Sorry, 3/4 got mangled. Resending.
-Thomas
On Thu, 2009-07-02 at 16:55 -0400, Thomas Liu wrote:
> Namespacing of security/selinux/ss/policydb.h.
>
> Signed-off-by: Thomas Liu <tliu@xxxxxxxxxx>
> ---
> security/selinux/ss/avtab.c | 4 +-
> security/selinux/ss/avtab.h | 6 +-
> security/selinux/ss/conditional.c | 26 ++--
> security/selinux/ss/conditional.h | 12 +-
> security/selinux/ss/context.h | 20 ++--
> security/selinux/ss/mls.c | 62 +++++-----
> security/selinux/ss/mls.h | 50 ++++----
> security/selinux/ss/policydb.c | 164 +++++++++++-----------
> security/selinux/ss/policydb.h | 86 ++++++------
> security/selinux/ss/services.c | 270
> ++++++++++++++++++------------------
> security/selinux/ss/services.h | 2 +-
> security/selinux/ss/sidtab.c | 52 ++++----
> security/selinux/ss/sidtab.h | 34 +++---
> security/selinux/ss/symtab.c | 2 +-
> security/selinux/ss/symtab.h | 4 +-
> 15 files changed, 397 insertions(+), 397 deletions(-)
>
> diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
> index fec765d..44d8167 100644
> --- a/security/selinux/ss/avtab.c
> +++ b/security/selinux/ss/avtab.c
> @@ -323,7 +323,7 @@ static uint16_t spec_order[] = {
> AVTAB_MEMBER
> };
>
> -int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
> struct policydb *pol,
> +int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
> struct selinux_ss_policydb *pol,
> int (*insertf)(struct selinux_ss_avtab *a, struct
> selinux_ss_avtab_key *k,
> struct selinux_ss_avtab_datum *d, void *p),
> void *p)
> @@ -457,7 +457,7 @@ static int avtab_insertf(struct selinux_ss_avtab *a,
> struct selinux_ss_avtab_key
> return avtab_insert(a, k, d);
> }
>
> -int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
> policydb *pol)
> +int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
> selinux_ss_policydb *pol)
> {
> int rc;
> __le32 buf[1];
> diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h
> index a7752bb..70b39c1 100644
> --- a/security/selinux/ss/avtab.h
> +++ b/security/selinux/ss/avtab.h
> @@ -64,13 +64,13 @@ struct selinux_ss_avtab_datum
> *selinux_ss_avtab_search(struct selinux_ss_avtab *
> void selinux_ss_avtab_destroy(struct selinux_ss_avtab *h);
> void selinux_ss_avtab_hash_eval(struct selinux_ss_avtab *h, char *tag);
>
> -struct policydb;
> -int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
> struct policydb *pol,
> +struct selinux_ss_policydb;
> +int selinux_ss_avtab_read_item(struct selinux_ss_avtab *a, void *fp,
> struct selinux_ss_policydb *pol,
> int (*insert)(struct selinux_ss_avtab *a, struct
> selinux_ss_avtab_key *k,
> struct selinux_ss_avtab_datum *d, void *p),
> void *p);
>
> -int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
> policydb *pol);
> +int selinux_ss_avtab_read(struct selinux_ss_avtab *a, void *fp, struct
> selinux_ss_policydb *pol);
>
> struct selinux_ss_avtab_node *selinux_ss_avtab_insert_nonunique(struct
> selinux_ss_avtab *h, struct selinux_ss_avtab_key *key,
> struct selinux_ss_avtab_datum *datum);
> diff --git a/security/selinux/ss/conditional.c
> b/security/selinux/ss/conditional.c
> index 306ef50..c48f1c2 100644
> --- a/security/selinux/ss/conditional.c
> +++ b/security/selinux/ss/conditional.c
> @@ -22,7 +22,7 @@
> * or undefined (-1). Undefined occurs when the expression
> * exceeds the stack depth of COND_EXPR_MAXDEPTH.
> */
> -static int cond_evaluate_expr(struct policydb *p, struct
> selinux_ss_cond_expr *expr)
> +static int cond_evaluate_expr(struct selinux_ss_policydb *p, struct
> selinux_ss_cond_expr *expr)
> {
>
> struct selinux_ss_cond_expr *cur;
> @@ -86,7 +86,7 @@ static int cond_evaluate_expr(struct policydb *p,
> struct selinux_ss_cond_expr *e
> * list appropriately. If the result of the expression is undefined
> * all of the rules are disabled for safety.
> */
> -int selinux_ss_evaluate_cond_node(struct policydb *p, struct
> selinux_ss_cond_node *node)
> +int selinux_ss_evaluate__cond_node(struct selinux_ss_policydb *p,
> struct selinux_ss_cond_node *node)
> {
> int new_state;
> struct selinux_ss_cond_av_list *cur;
> @@ -115,7 +115,7 @@ int selinux_ss_evaluate_cond_node(struct policydb
> *p, struct selinux_ss_cond_nod
> return 0;
> }
>
> -int selinux_ss_cond_policydb_init(struct policydb *p)
> +int selinux_ss_cond_policydb_init(struct selinux_ss_policydb *p)
> {
> p->bool_val_to_struct = NULL;
> p->cond_list = NULL;
> @@ -161,14 +161,14 @@ static void cond_list_destroy(struct
> selinux_ss_cond_node *list)
> }
> }
>
> -void selinux_ss_cond_policydb_destroy(struct policydb *p)
> +void selinux_ss_cond_policydb_destroy(struct selinux_ss_policydb *p)
> {
> kfree(p->bool_val_to_struct);
> selinux_ss_avtab_destroy(&p->te_cond_avtab);
> cond_list_destroy(p->cond_list);
> }
>
> -int selinux_ss_cond_init_bool_indexes(struct policydb *p)
> +int selinux_ss_cond_init_bool_indexes(struct selinux_ss_policydb *p)
> {
> kfree(p->bool_val_to_struct);
> p->bool_val_to_struct = (struct selinux_ss_cond_bool_datum **)
> @@ -187,7 +187,7 @@ int selinux_ss_cond_destroy_bool(void *key, void
> *datum, void *p)
>
> int selinux_ss_cond_index_bool(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> + struct selinux_ss_policydb *p;
> struct selinux_ss_cond_bool_datum *booldatum;
>
> booldatum = datum;
> @@ -209,7 +209,7 @@ static int bool_isvalid(struct
> selinux_ss_cond_bool_datum *b)
> return 1;
> }
>
> -int selinux_ss_cond_read_bool(struct policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> +int selinux_ss_cond_read_bool(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> struct selinux_ss_cond_bool_datum *booldatum;
> @@ -250,7 +250,7 @@ err:
> }
>
> struct cond_insertf_data {
> - struct policydb *p;
> + struct selinux_ss_policydb *p;
> struct selinux_ss_cond_av_list *other;
> struct selinux_ss_cond_av_list *head;
> struct selinux_ss_cond_av_list *tail;
> @@ -259,7 +259,7 @@ struct cond_insertf_data {
> static int cond_insertf(struct selinux_ss_avtab *a, struct
> selinux_ss_avtab_key *k, struct selinux_ss_avtab_datum *d, void *ptr)
> {
> struct cond_insertf_data *data = ptr;
> - struct policydb *p = data->p;
> + struct selinux_ss_policydb *p = data->p;
> struct selinux_ss_cond_av_list *other = data->other, *list, *cur;
> struct selinux_ss_avtab_node *node_ptr;
> u8 found;
> @@ -334,7 +334,7 @@ err:
> return -1;
> }
>
> -static int cond_read_av_list(struct policydb *p, void *fp, struct
> selinux_ss_cond_av_list **ret_list, struct selinux_ss_cond_av_list
> *other)
> +static int cond_read_av_list(struct selinux_ss_policydb *p, void *fp,
> struct selinux_ss_cond_av_list **ret_list, struct
> selinux_ss_cond_av_list *other)
> {
> int i, rc;
> __le32 buf[1];
> @@ -368,7 +368,7 @@ static int cond_read_av_list(struct policydb *p,
> void *fp, struct selinux_ss_con
> return 0;
> }
>
> -static int expr_isvalid(struct policydb *p, struct selinux_ss_cond_expr
> *expr)
> +static int expr_isvalid(struct selinux_ss_policydb *p, struct
> selinux_ss_cond_expr *expr)
> {
> if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) {
> printk(KERN_ERR "SELinux: conditional expressions uses unknown
> operator.\n");
> @@ -382,7 +382,7 @@ static int expr_isvalid(struct policydb *p, struct
> selinux_ss_cond_expr *expr)
> return 1;
> }
>
> -static int cond_read_node(struct policydb *p, struct
> selinux_ss_cond_node *node, void *fp)
> +static int cond_read_node(struct selinux_ss_policydb *p, struct
> selinux_ss_cond_node *node, void *fp)
> {
> __le32 buf[2];
> u32 len, i;
> @@ -437,7 +437,7 @@ err:
> return -1;
> }
>
> -int selinux_ss_cond_read_list(struct policydb *p, void *fp)
> +int selinux_ss_cond_read_list(struct selinux_ss_policydb *p, void *fp)
> {
> struct selinux_ss_cond_node *node, *last = NULL;
> __le32 buf[1];
> diff --git a/security/selinux/ss/conditional.h
> b/security/selinux/ss/conditional.h
> index e593277..cccee8a 100644
> --- a/security/selinux/ss/conditional.h
> +++ b/security/selinux/ss/conditional.h
> @@ -59,19 +59,19 @@ struct selinux_ss_cond_node {
> struct selinux_ss_cond_node *next;
> };
>
> -int selinux_ss_cond_policydb_init(struct policydb *p);
> -void selinux_ss_cond_policydb_destroy(struct policydb *p);
> +int selinux_ss_cond_policydb_init(struct selinux_ss_policydb *p);
> +void selinux_ss_cond_policydb_destroy(struct selinux_ss_policydb *p);
>
> -int selinux_ss_cond_init_bool_indexes(struct policydb *p);
> +int selinux_ss_cond_init_bool_indexes(struct selinux_ss_policydb *p);
> int selinux_ss_cond_destroy_bool(void *key, void *datum, void *p);
>
> int selinux_ss_cond_index_bool(void *key, void *datum, void *datap);
>
> -int selinux_ss_cond_read_bool(struct policydb *p, struct
> selinux_ss_hashtab *h, void *fp);
> -int selinux_ss_cond_read_list(struct policydb *p, void *fp);
> +int selinux_ss_cond_read_bool(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp);
> +int selinux_ss_cond_read_list(struct selinux_ss_policydb *p, void *fp);
>
> void selinux_ss_cond_compute_av(struct selinux_ss_avtab *ctab, struct
> selinux_ss_avtab_key *key, struct av_decision *avd);
>
> -int selinux_ss_evaluate_cond_node(struct policydb *p, struct
> selinux_ss_cond_node *node);
> +int selinux_ss_evaluate_cond_node(struct selinux_ss_policydb *p, struct
> selinux_ss_cond_node *node);
>
> #endif /* _CONDITIONAL_H_ */
> diff --git a/security/selinux/ss/context.h
> b/security/selinux/ss/context.h
> index 78a37bf..489865f 100644
> --- a/security/selinux/ss/context.h
> +++ b/security/selinux/ss/context.h
> @@ -23,7 +23,7 @@
> * A security context consists of an authenticated user
> * identity, a role, a type and a MLS range.
> */
> -struct context {
> +struct selinux_ss_context {
> u32 user;
> u32 role;
> u32 type;
> @@ -32,12 +32,12 @@ struct context {
> char *str; /* string representation if context cannot be mapped. */
> };
>
> -static inline void mls_context_init(struct context *c)
> +static inline void mls_context_init(struct selinux_ss_context *c)
> {
> memset(&c->range, 0, sizeof(c->range));
> }
>
> -static inline int mls_context_cpy(struct context *dst, struct context
> *src)
> +static inline int mls_context_cpy(struct selinux_ss_context *dst,
> struct selinux_ss_context *src)
> {
> int rc;
>
> @@ -60,7 +60,7 @@ out:
> /*
> * Sets both levels in the MLS range of 'dst' to the low level of
> 'src'.
