[PATCH 3/4] Namespacing of security/selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Namespacing of security/selinux/ss/policydb.h.

Signed-off-by: Thomas Liu <tliu@xxxxxxxxxx>
---
 security/selinux/ss/avtab.c       |    4 +-
 security/selinux/ss/avtab.h       |    6 +-
 security/selinux/ss/conditional.c |   26 ++--
 security/selinux/ss/conditional.h |   12 +-
 security/selinux/ss/context.h     |   20 ++--
 security/selinux/ss/mls.c         |   62 +++++-----
 security/selinux/ss/mls.h         |   50 ++++----
 security/selinux/ss/policydb.c    |  164 +++++++++++-----------
 security/selinux/ss/policydb.h    |   86 ++++++------
 security/selinux/ss/services.c    |  270
++++++++++++++++++------------------
 security/selinux/ss/services.h    |    2 +-
 security/selinux/ss/sidtab.c      |   52 ++++----
 security/selinux/ss/sidtab.h      |   34 +++---
 security/selinux/ss/symtab.c      |    2 +-
 security/selinux/ss/symtab.h      |    4 +-
 15 files changed, 397 insertions(+), 397 deletions(-)

diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index fec765d..44d8167 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -323,7 +323,7 @@ static uint16_t spec_order[] = {
 	AVTAB_MEMBER
 };
 
-int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
struct policydb *pol,
+int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
struct selinux_ss_policydb *pol,
 		    int (*insertf)(struct selinux_ss_avtab *a, struct
selinux_ss_avtab_key *k,
 				   struct selinux_ss_avtab_datum *d, void *p),
 		    void *p)
@@ -457,7 +457,7 @@ static int avtab_insertf(struct selinux_ss_avtab *a,
struct selinux_ss_avtab_key
 	return avtab_insert(a, k, d);
 }
 
-int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
policydb *pol)
+int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
selinux_ss_policydb *pol)
 {
 	int rc;
 	__le32 buf[1];
diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h
index a7752bb..70b39c1 100644
--- a/security/selinux/ss/avtab.h
+++ b/security/selinux/ss/avtab.h
@@ -64,13 +64,13 @@ struct selinux_ss_avtab_datum
*selinux_ss_avtab_search(struct selinux_ss_avtab *
 void selinux_ss_avtab_destroy(struct selinux_ss_avtab *h);
 void selinux_ss_avtab_hash_eval(struct selinux_ss_avtab *h, char *tag);
 
-struct policydb;
-int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
struct policydb *pol,
+struct selinux_ss_policydb;
+int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
struct selinux_ss_policydb *pol,
 			       int (*insert)(struct selinux_ss_avtab *a, struct
selinux_ss_avtab_key *k,
 			       struct selinux_ss_avtab_datum *d, void *p),
 			       void *p);
 
-int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
policydb *pol);
+int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
selinux_ss_policydb *pol);
 
 struct selinux_ss_avtab_node *selinux_ss_avtab_insert_nonunique(struct
selinux_ss_avtab *h, struct selinux_ss_avtab_key *key,
 								struct selinux_ss_avtab_datum *datum);
diff --git a/security/selinux/ss/conditional.c
b/security/selinux/ss/conditional.c
index 306ef50..c48f1c2 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -22,7 +22,7 @@
  * or undefined (-1). Undefined occurs when the expression
  * exceeds the stack depth of COND_EXPR_MAXDEPTH.
  */
-static int cond_evaluate_expr(struct policydb *p, struct
selinux_ss_cond_expr *expr)
+static int cond_evaluate_expr(struct selinux_ss_policydb *p, struct
selinux_ss_cond_expr *expr)
 {
 
 	struct selinux_ss_cond_expr *cur;
@@ -86,7 +86,7 @@ static int cond_evaluate_expr(struct policydb *p,
struct selinux_ss_cond_expr *e
  * list appropriately. If the result of the expression is undefined
  * all of the rules are disabled for safety.
  */
-int selinux_ss_evaluate_cond_node(struct policydb *p, struct
selinux_ss_cond_node *node)
+int selinux_ss_evaluate__cond_node(struct selinux_ss_policydb *p,
struct selinux_ss_cond_node *node)
 {
 	int new_state;
 	struct selinux_ss_cond_av_list *cur;
@@ -115,7 +115,7 @@ int selinux_ss_evaluate_cond_node(struct policydb
*p, struct selinux_ss_cond_nod
 	return 0;
 }
 
-int selinux_ss_cond_policydb_init(struct policydb *p)
+int selinux_ss_cond_policydb_init(struct selinux_ss_policydb *p)
 {
 	p->bool_val_to_struct = NULL;
 	p->cond_list = NULL;
@@ -161,14 +161,14 @@ static void cond_list_destroy(struct
selinux_ss_cond_node *list)
 	}
 }
 
-void selinux_ss_cond_policydb_destroy(struct policydb *p)
+void selinux_ss_cond_policydb_destroy(struct selinux_ss_policydb *p)
 {
 	kfree(p->bool_val_to_struct);
 	selinux_ss_avtab_destroy(&p->te_cond_avtab);
 	cond_list_destroy(p->cond_list);
 }
 
-int selinux_ss_cond_init_bool_indexes(struct policydb *p)
+int selinux_ss_cond_init_bool_indexes(struct selinux_ss_policydb *p)
 {
 	kfree(p->bool_val_to_struct);
 	p->bool_val_to_struct = (struct selinux_ss_cond_bool_datum **)
@@ -187,7 +187,7 @@ int selinux_ss_cond_destroy_bool(void *key, void
*datum, void *p)
 
 int selinux_ss_cond_index_bool(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
+	struct selinux_ss_policydb *p;
 	struct selinux_ss_cond_bool_datum *booldatum;
 
 	booldatum = datum;
@@ -209,7 +209,7 @@ static int bool_isvalid(struct
selinux_ss_cond_bool_datum *b)
 	return 1;
 }
 
-int selinux_ss_cond_read_bool(struct policydb *p, struct
selinux_ss_hashtab *h, void *fp)
+int selinux_ss_cond_read_bool(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
 	struct selinux_ss_cond_bool_datum *booldatum;
@@ -250,7 +250,7 @@ err:
 }
 
 struct cond_insertf_data {
-	struct policydb *p;
+	struct selinux_ss_policydb *p;
 	struct selinux_ss_cond_av_list *other;
 	struct selinux_ss_cond_av_list *head;
 	struct selinux_ss_cond_av_list *tail;
@@ -259,7 +259,7 @@ struct cond_insertf_data {
 static int cond_insertf(struct selinux_ss_avtab *a, struct
selinux_ss_avtab_key *k, struct selinux_ss_avtab_datum *d, void *ptr)
 {
 	struct cond_insertf_data *data = ptr;
-	struct policydb *p = data->p;
+	struct selinux_ss_policydb *p = data->p;
 	struct selinux_ss_cond_av_list *other = data->other, *list, *cur;
 	struct selinux_ss_avtab_node *node_ptr;
 	u8 found;
@@ -334,7 +334,7 @@ err:
 	return -1;
 }
 
-static int cond_read_av_list(struct policydb *p, void *fp, struct
selinux_ss_cond_av_list **ret_list, struct selinux_ss_cond_av_list
*other)
+static int cond_read_av_list(struct selinux_ss_policydb *p, void *fp,
struct selinux_ss_cond_av_list **ret_list, struct
selinux_ss_cond_av_list *other)
 {
 	int i, rc;
 	__le32 buf[1];
@@ -368,7 +368,7 @@ static int cond_read_av_list(struct policydb *p,
void *fp, struct selinux_ss_con
 	return 0;
 }
 
-static int expr_isvalid(struct policydb *p, struct selinux_ss_cond_expr
*expr)
+static int expr_isvalid(struct selinux_ss_policydb *p, struct
selinux_ss_cond_expr *expr)
 {
 	if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) {
 		printk(KERN_ERR "SELinux: conditional expressions uses unknown
operator.\n");
@@ -382,7 +382,7 @@ static int expr_isvalid(struct policydb *p, struct
selinux_ss_cond_expr *expr)
 	return 1;
 }
 
-static int cond_read_node(struct policydb *p, struct
selinux_ss_cond_node *node, void *fp)
+static int cond_read_node(struct selinux_ss_policydb *p, struct
selinux_ss_cond_node *node, void *fp)
 {
 	__le32 buf[2];
 	u32 len, i;
@@ -437,7 +437,7 @@ err:
 	return -1;
 }
 
-int selinux_ss_cond_read_list(struct policydb *p, void *fp)
+int selinux_ss_cond_read_list(struct selinux_ss_policydb *p, void *fp)
 {
 	struct selinux_ss_cond_node *node, *last = NULL;
 	__le32 buf[1];
diff --git a/security/selinux/ss/conditional.h
b/security/selinux/ss/conditional.h
index e593277..cccee8a 100644
--- a/security/selinux/ss/conditional.h
+++ b/security/selinux/ss/conditional.h
@@ -59,19 +59,19 @@ struct selinux_ss_cond_node {
 	struct selinux_ss_cond_node *next;
 };
 
-int selinux_ss_cond_policydb_init(struct policydb *p);
-void selinux_ss_cond_policydb_destroy(struct policydb *p);
+int selinux_ss_cond_policydb_init(struct selinux_ss_policydb *p);
+void selinux_ss_cond_policydb_destroy(struct selinux_ss_policydb *p);
 
-int selinux_ss_cond_init_bool_indexes(struct policydb *p);
+int selinux_ss_cond_init_bool_indexes(struct selinux_ss_policydb *p);
 int selinux_ss_cond_destroy_bool(void *key, void *datum, void *p);
 
 int selinux_ss_cond_index_bool(void *key, void *datum, void *datap);
 
-int selinux_ss_cond_read_bool(struct policydb *p, struct
selinux_ss_hashtab *h, void *fp);
-int selinux_ss_cond_read_list(struct policydb *p, void *fp);
+int selinux_ss_cond_read_bool(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp);
+int selinux_ss_cond_read_list(struct selinux_ss_policydb *p, void *fp);
 
 void selinux_ss_cond_compute_av(struct selinux_ss_avtab *ctab, struct
selinux_ss_avtab_key *key, struct av_decision *avd);
 
-int selinux_ss_evaluate_cond_node(struct policydb *p, struct
selinux_ss_cond_node *node);
+int selinux_ss_evaluate_cond_node(struct selinux_ss_policydb *p, struct
selinux_ss_cond_node *node);
 
 #endif /* _CONDITIONAL_H_ */
diff --git a/security/selinux/ss/context.h
b/security/selinux/ss/context.h
index 78a37bf..489865f 100644
--- a/security/selinux/ss/context.h
+++ b/security/selinux/ss/context.h
@@ -23,7 +23,7 @@
  * A security context consists of an authenticated user
  * identity, a role, a type and a MLS range.
  */
-struct context {
+struct selinux_ss_context {
 	u32 user;
 	u32 role;
 	u32 type;
@@ -32,12 +32,12 @@ struct context {
 	char *str;	/* string representation if context cannot be mapped. */
 };
 
-static inline void mls_context_init(struct context *c)
+static inline void mls_context_init(struct selinux_ss_context *c)
 {
 	memset(&c->range, 0, sizeof(c->range));
 }
 
-static inline int mls_context_cpy(struct context *dst, struct context
*src)
+static inline int mls_context_cpy(struct selinux_ss_context *dst,
struct selinux_ss_context *src)
 {
 	int rc;
 
@@ -60,7 +60,7 @@ out:
 /*
  * Sets both levels in the MLS range of 'dst' to the low level of
'src'.
  */
-static inline int mls_context_cpy_low(struct context *dst, struct
context *src)
+static inline int mls_context_cpy_low(struct selinux_ss_context *dst,
struct selinux_ss_context *src)
 {
 	int rc;
 
@@ -80,7 +80,7 @@ out:
 	return rc;
 }
 
-static inline int mls_context_cmp(struct context *c1, struct context
*c2)
+static inline int mls_context_cmp(struct selinux_ss_context *c1, struct
selinux_ss_context *c2)
 {
 	if (!selinux_mls_enabled)
 		return 1;
@@ -91,7 +91,7 @@ static inline int mls_context_cmp(struct context *c1,
struct context *c2)
 		selinux_ss_ebitmap_cmp(&c1->range.level[1].cat,
&c2->range.level[1].cat));
 }
 
