Further MAC Framework cleanup: normalize some local variable names and

clean up some comments.

Obtained from:	TrustedBSD Project

3 files changed, 22 insertions, 21 deletions

diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index a00b90f..44ee79f 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -218,9 +218,9 @@ int	mac_execve_enter(struct image_params *imgp, struct mac *mac_p);
 void	mac_execve_exit(struct image_params *imgp);
 void	mac_vnode_execve_transition(struct ucred *oldcred,
 	    struct ucred *newcred, struct vnode *vp,
-	    struct label *interpvnodelabel, struct image_params *imgp);
+	    struct label *interpvplabel, struct image_params *imgp);
 int	mac_vnode_execve_will_transition(struct ucred *cred,
-	    struct vnode *vp, struct label *interpvnodelabel,
+	    struct vnode *vp, struct label *interpvplabel,
 	    struct image_params *imgp);
 void	mac_proc_create_swapper(struct ucred *cred);
 void	mac_proc_create_init(struct ucred *cred);
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 5106d94..2ff8c83 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -339,12 +339,12 @@ typedef void	(*mpo_create_mbuf_from_syncache_t)(struct label *sc_label,
  */
 typedef void	(*mpo_vnode_execve_transition_t)(struct ucred *old,
 		    struct ucred *new, struct vnode *vp,
-		    struct label *vplabel, struct label *interpvnodelabel,
+		    struct label *vplabel, struct label *interpvplabel,
 		    struct image_params *imgp, struct label *execlabel);
 typedef int	(*mpo_vnode_execve_will_transition_t)(struct ucred *old,
 		    struct vnode *vp, struct label *vplabel,
-		    struct label *interpvnodelabel,
-		    struct image_params *imgp, struct label *execlabel);
+		    struct label *interpvplabel, struct image_params *imgp,
+		    struct label *execlabel);
 typedef void	(*mpo_proc_create_swapper_t)(struct ucred *cred);
 typedef void	(*mpo_proc_create_init_t)(struct ucred *cred);
 typedef void	(*mpo_cred_relabel_t)(struct ucred *cred,
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index d6546f6..85af045 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -321,19 +321,18 @@ mac_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp,
 
 void
 mac_vnode_execve_transition(struct ucred *old, struct ucred *new,
-    struct vnode *vp, struct label *interpvnodelabel,
-    struct image_params *imgp)
+    struct vnode *vp, struct label *interpvplabel, struct image_params *imgp)
 {
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_execve_transition");
 
 	MAC_PERFORM(vnode_execve_transition, old, new, vp, vp->v_label,
-	    interpvnodelabel, imgp, imgp->execlabel);
+	    interpvplabel, imgp, imgp->execlabel);
 }
 
 int
 mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
-    struct label *interpvnodelabel, struct image_params *imgp)
+    struct label *interpvplabel, struct image_params *imgp)
 {
 	int result;
 
@@ -341,7 +340,7 @@ mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
 
 	result = 0;
 	MAC_BOOLEAN(vnode_execve_will_transition, ||, old, vp, vp->v_label,
-	    interpvnodelabel, imgp, imgp->execlabel);
+	    interpvplabel, imgp, imgp->execlabel);
 
 	return (result);
 }
@@ -494,8 +493,8 @@ mac_vnode_check_lookup(struct ucred *cred, struct vnode *dvp,
 }
 
 int
-mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp,
-    int prot, int flags)
+mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot,
+    int flags)
 {
 	int error;
 
@@ -506,7 +505,8 @@ mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp,
 }
 
 void
-mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, int *prot)
+mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp,
+    int *prot)
 {
 	int result = *prot;
 
@@ -728,8 +728,8 @@ mac_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 int
-mac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, struct vnode *vp,
-    struct componentname *cnp)
+mac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp,
+    struct vnode *vp, struct componentname *cnp)
 {
 	int error;
 
@@ -756,7 +756,8 @@ mac_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 void
-mac_vnode_relabel(struct ucred *cred, struct vnode *vp, struct label *newlabel)
+mac_vnode_relabel(struct ucred *cred, struct vnode *vp,
+    struct label *newlabel)
 {
 
 	MAC_PERFORM(vnode_relabel, cred, vp, vp->v_label, newlabel);
@@ -806,9 +807,9 @@ mac_devfs_create_directory(struct mount *mp, char *dirname, int dirnamelen,
 }
 
 /*
- * Implementation of VOP_SETLABEL() that relies on extended attributes
- * to store label data.  Can be referenced by filesystems supporting
- * extended attributes.
+ * Implementation of VOP_SETLABEL() that relies on extended attributes to
+ * store label data.  Can be referenced by filesystems supporting extended
+ * attributes.
  */
 int
 vop_stdsetlabel_ea(struct vop_setlabel_args *ap)
@@ -862,8 +863,8 @@ vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred)
 	 * VADMIN provides the opportunity for the filesystem to make
 	 * decisions about who is and is not able to modify labels and
 	 * protections on files.  This might not be right.  We can't assume
-	 * VOP_SETLABEL() will do it, because we might implement that as
-	 * part of vop_stdsetlabel_ea().
+	 * VOP_SETLABEL() will do it, because we might implement that as part
+	 * of vop_stdsetlabel_ea().
 	 */
 	error = VOP_ACCESS(vp, VADMIN, cred, curthread);
 	if (error)