Apply variable name normalization to MAC policies: adopt global conventions

for the naming of variables associated with specific data structures.

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2007-04-23 13:15:23 +00:00
parent 8c804c7c98
commit 78007886c9
10 changed files with 995 additions and 1001 deletions

File diff suppressed because it is too large Load Diff

View File

@ -489,7 +489,7 @@ mac_bsdextended_check_vp(struct ucred *cred, struct vnode *vp, int acc_mode)
static int
mac_bsdextended_check_system_acct(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -497,7 +497,7 @@ mac_bsdextended_check_system_acct(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_system_auditctl(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -505,7 +505,7 @@ mac_bsdextended_check_system_auditctl(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_system_swapoff(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -513,7 +513,7 @@ mac_bsdextended_check_system_swapoff(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_system_swapon(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -521,7 +521,7 @@ mac_bsdextended_check_system_swapon(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, int acc_mode)
struct label *vplabel, int acc_mode)
{
return (mac_bsdextended_check_vp(cred, vp, acc_mode));
@ -529,7 +529,7 @@ mac_bsdextended_check_vnode_access(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
return (mac_bsdextended_check_vp(cred, dvp, MBI_EXEC));
@ -537,7 +537,7 @@ mac_bsdextended_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
return (mac_bsdextended_check_vp(cred, dvp, MBI_EXEC));
@ -545,7 +545,7 @@ mac_bsdextended_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_create_vnode(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp, struct vattr *vap)
struct label *dvplabel, struct componentname *cnp, struct vattr *vap)
{
return (mac_bsdextended_check_vp(cred, dvp, MBI_WRITE));
@ -553,7 +553,7 @@ mac_bsdextended_check_create_vnode(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
int error;
@ -567,15 +567,16 @@ mac_bsdextended_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
}
static int
mac_bsdextended_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name)
mac_bsdextended_check_vnode_deleteextattr(struct ucred *cred,
struct vnode *vp, struct label *vplabel, int attrnamespace,
const char *name)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -583,7 +584,7 @@ mac_bsdextended_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp,
struct label *label, struct image_params *imgp,
struct label *vplabel, struct image_params *imgp,
struct label *execlabel)
{
@ -592,7 +593,7 @@ mac_bsdextended_check_vnode_exec(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_STAT));
@ -600,7 +601,8 @@ mac_bsdextended_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_READ));
@ -608,7 +610,7 @@ mac_bsdextended_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_link(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *label,
struct componentname *cnp)
{
int error;
@ -625,7 +627,7 @@ mac_bsdextended_check_vnode_link(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace)
struct label *vplabel, int attrnamespace)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_READ));
@ -633,7 +635,7 @@ mac_bsdextended_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp)
struct label *dvplabel, struct componentname *cnp)
{
return (mac_bsdextended_check_vp(cred, dvp, MBI_EXEC));
@ -641,7 +643,7 @@ mac_bsdextended_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_open(struct ucred *cred, struct vnode *vp,
struct label *filelabel, int acc_mode)
struct label *vplabel, int acc_mode)
{
return (mac_bsdextended_check_vp(cred, vp, acc_mode));
@ -649,7 +651,7 @@ mac_bsdextended_check_vnode_open(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_readdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
return (mac_bsdextended_check_vp(cred, dvp, MBI_READ));
@ -657,7 +659,7 @@ mac_bsdextended_check_vnode_readdir(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_readdlink(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_READ));
@ -665,7 +667,7 @@ mac_bsdextended_check_vnode_readdlink(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
int error;
@ -680,8 +682,8 @@ mac_bsdextended_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label, int samedir,
struct componentname *cnp)
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
int samedir, struct componentname *cnp)
{
int error;
@ -697,7 +699,7 @@ mac_bsdextended_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
static int
mac_bsdextended_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -705,7 +707,7 @@ mac_bsdextended_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_setacl_vnode(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type, struct acl *acl)
struct label *vplabel, acl_type_t type, struct acl *acl)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -713,7 +715,8 @@ mac_bsdextended_check_setacl_vnode(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_WRITE));
@ -721,7 +724,7 @@ mac_bsdextended_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
struct label *label, u_long flags)
struct label *vplabel, u_long flags)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -729,7 +732,7 @@ mac_bsdextended_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t mode)
struct label *vplabel, mode_t mode)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -737,7 +740,7 @@ mac_bsdextended_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
struct label *label, uid_t uid, gid_t gid)
struct label *vplabel, uid_t uid, gid_t gid)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -745,7 +748,7 @@ mac_bsdextended_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
struct label *label, struct timespec atime, struct timespec utime)
struct label *vplabel, struct timespec atime, struct timespec utime)
{
return (mac_bsdextended_check_vp(cred, vp, MBI_ADMIN));
@ -753,7 +756,7 @@ mac_bsdextended_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
static int
mac_bsdextended_check_vnode_stat(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
struct ucred *file_cred, struct vnode *vp, struct label *vplabel)
{
return (mac_bsdextended_check_vp(active_cred, vp, MBI_STAT));

View File

@ -79,31 +79,31 @@ SYSCTL_INT(_security_mac_ifoff, OID_AUTO, bpfrecv_enabled, CTLFLAG_RW,
TUNABLE_INT("security.mac.ifoff.bpfrecv.enabled", &mac_ifoff_bpfrecv_enabled);
static int
check_ifnet_outgoing(struct ifnet *ifnet)
check_ifnet_outgoing(struct ifnet *ifp)
{
if (!mac_ifoff_enabled)
return (0);
if (mac_ifoff_lo_enabled && ifnet->if_type == IFT_LOOP)
if (mac_ifoff_lo_enabled && ifp->if_type == IFT_LOOP)
return (0);
if (mac_ifoff_other_enabled && ifnet->if_type != IFT_LOOP)
if (mac_ifoff_other_enabled && ifp->if_type != IFT_LOOP)
return (0);
return (EPERM);
}
static int
check_ifnet_incoming(struct ifnet *ifnet, int viabpf)
check_ifnet_incoming(struct ifnet *ifp, int viabpf)
{
if (!mac_ifoff_enabled)
return (0);
if (mac_ifoff_lo_enabled && ifnet->if_type == IFT_LOOP)
if (mac_ifoff_lo_enabled && ifp->if_type == IFT_LOOP)
return (0);
if (mac_ifoff_other_enabled && ifnet->if_type != IFT_LOOP)
if (mac_ifoff_other_enabled && ifp->if_type != IFT_LOOP)
return (0);
if (viabpf && mac_ifoff_bpfrecv_enabled)
@ -113,19 +113,19 @@ check_ifnet_incoming(struct ifnet *ifnet, int viabpf)
}
static int
mac_ifoff_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel,
struct ifnet *ifnet, struct label *ifnetlabel)
mac_ifoff_check_bpfdesc_receive(struct bpf_d *d, struct label *dlabel,
struct ifnet *ifp, struct label *ifplabel)
{
return (check_ifnet_incoming(ifnet, 1));
return (check_ifnet_incoming(ifp, 1));
}
static int
mac_ifoff_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *m, struct label *mbuflabel)
mac_ifoff_check_ifnet_transmit(struct ifnet *ifp, struct label *ifplabel,
struct mbuf *m, struct label *mlabel)
{
return (check_ifnet_outgoing(ifnet));
return (check_ifnet_outgoing(ifp));
}
static int
@ -141,8 +141,8 @@ mac_ifoff_check_inpcb_deliver(struct inpcb *inp, struct label *inplabel,
}
static int
mac_ifoff_check_socket_deliver(struct socket *so, struct label *socketlabel,
struct mbuf *m, struct label *mbuflabel)
mac_ifoff_check_socket_deliver(struct socket *so, struct label *solabel,
struct mbuf *m, struct label *mlabel)
{
M_ASSERTPKTHDR(m);

