From 0b84f68300f282424f0bb085bea43739facd4459 Mon Sep 17 00:00:00 2001
From: Andrey Konovalov <andreyknvl@google.com>
Date: Thu, 11 Jun 2020 00:03:05 +0200
Subject: sys/linux: rename smack.txt to security_smack.txt

---
 sys/linux/security_smack.txt            | 217 ++++++++++++++++++++++++++++++++
 sys/linux/security_smack.txt.warn       |   3 +
 sys/linux/security_smack_386.const      |  13 ++
 sys/linux/security_smack_amd64.const    |  13 ++
 sys/linux/security_smack_arm.const      |  13 ++
 sys/linux/security_smack_arm64.const    |  13 ++
 sys/linux/security_smack_mips64le.const |  13 ++
 sys/linux/security_smack_ppc64le.const  |  13 ++
 sys/linux/smack.txt                     | 217 --------------------------------
 sys/linux/smack.txt.warn                |   3 -
 sys/linux/smack_386.const               |  13 --
 sys/linux/smack_amd64.const             |  13 --
 sys/linux/smack_arm.const               |  13 --
 sys/linux/smack_arm64.const             |  13 --
 sys/linux/smack_mips64le.const          |  13 --
 sys/linux/smack_ppc64le.const           |  13 --
 16 files changed, 298 insertions(+), 298 deletions(-)
 create mode 100644 sys/linux/security_smack.txt
 create mode 100644 sys/linux/security_smack.txt.warn
 create mode 100644 sys/linux/security_smack_386.const
 create mode 100644 sys/linux/security_smack_amd64.const
 create mode 100644 sys/linux/security_smack_arm.const
 create mode 100644 sys/linux/security_smack_arm64.const
 create mode 100644 sys/linux/security_smack_mips64le.const
 create mode 100644 sys/linux/security_smack_ppc64le.const
 delete mode 100644 sys/linux/smack.txt
 delete mode 100644 sys/linux/smack.txt.warn
 delete mode 100644 sys/linux/smack_386.const
 delete mode 100644 sys/linux/smack_amd64.const
 delete mode 100644 sys/linux/smack_arm.const
 delete mode 100644 sys/linux/smack_arm64.const
 delete mode 100644 sys/linux/smack_mips64le.const
 delete mode 100644 sys/linux/smack_ppc64le.const

(limited to 'sys/linux')

