Fix bde'isms in acl/extattr syscall interface, renaming syscalls to

prettier (?) names, adding some const's around here, et al. Reviewed by: bde
2000-01-19 06:07:34 +00:00 · 2000-01-19 06:07:34 +00:00 · 8f0738756c
commit 8f0738756c
parent 9b0be035b8
12 changed files with 127 additions and 144 deletions
--- a/sys/fs/nullfs/null_vfsops.c
+++ b/sys/fs/nullfs/null_vfsops.c
@ -421,7 +421,7 @@ static int
 nullfs_extattrctl(mp, cmd, attrname, arg, p)
 	struct mount *mp;
 	int cmd;
-	char *attrname;
+	const char *attrname;
 	caddr_t arg;
 	struct proc *p;            
 {
--- a/sys/fs/umapfs/umap_vfsops.c
+++ b/sys/fs/umapfs/umap_vfsops.c
@ -76,7 +76,7 @@ static int	umapfs_vget __P((struct mount *mp, ino_t ino,
 				 struct vnode **vpp));
 static int	umapfs_vptofh __P((struct vnode *vp, struct fid *fhp));
 static int	umapfs_extattrctl __P((struct mount *mp, int cmd,
-				       char *attrname, caddr_t arg,
+				       const char *attrname, caddr_t arg,
 				       struct proc *p));

 /*
@ -437,7 +437,7 @@ static int
 umapfs_extattrctl(mp, cmd, attrname, arg, p)
 	struct mount *mp;
 	int cmd;
-	char *attrname;
+	const char *attrname;
 	caddr_t arg;
 	struct proc *p;
 {
--- a/sys/kern/kern_acl.c
+++ b/sys/kern/kern_acl.c
@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999 Robert N. M. Watson
+ * Copyright (c) 1999, 2000 Robert N. M. Watson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -49,12 +49,12 @@

 static MALLOC_DEFINE(M_ACL, "acl", "access control list");

-static int vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
+static int	vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);

 /*
 * These calls wrap the real vnode operations, and are called by the 
@ -70,7 +70,7 @@ static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 */
 static int
 vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-       struct acl *aclp)
+    struct acl *aclp)
 {
 	struct acl inkernacl;
 	int error;
@ -143,7 +143,7 @@ vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 * Given a file path, get an ACL for it
 */
 int
-acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
+__acl_get_file(struct proc *p, struct __acl_get_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -162,7 +162,7 @@ acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
 * Given a file path, set an ACL for it
 */
 int
-acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
+__acl_set_file(struct proc *p, struct __acl_set_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -180,7 +180,7 @@ acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
 * Given a file descriptor, get an ACL for it
 */
 int
-acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
+__acl_get_fd(struct proc *p, struct __acl_get_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -196,7 +196,7 @@ acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
 * Given a file descriptor, set an ACL for it
 */
 int
-acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
+__acl_set_fd(struct proc *p, struct __acl_set_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -212,8 +212,7 @@ acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_file(struct proc *p,
-			struct acl_syscall_delete_file_args *uap)
+__acl_delete_file(struct proc *p, struct __acl_delete_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -231,8 +230,7 @@ acl_syscall_delete_file(struct proc *p,
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_fd(struct proc *p,
-    struct acl_syscall_delete_fd_args *uap)
+__acl_delete_fd(struct proc *p, struct __acl_delete_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -248,8 +246,7 @@ acl_syscall_delete_fd(struct proc *p,
 * Given a file path, check an ACL for it
 */
 int
-acl_syscall_aclcheck_file(struct proc *p,
-			  struct acl_syscall_aclcheck_file_args *uap)
+__acl_aclcheck_file(struct proc *p, struct __acl_aclcheck_file_args *uap)
 {
 	struct nameidata	nd;
 	int	error;
@ -267,8 +264,7 @@ acl_syscall_aclcheck_file(struct proc *p,
 * Given a file descriptor, check an ACL for it
 */
 int
-acl_syscall_aclcheck_fd(struct proc *p,
-    struct acl_syscall_aclcheck_fd_args *uap)
+__acl_aclcheck_fd(struct proc *p, struct __acl_aclcheck_fd_args *uap)
 {
 	struct file *fp;
 	int error;
--- a/sys/kern/subr_acl_posix1e.c
+++ b/sys/kern/subr_acl_posix1e.c
@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999 Robert N. M. Watson
+ * Copyright (c) 1999, 2000 Robert N. M. Watson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -49,12 +49,12 @@

 static MALLOC_DEFINE(M_ACL, "acl", "access control list");