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -174,60 +174,61 @@ mac_partition_check_cred_relabel(struct ucred *cred, struct label *newlabel)
}
static int
mac_partition_check_cred_visible(struct ucred *u1, struct ucred *u2)
mac_partition_check_cred_visible(struct ucred *cr1, struct ucred *cr2)
{
int error;
error = label_on_label(u1->cr_label, u2->cr_label);
error = label_on_label(cr1->cr_label, cr2->cr_label);
return (error == 0 ? 0 : ESRCH);
}
static int
mac_partition_check_proc_debug(struct ucred *cred, struct proc *proc)
mac_partition_check_proc_debug(struct ucred *cred, struct proc *p)
{
int error;
error = label_on_label(cred->cr_label, proc->p_ucred->cr_label);
error = label_on_label(cred->cr_label, p->p_ucred->cr_label);
return (error ? ESRCH : 0);
}
static int
mac_partition_check_proc_sched(struct ucred *cred, struct proc *proc)
mac_partition_check_proc_sched(struct ucred *cred, struct proc *p)
{
int error;
error = label_on_label(cred->cr_label, proc->p_ucred->cr_label);
error = label_on_label(cred->cr_label, p->p_ucred->cr_label);
return (error ? ESRCH : 0);
}
static int
mac_partition_check_proc_signal(struct ucred *cred, struct proc *proc,
mac_partition_check_proc_signal(struct ucred *cred, struct proc *p,
int signum)
{
int error;
error = label_on_label(cred->cr_label, proc->p_ucred->cr_label);
error = label_on_label(cred->cr_label, p->p_ucred->cr_label);
return (error ? ESRCH : 0);
}
static int
mac_partition_check_socket_visible(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_partition_check_socket_visible(struct ucred *cred, struct socket *so,
struct label *solabel)
{
int error;
error = label_on_label(cred->cr_label, socketlabel);
error = label_on_label(cred->cr_label, solabel);
return (error ? ENOENT : 0);
}
static int
mac_partition_check_vnode_exec(struct ucred *cred, struct vnode *vp,
struct label *label, struct image_params *imgp, struct label *execlabel)
struct label *vplabel, struct image_params *imgp,
struct label *execlabel)
{
if (execlabel != NULL) {

View File

@ -432,7 +432,7 @@ rules_check(struct ucred *cred, int family, int type, u_int16_t port)
*/
static int
check_socket_bind(struct ucred *cred, struct socket *so,
struct label *socketlabel, struct sockaddr *sockaddr)
struct label *solabel, struct sockaddr *sa)
{
struct sockaddr_in *sin;
struct inpcb *inp;
@ -454,13 +454,12 @@ check_socket_bind(struct ucred *cred, struct socket *so,
return (0);
/* Reject addresses we don't understand; fail closed. */
if (sockaddr->sa_family != AF_INET &&
sockaddr->sa_family != AF_INET6)
if (sa->sa_family != AF_INET && sa->sa_family != AF_INET6)
return (EINVAL);
family = so->so_proto->pr_domain->dom_family;
type = so->so_type;
sin = (struct sockaddr_in *) sockaddr;
sin = (struct sockaddr_in *) sa;
port = ntohs(sin->sin_port);
/*

View File

@ -36,6 +36,7 @@
/*
* Developed by the TrustedBSD Project.
*
* Prevent processes owned by a particular uid from seeing various transient
* kernel objects associated with other uids.
*/
@ -92,27 +93,28 @@ SYSCTL_INT(_security_mac_seeotheruids, OID_AUTO, specificgid, CTLFLAG_RW,
&specificgid, 0, "Specific gid to be exempt from seeotheruids policy");
static int
mac_seeotheruids_check(struct ucred *u1, struct ucred *u2)
mac_seeotheruids_check(struct ucred *cr1, struct ucred *cr2)
{
if (!mac_seeotheruids_enabled)
return (0);
if (primarygroup_enabled) {
if (u1->cr_rgid == u2->cr_rgid)
if (cr1->cr_rgid == cr2->cr_rgid)
return (0);
}
if (specificgid_enabled) {
if (u1->cr_rgid == specificgid || groupmember(specificgid, u1))
if (cr1->cr_rgid == specificgid ||
groupmember(specificgid, cr1))
return (0);
}
if (u1->cr_ruid == u2->cr_ruid)
if (cr1->cr_ruid == cr2->cr_ruid)
return (0);
if (suser_privileged) {
if (priv_check_cred(u1, PRIV_SEEOTHERUIDS, SUSER_ALLOWJAIL)
if (priv_check_cred(cr1, PRIV_SEEOTHERUIDS, SUSER_ALLOWJAIL)
== 0)
return (0);
}
@ -121,40 +123,40 @@ mac_seeotheruids_check(struct ucred *u1, struct ucred *u2)
}
static int
mac_seeotheruids_check_cred_visible(struct ucred *u1, struct ucred *u2)
mac_seeotheruids_check_cred_visible(struct ucred *cr1, struct ucred *cr2)
{
return (mac_seeotheruids_check(u1, u2));
return (mac_seeotheruids_check(cr1, cr2));
}
static int
mac_seeotheruids_check_proc_signal(struct ucred *cred, struct proc *proc,
mac_seeotheruids_check_proc_signal(struct ucred *cred, struct proc *p,
int signum)
{
return (mac_seeotheruids_check(cred, proc->p_ucred));
return (mac_seeotheruids_check(cred, p->p_ucred));
}
static int
mac_seeotheruids_check_proc_sched(struct ucred *cred, struct proc *proc)
mac_seeotheruids_check_proc_sched(struct ucred *cred, struct proc *p)
{
return (mac_seeotheruids_check(cred, proc->p_ucred));
return (mac_seeotheruids_check(cred, p->p_ucred));
}
static int
mac_seeotheruids_check_proc_debug(struct ucred *cred, struct proc *proc)
mac_seeotheruids_check_proc_debug(struct ucred *cred, struct proc *p)
{
return (mac_seeotheruids_check(cred, proc->p_ucred));
return (mac_seeotheruids_check(cred, p->p_ucred));
}
static int
mac_seeotheruids_check_socket_visible(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_seeotheruids_check_socket_visible(struct ucred *cred, struct socket *so,
struct label *solabel)
{
return (mac_seeotheruids_check(cred, socket->so_cred));
return (mac_seeotheruids_check(cred, so->so_cred));
}
static struct mac_policy_ops mac_seeotheruids_ops =

