From owner-p4-projects@FreeBSD.ORG  Tue Nov 14 20:42:32 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B461616A4A7; Tue, 14 Nov 2006 20:42:32 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 78E7416A492
	for <perforce@freebsd.org>; Tue, 14 Nov 2006 20:42:32 +0000 (UTC)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0076043FAA
	for <perforce@freebsd.org>; Tue, 14 Nov 2006 20:36:34 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id kAEKaY0i047294
	for <perforce@freebsd.org>; Tue, 14 Nov 2006 20:36:34 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id kAEKaY5F047289
	for perforce@freebsd.org; Tue, 14 Nov 2006 20:36:34 GMT
	(envelope-from millert@freebsd.org)
Date: Tue, 14 Nov 2006 20:36:34 GMT
Message-Id: <200611142036.kAEKaY5F047289@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 109981 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Nov 2006 20:42:33 -0000

http://perforce.freebsd.org/chv.cgi?CH=109981

Change 109981 by millert@millert_g5tower on 2006/11/14 20:35:54

	Sort sebsd_ops

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#41 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/sedarwin/sebsd.c#41 (text+ko) ====

@@ -2523,7 +2523,6 @@
 }
 #endif
 
-#ifdef FILE__SETATTR
 static int
 sebsd_vnode_check_setattrlist(struct ucred *cred, struct vnode *vp,
     struct label *vlabel, struct attrlist *alist)
@@ -2531,7 +2530,6 @@
 
 	return (vnode_has_perm(cred, vp, NULL, FILE__SETATTR));
 }
-#endif
 
 static int
 sebsd_vnode_check_setextattr(struct ucred *cred, struct vnode *vp,
@@ -3558,118 +3556,111 @@
 }
 
 static struct mac_policy_ops sebsd_ops = {
-	/* Init Labels */
-	.mpo_policy_init = sebsd_policy_init,
-	.mpo_policy_initbsd = sebsd_policy_initbsd,
-	.mpo_cred_label_init = sebsd_cred_label_init,
-	.mpo_task_label_init = sebsd_cred_label_init,
-	.mpo_port_label_init = sebsd_cred_label_init,
-	.mpo_vnode_label_init = sebsd_vnode_label_init,
-	.mpo_pipe_label_init = sebsd_vnode_label_init,
-	.mpo_socket_label_init = sebsd_init_network_label_waitcheck,
-	.mpo_socketpeer_label_init = sebsd_init_network_label_waitcheck,
-	.mpo_devfs_label_init = sebsd_vnode_label_init,
-	.mpo_mbuf_label_init = sebsd_init_network_label_waitcheck,
-	.mpo_vnode_label_recycle = sebsd_vnode_label_recycle,
-
-	/* Destroy Labels */
-	.mpo_policy_destroy = sebsd_policy_destroy,
+	.mpo_cred_check_label_update =sebsd_cred_check_label_update,
+	.mpo_cred_check_label_update_execve = sebsd_cred_check_label_update_execve,
+	.mpo_cred_label_associate = sebsd_cred_create,
+	.mpo_cred_label_associate_kernel = sebsd_create_kernel_proc,
+	.mpo_cred_label_associate_user = sebsd_create_kernel_proc,
 	.mpo_cred_label_destroy = sebsd_cred_label_destroy,
-	.mpo_task_label_destroy = sebsd_cred_label_destroy,
-	.mpo_port_label_destroy = sebsd_cred_label_destroy,
-	.mpo_vnode_label_destroy = sebsd_vnode_label_destroy,
-	.mpo_pipe_label_destroy = sebsd_vnode_label_destroy,
-	.mpo_socket_label_destroy = sebsd_destroy_network_label,
-	.mpo_socketpeer_label_destroy = sebsd_destroy_network_label,
-	.mpo_devfs_label_destroy = sebsd_vnode_label_destroy,
-	.mpo_mbuf_label_destroy = sebsd_destroy_network_label,
-