-static int vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
+static int	vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);

 /*
 * These calls wrap the real vnode operations, and are called by the 
@ -70,7 +70,7 @@ static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 */
 static int
 vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-       struct acl *aclp)
+    struct acl *aclp)
 {
 	struct acl inkernacl;
 	int error;
@ -143,7 +143,7 @@ vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 * Given a file path, get an ACL for it
 */
 int
-acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
+__acl_get_file(struct proc *p, struct __acl_get_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -162,7 +162,7 @@ acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
 * Given a file path, set an ACL for it
 */
 int
-acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
+__acl_set_file(struct proc *p, struct __acl_set_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -180,7 +180,7 @@ acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
 * Given a file descriptor, get an ACL for it
 */
 int
-acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
+__acl_get_fd(struct proc *p, struct __acl_get_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -196,7 +196,7 @@ acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
 * Given a file descriptor, set an ACL for it
 */
 int
-acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
+__acl_set_fd(struct proc *p, struct __acl_set_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -212,8 +212,7 @@ acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_file(struct proc *p,
-			struct acl_syscall_delete_file_args *uap)
+__acl_delete_file(struct proc *p, struct __acl_delete_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -231,8 +230,7 @@ acl_syscall_delete_file(struct proc *p,
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_fd(struct proc *p,
-    struct acl_syscall_delete_fd_args *uap)
+__acl_delete_fd(struct proc *p, struct __acl_delete_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -248,8 +246,7 @@ acl_syscall_delete_fd(struct proc *p,
 * Given a file path, check an ACL for it
 */
 int
-acl_syscall_aclcheck_file(struct proc *p,
-			  struct acl_syscall_aclcheck_file_args *uap)
+__acl_aclcheck_file(struct proc *p, struct __acl_aclcheck_file_args *uap)
 {
 	struct nameidata	nd;
 	int	error;
@ -267,8 +264,7 @@ acl_syscall_aclcheck_file(struct proc *p,
 * Given a file descriptor, check an ACL for it
 */
 int
-acl_syscall_aclcheck_fd(struct proc *p,
-    struct acl_syscall_aclcheck_fd_args *uap)
+__acl_aclcheck_fd(struct proc *p, struct __acl_aclcheck_fd_args *uap)
 {
 	struct file *fp;
 	int error;
--- a/sys/kern/vfs_acl.c
+++ b/sys/kern/vfs_acl.c
@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999 Robert N. M. Watson
+ * Copyright (c) 1999, 2000 Robert N. M. Watson
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -49,12 +49,12 @@

 static MALLOC_DEFINE(M_ACL, "acl", "access control list");

-static int vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
-static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
-    struct acl *aclp);
+static int	vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_get_acl(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);
+static int	vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
+	    struct acl *aclp);