-static inline void mls_context_destroy(struct context *c)
+static inline void mls_context_destroy(struct selinux_ss_context *c)
 {
 	if (!selinux_mls_enabled)
 		return;
@@ -101,12 +101,12 @@ static inline void mls_context_destroy(struct
context *c)
 	mls_context_init(c);
 }
 
-static inline void context_init(struct context *c)
+static inline void context_init(struct selinux_ss_context *c)
 {
 	memset(c, 0, sizeof(*c));
 }
 
-static inline int context_cpy(struct context *dst, struct context *src)
+static inline int context_cpy(struct selinux_ss_context *dst, struct
selinux_ss_context *src)
 {
 	int rc;
 
@@ -130,7 +130,7 @@ static inline int context_cpy(struct context *dst,
struct context *src)
 	return 0;
 }
 
-static inline void context_destroy(struct context *c)
+static inline void context_destroy(struct selinux_ss_context *c)
 {
 	c->user = c->role = c->type = 0;
 	kfree(c->str);
@@ -139,7 +139,7 @@ static inline void context_destroy(struct context
*c)
 	mls_context_destroy(c);
 }
 
-static inline int context_cmp(struct context *c1, struct context *c2)
+static inline int context_cmp(struct selinux_ss_context *c1, struct
selinux_ss_context *c2)
 {
 	if (c1->len && c2->len)
 		return (c1->len == c2->len && !strcmp(c1->str, c2->str));
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index 7f08105..e884269 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -32,7 +32,7 @@
  * Return the length in bytes for the MLS fields of the
  * security context string representation of `context'.
  */
-int mls_compute_context_len(struct context *context)
+int mls_compute_context_len(struct selinux_ss_context *context)
 {
 	int i, l, len, head, prev;
 	char *nm;
@@ -85,7 +85,7 @@ int mls_compute_context_len(struct context *context)
  * the MLS fields of `context' into the string `*scontext'.
  * Update `*scontext' to point to the end of the MLS fields.
  */
-void mls_sid_to_context(struct context *context,
+void mls_sid_to_context(struct selinux_ss_context *context,
 			char **scontext)
 {
 	char *scontextp, *nm;
@@ -157,9 +157,9 @@ void mls_sid_to_context(struct context *context,
 	return;
 }
 
-int mls_level_isvalid(struct policydb *p, struct mls_level *l)
+int mls_level_isvalid(struct selinux_ss_policydb *p, struct mls_level
*l)
 {
-	struct level_datum *levdatum;
+	struct selinux_ss_level_datum *levdatum;
 	struct selinux_ss_ebitmap_node *node;
 	int i;
 
@@ -185,7 +185,7 @@ int mls_level_isvalid(struct policydb *p, struct
mls_level *l)
 	return 1;
 }
 
-int mls_range_isvalid(struct policydb *p, struct mls_range *r)
+int mls_range_isvalid(struct selinux_ss_policydb *p, struct mls_range
*r)
 {
 	return (mls_level_isvalid(p, &r->level[0]) &&
 		mls_level_isvalid(p, &r->level[1]) &&
@@ -196,9 +196,9 @@ int mls_range_isvalid(struct policydb *p, struct
mls_range *r)
  * Return 1 if the MLS fields in the security context
  * structure `c' are valid.  Return 0 otherwise.
  */
-int mls_context_isvalid(struct policydb *p, struct context *c)
+int mls_context_isvalid(struct selinux_ss_policydb *p, struct
selinux_ss_context *c)
 {
-	struct user_datum *usrdatum;
+	struct selinux_ss_user_datum *usrdatum;
 
 	if (!selinux_mls_enabled)
 		return 1;
@@ -239,18 +239,18 @@ int mls_context_isvalid(struct policydb *p, struct
context *c)
  * Policy read-lock must be held for sidtab lookup.
  *
  */
-int mls_context_to_sid(struct policydb *pol,
+int mls_context_to_sid(struct selinux_ss_policydb *pol,
 		       char oldc,
 		       char **scontext,
-		       struct context *context,
-		       struct sidtab *s,
+		       struct selinux_ss_context *context,
+		       struct selinux_ss_sidtab *s,
 		       u32 def_sid)
 {
 
 	char delim;
 	char *scontextp, *p, *rngptr;
-	struct level_datum *levdatum;
-	struct cat_datum *catdatum, *rngdatum;
+	struct selinux_ss_level_datum *levdatum;
+	struct selinux_ss_cat_datum *catdatum, *rngdatum;
 	int l, rc = -EINVAL;
 
 	if (!selinux_mls_enabled) {
@@ -264,12 +264,12 @@ int mls_context_to_sid(struct policydb *pol,
 	 * default if provided.
 	 */
 	if (!oldc) {
-		struct context *defcon;
+		struct selinux_ss_context *defcon;
 
 		if (def_sid == SECSID_NULL)
 			goto out;
 
-		defcon = sidtab_search(s, def_sid);
+		defcon = selinux_ss_sidtab_search(s, def_sid);
 		if (!defcon)
 			goto out;
 
@@ -382,7 +382,7 @@ out:
  * the string `str'.  This function will allocate temporary memory with
the
  * given constraints of gfp_mask.
  */
-int mls_from_string(char *str, struct context *context, gfp_t gfp_mask)
+int mls_from_string(char *str, struct selinux_ss_context *context,
gfp_t gfp_mask)
 {
 	char *tmpstr, *freestr;
 	int rc;
@@ -407,7 +407,7 @@ int mls_from_string(char *str, struct context
*context, gfp_t gfp_mask)
 /*
  * Copies the MLS range `range' into `context'.
  */
-static inline int mls_range_set(struct context *context,
+static inline int mls_range_set(struct selinux_ss_context *context,
 				struct mls_range *range)
 {
 	int l, rc = 0;
@@ -424,8 +424,8 @@ static inline int mls_range_set(struct context
*context,
 	return rc;
 }
 
-int mls_setup_user_range(struct context *fromcon, struct user_datum
*user,
-			 struct context *usercon)
+int mls_setup_user_range(struct selinux_ss_context *fromcon, struct
selinux_ss_user_datum *user,
+			 struct selinux_ss_context *usercon)
 {
 	if (selinux_mls_enabled) {
 		struct mls_level *fromcon_sen = &(fromcon->range.level[0]);
@@ -467,12 +467,12 @@ int mls_setup_user_range(struct context *fromcon,
struct user_datum *user,
  * structure `c' from the values specified in the
  * policy `oldp' to the values specified in the policy `newp'.
  */
-int mls_convert_context(struct policydb *oldp,
-			struct policydb *newp,
-			struct context *c)
+int mls_convert_context(struct selinux_ss_policydb *oldp,
+			struct selinux_ss_policydb *newp,
+			struct selinux_ss_context *c)
 {
-	struct level_datum *levdatum;
-	struct cat_datum *catdatum;
+	struct selinux_ss_level_datum *levdatum;
+	struct selinux_ss_cat_datum *catdatum;
 	struct selinux_ss_ebitmap bitmap;
 	struct selinux_ss_ebitmap_node *node;
 	int l, i;
@@ -507,13 +507,13 @@ int mls_convert_context(struct policydb *oldp,
 	return 0;
 }
 
-int mls_compute_sid(struct context *scontext,
-		    struct context *tcontext,
+int mls_compute_sid(struct selinux_ss_context *scontext,
+		    struct selinux_ss_context *tcontext,
 		    u16 tclass,
 		    u32 specified,
-		    struct context *newcontext)
+		    struct selinux_ss_context *newcontext)
 {
-	struct range_trans *rtr;
+	struct selinux_ss_range_trans *rtr;
 
 	if (!selinux_mls_enabled)
 		return 0;
@@ -558,7 +558,7 @@ int mls_compute_sid(struct context *scontext,
  * NetLabel MLS sensitivity level field.
  *
  */
-void mls_export_netlbl_lvl(struct context *context,
+void mls_export_netlbl_lvl(struct selinux_ss_context *context,
 			   struct netlbl_lsm_secattr *secattr)
 {
 	if (!selinux_mls_enabled)
@@ -578,7 +578,7 @@ void mls_export_netlbl_lvl(struct context *context,
  * NetLabel MLS sensitivity level into the context.
  *
  */
-void mls_import_netlbl_lvl(struct context *context,
+void mls_import_netlbl_lvl(struct selinux_ss_context *context,
 			   struct netlbl_lsm_secattr *secattr)
 {
 	if (!selinux_mls_enabled)
@@ -598,7 +598,7 @@ void mls_import_netlbl_lvl(struct context *context,
  * MLS category field.  Returns zero on success, negative values on
failure.
  *
  */
-int mls_export_netlbl_cat(struct context *context,
+int mls_export_netlbl_cat(struct selinux_ss_context *context,
 			  struct netlbl_lsm_secattr *secattr)
 {
 	int rc;
@@ -626,7 +626,7 @@ int mls_export_netlbl_cat(struct context *context,
  * negative values on failure.
  *
  */
-int mls_import_netlbl_cat(struct context *context,
+int mls_import_netlbl_cat(struct selinux_ss_context *context,
 			  struct netlbl_lsm_secattr *secattr)
 {
 	int rc;
diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h
index 1276715..4eeca61 100644
--- a/security/selinux/ss/mls.h
+++ b/security/selinux/ss/mls.h
@@ -24,60 +24,60 @@
 #include "context.h"
 #include "policydb.h"
 
-int mls_compute_context_len(struct context *context);
-void mls_sid_to_context(struct context *context, char **scontext);
-int mls_context_isvalid(struct policydb *p, struct context *c);
-int mls_range_isvalid(struct policydb *p, struct mls_range *r);
-int mls_level_isvalid(struct policydb *p, struct mls_level *l);
+int mls_compute_context_len(struct selinux_ss_context *context);
+void mls_sid_to_context(struct selinux_ss_context *context, char
**scontext);
+int mls_context_isvalid(struct selinux_ss_policydb *p, struct
selinux_ss_context *c);
+int mls_range_isvalid(struct selinux_ss_policydb *p, struct mls_range
*r);
+int mls_level_isvalid(struct selinux_ss_policydb *p, struct mls_level
*l);
 
-int mls_context_to_sid(struct policydb *p,
+int mls_context_to_sid(struct selinux_ss_policydb *p,
 		       char oldc,
 		       char **scontext,
-		       struct context *context,
-		       struct sidtab *s,
+		       struct selinux_ss_context *context,
+		       struct selinux_ss_sidtab *s,
 		       u32 def_sid);
 
-int mls_from_string(char *str, struct context *context, gfp_t
gfp_mask);
+int mls_from_string(char *str, struct selinux_ss_context *context,
gfp_t gfp_mask);
 
-int mls_convert_context(struct policydb *oldp,
-			struct policydb *newp,
-			struct context *context);
+int mls_convert_context(struct selinux_ss_policydb *oldp,
+			struct selinux_ss_policydb *newp,
+			struct selinux_ss_context *context);
 
-int mls_compute_sid(struct context *scontext,
-		    struct context *tcontext,
+int mls_compute_sid(struct selinux_ss_context *scontext,
+		    struct selinux_ss_context *tcontext,
 		    u16 tclass,
 		    u32 specified,
-		    struct context *newcontext);
+		    struct selinux_ss_context *newcontext);
 
-int mls_setup_user_range(struct context *fromcon, struct user_datum
*user,
-			 struct context *usercon);
+int mls_setup_user_range(struct selinux_ss_context *fromcon, struct
selinux_ss_user_datum *user,
+			 struct selinux_ss_context *usercon);
 
