diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index 44e165878261..fb06edea3012 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_framework.c +++ b/sys/security/mac/mac_framework.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_pipe.c b/sys/security/mac/mac_pipe.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_pipe.c +++ b/sys/security/mac/mac_pipe.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_process.c b/sys/security/mac/mac_process.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_process.c +++ b/sys/security/mac/mac_process.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_system.c b/sys/security/mac/mac_system.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_system.c +++ b/sys/security/mac/mac_system.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c index 44e165878261..fb06edea3012 100644 --- a/sys/security/mac/mac_vfs.c +++ b/sys/security/mac/mac_vfs.c @@ -98,14 +98,14 @@ SYSCTL_DECL(_security); SYSCTL_NODE(_security, OID_AUTO, mac, CTLFLAG_RW, 0, "TrustedBSD MAC policy controls"); -#if MAC_MAX_POLICIES > 32 -#error "MAC_MAX_POLICIES too large" +#if MAC_MAX_SLOTS > 32 +#error "MAC_MAX_SLOTS too large" #endif -static unsigned int mac_max_policies = MAC_MAX_POLICIES; -static unsigned int mac_policy_offsets_free = (1 << MAC_MAX_POLICIES) - 1; -SYSCTL_UINT(_security_mac, OID_AUTO, max_policies, CTLFLAG_RD, - &mac_max_policies, 0, ""); +static unsigned int mac_max_slots = MAC_MAX_SLOTS; +static unsigned int mac_slot_offsets_free = (1 << MAC_MAX_SLOTS) - 1; +SYSCTL_UINT(_security_mac, OID_AUTO, max_slots, CTLFLAG_RD, + &mac_max_slots, 0, ""); /* * Has the kernel started generating labeled objects yet? All read/write @@ -645,13 +645,13 @@ mac_policy_register(struct mac_policy_conf *mpc) } } if (mpc->mpc_field_off != NULL) { - slot = ffs(mac_policy_offsets_free); + slot = ffs(mac_slot_offsets_free); if (slot == 0) { error = ENOMEM; goto out; } slot--; - mac_policy_offsets_free &= ~(1 << slot); + mac_slot_offsets_free &= ~(1 << slot); *mpc->mpc_field_off = slot; } mpc->mpc_runtime_flags |= MPC_RUNTIME_FLAG_REGISTERED; diff --git a/sys/sys/_label.h b/sys/sys/_label.h index 366e6a3afc2f..ad421a2531b4 100644 --- a/sys/sys/_label.h +++ b/sys/sys/_label.h @@ -41,7 +41,7 @@ * and various other messes. */ -#define MAC_MAX_POLICIES 4 +#define MAC_MAX_SLOTS 4 #define MAC_FLAG_INITIALIZED 0x0000001 /* Is initialized for use. */ @@ -50,7 +50,7 @@ struct label { union { void *l_ptr; long l_long; - } l_perpolicy[MAC_MAX_POLICIES]; + } l_perpolicy[MAC_MAX_SLOTS]; }; #endif /* !_SYS__LABEL_H */