> */
> -static inline int mls_context_cpy_low(struct context *dst, struct
> context *src)
> +static inline int mls_context_cpy_low(struct selinux_ss_context *dst,
> struct selinux_ss_context *src)
> {
> int rc;
>
> @@ -80,7 +80,7 @@ out:
> return rc;
> }
>
> -static inline int mls_context_cmp(struct context *c1, struct context
> *c2)
> +static inline int mls_context_cmp(struct selinux_ss_context *c1, struct
> selinux_ss_context *c2)
> {
> if (!selinux_mls_enabled)
> return 1;
> @@ -91,7 +91,7 @@ static inline int mls_context_cmp(struct context *c1,
> struct context *c2)
> selinux_ss_ebitmap_cmp(&c1->range.level[1].cat,
> &c2->range.level[1].cat));
> }
>
> -static inline void mls_context_destroy(struct context *c)
> +static inline void mls_context_destroy(struct selinux_ss_context *c)
> {
> if (!selinux_mls_enabled)
> return;
> @@ -101,12 +101,12 @@ static inline void mls_context_destroy(struct
> context *c)
> mls_context_init(c);
> }
>
> -static inline void context_init(struct context *c)
> +static inline void context_init(struct selinux_ss_context *c)
> {
> memset(c, 0, sizeof(*c));
> }
>
> -static inline int context_cpy(struct context *dst, struct context *src)
> +static inline int context_cpy(struct selinux_ss_context *dst, struct
> selinux_ss_context *src)
> {
> int rc;
>
> @@ -130,7 +130,7 @@ static inline int context_cpy(struct context *dst,
> struct context *src)
> return 0;
> }
>
> -static inline void context_destroy(struct context *c)
> +static inline void context_destroy(struct selinux_ss_context *c)
> {
> c->user = c->role = c->type = 0;
> kfree(c->str);
> @@ -139,7 +139,7 @@ static inline void context_destroy(struct context
> *c)
> mls_context_destroy(c);
> }
>
> -static inline int context_cmp(struct context *c1, struct context *c2)
> +static inline int context_cmp(struct selinux_ss_context *c1, struct
> selinux_ss_context *c2)
> {
> if (c1->len && c2->len)
> return (c1->len == c2->len && !strcmp(c1->str, c2->str));
> diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
> index 7f08105..e884269 100644
> --- a/security/selinux/ss/mls.c
> +++ b/security/selinux/ss/mls.c
> @@ -32,7 +32,7 @@
> * Return the length in bytes for the MLS fields of the
> * security context string representation of `context'.
> */
> -int mls_compute_context_len(struct context *context)
> +int mls_compute_context_len(struct selinux_ss_context *context)
> {
> int i, l, len, head, prev;
> char *nm;
> @@ -85,7 +85,7 @@ int mls_compute_context_len(struct context *context)
> * the MLS fields of `context' into the string `*scontext'.
> * Update `*scontext' to point to the end of the MLS fields.
> */
> -void mls_sid_to_context(struct context *context,
> +void mls_sid_to_context(struct selinux_ss_context *context,
> char **scontext)
> {
> char *scontextp, *nm;
> @@ -157,9 +157,9 @@ void mls_sid_to_context(struct context *context,
> return;
> }
>
> -int mls_level_isvalid(struct policydb *p, struct mls_level *l)
> +int mls_level_isvalid(struct selinux_ss_policydb *p, struct mls_level
> *l)
> {
> - struct level_datum *levdatum;
> + struct selinux_ss_level_datum *levdatum;
> struct selinux_ss_ebitmap_node *node;
> int i;
>
> @@ -185,7 +185,7 @@ int mls_level_isvalid(struct policydb *p, struct
> mls_level *l)
> return 1;
> }
>
> -int mls_range_isvalid(struct policydb *p, struct mls_range *r)
> +int mls_range_isvalid(struct selinux_ss_policydb *p, struct mls_range
> *r)
> {
> return (mls_level_isvalid(p, &r->level[0]) &&
> mls_level_isvalid(p, &r->level[1]) &&
> @@ -196,9 +196,9 @@ int mls_range_isvalid(struct policydb *p, struct
> mls_range *r)
> * Return 1 if the MLS fields in the security context
> * structure `c' are valid. Return 0 otherwise.
> */
> -int mls_context_isvalid(struct policydb *p, struct context *c)
> +int mls_context_isvalid(struct selinux_ss_policydb *p, struct
> selinux_ss_context *c)
> {
> - struct user_datum *usrdatum;
> + struct selinux_ss_user_datum *usrdatum;
>
> if (!selinux_mls_enabled)
> return 1;
> @@ -239,18 +239,18 @@ int mls_context_isvalid(struct policydb *p, struct
> context *c)
> * Policy read-lock must be held for sidtab lookup.
> *
> */
> -int mls_context_to_sid(struct policydb *pol,
> +int mls_context_to_sid(struct selinux_ss_policydb *pol,
> char oldc,
> char **scontext,
> - struct context *context,
> - struct sidtab *s,
> + struct selinux_ss_context *context,
> + struct selinux_ss_sidtab *s,
> u32 def_sid)
> {
>
> char delim;
> char *scontextp, *p, *rngptr;
> - struct level_datum *levdatum;
> - struct cat_datum *catdatum, *rngdatum;
> + struct selinux_ss_level_datum *levdatum;
> + struct selinux_ss_cat_datum *catdatum, *rngdatum;
> int l, rc = -EINVAL;
>
> if (!selinux_mls_enabled) {
> @@ -264,12 +264,12 @@ int mls_context_to_sid(struct policydb *pol,
> * default if provided.
> */
> if (!oldc) {
> - struct context *defcon;
> + struct selinux_ss_context *defcon;
>
> if (def_sid == SECSID_NULL)
> goto out;
>
> - defcon = sidtab_search(s, def_sid);
> + defcon = selinux_ss_sidtab_search(s, def_sid);
> if (!defcon)
> goto out;
>
> @@ -382,7 +382,7 @@ out:
> * the string `str'. This function will allocate temporary memory with
> the
> * given constraints of gfp_mask.
> */
> -int mls_from_string(char *str, struct context *context, gfp_t gfp_mask)
> +int mls_from_string(char *str, struct selinux_ss_context *context,
> gfp_t gfp_mask)
> {
> char *tmpstr, *freestr;
> int rc;
> @@ -407,7 +407,7 @@ int mls_from_string(char *str, struct context
> *context, gfp_t gfp_mask)
> /*
> * Copies the MLS range `range' into `context'.
> */
> -static inline int mls_range_set(struct context *context,
> +static inline int mls_range_set(struct selinux_ss_context *context,
> struct mls_range *range)
> {
> int l, rc = 0;
> @@ -424,8 +424,8 @@ static inline int mls_range_set(struct context
> *context,
> return rc;
> }
>
> -int mls_setup_user_range(struct context *fromcon, struct user_datum
> *user,
> - struct context *usercon)
> +int mls_setup_user_range(struct selinux_ss_context *fromcon, struct
> selinux_ss_user_datum *user,
> + struct selinux_ss_context *usercon)
> {
> if (selinux_mls_enabled) {
> struct mls_level *fromcon_sen = &(fromcon->range.level[0]);
> @@ -467,12 +467,12 @@ int mls_setup_user_range(struct context *fromcon,
> struct user_datum *user,
> * structure `c' from the values specified in the
> * policy `oldp' to the values specified in the policy `newp'.
> */
> -int mls_convert_context(struct policydb *oldp,
> - struct policydb *newp,
> - struct context *c)
> +int mls_convert_context(struct selinux_ss_policydb *oldp,
> + struct selinux_ss_policydb *newp,
> + struct selinux_ss_context *c)
> {
> - struct level_datum *levdatum;
> - struct cat_datum *catdatum;
> + struct selinux_ss_level_datum *levdatum;
> + struct selinux_ss_cat_datum *catdatum;
> struct selinux_ss_ebitmap bitmap;
> struct selinux_ss_ebitmap_node *node;
> int l, i;
> @@ -507,13 +507,13 @@ int mls_convert_context(struct policydb *oldp,
> return 0;
> }
>
> -int mls_compute_sid(struct context *scontext,
> - struct context *tcontext,
> +int mls_compute_sid(struct selinux_ss_context *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 specified,
> - struct context *newcontext)
> + struct selinux_ss_context *newcontext)
> {
> - struct range_trans *rtr;
> + struct selinux_ss_range_trans *rtr;
>
> if (!selinux_mls_enabled)
> return 0;
> @@ -558,7 +558,7 @@ int mls_compute_sid(struct context *scontext,
> * NetLabel MLS sensitivity level field.
> *
> */
> -void mls_export_netlbl_lvl(struct context *context,
> +void mls_export_netlbl_lvl(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr)
> {
> if (!selinux_mls_enabled)
> @@ -578,7 +578,7 @@ void mls_export_netlbl_lvl(struct context *context,
> * NetLabel MLS sensitivity level into the context.
> *
> */
> -void mls_import_netlbl_lvl(struct context *context,
> +void mls_import_netlbl_lvl(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr)
> {
> if (!selinux_mls_enabled)
> @@ -598,7 +598,7 @@ void mls_import_netlbl_lvl(struct context *context,
> * MLS category field. Returns zero on success, negative values on
> failure.
> *
> */
> -int mls_export_netlbl_cat(struct context *context,
> +int mls_export_netlbl_cat(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr)
> {
> int rc;
> @@ -626,7 +626,7 @@ int mls_export_netlbl_cat(struct context *context,
> * negative values on failure.