 #ifdef CONFIG_NETLABEL
-void mls_export_netlbl_lvl(struct context *context,
+void mls_export_netlbl_lvl(struct selinux_ss_context *context,
 			   struct netlbl_lsm_secattr *secattr);
-void mls_import_netlbl_lvl(struct context *context,
+void mls_import_netlbl_lvl(struct selinux_ss_context *context,
 			   struct netlbl_lsm_secattr *secattr);
-int mls_export_netlbl_cat(struct context *context,
+int mls_export_netlbl_cat(struct selinux_ss_context *context,
 			  struct netlbl_lsm_secattr *secattr);
-int mls_import_netlbl_cat(struct context *context,
+int mls_import_netlbl_cat(struct selinux_ss_context *context,
 			  struct netlbl_lsm_secattr *secattr);
 #else
-static inline void mls_export_netlbl_lvl(struct context *context,
+static inline void mls_export_netlbl_lvl(struct selinux_ss_context
*context,
 					 struct netlbl_lsm_secattr *secattr)
 {
 	return;
 }
-static inline void mls_import_netlbl_lvl(struct context *context,
+static inline void mls_import_netlbl_lvl(struct selinux_ss_context
*context,
 					 struct netlbl_lsm_secattr *secattr)
 {
 	return;
 }
-static inline int mls_export_netlbl_cat(struct context *context,
+static inline int mls_export_netlbl_cat(struct selinux_ss_context
*context,
 					struct netlbl_lsm_secattr *secattr)
 {
 	return -ENOMEM;
 }
-static inline int mls_import_netlbl_cat(struct context *context,
+static inline int mls_import_netlbl_cat(struct selinux_ss_context
*context,
 					struct netlbl_lsm_secattr *secattr)
 {
 	return -ENOMEM;
diff --git a/security/selinux/ss/policydb.c
b/security/selinux/ss/policydb.c
index 776635a..c415b47 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -65,14 +65,14 @@ static unsigned int symtab_sizes[SYM_NUM] = {
 	16,
 };
 
-struct policydb_compat_info {
+struct selinux_ss_policydb_compat_info {
 	int version;
 	int sym_num;
 	int ocon_num;
 };
 
 /* These need to be updated if SYM_NUM or OCON_NUM changes */
-static struct policydb_compat_info policydb_compat[] = {
+static struct selinux_ss_policydb_compat_info policydb_compat[] = {
 	{
 		.version	= POLICYDB_VERSION_BASE,
 		.sym_num	= SYM_NUM - 3,
@@ -125,10 +125,10 @@ static struct policydb_compat_info
policydb_compat[] = {
 	},
 };
 
-static struct policydb_compat_info *policydb_lookup_compat(int version)
+static struct selinux_ss_policydb_compat_info
*policydb_lookup_compat(int version)
 {
 	int i;
-	struct policydb_compat_info *info = NULL;
+	struct selinux_ss_policydb_compat_info *info = NULL;
 
 	for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) {
 		if (policydb_compat[i].version == version) {
@@ -142,11 +142,11 @@ static struct policydb_compat_info
*policydb_lookup_compat(int version)
 /*
  * Initialize the role table.
  */
-static int roles_init(struct policydb *p)
+static int roles_init(struct selinux_ss_policydb *p)
 {
 	char *key = NULL;
 	int rc;
-	struct role_datum *role;
+	struct selinux_ss_role_datum *role;
 
 	role = kzalloc(sizeof(*role), GFP_KERNEL);
 	if (!role) {
@@ -180,14 +180,14 @@ out_free_role:
 /*
  * Initialize a policy database structure.
  */
-static int policydb_init(struct policydb *p)
+static int policydb_init(struct selinux_ss_policydb *p)
 {
 	int i, rc;
 
 	memset(p, 0, sizeof(*p));
 
 	for (i = 0; i < SYM_NUM; i++) {
-		rc = symtab_init(&p->symtab[i], symtab_sizes[i]);
+		rc = selinux_ss_symtab_init(&p->symtab[i], symtab_sizes[i]);
 		if (rc)
 			goto out_free_symtab;
 	}
@@ -228,8 +228,8 @@ out_free_symtab:
 
 static int common_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct common_datum *comdatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_common_datum *comdatum;
 
 	comdatum = datum;
 	p = datap;
@@ -241,8 +241,8 @@ static int common_index(void *key, void *datum, void
*datap)
 
 static int class_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct class_datum *cladatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_class_datum *cladatum;
 
 	cladatum = datum;
 	p = datap;
@@ -255,8 +255,8 @@ static int class_index(void *key, void *datum, void
*datap)
 
 static int role_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct role_datum *role;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_role_datum *role;
 
 	role = datum;
 	p = datap;
@@ -271,8 +271,8 @@ static int role_index(void *key, void *datum, void
*datap)
 
 static int type_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct type_datum *typdatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_type_datum *typdatum;
 
 	typdatum = datum;
 	p = datap;
@@ -291,8 +291,8 @@ static int type_index(void *key, void *datum, void
*datap)
 
 static int user_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct user_datum *usrdatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_user_datum *usrdatum;
 
 	usrdatum = datum;
 	p = datap;
@@ -307,8 +307,8 @@ static int user_index(void *key, void *datum, void
*datap)
 
 static int sens_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct level_datum *levdatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_level_datum *levdatum;
 
 	levdatum = datum;
 	p = datap;
@@ -325,8 +325,8 @@ static int sens_index(void *key, void *datum, void
*datap)
 
 static int cat_index(void *key, void *datum, void *datap)
 {
-	struct policydb *p;
-	struct cat_datum *catdatum;
+	struct selinux_ss_policydb *p;
+	struct selinux_ss_cat_datum *catdatum;
 
 	catdatum = datum;
 	p = datap;
@@ -359,7 +359,7 @@ static int (*index_f[SYM_NUM]) (void *key, void
*datum, void *datap) =
  *
  * Caller must clean up upon failure.
  */
-static int policydb_index_classes(struct policydb *p)
+static int policydb_index_classes(struct selinux_ss_policydb *p)
 {
 	int rc;
 
@@ -394,7 +394,7 @@ out:
 }
 
 #ifdef DEBUG_HASHES
-static void symtab_hash_eval(struct symtab *s)
+static void symtab_hash_eval(struct selinux_ss_symtab *s)
 {
 	int i;
 
@@ -416,7 +416,7 @@ static void symtab_hash_eval(struct symtab *s)
  *
  * Caller must clean up on failure.
  */
-static int policydb_index_others(struct policydb *p)
+static int policydb_index_others(struct selinux_ss_policydb *p)
 {
 	int i, rc = 0;
 
@@ -495,7 +495,7 @@ static int perm_destroy(void *key, void *datum, void
*p)
 
 static int common_destroy(void *key, void *datum, void *p)
 {
-	struct common_datum *comdatum;
+	struct selinux_ss_common_datum *comdatum;
 
 	kfree(key);
 	comdatum = datum;
@@ -507,7 +507,7 @@ static int common_destroy(void *key, void *datum,
void *p)
 
 static int cls_destroy(void *key, void *datum, void *p)
 {
-	struct class_datum *cladatum;
+	struct selinux_ss_class_datum *cladatum;
 	struct selinux_ss_constraint_node *constraint, *ctemp;
 	struct selinux_ss_constraint_expr *e, *etmp;
 
@@ -550,7 +550,7 @@ static int cls_destroy(void *key, void *datum, void
*p)
 
 static int role_destroy(void *key, void *datum, void *p)
 {
-	struct role_datum *role;
+	struct selinux_ss_role_datum *role;
 
 	kfree(key);
 	role = datum;
@@ -569,7 +569,7 @@ static int type_destroy(void *key, void *datum, void
*p)
 
 static int user_destroy(void *key, void *datum, void *p)
 {
-	struct user_datum *usrdatum;
+	struct selinux_ss_user_datum *usrdatum;
 
 	kfree(key);
 	usrdatum = datum;
@@ -583,7 +583,7 @@ static int user_destroy(void *key, void *datum, void
*p)
 
 static int sens_destroy(void *key, void *datum, void *p)
 {
-	struct level_datum *levdatum;
+	struct selinux_ss_level_datum *levdatum;
 
 	kfree(key);
 	levdatum = datum;
@@ -612,7 +612,7 @@ static int (*destroy_f[SYM_NUM]) (void *key, void
*datum, void *datap) =
 	cat_destroy,
 };
 
-static void ocontext_destroy(struct ocontext *c, int i)
+static void ocontext_destroy(struct selinux_ss_ocontext *c, int i)
 {
 	context_destroy(&c->context[0]);
 	context_destroy(&c->context[1]);
@@ -625,14 +625,14 @@ static void ocontext_destroy(struct ocontext *c,
int i)
 /*
  * Free any memory allocated by a policy database structure.
  */
-void policydb_destroy(struct policydb *p)
+void policydb_destroy(struct selinux_ss_policydb *p)
 {
-	struct ocontext *c, *ctmp;
-	struct genfs *g, *gtmp;
+	struct selinux_ss_ocontext *c, *ctmp;
+	struct selinux_ss_genfs *g, *gtmp;
 	int i;
-	struct role_allow *ra, *lra = NULL;
-	struct role_trans *tr, *ltr = NULL;
-	struct range_trans *rt, *lrt = NULL;
+	struct selinux_ss_role_allow *ra, *lra = NULL;
+	struct selinux_ss_role_trans *tr, *ltr = NULL;
+	struct selinux_ss_range_trans *rt, *lrt = NULL;
 
 	for (i = 0; i < SYM_NUM; i++) {
 		cond_resched();
@@ -724,12 +724,12 @@ void policydb_destroy(struct policydb *p)
  * Load the initial SIDs specified in a policy database
  * structure into a SID table.
  */
-int policydb_load_isids(struct policydb *p, struct sidtab *s)
+int policydb_load_isids(struct selinux_ss_policydb *p, struct
selinux_ss_sidtab *s)
 {
-	struct ocontext *head, *c;
+	struct selinux_ss_ocontext *head, *c;
 	int rc;
 
-	rc = sidtab_init(s);
+	rc = selinux_ss_sidtab_init(s);
 	if (rc) {
 		printk(KERN_ERR "SELinux:  out of memory on SID table init\n");
 		goto out;
@@ -743,7 +743,7 @@ int policydb_load_isids(struct policydb *p, struct
sidtab *s)
 			rc = -EINVAL;
 			goto out;
 		}
-		if (sidtab_insert(s, c->sid[0], &c->context[0])) {
+		if (selinux_ss_sidtab_insert(s, c->sid[0], &c->context[0])) {
 			printk(KERN_ERR "SELinux:  unable to load initial "
 			       "SID %s.\n", c->u.name);
 			rc = -EINVAL;
@@ -754,21 +754,21 @@ out:
 	return rc;
 }
 
-int policydb_class_isvalid(struct policydb *p, unsigned int class)
+int policydb_class_isvalid(struct selinux_ss_policydb *p, unsigned int
class)
 {
 	if (!class || class > p->p_classes.nprim)
 		return 0;
 	return 1;
 }
 
-int policydb_role_isvalid(struct policydb *p, unsigned int role)
+int policydb_role_isvalid(struct selinux_ss_policydb *p, unsigned int
role)
 {
 	if (!role || role > p->p_roles.nprim)
 		return 0;
 	return 1;
 }
 
-int policydb_type_isvalid(struct policydb *p, unsigned int type)
+int policydb_type_isvalid(struct selinux_ss_policydb *p, unsigned int
type)
 {
 	if (!type || type > p->p_types.nprim)
 		return 0;
@@ -779,10 +779,10 @@ int policydb_type_isvalid(struct policydb *p,
unsigned int type)
  * Return 1 if the fields in the security context
  * structure `c' are valid.  Return 0 otherwise.
  */
-int policydb_context_isvalid(struct policydb *p, struct context *c)
+int policydb_context_isvalid(struct selinux_ss_policydb *p, struct
selinux_ss_context *c)
 {
-	struct role_datum *role;
-	struct user_datum *usrdatum;
+	struct selinux_ss_role_datum *role;
+	struct selinux_ss_user_datum *usrdatum;
 
 	if (!c->role || c->role > p->p_roles.nprim)
 		return 0;
@@ -886,8 +886,8 @@ bad_high:
  * Read and validate a security context structure
  * from a policydb binary representation file.
  */
-static int context_read_and_validate(struct context *c,
-				     struct policydb *p,
+static int context_read_and_validate(struct selinux_ss_context *c,
+				     struct selinux_ss_policydb *p,
 				     void *fp)
 {
 	__le32 buf[3];
@@ -925,10 +925,10 @@ out:
  * binary representation file.
  */
 