-	/* Copy labels */
-	.mpo_task_label_update = sebsd_task_label_update,
-	.mpo_port_label_copy = sebsd_task_label_copy,
-	.mpo_task_label_copy = sebsd_task_label_copy,
-	.mpo_vnode_label_copy = sebsd_vnode_label_copy,
-	.mpo_pipe_label_copy = sebsd_vnode_label_copy,
-	.mpo_socket_label_copy = copy_network_label,
-	.mpo_devfs_label_copy = sebsd_vnode_label_copy,
-	.mpo_mbuf_label_copy = copy_network_label,
-	.mpo_port_label_update_cred = sebsd_port_label_update_cred,
-
-	/* In/Out */
-	.mpo_cred_label_internalize = sebsd_cred_label_internalize,
 	.mpo_cred_label_externalize = sebsd_cred_label_externalize,
 	.mpo_cred_label_externalize_audit = sebsd_cred_label_externalize,
-
-	.mpo_vnode_label_internalize = sebsd_vnode_label_internalize,
-	.mpo_vnode_label_externalize = sebsd_vnode_label_externalize,
-	.mpo_vnode_label_externalize_audit = sebsd_vnode_label_externalize,
-
-	.mpo_pipe_label_internalize = sebsd_vnode_label_internalize,
-	.mpo_pipe_label_externalize = sebsd_vnode_label_externalize,
-
-	.mpo_socket_label_internalize = sebsd_network_label_internalize,
-	.mpo_socket_label_externalize = sebsd_network_label_externalize,
-	.mpo_socketpeer_label_externalize = sebsd_network_label_externalize,
-
-	.mpo_task_label_internalize = sebsd_cred_label_internalize,
-	.mpo_task_label_externalize = sebsd_cred_label_externalize,
-
+	.mpo_cred_label_init = sebsd_cred_label_init,
+	.mpo_cred_label_internalize = sebsd_cred_label_internalize,
 	.mpo_cred_label_update = sebsd_cred_label_update,
-	.mpo_vnode_label_update = sebsd_vnode_label_update,
-	.mpo_pipe_label_update = sebsd_pipe_label_update,
-	.mpo_socket_label_update = sebsd_socket_label_update,
-
-	/* Create Labels */
-	.mpo_cred_label_associate = sebsd_cred_create,
-	.mpo_task_label_associate = sebsd_task_create,
-	.mpo_task_label_associate_kernel = sebsd_task_create_kernel,
+	.mpo_cred_label_update_execve = sebsd_cred_label_update_execve,
 	.mpo_devfs_label_associate_device = sebsd_devfs_label_associate_device,
 	.mpo_devfs_label_associate_directory = sebsd_devfs_label_associate_directory,
-	// .mpo_devfs_create_symlink = sebsd_devfs_create_symlink,
-	.mpo_cred_label_associate_kernel = sebsd_create_kernel_proc,
-	.mpo_cred_label_associate_user = sebsd_create_kernel_proc,
-	.mpo_vnode_notify_create = sebsd_vnode_notify_create,
-	.mpo_vnode_label_update_extattr = sebsd_vnode_label_update_extattr,
-	.mpo_port_label_associate = sebsd_port_create,
-	.mpo_port_label_associate_kernel = sebsd_port_label_associate_kernel,
+	.mpo_devfs_label_copy = sebsd_vnode_label_copy,
+	.mpo_devfs_label_destroy = sebsd_vnode_label_destroy,
+	.mpo_devfs_label_init = sebsd_vnode_label_init,
+	.mpo_devfs_label_update = sebsd_devfs_update,
+	.mpo_file_check_change_flags = sebsd_file_check_change_flags,
+	.mpo_file_check_change_offset = sebsd_file_check_change_offset,
+	.mpo_file_check_change_ofileflags = sebsd_file_check_change_ofileflags,
+	.mpo_file_check_dup = sebsd_file_check_dup,
+	.mpo_file_check_get_flags = sebsd_file_check_get_flags,
+	.mpo_file_check_get_offset = sebsd_file_check_get_offset,
+	.mpo_file_check_get_ofileflags = sebsd_file_check_get_ofileflags,
+	.mpo_file_check_inherit = sebsd_file_check_receive,