> *
> */
> -int mls_import_netlbl_cat(struct context *context,
> +int mls_import_netlbl_cat(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr)
> {
> int rc;
> diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h
> index 1276715..4eeca61 100644
> --- a/security/selinux/ss/mls.h
> +++ b/security/selinux/ss/mls.h
> @@ -24,60 +24,60 @@
> #include "context.h"
> #include "policydb.h"
>
> -int mls_compute_context_len(struct context *context);
> -void mls_sid_to_context(struct context *context, char **scontext);
> -int mls_context_isvalid(struct policydb *p, struct context *c);
> -int mls_range_isvalid(struct policydb *p, struct mls_range *r);
> -int mls_level_isvalid(struct policydb *p, struct mls_level *l);
> +int mls_compute_context_len(struct selinux_ss_context *context);
> +void mls_sid_to_context(struct selinux_ss_context *context, char
> **scontext);
> +int mls_context_isvalid(struct selinux_ss_policydb *p, struct
> selinux_ss_context *c);
> +int mls_range_isvalid(struct selinux_ss_policydb *p, struct mls_range
> *r);
> +int mls_level_isvalid(struct selinux_ss_policydb *p, struct mls_level
> *l);
>
> -int mls_context_to_sid(struct policydb *p,
> +int mls_context_to_sid(struct selinux_ss_policydb *p,
> char oldc,
> char **scontext,
> - struct context *context,
> - struct sidtab *s,
> + struct selinux_ss_context *context,
> + struct selinux_ss_sidtab *s,
> u32 def_sid);
>
> -int mls_from_string(char *str, struct context *context, gfp_t
> gfp_mask);
> +int mls_from_string(char *str, struct selinux_ss_context *context,
> gfp_t gfp_mask);
>
> -int mls_convert_context(struct policydb *oldp,
> - struct policydb *newp,
> - struct context *context);
> +int mls_convert_context(struct selinux_ss_policydb *oldp,
> + struct selinux_ss_policydb *newp,
> + struct selinux_ss_context *context);
>
> -int mls_compute_sid(struct context *scontext,
> - struct context *tcontext,
> +int mls_compute_sid(struct selinux_ss_context *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 specified,
> - struct context *newcontext);
> + struct selinux_ss_context *newcontext);
>
> -int mls_setup_user_range(struct context *fromcon, struct user_datum
> *user,
> - struct context *usercon);
> +int mls_setup_user_range(struct selinux_ss_context *fromcon, struct
> selinux_ss_user_datum *user,
> + struct selinux_ss_context *usercon);
>
> #ifdef CONFIG_NETLABEL
> -void mls_export_netlbl_lvl(struct context *context,
> +void mls_export_netlbl_lvl(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr);
> -void mls_import_netlbl_lvl(struct context *context,
> +void mls_import_netlbl_lvl(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr);
> -int mls_export_netlbl_cat(struct context *context,
> +int mls_export_netlbl_cat(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr);
> -int mls_import_netlbl_cat(struct context *context,
> +int mls_import_netlbl_cat(struct selinux_ss_context *context,
> struct netlbl_lsm_secattr *secattr);
> #else
> -static inline void mls_export_netlbl_lvl(struct context *context,
> +static inline void mls_export_netlbl_lvl(struct selinux_ss_context
> *context,
> struct netlbl_lsm_secattr *secattr)
> {
> return;
> }
> -static inline void mls_import_netlbl_lvl(struct context *context,
> +static inline void mls_import_netlbl_lvl(struct selinux_ss_context
> *context,
> struct netlbl_lsm_secattr *secattr)
> {
> return;
> }
> -static inline int mls_export_netlbl_cat(struct context *context,
> +static inline int mls_export_netlbl_cat(struct selinux_ss_context
> *context,
> struct netlbl_lsm_secattr *secattr)
> {
> return -ENOMEM;
> }
> -static inline int mls_import_netlbl_cat(struct context *context,
> +static inline int mls_import_netlbl_cat(struct selinux_ss_context
> *context,
> struct netlbl_lsm_secattr *secattr)
> {
> return -ENOMEM;
> diff --git a/security/selinux/ss/policydb.c
> b/security/selinux/ss/policydb.c
> index 776635a..c415b47 100644
> --- a/security/selinux/ss/policydb.c
> +++ b/security/selinux/ss/policydb.c
> @@ -65,14 +65,14 @@ static unsigned int symtab_sizes[SYM_NUM] = {
> 16,
> };
>
> -struct policydb_compat_info {
> +struct selinux_ss_policydb_compat_info {
> int version;
> int sym_num;
> int ocon_num;
> };
>
> /* These need to be updated if SYM_NUM or OCON_NUM changes */
> -static struct policydb_compat_info policydb_compat[] = {
> +static struct selinux_ss_policydb_compat_info policydb_compat[] = {
> {
> .version = POLICYDB_VERSION_BASE,
> .sym_num = SYM_NUM - 3,
> @@ -125,10 +125,10 @@ static struct policydb_compat_info
> policydb_compat[] = {
> },
> };
>
> -static struct policydb_compat_info *policydb_lookup_compat(int version)
> +static struct selinux_ss_policydb_compat_info
> *policydb_lookup_compat(int version)
> {
> int i;
> - struct policydb_compat_info *info = NULL;
> + struct selinux_ss_policydb_compat_info *info = NULL;
>
> for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) {
> if (policydb_compat[i].version == version) {
> @@ -142,11 +142,11 @@ static struct policydb_compat_info
> *policydb_lookup_compat(int version)
> /*
> * Initialize the role table.
> */
> -static int roles_init(struct policydb *p)
> +static int roles_init(struct selinux_ss_policydb *p)
> {
> char *key = NULL;
> int rc;
> - struct role_datum *role;
> + struct selinux_ss_role_datum *role;
>
> role = kzalloc(sizeof(*role), GFP_KERNEL);
> if (!role) {
> @@ -180,14 +180,14 @@ out_free_role:
> /*
> * Initialize a policy database structure.
> */
> -static int policydb_init(struct policydb *p)
> +static int policydb_init(struct selinux_ss_policydb *p)
> {
> int i, rc;
>
> memset(p, 0, sizeof(*p));
>
> for (i = 0; i < SYM_NUM; i++) {
> - rc = symtab_init(&p->symtab[i], symtab_sizes[i]);
> + rc = selinux_ss_symtab_init(&p->symtab[i], symtab_sizes[i]);
> if (rc)
> goto out_free_symtab;
> }
> @@ -228,8 +228,8 @@ out_free_symtab:
>
> static int common_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct common_datum *comdatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_common_datum *comdatum;
>
> comdatum = datum;
> p = datap;
> @@ -241,8 +241,8 @@ static int common_index(void *key, void *datum, void
> *datap)
>
> static int class_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct class_datum *cladatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_class_datum *cladatum;
>
> cladatum = datum;
> p = datap;
> @@ -255,8 +255,8 @@ static int class_index(void *key, void *datum, void
> *datap)
>
> static int role_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct role_datum *role;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_role_datum *role;
>
> role = datum;
> p = datap;
> @@ -271,8 +271,8 @@ static int role_index(void *key, void *datum, void
> *datap)
>
> static int type_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct type_datum *typdatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_type_datum *typdatum;
>
> typdatum = datum;
> p = datap;
> @@ -291,8 +291,8 @@ static int type_index(void *key, void *datum, void
> *datap)
>
> static int user_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct user_datum *usrdatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_user_datum *usrdatum;
>
> usrdatum = datum;
> p = datap;
> @@ -307,8 +307,8 @@ static int user_index(void *key, void *datum, void
> *datap)
>
> static int sens_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct level_datum *levdatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_level_datum *levdatum;
>
> levdatum = datum;
> p = datap;
> @@ -325,8 +325,8 @@ static int sens_index(void *key, void *datum, void
> *datap)
>
> static int cat_index(void *key, void *datum, void *datap)
> {
> - struct policydb *p;
> - struct cat_datum *catdatum;
> + struct selinux_ss_policydb *p;
> + struct selinux_ss_cat_datum *catdatum;
>
> catdatum = datum;
> p = datap;
> @@ -359,7 +359,7 @@ static int (*index_f[SYM_NUM]) (void *key, void
> *datum, void *datap) =
> *
> * Caller must clean up upon failure.
> */
> -static int policydb_index_classes(struct policydb *p)
> +static int policydb_index_classes(struct selinux_ss_policydb *p)
> {
> int rc;
>
> @@ -394,7 +394,7 @@ out:
> }
>
> #ifdef DEBUG_HASHES
> -static void symtab_hash_eval(struct symtab *s)
> +static void symtab_hash_eval(struct selinux_ss_symtab *s)
> {
> int i;
>
> @@ -416,7 +416,7 @@ static void symtab_hash_eval(struct symtab *s)
> *
> * Caller must clean up on failure.
> */
> -static int policydb_index_others(struct policydb *p)
> +static int policydb_index_others(struct selinux_ss_policydb *p)
> {
> int i, rc = 0;
>
> @@ -495,7 +495,7 @@ static int perm_destroy(void *key, void *datum, void
> *p)
>
> static int common_destroy(void *key, void *datum, void *p)
> {
> - struct common_datum *comdatum;
> + struct selinux_ss_common_datum *comdatum;
>
> kfree(key);
> comdatum = datum;
> @@ -507,7 +507,7 @@ static int common_destroy(void *key, void *datum,
> void *p)
>
> static int cls_destroy(void *key, void *datum, void *p)
> {
> - struct class_datum *cladatum;
> + struct selinux_ss_class_datum *cladatum;
> struct selinux_ss_constraint_node *constraint, *ctemp;
> struct selinux_ss_constraint_expr *e, *etmp;
>
> @@ -550,7 +550,7 @@ static int cls_destroy(void *key, void *datum, void
> *p)
>
> static int role_destroy(void *key, void *datum, void *p)
> {
> - struct role_datum *role;
> + struct selinux_ss_role_datum *role;
>
> kfree(key);
> role = datum;
> @@ -569,7 +569,7 @@ static int type_destroy(void *key, void *datum, void
> *p)
>
> static int user_destroy(void *key, void *datum, void *p)
> {
> - struct user_datum *usrdatum;
> + struct selinux_ss_user_datum *usrdatum;
>
> kfree(key);
> usrdatum = datum;
> @@ -583,7 +583,7 @@ static int user_destroy(void *key, void *datum, void
> *p)
>
> static int sens_destroy(void *key, void *datum, void *p)
> {
> - struct level_datum *levdatum;
> + struct selinux_ss_level_datum *levdatum;
>
> kfree(key);
> levdatum = datum;
> @@ -612,7 +612,7 @@ static int (*destroy_f[SYM_NUM]) (void *key, void
> *datum, void *datap) =
> cat_destroy,
> };
>
> -static void ocontext_destroy(struct ocontext *c, int i)
> +static void ocontext_destroy(struct selinux_ss_ocontext *c, int i)
> {
> context_destroy(&c->context[0]);
> context_destroy(&c->context[1]);
> @@ -625,14 +625,14 @@ static void ocontext_destroy(struct ocontext *c,
> int i)
> /*
> * Free any memory allocated by a policy database structure.
> */
> -void policydb_destroy(struct policydb *p)
> +void policydb_destroy(struct selinux_ss_policydb *p)
> {
> - struct ocontext *c, *ctmp;
> - struct genfs *g, *gtmp;
> + struct selinux_ss_ocontext *c, *ctmp;
> + struct selinux_ss_genfs *g, *gtmp;
> int i;
> - struct role_allow *ra, *lra = NULL;
> - struct role_trans *tr, *ltr = NULL;
> - struct range_trans *rt, *lrt = NULL;
> + struct selinux_ss_role_allow *ra, *lra = NULL;
> + struct selinux_ss_role_trans *tr, *ltr = NULL;
> + struct selinux_ss_range_trans *rt, *lrt = NULL;
>
> for (i = 0; i < SYM_NUM; i++) {
> cond_resched();
> @@ -724,12 +724,12 @@ void policydb_destroy(struct policydb *p)
> * Load the initial SIDs specified in a policy database
> * structure into a SID table.
> */
> -int policydb_load_isids(struct policydb *p, struct sidtab *s)
> +int policydb_load_isids(struct selinux_ss_policydb *p, struct
> selinux_ss_sidtab *s)
> {
> - struct ocontext *head, *c;
> + struct selinux_ss_ocontext *head, *c;
> int rc;
>
> - rc = sidtab_init(s);
> + rc = selinux_ss_sidtab_init(s);
> if (rc) {
> printk(KERN_ERR "SELinux: out of memory on SID table init\n");
> goto out;
> @@ -743,7 +743,7 @@ int policydb_load_isids(struct policydb *p, struct
> sidtab *s)
> rc = -EINVAL;
> goto out;
> }
> - if (sidtab_insert(s, c->sid[0], &c->context[0])) {
> + if (selinux_ss_sidtab_insert(s, c->sid[0], &c->context[0])) {
> printk(KERN_ERR "SELinux: unable to load initial "
> "SID %s.\n", c->u.name);
> rc = -EINVAL;
> @@ -754,21 +754,21 @@ out:
> return rc;
> }
>
> -int policydb_class_isvalid(struct policydb *p, unsigned int class)
> +int policydb_class_isvalid(struct selinux_ss_policydb *p, unsigned int
> class)
> {
> if (!class || class > p->p_classes.nprim)
> return 0;
> return 1;
> }
>
> -int policydb_role_isvalid(struct policydb *p, unsigned int role)
> +int policydb_role_isvalid(struct selinux_ss_policydb *p, unsigned int
> role)
> {
> if (!role || role > p->p_roles.nprim)
> return 0;
> return 1;
> }
>
> -int policydb_type_isvalid(struct policydb *p, unsigned int type)
> +int policydb_type_isvalid(struct selinux_ss_policydb *p, unsigned int
> type)
> {
> if (!type || type > p->p_types.nprim)
> return 0;
> @@ -779,10 +779,10 @@ int policydb_type_isvalid(struct policydb *p,
> unsigned int type)
> * Return 1 if the fields in the security context
> * structure `c' are valid. Return 0 otherwise.
