diff --git a/sys/security/mac/mac_internal.h b/sys/security/mac/mac_internal.h --- a/sys/security/mac/mac_internal.h +++ b/sys/security/mac/mac_internal.h @@ -56,13 +56,6 @@ #include #include -/* - * MAC Framework sysctl namespace. - */ -#ifdef SYSCTL_DECL -SYSCTL_DECL(_security_mac); -#endif /* SYSCTL_DECL */ - /* * MAC Framework SDT DTrace probe namespace, macros for declaring entry * point probes, macros for invoking them. diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h --- a/sys/security/mac/mac_policy.h +++ b/sys/security/mac/mac_policy.h @@ -1064,4 +1064,19 @@ intptr_t mac_label_get(struct label *l, int slot); void mac_label_set(struct label *l, int slot, intptr_t v); +/* + * Common MAC Framework's sysctl and jail parameters' sysctl nodes' declarations. + * + * Headers and normally have to be included before + * this header as style(9) hints to. If they weren't, just forego the + * corresponding declarations, assuming they are not needed. + */ +#ifdef SYSCTL_DECL +SYSCTL_DECL(_security_mac); +#endif + +#ifdef SYSCTL_JAIL_PARAM_DECL +SYSCTL_JAIL_PARAM_DECL(mac); +#endif + #endif /* !_SECURITY_MAC_MAC_POLICY_H_ */ diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -88,8 +88,6 @@ #include #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, biba, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_biba policy controls"); diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -68,8 +68,6 @@ static struct mtx ugidfw_mtx; -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, bsdextended, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD extended BSD MAC policy controls"); diff --git a/sys/security/mac_grantbylabel/mac_grantbylabel.c b/sys/security/mac_grantbylabel/mac_grantbylabel.c --- a/sys/security/mac_grantbylabel/mac_grantbylabel.c +++ b/sys/security/mac_grantbylabel/mac_grantbylabel.c @@ -49,7 +49,6 @@ #define MAC_GRANTBYLABEL_FULLNAME "MAC/grantbylabel" -SYSCTL_DECL(_security_mac); SYSCTL_NODE(_security_mac, OID_AUTO, grantbylabel, CTLFLAG_RW, 0, "MAC/grantbylabel policy controls"); diff --git a/sys/security/mac_ifoff/mac_ifoff.c b/sys/security/mac_ifoff/mac_ifoff.c --- a/sys/security/mac_ifoff/mac_ifoff.c +++ b/sys/security/mac_ifoff/mac_ifoff.c @@ -58,8 +58,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, ifoff, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_ifoff policy controls"); diff --git a/sys/security/mac_ipacl/mac_ipacl.c b/sys/security/mac_ipacl/mac_ipacl.c --- a/sys/security/mac_ipacl/mac_ipacl.c +++ b/sys/security/mac_ipacl/mac_ipacl.c @@ -70,8 +70,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, ipacl, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_ipacl policy controls"); diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c --- a/sys/security/mac_lomac/mac_lomac.c +++ b/sys/security/mac_lomac/mac_lomac.c @@ -89,8 +89,6 @@ struct mtx mtx; }; -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, lomac, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_lomac policy controls"); diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -89,8 +89,6 @@ #include #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, mls, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_mls policy controls"); diff --git a/sys/security/mac_ntpd/mac_ntpd.c b/sys/security/mac_ntpd/mac_ntpd.c --- a/sys/security/mac_ntpd/mac_ntpd.c +++ b/sys/security/mac_ntpd/mac_ntpd.c @@ -34,8 +34,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, ntpd, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "mac_ntpd policy controls"); diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -61,8 +61,6 @@ #include #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, partition, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_partition policy controls"); diff --git a/sys/security/mac_pimd/mac_pimd.c b/sys/security/mac_pimd/mac_pimd.c --- a/sys/security/mac_pimd/mac_pimd.c +++ b/sys/security/mac_pimd/mac_pimd.c @@ -35,8 +35,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, pimd, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "mac_pimd policy controls"); diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -79,8 +79,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, portacl, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_portacl policy controls"); diff --git a/sys/security/mac_priority/mac_priority.c b/sys/security/mac_priority/mac_priority.c --- a/sys/security/mac_priority/mac_priority.c +++ b/sys/security/mac_priority/mac_priority.c @@ -35,8 +35,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, priority, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "mac_priority policy controls"); diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -59,8 +59,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, seeotheruids, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_seeotheruids policy controls"); diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c --- a/sys/security/mac_stub/mac_stub.c +++ b/sys/security/mac_stub/mac_stub.c @@ -88,8 +88,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, stub, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_stub policy controls"); diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c --- a/sys/security/mac_test/mac_test.c +++ b/sys/security/mac_test/mac_test.c @@ -78,8 +78,6 @@ #include -SYSCTL_DECL(_security_mac); - static SYSCTL_NODE(_security_mac, OID_AUTO, test, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "TrustedBSD mac_test policy controls"); diff --git a/sys/security/mac_veriexec/mac_veriexec.c b/sys/security/mac_veriexec/mac_veriexec.c --- a/sys/security/mac_veriexec/mac_veriexec.c +++ b/sys/security/mac_veriexec/mac_veriexec.c @@ -81,8 +81,6 @@ static int sysctl_mac_veriexec_db(SYSCTL_HANDLER_ARGS); static struct mac_policy_ops mac_veriexec_ops; -SYSCTL_DECL(_security_mac); - SYSCTL_NODE(_security_mac, OID_AUTO, veriexec, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "MAC/veriexec policy controls");