-static int perm_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int perm_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct perm_datum *perdatum;
+	struct selinux_ss_perm_datum *perdatum;
 	int rc;
 	__le32 buf[2];
 	u32 len;
@@ -966,10 +966,10 @@ bad:
 	goto out;
 }
 
-static int common_read(struct policydb *p, struct selinux_ss_hashtab
*h, void *fp)
+static int common_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct common_datum *comdatum;
+	struct selinux_ss_common_datum *comdatum;
 	__le32 buf[4];
 	u32 len, nel;
 	int i, rc;
@@ -987,7 +987,7 @@ static int common_read(struct policydb *p, struct
selinux_ss_hashtab *h, void *f
 	len = le32_to_cpu(buf[0]);
 	comdatum->value = le32_to_cpu(buf[1]);
 
-	rc = symtab_init(&comdatum->permissions, PERM_SYMTAB_SIZE);
+	rc = selinux_ss_symtab_init(&comdatum->permissions, PERM_SYMTAB_SIZE);
 	if (rc)
 		goto bad;
 	comdatum->permissions.nprim = le32_to_cpu(buf[2]);
@@ -1101,10 +1101,10 @@ static int read_cons_helper(struct
selinux_ss_constraint_node **nodep, int ncons
 	return 0;
 }
 
-static int class_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int class_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct class_datum *cladatum;
+	struct selinux_ss_class_datum *cladatum;
 	__le32 buf[6];
 	u32 len, len2, ncons, nel;
 	int i, rc;
@@ -1123,7 +1123,7 @@ static int class_read(struct policydb *p, struct
selinux_ss_hashtab *h, void *fp
 	len2 = le32_to_cpu(buf[1]);
 	cladatum->value = le32_to_cpu(buf[2]);
 
-	rc = symtab_init(&cladatum->permissions, PERM_SYMTAB_SIZE);
+	rc = selinux_ss_symtab_init(&cladatum->permissions, PERM_SYMTAB_SIZE);
 	if (rc)
 		goto bad;
 	cladatum->permissions.nprim = le32_to_cpu(buf[3]);
@@ -1194,10 +1194,10 @@ bad:
 	goto out;
 }
 
-static int role_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int role_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct role_datum *role;
+	struct selinux_ss_role_datum *role;
 	int rc, to_read = 2;
 	__le32 buf[3];
 	u32 len;
@@ -1259,10 +1259,10 @@ bad:
 	goto out;
 }
 
-static int type_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int type_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct type_datum *typdatum;
+	struct selinux_ss_type_datum *typdatum;
 	int rc, to_read = 3;
 	__le32 buf[4];
 	u32 len;
@@ -1346,10 +1346,10 @@ bad:
 	return -EINVAL;
 }
 
-static int user_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int user_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct user_datum *usrdatum;
+	struct selinux_ss_user_datum *usrdatum;
 	int rc, to_read = 2;
 	__le32 buf[3];
 	u32 len;
@@ -1405,10 +1405,10 @@ bad:
 	goto out;
 }
 
-static int sens_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int sens_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct level_datum *levdatum;
+	struct selinux_ss_level_datum *levdatum;
 	int rc;
 	__le32 buf[2];
 	u32 len;
@@ -1456,10 +1456,10 @@ bad:
 	goto out;
 }
 
-static int cat_read(struct policydb *p, struct selinux_ss_hashtab *h,
void *fp)
+static int cat_read(struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp)
 {
 	char *key = NULL;
-	struct cat_datum *catdatum;
+	struct selinux_ss_cat_datum *catdatum;
 	int rc;
 	__le32 buf[3];
 	u32 len;
@@ -1499,7 +1499,7 @@ bad:
 	goto out;
 }
 
-static int (*read_f[SYM_NUM]) (struct policydb *p, struct
selinux_ss_hashtab *h, void *fp) =
+static int (*read_f[SYM_NUM]) (struct selinux_ss_policydb *p, struct
selinux_ss_hashtab *h, void *fp) =
 {
 	common_read,
 	class_read,
@@ -1513,8 +1513,8 @@ static int (*read_f[SYM_NUM]) (struct policydb *p,
struct selinux_ss_hashtab *h,
 
 static int user_bounds_sanity_check(void *key, void *datum, void
*datap)
 {
-	struct user_datum *upper, *user;
-	struct policydb *p = datap;
+	struct selinux_ss_user_datum *upper, *user;
+	struct selinux_ss_policydb *p = datap;
 	int depth = 0;
 
 	upper = user = datum;
@@ -1550,8 +1550,8 @@ static int user_bounds_sanity_check(void *key,
void *datum, void *datap)
 
 static int role_bounds_sanity_check(void *key, void *datum, void
*datap)
 {
-	struct role_datum *upper, *role;
-	struct policydb *p = datap;
+	struct selinux_ss_role_datum *upper, *role;
+	struct selinux_ss_policydb *p = datap;
 	int depth = 0;
 
 	upper = role = datum;
@@ -1587,8 +1587,8 @@ static int role_bounds_sanity_check(void *key,
void *datum, void *datap)
 
 static int type_bounds_sanity_check(void *key, void *datum, void
*datap)
 {
-	struct type_datum *upper, *type;
-	struct policydb *p = datap;
+	struct selinux_ss_type_datum *upper, *type;
+	struct selinux_ss_policydb *p = datap;
 	int depth = 0;
 
 	upper = type = datum;
@@ -1613,7 +1613,7 @@ static int type_bounds_sanity_check(void *key,
void *datum, void *datap)
 	return 0;
 }
 
-static int policydb_bounds_sanity_check(struct policydb *p)
+static int policydb_bounds_sanity_check(struct selinux_ss_policydb *p)
 {
 	int rc;
 
@@ -1644,19 +1644,19 @@ extern int ss_initialized;
  * Read the configuration data from a policy database binary
  * representation file into a policy database structure.
  */
-int policydb_read(struct policydb *p, void *fp)
+int policydb_read(struct selinux_ss_policydb *p, void *fp)
 {
-	struct role_allow *ra, *lra;
-	struct role_trans *tr, *ltr;
-	struct ocontext *l, *c, *newc;
-	struct genfs *genfs_p, *genfs, *newgenfs;
+	struct selinux_ss_role_allow *ra, *lra;
+	struct selinux_ss_role_trans *tr, *ltr;
+	struct selinux_ss_ocontext *l, *c, *newc;
+	struct selinux_ss_genfs *genfs_p, *genfs, *newgenfs;
 	int i, j, rc;
 	__le32 buf[4];
 	u32 nodebuf[8];
 	u32 len, len2, config, nprim, nel, nel2;
 	char *policydb_str;
-	struct policydb_compat_info *info;
-	struct range_trans *rt, *lrt;
+	struct selinux_ss_policydb_compat_info *info;
+	struct selinux_ss_range_trans *rt, *lrt;
 
 	config = 0;
 
diff --git a/security/selinux/ss/policydb.h
b/security/selinux/ss/policydb.h
index b1a3ffd..cb16f9f 100644
--- a/security/selinux/ss/policydb.h
+++ b/security/selinux/ss/policydb.h
@@ -38,49 +38,49 @@
  */
 
 /* Permission attributes */
-struct perm_datum {
+struct selinux_ss_perm_datum {
 	u32 value;		/* permission bit + 1 */
 };
 
 /* Attributes of a common prefix for access vectors */
-struct common_datum {
+struct selinux_ss_common_datum {
 	u32 value;			/* internal common value */
-	struct symtab permissions;	/* common permissions */
+	struct selinux_ss_symtab permissions;	/* common permissions */
 };
 
 /* Class attributes */
-struct class_datum {
+struct selinux_ss_class_datum {
 	u32 value;			/* class value */
 	char *comkey;			/* common name */
-	struct common_datum *comdatum;	/* common datum */
-	struct symtab permissions;	/* class-specific permission symbol table
*/
+	struct selinux_ss_common_datum *comdatum;	/* common datum */
+	struct selinux_ss_symtab permissions;	/* class-specific permission
symbol table */
 	struct selinux_ss_constraint_node *constraints;	/* constraints on
class permissions */
 	struct selinux_ss_constraint_node *validatetrans;	/* special
transition rules */
 };
 
 /* Role attributes */
-struct role_datum {
+struct selinux_ss_role_datum {
 	u32 value;			/* internal role value */
 	u32 bounds;			/* boundary of role */
 	struct selinux_ss_ebitmap dominates;	/* set of roles dominated by this
role */
 	struct selinux_ss_ebitmap types;		/* set of authorized types for role
*/
 };
 
-struct role_trans {
+struct selinux_ss_role_trans {
 	u32 role;		/* current role */
 	u32 type;		/* program executable type */
 	u32 new_role;		/* new role */
-	struct role_trans *next;
+	struct selinux_ss_role_trans *next;
 };
 
-struct role_allow {
+struct selinux_ss_role_allow {
 	u32 role;		/* current role */
 	u32 new_role;		/* new role */
-	struct role_allow *next;
+	struct selinux_ss_role_allow *next;
 };
 
 /* Type attributes */
-struct type_datum {
+struct selinux_ss_type_datum {
 	u32 value;		/* internal type value */
 	u32 bounds;		/* boundary of type */
 	unsigned char primary;	/* primary name? */
@@ -88,7 +88,7 @@ struct type_datum {
 };
 
 /* User attributes */
-struct user_datum {
+struct selinux_ss_user_datum {
 	u32 value;			/* internal user value */
 	u32 bounds;			/* bounds of user */
 	struct selinux_ss_ebitmap roles;		/* set of authorized roles for user
*/
@@ -98,23 +98,23 @@ struct user_datum {
 
 
 /* Sensitivity attributes */
-struct level_datum {
+struct selinux_ss_level_datum {
 	struct mls_level *level;	/* sensitivity and associated categories */
 	unsigned char isalias;	/* is this sensitivity an alias for another? */
 };
 
 /* Category attributes */
-struct cat_datum {
+struct selinux_ss_cat_datum {
 	u32 value;		/* internal category bit + 1 */
 	unsigned char isalias;  /* is this category an alias for another? */
 };
 
-struct range_trans {
+struct selinux_ss_range_trans {
 	u32 source_type;
 	u32 target_type;
 	u32 target_class;
 	struct mls_range target_range;
-	struct range_trans *next;
+	struct selinux_ss_range_trans *next;
 };
 
 /* Boolean data type */
@@ -132,7 +132,7 @@ struct selinux_ss_cond_node;
  * relevant data for one such entry.  Entries of the same kind
  * (e.g. all initial SIDs) are linked together into a list.
  */
-struct ocontext {
+struct selinux_ss_ocontext {
 	union {
 		char *name;	/* name of initial SID, fs, netif, fstype, path */
 		struct {
@@ -153,15 +153,15 @@ struct ocontext {
 		u32 sclass;  /* security class for genfs */
 		u32 behavior;  /* labeling behavior for fs_use */
 	} v;
-	struct context context[2];	/* security context(s) */
+	struct selinux_ss_context context[2];	/* security context(s) */
 	u32 sid[2];	/* SID(s) */
-	struct ocontext *next;
+	struct selinux_ss_ocontext *next;
 };
 
-struct genfs {
+struct selinux_ss_genfs {
 	char *fstype;
-	struct ocontext *head;
-	struct genfs *next;
+	struct selinux_ss_ocontext *head;
+	struct selinux_ss_genfs *next;
 };
 
 /* symbol table array indices */
@@ -186,9 +186,9 @@ struct genfs {
 #define OCON_NUM   7
 
 /* The policy database */
-struct policydb {
+struct selinux_ss_policydb {
 	/* symbol tables */
-	struct symtab symtab[SYM_NUM];
+	struct selinux_ss_symtab symtab[SYM_NUM];
 #define p_commons symtab[SYM_COMMONS]
 #define p_classes symtab[SYM_CLASSES]
 #define p_roles symtab[SYM_ROLES]
@@ -210,16 +210,16 @@ struct policydb {
 #define p_cat_val_to_name sym_val_to_name[SYM_CATS]
 