> */
> -int policydb_context_isvalid(struct policydb *p, struct context *c)
> +int policydb_context_isvalid(struct selinux_ss_policydb *p, struct
> selinux_ss_context *c)
> {
> - struct role_datum *role;
> - struct user_datum *usrdatum;
> + struct selinux_ss_role_datum *role;
> + struct selinux_ss_user_datum *usrdatum;
>
> if (!c->role || c->role > p->p_roles.nprim)
> return 0;
> @@ -886,8 +886,8 @@ bad_high:
> * Read and validate a security context structure
> * from a policydb binary representation file.
> */
> -static int context_read_and_validate(struct context *c,
> - struct policydb *p,
> +static int context_read_and_validate(struct selinux_ss_context *c,
> + struct selinux_ss_policydb *p,
> void *fp)
> {
> __le32 buf[3];
> @@ -925,10 +925,10 @@ out:
> * binary representation file.
> */
>
> -static int perm_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int perm_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct perm_datum *perdatum;
> + struct selinux_ss_perm_datum *perdatum;
> int rc;
> __le32 buf[2];
> u32 len;
> @@ -966,10 +966,10 @@ bad:
> goto out;
> }
>
> -static int common_read(struct policydb *p, struct selinux_ss_hashtab
> *h, void *fp)
> +static int common_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct common_datum *comdatum;
> + struct selinux_ss_common_datum *comdatum;
> __le32 buf[4];
> u32 len, nel;
> int i, rc;
> @@ -987,7 +987,7 @@ static int common_read(struct policydb *p, struct
> selinux_ss_hashtab *h, void *f
> len = le32_to_cpu(buf[0]);
> comdatum->value = le32_to_cpu(buf[1]);
>
> - rc = symtab_init(&comdatum->permissions, PERM_SYMTAB_SIZE);
> + rc = selinux_ss_symtab_init(&comdatum->permissions, PERM_SYMTAB_SIZE);
> if (rc)
> goto bad;
> comdatum->permissions.nprim = le32_to_cpu(buf[2]);
> @@ -1101,10 +1101,10 @@ static int read_cons_helper(struct
> selinux_ss_constraint_node **nodep, int ncons
> return 0;
> }
>
> -static int class_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int class_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct class_datum *cladatum;
> + struct selinux_ss_class_datum *cladatum;
> __le32 buf[6];
> u32 len, len2, ncons, nel;
> int i, rc;
> @@ -1123,7 +1123,7 @@ static int class_read(struct policydb *p, struct
> selinux_ss_hashtab *h, void *fp
> len2 = le32_to_cpu(buf[1]);
> cladatum->value = le32_to_cpu(buf[2]);
>
> - rc = symtab_init(&cladatum->permissions, PERM_SYMTAB_SIZE);
> + rc = selinux_ss_symtab_init(&cladatum->permissions, PERM_SYMTAB_SIZE);
> if (rc)
> goto bad;
> cladatum->permissions.nprim = le32_to_cpu(buf[3]);
> @@ -1194,10 +1194,10 @@ bad:
> goto out;
> }
>
> -static int role_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int role_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct role_datum *role;
> + struct selinux_ss_role_datum *role;
> int rc, to_read = 2;
> __le32 buf[3];
> u32 len;
> @@ -1259,10 +1259,10 @@ bad:
> goto out;
> }
>
> -static int type_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int type_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct type_datum *typdatum;
> + struct selinux_ss_type_datum *typdatum;
> int rc, to_read = 3;
> __le32 buf[4];
> u32 len;
> @@ -1346,10 +1346,10 @@ bad:
> return -EINVAL;
> }
>
> -static int user_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int user_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct user_datum *usrdatum;
> + struct selinux_ss_user_datum *usrdatum;
> int rc, to_read = 2;
> __le32 buf[3];
> u32 len;
> @@ -1405,10 +1405,10 @@ bad:
> goto out;
> }
>
> -static int sens_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int sens_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct level_datum *levdatum;
> + struct selinux_ss_level_datum *levdatum;
> int rc;
> __le32 buf[2];
> u32 len;
> @@ -1456,10 +1456,10 @@ bad:
> goto out;
> }
>
> -static int cat_read(struct policydb *p, struct selinux_ss_hashtab *h,
> void *fp)
> +static int cat_read(struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp)
> {
> char *key = NULL;
> - struct cat_datum *catdatum;
> + struct selinux_ss_cat_datum *catdatum;
> int rc;
> __le32 buf[3];
> u32 len;
> @@ -1499,7 +1499,7 @@ bad:
> goto out;
> }
>
> -static int (*read_f[SYM_NUM]) (struct policydb *p, struct
> selinux_ss_hashtab *h, void *fp) =
> +static int (*read_f[SYM_NUM]) (struct selinux_ss_policydb *p, struct
> selinux_ss_hashtab *h, void *fp) =
> {
> common_read,
> class_read,
> @@ -1513,8 +1513,8 @@ static int (*read_f[SYM_NUM]) (struct policydb *p,
> struct selinux_ss_hashtab *h,
>
> static int user_bounds_sanity_check(void *key, void *datum, void
> *datap)
> {
> - struct user_datum *upper, *user;
> - struct policydb *p = datap;
> + struct selinux_ss_user_datum *upper, *user;
> + struct selinux_ss_policydb *p = datap;
> int depth = 0;
>
> upper = user = datum;
> @@ -1550,8 +1550,8 @@ static int user_bounds_sanity_check(void *key,
> void *datum, void *datap)
>
> static int role_bounds_sanity_check(void *key, void *datum, void
> *datap)
> {
> - struct role_datum *upper, *role;
> - struct policydb *p = datap;
> + struct selinux_ss_role_datum *upper, *role;
> + struct selinux_ss_policydb *p = datap;
> int depth = 0;
>
> upper = role = datum;
> @@ -1587,8 +1587,8 @@ static int role_bounds_sanity_check(void *key,
> void *datum, void *datap)
>
> static int type_bounds_sanity_check(void *key, void *datum, void
> *datap)
> {
> - struct type_datum *upper, *type;
> - struct policydb *p = datap;
> + struct selinux_ss_type_datum *upper, *type;
> + struct selinux_ss_policydb *p = datap;
> int depth = 0;
>
> upper = type = datum;
> @@ -1613,7 +1613,7 @@ static int type_bounds_sanity_check(void *key,
> void *datum, void *datap)
> return 0;
> }
>
> -static int policydb_bounds_sanity_check(struct policydb *p)
> +static int policydb_bounds_sanity_check(struct selinux_ss_policydb *p)
> {
> int rc;
>
> @@ -1644,19 +1644,19 @@ extern int ss_initialized;
> * Read the configuration data from a policy database binary
> * representation file into a policy database structure.
> */
> -int policydb_read(struct policydb *p, void *fp)
> +int policydb_read(struct selinux_ss_policydb *p, void *fp)
> {
> - struct role_allow *ra, *lra;
> - struct role_trans *tr, *ltr;
> - struct ocontext *l, *c, *newc;
> - struct genfs *genfs_p, *genfs, *newgenfs;
> + struct selinux_ss_role_allow *ra, *lra;
> + struct selinux_ss_role_trans *tr, *ltr;
> + struct selinux_ss_ocontext *l, *c, *newc;
> + struct selinux_ss_genfs *genfs_p, *genfs, *newgenfs;
> int i, j, rc;
> __le32 buf[4];
> u32 nodebuf[8];
> u32 len, len2, config, nprim, nel, nel2;
> char *policydb_str;
> - struct policydb_compat_info *info;
> - struct range_trans *rt, *lrt;
> + struct selinux_ss_policydb_compat_info *info;
> + struct selinux_ss_range_trans *rt, *lrt;
>
> config = 0;
>
> diff --git a/security/selinux/ss/policydb.h
> b/security/selinux/ss/policydb.h
> index b1a3ffd..cb16f9f 100644
> --- a/security/selinux/ss/policydb.h
> +++ b/security/selinux/ss/policydb.h
> @@ -38,49 +38,49 @@
> */
>
> /* Permission attributes */
> -struct perm_datum {
> +struct selinux_ss_perm_datum {
> u32 value; /* permission bit + 1 */
> };
>
> /* Attributes of a common prefix for access vectors */
> -struct common_datum {
> +struct selinux_ss_common_datum {
> u32 value; /* internal common value */
> - struct symtab permissions; /* common permissions */
> + struct selinux_ss_symtab permissions; /* common permissions */
> };
>
> /* Class attributes */
> -struct class_datum {
> +struct selinux_ss_class_datum {
> u32 value; /* class value */
> char *comkey; /* common name */
> - struct common_datum *comdatum; /* common datum */
> - struct symtab permissions; /* class-specific permission symbol table
> */
> + struct selinux_ss_common_datum *comdatum; /* common datum */
> + struct selinux_ss_symtab permissions; /* class-specific permission
> symbol table */
> struct selinux_ss_constraint_node *constraints; /* constraints on
> class permissions */
> struct selinux_ss_constraint_node *validatetrans; /* special
> transition rules */
> };
>
> /* Role attributes */
> -struct role_datum {
> +struct selinux_ss_role_datum {
> u32 value; /* internal role value */
> u32 bounds; /* boundary of role */
> struct selinux_ss_ebitmap dominates; /* set of roles dominated by this
> role */
> struct selinux_ss_ebitmap types; /* set of authorized types for role
> */
> };
>
> -struct role_trans {
> +struct selinux_ss_role_trans {
> u32 role; /* current role */
> u32 type; /* program executable type */
> u32 new_role; /* new role */
> - struct role_trans *next;
> + struct selinux_ss_role_trans *next;
> };
>
> -struct role_allow {
> +struct selinux_ss_role_allow {
> u32 role; /* current role */
> u32 new_role; /* new role */
> - struct role_allow *next;
> + struct selinux_ss_role_allow *next;
> };
>
> /* Type attributes */
> -struct type_datum {
> +struct selinux_ss_type_datum {
> u32 value; /* internal type value */
> u32 bounds; /* boundary of type */
> unsigned char primary; /* primary name? */
> @@ -88,7 +88,7 @@ struct type_datum {
> };
>
> /* User attributes */
> -struct user_datum {
> +struct selinux_ss_user_datum {
> u32 value; /* internal user value */
> u32 bounds; /* bounds of user */
> struct selinux_ss_ebitmap roles; /* set of authorized roles for user
> */
> @@ -98,23 +98,23 @@ struct user_datum {
>
>
> /* Sensitivity attributes */
> -struct level_datum {
> +struct selinux_ss_level_datum {
> struct mls_level *level; /* sensitivity and associated categories */
> unsigned char isalias; /* is this sensitivity an alias for another? */
> };
>
> /* Category attributes */
> -struct cat_datum {
> +struct selinux_ss_cat_datum {
> u32 value; /* internal category bit + 1 */
> unsigned char isalias; /* is this category an alias for another? */
> };
>
> -struct range_trans {
> +struct selinux_ss_range_trans {
> u32 source_type;
> u32 target_type;
> u32 target_class;
> struct mls_range target_range;
> - struct range_trans *next;
> + struct selinux_ss_range_trans *next;
> };
>
> /* Boolean data type */
> @@ -132,7 +132,7 @@ struct selinux_ss_cond_node;
> * relevant data for one such entry. Entries of the same kind
> * (e.g. all initial SIDs) are linked together into a list.