View File

@ -163,16 +163,16 @@ stub_internalize_label(struct label *label, char *element_name,
* a lot like file system objects.
*/
static void
stub_associate_vnode_devfs(struct mount *mp, struct label *mntlabel,
stub_associate_vnode_devfs(struct mount *mp, struct label *mplabel,
struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
struct label *vlabel)
struct label *vplabel)
{
}
static int
stub_associate_vnode_extattr(struct mount *mp, struct label *mntlabel,
struct vnode *vp, struct label *vlabel)
stub_associate_vnode_extattr(struct mount *mp, struct label *mplabel,
struct vnode *vp, struct label *vplabel)
{
return (0);
@ -180,7 +180,7 @@ stub_associate_vnode_extattr(struct mount *mp, struct label *mntlabel,
static void
stub_associate_vnode_singlelabel(struct mount *mp,
struct label *mntlabel, struct vnode *vp, struct label *vlabel)
struct label *mplabel, struct vnode *vp, struct label *vplabel)
{
}
@ -193,14 +193,14 @@ stub_associate_nfsd_label(struct ucred *cred)
static void
stub_create_devfs_device(struct ucred *cred, struct mount *mp,
struct cdev *dev, struct devfs_dirent *devfs_dirent, struct label *label)
struct cdev *dev, struct devfs_dirent *de, struct label *delabel)
{
}
static void
stub_create_devfs_directory(struct mount *mp, char *dirname,
int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label)
int dirnamelen, struct devfs_dirent *de, struct label *delabel)
{
}
@ -215,8 +215,8 @@ stub_create_devfs_symlink(struct ucred *cred, struct mount *mp,
static int
stub_create_vnode_extattr(struct ucred *cred, struct mount *mp,
struct label *mntlabel, struct vnode *dvp, struct label *dlabel,
struct vnode *vp, struct label *vlabel, struct componentname *cnp)
struct label *mntlabel, struct vnode *dvp, struct label *dvplabel,
struct vnode *vp, struct label *vplabel, struct componentname *cnp)
{
return (0);
@ -224,30 +224,29 @@ stub_create_vnode_extattr(struct ucred *cred, struct mount *mp,
static void
stub_create_mount(struct ucred *cred, struct mount *mp,
struct label *mntlabel)
struct label *mplabel)
{
}
static void
stub_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
struct label *vplabel, struct label *label)
{
}
static int
stub_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp,
struct label *vlabel, struct label *intlabel)
struct label *vplabel, struct label *intlabel)
{
return (0);
}
static void
stub_update_devfsdirent(struct mount *mp,
struct devfs_dirent *devfs_dirent, struct label *direntlabel,
struct vnode *vp, struct label *vnodelabel)
stub_update_devfsdirent(struct mount *mp, struct devfs_dirent *de,
struct label *delabel, struct vnode *vp, struct label *vplabel)
{
}
@ -256,22 +255,22 @@ stub_update_devfsdirent(struct mount *mp,
* Labeling event operations: IPC object.
*/
static void
stub_create_mbuf_from_socket(struct socket *so, struct label *socketlabel,
struct mbuf *m, struct label *mbuflabel)
stub_create_mbuf_from_socket(struct socket *so, struct label *solabel,
struct mbuf *m, struct label *mlabel)
{
}
static void
stub_create_socket(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
stub_create_socket(struct ucred *cred, struct socket *so,
struct label *solabel)
{
}
static void
stub_create_pipe(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel)
struct label *pplabel)
{
}
@ -284,38 +283,37 @@ stub_create_posix_sem(struct ucred *cred, struct ksem *ksemptr,
}
static void
stub_create_socket_from_socket(struct socket *oldsocket,
struct label *oldsocketlabel, struct socket *newsocket,
struct label *newsocketlabel)
stub_create_socket_from_socket(struct socket *oldso,
struct label *oldsolabel, struct socket *newso, struct label *newsolabel)
{
}
static void
stub_relabel_socket(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct label *newlabel)
stub_relabel_socket(struct ucred *cred, struct socket *so,
struct label *solabel, struct label *newlabel)
{
}
static void
stub_relabel_pipe(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel, struct label *newlabel)
struct label *pplabel, struct label *newlabel)
{
}
static void
stub_set_socket_peer_from_mbuf(struct mbuf *mbuf, struct label *mbuflabel,
struct socket *socket, struct label *socketpeerlabel)
stub_set_socket_peer_from_mbuf(struct mbuf *m, struct label *mlabel,
struct socket *so, struct label *sopeerlabel)
{
}
static void
stub_set_socket_peer_from_socket(struct socket *oldsocket,
struct label *oldsocketlabel, struct socket *newsocket,
struct label *newsocketpeerlabel)
stub_set_socket_peer_from_socket(struct socket *oldso,
struct label *oldsolabel, struct socket *newso,
struct label *newsopeerlabel)
{
}
@ -324,28 +322,28 @@ stub_set_socket_peer_from_socket(struct socket *oldsocket,
* Labeling event operations: network objects.
*/
static void
stub_create_bpfdesc(struct ucred *cred, struct bpf_d *bpf_d,
struct label *bpflabel)
stub_create_bpfdesc(struct ucred *cred, struct bpf_d *d,
struct label *dlabel)
{
}
static void
stub_create_datagram_from_ipq(struct ipq *ipq, struct label *ipqlabel,
struct mbuf *datagram, struct label *datagramlabel)
struct mbuf *m, struct label *mlabel)
{
}
static void
stub_create_fragment(struct mbuf *datagram, struct label *datagramlabel,
struct mbuf *fragment, struct label *fragmentlabel)
stub_create_fragment(struct mbuf *m, struct label *mlabel, struct mbuf *frag,
struct label *fraglabel)
{
}
static void
stub_create_ifnet(struct ifnet *ifnet, struct label *ifnetlabel)
stub_create_ifnet(struct ifnet *ifp, struct label *ifplabel)
{
}
@ -392,8 +390,8 @@ stub_create_sysv_shm(struct ucred *cred, struct shmid_kernel *shmsegptr,
}
static void
stub_create_ipq(struct mbuf *fragment, struct label *fragmentlabel,
struct ipq *ipq, struct label *ipqlabel)
stub_create_ipq(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
struct label *ipqlabel)
{
}
@ -407,57 +405,56 @@ stub_create_mbuf_from_inpcb(struct inpcb *inp, struct label *inplabel,
static void
stub_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m,
struct label *mbuf_label)
struct label *mlabel)
{
}
static void
stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *mbuf, struct label *mbuflabel)
struct mbuf *m, struct label *mlabel)
{
}
static void
stub_create_mbuf_from_bpfdesc(struct bpf_d *bpf_d, struct label *bpflabel,
struct mbuf *mbuf, struct label *mbuflabel)
stub_create_mbuf_from_bpfdesc(struct bpf_d *d, struct label *dlabel,
struct mbuf *m, struct label *mlabel)
{
}
static void
stub_create_mbuf_from_ifnet(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *m, struct label *mbuflabel)
stub_create_mbuf_from_ifnet(struct ifnet *ifp, struct label *ifplabel,
struct mbuf *m, struct label *mlabel)
{
}
static void
stub_create_mbuf_multicast_encap(struct mbuf *oldmbuf,
struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *newmbuf, struct label *newmbuflabel)
stub_create_mbuf_multicast_encap(struct mbuf *m, struct label *mlabel,
struct ifnet *ifp, struct label *ifplabel, struct mbuf *mnew,
struct label *mnewlabel)
{
}
static void
stub_create_mbuf_netlayer(struct mbuf *oldmbuf,
struct label *oldmbuflabel, struct mbuf *newmbuf, struct label *newmbuflabel)