 /*
 * These calls wrap the real vnode operations, and are called by the 
@ -70,7 +70,7 @@ static int vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 */
 static int
 vacl_set_acl(struct proc *p, struct vnode *vp, acl_type_t type,
-       struct acl *aclp)
+    struct acl *aclp)
 {
 	struct acl inkernacl;
 	int error;
@ -143,7 +143,7 @@ vacl_aclcheck(struct proc *p, struct vnode *vp, acl_type_t type,
 * Given a file path, get an ACL for it
 */
 int
-acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
+__acl_get_file(struct proc *p, struct __acl_get_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -162,7 +162,7 @@ acl_syscall_get_file(struct proc *p, struct acl_syscall_get_file_args *uap)
 * Given a file path, set an ACL for it
 */
 int
-acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
+__acl_set_file(struct proc *p, struct __acl_set_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -180,7 +180,7 @@ acl_syscall_set_file(struct proc *p, struct acl_syscall_set_file_args *uap)
 * Given a file descriptor, get an ACL for it
 */
 int
-acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
+__acl_get_fd(struct proc *p, struct __acl_get_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -196,7 +196,7 @@ acl_syscall_get_fd(struct proc *p, struct acl_syscall_get_fd_args *uap)
 * Given a file descriptor, set an ACL for it
 */
 int
-acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
+__acl_set_fd(struct proc *p, struct __acl_set_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -212,8 +212,7 @@ acl_syscall_set_fd(struct proc *p, struct acl_syscall_set_fd_args *uap)
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_file(struct proc *p,
-			struct acl_syscall_delete_file_args *uap)
+__acl_delete_file(struct proc *p, struct __acl_delete_file_args *uap)
 {
 	struct nameidata nd;
 	int error;
@ -231,8 +230,7 @@ acl_syscall_delete_file(struct proc *p,
 * Given a file path, delete an ACL from it.
 */
 int
-acl_syscall_delete_fd(struct proc *p,
-    struct acl_syscall_delete_fd_args *uap)
+__acl_delete_fd(struct proc *p, struct __acl_delete_fd_args *uap)
 {
 	struct file *fp;
 	int error;
@ -248,8 +246,7 @@ acl_syscall_delete_fd(struct proc *p,
 * Given a file path, check an ACL for it
 */
 int
-acl_syscall_aclcheck_file(struct proc *p,
-			  struct acl_syscall_aclcheck_file_args *uap)
+__acl_aclcheck_file(struct proc *p, struct __acl_aclcheck_file_args *uap)
 {
 	struct nameidata	nd;
 	int	error;
@ -267,8 +264,7 @@ acl_syscall_aclcheck_file(struct proc *p,
 * Given a file descriptor, check an ACL for it
 */
 int
-acl_syscall_aclcheck_fd(struct proc *p,
-    struct acl_syscall_aclcheck_fd_args *uap)
+__acl_aclcheck_fd(struct proc *p, struct __acl_aclcheck_fd_args *uap)
 {
 	struct file *fp;
 	int error;
--- a/sys/kern/vfs_default.c
+++ b/sys/kern/vfs_default.c
@ -624,7 +624,7 @@ int
 vfs_stdextattrctl(mp, cmd, attrname, arg, p)
 	struct mount *mp;
 	int cmd;
-	char *attrname;
+	const char *attrname;
 	caddr_t arg;
 	struct proc *p;
 {
--- a/sys/miscfs/nullfs/null_vfsops.c
+++ b/sys/miscfs/nullfs/null_vfsops.c
@ -421,7 +421,7 @@ static int
 nullfs_extattrctl(mp, cmd, attrname, arg, p)
 	struct mount *mp;
 	int cmd;
-	char *attrname;
+	const char *attrname;
 	caddr_t arg;
 	struct proc *p;            
 {
--- a/sys/miscfs/umapfs/umap_vfsops.c
+++ b/sys/miscfs/umapfs/umap_vfsops.c
@ -76,7 +76,7 @@ static int	umapfs_vget __P((struct mount *mp, ino_t ino,
 				 struct vnode **vpp));
 static int	umapfs_vptofh __P((struct vnode *vp, struct fid *fhp));
 static int	umapfs_extattrctl __P((struct mount *mp, int cmd,
-				       char *attrname, caddr_t arg,
+				       const char *attrname, caddr_t arg,
 				       struct proc *p));