> */
> -struct ocontext {
> +struct selinux_ss_ocontext {
> union {
> char *name; /* name of initial SID, fs, netif, fstype, path */
> struct {
> @@ -153,15 +153,15 @@ struct ocontext {
> u32 sclass; /* security class for genfs */
> u32 behavior; /* labeling behavior for fs_use */
> } v;
> - struct context context[2]; /* security context(s) */
> + struct selinux_ss_context context[2]; /* security context(s) */
> u32 sid[2]; /* SID(s) */
> - struct ocontext *next;
> + struct selinux_ss_ocontext *next;
> };
>
> -struct genfs {
> +struct selinux_ss_genfs {
> char *fstype;
> - struct ocontext *head;
> - struct genfs *next;
> + struct selinux_ss_ocontext *head;
> + struct selinux_ss_genfs *next;
> };
>
> /* symbol table array indices */
> @@ -186,9 +186,9 @@ struct genfs {
> #define OCON_NUM 7
>
> /* The policy database */
> -struct policydb {
> +struct selinux_ss_policydb {
> /* symbol tables */
> - struct symtab symtab[SYM_NUM];
> + struct selinux_ss_symtab symtab[SYM_NUM];
> #define p_commons symtab[SYM_COMMONS]
> #define p_classes symtab[SYM_CLASSES]
> #define p_roles symtab[SYM_ROLES]
> @@ -210,16 +210,16 @@ struct policydb {
> #define p_cat_val_to_name sym_val_to_name[SYM_CATS]
>
> /* class, role, and user attributes indexed by (value - 1) */
> - struct class_datum **class_val_to_struct;
> - struct role_datum **role_val_to_struct;
> - struct user_datum **user_val_to_struct;
> - struct type_datum **type_val_to_struct;
> + struct selinux_ss_class_datum **class_val_to_struct;
> + struct selinux_ss_role_datum **role_val_to_struct;
> + struct selinux_ss_user_datum **user_val_to_struct;
> + struct selinux_ss_type_datum **type_val_to_struct;
>
> /* type enforcement access vectors and transitions */
> struct selinux_ss_avtab te_avtab;
>
> /* role transitions */
> - struct role_trans *role_tr;
> + struct selinux_ss_role_trans *role_tr;
>
> /* bools indexed by (value - 1) */
> struct selinux_ss_cond_bool_datum **bool_val_to_struct;
> @@ -229,19 +229,19 @@ struct policydb {
> struct selinux_ss_cond_node *cond_list;
>
> /* role allows */
> - struct role_allow *role_allow;
> + struct selinux_ss_role_allow *role_allow;
>
> /* security contexts of initial SIDs, unlabeled file systems,
> TCP or UDP port numbers, network interfaces and nodes */
> - struct ocontext *ocontexts[OCON_NUM];
> + struct selinux_ss_ocontext *ocontexts[OCON_NUM];
>
> /* security contexts for files in filesystems that cannot support
> a persistent label mapping or use another
> fixed labeling behavior. */
> - struct genfs *genfs;
> + struct selinux_ss_genfs *genfs;
>
> /* range transitions */
> - struct range_trans *range_tr;
> + struct selinux_ss_range_trans *range_tr;
>
> /* type -> attribute reverse mapping */
> struct selinux_ss_ebitmap *type_attr_map;
> @@ -257,13 +257,13 @@ struct policydb {
> u32 *undefined_perms;
> };
>
> -extern void policydb_destroy(struct policydb *p);
> -extern int policydb_load_isids(struct policydb *p, struct sidtab *s);
> -extern int policydb_context_isvalid(struct policydb *p, struct context
> *c);
> -extern int policydb_class_isvalid(struct policydb *p, unsigned int
> class);
> -extern int policydb_type_isvalid(struct policydb *p, unsigned int
> type);
> -extern int policydb_role_isvalid(struct policydb *p, unsigned int
> role);
> -extern int policydb_read(struct policydb *p, void *fp);
> +extern void policydb_destroy(struct selinux_ss_policydb *p);
> +extern int policydb_load_isids(struct selinux_ss_policydb *p, struct
> selinux_ss_sidtab *s);
> +extern int policydb_context_isvalid(struct selinux_ss_policydb *p,
> struct selinux_ss_context *c);
> +extern int policydb_class_isvalid(struct selinux_ss_policydb *p,
> unsigned int class);
> +extern int policydb_type_isvalid(struct selinux_ss_policydb *p,
> unsigned int type);
> +extern int policydb_role_isvalid(struct selinux_ss_policydb *p,
> unsigned int role);
> +extern int policydb_read(struct selinux_ss_policydb *p, void *fp);
>
> #define PERM_SYMTAB_SIZE 32
>
> @@ -279,12 +279,12 @@ extern int policydb_read(struct policydb *p, void
> *fp);
> #define POLICYDB_MAGIC SELINUX_MAGIC
> #define POLICYDB_STRING "SE Linux"
>
> -struct policy_file {
> +struct selinux_ss_policy_file {
> char *data;
> size_t len;
> };
>
> -static inline int next_entry(void *buf, struct policy_file *fp, size_t
> bytes)
> +static inline int next_entry(void *buf, struct selinux_ss_policy_file
> *fp, size_t bytes)
> {
> if (bytes > fp->len)
> return -EINVAL;
> diff --git a/security/selinux/ss/services.c
> b/security/selinux/ss/services.c
> index 82b8c18..ec85a56 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -77,8 +77,8 @@ extern const struct selinux_class_perm
> selinux_class_perm;
>
> static DEFINE_RWLOCK(policy_rwlock);
>
> -static struct sidtab sidtab;
> -struct policydb policydb;
> +static struct selinux_ss_sidtab sidtab;
> +struct selinux_ss_policydb policydb;
> int ss_initialized;
>
> /*
> @@ -90,11 +90,11 @@ int ss_initialized;
> static u32 latest_granting;
>
> /* Forward declaration. */
> -static int context_struct_to_string(struct context *context, char
> **scontext,
> +static int context_struct_to_string(struct selinux_ss_context *context,
> char **scontext,
> u32 *scontext_len);
>
> -static int context_struct_compute_av(struct context *scontext,
> - struct context *tcontext,
> +static int context_struct_compute_av(struct selinux_ss_context
> *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 requested,
> struct av_decision *avd);
> @@ -109,14 +109,14 @@ static int context_struct_compute_av(struct
> context *scontext,
> * of the process performing the transition. All other callers of
> * constraint_expr_eval should pass in NULL for xcontext.
> */
> -static int constraint_expr_eval(struct context *scontext,
> - struct context *tcontext,
> - struct context *xcontext,
> +static int constraint_expr_eval(struct selinux_ss_context *scontext,
> + struct selinux_ss_context *tcontext,
> + struct selinux_ss_context *xcontext,
> struct selinux_ss_constraint_expr *cexpr)
> {
> u32 val1, val2;
> - struct context *c;
> - struct role_datum *r1, *r2;
> + struct selinux_ss_context *c;
> + struct selinux_ss_role_datum *r1, *r2;
> struct mls_level *l1, *l2;
> struct selinux_ss_constraint_expr *e;
> int s[CEXPR_MAXDEPTH];
> @@ -289,7 +289,7 @@ mls_ops:
> */
> static int dump_masked_av_helper(void *k, void *d, void *args)
> {
> - struct perm_datum *pdatum = d;
> + struct selinux_ss_perm_datum *pdatum = d;
> char **permission_names = args;
>
> BUG_ON(pdatum->value < 1 || pdatum->value > 32);
> @@ -299,14 +299,14 @@ static int dump_masked_av_helper(void *k, void *d,
> void *args)
> return 0;
> }
>
> -static void security_dump_masked_av(struct context *scontext,
> - struct context *tcontext,
> +static void security_dump_masked_av(struct selinux_ss_context
> *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 permissions,
> const char *reason)
> {
> - struct common_datum *common_dat;
> - struct class_datum *tclass_dat;
> + struct selinux_ss_common_datum *common_dat;
> + struct selinux_ss_class_datum *tclass_dat;
> struct audit_buffer *ab;
> char *tclass_name;
> char *scontext_name = NULL;
> @@ -376,18 +376,18 @@ out:
> * security_boundary_permission - drops violated permissions
> * on boundary constraint.
> */
> -static void type_attribute_bounds_av(struct context *scontext,
> - struct context *tcontext,
> +static void type_attribute_bounds_av(struct selinux_ss_context
> *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 requested,
> struct av_decision *avd)
> {
> - struct context lo_scontext;
> - struct context lo_tcontext;
> + struct selinux_ss_context lo_scontext;
> + struct selinux_ss_context lo_tcontext;
> struct av_decision lo_avd;
> - struct type_datum *source
> + struct selinux_ss_type_datum *source
> = policydb.type_val_to_struct[scontext->type - 1];
> - struct type_datum *target
> + struct selinux_ss_type_datum *target
> = policydb.type_val_to_struct[tcontext->type - 1];
> u32 masked = 0;
>
> @@ -454,17 +454,17 @@ static void type_attribute_bounds_av(struct
> context *scontext,
> * Compute access vectors based on a context structure pair for
> * the permissions in a particular class.
> */
> -static int context_struct_compute_av(struct context *scontext,
> - struct context *tcontext,
> +static int context_struct_compute_av(struct selinux_ss_context
> *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> u32 requested,
> struct av_decision *avd)
> {
> struct selinux_ss_constraint_node *constraint;
> - struct role_allow *ra;
> + struct selinux_ss_role_allow *ra;
> struct selinux_ss_avtab_key avkey;
> struct selinux_ss_avtab_node *node;
> - struct class_datum *tclass_datum;
> + struct selinux_ss_class_datum *tclass_datum;
> struct selinux_ss_ebitmap *sattr, *tattr;
> struct selinux_ss_ebitmap_node *snode, *tnode;
> const struct selinux_class_perm *kdefs = &selinux_class_perm;
> @@ -607,9 +607,9 @@ inval_class:
> return 0;
> }
>
> -static int security_validtrans_handle_fail(struct context *ocontext,
> - struct context *ncontext,
> - struct context *tcontext,
> +static int security_validtrans_handle_fail(struct selinux_ss_context
> *ocontext,
> + struct selinux_ss_context *ncontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass)
> {
> char *o = NULL, *n = NULL, *t = NULL;
> @@ -638,10 +638,10 @@ out:
> int selinux_ss_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
> u16 tclass)
> {
> - struct context *ocontext;
> - struct context *ncontext;
> - struct context *tcontext;
> - struct class_datum *tclass_datum;
> + struct selinux_ss_context *ocontext;
> + struct selinux_ss_context *ncontext;
> + struct selinux_ss_context *tcontext;
> + struct selinux_ss_class_datum *tclass_datum;
> struct selinux_ss_constraint_node *constraint;
> int rc = 0;
>
> @@ -669,7 +669,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
> newsid, u32 tasksid,
> }
> tclass_datum = policydb.class_val_to_struct[tclass - 1];
>
> - ocontext = sidtab_search(&sidtab, oldsid);
> + ocontext = selinux_ss_sidtab_search(&sidtab, oldsid);
> if (!ocontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, oldsid);
> @@ -677,7 +677,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
> newsid, u32 tasksid,
> goto out;
> }
>
> - ncontext = sidtab_search(&sidtab, newsid);
> + ncontext = selinux_ss_sidtab_search(&sidtab, newsid);
> if (!ncontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, newsid);
> @@ -685,7 +685,7 @@ int selinux_ss_validate_transition(u32 oldsid, u32
> newsid, u32 tasksid,
> goto out;
> }
>
> - tcontext = sidtab_search(&sidtab, tasksid);
> + tcontext = selinux_ss_sidtab_search(&sidtab, tasksid);
> if (!tcontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, tasksid);
> @@ -720,21 +720,21 @@ out:
> */
> int selinux_ss_bounded_transition(u32 old_sid, u32 new_sid)
> {
> - struct context *old_context, *new_context;
> - struct type_datum *type;
> + struct selinux_ss_context *old_context, *new_context;
> + struct selinux_ss_type_datum *type;
> int index;
> int rc = -EINVAL;
>
> read_lock(&policy_rwlock);
>
> - old_context = sidtab_search(&sidtab, old_sid);
> + old_context = selinux_ss_sidtab_search(&sidtab, old_sid);
> if (!old_context) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
> __func__, old_sid);
> goto out;
> }
>
> - new_context = sidtab_search(&sidtab, new_sid);
> + new_context = selinux_ss_sidtab_search(&sidtab, new_sid);
> if (!new_context) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %u\n",
> __func__, new_sid);
> @@ -811,7 +811,7 @@ int selinux_ss_compute_av(u32 ssid,
> u32 requested,
> struct av_decision *avd)
> {
> - struct context *scontext = NULL, *tcontext = NULL;
> + struct selinux_ss_context *scontext = NULL, *tcontext = NULL;
> int rc = 0;
>
> if (!ss_initialized) {
> @@ -824,14 +824,14 @@ int selinux_ss_compute_av(u32 ssid,
>
> read_lock(&policy_rwlock);
>
> - scontext = sidtab_search(&sidtab, ssid);
> + scontext = selinux_ss_sidtab_search(&sidtab, ssid);
> if (!scontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, ssid);
> rc = -EINVAL;
> goto out;
> }
> - tcontext = sidtab_search(&sidtab, tsid);
> + tcontext = selinux_ss_sidtab_search(&sidtab, tsid);
> if (!tcontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, tsid);
> @@ -857,7 +857,7 @@ out:
> * to point to this string and set `*scontext_len' to
> * the length of the string.
> */
> -static int context_struct_to_string(struct context *context, char
> **scontext, u32 *scontext_len)
> +static int context_struct_to_string(struct selinux_ss_context *context,
> char **scontext, u32 *scontext_len)
> {
> char *scontextp;
>
> @@ -914,7 +914,7 @@ const char *selinux_ss_get_initial_sid_context(u32
> sid)
> static int security_sid_to_context_core(u32 sid, char **scontext,
> u32 *scontext_len, int force)
> {
> - struct context *context;
> + struct selinux_ss_context *context;
> int rc = 0;
>
> *scontext = NULL;
> @@ -941,9 +941,9 @@ static int security_sid_to_context_core(u32 sid,
> char **scontext,
> }
> read_lock(&policy_rwlock);
> if (force)
> - context = sidtab_search_force(&sidtab, sid);
> + context = selinux_ss_sidtab_search_force(&sidtab, sid);
> else
> - context = sidtab_search(&sidtab, sid);
> + context = selinux_ss_sidtab_search(&sidtab, sid);
> if (!context) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, sid);
> @@ -981,16 +981,16 @@ int selinux_ss_sid_to_context_force(u32 sid, char
> **scontext, u32 *scontext_len)
> /*
> * Caveat: Mutates scontext.
> */
> -static int string_to_context_struct(struct policydb *pol,
> - struct sidtab *sidtabp,
> +static int string_to_context_struct(struct selinux_ss_policydb *pol,
> + struct selinux_ss_sidtab *sidtabp,
> char *scontext,
> u32 scontext_len,
> - struct context *ctx,
> + struct selinux_ss_context *ctx,
> u32 def_sid)
> {
> - struct role_datum *role;
> - struct type_datum *typdatum;
> - struct user_datum *usrdatum;
> + struct selinux_ss_role_datum *role;
> + struct selinux_ss_type_datum *typdatum;
> + struct selinux_ss_user_datum *usrdatum;
> char *scontextp, *p, oldc;
> int rc = 0;
>
> @@ -1071,7 +1071,7 @@ static int security_context_to_sid_core(const char
> *scontext, u32 scontext_len,
> int force)
> {
> char *scontext2, *str = NULL;
> - struct context context;
> + struct selinux_ss_context context;
> int rc = 0;
>
> if (!ss_initialized) {
> @@ -1114,7 +1114,7 @@ static int security_context_to_sid_core(const char
> *scontext, u32 scontext_len,
> str = NULL;
> } else if (rc)
> goto out;
> - rc = sidtab_context_to_sid(&sidtab, &context, sid);
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab, &context, sid);
> context_destroy(&context);
> out:
> read_unlock(&policy_rwlock);
> @@ -1173,10 +1173,10 @@ int selinux_ss_context_to_sid_force(const char
> *scontext, u32 scontext_len,
> }
>
> static int compute_sid_handle_invalid_context(
> - struct context *scontext,
> - struct context *tcontext,
> + struct selinux_ss_context *scontext,
> + struct selinux_ss_context *tcontext,
> u16 tclass,
> - struct context *newcontext)
> + struct selinux_ss_context *newcontext)
> {
> char *s = NULL, *t = NULL, *n = NULL;
> u32 slen, tlen, nlen;
> @@ -1208,8 +1208,8 @@ static int security_compute_sid(u32 ssid,
> u32 specified,
> u32 *out_sid)
> {
> - struct context *scontext = NULL, *tcontext = NULL, newcontext;
> - struct role_trans *roletr = NULL;
> + struct selinux_ss_context *scontext = NULL, *tcontext = NULL,
> newcontext;
> + struct selinux_ss_role_trans *roletr = NULL;
> struct selinux_ss_avtab_key avkey;
> struct selinux_ss_avtab_datum *avdatum;
> struct selinux_ss_avtab_node *node;
> @@ -1231,14 +1231,14 @@ static int security_compute_sid(u32 ssid,
>
> read_lock(&policy_rwlock);
>
> - scontext = sidtab_search(&sidtab, ssid);
> + scontext = selinux_ss_sidtab_search(&sidtab, ssid);
> if (!scontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, ssid);
> rc = -EINVAL;
> goto out_unlock;
> }
> - tcontext = sidtab_search(&sidtab, tsid);
> + tcontext = selinux_ss_sidtab_search(&sidtab, tsid);
> if (!tcontext) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, tsid);
> @@ -1332,7 +1332,7 @@ static int security_compute_sid(u32 ssid,
> goto out_unlock;
> }
> /* Obtain the sid for the context. */
> - rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid);
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab, &newcontext, out_sid);
> out_unlock:
> read_unlock(&policy_rwlock);
> context_destroy(&newcontext);
> @@ -1407,16 +1407,16 @@ int selinux_ss_change_sid(u32 ssid,
> * Verify that each kernel class that is defined in the
> * policy is correct
> */
> -static int validate_classes(struct policydb *p)
> +static int validate_classes(struct selinux_ss_policydb *p)
> {
> int i, j;
> - struct class_datum *cladatum;
> - struct perm_datum *perdatum;
> + struct selinux_ss_class_datum *cladatum;
> + struct selinux_ss_perm_datum *perdatum;
> u32 nprim, tmp, common_pts_len, perm_val, pol_val;
> u16 class_val;
> const struct selinux_class_perm *kdefs = &selinux_class_perm;
> const char *def_class, *def_perm, *pol_class;
> - struct symtab *perms;
> + struct selinux_ss_symtab *perms;
> bool print_unknown_handle = 0;
>
> if (p->allow_unknown) {
> @@ -1542,15 +1542,15 @@ static int validate_classes(struct policydb *p)
>
> /* Clone the SID into the new SID table. */
> static int clone_sid(u32 sid,
> - struct context *context,
> + struct selinux_ss_context *context,
> void *arg)
> {
> - struct sidtab *s = arg;
> + struct selinux_ss_sidtab *s = arg;
>
> - return sidtab_insert(s, sid, context);
> + return selinux_ss_sidtab_insert(s, sid, context);
> }
>
> -static inline int convert_context_handle_invalid_context(struct context
> *context)
> +static inline int convert_context_handle_invalid_context(struct
> selinux_ss_context *context)
> {
> int rc = 0;
>
> @@ -1571,8 +1571,8 @@ static inline int
> convert_context_handle_invalid_context(struct context *context
> }
>
> struct convert_context_args {
> - struct policydb *oldp;
> - struct policydb *newp;
> + struct selinux_ss_policydb *oldp;
> + struct selinux_ss_policydb *newp;
> };
>
> /*
> @@ -1583,14 +1583,14 @@ struct convert_context_args {
> * context is valid under the new policy.
> */
> static int convert_context(u32 key,
> - struct context *c,
> + struct selinux_ss_context *c,
> void *p)
> {
> struct convert_context_args *args;
> - struct context oldc;
> - struct role_datum *role;
> - struct type_datum *typdatum;
> - struct user_datum *usrdatum;
> + struct selinux_ss_context oldc;
> + struct selinux_ss_role_datum *role;
> + struct selinux_ss_type_datum *typdatum;
> + struct selinux_ss_user_datum *usrdatum;
> char *s;
> u32 len;
> int rc;
> @@ -1598,7 +1598,7 @@ static int convert_context(u32 key,
> args = p;
>
> if (c->str) {
> - struct context ctx;
> + struct selinux_ss_context ctx;
> s = kstrdup(c->str, GFP_KERNEL);
> if (!s) {
> rc = -ENOMEM;
> @@ -1694,7 +1694,7 @@ static void selinux_load_policycaps(void)
> }
>
> extern void selinux_complete_init(void);
> -static int security_preserve_bools(struct policydb *p);
> +static int security_preserve_bools(struct selinux_ss_policydb *p);
>
> /**
> * selinux_load_policy - Load a security policy configuration.
> @@ -1708,12 +1708,12 @@ static int security_preserve_bools(struct
> policydb *p);
> */
> int selinux_ss_load_policy(void *data, size_t len)
> {
> - struct policydb oldpolicydb, newpolicydb;
> - struct sidtab oldsidtab, newsidtab;
> + struct selinux_ss_policydb oldpolicydb, newpolicydb;
> + struct selinux_ss_sidtab oldsidtab, newsidtab;
> struct convert_context_args args;
> u32 seqno;
> int rc = 0;
> - struct policy_file file = { data, len }, *fp = &file;
> + struct selinux_ss_policy_file file = { data, len }, *fp = &file;
>
> if (!ss_initialized) {
> selinux_ss_avtab_cache_init();
> @@ -1730,7 +1730,7 @@ int selinux_ss_load_policy(void *data, size_t len)
> if (validate_classes(&policydb)) {
> printk(KERN_ERR
> "SELinux: the definition of a class is incorrect\n");
> - sidtab_destroy(&sidtab);
> + selinux_ss_sidtab_destroy(&sidtab);
> policydb_destroy(&policydb);
> selinux_ss_avtab_cache_destroy();
> return -EINVAL;
> @@ -1748,13 +1748,13 @@ int selinux_ss_load_policy(void *data, size_t
> len)
> }
>
> #if 0
> - sidtab_hash_eval(&sidtab, "sids");
> + selinux_ss_sidtab_hash_eval(&sidtab, "sids");
> #endif
>
> if (policydb_read(&newpolicydb, fp))
> return -EINVAL;
>
> - if (sidtab_init(&newsidtab)) {
> + if (selinux_ss_sidtab_init(&newsidtab)) {
> policydb_destroy(&newpolicydb);
> return -ENOMEM;
> }
> @@ -1774,8 +1774,8 @@ int selinux_ss_load_policy(void *data, size_t len)
> }
>
> /* Clone the SID table. */
> - sidtab_shutdown(&sidtab);
> - if (sidtab_map(&sidtab, clone_sid, &newsidtab)) {
> + selinux_ss_sidtab_shutdown(&sidtab);
> + if (selinux_ss_sidtab_map(&sidtab, clone_sid, &newsidtab)) {
> rc = -ENOMEM;
> goto err;
> }
> @@ -1786,18 +1786,18 @@ int selinux_ss_load_policy(void *data, size_t
> len)
> */
> args.oldp = &policydb;
> args.newp = &newpolicydb;
> - rc = sidtab_map(&newsidtab, convert_context, &args);
> + rc = selinux_ss_sidtab_map(&newsidtab, convert_context, &args);
> if (rc)
> goto err;
>
> /* Save the old policydb and SID table to free later. */
> memcpy(&oldpolicydb, &policydb, sizeof policydb);
> - sidtab_set(&oldsidtab, &sidtab);
> + selinux_ss_sidtab_set(&oldsidtab, &sidtab);
>
> /* Install the new policydb and SID table. */
> write_lock_irq(&policy_rwlock);
> memcpy(&policydb, &newpolicydb, sizeof policydb);
> - sidtab_set(&sidtab, &newsidtab);
> + selinux_ss_sidtab_set(&sidtab, &newsidtab);
> selinux_load_policycaps();
> seqno = ++latest_granting;
> policydb_loaded_version = policydb.policyvers;
> @@ -1805,7 +1805,7 @@ int selinux_ss_load_policy(void *data, size_t len)
>
> /* Free the old policydb and SID table. */
> policydb_destroy(&oldpolicydb);
> - sidtab_destroy(&oldsidtab);
> + selinux_ss_sidtab_destroy(&oldsidtab);
>
> selinux_avc_ss_reset(seqno);
> selnl_notify_policyload(seqno);
> @@ -1815,7 +1815,7 @@ int selinux_ss_load_policy(void *data, size_t len)
> return 0;
>
> err:
> - sidtab_destroy(&newsidtab);
> + selinux_ss_sidtab_destroy(&newsidtab);
> policydb_destroy(&newpolicydb);
> return rc;
>
> @@ -1829,7 +1829,7 @@ err:
> */
> int selinux_ss_port_sid(u8 protocol, u16 port, u32 *out_sid)
> {
> - struct ocontext *c;
> + struct selinux_ss_ocontext *c;
> int rc = 0;
>
> read_lock(&policy_rwlock);
> @@ -1845,7 +1845,7 @@ int selinux_ss_port_sid(u8 protocol, u16 port, u32
> *out_sid)
>
> if (c) {
> if (!c->sid[0]) {
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[0],
> &c->sid[0]);
> if (rc)
> @@ -1869,7 +1869,7 @@ out:
> int selinux_ss_netif_sid(char *name, u32 *if_sid)
> {
> int rc = 0;
> - struct ocontext *c;
> + struct selinux_ss_ocontext *c;
>
> read_lock(&policy_rwlock);
>
> @@ -1882,12 +1882,12 @@ int selinux_ss_netif_sid(char *name, u32
> *if_sid)
>
> if (c) {
> if (!c->sid[0] || !c->sid[1]) {
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[0],
> &c->sid[0]);
> if (rc)
> goto out;
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[1],
> &c->sid[1]);
> if (rc)
> @@ -1928,7 +1928,7 @@ int selinux_ss_node_sid(u16 domain,
> u32 *out_sid)
> {
> int rc = 0;
> - struct ocontext *c;
> + struct selinux_ss_ocontext *c;
>
> read_lock(&policy_rwlock);
>
> @@ -1973,7 +1973,7 @@ int selinux_ss_node_sid(u16 domain,
>
> if (c) {
> if (!c->sid[0]) {
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[0],
> &c->sid[0]);
> if (rc)
> @@ -2010,11 +2010,11 @@ int selinux_ss_get_user_sids(u32 fromsid,
> u32 **sids,
> u32 *nel)
> {
> - struct context *fromcon, usercon;
> + struct selinux_ss_context *fromcon, usercon;
> u32 *mysids = NULL, *mysids2, sid;
> u32 mynel = 0, maxnel = SIDS_NEL;
> - struct user_datum *user;
> - struct role_datum *role;
> + struct selinux_ss_user_datum *user;
> + struct selinux_ss_role_datum *role;
> struct selinux_ss_ebitmap_node *rnode, *tnode;
> int rc = 0, i, j;
>
> @@ -2028,7 +2028,7 @@ int selinux_ss_get_user_sids(u32 fromsid,
>
> context_init(&usercon);
>
> - fromcon = sidtab_search(&sidtab, fromsid);
> + fromcon = selinux_ss_sidtab_search(&sidtab, fromsid);
> if (!fromcon) {
> rc = -EINVAL;
> goto out_unlock;
> @@ -2056,7 +2056,7 @@ int selinux_ss_get_user_sids(u32 fromsid,
> if (mls_setup_user_range(fromcon, user, &usercon))
> continue;
>
> - rc = sidtab_context_to_sid(&sidtab, &usercon, &sid);
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab, &usercon, &sid);
> if (rc)
> goto out_unlock;
> if (mynel < maxnel) {
> @@ -2123,8 +2123,8 @@ int selinux_ss_genfs_sid(const char *fstype,
> u32 *sid)
> {
> int len;
> - struct genfs *genfs;
> - struct ocontext *c;
> + struct selinux_ss_genfs *genfs;
> + struct selinux_ss_ocontext *c;
> int rc = 0, cmp = 0;
>
> while (path[0] == '/' && path[1] == '/')
> @@ -2158,7 +2158,7 @@ int selinux_ss_genfs_sid(const char *fstype,
> }
>
> if (!c->sid[0]) {
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[0],
> &c->sid[0]);
> if (rc)
> @@ -2183,7 +2183,7 @@ int selinux_ss_fs_use(
> u32 *sid)
> {
> int rc = 0;
> - struct ocontext *c;
> + struct selinux_ss_ocontext *c;
>
> read_lock(&policy_rwlock);
>
> @@ -2197,7 +2197,7 @@ int selinux_ss_fs_use(
> if (c) {
> *behavior = c->v.behavior;
> if (!c->sid[0]) {
> - rc = sidtab_context_to_sid(&sidtab,
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab,
> &c->context[0],
> &c->sid[0]);
> if (rc)
> @@ -2333,7 +2333,7 @@ out:
> return rc;
> }
>
> -static int security_preserve_bools(struct policydb *p)
> +static int security_preserve_bools(struct selinux_ss_policydb *p)
> {
> int rc, nbools = 0, *bvalues = NULL, i;
> char **bnames = NULL;
> @@ -2370,9 +2370,9 @@ out:
> */
> int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
> {
> - struct context *context1;
> - struct context *context2;
> - struct context newcon;
> + struct selinux_ss_context *context1;
> + struct selinux_ss_context *context2;
> + struct selinux_ss_context newcon;
> char *s;
> u32 len;
> int rc = 0;
> @@ -2385,7 +2385,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
> u32 *new_sid)
> context_init(&newcon);
>
> read_lock(&policy_rwlock);
> - context1 = sidtab_search(&sidtab, sid);
> + context1 = selinux_ss_sidtab_search(&sidtab, sid);
> if (!context1) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, sid);
> @@ -2393,7 +2393,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
> u32 *new_sid)
> goto out_unlock;
> }
>
> - context2 = sidtab_search(&sidtab, mls_sid);
> + context2 = selinux_ss_sidtab_search(&sidtab, mls_sid);
> if (!context2) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, mls_sid);
> @@ -2415,7 +2415,7 @@ int selinux_ss_sid_mls_copy(u32 sid, u32 mls_sid,
> u32 *new_sid)
> goto bad;
> }
>
> - rc = sidtab_context_to_sid(&sidtab, &newcon, new_sid);
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab, &newcon, new_sid);
> goto out_unlock;
>
> bad:
> @@ -2457,8 +2457,8 @@ int selinux_ss_net_peersid_resolve(u32 nlbl_sid,
> u32 nlbl_type,
> u32 *peer_sid)
> {
> int rc;
> - struct context *nlbl_ctx;
> - struct context *xfrm_ctx;
> + struct selinux_ss_context *nlbl_ctx;
> + struct selinux_ss_context *xfrm_ctx;
>
> /* handle the common (which also happens to be the set of easy) cases
> * right away, these two if statements catch everything involving a
> @@ -2485,14 +2485,14 @@ int selinux_ss_net_peersid_resolve(u32 nlbl_sid,
> u32 nlbl_type,
>
> read_lock(&policy_rwlock);
>
> - nlbl_ctx = sidtab_search(&sidtab, nlbl_sid);
> + nlbl_ctx = selinux_ss_sidtab_search(&sidtab, nlbl_sid);
> if (!nlbl_ctx) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, nlbl_sid);
> rc = -EINVAL;
> goto out_slowpath;
> }
> - xfrm_ctx = sidtab_search(&sidtab, xfrm_sid);
> + xfrm_ctx = selinux_ss_sidtab_search(&sidtab, xfrm_sid);
> if (!xfrm_ctx) {
> printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
> __func__, xfrm_sid);
> @@ -2517,7 +2517,7 @@ out_slowpath:
>
> static int get_classes_callback(void *k, void *d, void *args)
> {
> - struct class_datum *datum = d;
> + struct selinux_ss_class_datum *datum = d;
> char *name = k, **classes = args;
> int value = datum->value - 1;
>
> @@ -2555,7 +2555,7 @@ out:
>
> static int get_permissions_callback(void *k, void *d, void *args)
> {
> - struct perm_datum *datum = d;
> + struct selinux_ss_perm_datum *datum = d;
> char *name = k, **perms = args;
> int value = datum->value - 1;
>
> @@ -2569,7 +2569,7 @@ static int get_permissions_callback(void *k, void
> *d, void *args)
> int selinux_ss_get_permissions(char *class, char ***perms, int *nperms)
> {
> int rc = -ENOMEM, i;
> - struct class_datum *match;
> + struct selinux_ss_class_datum *match;
>
> read_lock(&policy_rwlock);
>
> @@ -2643,7 +2643,7 @@ int selinux_ss_policycap_supported(unsigned int
> req_cap)
>
> struct selinux_audit_rule {
> u32 au_seqno;
> - struct context au_ctxt;
> + struct selinux_ss_context au_ctxt;
> };
>
> void selinux_audit_rule_free(void *vrule)
> @@ -2659,9 +2659,9 @@ void selinux_audit_rule_free(void *vrule)
> int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void
> **vrule)
> {
> struct selinux_audit_rule *tmprule;
> - struct role_datum *roledatum;
> - struct type_datum *typedatum;
> - struct user_datum *userdatum;
> + struct selinux_ss_role_datum *roledatum;
> + struct selinux_ss_type_datum *typedatum;
> + struct selinux_ss_user_datum *userdatum;
> struct selinux_audit_rule **rule = (struct selinux_audit_rule
> **)vrule;
> int rc = 0;
>
> @@ -2777,7 +2777,7 @@ int selinux_audit_rule_known(struct audit_krule
> *rule)
> int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
> struct audit_context *actx)
> {
> - struct context *ctxt;
> + struct selinux_ss_context *ctxt;
> struct mls_level *level;
> struct selinux_audit_rule *rule = vrule;
> int match = 0;
> @@ -2797,7 +2797,7 @@ int selinux_audit_rule_match(u32 sid, u32 field,
> u32 op, void *vrule,
> goto out;
> }
>
> - ctxt = sidtab_search(&sidtab, sid);
