },
{ MAC_CREATE_DATAGRAM_FROM_IPQ,
(macop_t)mac_biba_create_datagram_from_ipq },
- { MAC_CREATE_FRAGMENT_FROM_DATAGRAM,
- (macop_t)mac_biba_create_fragment_from_datagram },
+ { MAC_CREATE_FRAGMENT,
+ (macop_t)mac_biba_create_fragment },
{ MAC_CREATE_IFNET,
(macop_t)mac_biba_create_ifnet },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_biba_create_ipq_from_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_biba_create_ipq },
{ MAC_CREATE_MBUF_FROM_MBUF,
(macop_t)mac_biba_create_mbuf_from_mbuf },
{ MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET,
@@ -2122,12 +2120,12 @@
(macop_t)mac_biba_create_mbuf_multicast_encap_from_mbuf },
{ MAC_CREATE_MBUF_NETLAYER_FROM_MBUF,
(macop_t)mac_biba_create_mbuf_netlayer_from_mbuf },
- { MAC_FRAGMENT_MATCHES_IPQ,
- (macop_t)mac_biba_fragment_matches_ipq },
+ { MAC_FRAGMENT_MATCH,
+ (macop_t)mac_biba_fragment_match },
{ MAC_RELABEL_IFNET,
(macop_t)mac_biba_relabel_ifnet },
- { MAC_UPDATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_biba_update_ipq_from_fragment },
+ { MAC_UPDATE_IPQ,
+ (macop_t)mac_biba_update_ipq },
{ MAC_CREATE_CRED,
(macop_t)mac_biba_create_cred },
{ MAC_EXECVE_TRANSITION,
==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#71 (text+ko) ====
@@ -646,9 +646,8 @@
}
static void
-mac_mls_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
- struct label *parentlabel, struct vnode *child,
- struct label *childlabel)
+mac_mls_create_vnode(struct ucred *cred, struct vnode *parent,
+ struct label *parentlabel, struct vnode *child, struct label *childlabel)
{
struct mac_mls *source, *dest;
@@ -697,7 +696,7 @@
}
static void
-mac_mls_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent,
+mac_mls_update_devfsdirent(struct devfs_dirent *devfs_dirent,
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
{
struct mac_mls *source, *dest;
@@ -709,8 +708,8 @@
}
static void
-mac_mls_update_procfsvnode_from_cred(struct vnode *vp,
- struct label *vnodelabel, struct ucred *cred)
+mac_mls_update_procfsvnode(struct vnode *vp, struct label *vnodelabel,
+ struct ucred *cred)
{
struct mac_mls *source, *dest;
@@ -895,8 +894,8 @@
}
static void
-mac_mls_create_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_mls_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
struct mac_mls *source, *dest;
@@ -920,9 +919,8 @@
}
static void
-mac_mls_create_fragment_from_datagram(struct mbuf *datagram,
- struct label *datagramlabel, struct mbuf *fragment,
- struct label *fragmentlabel)
+mac_mls_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+ struct mbuf *fragment, struct label *fragmentlabel)
{
struct mac_mls *source, *dest;
@@ -1007,8 +1005,8 @@
}
static int
-mac_mls_fragment_matches_ipq(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_mls_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
struct mac_mls *a, *b;
@@ -1032,8 +1030,8 @@
}
static void
-mac_mls_update_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_mls_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
/* NOOP: we only accept matching labels, so no need to update */
@@ -2019,18 +2017,18 @@
(macop_t)mac_mls_create_devfs_directory },
{ MAC_CREATE_DEVFS_VNODE,
(macop_t)mac_mls_create_devfs_vnode },
- { MAC_CREATE_VNODE_FROM_VNODE,
- (macop_t)mac_mls_create_vnode_from_vnode },
+ { MAC_CREATE_VNODE,
+ (macop_t)mac_mls_create_vnode },
{ MAC_CREATE_MOUNT,
(macop_t)mac_mls_create_mount },