 	/* class, role, and user attributes indexed by (value - 1) */
-	struct class_datum **class_val_to_struct;
-	struct role_datum **role_val_to_struct;
-	struct user_datum **user_val_to_struct;
-	struct type_datum **type_val_to_struct;
+	struct selinux_ss_class_datum **class_val_to_struct;
+	struct selinux_ss_role_datum **role_val_to_struct;
+	struct selinux_ss_user_datum **user_val_to_struct;
+	struct selinux_ss_type_datum **type_val_to_struct;
 
 	/* type enforcement access vectors and transitions */
 	struct selinux_ss_avtab te_avtab;
 
 	/* role transitions */
-	struct role_trans *role_tr;
+	struct selinux_ss_role_trans *role_tr;
 
 	/* bools indexed by (value - 1) */
 	struct selinux_ss_cond_bool_datum **bool_val_to_struct;
@@ -229,19 +229,19 @@ struct policydb {
 	struct selinux_ss_cond_node *cond_list;
 
 	/* role allows */
-	struct role_allow *role_allow;
+	struct selinux_ss_role_allow *role_allow;
 
 	/* security contexts of initial SIDs, unlabeled file systems,
 	   TCP or UDP port numbers, network interfaces and nodes */
-	struct ocontext *ocontexts[OCON_NUM];
+	struct selinux_ss_ocontext *ocontexts[OCON_NUM];
 
 	/* security contexts for files in filesystems that cannot support
 	   a persistent label mapping or use another
 	   fixed labeling behavior. */
-	struct genfs *genfs;
+	struct selinux_ss_genfs *genfs;
 
 	/* range transitions */
-	struct range_trans *range_tr;
+	struct selinux_ss_range_trans *range_tr;
 
 	/* type -> attribute reverse mapping */
 	struct selinux_ss_ebitmap *type_attr_map;
@@ -257,13 +257,13 @@ struct policydb {
 	u32 *undefined_perms;
 };
 
-extern void policydb_destroy(struct policydb *p);
-extern int policydb_load_isids(struct policydb *p, struct sidtab *s);
-extern int policydb_context_isvalid(struct policydb *p, struct context
*c);
-extern int policydb_class_isvalid(struct policydb *p, unsigned int
class);
-extern int policydb_type_isvalid(struct policydb *p, unsigned int
type);
-extern int policydb_role_isvalid(struct policydb *p, unsigned int
role);
-extern int policydb_read(struct policydb *p, void *fp);
+extern void policydb_destroy(struct selinux_ss_policydb *p);
+extern int policydb_load_isids(struct selinux_ss_policydb *p, struct
selinux_ss_sidtab *s);
+extern int policydb_context_isvalid(struct selinux_ss_policydb *p,
struct selinux_ss_context *c);
+extern int policydb_class_isvalid(struct selinux_ss_policydb *p,
unsigned int class);
+extern int policydb_type_isvalid(struct selinux_ss_policydb *p,
unsigned int type);
+extern int policydb_role_isvalid(struct selinux_ss_policydb *p,
unsigned int role);
+extern int policydb_read(struct selinux_ss_policydb *p, void *fp);
 
 #define PERM_SYMTAB_SIZE 32
 
@@ -279,12 +279,12 @@ extern int policydb_read(struct policydb *p, void
*fp);
 #define POLICYDB_MAGIC SELINUX_MAGIC
 #define POLICYDB_STRING "SE Linux"
 
-struct policy_file {
+struct selinux_ss_policy_file {
 	char *data;
 	size_t len;
 };
 
-static inline int next_entry(void *buf, struct policy_file *fp, size_t
bytes)
+static inline int next_entry(void *buf, struct selinux_ss_policy_file
*fp, size_t bytes)
 {
 	if (bytes > fp->len)
 		return -EINVAL;
diff --git a/security/selinux/ss/services.c
b/security/selinux/ss/services.c
index 82b8c18..ec85a56 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -77,8 +77,8 @@ extern const struct selinux_class_perm
selinux_class_perm;
 
 static DEFINE_RWLOCK(policy_rwlock);
 
-static struct sidtab sidtab;
-struct policydb policydb;
+static struct selinux_ss_sidtab sidtab;
+struct selinux_ss_policydb policydb;
 int ss_initialized;
 
 /*
@@ -90,11 +90,11 @@ int ss_initialized;
 static u32 latest_granting;
 
 /* Forward declaration. */
-static int context_struct_to_string(struct context *context, char
**scontext,
+static int context_struct_to_string(struct selinux_ss_context *context,
char **scontext,
 				    u32 *scontext_len);
 
-static int context_struct_compute_av(struct context *scontext,
-				     struct context *tcontext,
+static int context_struct_compute_av(struct selinux_ss_context
*scontext,
+				     struct selinux_ss_context *tcontext,
 				     u16 tclass,
 				     u32 requested,
 				     struct av_decision *avd);
@@ -109,14 +109,14 @@ static int context_struct_compute_av(struct
context *scontext,
  * of the process performing the transition.  All other callers of
  * constraint_expr_eval should pass in NULL for xcontext.
  */
-static int constraint_expr_eval(struct context *scontext,
-				struct context *tcontext,
-				struct context *xcontext,
+static int constraint_expr_eval(struct selinux_ss_context *scontext,
+				struct selinux_ss_context *tcontext,
+				struct selinux_ss_context *xcontext,
 				struct selinux_ss_constraint_expr *cexpr)
 {
 	u32 val1, val2;
-	struct context *c;
-	struct role_datum *r1, *r2;
+	struct selinux_ss_context *c;
+	struct selinux_ss_role_datum *r1, *r2;
 	struct mls_level *l1, *l2;
 	struct selinux_ss_constraint_expr *e;
 	int s[CEXPR_MAXDEPTH];
@@ -289,7 +289,7 @@ mls_ops:
  */
 static int dump_masked_av_helper(void *k, void *d, void *args)
 {
-	struct perm_datum *pdatum = d;
+	struct selinux_ss_perm_datum *pdatum = d;
 	char **permission_names = args;
 
 	BUG_ON(pdatum->value < 1 || pdatum->value > 32);
@@ -299,14 +299,14 @@ static int dump_masked_av_helper(void *k, void *d,
void *args)
 	return 0;
 }
 
-static void security_dump_masked_av(struct context *scontext,
-				    struct context *tcontext,
+static void security_dump_masked_av(struct selinux_ss_context
*scontext,
+				    struct selinux_ss_context *tcontext,
 				    u16 tclass,
 				    u32 permissions,
 				    const char *reason)
 {
-	struct common_datum *common_dat;
-	struct class_datum *tclass_dat;
+	struct selinux_ss_common_datum *common_dat;
+	struct selinux_ss_class_datum *tclass_dat;
 	struct audit_buffer *ab;
 	char *tclass_name;
 	char *scontext_name = NULL;
@@ -376,18 +376,18 @@ out:
  * security_boundary_permission - drops violated permissions
  * on boundary constraint.
  */
-static void type_attribute_bounds_av(struct context *scontext,
-				     struct context *tcontext,
+static void type_attribute_bounds_av(struct selinux_ss_context
*scontext,
+				     struct selinux_ss_context *tcontext,
 				     u16 tclass,
 				     u32 requested,
 				     struct av_decision *avd)
 {
-	struct context lo_scontext;
-	struct context lo_tcontext;
+	struct selinux_ss_context lo_scontext;
+	struct selinux_ss_context lo_tcontext;
 	struct av_decision lo_avd;
-	struct type_datum *source
+	struct selinux_ss_type_datum *source
 		= policydb.type_val_to_struct[scontext->type - 1];
-	struct type_datum *target
+	struct selinux_ss_type_datum *target
 		= policydb.type_val_to_struct[tcontext->type - 1];
 	u32 masked = 0;
 
@@ -454,17 +454,17 @@ static void type_attribute_bounds_av(struct
context *scontext,
  * Compute access vectors based on a context structure pair for
  * the permissions in a particular class.
  */
-static int context_struct_compute_av(struct context *scontext,
-				     struct context *tcontext,
+static int context_struct_compute_av(struct selinux_ss_context
*scontext,
+				     struct selinux_ss_context *tcontext,
 				     u16 tclass,
 				     u32 requested,
 				     struct av_decision *avd)
 {
 	struct selinux_ss_constraint_node *constraint;
-	struct role_allow *ra;
+	struct selinux_ss_role_allow *ra;
 	struct selinux_ss_avtab_key avkey;
 	struct selinux_ss_avtab_node *node;
-	struct class_datum *tclass_datum;
+	struct selinux_ss_class_datum *tclass_datum;
 	struct selinux_ss_ebitmap *sattr, *tattr;
 	struct selinux_ss_ebitmap_node *snode, *tnode;
 	const struct selinux_class_perm *kdefs = &selinux_class_perm;
@@ -607,9 +607,9 @@ inval_class:
 	return 0;
 }
 
-static int security_validtrans_handle_fail(struct context *ocontext,
-					   struct context *ncontext,
-					   struct context *tcontext,
+static int security_validtrans_handle_fail(struct selinux_ss_context
*ocontext,
+					   struct selinux_ss_context *ncontext,
+					   struct selinux_ss_context *tcontext,
 					   u16 tclass)
 {
 	char *o = NULL, *n = NULL, *t = NULL;
@@ -638,10 +638,10 @@ out:
 int selinux_ss_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
 				 u16 tclass)
 {
-	struct context *ocontext;
-	struct context *ncontext;
-	struct context *tcontext;
-	struct class_datum *tclass_datum;
+	struct selinux_ss_context *ocontext;
+	struct selinux_ss_context *ncontext;
+	struct selinux_ss_context *tcontext;
+	struct selinux_ss_class_datum *tclass_datum;
 	struct selinux_ss_constraint_node *constraint;
 	int rc = 0;
 
@@ -669,7 +669,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
newsid, u32 tasksid,
 	}
 	tclass_datum = policydb.class_val_to_struct[tclass - 1];
 
-	ocontext = sidtab_search(&sidtab, oldsid);
+	ocontext = selinux_ss_sidtab_search(&sidtab, oldsid);
 	if (!ocontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, oldsid);
@@ -677,7 +677,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
newsid, u32 tasksid,
 		goto out;
 	}
 
-	ncontext = sidtab_search(&sidtab, newsid);
+	ncontext = selinux_ss_sidtab_search(&sidtab, newsid);
 	if (!ncontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, newsid);
@@ -685,7 +685,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
newsid, u32 tasksid,
 		goto out;
 	}
 
-	tcontext = sidtab_search(&sidtab, tasksid);
+	tcontext = selinux_ss_sidtab_search(&sidtab, tasksid);
 	if (!tcontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, tasksid);
@@ -720,21 +720,21 @@ out:
  */
 int selinux_ss_bounded_transition(u32 old_sid, u32 new_sid)
 {
-	struct context *old_context, *new_context;
-	struct type_datum *type;
+	struct selinux_ss_context *old_context, *new_context;
+	struct selinux_ss_type_datum *type;
 	int index;
 	int rc = -EINVAL;
 
 	read_lock(&policy_rwlock);
 
-	old_context = sidtab_search(&sidtab, old_sid);
+	old_context = selinux_ss_sidtab_search(&sidtab, old_sid);
 	if (!old_context) {
 		printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
 		       __func__, old_sid);
 		goto out;
 	}
 
-	new_context = sidtab_search(&sidtab, new_sid);
+	new_context = selinux_ss_sidtab_search(&sidtab, new_sid);
 	if (!new_context) {
 		printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
 		       __func__, new_sid);
@@ -811,7 +811,7 @@ int selinux_ss_compute_av(u32 ssid,
 			u32 requested,
 			struct av_decision *avd)
 {
-	struct context *scontext = NULL, *tcontext = NULL;
+	struct selinux_ss_context *scontext = NULL, *tcontext = NULL;
 	int rc = 0;
 
 	if (!ss_initialized) {
@@ -824,14 +824,14 @@ int selinux_ss_compute_av(u32 ssid,
 
 	read_lock(&policy_rwlock);
 