 /*
@ -437,7 +437,7 @@ static int
 umapfs_extattrctl(mp, cmd, attrname, arg, p)
 	struct mount *mp;
 	int cmd;
-	char *attrname;
+	const char *attrname;
 	caddr_t arg;
 	struct proc *p;
 {
--- a/sys/sys/acl.h
+++ b/sys/sys/acl.h
@ -28,29 +28,19 @@
 /* 
 * Userland/kernel interface for Access Control Lists
 *
- * This code from the FreeBSD POSIX.1e implementation.  Not all of the ACL
- * code is committed yet; in order to use the library routines listed
- * below, you'll need to download libposix1e_acl from the POSIX.1e
- * implementation page, or possibly update to a more recent version of
- * FreeBSD, as the code may have been committed.
- *
 * The POSIX.1e implementation page may be reached at:
 *   http://www.watson.org/fbsd-hardening/posix1e/
- *
- * However, all syscalls will pass through to appropriate VFS vnops, so
- * file systems implementing the vnops are accessible through the syscalls.
 */

 #ifndef _SYS_ACL_H
-#define _SYS_ACL_H
+#define	_SYS_ACL_H

 /*
 * POSIX.1e ACL types
 */

-#define MAX_ACL_ENTRIES 32    /* maximum entries in an ACL */
-#define _POSIX_ACL_PATH_MAX     MAX_ACL_ENTRIES
-#define	ACL_MAX_ENTRIES	MAX_ACL_ENTRIES
+#define	ACL_MAX_ENTRIES	32	/* maximum entries in an ACL */
+#define	_POSIX_ACL_PATH_MAX     ACL_MAX_ENTRIES

 typedef int	acl_type_t;
 typedef int	acl_tag_t;
@ -65,36 +55,37 @@ typedef struct acl_entry	*acl_entry_t;

 struct acl {
 	int			acl_cnt;
-	struct acl_entry	acl_entry[MAX_ACL_ENTRIES];
+	struct acl_entry	acl_entry[ACL_MAX_ENTRIES];
 };
 typedef struct acl	*acl_t;

 /*
 * Possible valid values for a_type of acl_entry_t
 */
-#define ACL_USER_OBJ	0x00000001
-#define ACL_USER	0x00000002
-#define ACL_GROUP_OBJ	0x00000004
-#define ACL_GROUP	0x00000008
-#define ACL_MASK	0x00000010
-#define ACL_OTHER	0x00000020
-#define ACL_OTHER_OBJ	ACL_OTHER
-#define ACL_AFS_ID	0x00000040
+#define	ACL_USER_OBJ	0x00000001
+#define	ACL_USER	0x00000002
+#define	ACL_GROUP_OBJ	0x00000004
+#define	ACL_GROUP	0x00000008
+#define	ACL_MASK	0x00000010
+#define	ACL_OTHER	0x00000020
+#define	ACL_OTHER_OBJ	ACL_OTHER
+#define	ACL_AFS_ID	0x00000040

-#define ACL_TYPE_ACCESS		0x00000000
-#define ACL_TYPE_DEFAULT	0x00000001
+#define	ACL_TYPE_ACCESS	0x00000000
+#define	ACL_TYPE_DEFAULT	0x00000001

 /*
 * Possible flags in a_perm field
 */
-#define ACL_PERM_EXEC		0x0001
-#define ACL_PERM_WRITE		0x0002
-#define ACL_PERM_READ		0x0004
-#define ACL_PERM_NONE		0x0000
-#define ACL_PERM_BITS		(ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ)
-#define ACL_POSIX1E_BITS	(ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ)
+#define	ACL_PERM_EXEC	0x0001
+#define	ACL_PERM_WRITE	0x0002
+#define	ACL_PERM_READ	0x0004
+#define	ACL_PERM_NONE	0x0000
+#define	ACL_PERM_BITS	(ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ)
+#define	ACL_POSIX1E_BITS	(ACL_PERM_EXEC | ACL_PERM_WRITE | ACL_PERM_READ)

 #ifdef _KERNEL
+
 /*
 * Storage for ACLs and support structures
 */
@ -118,42 +109,40 @@ struct vattr;
 struct vop_getacl_args;
 struct vop_aclcheck_args;

-int	posix1e_acl_access(struct acl *a_acl, int a_mode, struct ucred *a_cred,
-			   struct proc *a_p);
 void	generic_attr_to_posix1e_acl(struct acl *a_acl, struct vattr *vattr);
-int	generic_vop_getacl(struct vop_getacl_args *ap);
 int	generic_vop_aclcheck(struct vop_aclcheck_args *ap);
+int	generic_vop_getacl(struct vop_getacl_args *ap);
+int	posix1e_acl_access(struct acl *a_acl, int a_mode, struct ucred *a_cred,
+	    struct proc *a_p);
 int	posix1e_vop_aclcheck(struct vop_aclcheck_args *ap);

-#else /* _KERNEL */
+#else /* !_KERNEL */

 /*
 * Syscall interface -- use the library calls instead as the syscalls
 * have strict acl entry ordering requirements
 */
-int	acl_syscall_get_file(char *path, acl_type_t type, struct acl *aclp);
-int	acl_syscall_set_file(char *path, acl_type_t type, struct acl *aclp);
-int	acl_syscall_get_fd(int filedes, acl_type_t type, struct acl *aclp);
-int	acl_syscall_set_fd(int filedes, acl_type_t type, struct acl *aclp);
-int	acl_syscall_delete_file(const char *path_p, acl_type_t type);
-int	acl_syscall_delete_fd(int filedes, acl_type_t type);
-int	acl_syscall_aclcheck_file(char *path, acl_type_t type,
-				  struct acl *aclp);
-int	acl_syscall_aclcheck_fd(int filedes, acl_type_t type,
-				struct acl *aclp);
+__BEGIN_DECLS
+int	__acl_aclcheck_fd(int filedes, acl_type_t type,
+	    struct acl *aclp);
+int	__acl_aclcheck_file(const char *path, acl_type_t type,
+	    struct acl *aclp);
+int	__acl_delete_fd(int filedes, acl_type_t type);
+int	__acl_delete_file(const char *path_p, acl_type_t type);
+int	__acl_get_fd(int filedes, acl_type_t type, struct acl *aclp);
+int	__acl_get_file(const char *path, acl_type_t type, struct acl *aclp);
+int	__acl_set_fd(int filedes, acl_type_t type, struct acl *aclp);
+int	__acl_set_file(const char *path, acl_type_t type, struct acl *aclp);
+__END_DECLS

 /*
 * Supported POSIX.1e ACL manipulation and assignment/retrieval API
- * These are currently provided by libposix1e_acl, which is not shipped
- * with the base distribution, but will be soon.  Some of these are
- * from POSIX.1e-extensions.
- *
- * Not all POSIX.1e ACL functions are listed here yet, but more will
- * be soon.
 */
+__BEGIN_DECLS
 int	acl_calc_mask(acl_t *acl_p);
-int	acl_delete_def_file(const char *path_p);
 int	acl_delete_def_fd(int filedes);
+int	acl_delete_def_file(const char *path_p);
+int	acl_free(void *obj_p);
 acl_t	acl_from_text(const char *buf_p);
 acl_t	acl_get_fd(int fd, acl_type_t type);
 acl_t	acl_get_file(const char *path_p, acl_type_t type);
@ -162,9 +151,9 @@ int	acl_set_fd(int fd, acl_t acl, acl_type_t type);
 int	acl_set_file(const char *path_p, acl_type_t type, acl_t acl);
 char	*acl_to_text(acl_t acl, ssize_t *len_p);
 int	acl_valid(acl_t acl);
-int	acl_valid_file(const char *path_p, acl_type_t type, acl_t acl);
 int	acl_valid_fd(int fd, acl_type_t type, acl_t acl);
-int	acl_free(void *obj_p);
+int	acl_valid_file(const char *path_p, acl_type_t type, acl_t acl);
+__END_DECLS

-#endif /* _KERNEL */
-#endif /* _SYS_ACL_H */
+#endif /* !_KERNEL */
+#endif /* !_SYS_ACL_H */
--- a/sys/sys/extattr.h
+++ b/sys/sys/extattr.h
@ -40,18 +40,24 @@
 */

