The TrustedBSD MAC Framework named struct ipq instances 'ipq', which is the

same as the global variable defined in ip_input.c.  Instead, adopt the name
'q' as found in about 1/2 of uses in ip_input.c, preventing a collision on
the name.  This is non-harmful, but means that search and replace on the
global works less well (as in the virtualization work), as well as indexing
tools.

MFC after:	1 week
Reported by:	julian

3 files changed, 25 insertions, 26 deletions

diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index fa574e9..9b02e4f 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -137,12 +137,12 @@ void	mac_inpcb_destroy(struct inpcb *);
 int	mac_inpcb_init(struct inpcb *, int);
 void	mac_inpcb_sosetlabel(struct socket *so, struct inpcb *inp);
 
-void	mac_ipq_create(struct mbuf *m, struct ipq *ipq);
-void	mac_ipq_destroy(struct ipq *);
-int	mac_ipq_init(struct ipq *, int);
-int	mac_ipq_match(struct mbuf *m, struct ipq *ipq);
-void	mac_ipq_reassemble(struct ipq *ipq, struct mbuf *m);
-void	mac_ipq_update(struct mbuf *m, struct ipq *ipq);
+void	mac_ipq_create(struct mbuf *m, struct ipq *q);
+void	mac_ipq_destroy(struct ipq *q);
+int	mac_ipq_init(struct ipq *q, int);
+int	mac_ipq_match(struct mbuf *m, struct ipq *q);
+void	mac_ipq_reassemble(struct ipq *q, struct mbuf *m);
+void	mac_ipq_update(struct mbuf *m, struct ipq *q);
 
 int	mac_kenv_check_dump(struct ucred *cred);
 int	mac_kenv_check_get(struct ucred *cred, char *name);
diff --git a/sys/security/mac/mac_inet.c b/sys/security/mac/mac_inet.c
index 9356cd0..76268d3 100644
--- a/sys/security/mac/mac_inet.c
+++ b/sys/security/mac/mac_inet.c
@@ -117,11 +117,11 @@ mac_ipq_label_alloc(int flag)
 }
 
 int
-mac_ipq_init(struct ipq *ipq, int flag)
+mac_ipq_init(struct ipq *q, int flag)
 {
 
-	ipq->ipq_label = mac_ipq_label_alloc(flag);
-	if (ipq->ipq_label == NULL)
+	q->ipq_label = mac_ipq_label_alloc(flag);
+	if (q->ipq_label == NULL)
 		return (ENOMEM);
 	return (0);
 }
@@ -151,11 +151,11 @@ mac_ipq_label_free(struct label *label)
 }
 
 void
-mac_ipq_destroy(struct ipq *ipq)
+mac_ipq_destroy(struct ipq *q)
 {
 
-	mac_ipq_label_free(ipq->ipq_label);
-	ipq->ipq_label = NULL;
+	mac_ipq_label_free(q->ipq_label);
+	q->ipq_label = NULL;
 }
 
 void
@@ -166,13 +166,13 @@ mac_inpcb_create(struct socket *so, struct inpcb *inp)
 }
 
 void
-mac_ipq_reassemble(struct ipq *ipq, struct mbuf *m)
+mac_ipq_reassemble(struct ipq *q, struct mbuf *m)
 {
 	struct label *label;
 
 	label = mac_mbuf_to_label(m);
 
-	MAC_PERFORM(ipq_reassemble, ipq, ipq->ipq_label, m, label);
+	MAC_PERFORM(ipq_reassemble, q, q->ipq_label, m, label);
 }
 
 void
@@ -187,13 +187,13 @@ mac_netinet_fragment(struct mbuf *m, struct mbuf *frag)
 }
 
 void
-mac_ipq_create(struct mbuf *m, struct ipq *ipq)
+mac_ipq_create(struct mbuf *m, struct ipq *q)
 {
 	struct label *label;
 
 	label = mac_mbuf_to_label(m);
 
-	MAC_PERFORM(ipq_create, m, label, ipq, ipq->ipq_label);
+	MAC_PERFORM(ipq_create, m, label, q, q->ipq_label);
 }
 
 void
@@ -208,7 +208,7 @@ mac_inpcb_create_mbuf(struct inpcb *inp, struct mbuf *m)
 }
 
 int
-mac_ipq_match(struct mbuf *m, struct ipq *ipq)
+mac_ipq_match(struct mbuf *m, struct ipq *q)
 {
 	struct label *label;
 	int result;
@@ -216,7 +216,7 @@ mac_ipq_match(struct mbuf *m, struct ipq *ipq)
 	label = mac_mbuf_to_label(m);
 
 	result = 1;
-	MAC_BOOLEAN(ipq_match, &&, m, label, ipq, ipq->ipq_label);
+	MAC_BOOLEAN(ipq_match, &&, m, label, q, q->ipq_label);
 
 	return (result);
 }
@@ -278,13 +278,13 @@ mac_netinet_tcp_reply(struct mbuf *m)
 }
 
 void
-mac_ipq_update(struct mbuf *m, struct ipq *ipq)
+mac_ipq_update(struct mbuf *m, struct ipq *q)
 {
 	struct label *label;
 
 	label = mac_mbuf_to_label(m);
 
-	MAC_PERFORM(ipq_update, m, label, ipq, ipq->ipq_label);
+	MAC_PERFORM(ipq_update, m, label, q, q->ipq_label);
 }
 
 int
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 368558f..8f27ebb 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -199,16 +199,15 @@ typedef void	(*mpo_inpcb_sosetlabel_t)(struct socket *so,
 		    struct label *inplabel);
 
 typedef void	(*mpo_ipq_create_t)(struct mbuf *m, struct label *mlabel,
-		    struct ipq *ipq, struct label *ipqlabel);
+		    struct ipq *q, struct label *qlabel);
 typedef void	(*mpo_ipq_destroy_label_t)(struct label *label);
 typedef int	(*mpo_ipq_init_label_t)(struct label *label, int flag);
 typedef int	(*mpo_ipq_match_t)(struct mbuf *m, struct label *mlabel,
-		    struct ipq *ipq, struct label *ipqlabel);
-typedef void	(*mpo_ipq_reassemble)(struct ipq *ipq,
-		    struct label *ipqlabel, struct mbuf *m,
-		    struct label *mlabel);
+		    struct ipq *q, struct label *qlabel);
+typedef void	(*mpo_ipq_reassemble)(struct ipq *q, struct label *qlabel,
+		    struct mbuf *m, struct label *mlabel);
 typedef void	(*mpo_ipq_update_t)(struct mbuf *m, struct label *mlabel,
-		    struct ipq *ipq, struct label *ipqlabel);
+		    struct ipq *q, struct label *qlabel);
 
 typedef int	(*mpo_kenv_check_dump_t)(struct ucred *cred);
 typedef int	(*mpo_kenv_check_get_t)(struct ucred *cred, char *name);