diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c --- a/sys/security/mac_do/mac_do.c +++ b/sys/security/mac_do/mac_do.c @@ -146,7 +146,7 @@ typedef uint16_t id_type_t; struct rule { - TAILQ_ENTRY(rule) r_entries; + STAILQ_ENTRY(rule) r_entries; id_type_t from_type; int from_id; flags_t uid_flags; /* See MDF_* above. */ @@ -157,7 +157,7 @@ struct id_spec *gids; }; -TAILQ_HEAD(rulehead, rule); +STAILQ_HEAD(rulehead, rule); struct rules { char string[MAC_RULE_STRING_LEN]; @@ -170,11 +170,11 @@ */ struct id_elem { - TAILQ_ENTRY(id_elem) ie_entries; + STAILQ_ENTRY(id_elem) ie_entries; struct id_spec spec; }; -TAILQ_HEAD(id_list, id_elem); +STAILQ_HEAD(id_list, id_elem); #ifdef INVARIANTS static void @@ -313,7 +313,7 @@ struct rulehead *const head = &rules->head; struct rule *rule, *rule_next; - TAILQ_FOREACH_SAFE(rule, head, r_entries, rule_next) { + STAILQ_FOREACH_SAFE(rule, head, r_entries, rule_next) { free(rule->uids, M_DO); free(rule->gids, M_DO); free(rule, M_DO); @@ -328,7 +328,7 @@ _Static_assert(MAC_RULE_STRING_LEN > 0, "MAC_RULE_STRING_LEN <= 0!"); rules->string[0] = 0; - TAILQ_INIT(&rules->head); + STAILQ_INIT(&rules->head); rules->use_count = 0; return (rules); } @@ -702,7 +702,7 @@ } ie = malloc(sizeof(*ie), M_DO, M_WAITOK); ie->spec = is; - TAILQ_INSERT_TAIL(list, ie, ie_entries); + STAILQ_INSERT_TAIL(list, ie, ie_entries); check_type_and_id_spec(type, &is); check_type_and_finish: check_type_and_type_flags(type, *tflags); @@ -748,14 +748,14 @@ size_t idx = 0; /* Fill the array. */ - TAILQ_FOREACH_SAFE(ie, list, ie_entries, ie_next) { + STAILQ_FOREACH_SAFE(ie, list, ie_entries, ie_next) { MPASS(idx < *nb); array[idx] = ie->spec; free(ie, M_DO); ++idx; } MPASS(idx == *nb); - TAILQ_INIT(list); + STAILQ_INIT(list); /* Sort it (by ID). */ qsort(array, *nb, sizeof(*array), id_spec_cmp); @@ -820,8 +820,8 @@ int error; MPASS(*parse_error == NULL); - TAILQ_INIT(&uid_list); - TAILQ_INIT(&gid_list); + STAILQ_INIT(&uid_list); + STAILQ_INIT(&gid_list); /* Freed when the 'struct rules' container is freed. */ new = malloc(sizeof(*new), M_DO, M_WAITOK | M_ZERO); @@ -890,7 +890,7 @@ if (error != 0) goto einval; } - MPASS(TAILQ_EMPTY(&uid_list)); + MPASS(STAILQ_EMPTY(&uid_list)); if (!has_clauses(new->uids_nb, new->uid_flags)) { /* No UID specified, default is "uid=.". */ MPASS(new->uid_flags == 0); @@ -906,7 +906,7 @@ if (error != 0) goto einval; } - MPASS(TAILQ_EMPTY(&gid_list)); + MPASS(STAILQ_EMPTY(&gid_list)); if (!has_clauses(new->gids_nb, new->gid_flags)) { /* No GID specified, default is "gid=.,gid=!.". */ MPASS(new->gid_flags == 0); @@ -915,16 +915,16 @@ check_type_and_type_flags(IT_GID, new->gid_flags); } - TAILQ_INSERT_TAIL(&rules->head, new, r_entries); + STAILQ_INSERT_TAIL(&rules->head, new, r_entries); return (0); einval: free(new->gids, M_DO); free(new->uids, M_DO); free(new, M_DO); - TAILQ_FOREACH_SAFE(ie, &gid_list, ie_entries, ie_next) + STAILQ_FOREACH_SAFE(ie, &gid_list, ie_entries, ie_next) free(ie, M_DO); - TAILQ_FOREACH_SAFE(ie, &uid_list, ie_entries, ie_next) + STAILQ_FOREACH_SAFE(ie, &uid_list, ie_entries, ie_next) free(ie, M_DO); MPASS(*parse_error != NULL); return (EINVAL); @@ -1234,7 +1234,7 @@ rules = find_rules(pr, &ppr); jsys = pr == ppr ? - (TAILQ_EMPTY(&rules->head) ? JAIL_SYS_DISABLE : JAIL_SYS_NEW) : + (STAILQ_EMPTY(&rules->head) ? JAIL_SYS_DISABLE : JAIL_SYS_NEW) : JAIL_SYS_INHERIT; error = vfs_setopt(opts, "mac.do", &jsys, sizeof(jsys)); if (error != 0 && error != ENOENT) @@ -1841,7 +1841,7 @@ * privilege granting functions interpreting the "to"/"target" part. */ error = EPERM; - TAILQ_FOREACH(rule, &rules->head, r_entries) + STAILQ_FOREACH(rule, &rules->head, r_entries) if (rule_applies(rule, cred)) { error = rule_grant_setcred(rule, cred, new_cred); if (error != EPERM) @@ -2019,7 +2019,7 @@ /* * Check for (supplementary) mandatory and forbidden groups. */ - TAILQ_FOREACH(rule, &data->hdr.rules->head, r_entries) { + STAILQ_FOREACH(rule, &data->hdr.rules->head, r_entries) { if (rule_applies(rule, old_cred)) { int error = rule_check_set_supplementary_groups(rule, old_cred, new_cred);