stub_create_mbuf_netlayer(struct mbuf *m, struct label *mlabel,
struct mbuf *mnew, struct label *mnewlabel)
{
}
static void
stub_create_mbuf_from_firewall(struct mbuf *m, struct label *label)
stub_create_mbuf_from_firewall(struct mbuf *m, struct label *mlabel)
{
}
static int
stub_fragment_match(struct mbuf *fragment, struct label *fragmentlabel,
struct ipq *ipq, struct label *ipqlabel)
stub_fragment_match(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
struct label *ipqlabel)
{
return (1);
@ -476,15 +473,15 @@ stub_reflect_mbuf_tcp(struct mbuf *m, struct label *mlabel)
}
static void
stub_relabel_ifnet(struct ucred *cred, struct ifnet *ifnet,
struct label *ifnetlabel, struct label *newlabel)
stub_relabel_ifnet(struct ucred *cred, struct ifnet *ifp,
struct label *ifplabel, struct label *newlabel)
{
}
static void
stub_update_ipq(struct mbuf *fragment, struct label *fragmentlabel,
struct ipq *ipq, struct label *ipqlabel)
stub_update_ipq(struct mbuf *m, struct label *mlabel, struct ipq *ipq,
struct label *ipqlabel)
{
}
@ -501,16 +498,15 @@ stub_inpcb_sosetlabel(struct socket *so, struct label *solabel,
*/
static void
stub_execve_transition(struct ucred *old, struct ucred *new,
struct vnode *vp, struct label *vnodelabel,
struct label *interpvnodelabel, struct image_params *imgp,
struct label *execlabel)
struct vnode *vp, struct label *vplabel, struct label *interpvnodelabel,
struct image_params *imgp, struct label *execlabel)
{
}
static int
stub_execve_will_transition(struct ucred *old, struct vnode *vp,
struct label *vnodelabel, struct label *interpvnodelabel,
struct label *vplabel, struct label *interpvnodelabel,
struct image_params *imgp, struct label *execlabel)
{
@ -572,8 +568,8 @@ stub_cleanup_sysv_shm(struct label *shmlabel)
* Access control checks.
*/
static int
stub_check_bpfdesc_receive(struct bpf_d *bpf_d, struct label *bpflabel,
struct ifnet *ifnet, struct label *ifnet_label)
stub_check_bpfdesc_receive(struct bpf_d *d, struct label *dlabel,
struct ifnet *ifp, struct label *ifplabel)
{
return (0);
@ -587,23 +583,23 @@ stub_check_cred_relabel(struct ucred *cred, struct label *newlabel)
}
static int
stub_check_cred_visible(struct ucred *u1, struct ucred *u2)
stub_check_cred_visible(struct ucred *cr1, struct ucred *cr2)
{
return (0);
}
static int
stub_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet,
struct label *ifnetlabel, struct label *newlabel)
stub_check_ifnet_relabel(struct ucred *cred, struct ifnet *ifp,
struct label *ifplabel, struct label *newlabel)
{
return (0);
}
static int
stub_check_ifnet_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
struct mbuf *m, struct label *mbuflabel)
stub_check_ifnet_transmit(struct ifnet *ifp, struct label *ifplabel,
struct mbuf *m, struct label *mlabel)
{
return (0);
@ -767,7 +763,7 @@ stub_check_kenv_unset(struct ucred *cred, char *name)
static int
stub_check_kld_load(struct ucred *cred, struct vnode *vp,
struct label *vlabel)
struct label *vplabel)
{
return (0);
@ -782,7 +778,7 @@ stub_check_kld_stat(struct ucred *cred)
static int
stub_check_mount_stat(struct ucred *cred, struct mount *mp,
struct label *mntlabel)
struct label *mplabel)
{
return (0);
@ -790,7 +786,7 @@ stub_check_mount_stat(struct ucred *cred, struct mount *mp,
static int
stub_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel, unsigned long cmd, void /* caddr_t */ *data)
struct label *pplabel, unsigned long cmd, void /* caddr_t */ *data)
{
return (0);
@ -798,7 +794,7 @@ stub_check_pipe_ioctl(struct ucred *cred, struct pipepair *pp,
static int
stub_check_pipe_poll(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel)
struct label *pplabel)
{
return (0);
@ -806,7 +802,7 @@ stub_check_pipe_poll(struct ucred *cred, struct pipepair *pp,
static int
stub_check_pipe_read(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel)
struct label *pplabel)
{
return (0);
@ -814,7 +810,7 @@ stub_check_pipe_read(struct ucred *cred, struct pipepair *pp,
static int
stub_check_pipe_relabel(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel, struct label *newlabel)
struct label *pplabel, struct label *newlabel)
{
return (0);
@ -822,7 +818,7 @@ stub_check_pipe_relabel(struct ucred *cred, struct pipepair *pp,
static int
stub_check_pipe_stat(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel)
struct label *pplabel)
{
return (0);
@ -830,7 +826,7 @@ stub_check_pipe_stat(struct ucred *cred, struct pipepair *pp,
static int
stub_check_pipe_write(struct ucred *cred, struct pipepair *pp,
struct label *pipelabel)
struct label *pplabel)
{
return (0);
@ -885,28 +881,28 @@ stub_check_posix_sem_wait(struct ucred *cred, struct ksem *ksemptr,
}
static int
stub_check_proc_debug(struct ucred *cred, struct proc *proc)
stub_check_proc_debug(struct ucred *cred, struct proc *p)
{
return (0);
}
static int
stub_check_proc_sched(struct ucred *cred, struct proc *proc)
stub_check_proc_sched(struct ucred *cred, struct proc *p)
{
return (0);
}
static int
stub_check_proc_signal(struct ucred *cred, struct proc *proc, int signum)
stub_check_proc_signal(struct ucred *cred, struct proc *p, int signum)
{
return (0);
}
static int
stub_check_proc_wait(struct ucred *cred, struct proc *proc)
stub_check_proc_wait(struct ucred *cred, struct proc *p)
{
return (0);
@ -993,40 +989,39 @@ stub_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
}
static int
stub_check_socket_accept(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
stub_check_socket_accept(struct ucred *cred, struct socket *so,
struct label *solabel)
{
return (0);
}
static int
stub_check_socket_bind(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct sockaddr *sockaddr)
stub_check_socket_bind(struct ucred *cred, struct socket *so,
struct label *solabel, struct sockaddr *sa)
{
return (0);
}
static int
stub_check_socket_connect(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct sockaddr *sockaddr)
stub_check_socket_connect(struct ucred *cred, struct socket *so,
struct label *solabel, struct sockaddr *sa)
{
return (0);
}
static int
stub_check_socket_create(struct ucred *cred, int domain, int type,
int protocol)
stub_check_socket_create(struct ucred *cred, int domain, int type, int proto)
{
return (0);
}
static int
stub_check_socket_deliver(struct socket *so, struct label *socketlabel,
struct mbuf *m, struct label *mbuflabel)
stub_check_socket_deliver(struct socket *so, struct label *solabel,
struct mbuf *m, struct label *mlabel)
{
return (0);
@ -1034,7 +1029,7 @@ stub_check_socket_deliver(struct socket *so, struct label *socketlabel,
static int
stub_check_socket_listen(struct ucred *cred, struct socket *so,
struct label *socketlabel)
struct label *solabel)
{
return (0);
@ -1042,7 +1037,7 @@ stub_check_socket_listen(struct ucred *cred, struct socket *so,
static int
stub_check_socket_poll(struct ucred *cred, struct socket *so,
struct label *socketlabel)
struct label *solabel)
{
return (0);
@ -1050,22 +1045,22 @@ stub_check_socket_poll(struct ucred *cred, struct socket *so,
static int
stub_check_socket_receive(struct ucred *cred, struct socket *so,