 #ifndef _SYS_EXTATTR_H_
-#define _SYS_EXTATTR_H_
+#define	_SYS_EXTATTR_H_
+#ifdef _KERNEL

-#define EXTATTR_MAXNAMELEN	NAME_MAX
+#define	EXTATTR_MAXNAMELEN	NAME_MAX

-#ifndef _KERNEL
+#else
+#include <sys/cdefs.h>

-int	extattrctl(char *path, int cmd, char *attrname, caddr_t arg);
-int	extattr_set_file(char *path, char *attrname, struct iovec *iovp,
-	u_int iovcnt);
-int	extattr_get_file(char *path, char *attrname, struct iovec *iovp,
-	u_int iovcnt);
-int	extattr_delete_file(char *path, char *attrname);
+struct iovec;

-#endif
-#endif /* _SYS_EXTATTR_H_ */
+__BEGIN_DECLS
+int	extattrctl(const char *path, int cmd, const char *attrname, char *arg);
+int	extattr_delete_file(const char *path, const char *attrname);
+int	extattr_get_file(const char *path, const char *attrname,
+	    struct iovec *iovp, unsigned iovcnt);
+int	extattr_set_file(const char *path, const char *attrname,
+	    struct iovec *iovp, unsigned iovcnt);
+__END_DECLS
+
+#endif /* !_KERNEL */
+#endif /* !_SYS_EXTATTR_H_ */
--- a/sys/sys/mount.h
+++ b/sys/sys/mount.h
@ -332,7 +332,7 @@ struct vfsops {
 	int	(*vfs_init)	__P((struct vfsconf *));
 	int	(*vfs_uninit)	__P((struct vfsconf *));
 	int	(*vfs_extattrctl) __P((struct mount *mp, int cmd,
-					char *attrname, caddr_t arg,
+					const char *attrname, caddr_t arg,
 					struct proc *p));
 };

@ -444,7 +444,7 @@ int	vfs_stdcheckexp __P((struct mount *mp, struct sockaddr *nam,
 int	vfs_stdvptofh __P((struct vnode *vp, struct fid *fhp));
 int	vfs_stdinit __P((struct vfsconf *));
 int	vfs_stduninit __P((struct vfsconf *));
-int	vfs_stdextattrctl __P((struct mount *mp, int cmd, char *attrname,
+int	vfs_stdextattrctl __P((struct mount *mp, int cmd, const char *attrname,
 		caddr_t arg, struct proc *p));

 #else /* !_KERNEL */
--- a/sys/sys/syscall.mk
+++ b/sys/sys/syscall.mk
@ -1,7 +1,7 @@
 # FreeBSD system call names.
 # DO NOT EDIT-- this file is automatically generated.
 # $FreeBSD$
-# created from FreeBSD: src/sys/kern/syscalls.master,v 1.71 2000/01/16 16:30:50 peter Exp 
+# created from FreeBSD: src/sys/kern/syscalls.master,v 1.72 2000/01/19 06:01:07 rwatson Exp 
 MIASM =  \
 	syscall.o \
 	exit.o \
@ -220,14 +220,14 @@ MIASM =  \
 	sigaction.o \
 	sigpending.o \
 	sigreturn.o \
-	acl_syscall_get_file.o \
-	acl_syscall_set_file.o \
-	acl_syscall_get_fd.o \
-	acl_syscall_set_fd.o \
-	acl_syscall_delete_file.o \
-	acl_syscall_delete_fd.o \
-	acl_syscall_aclcheck_file.o \
-	acl_syscall_aclcheck_fd.o \
+	__acl_get_file.o \
+	__acl_set_file.o \
+	__acl_get_fd.o \
+	__acl_set_fd.o \
+	__acl_delete_file.o \
+	__acl_delete_fd.o \
+	__acl_aclcheck_file.o \
+	__acl_aclcheck_fd.o \
 	extattrctl.o \
 	extattr_set_file.o \
 	extattr_get_file.o \