diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -406,7 +406,7 @@
 }
 
 static bool
-rule_is_valid(struct ucred *cred, struct rule *r)
+rule_applies(struct ucred *cred, struct rule *r)
 {
 	if (r->from_type == RULE_UID && r->f_uid == cred->cr_uid)
 		return (true);
@@ -427,7 +427,7 @@
 
 	rule = mac_do_rule_find(cred->cr_prison, &pr);
 	TAILQ_FOREACH(r, &rule->head, r_entries) {
-		if (rule_is_valid(cred, r)) {
+		if (rule_applies(cred, r)) {
 			switch (priv) {
 			case PRIV_CRED_SETGROUPS:
 			case PRIV_CRED_SETUID:
@@ -466,7 +466,7 @@
 
 	rule = mac_do_rule_find(cred->cr_prison, &pr);
 	TAILQ_FOREACH(r, &rule->head, r_entries) {
-		if (rule_is_valid(cred, r)) {
+		if (rule_applies(cred, r)) {
 			mtx_unlock(&pr->pr_mtx);
 			return (0);
 		}