struct label *socketlabel)
struct label *solabel)
{
return (0);
}
static int
stub_check_socket_relabel(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct label *newlabel)
stub_check_socket_relabel(struct ucred *cred, struct socket *so,
struct label *solabel, struct label *newlabel)
{
return (0);
}
static int
stub_check_socket_send(struct ucred *cred, struct socket *so,
struct label *socketlabel)
struct label *solabel)
{
return (0);
@ -1073,15 +1068,15 @@ stub_check_socket_send(struct ucred *cred, struct socket *so,
static int
stub_check_socket_stat(struct ucred *cred, struct socket *so,
struct label *socketlabel)
struct label *solabel)
{
return (0);
}
static int
stub_check_socket_visible(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
stub_check_socket_visible(struct ucred *cred, struct socket *so,
struct label *solabel)
{
return (0);
@ -1089,7 +1084,7 @@ stub_check_socket_visible(struct ucred *cred, struct socket *socket,
static int
stub_check_system_acct(struct ucred *cred, struct vnode *vp,
struct label *vlabel)
struct label *vplabel)
{
return (0);
@ -1104,7 +1099,7 @@ stub_check_system_audit(struct ucred *cred, void *record, int length)
static int
stub_check_system_auditctl(struct ucred *cred, struct vnode *vp,
struct label *vlabel)
struct label *vplabel)
{
return (0);
@ -1126,7 +1121,7 @@ stub_check_system_reboot(struct ucred *cred, int how)
static int
stub_check_system_swapoff(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (0);
@ -1134,7 +1129,7 @@ stub_check_system_swapoff(struct ucred *cred, struct vnode *vp,
static int
stub_check_system_swapon(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (0);
@ -1150,7 +1145,7 @@ stub_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
static int
stub_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, int acc_mode)
struct label *vplabel, int acc_mode)
{
return (0);
@ -1158,7 +1153,7 @@ stub_check_vnode_access(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
return (0);
@ -1166,7 +1161,7 @@ stub_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
return (0);
@ -1174,7 +1169,7 @@ stub_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_create(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp, struct vattr *vap)
struct label *dvplabel, struct componentname *cnp, struct vattr *vap)
{
return (0);
@ -1182,7 +1177,7 @@ stub_check_vnode_create(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
@ -1191,7 +1186,7 @@ stub_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
return (0);
@ -1199,7 +1194,7 @@ stub_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name)
struct label *vplabel, int attrnamespace, const char *name)
{
return (0);
@ -1207,7 +1202,7 @@ stub_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_exec(struct ucred *cred, struct vnode *vp,
struct label *label, struct image_params *imgp,
struct label *vplabel, struct image_params *imgp,
struct label *execlabel)
{
@ -1216,7 +1211,7 @@ stub_check_vnode_exec(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
return (0);
@ -1224,7 +1219,8 @@ stub_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
return (0);
@ -1232,7 +1228,7 @@ stub_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_link(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
@ -1241,7 +1237,7 @@ stub_check_vnode_link(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace)
struct label *vplabel, int attrnamespace)
{
return (0);
@ -1249,7 +1245,7 @@ stub_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp)
struct label *dvplabel, struct componentname *cnp)
{
return (0);
@ -1257,22 +1253,22 @@ stub_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
struct label *label, int prot, int flags)
struct label *vplabel, int prot, int flags)
{
return (0);
}
static void
stub_check_vnode_mmap_downgrade(struct ucred *cred,
struct vnode *vp, struct label *label, int *prot)
stub_check_vnode_mmap_downgrade(struct ucred *cred, struct vnode *vp,
struct label *vplabel, int *prot)
{
}
static int
stub_check_vnode_mprotect(struct ucred *cred,
struct vnode *vp, struct label *label, int prot)
stub_check_vnode_mprotect(struct ucred *cred, struct vnode *vp,
struct label *vplabel, int prot)
{
return (0);
@ -1280,7 +1276,7 @@ stub_check_vnode_mprotect(struct ucred *cred,
static int
stub_check_vnode_open(struct ucred *cred, struct vnode *vp,
struct label *filelabel, int acc_mode)
struct label *vplabel, int acc_mode)
{
return (0);
@ -1288,7 +1284,7 @@ stub_check_vnode_open(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
return (0);
@ -1296,7 +1292,7 @@ stub_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred,
static int
stub_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
return (0);
@ -1304,7 +1300,7 @@ stub_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
static int
stub_check_vnode_readdir(struct ucred *cred, struct vnode *vp,
struct label *dlabel)
struct label *dvplabel)
{
return (0);
@ -1312,7 +1308,7 @@ stub_check_vnode_readdir(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_readlink(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel)
struct label *vplabel)
{
return (0);
@ -1320,7 +1316,7 @@ stub_check_vnode_readlink(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *newlabel)
struct label *vplabel, struct label *newlabel)
{
return (0);
@ -1328,7 +1324,7 @@ stub_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
@ -1337,8 +1333,8 @@ stub_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label, int samedir,
struct componentname *cnp)
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
int samedir, struct componentname *cnp)
{
return (0);
@ -1346,7 +1342,7 @@ stub_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
static int
stub_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
return (0);
@ -1354,7 +1350,7 @@ stub_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type, struct acl *acl)
struct label *vplabel, acl_type_t type, struct acl *acl)
{
return (0);
@ -1362,7 +1358,8 @@ stub_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
return (0);
@ -1370,7 +1367,7 @@ stub_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
struct label *label, u_long flags)
struct label *vplabel, u_long flags)
{
return (0);
@ -1378,7 +1375,7 @@ stub_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t mode)
struct label *vplabel, mode_t mode)
{
return (0);
@ -1386,7 +1383,7 @@ stub_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
struct label *label, uid_t uid, gid_t gid)
struct label *vplabel, uid_t uid, gid_t gid)
{
return (0);
@ -1394,7 +1391,7 @@ stub_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
struct label *label, struct timespec atime, struct timespec mtime)
struct label *vplabel, struct timespec atime, struct timespec mtime)
{
return (0);
@ -1402,15 +1399,15 @@ stub_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
static int
stub_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
return (0);
}
static int
stub_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
stub_check_vnode_write(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *vplabel)
{
return (0);