-	scontext = sidtab_search(&sidtab, ssid);
+	scontext = selinux_ss_sidtab_search(&sidtab, ssid);
 	if (!scontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, ssid);
 		rc = -EINVAL;
 		goto out;
 	}
-	tcontext = sidtab_search(&sidtab, tsid);
+	tcontext = selinux_ss_sidtab_search(&sidtab, tsid);
 	if (!tcontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, tsid);
@@ -857,7 +857,7 @@ out:
  * to point to this string and set `*scontext_len' to
  * the length of the string.
  */
-static int context_struct_to_string(struct context *context, char
**scontext, u32 *scontext_len)
+static int context_struct_to_string(struct selinux_ss_context *context,
char **scontext, u32 *scontext_len)
 {
 	char *scontextp;
 
@@ -914,7 +914,7 @@ const char *selinux_ss_get_initial_sid_context(u32
sid)
 static int security_sid_to_context_core(u32 sid, char **scontext,
 					u32 *scontext_len, int force)
 {
-	struct context *context;
+	struct selinux_ss_context *context;
 	int rc = 0;
 
 	*scontext = NULL;
@@ -941,9 +941,9 @@ static int security_sid_to_context_core(u32 sid,
char **scontext,
 	}
 	read_lock(&policy_rwlock);
 	if (force)
-		context = sidtab_search_force(&sidtab, sid);
+		context = selinux_ss_sidtab_search_force(&sidtab, sid);
 	else
-		context = sidtab_search(&sidtab, sid);
+		context = selinux_ss_sidtab_search(&sidtab, sid);
 	if (!context) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, sid);
@@ -981,16 +981,16 @@ int selinux_ss_sid_to_context_force(u32 sid, char
**scontext, u32 *scontext_len)
 /*
  * Caveat:  Mutates scontext.
  */
-static int string_to_context_struct(struct policydb *pol,
-				    struct sidtab *sidtabp,
+static int string_to_context_struct(struct selinux_ss_policydb *pol,
+				    struct selinux_ss_sidtab *sidtabp,
 				    char *scontext,
 				    u32 scontext_len,
-				    struct context *ctx,
+				    struct selinux_ss_context *ctx,
 				    u32 def_sid)
 {
-	struct role_datum *role;
-	struct type_datum *typdatum;
-	struct user_datum *usrdatum;
+	struct selinux_ss_role_datum *role;
+	struct selinux_ss_type_datum *typdatum;
+	struct selinux_ss_user_datum *usrdatum;
 	char *scontextp, *p, oldc;
 	int rc = 0;
 
@@ -1071,7 +1071,7 @@ static int security_context_to_sid_core(const char
*scontext, u32 scontext_len,
 					int force)
 {
 	char *scontext2, *str = NULL;
-	struct context context;
+	struct selinux_ss_context context;
 	int rc = 0;
 
 	if (!ss_initialized) {
@@ -1114,7 +1114,7 @@ static int security_context_to_sid_core(const char
*scontext, u32 scontext_len,
 		str = NULL;
 	} else if (rc)
 		goto out;
-	rc = sidtab_context_to_sid(&sidtab, &context, sid);
+	rc = selinux_ss_sidtab_context_to_sid(&sidtab, &context, sid);
 	context_destroy(&context);
 out:
 	read_unlock(&policy_rwlock);
@@ -1173,10 +1173,10 @@ int selinux_ss_context_to_sid_force(const char
*scontext, u32 scontext_len,
 }
 
 static int compute_sid_handle_invalid_context(
-	struct context *scontext,
-	struct context *tcontext,
+	struct selinux_ss_context *scontext,
+	struct selinux_ss_context *tcontext,
 	u16 tclass,
-	struct context *newcontext)
+	struct selinux_ss_context *newcontext)
 {
 	char *s = NULL, *t = NULL, *n = NULL;
 	u32 slen, tlen, nlen;
@@ -1208,8 +1208,8 @@ static int security_compute_sid(u32 ssid,
 				u32 specified,
 				u32 *out_sid)
 {
-	struct context *scontext = NULL, *tcontext = NULL, newcontext;
-	struct role_trans *roletr = NULL;
+	struct selinux_ss_context *scontext = NULL, *tcontext = NULL,
newcontext;
+	struct selinux_ss_role_trans *roletr = NULL;
 	struct selinux_ss_avtab_key avkey;
 	struct selinux_ss_avtab_datum *avdatum;
 	struct selinux_ss_avtab_node *node;
@@ -1231,14 +1231,14 @@ static int security_compute_sid(u32 ssid,
 
 	read_lock(&policy_rwlock);
 
-	scontext = sidtab_search(&sidtab, ssid);
+	scontext = selinux_ss_sidtab_search(&sidtab, ssid);
 	if (!scontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, ssid);
 		rc = -EINVAL;
 		goto out_unlock;
 	}
-	tcontext = sidtab_search(&sidtab, tsid);
+	tcontext = selinux_ss_sidtab_search(&sidtab, tsid);
 	if (!tcontext) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, tsid);
@@ -1332,7 +1332,7 @@ static int security_compute_sid(u32 ssid,
 			goto out_unlock;
 	}
 	/* Obtain the sid for the context. */
-	rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid);
+	rc = selinux_ss_sidtab_context_to_sid(&sidtab, &newcontext, out_sid);
 out_unlock:
 	read_unlock(&policy_rwlock);
 	context_destroy(&newcontext);
@@ -1407,16 +1407,16 @@ int selinux_ss_change_sid(u32 ssid,
  * Verify that each kernel class that is defined in the
  * policy is correct
  */
-static int validate_classes(struct policydb *p)
+static int validate_classes(struct selinux_ss_policydb *p)
 {
 	int i, j;
-	struct class_datum *cladatum;
-	struct perm_datum *perdatum;
+	struct selinux_ss_class_datum *cladatum;
+	struct selinux_ss_perm_datum *perdatum;
 	u32 nprim, tmp, common_pts_len, perm_val, pol_val;
 	u16 class_val;
 	const struct selinux_class_perm *kdefs = &selinux_class_perm;
 	const char *def_class, *def_perm, *pol_class;
-	struct symtab *perms;
+	struct selinux_ss_symtab *perms;
 	bool print_unknown_handle = 0;
 
 	if (p->allow_unknown) {
@@ -1542,15 +1542,15 @@ static int validate_classes(struct policydb *p)
 
 /* Clone the SID into the new SID table. */
 static int clone_sid(u32 sid,
-		     struct context *context,
+		     struct selinux_ss_context *context,
 		     void *arg)
 {
-	struct sidtab *s = arg;
+	struct selinux_ss_sidtab *s = arg;
 
-	return sidtab_insert(s, sid, context);
+	return selinux_ss_sidtab_insert(s, sid, context);
 }
 
-static inline int convert_context_handle_invalid_context(struct context
*context)
+static inline int convert_context_handle_invalid_context(struct
selinux_ss_context *context)
 {
 	int rc = 0;
 
@@ -1571,8 +1571,8 @@ static inline int
convert_context_handle_invalid_context(struct context *context
 }
 
 struct convert_context_args {
-	struct policydb *oldp;
-	struct policydb *newp;
+	struct selinux_ss_policydb *oldp;
+	struct selinux_ss_policydb *newp;
 };
 
 /*
@@ -1583,14 +1583,14 @@ struct convert_context_args {
  * context is valid under the new policy.
  */
 static int convert_context(u32 key,
-			   struct context *c,
+			   struct selinux_ss_context *c,
 			   void *p)
 {
 	struct convert_context_args *args;
-	struct context oldc;
-	struct role_datum *role;
-	struct type_datum *typdatum;
-	struct user_datum *usrdatum;
+	struct selinux_ss_context oldc;
+	struct selinux_ss_role_datum *role;
+	struct selinux_ss_type_datum *typdatum;
+	struct selinux_ss_user_datum *usrdatum;
 	char *s;
 	u32 len;
 	int rc;
@@ -1598,7 +1598,7 @@ static int convert_context(u32 key,
 	args = p;
 
 	if (c->str) {
-		struct context ctx;
+		struct selinux_ss_context ctx;
 		s = kstrdup(c->str, GFP_KERNEL);
 		if (!s) {
 			rc = -ENOMEM;
@@ -1694,7 +1694,7 @@ static void selinux_load_policycaps(void)
 }
 
 extern void selinux_complete_init(void);
-static int security_preserve_bools(struct policydb *p);
+static int security_preserve_bools(struct selinux_ss_policydb *p);
 
 /**
  * selinux_load_policy - Load a security policy configuration.
@@ -1708,12 +1708,12 @@ static int security_preserve_bools(struct
policydb *p);
  */
 int selinux_ss_load_policy(void *data, size_t len)
 {
-	struct policydb oldpolicydb, newpolicydb;
-	struct sidtab oldsidtab, newsidtab;
+	struct selinux_ss_policydb oldpolicydb, newpolicydb;
+	struct selinux_ss_sidtab oldsidtab, newsidtab;
 	struct convert_context_args args;
 	u32 seqno;
 	int rc = 0;
-	struct policy_file file = { data, len }, *fp = &file;
+	struct selinux_ss_policy_file file = { data, len }, *fp = &file;
 
 	if (!ss_initialized) {
 		selinux_ss_avtab_cache_init();
@@ -1730,7 +1730,7 @@ int selinux_ss_load_policy(void *data, size_t len)
 		if (validate_classes(&policydb)) {
 			printk(KERN_ERR
 			       "SELinux:  the definition of a class is incorrect\n");
-			sidtab_destroy(&sidtab);
+			selinux_ss_sidtab_destroy(&sidtab);
 			policydb_destroy(&policydb);
 			selinux_ss_avtab_cache_destroy();
 			return -EINVAL;
@@ -1748,13 +1748,13 @@ int selinux_ss_load_policy(void *data, size_t
len)
 	}
 
 #if 0
-	sidtab_hash_eval(&sidtab, "sids");
+	selinux_ss_sidtab_hash_eval(&sidtab, "sids");
 #endif
 
 	if (policydb_read(&newpolicydb, fp))
 		return -EINVAL;
 
-	if (sidtab_init(&newsidtab)) {
+	if (selinux_ss_sidtab_init(&newsidtab)) {
 		policydb_destroy(&newpolicydb);
 		return -ENOMEM;
 	}
@@ -1774,8 +1774,8 @@ int selinux_ss_load_policy(void *data, size_t len)
 	}
 
 	/* Clone the SID table. */
-	sidtab_shutdown(&sidtab);
-	if (sidtab_map(&sidtab, clone_sid, &newsidtab)) {
+	selinux_ss_sidtab_shutdown(&sidtab);
+	if (selinux_ss_sidtab_map(&sidtab, clone_sid, &newsidtab)) {
 		rc = -ENOMEM;
 		goto err;
 	}
@@ -1786,18 +1786,18 @@ int selinux_ss_load_policy(void *data, size_t
len)
 	 */
 	args.oldp = &policydb;
 	args.newp = &newpolicydb;
-	rc = sidtab_map(&newsidtab, convert_context, &args);
+	rc = selinux_ss_sidtab_map(&newsidtab, convert_context, &args);
 	if (rc)
 		goto err;
 
 	/* Save the old policydb and SID table to free later. */
 	memcpy(&oldpolicydb, &policydb, sizeof policydb);
-	sidtab_set(&oldsidtab, &sidtab);
+	selinux_ss_sidtab_set(&oldsidtab, &sidtab);
 
 	/* Install the new policydb and SID table. */
 	write_lock_irq(&policy_rwlock);
 	memcpy(&policydb, &newpolicydb, sizeof policydb);
-	sidtab_set(&sidtab, &newsidtab);
+	selinux_ss_sidtab_set(&sidtab, &newsidtab);
 	selinux_load_policycaps();
 	seqno = ++latest_granting;
 	policydb_loaded_version = policydb.policyvers;
@@ -1805,7 +1805,7 @@ int selinux_ss_load_policy(void *data, size_t len)
 