{ MAC_CREATE_ROOT_MOUNT,
(macop_t)mac_mls_create_root_mount },
{ MAC_RELABEL_VNODE,
(macop_t)mac_mls_relabel_vnode },
- { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE,
- (macop_t)mac_mls_update_devfsdirent_from_vnode },
- { MAC_UPDATE_PROCFSVNODE_FROM_CRED,
- (macop_t)mac_mls_update_procfsvnode_from_cred },
+ { MAC_UPDATE_DEVFSDIRENT,
+ (macop_t)mac_mls_update_devfsdirent },
+ { MAC_UPDATE_PROCFSVNODE,
+ (macop_t)mac_mls_update_procfsvnode },
{ MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
(macop_t)mac_mls_update_vnode_from_externalized },
{ MAC_UPDATE_VNODE_FROM_MOUNT,
@@ -2055,12 +2053,12 @@
(macop_t)mac_mls_create_bpfdesc },
{ MAC_CREATE_DATAGRAM_FROM_IPQ,
(macop_t)mac_mls_create_datagram_from_ipq },
- { MAC_CREATE_FRAGMENT_FROM_DATAGRAM,
- (macop_t)mac_mls_create_fragment_from_datagram },
+ { MAC_CREATE_FRAGMENT,
+ (macop_t)mac_mls_create_fragment },
{ MAC_CREATE_IFNET,
(macop_t)mac_mls_create_ifnet },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_mls_create_ipq_from_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_mls_create_ipq },
{ MAC_CREATE_MBUF_FROM_MBUF,
(macop_t)mac_mls_create_mbuf_from_mbuf },
{ MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET,
@@ -2073,12 +2071,12 @@
(macop_t)mac_mls_create_mbuf_multicast_encap_from_mbuf },
{ MAC_CREATE_MBUF_NETLAYER_FROM_MBUF,
(macop_t)mac_mls_create_mbuf_netlayer_from_mbuf },
- { MAC_FRAGMENT_MATCHES_IPQ,
- (macop_t)mac_mls_fragment_matches_ipq },
+ { MAC_FRAGMENT_MATCH,
+ (macop_t)mac_mls_fragment_match },
{ MAC_RELABEL_IFNET,
(macop_t)mac_mls_relabel_ifnet },
- { MAC_UPDATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_mls_update_ipq_from_fragment },
+ { MAC_UPDATE_IPQ,
+ (macop_t)mac_mls_update_ipq },
{ MAC_CREATE_CRED,
(macop_t)mac_mls_create_cred },
{ MAC_EXECVE_TRANSITION,
==== //depot/projects/trustedbsd/mac/sys/security/mac_none/mac_none.c#58 (text+ko) ====
@@ -280,7 +280,7 @@
}
static void
-mac_none_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
+mac_none_create_vnode(struct ucred *cred, struct vnode *parent,
struct label *parentlabel, struct vnode *child,
struct label *childlabel)
{
@@ -416,9 +416,8 @@
}
static void
-mac_none_create_fragment_from_datagram(struct mbuf *datagram,
- struct label *datagramlabel, struct mbuf *fragment,
- struct label *fragmentlabel)
+mac_none_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+ struct mbuf *fragment, struct label *fragmentlabel)
{
}
@@ -430,8 +429,8 @@
}
static void
-mac_none_create_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_none_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
}
@@ -482,8 +481,8 @@
}
static int
-mac_none_fragment_matches_ipq(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_none_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
return (1);
@@ -497,8 +496,8 @@
}
static void
-mac_none_update_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_none_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
}
@@ -942,8 +941,8 @@
(macop_t)mac_none_create_devfs_directory },
{ MAC_CREATE_DEVFS_VNODE,
(macop_t)mac_none_create_devfs_vnode },
- { MAC_CREATE_VNODE_FROM_VNODE,
- (macop_t)mac_none_create_vnode_from_vnode },
+ { MAC_CREATE_VNODE,
+ (macop_t)mac_none_create_vnode },
{ MAC_CREATE_MOUNT,
(macop_t)mac_none_create_mount },
{ MAC_CREATE_ROOT_MOUNT,
@@ -978,14 +977,14 @@
(macop_t)mac_none_create_bpfdesc },
{ MAC_CREATE_IFNET,
(macop_t)mac_none_create_ifnet },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_none_create_ipq_from_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_none_create_ipq },
{ MAC_CREATE_DATAGRAM_FROM_IPQ,
(macop_t)mac_none_create_datagram_from_ipq },
- { MAC_CREATE_FRAGMENT_FROM_DATAGRAM,
- (macop_t)mac_none_create_fragment_from_datagram },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_none_create_ipq_from_fragment },
+ { MAC_CREATE_FRAGMENT,
+ (macop_t)mac_none_create_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_none_create_ipq },
{ MAC_CREATE_MBUF_FROM_MBUF,
(macop_t)mac_none_create_mbuf_from_mbuf },
{ MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET,
@@ -998,12 +997,12 @@
(macop_t)mac_none_create_mbuf_multicast_encap_from_mbuf },
{ MAC_CREATE_MBUF_NETLAYER_FROM_MBUF,
(macop_t)mac_none_create_mbuf_netlayer_from_mbuf },
- { MAC_FRAGMENT_MATCHES_IPQ,
- (macop_t)mac_none_fragment_matches_ipq },
+ { MAC_FRAGMENT_MATCH,
+ (macop_t)mac_none_fragment_match },
{ MAC_RELABEL_IFNET,
(macop_t)mac_none_relabel_ifnet },
- { MAC_UPDATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_none_update_ipq_from_fragment },
+ { MAC_UPDATE_IPQ,
+ (macop_t)mac_none_update_ipq },
{ MAC_CREATE_CRED,
(macop_t)mac_none_create_cred },
{ MAC_EXECVE_TRANSITION,
==== //depot/projects/trustedbsd/mac/sys/security/mac_te/mac_te.c#65 (text+ko) ====
@@ -857,9 +857,8 @@
}
static void
-mac_te_create_fragment_from_datagram(struct mbuf *datagram,
- struct label *datagramlabel, struct mbuf *fragment,
- struct label *fragmentlabel)
+mac_te_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+ struct mbuf *fragment, struct label *fragmentlabel)
{
mac_te_init_label(SLOT(fragmentlabel));
@@ -867,8 +866,8 @@
}
static void
-mac_te_create_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct mbuf *ipq, struct label *ipqlabel)
+mac_te_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct mbuf *ipq, struct label *ipqlabel)
{
mac_te_copy_label(SLOT(fragmentlabel), SLOT(ipqlabel));
@@ -917,8 +916,8 @@
}
static int
-mac_te_fragment_matches_ipq(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_te_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
return (mac_te_equal(fragmentlabel, ipqlabel));
@@ -1083,7 +1082,7 @@
}
static void
-mac_te_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
+mac_te_create_vnode(struct ucred *cred, struct vnode *parent,
struct label *parentlabel, struct vnode *child, struct label *childlabel)
{
@@ -1634,7 +1633,7 @@
}
static void
-mac_te_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent,
+mac_te_update_devfsdirent(struct devfs_dirent *devfs_dirent,
struct label *direntlabel, struct vnode *vp, struct label *vnodelabel)
{
@@ -1642,7 +1641,7 @@
}
static void
-mac_te_update_procfsvnode_from_cred(struct vnode *vp, struct label *vnodelabel,
+mac_te_update_procfsvnode(struct vnode *vp, struct label *vnodelabel,
struct ucred *cred)
{
@@ -1666,8 +1665,8 @@
}
static void
-mac_te_update_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_te_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
mac_te_copy_label(SLOT(fragmentlabel), SLOT(ipqlabel));
@@ -1700,8 +1699,8 @@
{ MAC_CREATE_DEVFS_DEVICE, (macop_t)mac_te_create_devfs_device },
{ MAC_CREATE_DEVFS_DIRECTORY, (macop_t)mac_te_create_devfs_directory },
{ MAC_CREATE_DEVFS_VNODE, (macop_t)mac_te_create_devfs_vnode },
- { MAC_CREATE_VNODE_FROM_VNODE,
- (macop_t)mac_te_create_vnode_from_vnode },
+ { MAC_CREATE_VNODE,
+ (macop_t)mac_te_create_vnode },
{ MAC_CREATE_MOUNT, (macop_t)mac_te_create_mount },
{ MAC_CREATE_ROOT_MOUNT, (macop_t)mac_te_create_root_mount },
{ MAC_CREATE_MBUF_FROM_SOCKET,
@@ -1720,10 +1719,10 @@
{ MAC_CREATE_IFNET, (macop_t)mac_te_create_ifnet },
{ MAC_CREATE_DATAGRAM_FROM_IPQ,
(macop_t)mac_te_create_datagram_from_ipq },
- { MAC_CREATE_FRAGMENT_FROM_DATAGRAM,
- (macop_t)mac_te_create_fragment_from_datagram },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_te_create_ipq_from_fragment },
+ { MAC_CREATE_FRAGMENT,
+ (macop_t)mac_te_create_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_te_create_ipq },
{ MAC_CREATE_MBUF_FROM_MBUF,
(macop_t)mac_te_create_mbuf_from_mbuf },
{ MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET,
@@ -1736,7 +1735,8 @@
(macop_t)mac_te_create_mbuf_multicast_encap_from_mbuf },
{ MAC_CREATE_MBUF_NETLAYER_FROM_MBUF,
(macop_t)mac_te_create_mbuf_netlayer_from_mbuf },
- { MAC_FRAGMENT_MATCHES_IPQ, (macop_t)mac_te_fragment_matches_ipq },
+ { MAC_FRAGMENT_MATCH,
+ (macop_t)mac_te_fragment_match },
{ MAC_RELABEL_IFNET, (macop_t)mac_te_relabel_ifnet },
{ MAC_CREATE_CRED, (macop_t)mac_te_create_cred },
{ MAC_EXECVE_TRANSITION, (macop_t)mac_te_execve_transition },
@@ -1834,16 +1834,16 @@
(macop_t)mac_te_check_vnode_op },
{ MAC_EXTERNALIZE, (macop_t)mac_te_externalize },
{ MAC_INTERNALIZE, (macop_t)mac_te_internalize },
- { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE,
- (macop_t)mac_te_update_devfsdirent_from_vnode },
- { MAC_UPDATE_PROCFSVNODE_FROM_CRED,
- (macop_t)mac_te_update_procfsvnode_from_cred },
+ { MAC_UPDATE_DEVFSDIRENT,
+ (macop_t)mac_te_update_devfsdirent },
+ { MAC_UPDATE_PROCFSVNODE,
+ (macop_t)mac_te_update_procfsvnode },
{ MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
(macop_t)mac_te_update_vnode_from_externalized },
{ MAC_UPDATE_VNODE_FROM_MOUNT,
(macop_t)mac_te_update_vnode_from_mount },
- { MAC_UPDATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_te_update_ipq_from_fragment },
+ { MAC_UPDATE_IPQ,
+ (macop_t)mac_te_update_ipq },
{ MAC_OP_LAST, NULL }
};
==== //depot/projects/trustedbsd/mac/sys/security/mac_test/mac_test.c#28 (text+ko) ====
@@ -488,9 +488,8 @@
}
static void
-mac_test_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
- struct label *parentlabel, struct vnode *child,
- struct label *childlabel)
+mac_test_create_vnode(struct ucred *cred, struct vnode *parent,
+ struct label *parentlabel, struct vnode *child, struct label *childlabel)
{
}
@@ -517,15 +516,15 @@
}
static void
-mac_test_update_devfsdirent_from_vnode(struct devfs_dirent *devfs_dirent,
+mac_test_update_devfsdirent(struct devfs_dirent *devfs_dirent,
struct vnode *vp)
{
}
static void
-mac_test_update_procfsvnode_from_cred(struct vnode *vp,
- struct label *vnodelabel, struct ucred *cred)
+mac_test_update_procfsvnode(struct vnode *vp, struct label *vnodelabel,
+ struct ucred *cred)
{
}
@@ -624,9 +623,8 @@
}
static void
-mac_test_create_fragment_from_datagram(struct mbuf *datagram,
- struct label *datagramlabel, struct mbuf *fragment,
- struct label *fragmentlabel)
+mac_test_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
+ struct mbuf *fragment, struct label *fragmentlabel)
{
}
@@ -638,8 +636,8 @@
}
static void
-mac_test_create_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_test_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
}
@@ -690,8 +688,8 @@
}
static int
-mac_test_fragment_matches_ipq(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_test_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
return (1);
@@ -705,8 +703,8 @@
}
static void
-mac_test_update_ipq_from_fragment(struct mbuf *fragment,
- struct label *fragmentlabel, struct ipq *ipq, struct label *ipqlabel)
+mac_test_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
+ struct ipq *ipq, struct label *ipqlabel)
{
}
@@ -1158,10 +1156,10 @@
(macop_t)mac_test_create_root_mount },
{ MAC_RELABEL_VNODE,
(macop_t)mac_test_relabel_vnode },
- { MAC_UPDATE_DEVFSDIRENT_FROM_VNODE,
- (macop_t)mac_test_update_devfsdirent_from_vnode },
- { MAC_UPDATE_PROCFSVNODE_FROM_CRED,
- (macop_t)mac_test_update_procfsvnode_from_cred },
+ { MAC_UPDATE_DEVFSDIRENT,
+ (macop_t)mac_test_update_devfsdirent },
+ { MAC_UPDATE_PROCFSVNODE,
+ (macop_t)mac_test_update_procfsvnode },
{ MAC_UPDATE_VNODE_FROM_EXTERNALIZED,
(macop_t)mac_test_update_vnode_from_externalized },
{ MAC_UPDATE_VNODE_FROM_MOUNT,
@@ -1188,10 +1186,10 @@
(macop_t)mac_test_create_ifnet },
{ MAC_CREATE_DATAGRAM_FROM_IPQ,
(macop_t)mac_test_create_datagram_from_ipq },
- { MAC_CREATE_FRAGMENT_FROM_DATAGRAM,
- (macop_t)mac_test_create_fragment_from_datagram },
- { MAC_CREATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_test_create_ipq_from_fragment },
+ { MAC_CREATE_FRAGMENT,
+ (macop_t)mac_test_create_fragment },
+ { MAC_CREATE_IPQ,
+ (macop_t)mac_test_create_ipq },
{ MAC_CREATE_MBUF_FROM_MBUF,
(macop_t)mac_test_create_mbuf_from_mbuf },
{ MAC_CREATE_MBUF_LINKLAYER_FOR_IFNET,
@@ -1204,12 +1202,12 @@
(macop_t)mac_test_create_mbuf_multicast_encap_from_mbuf },
{ MAC_CREATE_MBUF_NETLAYER_FROM_MBUF,
(macop_t)mac_test_create_mbuf_netlayer_from_mbuf },
- { MAC_FRAGMENT_MATCHES_IPQ,
- (macop_t)mac_test_fragment_matches_ipq },
+ { MAC_FRAGMENT_MATCH,
+ (macop_t)mac_test_fragment },
{ MAC_RELABEL_IFNET,
(macop_t)mac_test_relabel_ifnet },
- { MAC_UPDATE_IPQ_FROM_FRAGMENT,
- (macop_t)mac_test_update_ipq_from_fragment },
+ { MAC_UPDATE_IPQ,
+ (macop_t)mac_test_update_ipq },
{ MAC_CREATE_CRED,
(macop_t)mac_test_create_cred },
{ MAC_EXECVE_TRANSITION,
==== //depot/projects/trustedbsd/mac/sys/sys/mac.h#135 (text+ko) ====
@@ -262,15 +262,14 @@
void mac_create_devfs_directory(char *dirname, int dirnamelen,
struct devfs_dirent *de);
void mac_create_devfs_vnode(struct devfs_dirent *de, struct vnode *vp);
-void mac_create_vnode_from_vnode(struct ucred *cred, struct vnode *parent,
+void mac_create_vnode(struct ucred *cred, struct vnode *parent,
struct vnode *child);
void mac_create_mount(struct ucred *cred, struct mount *mp);
void mac_create_root_mount(struct ucred *cred, struct mount *mp);
void mac_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *newlabel);
-void mac_update_devfsdirent_from_vnode(struct devfs_dirent *de,
- struct vnode *vp);
-void mac_update_procfsvnode_from_cred(struct vnode *vp, struct ucred *cred);
+void mac_update_devfsdirent(struct devfs_dirent *de, struct vnode *vp);
+void mac_update_procfsvnode(struct vnode *vp, struct ucred *cred);
void mac_update_vnode_from_mount(struct vnode *vp, struct mount *mp);
@@ -292,10 +291,9 @@
*/
void mac_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d);
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list