+	.mpo_file_check_ioctl = sebsd_file_check_ioctl,
+	.mpo_file_check_mmap = sebsd_file_check_mmap,
+	.mpo_file_check_receive = sebsd_file_check_receive,
+	.mpo_file_label_associate = sebsd_file_label_associate,
+	.mpo_file_label_destroy = sebsd_label_destroy,
+	.mpo_file_label_init = sebsd_file_label_init,
+	.mpo_mbuf_label_associate_socket = sebsd_mbuf_label_associate_socket,
+	.mpo_mbuf_label_copy = copy_network_label,
+	.mpo_mbuf_label_destroy = sebsd_destroy_network_label,
+	.mpo_mbuf_label_init = sebsd_init_network_label_waitcheck,
+	.mpo_mount_check_getattr = sebsd_mount_check_getattr,
+	.mpo_mount_check_label_update = sebsd_mount_check_label_update,
+	.mpo_mount_check_mount = sebsd_mount_check_mount,
+	.mpo_mount_check_remount = sebsd_mount_check_remount,
+#ifdef FILESYSTEM__SETATTR
+	.mpo_mount_check_setattr = sebsd_mount_check_setattr,
+#endif
+	.mpo_mount_check_stat = sebsd_mount_check_stat,
+	.mpo_mount_check_umount = sebsd_mount_check_umount,
+	.mpo_mount_label_associate = sebsd_mount_label_associate,
+	.mpo_mount_label_destroy = sebsd_label_destroy,
+	.mpo_mount_label_externalize = sebsd_mount_label_externalize,
+	.mpo_mount_label_init = sebsd_mount_label_init,
+	.mpo_mount_label_internalize = sebsd_mount_label_internalize,
+	.mpo_pipe_check_ioctl = sebsd_pipe_check_ioctl,
+	.mpo_pipe_check_label_update = sebsd_pipe_check_label_update,
+	.mpo_pipe_check_read = sebsd_pipe_check_read,
+	.mpo_pipe_check_stat = sebsd_pipe_check_stat,
+	.mpo_pipe_check_write = sebsd_pipe_check_write,
 	.mpo_pipe_label_associate = sebsd_pipe_label_associate,
-	.mpo_socket_label_associate = sebsd_socket_label_associate,
-	.mpo_socket_label_associate_accept = sebsd_socket_label_associate_accept,
-	.mpo_mbuf_label_associate_socket = sebsd_mbuf_label_associate_socket,
-
-	.mpo_vnode_label_associate_singlelabel = sebsd_vnode_label_associate_singlelabel,
-	.mpo_vnode_label_associate_extattr = sebsd_vnode_label_associate_extattr,
-	.mpo_vnode_label_associate_devfs = sebsd_vnode_label_associate_devfs,
-	.mpo_vnode_label_associate_socket = sebsd_vnode_label_associate_socket,
-	.mpo_vnode_label_associate_posixsem = sebsd_vnode_label_associate_posixsem,
-	.mpo_vnode_label_associate_posixshm = sebsd_vnode_label_associate_posixshm,
-	.mpo_vnode_label_associate_pipe = sebsd_vnode_label_associate_pipe,
-	.mpo_vnode_label_associate_file = sebsd_vnode_label_associate_file,
-	.mpo_devfs_label_update = sebsd_devfs_update,
-
-	.mpo_port_label_compute = sebsd_request_label,
-
-	/* Transition */
-	.mpo_cred_check_label_update_execve = sebsd_cred_check_label_update_execve,
-	.mpo_cred_label_update_execve = sebsd_cred_label_update_execve,
-
-	/* Check Labels */
-	.mpo_port_check_service = sebsd_port_check_service,
-	.mpo_cred_check_label_update = sebsd_cred_check_label_update,
+	.mpo_pipe_label_copy = sebsd_vnode_label_copy,
+	.mpo_pipe_label_destroy = sebsd_vnode_label_destroy,
+	.mpo_pipe_label_externalize = sebsd_vnode_label_externalize,
+	.mpo_pipe_label_init = sebsd_vnode_label_init,
+	.mpo_pipe_label_internalize = sebsd_vnode_label_internalize,
+	.mpo_pipe_label_update = sebsd_pipe_label_update,
+	.mpo_policy_destroy = sebsd_policy_destroy,
+	.mpo_policy_init = sebsd_policy_init,
+	.mpo_policy_initbsd = sebsd_policy_initbsd,
+	.mpo_policy_syscall = sebsd_syscall,
+	.mpo_port_check_copy_send = sebsd_port_check_copy_send,
+	.mpo_port_check_hold_receive = sebsd_port_check_hold_recv,
+	.mpo_port_check_hold_send = sebsd_port_check_hold_send,
+	.mpo_port_check_hold_send_once = sebsd_port_check_hold_send_once,
 	.mpo_port_check_label_update = sebsd_port_check_label_update,
-	.mpo_port_check_send = sebsd_port_check_send,
-	.mpo_port_check_receive = sebsd_port_check_receive,
 	.mpo_port_check_make_send = sebsd_port_check_make_send,
 	.mpo_port_check_make_send_once = sebsd_port_check_make_send_once,
-	.mpo_port_check_copy_send = sebsd_port_check_copy_send,
+	.mpo_port_check_method = sebsd_port_check_method,
+	.mpo_port_check_move_receive = sebsd_port_check_move_recv,
 	.mpo_port_check_move_send = sebsd_port_check_move_send,
 	.mpo_port_check_move_send_once = sebsd_port_check_move_send_once,
-	.mpo_port_check_move_receive = sebsd_port_check_move_recv,
-	.mpo_port_check_hold_send = sebsd_port_check_hold_send,
-	.mpo_port_check_hold_send_once = sebsd_port_check_hold_send_once,
-	.mpo_port_check_hold_receive = sebsd_port_check_hold_recv,
+	.mpo_port_check_receive = sebsd_port_check_receive,
+	.mpo_port_check_send = sebsd_port_check_send,
+	.mpo_port_check_service = sebsd_port_check_service,
+	.mpo_port_label_associate = sebsd_port_create,
+	.mpo_port_label_associate_kernel = sebsd_port_label_associate_kernel,
+	.mpo_port_label_compute = sebsd_request_label,
+	.mpo_port_label_copy = sebsd_task_label_copy,
+	.mpo_port_label_destroy = sebsd_cred_label_destroy,
+	.mpo_port_label_init = sebsd_cred_label_init,
+	.mpo_port_label_update_cred = sebsd_port_label_update_cred,
+	.mpo_posixsem_check_create = sebsd_posixsem_check_create,
+	.mpo_posixsem_check_open = sebsd_posixsem_check_open,
+	.mpo_posixsem_check_post = sebsd_posixsem_check_post,
+	.mpo_posixsem_check_unlink = sebsd_posixsem_check_unlink,
+	.mpo_posixsem_check_wait = sebsd_posixsem_check_wait,
+	.mpo_posixsem_label_associate = sebsd_posixsem_label_associate,
+	.mpo_posixsem_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_posixsem_label_init = sebsd_init_ipc_label,
+	.mpo_posixshm_check_create = sebsd_posixshm_check_create,
+	.mpo_posixshm_check_mmap = sebsd_posixshm_check_mmap,
+	.mpo_posixshm_check_open = sebsd_posixshm_check_open,
+	.mpo_posixshm_check_stat = sebsd_posixshm_check_stat,
+	.mpo_posixshm_check_truncate = sebsd_posixshm_check_truncate,
+	.mpo_posixshm_check_unlink = sebsd_posixshm_check_unlink,
+	.mpo_posixshm_label_associate = sebsd_posixshm_label_associate,
+	.mpo_posixshm_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_posixshm_label_init = sebsd_init_ipc_label,
 	.mpo_proc_check_debug = sebsd_proc_check_debug,
-	.mpo_task_check_get_port = sebsd_task_check_get_port,
 	.mpo_proc_check_getaudit = sebsd_proc_check_getaudit,
 	.mpo_proc_check_mprotect = sebsd_proc_check_mprotect,
 	.mpo_proc_check_sched = sebsd_proc_check_sched,
@@ -3681,55 +3672,90 @@
 	.mpo_socket_check_bind = sebsd_socket_check_bind,
 	.mpo_socket_check_connect = sebsd_socket_check_connect,