 	/* Free the old policydb and SID table. */
 	policydb_destroy(&oldpolicydb);
-	sidtab_destroy(&oldsidtab);
+	selinux_ss_sidtab_destroy(&oldsidtab);
 
 	selinux_avc_ss_reset(seqno);
 	selnl_notify_policyload(seqno);
@@ -1815,7 +1815,7 @@ int selinux_ss_load_policy(void *data, size_t len)
 	return 0;
 
 err:
-	sidtab_destroy(&newsidtab);
+	selinux_ss_sidtab_destroy(&newsidtab);
 	policydb_destroy(&newpolicydb);
 	return rc;
 
@@ -1829,7 +1829,7 @@ err:
  */
 int selinux_ss_port_sid(u8 protocol, u16 port, u32 *out_sid)
 {
-	struct ocontext *c;
+	struct selinux_ss_ocontext *c;
 	int rc = 0;
 
 	read_lock(&policy_rwlock);
@@ -1845,7 +1845,7 @@ int selinux_ss_port_sid(u8 protocol, u16 port, u32
*out_sid)
 
 	if (c) {
 		if (!c->sid[0]) {
-			rc = sidtab_context_to_sid(&sidtab,
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 						   &c->context[0],
 						   &c->sid[0]);
 			if (rc)
@@ -1869,7 +1869,7 @@ out:
 int selinux_ss_netif_sid(char *name, u32 *if_sid)
 {
 	int rc = 0;
-	struct ocontext *c;
+	struct selinux_ss_ocontext *c;
 
 	read_lock(&policy_rwlock);
 
@@ -1882,12 +1882,12 @@ int selinux_ss_netif_sid(char *name, u32
*if_sid)
 
 	if (c) {
 		if (!c->sid[0] || !c->sid[1]) {
-			rc = sidtab_context_to_sid(&sidtab,
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 						  &c->context[0],
 						  &c->sid[0]);
 			if (rc)
 				goto out;
-			rc = sidtab_context_to_sid(&sidtab,
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 						   &c->context[1],
 						   &c->sid[1]);
 			if (rc)
@@ -1928,7 +1928,7 @@ int selinux_ss_node_sid(u16 domain,
 		      u32 *out_sid)
 {
 	int rc = 0;
-	struct ocontext *c;
+	struct selinux_ss_ocontext *c;
 
 	read_lock(&policy_rwlock);
 
@@ -1973,7 +1973,7 @@ int selinux_ss_node_sid(u16 domain,
 
 	if (c) {
 		if (!c->sid[0]) {
-			rc = sidtab_context_to_sid(&sidtab,
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 						   &c->context[0],
 						   &c->sid[0]);
 			if (rc)
@@ -2010,11 +2010,11 @@ int selinux_ss_get_user_sids(u32 fromsid,
 			   u32 **sids,
 			   u32 *nel)
 {
-	struct context *fromcon, usercon;
+	struct selinux_ss_context *fromcon, usercon;
 	u32 *mysids = NULL, *mysids2, sid;
 	u32 mynel = 0, maxnel = SIDS_NEL;
-	struct user_datum *user;
-	struct role_datum *role;
+	struct selinux_ss_user_datum *user;
+	struct selinux_ss_role_datum *role;
 	struct selinux_ss_ebitmap_node *rnode, *tnode;
 	int rc = 0, i, j;
 
@@ -2028,7 +2028,7 @@ int selinux_ss_get_user_sids(u32 fromsid,
 
 	context_init(&usercon);
 
-	fromcon = sidtab_search(&sidtab, fromsid);
+	fromcon = selinux_ss_sidtab_search(&sidtab, fromsid);
 	if (!fromcon) {
 		rc = -EINVAL;
 		goto out_unlock;
@@ -2056,7 +2056,7 @@ int selinux_ss_get_user_sids(u32 fromsid,
 			if (mls_setup_user_range(fromcon, user, &usercon))
 				continue;
 
-			rc = sidtab_context_to_sid(&sidtab, &usercon, &sid);
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab, &usercon, &sid);
 			if (rc)
 				goto out_unlock;
 			if (mynel < maxnel) {
@@ -2123,8 +2123,8 @@ int selinux_ss_genfs_sid(const char *fstype,
 		       u32 *sid)
 {
 	int len;
-	struct genfs *genfs;
-	struct ocontext *c;
+	struct selinux_ss_genfs *genfs;
+	struct selinux_ss_ocontext *c;
 	int rc = 0, cmp = 0;
 
 	while (path[0] == '/' && path[1] == '/')
@@ -2158,7 +2158,7 @@ int selinux_ss_genfs_sid(const char *fstype,
 	}
 
 	if (!c->sid[0]) {
-		rc = sidtab_context_to_sid(&sidtab,
+		rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 					   &c->context[0],
 					   &c->sid[0]);
 		if (rc)
@@ -2183,7 +2183,7 @@ int selinux_ss_fs_use(
 	u32 *sid)
 {
 	int rc = 0;
-	struct ocontext *c;
+	struct selinux_ss_ocontext *c;
 
 	read_lock(&policy_rwlock);
 
@@ -2197,7 +2197,7 @@ int selinux_ss_fs_use(
 	if (c) {
 		*behavior = c->v.behavior;
 		if (!c->sid[0]) {
-			rc = sidtab_context_to_sid(&sidtab,
+			rc = selinux_ss_sidtab_context_to_sid(&sidtab,
 						   &c->context[0],
 						   &c->sid[0]);
 			if (rc)
@@ -2333,7 +2333,7 @@ out:
 	return rc;
 }
 
-static int security_preserve_bools(struct policydb *p)
+static int security_preserve_bools(struct selinux_ss_policydb *p)
 {
 	int rc, nbools = 0, *bvalues = NULL, i;
 	char **bnames = NULL;
@@ -2370,9 +2370,9 @@ out:
  */
 int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
 {
-	struct context *context1;
-	struct context *context2;
-	struct context newcon;
+	struct selinux_ss_context *context1;
+	struct selinux_ss_context *context2;
+	struct selinux_ss_context newcon;
 	char *s;
 	u32 len;
 	int rc = 0;
@@ -2385,7 +2385,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
u32 *new_sid)
 	context_init(&newcon);
 
 	read_lock(&policy_rwlock);
-	context1 = sidtab_search(&sidtab, sid);
+	context1 = selinux_ss_sidtab_search(&sidtab, sid);
 	if (!context1) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, sid);
@@ -2393,7 +2393,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
u32 *new_sid)
 		goto out_unlock;
 	}
 
-	context2 = sidtab_search(&sidtab, mls_sid);
+	context2 = selinux_ss_sidtab_search(&sidtab, mls_sid);
 	if (!context2) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 			__func__, mls_sid);
@@ -2415,7 +2415,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
u32 *new_sid)
 			goto bad;
 	}
 
-	rc = sidtab_context_to_sid(&sidtab, &newcon, new_sid);
+	rc = selinux_ss_sidtab_context_to_sid(&sidtab, &newcon, new_sid);
 	goto out_unlock;
 
 bad:
@@ -2457,8 +2457,8 @@ int selinux_ss_net_peersid_resolve(u32 nlbl_sid,
u32 nlbl_type,
 				 u32 *peer_sid)
 {
 	int rc;
-	struct context *nlbl_ctx;
-	struct context *xfrm_ctx;
+	struct selinux_ss_context *nlbl_ctx;
+	struct selinux_ss_context *xfrm_ctx;
 
 	/* handle the common (which also happens to be the set of easy) cases
 	 * right away, these two if statements catch everything involving a
@@ -2485,14 +2485,14 @@ int selinux_ss_net_peersid_resolve(u32 nlbl_sid,
u32 nlbl_type,
 
 	read_lock(&policy_rwlock);
 
-	nlbl_ctx = sidtab_search(&sidtab, nlbl_sid);
+	nlbl_ctx = selinux_ss_sidtab_search(&sidtab, nlbl_sid);
 	if (!nlbl_ctx) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, nlbl_sid);
 		rc = -EINVAL;
 		goto out_slowpath;
 	}
-	xfrm_ctx = sidtab_search(&sidtab, xfrm_sid);
+	xfrm_ctx = selinux_ss_sidtab_search(&sidtab, xfrm_sid);
 	if (!xfrm_ctx) {
 		printk(KERN_ERR "SELinux: %s:  unrecognized SID %d\n",
 		       __func__, xfrm_sid);
@@ -2517,7 +2517,7 @@ out_slowpath:
 
 static int get_classes_callback(void *k, void *d, void *args)
 {
-	struct class_datum *datum = d;
+	struct selinux_ss_class_datum *datum = d;
 	char *name = k, **classes = args;
 	int value = datum->value - 1;
 
@@ -2555,7 +2555,7 @@ out:
 
 static int get_permissions_callback(void *k, void *d, void *args)
 {
-	struct perm_datum *datum = d;
+	struct selinux_ss_perm_datum *datum = d;
 	char *name = k, **perms = args;
 	int value = datum->value - 1;
 
@@ -2569,7 +2569,7 @@ static int get_permissions_callback(void *k, void
*d, void *args)
 int selinux_ss_get_permissions(char *class, char ***perms, int *nperms)
 {
 	int rc = -ENOMEM, i;
-	struct class_datum *match;
+	struct selinux_ss_class_datum *match;
 
 	read_lock(&policy_rwlock);
 
@@ -2643,7 +2643,7 @@ int selinux_ss_policycap_supported(unsigned int
req_cap)
 
 struct selinux_audit_rule {
 	u32 au_seqno;
-	struct context au_ctxt;
+	struct selinux_ss_context au_ctxt;
 };
 
 void selinux_audit_rule_free(void *vrule)
@@ -2659,9 +2659,9 @@ void selinux_audit_rule_free(void *vrule)
 int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void
**vrule)
 {
 	struct selinux_audit_rule *tmprule;
-	struct role_datum *roledatum;
-	struct type_datum *typedatum;
-	struct user_datum *userdatum;
+	struct selinux_ss_role_datum *roledatum;
+	struct selinux_ss_type_datum *typedatum;
+	struct selinux_ss_user_datum *userdatum;
 	struct selinux_audit_rule **rule = (struct selinux_audit_rule
**)vrule;
 	int rc = 0;
 
@@ -2777,7 +2777,7 @@ int selinux_audit_rule_known(struct audit_krule
*rule)
 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
 			     struct audit_context *actx)
 {
-	struct context *ctxt;
+	struct selinux_ss_context *ctxt;
 	struct mls_level *level;
 	struct selinux_audit_rule *rule = vrule;
 	int match = 0;
@@ -2797,7 +2797,7 @@ int selinux_audit_rule_match(u32 sid, u32 field,
u32 op, void *vrule,
 		goto out;
 	}
 
-	ctxt = sidtab_search(&sidtab, sid);
+	ctxt = selinux_ss_sidtab_search(&sidtab, sid);
 	if (!ctxt) {
 		audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
 			  "selinux_audit_rule_match: unrecognized SID %d\n",
@@ -2962,8 +2962,8 @@ int selinux_ss_netlbl_secattr_to_sid(struct
netlbl_lsm_secattr *secattr,
 				   u32 *sid)
 {
 	int rc = -EIDRM;
-	struct context *ctx;
-	struct context ctx_new;
+	struct selinux_ss_context *ctx;
+	struct selinux_ss_context ctx_new;
 
 	if (!ss_initialized) {
 		*sid = SECSID_NULL;
@@ -2979,7 +2979,7 @@ int selinux_ss_netlbl_secattr_to_sid(struct
netlbl_lsm_secattr *secattr,
 		*sid = secattr->attr.secid;
 		rc = 0;
 	} else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) {
-		ctx = sidtab_search(&sidtab, SECINITSID_NETMSG);
+		ctx = selinux_ss_sidtab_search(&sidtab, SECINITSID_NETMSG);
 		if (ctx == NULL)
 			goto netlbl_secattr_to_sid_return;
 
@@ -2999,7 +2999,7 @@ int selinux_ss_netlbl_secattr_to_sid(struct
netlbl_lsm_secattr *secattr,
 		if (mls_context_isvalid(&policydb, &ctx_new) != 1)
 			goto netlbl_secattr_to_sid_return_cleanup;
 