> + ctxt = selinux_ss_sidtab_search(&sidtab, sid);
> if (!ctxt) {
> audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
> "selinux_audit_rule_match: unrecognized SID %d\n",
> @@ -2962,8 +2962,8 @@ int selinux_ss_netlbl_secattr_to_sid(struct
> netlbl_lsm_secattr *secattr,
> u32 *sid)
> {
> int rc = -EIDRM;
> - struct context *ctx;
> - struct context ctx_new;
> + struct selinux_ss_context *ctx;
> + struct selinux_ss_context ctx_new;
>
> if (!ss_initialized) {
> *sid = SECSID_NULL;
> @@ -2979,7 +2979,7 @@ int selinux_ss_netlbl_secattr_to_sid(struct
> netlbl_lsm_secattr *secattr,
> *sid = secattr->attr.secid;
> rc = 0;
> } else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) {
> - ctx = sidtab_search(&sidtab, SECINITSID_NETMSG);
> + ctx = selinux_ss_sidtab_search(&sidtab, SECINITSID_NETMSG);
> if (ctx == NULL)
> goto netlbl_secattr_to_sid_return;
>
> @@ -2999,7 +2999,7 @@ int selinux_ss_netlbl_secattr_to_sid(struct
> netlbl_lsm_secattr *secattr,
> if (mls_context_isvalid(&policydb, &ctx_new) != 1)
> goto netlbl_secattr_to_sid_return_cleanup;
>
> - rc = sidtab_context_to_sid(&sidtab, &ctx_new, sid);
> + rc = selinux_ss_sidtab_context_to_sid(&sidtab, &ctx_new, sid);
> if (rc != 0)
> goto netlbl_secattr_to_sid_return_cleanup;
>
> @@ -3032,13 +3032,13 @@ netlbl_secattr_to_sid_return_cleanup:
> int selinux_ss_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr
> *secattr)
> {
> int rc;
> - struct context *ctx;
> + struct selinux_ss_context *ctx;
>
> if (!ss_initialized)
> return 0;
>
> read_lock(&policy_rwlock);
> - ctx = sidtab_search(&sidtab, sid);
> + ctx = selinux_ss_sidtab_search(&sidtab, sid);
> if (ctx == NULL) {
> rc = -ENOENT;
> goto netlbl_sid_to_secattr_failure;
> diff --git a/security/selinux/ss/services.h
> b/security/selinux/ss/services.h
> index e8d907e..9d42e9d 100644
> --- a/security/selinux/ss/services.h
> +++ b/security/selinux/ss/services.h
> @@ -9,7 +9,7 @@
> #include "policydb.h"
> #include "sidtab.h"
>
> -extern struct policydb policydb;
> +extern struct selinux_ss_policydb policydb;
>
> #endif /* _SS_SERVICES_H_ */
>
> diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
> index e817989..294ede4 100644
> --- a/security/selinux/ss/sidtab.c
> +++ b/security/selinux/ss/sidtab.c
> @@ -14,7 +14,7 @@
> #define SIDTAB_HASH(sid) \
> (sid & SIDTAB_HASH_MASK)
>
> -int sidtab_init(struct sidtab *s)
> +int selinux_ss_sidtab_init(struct selinux_ss_sidtab *s)
> {
> int i;
>
> @@ -30,10 +30,10 @@ int sidtab_init(struct sidtab *s)
> return 0;
> }
>
> -int sidtab_insert(struct sidtab *s, u32 sid, struct context *context)
> +int selinux_ss_sidtab_insert(struct selinux_ss_sidtab *s, u32 sid,
> struct selinux_ss_context *context)
> {
> int hvalue, rc = 0;
> - struct sidtab_node *prev, *cur, *newnode;
> + struct selinux_ss_sidtab_node *prev, *cur, *newnode;
>
> if (!s) {
> rc = -ENOMEM;
> @@ -82,10 +82,10 @@ out:
> return rc;
> }
>
> -static struct context *sidtab_search_core(struct sidtab *s, u32 sid,
> int force)
> +static struct selinux_ss_context *selinux_ss_sidtab_search_core(struct
> selinux_ss_sidtab *s, u32 sid, int force)
> {
> int hvalue;
> - struct sidtab_node *cur;
> + struct selinux_ss_sidtab_node *cur;
>
> if (!s)
> return NULL;
> @@ -112,24 +112,24 @@ static struct context *sidtab_search_core(struct
> sidtab *s, u32 sid, int force)
> return &cur->context;
> }
>
> -struct context *sidtab_search(struct sidtab *s, u32 sid)
> +struct selinux_ss_context *selinux_ss_sidtab_search(struct
> selinux_ss_sidtab *s, u32 sid)
> {
> - return sidtab_search_core(s, sid, 0);
> + return selinux_ss_sidtab_search_core(s, sid, 0);
> }
>
> -struct context *sidtab_search_force(struct sidtab *s, u32 sid)
> +struct selinux_ss_context *selinux_ss_sidtab_search_force(struct
> selinux_ss_sidtab *s, u32 sid)
> {
> - return sidtab_search_core(s, sid, 1);
> + return selinux_ss_sidtab_search_core(s, sid, 1);
> }
>
> -int sidtab_map(struct sidtab *s,
> +int selinux_ss_sidtab_map(struct selinux_ss_sidtab *s,
> int (*apply) (u32 sid,
> - struct context *context,
> + struct selinux_ss_context *context,
> void *args),
> void *args)
> {
> int i, rc = 0;
> - struct sidtab_node *cur;
> + struct selinux_ss_sidtab_node *cur;
>
> if (!s)
> goto out;
> @@ -147,11 +147,11 @@ out:
> return rc;
> }
>
> -static inline u32 sidtab_search_context(struct sidtab *s,
> - struct context *context)
> +static inline u32 selinux_ss_sidtab_search_context(struct
> selinux_ss_sidtab *s,
> + struct selinux_ss_context *context)
> {
> int i;
> - struct sidtab_node *cur;
> + struct selinux_ss_sidtab_node *cur;
>
> for (i = 0; i < SIDTAB_SIZE; i++) {
> cur = s->htable[i];
> @@ -164,8 +164,8 @@ static inline u32 sidtab_search_context(struct
> sidtab *s,
> return 0;
> }
>
> -int sidtab_context_to_sid(struct sidtab *s,
> - struct context *context,
> +int selinux_ss_sidtab_context_to_sid(struct selinux_ss_sidtab *s,
> + struct selinux_ss_context *context,
> u32 *out_sid)
> {
> u32 sid;
> @@ -174,11 +174,11 @@ int sidtab_context_to_sid(struct sidtab *s,
>
> *out_sid = SECSID_NULL;
>
> - sid = sidtab_search_context(s, context);
> + sid = selinux_ss_sidtab_search_context(s, context);
> if (!sid) {
> spin_lock_irqsave(&s->lock, flags);
> /* Rescan now that we hold the lock. */
> - sid = sidtab_search_context(s, context);
> + sid = selinux_ss_sidtab_search_context(s, context);
> if (sid)
> goto unlock_out;
> /* No SID exists for the context. Allocate a new one. */
> @@ -191,7 +191,7 @@ int sidtab_context_to_sid(struct sidtab *s,
> printk(KERN_INFO
> "SELinux: Context %s is not valid (left unmapped).\n",
> context->str);
> - ret = sidtab_insert(s, sid, context);
> + ret = selinux_ss_sidtab_insert(s, sid, context);
> if (ret)
> s->next_sid--;
> unlock_out:
> @@ -205,10 +205,10 @@ unlock_out:
> return 0;
> }
>
> -void sidtab_hash_eval(struct sidtab *h, char *tag)
> +void selinux_ss_sidtab_hash_eval(struct selinux_ss_sidtab *h, char
> *tag)
> {
> int i, chain_len, slots_used, max_chain_len;
> - struct sidtab_node *cur;
> + struct selinux_ss_sidtab_node *cur;
>
> slots_used = 0;
> max_chain_len = 0;
> @@ -232,10 +232,10 @@ void sidtab_hash_eval(struct sidtab *h, char *tag)
> max_chain_len);
> }
>
> -void sidtab_destroy(struct sidtab *s)
> +void selinux_ss_sidtab_destroy(struct selinux_ss_sidtab *s)
> {
> int i;
> - struct sidtab_node *cur, *temp;
> + struct selinux_ss_sidtab_node *cur, *temp;
>
> if (!s)
> return;
> @@ -256,7 +256,7 @@ void sidtab_destroy(struct sidtab *s)
> s->next_sid = 1;
> }
>
> -void sidtab_set(struct sidtab *dst, struct sidtab *src)
> +void selinux_ss_sidtab_set(struct selinux_ss_sidtab *dst, struct
> selinux_ss_sidtab *src)
> {
> unsigned long flags;
>
> @@ -268,7 +268,7 @@ void sidtab_set(struct sidtab *dst, struct sidtab
> *src)
> spin_unlock_irqrestore(&src->lock, flags);
> }
>
> -void sidtab_shutdown(struct sidtab *s)
> +void selinux_ss_sidtab_shutdown(struct selinux_ss_sidtab *s)
> {
> unsigned long flags;
>
> diff --git a/security/selinux/ss/sidtab.h b/security/selinux/ss/sidtab.h
> index 64ea5b1..a48ab7f 100644
> --- a/security/selinux/ss/sidtab.h
> +++ b/security/selinux/ss/sidtab.h
> @@ -9,10 +9,10 @@
>
> #include "context.h"
>
> -struct sidtab_node {
> +struct selinux_ss_sidtab_node {
> u32 sid; /* security identifier */
> - struct context context; /* security context structure */
> - struct sidtab_node *next;
> + struct selinux_ss_context context; /* security context structure */
> + struct selinux_ss_sidtab_node *next;
> };
>
> #define SIDTAB_HASH_BITS 7
> @@ -21,33 +21,33 @@ struct sidtab_node {
>
> #define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
>
> -struct sidtab {
> - struct sidtab_node **htable;
> +struct selinux_ss_sidtab {
> + struct selinux_ss_sidtab_node **htable;
> unsigned int nel; /* number of elements */
> unsigned int next_sid; /* next SID to allocate */
> unsigned char shutdown;
> spinlock_t lock;
> };
>
> -int sidtab_init(struct sidtab *s);
> -int sidtab_insert(struct sidtab *s, u32 sid, struct context *context);
> -struct context *sidtab_search(struct sidtab *s, u32 sid);
> -struct context *sidtab_search_force(struct sidtab *s, u32 sid);
> +int selinux_ss_sidtab_init(struct selinux_ss_sidtab *s);
> +int selinux_ss_sidtab_insert(struct selinux_ss_sidtab *s, u32 sid,
> struct selinux_ss_context *context);
> +struct selinux_ss_context *selinux_ss_sidtab_search(struct
> selinux_ss_sidtab *s, u32 sid);
> +struct selinux_ss_context *selinux_ss_sidtab_search_force(struct
> selinux_ss_sidtab *s, u32 sid);
>
> -int sidtab_map(struct sidtab *s,
> +int selinux_ss_sidtab_map(struct selinux_ss_sidtab *s,
> int (*apply) (u32 sid,
> - struct context *context,
> + struct selinux_ss_context *context,
> void *args),
> void *args);
>
> -int sidtab_context_to_sid(struct sidtab *s,
> - struct context *context,
> +int selinux_ss_sidtab_context_to_sid(struct selinux_ss_sidtab *s,
> + struct selinux_ss_context *context,
> u32 *sid);
>
> -void sidtab_hash_eval(struct sidtab *h, char *tag);
> -void sidtab_destroy(struct sidtab *s);
> -void sidtab_set(struct sidtab *dst, struct sidtab *src);
> -void sidtab_shutdown(struct sidtab *s);
> +void selinux_ss_sidtab_hash_eval(struct selinux_ss_sidtab *h, char
> *tag);
> +void selinux_ss_sidtab_destroy(struct selinux_ss_sidtab *s);
> +void selinux_ss_sidtab_set(struct selinux_ss_sidtab *dst, struct
> selinux_ss_sidtab *src);
> +void selinux_ss_sidtab_shutdown(struct selinux_ss_sidtab *s);
>
> #endif /* _SS_SIDTAB_H_ */
>
> diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c
> index 7ef607d..4a8a122 100644
> --- a/security/selinux/ss/symtab.c
> +++ b/security/selinux/ss/symtab.c
> @@ -33,7 +33,7 @@ static int symcmp(struct selinux_ss_hashtab *h, const
> void *key1, const void *ke
> }
>
>
> -int symtab_init(struct symtab *s, unsigned int size)
> +int selinux_ss_symtab_init(struct selinux_ss_symtab *s, unsigned int
> size)
> {
> s->table = selinux_ss_hashtab_create(symhash, symcmp, size);
> if (!s->table)
> diff --git a/security/selinux/ss/symtab.h b/security/selinux/ss/symtab.h
> index 4166ae4..80aa9e6 100644
> --- a/security/selinux/ss/symtab.h
> +++ b/security/selinux/ss/symtab.h
> @@ -11,12 +11,12 @@
>
> #include "hashtab.h"
>
> -struct symtab {
> +struct selinux_ss_symtab {
> struct selinux_ss_hashtab *table; /* hash table (keyed on a string) */
> u32 nprim; /* number of primary names in table */
> };
>
> -int symtab_init(struct symtab *s, unsigned int size);
> +int selinux_ss_symtab_init(struct selinux_ss_symtab *s, unsigned int
> size);
>
> #endif /* _SS_SYMTAB_H_ */
>
> --
> 1.6.2.5
>
>
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
> the words "unsubscribe selinux" without quotes as the message.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