 	.mpo_socket_check_create = sebsd_socket_check_create,
-//	.mpo_socket_check_deliver = sebsd_socket_check_deliver,
-//	.mpo_socket_check_kqfilter = sebsd_socket_check_kqfilter,
+	.mpo_socket_check_label_update = sebsd_socket_check_label_update,
 	.mpo_socket_check_listen = sebsd_socket_check_listen,
 	.mpo_socket_check_receive = sebsd_socket_check_receive,
-	.mpo_socket_check_label_update = sebsd_socket_check_label_update,
-//	.mpo_socket_check_select = sebsd_socket_check_select,
 	.mpo_socket_check_send = sebsd_socket_check_send,
 	.mpo_socket_check_stat = sebsd_socket_check_stat,
+	.mpo_socket_label_associate = sebsd_socket_label_associate,
+	.mpo_socket_label_associate_accept = sebsd_socket_label_associate_accept,
+	.mpo_socket_label_copy = copy_network_label,
+	.mpo_socket_label_destroy = sebsd_destroy_network_label,
+	.mpo_socket_label_externalize = sebsd_network_label_externalize,
+	.mpo_socket_label_init = sebsd_init_network_label_waitcheck,
+	.mpo_socket_label_internalize = sebsd_network_label_internalize,
+	.mpo_socket_label_update = sebsd_socket_label_update,
+	.mpo_socketpeer_label_associate_mbuf = sebsd_socketpeer_label_associate_mbuf,
+	.mpo_socketpeer_label_associate_socket = sebsd_socketpeer_label_associate_socket,
+	.mpo_socketpeer_label_destroy = sebsd_destroy_network_label,
+	.mpo_socketpeer_label_externalize = sebsd_network_label_externalize,
+	.mpo_socketpeer_label_init = sebsd_init_network_label_waitcheck,
 	.mpo_system_check_acct = sebsd_system_check_acct,
 	.mpo_system_check_audit = sebsd_system_check_audit,
 	.mpo_system_check_auditctl = sebsd_system_check_auditctl,
 	.mpo_system_check_auditon = sebsd_system_check_auditon,
 	.mpo_system_check_nfsd = sebsd_system_check_nfsd,
-	.mpo_system_check_swapon = sebsd_system_check_swapon,
-	.mpo_system_check_swapoff = sebsd_system_check_swapon,
 	.mpo_system_check_reboot = sebsd_system_check_reboot,
 	.mpo_system_check_settime = sebsd_system_check_settime,
-
+	.mpo_system_check_swapoff = sebsd_system_check_swapon,
+	.mpo_system_check_swapon = sebsd_system_check_swapon,
+	.mpo_sysvmsg_label_associate = sebsd_sysvmsg_label_associate,
+	.mpo_sysvmsg_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_sysvmsg_label_init = sebsd_init_ipc_label,
+	.mpo_sysvmsg_label_recycle = sebsd_cleanup_sysv_label,
+	.mpo_sysvmsq_check_enqueue = sebsd_sysvmsq_check_enqueue,
+	.mpo_sysvmsq_check_msgrcv = sebsd_sysvmsq_check_msgrcv,
+	.mpo_sysvmsq_check_msqctl = sebsd_sysvmsq_check_msqctl,
+	.mpo_sysvmsq_check_msqget = sebsd_sysvmsq_check_msqget,
+	.mpo_sysvmsq_check_msqrcv = sebsd_sysvmsq_check_msqrcv,
+	.mpo_sysvmsq_check_msqsnd = sebsd_sysvmsq_check_msqsnd,
+	.mpo_sysvmsq_label_associate = sebsd_sysvmsq_label_associate,
+	.mpo_sysvmsq_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_sysvmsq_label_init = sebsd_init_ipc_label,
+	.mpo_sysvmsq_label_recycle = sebsd_cleanup_sysv_label,
+	.mpo_sysvsem_check_semctl = sebsd_sysvsem_check_semctl,
+	.mpo_sysvsem_check_semget = sebsd_sysvsem_check_semget,
+	.mpo_sysvsem_check_semop = sebsd_sysvsem_check_semop,
+	.mpo_sysvsem_label_associate = sebsd_sysvsem_label_associate,
+	.mpo_sysvsem_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_sysvsem_label_init = sebsd_init_ipc_label,
+	.mpo_sysvsem_label_recycle = sebsd_cleanup_sysv_label,
+	.mpo_sysvshm_check_shmat = sebsd_sysvshm_check_shmat,
+	.mpo_sysvshm_check_shmctl = sebsd_sysvshm_check_shmctl,
+	.mpo_sysvshm_check_shmget = sebsd_sysvshm_check_shmget,
+	.mpo_sysvshm_label_associate = sebsd_sysvshm_label_associate,
+	.mpo_sysvshm_label_destroy = sebsd_destroy_ipc_label,
+	.mpo_sysvshm_label_init = sebsd_init_ipc_label,
+	.mpo_sysvshm_label_recycle = sebsd_cleanup_sysv_label,
+	.mpo_task_check_get_port = sebsd_task_check_get_port,
+	.mpo_task_label_associate = sebsd_task_create,
+	.mpo_task_label_associate_kernel = sebsd_task_create_kernel,
+	.mpo_task_label_copy = sebsd_task_label_copy,
+	.mpo_task_label_destroy = sebsd_cred_label_destroy,
+	.mpo_task_label_externalize = sebsd_cred_label_externalize,
+	.mpo_task_label_init = sebsd_cred_label_init,
+	.mpo_task_label_internalize = sebsd_cred_label_internalize,
+	.mpo_task_label_update = sebsd_task_label_update,
 	.mpo_vnode_check_access = sebsd_vnode_check_access,
 	.mpo_vnode_check_chdir = sebsd_vnode_check_chdir,
 	.mpo_vnode_check_chroot = sebsd_vnode_check_chroot,
 	.mpo_vnode_check_create = sebsd_vnode_check_create,
-	.mpo_vnode_check_unlink = sebsd_vnode_check_unlink,
 	.mpo_vnode_check_exchangedata = sebsd_vnode_check_exchangedata,
 	.mpo_vnode_check_exec = sebsd_vnode_check_exec,
-
-#ifdef EXTATTR
+	.mpo_vnode_check_getattrlist = sebsd_vnode_check_getattrlist,
 	.mpo_vnode_check_getextattr = sebsd_vnode_check_getextattr,
-	.mpo_vnode_check_listextattr = NOT_IMPLEMENTED,
-	.mpo_vnode_check_deleteextattr = NOT_IMPLEMENTED,
-#endif
-	.mpo_vnode_check_getattrlist = sebsd_vnode_check_getattrlist,
-//	.mpo_vnode_check_kqfilter = sebsd_vnode_check_kqfilter,
+	.mpo_vnode_check_ioctl = sebsd_vnode_check_ioctl,
+	.mpo_vnode_check_label_update = sebsd_vnode_check_label_update,
 	.mpo_vnode_check_link = sebsd_vnode_check_link,
 	.mpo_vnode_check_lookup = sebsd_vnode_check_lookup,
-	.mpo_vnode_check_ioctl = sebsd_vnode_check_ioctl,
 	.mpo_vnode_check_open = sebsd_vnode_check_open,
 	.mpo_vnode_check_read = sebsd_vnode_check_read,
 	.mpo_vnode_check_readdir = sebsd_vnode_check_readdir,
 	.mpo_vnode_check_readlink = sebsd_vnode_check_readlink,
-	.mpo_vnode_check_label_update = sebsd_vnode_check_label_update,
 	.mpo_vnode_check_rename_from = sebsd_vnode_check_rename_from,
 	.mpo_vnode_check_rename_to = sebsd_vnode_check_rename_to,
 	.mpo_vnode_check_revoke = sebsd_vnode_check_revoke,
-//	.mpo_vnode_check_select = sebsd_vnode_check_select,
-#ifdef FILE__SETATTR
 	.mpo_vnode_check_setattrlist = sebsd_vnode_check_setattrlist,
-#endif
-	.mpo_vnode_check_getextattr = sebsd_vnode_check_getextattr,
 	.mpo_vnode_check_setextattr = sebsd_vnode_check_setextattr,
 	.mpo_vnode_check_setflags = sebsd_vnode_check_setflags,
 	.mpo_vnode_check_setmode = sebsd_vnode_check_setmode,
@@ -3737,110 +3763,27 @@
 	.mpo_vnode_check_setutimes = sebsd_vnode_check_setutimes,
 	.mpo_vnode_check_stat = sebsd_vnode_check_stat,
 	.mpo_vnode_check_truncate = sebsd_vnode_check_truncate,
+	.mpo_vnode_check_unlink = sebsd_vnode_check_unlink,
 	.mpo_vnode_check_write = sebsd_vnode_check_write,
-	.mpo_pipe_check_ioctl = sebsd_pipe_check_ioctl,
-//	.mpo_pipe_check_kqfilter = sebsd_pipe_check_kqfilter,
-	.mpo_pipe_check_read = sebsd_pipe_check_read,
-	.mpo_pipe_check_label_update = sebsd_pipe_check_label_update,
-//	.mpo_pipe_check_select = sebsd_pipe_check_select,
-	.mpo_pipe_check_stat = sebsd_pipe_check_stat,
-	.mpo_pipe_check_write = sebsd_pipe_check_write,
-
-	/* File Descriptors */
-	.mpo_file_label_init = sebsd_file_label_init,
-	.mpo_file_label_associate = sebsd_file_label_associate,
-	.mpo_file_label_destroy = sebsd_label_destroy,
-#ifdef FD__CREATE
-	.mpo_file_check_create = sebsd_file_check_create,
-#endif
-	.mpo_file_check_ioctl = sebsd_file_check_ioctl,
-	.mpo_file_check_get_flags = sebsd_file_check_get_flags,
-	.mpo_file_check_get_ofileflags = sebsd_file_check_get_ofileflags,
-	.mpo_file_check_change_flags = sebsd_file_check_change_flags,
-	.mpo_file_check_change_ofileflags = sebsd_file_check_change_ofileflags,
-	.mpo_file_check_get_offset = sebsd_file_check_get_offset,
-	.mpo_file_check_change_offset = sebsd_file_check_change_offset,
-	.mpo_file_check_inherit = sebsd_file_check_receive,
-	.mpo_file_check_receive = sebsd_file_check_receive,
-	.mpo_file_check_dup = sebsd_file_check_dup,
-	.mpo_file_check_mmap = sebsd_file_check_mmap,
-
-	/* Mount Points */
-	.mpo_mount_label_init = sebsd_mount_label_init,
-	.mpo_mount_label_associate = sebsd_mount_label_associate,
-	.mpo_mount_label_internalize = sebsd_mount_label_internalize,
-	.mpo_mount_label_externalize = sebsd_mount_label_externalize,
-	.mpo_mount_label_destroy = sebsd_label_destroy,
-	.mpo_mount_check_label_update = sebsd_mount_check_label_update,
-	.mpo_mount_check_mount = sebsd_mount_check_mount,
-	.mpo_mount_check_umount = sebsd_mount_check_umount,
-	.mpo_mount_check_remount = sebsd_mount_check_remount,
-	.mpo_mount_check_stat = sebsd_mount_check_stat,
-	.mpo_mount_check_getattr = sebsd_mount_check_getattr,
-//	.mpo_mount_check_setattr = sebsd_mount_check_setattr,
-
+	.mpo_vnode_label_associate_devfs = sebsd_vnode_label_associate_devfs,
+	.mpo_vnode_label_associate_extattr = sebsd_vnode_label_associate_extattr,
+	.mpo_vnode_label_associate_file = sebsd_vnode_label_associate_file,
+	.mpo_vnode_label_associate_pipe = sebsd_vnode_label_associate_pipe,
+	.mpo_vnode_label_associate_posixsem = sebsd_vnode_label_associate_posixsem,
+	.mpo_vnode_label_associate_posixshm = sebsd_vnode_label_associate_posixshm,
+	.mpo_vnode_label_associate_singlelabel = sebsd_vnode_label_associate_singlelabel,
+	.mpo_vnode_label_associate_socket = sebsd_vnode_label_associate_socket,
+	.mpo_vnode_label_copy = sebsd_vnode_label_copy,
+	.mpo_vnode_label_destroy = sebsd_vnode_label_destroy,
+	.mpo_vnode_label_externalize = sebsd_vnode_label_externalize,
+	.mpo_vnode_label_externalize_audit = sebsd_vnode_label_externalize,
+	.mpo_vnode_label_init = sebsd_vnode_label_init,
+	.mpo_vnode_label_internalize = sebsd_vnode_label_internalize,
+	.mpo_vnode_label_recycle = sebsd_vnode_label_recycle,
 	.mpo_vnode_label_store = sebsd_vnode_label_store,
-
-	/* System V IPC Entry Points */
-	.mpo_sysvmsg_label_init = sebsd_init_ipc_label,
-	.mpo_sysvmsq_label_init = sebsd_init_ipc_label,
-	.mpo_sysvsem_label_init = sebsd_init_ipc_label,
-	.mpo_sysvshm_label_init = sebsd_init_ipc_label,
-
-	.mpo_sysvmsg_label_associate = sebsd_sysvmsg_label_associate,
-	.mpo_sysvmsq_label_associate = sebsd_sysvmsq_label_associate,
-	.mpo_sysvsem_label_associate = sebsd_sysvsem_label_associate,
-	.mpo_sysvshm_label_associate = sebsd_sysvshm_label_associate,
-	.mpo_sysvmsg_label_recycle = sebsd_cleanup_sysv_label,
-	.mpo_sysvmsq_label_recycle = sebsd_cleanup_sysv_label,
-	.mpo_sysvsem_label_recycle = sebsd_cleanup_sysv_label,
-	.mpo_sysvshm_label_recycle = sebsd_cleanup_sysv_label,
-	.mpo_sysvmsg_label_destroy = sebsd_destroy_ipc_label,
-	.mpo_sysvmsq_label_destroy = sebsd_destroy_ipc_label,
-	.mpo_sysvsem_label_destroy = sebsd_destroy_ipc_label,
-	.mpo_sysvshm_label_destroy = sebsd_destroy_ipc_label,
-
-	.mpo_sysvmsq_check_enqueue = sebsd_sysvmsq_check_enqueue,
-	.mpo_sysvmsq_check_msgrcv = sebsd_sysvmsq_check_msgrcv,
-//	.mpo_sysvmsq_check_msgrmid = sebsd_sysvmsq_check_msgrmid,
-	.mpo_sysvmsq_check_msqget = sebsd_sysvmsq_check_msqget,
-	.mpo_sysvmsq_check_msqsnd = sebsd_sysvmsq_check_msqsnd,
-	.mpo_sysvmsq_check_msqrcv = sebsd_sysvmsq_check_msqrcv,
-	.mpo_sysvmsq_check_msqctl = sebsd_sysvmsq_check_msqctl,
-	.mpo_sysvsem_check_semctl = sebsd_sysvsem_check_semctl,
-	.mpo_sysvsem_check_semget = sebsd_sysvsem_check_semget,
-	.mpo_sysvsem_check_semop = sebsd_sysvsem_check_semop,
-	.mpo_sysvshm_check_shmat = sebsd_sysvshm_check_shmat,
-	.mpo_sysvshm_check_shmctl = sebsd_sysvshm_check_shmctl,
-	.mpo_sysvshm_check_shmget = sebsd_sysvshm_check_shmget,
-
-	.mpo_port_check_method = sebsd_port_check_method,
-
-	/* POSIX IPC Entry Points */
-	.mpo_posixsem_label_init = sebsd_init_ipc_label,
-	.mpo_posixsem_label_associate = sebsd_posixsem_label_associate,
-	.mpo_posixsem_label_destroy = sebsd_destroy_ipc_label,
-	.mpo_posixsem_check_create = sebsd_posixsem_check_create,
-	.mpo_posixsem_check_open = sebsd_posixsem_check_open,
-	.mpo_posixsem_check_post = sebsd_posixsem_check_post,
-	.mpo_posixsem_check_unlink = sebsd_posixsem_check_unlink,
-	.mpo_posixsem_check_wait = sebsd_posixsem_check_wait,
-
-	.mpo_posixshm_label_init = sebsd_init_ipc_label,
-	.mpo_posixshm_label_associate = sebsd_posixshm_label_associate,
-	.mpo_posixshm_label_destroy = sebsd_destroy_ipc_label,
-	.mpo_posixshm_check_create = sebsd_posixshm_check_create,
-	.mpo_posixshm_check_open = sebsd_posixshm_check_open,
-	.mpo_posixshm_check_mmap = sebsd_posixshm_check_mmap,
-	.mpo_posixshm_check_stat = sebsd_posixshm_check_stat,
-	.mpo_posixshm_check_truncate = sebsd_posixshm_check_truncate,
-	.mpo_posixshm_check_unlink = sebsd_posixshm_check_unlink,
-
-	/* Misc */
-	.mpo_socketpeer_label_associate_mbuf = sebsd_socketpeer_label_associate_mbuf,
-	.mpo_socketpeer_label_associate_socket = sebsd_socketpeer_label_associate_socket,
-
-	.mpo_policy_syscall = sebsd_syscall
+	.mpo_vnode_label_update = sebsd_vnode_label_update,
+	.mpo_vnode_label_update_extattr = sebsd_vnode_label_update_extattr,
+	.mpo_vnode_notify_create = sebsd_vnode_notify_create
 };
 
 static const char *labelnamespaces[SEBSD_MAC_LABEL_NAME_COUNT] =