View File

@ -594,25 +594,25 @@ mac_test_internalize_label(struct label *label, char *element_name,
*/
COUNTER_DECL(associate_vnode_devfs);
static void
mac_test_associate_vnode_devfs(struct mount *mp, struct label *mntlabel,
mac_test_associate_vnode_devfs(struct mount *mp, struct label *mplabel,
struct devfs_dirent *de, struct label *delabel, struct vnode *vp,
struct label *vlabel)
struct label *vplabel)
{
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
LABEL_CHECK(delabel, MAGIC_DEVFS);
LABEL_CHECK(vlabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(associate_vnode_devfs);
}
COUNTER_DECL(associate_vnode_extattr);
static int
mac_test_associate_vnode_extattr(struct mount *mp, struct label *mntlabel,
struct vnode *vp, struct label *vlabel)
mac_test_associate_vnode_extattr(struct mount *mp, struct label *mplabel,
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(vlabel, MAGIC_VNODE);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(associate_vnode_extattr);
return (0);
@ -620,34 +620,34 @@ mac_test_associate_vnode_extattr(struct mount *mp, struct label *mntlabel,
COUNTER_DECL(associate_vnode_singlelabel);
static void
mac_test_associate_vnode_singlelabel(struct mount *mp,
struct label *mntlabel, struct vnode *vp, struct label *vlabel)
mac_test_associate_vnode_singlelabel(struct mount *mp, struct label *mplabel,
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(vlabel, MAGIC_VNODE);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(associate_vnode_singlelabel);
}
COUNTER_DECL(create_devfs_device);
static void
mac_test_create_devfs_device(struct ucred *cred, struct mount *mp,
struct cdev *dev, struct devfs_dirent *devfs_dirent, struct label *label)
struct cdev *dev, struct devfs_dirent *de, struct label *delabel)
{
if (cred != NULL)
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_DEVFS);
LABEL_CHECK(delabel, MAGIC_DEVFS);
COUNTER_INC(create_devfs_device);
}
COUNTER_DECL(create_devfs_directory);
static void
mac_test_create_devfs_directory(struct mount *mp, char *dirname,
int dirnamelen, struct devfs_dirent *devfs_dirent, struct label *label)
int dirnamelen, struct devfs_dirent *de, struct label *delabel)
{
LABEL_CHECK(label, MAGIC_DEVFS);
LABEL_CHECK(delabel, MAGIC_DEVFS);
COUNTER_INC(create_devfs_directory);
}
@ -667,13 +667,13 @@ mac_test_create_devfs_symlink(struct ucred *cred, struct mount *mp,
COUNTER_DECL(create_vnode_extattr);
static int
mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp,
struct label *mntlabel, struct vnode *dvp, struct label *dlabel,
struct vnode *vp, struct label *vlabel, struct componentname *cnp)
struct label *mplabel, struct vnode *dvp, struct label *dvplabel,
struct vnode *vp, struct label *vplabel, struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(create_vnode_extattr);
return (0);
@ -682,22 +682,22 @@ mac_test_create_vnode_extattr(struct ucred *cred, struct mount *mp,
COUNTER_DECL(create_mount);
static void
mac_test_create_mount(struct ucred *cred, struct mount *mp,
struct label *mntlabel)
struct label *mplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
COUNTER_INC(create_mount);
}
COUNTER_DECL(relabel_vnode);
static void
mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
struct label *vplabel, struct label *label)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(vnodelabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
LABEL_CHECK(label, MAGIC_VNODE);
COUNTER_INC(relabel_vnode);
}
@ -705,11 +705,11 @@ mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(setlabel_vnode_extattr);
static int
mac_test_setlabel_vnode_extattr(struct ucred *cred, struct vnode *vp,
struct label *vlabel, struct label *intlabel)
struct label *vplabel, struct label *intlabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(vlabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
LABEL_CHECK(intlabel, MAGIC_VNODE);
COUNTER_INC(setlabel_vnode_extattr);
@ -720,11 +720,11 @@ COUNTER_DECL(update_devfsdirent);
static void
mac_test_update_devfsdirent(struct mount *mp,
struct devfs_dirent *devfs_dirent, struct label *direntlabel,
struct vnode *vp, struct label *vnodelabel)
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(direntlabel, MAGIC_DEVFS);
LABEL_CHECK(vnodelabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(update_devfsdirent);
}
@ -1082,14 +1082,14 @@ COUNTER_DECL(execve_transition);
static void
mac_test_execve_transition(struct ucred *old, struct ucred *new,
struct vnode *vp, struct label *filelabel,
struct label *interpvnodelabel, struct image_params *imgp,
struct label *interpvplabel, struct image_params *imgp,
struct label *execlabel)
{
LABEL_CHECK(old->cr_label, MAGIC_CRED);
LABEL_CHECK(new->cr_label, MAGIC_CRED);
LABEL_CHECK(filelabel, MAGIC_VNODE);
LABEL_CHECK(interpvnodelabel, MAGIC_VNODE);
LABEL_CHECK(interpvplabel, MAGIC_VNODE);
LABEL_CHECK(execlabel, MAGIC_CRED);
COUNTER_INC(execve_transition);
}
@ -1097,13 +1097,13 @@ mac_test_execve_transition(struct ucred *old, struct ucred *new,
COUNTER_DECL(execve_will_transition);
static int
mac_test_execve_will_transition(struct ucred *old, struct vnode *vp,
struct label *filelabel, struct label *interpvnodelabel,
struct label *filelabel, struct label *interpvplabel,
struct image_params *imgp, struct label *execlabel)
{
LABEL_CHECK(old->cr_label, MAGIC_CRED);
LABEL_CHECK(filelabel, MAGIC_VNODE);
LABEL_CHECK(interpvnodelabel, MAGIC_VNODE);
LABEL_CHECK(interpvplabel, MAGIC_VNODE);
LABEL_CHECK(execlabel, MAGIC_CRED);
COUNTER_INC(execve_will_transition);
@ -1520,11 +1520,11 @@ mac_test_check_kld_stat(struct ucred *cred)
COUNTER_DECL(check_mount_stat);
static int
mac_test_check_mount_stat(struct ucred *cred, struct mount *mp,
struct label *mntlabel)
struct label *mplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(mntlabel, MAGIC_MOUNT);
LABEL_CHECK(mplabel, MAGIC_MOUNT);
COUNTER_INC(check_mount_stat);
return (0);
@ -1624,11 +1624,11 @@ mac_test_check_posix_sem(struct ucred *cred, struct ksem *ksemptr,
COUNTER_DECL(check_proc_debug);
static int
mac_test_check_proc_debug(struct ucred *cred, struct proc *proc)
mac_test_check_proc_debug(struct ucred *cred, struct proc *p)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(proc->p_ucred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(check_proc_debug);
return (0);
@ -1636,11 +1636,11 @@ mac_test_check_proc_debug(struct ucred *cred, struct proc *proc)
COUNTER_DECL(check_proc_sched);
static int
mac_test_check_proc_sched(struct ucred *cred, struct proc *proc)
mac_test_check_proc_sched(struct ucred *cred, struct proc *p)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(proc->p_ucred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(check_proc_sched);
return (0);
@ -1648,11 +1648,11 @@ mac_test_check_proc_sched(struct ucred *cred, struct proc *proc)
COUNTER_DECL(check_proc_signal);
static int
mac_test_check_proc_signal(struct ucred *cred, struct proc *proc, int signum)
mac_test_check_proc_signal(struct ucred *cred, struct proc *p, int signum)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(proc->p_ucred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(check_proc_signal);
return (0);
@ -1784,11 +1784,11 @@ mac_test_check_proc_setresgid(struct ucred *cred, gid_t rgid, gid_t egid,
COUNTER_DECL(check_proc_wait);
static int
mac_test_check_proc_wait(struct ucred *cred, struct proc *proc)
mac_test_check_proc_wait(struct ucred *cred, struct proc *p)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(proc->p_ucred->cr_label, MAGIC_CRED);
LABEL_CHECK(p->p_ucred->cr_label, MAGIC_CRED);
COUNTER_INC(check_proc_wait);
return (0);
@ -1796,12 +1796,12 @@ mac_test_check_proc_wait(struct ucred *cred, struct proc *proc)
COUNTER_DECL(check_socket_accept);
static int
mac_test_check_socket_accept(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_accept(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_accept);
return (0);
@ -1809,12 +1809,12 @@ mac_test_check_socket_accept(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_bind);
static int
mac_test_check_socket_bind(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct sockaddr *sockaddr)
mac_test_check_socket_bind(struct ucred *cred, struct socket *so,
struct label *solabel, struct sockaddr *sa)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_bind);
return (0);
@ -1822,12 +1822,12 @@ mac_test_check_socket_bind(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_connect);
static int
mac_test_check_socket_connect(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct sockaddr *sockaddr)
mac_test_check_socket_connect(struct ucred *cred, struct socket *so,
struct label *solabel, struct sockaddr *sa)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_connect);
return (0);
@ -1835,12 +1835,12 @@ mac_test_check_socket_connect(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_deliver);
static int
mac_test_check_socket_deliver(struct socket *socket, struct label *socketlabel,
struct mbuf *m, struct label *mbuflabel)
mac_test_check_socket_deliver(struct socket *so, struct label *solabel,
struct mbuf *m, struct label *mlabel)
{
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(mbuflabel, MAGIC_MBUF);
LABEL_CHECK(solabel, MAGIC_SOCKET);
LABEL_CHECK(mlabel, MAGIC_MBUF);
COUNTER_INC(check_socket_deliver);
return (0);
@ -1848,12 +1848,12 @@ mac_test_check_socket_deliver(struct socket *socket, struct label *socketlabel,
COUNTER_DECL(check_socket_listen);
static int
mac_test_check_socket_listen(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_listen(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_listen);
return (0);
@ -1861,12 +1861,12 @@ mac_test_check_socket_listen(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_poll);
static int
mac_test_check_socket_poll(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_poll(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_poll);
return (0);
@ -1874,12 +1874,12 @@ mac_test_check_socket_poll(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_receive);
static int
mac_test_check_socket_receive(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_receive(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_receive);
return (0);
@ -1887,12 +1887,12 @@ mac_test_check_socket_receive(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_relabel);
static int
mac_test_check_socket_relabel(struct ucred *cred, struct socket *socket,
struct label *socketlabel, struct label *newlabel)
mac_test_check_socket_relabel(struct ucred *cred, struct socket *so,
struct label *solabel, struct label *newlabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
LABEL_CHECK(newlabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_relabel);
@ -1901,12 +1901,12 @@ mac_test_check_socket_relabel(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_send);
static int
mac_test_check_socket_send(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_send(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_send);
return (0);
@ -1914,12 +1914,12 @@ mac_test_check_socket_send(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_stat);
static int
mac_test_check_socket_stat(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_stat(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_stat);
return (0);
@ -1927,12 +1927,12 @@ mac_test_check_socket_stat(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_socket_visible);
static int
mac_test_check_socket_visible(struct ucred *cred, struct socket *socket,
struct label *socketlabel)
mac_test_check_socket_visible(struct ucred *cred, struct socket *so,
struct label *solabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(socketlabel, MAGIC_SOCKET);
LABEL_CHECK(solabel, MAGIC_SOCKET);
COUNTER_INC(check_socket_visible);
return (0);
@ -1941,11 +1941,11 @@ mac_test_check_socket_visible(struct ucred *cred, struct socket *socket,
COUNTER_DECL(check_system_acct);
static int
mac_test_check_system_acct(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_system_acct);
return (0);
@ -1965,11 +1965,11 @@ mac_test_check_system_audit(struct ucred *cred, void *record, int length)
COUNTER_DECL(check_system_auditctl);
static int
mac_test_check_system_auditctl(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_system_auditctl);
return (0);
@ -2000,11 +2000,11 @@ mac_test_check_system_reboot(struct ucred *cred, int how)
COUNTER_DECL(check_system_swapoff);
static int
mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_system_swapoff);
return (0);
@ -2013,11 +2013,11 @@ mac_test_check_system_swapoff(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_system_swapon);
static int
mac_test_check_system_swapon(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_system_swapon);
return (0);
@ -2038,11 +2038,11 @@ mac_test_check_system_sysctl(struct ucred *cred, struct sysctl_oid *oidp,
COUNTER_DECL(check_vnode_access);
static int
mac_test_check_vnode_access(struct ucred *cred, struct vnode *vp,
struct label *label, int acc_mode)
struct label *vplabel, int acc_mode)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_access);
return (0);
@ -2051,11 +2051,11 @@ mac_test_check_vnode_access(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_chdir);
static int
mac_test_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_chdir);
return (0);
@ -2064,11 +2064,11 @@ mac_test_check_vnode_chdir(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_chroot);
static int
mac_test_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_chroot);
return (0);
@ -2077,11 +2077,11 @@ mac_test_check_vnode_chroot(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_create);
static int
mac_test_check_vnode_create(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp, struct vattr *vap)
struct label *dvplabel, struct componentname *cnp, struct vattr *vap)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_create);
return (0);
@ -2090,13 +2090,13 @@ mac_test_check_vnode_create(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_delete);
static int
mac_test_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_delete);
return (0);
@ -2105,11 +2105,11 @@ mac_test_check_vnode_delete(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_deleteacl);
static int
mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_deleteacl);
return (0);
@ -2118,11 +2118,11 @@ mac_test_check_vnode_deleteacl(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_deleteextattr);
static int
mac_test_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name)
struct label *vplabel, int attrnamespace, const char *name)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_deleteextattr);
return (0);
@ -2131,12 +2131,12 @@ mac_test_check_vnode_deleteextattr(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_exec);
static int
mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp,
struct label *label, struct image_params *imgp,
struct label *vplabel, struct image_params *imgp,
struct label *execlabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
LABEL_CHECK(execlabel, MAGIC_CRED);
COUNTER_INC(check_vnode_exec);
@ -2146,11 +2146,11 @@ mac_test_check_vnode_exec(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_getacl);
static int
mac_test_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type)
struct label *vplabel, acl_type_t type)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_getacl);
return (0);
@ -2159,11 +2159,12 @@ mac_test_check_vnode_getacl(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_getextattr);
