PERFORCE change 100984 for review
Robert Watson
rwatson at FreeBSD.org
Sat Jul 8 12:23:58 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=100984
Change 100984 by rwatson at rwatson_zoo on 2006/07/08 12:22:59
Further renaming.
Affected files ...
.. //depot/projects/trustedbsd/mac2/sys/compat/svr4/svr4_stream.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/kern/kern_alq.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/kern/link_elf_obj.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/kern/uipc_usrreq.c#4 edit
.. //depot/projects/trustedbsd/mac2/sys/netatalk/aarp.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/netinet/if_ether.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/netinet/igmp.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/netinet/tcp_input.c#4 edit
.. //depot/projects/trustedbsd/mac2/sys/netinet/tcp_syncache.c#4 edit
.. //depot/projects/trustedbsd/mac2/sys/netinet6/nd6.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/security/mac/mac_net.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/security/mac/mac_socket.c#3 edit
.. //depot/projects/trustedbsd/mac2/sys/security/mac_portacl/mac_portacl.c#2 edit
.. //depot/projects/trustedbsd/mac2/sys/sys/mac_framework.h#14 edit
.. //depot/projects/trustedbsd/mac2/sys/sys/mac_policy.h#23 edit
Differences ...
==== //depot/projects/trustedbsd/mac2/sys/compat/svr4/svr4_stream.c#3 (text+ko) ====
@@ -176,7 +176,7 @@
#ifdef MAC
SOCK_LOCK(so);
- error = mac_check_socket_send(td->td_ucred, so);
+ error = mac_socket_check_send(td->td_ucred, so);
SOCK_UNLOCK(so);
if (error)
goto done1;
@@ -276,7 +276,7 @@
#ifdef MAC
SOCK_LOCK(so);
- error = mac_check_socket_receive(td->td_ucred, so);
+ error = mac_socket_check_receive(td->td_ucred, so);
SOCK_UNLOCK(so);
if (error)
goto done1;
==== //depot/projects/trustedbsd/mac2/sys/kern/kern_alq.c#3 (text+ko) ====
@@ -299,7 +299,7 @@
* XXX: VOP_WRITE error checks are ignored.
*/
#ifdef MAC
- if (mac_check_vnode_write(alq->aq_cred, NOCRED, vp) == 0)
+ if (mac_vnode_check_write(alq->aq_cred, NOCRED, vp) == 0)
#endif
VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, alq->aq_cred);
VOP_UNLOCK(vp, 0, td);
==== //depot/projects/trustedbsd/mac2/sys/kern/link_elf_obj.c#3 (text+ko) ====
@@ -409,7 +409,7 @@
vfslocked = NDHASGIANT(&nd);
NDFREE(&nd, NDF_ONLY_PNBUF);
#ifdef MAC
- error = mac_check_kld_load(td->td_ucred, nd.ni_vp);
+ error = mac_kld_check_load(td->td_ucred, nd.ni_vp);
if (error) {
goto out;
}
==== //depot/projects/trustedbsd/mac2/sys/kern/uipc_usrreq.c#4 (text+ko) ====
@@ -951,8 +951,8 @@
unp3->unp_flags |= UNP_WANTCRED;
#ifdef MAC
SOCK_LOCK(so);
- mac_socket_set_peer_from_socket(so, so3);
- mac_socket_set_peer_from_socket(so3, so);
+ mac_socket_peer_set_from_socket(so, so3);
+ mac_socket_peer_set_from_socket(so3, so);
SOCK_UNLOCK(so);
#endif
==== //depot/projects/trustedbsd/mac2/sys/netatalk/aarp.c#3 (text+ko) ====
@@ -183,7 +183,7 @@
return;
}
#ifdef MAC
- mac_create_mbuf_linklayer(ifp, m);
+ mac_mbuf_create_linklayer(ifp, m);
#endif
m->m_len = sizeof(*ea);
m->m_pkthdr.len = sizeof(*ea);
@@ -616,7 +616,7 @@
return;
}
#ifdef MAC
- mac_create_mbuf_linklayer(ifp, m);
+ mac_mbuf_create_linklayer(ifp, m);
#endif
m->m_len = sizeof(*ea);
m->m_pkthdr.len = sizeof(*ea);
==== //depot/projects/trustedbsd/mac2/sys/netinet/if_ether.c#3 (text+ko) ====
@@ -350,7 +350,7 @@
ah = mtod(m, struct arphdr *);
bzero((caddr_t)ah, m->m_len);
#ifdef MAC
- mac_create_mbuf_linklayer(ifp, m);
+ mac_mbuf_create_linklayer(ifp, m);
#endif
ah->ar_pro = htons(ETHERTYPE_IP);
ah->ar_hln = ifp->if_addrlen; /* hardware address length */
==== //depot/projects/trustedbsd/mac2/sys/netinet/igmp.c#3 (text+ko) ====
@@ -469,7 +469,7 @@
m->m_pkthdr.rcvif = loif;
#ifdef MAC
- mac_create_mbuf_linklayer(inm->inm_ifp, m);
+ mac_mbuf_create_linklayer(inm->inm_ifp, m);
#endif
m->m_pkthdr.len = sizeof(struct ip) + IGMP_MINLEN;
MH_ALIGN(m, IGMP_MINLEN + sizeof(struct ip));
==== //depot/projects/trustedbsd/mac2/sys/netinet/tcp_input.c#4 (text+ko) ====
@@ -1403,7 +1403,7 @@
soisconnected(so);
#ifdef MAC
SOCK_LOCK(so);
- mac_socket_set_peer_from_mbuf(m, so);
+ mac_socket_peer_set_from_mbuf(m, so);
SOCK_UNLOCK(so);
#endif
/* Do window scaling on this connection? */
==== //depot/projects/trustedbsd/mac2/sys/netinet/tcp_syncache.c#4 (text+ko) ====
@@ -562,7 +562,7 @@
}
#ifdef MAC
SOCK_LOCK(so);
- mac_socket_set_peer_from_mbuf(m, so);
+ mac_socket_peer_set_from_mbuf(m, so);
SOCK_UNLOCK(so);
#endif
==== //depot/projects/trustedbsd/mac2/sys/netinet6/nd6.c#3 (text+ko) ====
@@ -2129,7 +2129,7 @@
#endif
#ifdef MAC
- mac_create_mbuf_linklayer(ifp, m);
+ mac_mbuf_create_linklayer(ifp, m);
#endif
if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
return ((*ifp->if_output)(origifp, m, (struct sockaddr *)dst,
==== //depot/projects/trustedbsd/mac2/sys/security/mac/mac_net.c#3 (text+ko) ====
@@ -326,27 +326,27 @@
}
void
-mac_create_mbuf_linklayer(struct ifnet *ifnet, struct mbuf *mbuf)
+mac_ifnet_create_mbuf(struct ifnet *ifnet, struct mbuf *mbuf)
{
struct label *label;
label = mac_mbuf_to_label(mbuf);
MAC_IFNET_LOCK(ifnet);
- MAC_PERFORM(create_mbuf_linklayer, ifnet, ifnet->if_label, mbuf,
- label);
+ MAC_PERFORM(ifnet_create_mbuf, ifnet, ifnet->if_label, mbuf, label);
MAC_IFNET_UNLOCK(ifnet);
}
void
-mac_ifnet_create_mbuf(struct ifnet *ifnet, struct mbuf *mbuf)
+mac_mbuf_create_linklayer(struct ifnet *ifnet, struct mbuf *mbuf)
{
struct label *label;
label = mac_mbuf_to_label(mbuf);
MAC_IFNET_LOCK(ifnet);
- MAC_PERFORM(ifnet_create_mbuf, ifnet, ifnet->if_label, mbuf, label);
+ MAC_PERFORM(mbuf_create_linklayer, ifnet, ifnet->if_label, mbuf,
+ label);
MAC_IFNET_UNLOCK(ifnet);
}
==== //depot/projects/trustedbsd/mac2/sys/security/mac/mac_socket.c#3 (text+ko) ====
@@ -118,9 +118,9 @@
if (label == NULL)
return (NULL);
- MAC_CHECK(socket_init_peer_label, label, flag);
+ MAC_CHECK(socket_peer_init_label, label, flag);
if (error) {
- MAC_PERFORM(socket_destroy_peer_label, label);
+ MAC_PERFORM(socket_peer_destroy_label, label);
mac_labelzone_free(label);
return (NULL);
}
@@ -157,7 +157,7 @@
mac_socket_peer_label_free(struct label *label)
{
- MAC_PERFORM(socket_destroy_peer_label, label);
+ MAC_PERFORM(socket_peer_destroy_label, label);
mac_labelzone_free(label);
MAC_DEBUG_COUNTER_DEC(&nmacsockets);
}
@@ -237,7 +237,7 @@
}
void
-mac_socket_set_peer_from_mbuf(struct mbuf *mbuf, struct socket *socket)
+mac_socket_peer_set_from_mbuf(struct mbuf *mbuf, struct socket *socket)
{
struct label *label;
@@ -245,12 +245,12 @@
label = mac_mbuf_to_label(mbuf);
- MAC_PERFORM(socket_set_peer_from_mbuf, mbuf, label, socket,
+ MAC_PERFORM(socket_peer_set_from_mbuf, mbuf, label, socket,
socket->so_peerlabel);
}
void
-mac_socket_set_peer_from_socket(struct socket *oldsocket,
+mac_socket_peer_set_from_socket(struct socket *oldsocket,
struct socket *newsocket)
{
@@ -260,7 +260,7 @@
* called in both directions, so we can't assert the lock
* here currently.
*/
- MAC_PERFORM(socket_set_peer_from_socket, oldsocket,
+ MAC_PERFORM(socket_peer_set_from_socket, oldsocket,
oldsocket->so_label, newsocket, newsocket->so_peerlabel);
}
==== //depot/projects/trustedbsd/mac2/sys/security/mac_portacl/mac_portacl.c#2 (text+ko) ====
@@ -1,5 +1,6 @@
/*-
* Copyright (c) 2003-2004 Networks Associates Technology, Inc.
+ * Copyright (c) 2006 SPARTA, Inc.
* All rights reserved.
*
* This software was developed for the FreeBSD Project by Network
@@ -7,6 +8,9 @@
* Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
* as part of the DARPA CHATS research program.
*
+ * This software was enhanced by SPARTA ISSO under SPAWAR contract
+ * N66001-04-C-6019 ("SEFOS").
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -162,7 +166,7 @@
* and access via sysctl.
*/
static void
-destroy(struct mac_policy_conf *mpc)
+policy_destroy(struct mac_policy_conf *mpc)
{
mtx_destroy(&rule_mtx);
@@ -170,7 +174,7 @@
}
static void
-init(struct mac_policy_conf *mpc)
+policy_init(struct mac_policy_conf *mpc)
{
mtx_init(&rule_mtx, "rule_mtx", NULL, MTX_DEF);
@@ -438,7 +442,7 @@
* the source port is left up to the IP stack to determine automatically.
*/
static int
-check_socket_bind(struct ucred *cred, struct socket *so,
+socket_check_bind(struct ucred *cred, struct socket *so,
struct label *socketlabel, struct sockaddr *sockaddr)
{
struct sockaddr_in *sin;
@@ -489,9 +493,9 @@
static struct mac_policy_ops mac_portacl_ops =
{
- .mpo_destroy = destroy,
- .mpo_init = init,
- .mpo_check_socket_bind = check_socket_bind,
+ .mpo_policy_destroy = policy_destroy,
+ .mpo_policy_init = policy_init,
+ .mpo_socket_check_bind = socket_check_bind,
};
MAC_POLICY_SET(&mac_portacl_ops, trustedbsd_mac_portacl,
==== //depot/projects/trustedbsd/mac2/sys/sys/mac_framework.h#14 (text+ko) ====
@@ -118,8 +118,8 @@
void mac_ifnet_init(struct ifnet *);
void mac_ifnet_destroy(struct ifnet *);
void mac_ifnet_create(struct ifnet *ifp);
-void mac_create_mbuf_linklayer(struct ifnet *ifnet, struct mbuf *m);
void mac_ifnet_create_mbuf(struct ifnet *ifnet, struct mbuf *m);
+void mac_mbuf_create_linklayer(struct ifnet *ifnet, struct mbuf *m);
void mac_mbuf_create_multicast_encap(struct mbuf *oldmbuf,
struct ifnet *ifnet, struct mbuf *newmbuf);
int mac_ifnet_check_transmit(struct ifnet *ifnet, struct mbuf *m);
@@ -226,9 +226,9 @@
void mac_socket_create(struct ucred *cred, struct socket *socket);
void mac_socket_accept(struct socket *oldsocket,
struct socket *newsocket);
-void mac_socket_set_peer_from_mbuf(struct mbuf *mbuf,
+void mac_socket_peer_set_from_mbuf(struct mbuf *mbuf,
struct socket *socket);
-void mac_socket_set_peer_from_socket(struct socket *oldsocket,
+void mac_socket_peer_set_from_socket(struct socket *oldsocket,
struct socket *newsocket);