-		rc = sidtab_context_to_sid(&sidtab, &ctx_new, sid);
+		rc = selinux_ss_sidtab_context_to_sid(&sidtab, &ctx_new, sid);
 		if (rc != 0)
 			goto netlbl_secattr_to_sid_return_cleanup;
 
@@ -3032,13 +3032,13 @@ netlbl_secattr_to_sid_return_cleanup:
 int selinux_ss_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr
*secattr)
 {
 	int rc;
-	struct context *ctx;
+	struct selinux_ss_context *ctx;
 
 	if (!ss_initialized)
 		return 0;
 
 	read_lock(&policy_rwlock);
-	ctx = sidtab_search(&sidtab, sid);
+	ctx = selinux_ss_sidtab_search(&sidtab, sid);
 	if (ctx == NULL) {
 		rc = -ENOENT;
 		goto netlbl_sid_to_secattr_failure;
diff --git a/security/selinux/ss/services.h
b/security/selinux/ss/services.h
index e8d907e..9d42e9d 100644
--- a/security/selinux/ss/services.h
+++ b/security/selinux/ss/services.h
@@ -9,7 +9,7 @@
 #include "policydb.h"
 #include "sidtab.h"
 
-extern struct policydb policydb;
+extern struct selinux_ss_policydb policydb;
 
 #endif	/* _SS_SERVICES_H_ */
 
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index e817989..294ede4 100644
--- a/security/selinux/ss/sidtab.c
+++ b/security/selinux/ss/sidtab.c
@@ -14,7 +14,7 @@
 #define SIDTAB_HASH(sid) \
 (sid & SIDTAB_HASH_MASK)
 
-int sidtab_init(struct sidtab *s)
+int selinux_ss_sidtab_init(struct selinux_ss_sidtab *s)
 {
 	int i;
 
@@ -30,10 +30,10 @@ int sidtab_init(struct sidtab *s)
 	return 0;
 }
 
-int sidtab_insert(struct sidtab *s, u32 sid, struct context *context)
+int selinux_ss_sidtab_insert(struct selinux_ss_sidtab *s, u32 sid,
struct selinux_ss_context *context)
 {
 	int hvalue, rc = 0;
-	struct sidtab_node *prev, *cur, *newnode;
+	struct selinux_ss_sidtab_node *prev, *cur, *newnode;
 
 	if (!s) {
 		rc = -ENOMEM;
@@ -82,10 +82,10 @@ out:
 	return rc;
 }
 
-static struct context *sidtab_search_core(struct sidtab *s, u32 sid,
int force)
+static struct selinux_ss_context *selinux_ss_sidtab_search_core(struct
selinux_ss_sidtab *s, u32 sid, int force)
 {
 	int hvalue;
-	struct sidtab_node *cur;
+	struct selinux_ss_sidtab_node *cur;
 
 	if (!s)
 		return NULL;
@@ -112,24 +112,24 @@ static struct context *sidtab_search_core(struct
sidtab *s, u32 sid, int force)
 	return &cur->context;
 }
 
-struct context *sidtab_search(struct sidtab *s, u32 sid)
+struct selinux_ss_context *selinux_ss_sidtab_search(struct
selinux_ss_sidtab *s, u32 sid)
 {
-	return sidtab_search_core(s, sid, 0);
+	return selinux_ss_sidtab_search_core(s, sid, 0);
 }
 
-struct context *sidtab_search_force(struct sidtab *s, u32 sid)
+struct selinux_ss_context *selinux_ss_sidtab_search_force(struct
selinux_ss_sidtab *s, u32 sid)
 {
-	return sidtab_search_core(s, sid, 1);
+	return selinux_ss_sidtab_search_core(s, sid, 1);
 }
 
-int sidtab_map(struct sidtab *s,
+int selinux_ss_sidtab_map(struct selinux_ss_sidtab *s,
 	       int (*apply) (u32 sid,
-			     struct context *context,
+			     struct selinux_ss_context *context,
 			     void *args),
 	       void *args)
 {
 	int i, rc = 0;
-	struct sidtab_node *cur;
+	struct selinux_ss_sidtab_node *cur;
 
 	if (!s)
 		goto out;
@@ -147,11 +147,11 @@ out:
 	return rc;
 }
 
-static inline u32 sidtab_search_context(struct sidtab *s,
-						  struct context *context)
+static inline u32 selinux_ss_sidtab_search_context(struct
selinux_ss_sidtab *s,
+						  struct selinux_ss_context *context)
 {
 	int i;
-	struct sidtab_node *cur;
+	struct selinux_ss_sidtab_node *cur;
 
 	for (i = 0; i < SIDTAB_SIZE; i++) {
 		cur = s->htable[i];
@@ -164,8 +164,8 @@ static inline u32 sidtab_search_context(struct
sidtab *s,
 	return 0;
 }
 
-int sidtab_context_to_sid(struct sidtab *s,
-			  struct context *context,
+int selinux_ss_sidtab_context_to_sid(struct selinux_ss_sidtab *s,
+			  struct selinux_ss_context *context,
 			  u32 *out_sid)
 {
 	u32 sid;
@@ -174,11 +174,11 @@ int sidtab_context_to_sid(struct sidtab *s,
 
 	*out_sid = SECSID_NULL;
 
-	sid = sidtab_search_context(s, context);
+	sid = selinux_ss_sidtab_search_context(s, context);
 	if (!sid) {
 		spin_lock_irqsave(&s->lock, flags);
 		/* Rescan now that we hold the lock. */
-		sid = sidtab_search_context(s, context);
+		sid = selinux_ss_sidtab_search_context(s, context);
 		if (sid)
 			goto unlock_out;
 		/* No SID exists for the context.  Allocate a new one. */
@@ -191,7 +191,7 @@ int sidtab_context_to_sid(struct sidtab *s,
 			printk(KERN_INFO
 		       "SELinux:  Context %s is not valid (left unmapped).\n",
 			       context->str);
-		ret = sidtab_insert(s, sid, context);
+		ret = selinux_ss_sidtab_insert(s, sid, context);
 		if (ret)
 			s->next_sid--;
 unlock_out:
@@ -205,10 +205,10 @@ unlock_out:
 	return 0;
 }
 
-void sidtab_hash_eval(struct sidtab *h, char *tag)
+void selinux_ss_sidtab_hash_eval(struct selinux_ss_sidtab *h, char
*tag)
 {
 	int i, chain_len, slots_used, max_chain_len;
-	struct sidtab_node *cur;
+	struct selinux_ss_sidtab_node *cur;
 
 	slots_used = 0;
 	max_chain_len = 0;
@@ -232,10 +232,10 @@ void sidtab_hash_eval(struct sidtab *h, char *tag)
 	       max_chain_len);
 }
 
-void sidtab_destroy(struct sidtab *s)
+void selinux_ss_sidtab_destroy(struct selinux_ss_sidtab *s)
 {
 	int i;
-	struct sidtab_node *cur, *temp;
+	struct selinux_ss_sidtab_node *cur, *temp;
 
 	if (!s)
 		return;
@@ -256,7 +256,7 @@ void sidtab_destroy(struct sidtab *s)
 	s->next_sid = 1;
 }
 
-void sidtab_set(struct sidtab *dst, struct sidtab *src)
+void selinux_ss_sidtab_set(struct selinux_ss_sidtab *dst, struct
selinux_ss_sidtab *src)
 {
 	unsigned long flags;
 
@@ -268,7 +268,7 @@ void sidtab_set(struct sidtab *dst, struct sidtab
*src)
 	spin_unlock_irqrestore(&src->lock, flags);
 }
 
-void sidtab_shutdown(struct sidtab *s)
+void selinux_ss_sidtab_shutdown(struct selinux_ss_sidtab *s)
 {
 	unsigned long flags;
 
diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h
index 64ea5b1..a48ab7f 100644
--- a/security/selinux/ss/sidtab.h
+++ b/security/selinux/ss/sidtab.h
@@ -9,10 +9,10 @@
 
 #include "context.h"
 
-struct sidtab_node {
+struct selinux_ss_sidtab_node {
 	u32 sid;		/* security identifier */
-	struct context context;	/* security context structure */
-	struct sidtab_node *next;
+	struct selinux_ss_context context;	/* security context structure */
+	struct selinux_ss_sidtab_node *next;
 };
 
 #define SIDTAB_HASH_BITS 7
@@ -21,33 +21,33 @@ struct sidtab_node {
 
 #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
 
-struct sidtab {
-	struct sidtab_node **htable;
+struct selinux_ss_sidtab {
+	struct selinux_ss_sidtab_node **htable;
 	unsigned int nel;	/* number of elements */
 	unsigned int next_sid;	/* next SID to allocate */
 	unsigned char shutdown;
 	spinlock_t lock;
 };
 
-int sidtab_init(struct sidtab *s);
-int sidtab_insert(struct sidtab *s, u32 sid, struct context *context);
-struct context *sidtab_search(struct sidtab *s, u32 sid);
-struct context *sidtab_search_force(struct sidtab *s, u32 sid);
+int selinux_ss_sidtab_init(struct selinux_ss_sidtab *s);
+int selinux_ss_sidtab_insert(struct selinux_ss_sidtab *s, u32 sid,
struct selinux_ss_context *context);
+struct selinux_ss_context *selinux_ss_sidtab_search(struct
selinux_ss_sidtab *s, u32 sid);
+struct selinux_ss_context *selinux_ss_sidtab_search_force(struct
selinux_ss_sidtab *s, u32 sid);
 
-int sidtab_map(struct sidtab *s,
+int selinux_ss_sidtab_map(struct selinux_ss_sidtab *s,
 	       int (*apply) (u32 sid,
-			     struct context *context,
+			     struct selinux_ss_context *context,
 			     void *args),
 	       void *args);
 
-int sidtab_context_to_sid(struct sidtab *s,
-			  struct context *context,
+int selinux_ss_sidtab_context_to_sid(struct selinux_ss_sidtab *s,
+			  struct selinux_ss_context *context,
 			  u32 *sid);
 
-void sidtab_hash_eval(struct sidtab *h, char *tag);
-void sidtab_destroy(struct sidtab *s);
-void sidtab_set(struct sidtab *dst, struct sidtab *src);
-void sidtab_shutdown(struct sidtab *s);
+void selinux_ss_sidtab_hash_eval(struct selinux_ss_sidtab *h, char
*tag);
+void selinux_ss_sidtab_destroy(struct selinux_ss_sidtab *s);
+void selinux_ss_sidtab_set(struct selinux_ss_sidtab *dst, struct
selinux_ss_sidtab *src);
+void selinux_ss_sidtab_shutdown(struct selinux_ss_sidtab *s);
 
 #endif	/* _SS_SIDTAB_H_ */
 
diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c
index 7ef607d..4a8a122 100644
--- a/security/selinux/ss/symtab.c
+++ b/security/selinux/ss/symtab.c
@@ -33,7 +33,7 @@ static int symcmp(struct selinux_ss_hashtab *h, const
void *key1, const void *ke
 }
 
 
-int symtab_init(struct symtab *s, unsigned int size)
+int selinux_ss_symtab_init(struct selinux_ss_symtab *s, unsigned int
size)
 {
 	s->table = selinux_ss_hashtab_create(symhash, symcmp, size);
 	if (!s->table)
diff --git a/security/selinux/ss/symtab.h b/security/selinux/ss/symtab.h
index 4166ae4..80aa9e6 100644
--- a/security/selinux/ss/symtab.h
+++ b/security/selinux/ss/symtab.h
@@ -11,12 +11,12 @@
 
 #include "hashtab.h"
 
-struct symtab {
+struct selinux_ss_symtab {
 	struct selinux_ss_hashtab *table;	/* hash table (keyed on a string) */
 	u32 nprim;		/* number of primary names in table */
 };
 
-int symtab_init(struct symtab *s, unsigned int size);
+int selinux_ss_symtab_init(struct selinux_ss_symtab *s, unsigned int
size);
 
 #endif	/* _SS_SYMTAB_H_ */
 
-- 
1.6.2.5




--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux