Further MAC Framework cleanup: normalize some local variable names and

clean up some comments.

Obtained from:	TrustedBSD Project

6 files changed, 49 insertions, 48 deletions

diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index a00b90f..44ee79f 100644
--- a/sys/security/mac/mac_framework.h
+++ b/sys/security/mac/mac_framework.h
@@ -218,9 +218,9 @@ int	mac_execve_enter(struct image_params *imgp, struct mac *mac_p);
 void	mac_execve_exit(struct image_params *imgp);
 void	mac_vnode_execve_transition(struct ucred *oldcred,
 	    struct ucred *newcred, struct vnode *vp,
-	    struct label *interpvnodelabel, struct image_params *imgp);
+	    struct label *interpvplabel, struct image_params *imgp);
 int	mac_vnode_execve_will_transition(struct ucred *cred,
-	    struct vnode *vp, struct label *interpvnodelabel,
+	    struct vnode *vp, struct label *interpvplabel,
 	    struct image_params *imgp);
 void	mac_proc_create_swapper(struct ucred *cred);
 void	mac_proc_create_init(struct ucred *cred);
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 5106d94..2ff8c83 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -339,12 +339,12 @@ typedef void	(*mpo_create_mbuf_from_syncache_t)(struct label *sc_label,
  */
 typedef void	(*mpo_vnode_execve_transition_t)(struct ucred *old,
 		    struct ucred *new, struct vnode *vp,
-		    struct label *vplabel, struct label *interpvnodelabel,
+		    struct label *vplabel, struct label *interpvplabel,
 		    struct image_params *imgp, struct label *execlabel);
 typedef int	(*mpo_vnode_execve_will_transition_t)(struct ucred *old,
 		    struct vnode *vp, struct label *vplabel,
-		    struct label *interpvnodelabel,
-		    struct image_params *imgp, struct label *execlabel);
+		    struct label *interpvplabel, struct image_params *imgp,
+		    struct label *execlabel);
 typedef void	(*mpo_proc_create_swapper_t)(struct ucred *cred);
 typedef void	(*mpo_proc_create_init_t)(struct ucred *cred);
 typedef void	(*mpo_cred_relabel_t)(struct ucred *cred,
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index d6546f6..85af045 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -321,19 +321,18 @@ mac_vnode_setlabel_extattr(struct ucred *cred, struct vnode *vp,
 
 void
 mac_vnode_execve_transition(struct ucred *old, struct ucred *new,
-    struct vnode *vp, struct label *interpvnodelabel,
-    struct image_params *imgp)
+    struct vnode *vp, struct label *interpvplabel, struct image_params *imgp)
 {
 
 	ASSERT_VOP_LOCKED(vp, "mac_vnode_execve_transition");
 
 	MAC_PERFORM(vnode_execve_transition, old, new, vp, vp->v_label,
-	    interpvnodelabel, imgp, imgp->execlabel);
+	    interpvplabel, imgp, imgp->execlabel);
 }
 
 int
 mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
-    struct label *interpvnodelabel, struct image_params *imgp)
+    struct label *interpvplabel, struct image_params *imgp)
 {
 	int result;
 
@@ -341,7 +340,7 @@ mac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
 
 	result = 0;
 	MAC_BOOLEAN(vnode_execve_will_transition, ||, old, vp, vp->v_label,
-	    interpvnodelabel, imgp, imgp->execlabel);
+	    interpvplabel, imgp, imgp->execlabel);
 
 	return (result);
 }
@@ -494,8 +493,8 @@ mac_vnode_check_lookup(struct ucred *cred, struct vnode *dvp,
 }
 
 int
-mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp,
-    int prot, int flags)
+mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp, int prot,
+    int flags)
 {
 	int error;
 
@@ -506,7 +505,8 @@ mac_vnode_check_mmap(struct ucred *cred, struct vnode *vp,
 }
 
 void
-mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp, int *prot)
+mac_vnode_check_mmap_downgrade(struct ucred *cred, struct vnode *vp,
+    int *prot)
 {
 	int result = *prot;
 
@@ -728,8 +728,8 @@ mac_vnode_check_stat(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 int
-mac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp, struct vnode *vp,
-    struct componentname *cnp)
+mac_vnode_check_unlink(struct ucred *cred, struct vnode *dvp,
+    struct vnode *vp, struct componentname *cnp)
 {
 	int error;
 
@@ -756,7 +756,8 @@ mac_vnode_check_write(struct ucred *active_cred, struct ucred *file_cred,
 }
 
 void
-mac_vnode_relabel(struct ucred *cred, struct vnode *vp, struct label *newlabel)
+mac_vnode_relabel(struct ucred *cred, struct vnode *vp,
+    struct label *newlabel)
 {
 
 	MAC_PERFORM(vnode_relabel, cred, vp, vp->v_label, newlabel);
@@ -806,9 +807,9 @@ mac_devfs_create_directory(struct mount *mp, char *dirname, int dirnamelen,
 }
 
 /*
- * Implementation of VOP_SETLABEL() that relies on extended attributes
- * to store label data.  Can be referenced by filesystems supporting
- * extended attributes.
+ * Implementation of VOP_SETLABEL() that relies on extended attributes to
+ * store label data.  Can be referenced by filesystems supporting extended
+ * attributes.
  */
 int
 vop_stdsetlabel_ea(struct vop_setlabel_args *ap)
@@ -862,8 +863,8 @@ vn_setlabel(struct vnode *vp, struct label *intlabel, struct ucred *cred)
 	 * VADMIN provides the opportunity for the filesystem to make
 	 * decisions about who is and is not able to modify labels and
 	 * protections on files.  This might not be right.  We can't assume
-	 * VOP_SETLABEL() will do it, because we might implement that as
-	 * part of vop_stdsetlabel_ea().
+	 * VOP_SETLABEL() will do it, because we might implement that as part
+	 * of vop_stdsetlabel_ea().
 	 */
 	error = VOP_ACCESS(vp, VADMIN, cred, curthread);
 	if (error)
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 8b44a09..e66cfe9 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -1483,7 +1483,7 @@ mac_lomac_mbuf_create_from_firewall(struct mbuf *m, struct label *mlabel)
  */
 static void
 mac_lomac_vnode_execve_transition(struct ucred *old, struct ucred *new,
-    struct vnode *vp, struct label *vplabel, struct label *interpvnodelabel,
+    struct vnode *vp, struct label *vplabel, struct label *interpvplabel,
     struct image_params *imgp, struct label *execlabel)
 {
 	struct mac_lomac *source, *dest, *obj, *robj;
@@ -1491,7 +1491,7 @@ mac_lomac_vnode_execve_transition(struct ucred *old, struct ucred *new,
 	source = SLOT(old->cr_label);
 	dest = SLOT(new->cr_label);
 	obj = SLOT(vplabel);
-	robj = interpvnodelabel != NULL ? SLOT(interpvnodelabel) : obj;
+	robj = interpvplabel != NULL ? SLOT(interpvplabel) : obj;
 
 	mac_lomac_copy(source, dest);
 	/*
@@ -1519,7 +1519,7 @@ mac_lomac_vnode_execve_transition(struct ucred *old, struct ucred *new,
 
 static int
 mac_lomac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
-    struct label *vplabel, struct label *interpvnodelabel,
+    struct label *vplabel, struct label *interpvplabel,
     struct image_params *imgp, struct label *execlabel)
 {
 	struct mac_lomac *subj, *obj, *robj;
@@ -1529,7 +1529,7 @@ mac_lomac_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
 
 	subj = SLOT(old->cr_label);
 	obj = SLOT(vplabel);
-	robj = interpvnodelabel != NULL ? SLOT(interpvnodelabel) : obj;
+	robj = interpvplabel != NULL ? SLOT(interpvplabel) : obj;
 
 	return ((robj->ml_flags & MAC_LOMAC_FLAG_AUX &&
 	    !mac_lomac_dominate_element(&robj->ml_auxsingle, &subj->ml_single)
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 56a0953..584053b 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -179,8 +179,8 @@ stub_vnode_associate_extattr(struct mount *mp, struct label *mplabel,
 }
 
 static void
-stub_vnode_associate_singlelabel(struct mount *mp,
-    struct label *mplabel, struct vnode *vp, struct label *vplabel)
+stub_vnode_associate_singlelabel(struct mount *mp, struct label *mplabel,
+    struct vnode *vp, struct label *vplabel)
 {
 
 }
@@ -411,7 +411,7 @@ stub_create_mbuf_from_syncache(struct label *sc_label, struct mbuf *m,
 }
 
 static void
-stub_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
+stub_create_mbuf_linklayer(struct ifnet *ifp, struct label *iflpabel,
     struct mbuf *m, struct label *mlabel)
 {
 
@@ -498,7 +498,7 @@ stub_inpcb_sosetlabel(struct socket *so, struct label *solabel,
  */
 static void
 stub_vnode_execve_transition(struct ucred *old, struct ucred *new,
-    struct vnode *vp, struct label *vplabel, struct label *interpvnodelabel,
+    struct vnode *vp, struct label *vplabel, struct label *interpvplabel,
     struct image_params *imgp, struct label *execlabel)
 {
 
@@ -506,7 +506,7 @@ stub_vnode_execve_transition(struct ucred *old, struct ucred *new,
 
 static int
 stub_vnode_execve_will_transition(struct ucred *old, struct vnode *vp,
-    struct label *vplabel, struct label *interpvnodelabel,
+    struct label *vplabel, struct label *interpvplabel,
     struct image_params *imgp, struct label *execlabel)
 {
 
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index c7eaaad..944fb8b 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -874,10 +874,10 @@ mac_test_netinet_fragment(struct mbuf *datagram, struct label *datagramlabel,
 
 COUNTER_DECL(ifnet_create);
 static void
-mac_test_ifnet_create(struct ifnet *ifnet, struct label *ifnetlabel)
+mac_test_ifnet_create(struct ifnet *ifp, struct label *ifplabel)
 {
 
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	COUNTER_INC(ifnet_create);
 }
 
@@ -957,11 +957,11 @@ mac_test_inpcb_create_mbuf(struct inpcb *inp, struct label *inplabel,
 
 COUNTER_DECL(create_mbuf_linklayer);
 static void
-mac_test_create_mbuf_linklayer(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_test_create_mbuf_linklayer(struct ifnet *ifp, struct label *ifplabel,
     struct mbuf *mbuf, struct label *mbuflabel)
 {
 
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(mbuflabel, MAGIC_MBUF);
 	COUNTER_INC(create_mbuf_linklayer);
 }
@@ -979,11 +979,11 @@ mac_test_bpfdesc_create_mbuf(struct bpf_d *bpf_d, struct label *bpflabel,
 
 COUNTER_DECL(ifnet_create_mbuf);
 static void
-mac_test_ifnet_create_mbuf(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_test_ifnet_create_mbuf(struct ifnet *ifp, struct label *ifplabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(mbuflabel, MAGIC_MBUF);
 	COUNTER_INC(ifnet_create_mbuf);
 }
@@ -991,12 +991,12 @@ mac_test_ifnet_create_mbuf(struct ifnet *ifnet, struct label *ifnetlabel,
 COUNTER_DECL(mbuf_create_multicast_encap);
 static void
 mac_test_mbuf_create_multicast_encap(struct mbuf *oldmbuf,
-    struct label *oldmbuflabel, struct ifnet *ifnet, struct label *ifnetlabel,
+    struct label *oldmbuflabel, struct ifnet *ifp, struct label *ifplabel,
     struct mbuf *newmbuf, struct label *newmbuflabel)
 {
 
 	LABEL_CHECK(oldmbuflabel, MAGIC_MBUF);
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(newmbuflabel, MAGIC_MBUF);
 	COUNTER_INC(mbuf_create_multicast_encap);
 }
@@ -1046,12 +1046,12 @@ mac_test_netinet_tcp_reply(struct mbuf *m, struct label *mlabel)
 
 COUNTER_DECL(ifnet_relabel);
 static void
-mac_test_ifnet_relabel(struct ucred *cred, struct ifnet *ifnet,
-    struct label *ifnetlabel, struct label *newlabel)
+mac_test_ifnet_relabel(struct ucred *cred, struct ifnet *ifp,
+    struct label *ifplabel, struct label *newlabel)
 {
 
 	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(newlabel, MAGIC_IFNET);
 	COUNTER_INC(ifnet_relabel);
 }
@@ -1194,11 +1194,11 @@ mac_test_sysvshm_cleanup(struct label *shmlabel)
 COUNTER_DECL(bpfdesc_check_receive);
 static int
 mac_test_bpfdesc_check_receive(struct bpf_d *bpf_d, struct label *bpflabel,
-    struct ifnet *ifnet, struct label *ifnetlabel)
+    struct ifnet *ifp, struct label *ifplabel)
 {
 
 	LABEL_CHECK(bpflabel, MAGIC_BPF);
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	COUNTER_INC(bpfdesc_check_receive);
 
 	return (0);
@@ -1230,12 +1230,12 @@ mac_test_cred_check_visible(struct ucred *u1, struct ucred *u2)
 
 COUNTER_DECL(ifnet_check_relabel);
 static int
-mac_test_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifnet,
-    struct label *ifnetlabel, struct label *newlabel)
+mac_test_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp,
+    struct label *ifplabel, struct label *newlabel)
 {
 
 	LABEL_CHECK(cred->cr_label, MAGIC_CRED);
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(newlabel, MAGIC_IFNET);
 	COUNTER_INC(ifnet_check_relabel);
 
@@ -1244,11 +1244,11 @@ mac_test_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifnet,
 
 COUNTER_DECL(ifnet_check_transmit);
 static int
-mac_test_ifnet_check_transmit(struct ifnet *ifnet, struct label *ifnetlabel,
+mac_test_ifnet_check_transmit(struct ifnet *ifp, struct label *ifplabel,
     struct mbuf *m, struct label *mbuflabel)
 {
 
-	LABEL_CHECK(ifnetlabel, MAGIC_IFNET);
+	LABEL_CHECK(ifplabel, MAGIC_IFNET);
 	LABEL_CHECK(mbuflabel, MAGIC_MBUF);
 	COUNTER_INC(ifnet_check_transmit);