int mac_socket_check_accept(struct ucred *cred, struct socket *so);
int mac_socket_check_bind(struct ucred *cred, struct socket *so,
==== //depot/projects/trustedbsd/mac2/sys/sys/mac_policy.h#23 (text+ko) ====
@@ -198,10 +198,10 @@
char *element_name, char *element_data, int *claimed);
typedef void (*mpo_ifnet_create_t)(struct ifnet *ifnet,
struct label *ifnetlabel);
-typedef void (*mpo_create_mbuf_linklayer_t)(struct ifnet *ifnet,
+typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifnet,
struct label *ifnetlabel, struct mbuf *mbuf,
struct label *mbuflabel);
-typedef void (*mpo_ifnet_create_mbuf_t)(struct ifnet *ifnet,
+typedef void (*mpo_mbuf_create_linklayer_t)(struct ifnet *ifnet,
struct label *ifnetlabel, struct mbuf *mbuf,
struct label *mbuflabel);
typedef void (*mpo_mbuf_create_multicast_encap_t)(struct mbuf *oldmbuf,
@@ -482,13 +482,13 @@
struct label *newsocketlabel);
typedef void (*mpo_socket_relabel_t)(struct ucred *cred, struct socket *so,
struct label *oldlabel, struct label *newlabel);
-typedef void (*mpo_socket_set_peer_from_socket_t)(struct socket *oldsocket,
+typedef void (*mpo_socket_peer_set_from_socket_t)(struct socket *oldsocket,
struct label *oldsocketlabel, struct socket *newsocket,
struct label *newsocketpeerlabel);
typedef void (*mpo_socket_create_mbuf_t)(struct socket *so,
struct label *socketlabel, struct mbuf *m,
struct label *mbuflabel);
-typedef void (*mpo_socket_set_peer_from_mbuf_t)(struct mbuf *mbuf,
+typedef void (*mpo_socket_peer_set_from_mbuf_t)(struct mbuf *mbuf,
struct label *mbuflabel, struct socket *so,
struct label *socketpeerlabel);
typedef int (*mpo_socket_check_accept_t)(struct ucred *cred,
@@ -707,8 +707,8 @@
mpo_ifnet_externalize_label_t mpo_ifnet_externalize_label;
mpo_ifnet_internalize_label_t mpo_ifnet_internalize_label;
mpo_ifnet_create_t mpo_ifnet_create;
- mpo_create_mbuf_linklayer_t mpo_create_mbuf_linklayer;
mpo_ifnet_create_mbuf_t mpo_ifnet_create_mbuf;
+ mpo_mbuf_create_linklayer_t mpo_mbuf_create_linklayer;
mpo_mbuf_create_multicast_encap_t mpo_mbuf_create_multicast_encap;
mpo_ifnet_relabel_t mpo_ifnet_relabel;
mpo_ifnet_check_relabel_t mpo_ifnet_check_relabel;
@@ -851,9 +851,9 @@
mpo_socket_create_t mpo_socket_create;
mpo_socket_accept_t mpo_socket_accept;
mpo_socket_relabel_t mpo_socket_relabel;
- mpo_socket_set_peer_from_socket_t mpo_socket_set_peer_from_socket;
+ mpo_socket_peer_set_from_socket_t mpo_socket_peer_set_from_socket;
mpo_socket_create_mbuf_t mpo_socket_create_mbuf;
- mpo_socket_set_peer_from_mbuf_t mpo_socket_set_peer_from_mbuf;
+ mpo_socket_peer_set_from_mbuf_t mpo_socket_peer_set_from_mbuf;
mpo_socket_check_accept_t mpo_socket_check_accept;
mpo_socket_check_bind_t mpo_socket_check_bind;
mpo_socket_check_connect_t mpo_socket_check_connect;
More information about the trustedbsd-cvs
mailing list