static int
mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_getextattr);
return (0);
@ -2172,13 +2173,13 @@ mac_test_check_vnode_getextattr(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_link);
static int
mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_link);
return (0);
@ -2187,11 +2188,11 @@ mac_test_check_vnode_link(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_listextattr);
static int
mac_test_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace)
struct label *vplabel, int attrnamespace)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_listextattr);
return (0);
@ -2200,11 +2201,11 @@ mac_test_check_vnode_listextattr(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_lookup);
static int
mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct componentname *cnp)
struct label *dvplabel, struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_lookup);
return (0);
@ -2213,11 +2214,11 @@ mac_test_check_vnode_lookup(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_mmap);
static int
mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
struct label *label, int prot, int flags)
struct label *vplabel, int prot, int flags)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_mmap);
return (0);
@ -2226,11 +2227,11 @@ mac_test_check_vnode_mmap(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_open);
static int
mac_test_check_vnode_open(struct ucred *cred, struct vnode *vp,
struct label *filelabel, int acc_mode)
struct label *vplabel, int acc_mode)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(filelabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_open);
return (0);
@ -2239,13 +2240,13 @@ mac_test_check_vnode_open(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_poll);
static int
mac_test_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
if (file_cred != NULL)
LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_poll);
return (0);
@ -2254,13 +2255,13 @@ mac_test_check_vnode_poll(struct ucred *active_cred, struct ucred *file_cred,
COUNTER_DECL(check_vnode_read);
static int
mac_test_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
if (file_cred != NULL)
LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_read);
return (0);
@ -2269,11 +2270,11 @@ mac_test_check_vnode_read(struct ucred *active_cred, struct ucred *file_cred,
COUNTER_DECL(check_vnode_readdir);
static int
mac_test_check_vnode_readdir(struct ucred *cred, struct vnode *dvp,
struct label *dlabel)
struct label *dvplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_readdir);
return (0);
@ -2282,11 +2283,11 @@ mac_test_check_vnode_readdir(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_readlink);
static int
mac_test_check_vnode_readlink(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(vnodelabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_readlink);
return (0);
@ -2295,11 +2296,11 @@ mac_test_check_vnode_readlink(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_relabel);
static int
mac_test_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *newlabel)
struct label *vplabel, struct label *newlabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(vnodelabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
LABEL_CHECK(newlabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_relabel);
@ -2309,13 +2310,13 @@ mac_test_check_vnode_relabel(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_rename_from);
static int
mac_test_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label,
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_rename_from);
return (0);
@ -2324,13 +2325,13 @@ mac_test_check_vnode_rename_from(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_rename_to);
static int
mac_test_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
struct label *dlabel, struct vnode *vp, struct label *label, int samedir,
struct componentname *cnp)
struct label *dvplabel, struct vnode *vp, struct label *vplabel,
int samedir, struct componentname *cnp)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(dlabel, MAGIC_VNODE);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(dvplabel, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_rename_to);
return (0);
@ -2339,11 +2340,11 @@ mac_test_check_vnode_rename_to(struct ucred *cred, struct vnode *dvp,
COUNTER_DECL(check_vnode_revoke);
static int
mac_test_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
struct label *label)
struct label *vplabel)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_revoke);
return (0);
@ -2352,11 +2353,11 @@ mac_test_check_vnode_revoke(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setacl);
static int
mac_test_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
struct label *label, acl_type_t type, struct acl *acl)
struct label *vplabel, acl_type_t type, struct acl *acl)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setacl);
return (0);
@ -2365,11 +2366,12 @@ mac_test_check_vnode_setacl(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setextattr);
static int
mac_test_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
struct label *label, int attrnamespace, const char *name, struct uio *uio)
struct label *vplabel, int attrnamespace, const char *name,
struct uio *uio)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setextattr);
return (0);
@ -2378,11 +2380,11 @@ mac_test_check_vnode_setextattr(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setflags);
static int
mac_test_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
struct label *label, u_long flags)
struct label *vplabel, u_long flags)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setflags);
return (0);
@ -2391,11 +2393,11 @@ mac_test_check_vnode_setflags(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setmode);
static int
mac_test_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
struct label *label, mode_t mode)
struct label *vplabel, mode_t mode)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setmode);
return (0);
@ -2404,11 +2406,11 @@ mac_test_check_vnode_setmode(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setowner);
static int
mac_test_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
struct label *label, uid_t uid, gid_t gid)
struct label *vplabel, uid_t uid, gid_t gid)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setowner);
return (0);
@ -2417,11 +2419,11 @@ mac_test_check_vnode_setowner(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_setutimes);
static int
mac_test_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
struct label *label, struct timespec atime, struct timespec mtime)
struct label *vplabel, struct timespec atime, struct timespec mtime)
{
LABEL_CHECK(cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_setutimes);
return (0);
@ -2430,13 +2432,13 @@ mac_test_check_vnode_setutimes(struct ucred *cred, struct vnode *vp,
COUNTER_DECL(check_vnode_stat);
static int
mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
struct vnode *vp, struct label *label)
struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
if (file_cred != NULL)
LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_stat);
return (0);
@ -2445,13 +2447,13 @@ mac_test_check_vnode_stat(struct ucred *active_cred, struct ucred *file_cred,
COUNTER_DECL(check_vnode_write);
static int
mac_test_check_vnode_write(struct ucred *active_cred,
struct ucred *file_cred, struct vnode *vp, struct label *label)
struct ucred *file_cred, struct vnode *vp, struct label *vplabel)
{
LABEL_CHECK(active_cred->cr_label, MAGIC_CRED);
if (file_cred != NULL)
LABEL_CHECK(file_cred->cr_label, MAGIC_CRED);
LABEL_CHECK(label, MAGIC_VNODE);
LABEL_CHECK(vplabel, MAGIC_VNODE);
COUNTER_INC(check_vnode_write);
return (0);