From owner-p4-projects@FreeBSD.ORG Thu Jul 6 12:11:55 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 20BEB16A4E1; Thu, 6 Jul 2006 12:11:55 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFA4516A4DF for ; Thu, 6 Jul 2006 12:11:54 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id A332D43D46 for ; Thu, 6 Jul 2006 12:11:54 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k66CBsxW070658 for ; Thu, 6 Jul 2006 12:11:54 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k66CBsK2070655 for perforce@freebsd.org; Thu, 6 Jul 2006 12:11:54 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Thu, 6 Jul 2006 12:11:54 GMT Message-Id: <200607061211.k66CBsK2070655@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 100737 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2006 12:11:55 -0000 http://perforce.freebsd.org/chv.cgi?CH=100737 Change 100737 by rwatson@rwatson_zoo on 2006/07/06 12:11:04 Rename. Affected files ... .. //depot/projects/trustedbsd/mac2/sys/kern/kern_mac.c#3 edit Differences ... ==== //depot/projects/trustedbsd/mac2/sys/kern/kern_mac.c#3 (text+ko) ==== @@ -2,7 +2,7 @@ * Copyright (c) 1999-2002 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2005 Networks Associates Technology, Inc. - * Copyright (c) 2005 SPARTA, Inc. + * Copyright (c) 2005-2006 SPARTA, Inc. * All rights reserved. * * This software was developed by Robert Watson and Ilmar Habibulin for the @@ -456,8 +456,8 @@ LIST_INSERT_HEAD(&mac_policy_list, mpc, mpc_list); /* Per-policy initialization. */ - if (mpc->mpc_ops->mpo_init != NULL) - (*(mpc->mpc_ops->mpo_init))(mpc); + if (mpc->mpc_ops->mpo_policy_init != NULL) + (*(mpc->mpc_ops->mpo_policy_init))(mpc); mac_policy_updateflags(); printf("Security policy loaded: %s (%s)\n", mpc->mpc_fullname, @@ -499,8 +499,8 @@ mac_policy_release_exclusive(); return (EBUSY); } - if (mpc->mpc_ops->mpo_destroy != NULL) - (*(mpc->mpc_ops->mpo_destroy))(mpc); + if (mpc->mpc_ops->mpo_policy_destroy != NULL) + (*(mpc->mpc_ops->mpo_policy_destroy))(mpc); LIST_REMOVE(mpc, mpc_list); mpc->mpc_runtime_flags &= ~MPC_RUNTIME_FLAG_REGISTERED; @@ -622,7 +622,7 @@ } buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); - error = mac_externalize_cred_label(tcred->cr_label, elements, + error = mac_cred_externalize_label(tcred->cr_label, elements, buffer, mac.m_buflen); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -659,7 +659,7 @@ } buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO); - error = mac_externalize_cred_label(td->td_ucred->cr_label, + error = mac_cred_externalize_label(td->td_ucred->cr_label, elements, buffer, mac.m_buflen); if (error == 0) error = copyout(buffer, mac.m_string, strlen(buffer)+1); @@ -698,7 +698,7 @@ } intlabel = mac_cred_label_alloc(); - error = mac_internalize_cred_label(intlabel, buffer); + error = mac_cred_internalize_label(intlabel, buffer); free(buffer, M_MACTEMP); if (error) goto out; @@ -709,7 +709,7 @@ PROC_LOCK(p); oldcred = p->p_ucred; - error = mac_check_cred_relabel(oldcred, intlabel); + error = mac_cred_check_relabel(oldcred, intlabel); if (error) { PROC_UNLOCK(p); crfree(newcred); @@ -718,7 +718,7 @@ setsugid(p); crcopy(newcred, oldcred); - mac_relabel_cred(newcred, intlabel); + mac_cred_relabel(newcred, intlabel); p->p_ucred = newcred; /* @@ -784,10 +784,10 @@ intlabel = mac_vnode_label_alloc(); vfslocked = VFS_LOCK_GIANT(vp->v_mount); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); - mac_copy_vnode_label(vp->v_label, intlabel); + mac_vnode_copy_label(vp->v_label, intlabel); VOP_UNLOCK(vp, 0, td); VFS_UNLOCK_GIANT(vfslocked); - error = mac_externalize_vnode_label(intlabel, elements, + error = mac_vnode_externalize_label(intlabel, elements, buffer, mac.m_buflen); mac_vnode_label_free(intlabel); break; @@ -796,9 +796,9 @@ pipe = fp->f_data; intlabel = mac_pipe_label_alloc(); PIPE_LOCK(pipe); - mac_copy_pipe_label(pipe->pipe_pair->pp_label, intlabel); + mac_pipe_copy_label(pipe->pipe_pair->pp_label, intlabel); PIPE_UNLOCK(pipe); - error = mac_externalize_pipe_label(intlabel, elements, + error = mac_pipe_externalize_label(intlabel, elements, buffer, mac.m_buflen); mac_pipe_label_free(intlabel); break; @@ -808,10 +808,10 @@ intlabel = mac_socket_label_alloc(M_WAITOK); NET_LOCK_GIANT(); SOCK_LOCK(so); - mac_copy_socket_label(so->so_label, intlabel); + mac_socket_copy_label(so->so_label, intlabel); SOCK_UNLOCK(so); NET_UNLOCK_GIANT(); - error = mac_externalize_socket_label(intlabel, elements, + error = mac_socket_externalize_label(intlabel, elements, buffer, mac.m_buflen); mac_socket_label_free(intlabel); break; @@ -865,8 +865,8 @@ intlabel = mac_vnode_label_alloc(); vfslocked = NDHASGIANT(&nd); - mac_copy_vnode_label(nd.ni_vp->v_label, intlabel); - error = mac_externalize_vnode_label(intlabel, elements, buffer, + mac_vnode_copy_label(nd.ni_vp->v_label, intlabel); + error = mac_vnode_externalize_label(intlabel, elements, buffer, mac.m_buflen); NDFREE(&nd, 0); @@ -918,8 +918,8 @@ intlabel = mac_vnode_label_alloc(); vfslocked = NDHASGIANT(&nd); - mac_copy_vnode_label(nd.ni_vp->v_label, intlabel); - error = mac_externalize_vnode_label(intlabel, elements, buffer, + mac_vnode_copy_label(nd.ni_vp->v_label, intlabel); + error = mac_vnode_externalize_label(intlabel, elements, buffer, mac.m_buflen); NDFREE(&nd, 0); VFS_UNLOCK_GIANT(vfslocked); @@ -974,7 +974,7 @@ case DTYPE_FIFO: case DTYPE_VNODE: intlabel = mac_vnode_label_alloc(); - error = mac_internalize_vnode_label(intlabel, buffer); + error = mac_vnode_internalize_label(intlabel, buffer); if (error) { mac_vnode_label_free(intlabel); break; @@ -997,7 +997,7 @@ case DTYPE_PIPE: intlabel = mac_pipe_label_alloc(); - error = mac_internalize_pipe_label(intlabel, buffer); + error = mac_pipe_internalize_label(intlabel, buffer); if (error == 0) { pipe = fp->f_data; PIPE_LOCK(pipe); @@ -1010,7 +1010,7 @@ case DTYPE_SOCKET: intlabel = mac_socket_label_alloc(M_WAITOK); - error = mac_internalize_socket_label(intlabel, buffer); + error = mac_socket_internalize_label(intlabel, buffer); if (error == 0) { so = fp->f_data; NET_LOCK_GIANT(); @@ -1059,7 +1059,7 @@ } intlabel = mac_vnode_label_alloc(); - error = mac_internalize_vnode_label(intlabel, buffer); + error = mac_vnode_internalize_label(intlabel, buffer); free(buffer, M_MACTEMP); if (error) goto out; @@ -1113,7 +1113,7 @@ } intlabel = mac_vnode_label_alloc(); - error = mac_internalize_vnode_label(intlabel, buffer); + error = mac_vnode_internalize_label(intlabel, buffer); free(buffer, M_MACTEMP); if (error) goto out;