diff --git a/sys/linux/security_smack.txt b/sys/linux/security_smack.txt
new file mode 100644
index 000000000..ebde4e5aa
--- /dev/null
+++ b/sys/linux/security_smack.txt
@@ -0,0 +1,217 @@
+# Copyright 2018 syzkaller project authors. All rights reserved.
+# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+include <uapi/linux/fcntl.h>
+include <security/smack/smack.h>
+
+resource fd_smack_current[fd]
+
+type smack_labelnoz stringnoz
+
+smack_label {
+	label	smack_labelnoz
+	z	const[0, int8]
+} [packed]
+
+openat$smack_task_current(fd const[AT_FDCWD], file ptr[in, string["/proc/self/attr/current"]], flags const[O_RDWR], mode const[0]) fd_smack_current
+openat$smack_thread_current(fd const[AT_FDCWD], file ptr[in, string["/proc/thread-self/attr/current"]], flags const[O_RDWR], mode const[0]) fd_smack_current
+write$smack_current(fd fd_smack_current, data ptr[in, smack_label], len len[data])
+
+setxattr$smack_xattr_label(path ptr[in, filename], name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
+lsetxattr$smack_xattr_label(path ptr[in, filename], name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
+fsetxattr$smack_xattr_label(fd fd, name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
+
+smack_xattr_entry = "security.SMACK64", "security.SMACK64IPIN", "security.SMACK64IPOUT", "security.SMACK64EXEC", "security.SMACK64MMAP"
+
+setxattr$security_smack_transmute(path ptr[in, filename], name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
+lsetxattr$security_smack_transmute(path ptr[in, filename], name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
+fsetxattr$security_smack_transmute(fd fd, name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
+
+# -rwxatlbRWXATLB
+perm = "", "-", "r", "w", "rw", "x", "rx", "wx", "rwx", "a", "ra", "wa", "rwa", "xa", "rxa", "wxa", "rwxa", "t", "rt", "wt", "rwt", "xt", "rxt", "wxt", "rwxt", "at", "rat", "wat", "rwat", "xat", "rxat", "wxat", "rwxat", "b", "rb", "wb", "rwb", "xb", "rxb", "wxb", "rwxb", "ab", "rab", "wab", "rwab", "xab", "rxab", "wxab", "rwxab", "tb", "rtb", "wtb", "rwtb", "xtb", "rxtb", "wxtb", "rwxtb", "atb", "ratb", "watb", "rwatb", "xatb", "rxatb", "wxatb", "rwxatb", "l", "rl", "wl", "rwl", "xl", "rxl", "wxl", "rwxl", "al", "ral", "wal", "rwal", "xal", "rxal", "wxal", "rwxal", "tl", "rtl", "wtl", "rwtl", "xtl", "rxtl", "wxtl", "rwxtl", "atl", "ratl", "watl", "rwatl", "xatl", "rxatl", "wxatl", "rwxatl", "bl", "rbl", "wbl", "rwbl", "xbl", "rxbl", "wxbl", "rwxbl", "abl", "rabl", "wabl", "rwabl", "xabl", "rxabl", "wxabl", "rwxabl", "tbl", "rtbl", "wtbl", "rwtbl", "xtbl", "rxtbl", "wxtbl", "rwxtbl", "atbl", "ratbl", "watbl", "rwatbl", "xatbl", "rxatbl", "wxatbl", "rwxatbl"
+type smack_perm stringnoz[perm]
+
+smackfs_access {
+	subject	smack_labelnoz
+	sp0	const[' ', int8]
+	object	smack_labelnoz
+	sp1	const[' ', int8]
+	access	smack_perm
+	z	const[0, int8]
+} [packed]
+
+smackfs_change_access {
+	subject	smack_labelnoz
+	sp0	const[' ', int8]
+	object	smack_labelnoz
+	sp1	const[' ', int8]
+	allow	smack_perm
+	sp2	const[' ', int8]
+	deny	smack_perm
+	z	const[0, int8]
+} [packed]
+
+resource fd_smackfs_access[fd]
+smackfs_access_files = "/sys/fs/smackfs/access", "/sys/fs/smackfs/access2"
+openat$smackfs_access(fd const[AT_FDCWD], file ptr[in, string[smackfs_access_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_access
+write$smackfs_access(fd fd_smackfs_access, buf ptr[in, smackfs_access], count len[buf])
+read$smackfs_access(fd fd_smackfs_access, buf ptr[out, fmt[dec, intptr[0:1]]], count len[buf])
+
+# load, load2, load-self, load-self2
+resource fd_smackfs_load[fd]
+smackfs_load_files = "/sys/fs/smackfs/load", "/sys/fs/smackfs/load2", "/sys/fs/smackfs/load-self", "/sys/fs/smackfs/load-self2"
+openat$smackfs_load(fd const[AT_FDCWD], file ptr[in, string[smackfs_load_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_load
+write$smackfs_load(fd fd_smackfs_load, buf ptr[in, smackfs_access], count len[buf])
+
+# ambient, unconfined, syslog, revoke-subject
+resource fd_smackfs_label[fd]
+openat$smackfs_ambient(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ambient"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
+openat$smackfs_unconfined(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/unconfined"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
+openat$smackfs_revoke_subject(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/revoke-subject"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
+openat$smackfs_syslog(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/syslog"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
+write$smackfs_label(fd fd_smackfs_label, buf ptr[in, smack_label], count len[buf])
+
+resource fd_smackfs_change_rule[fd]
+openat$smackfs_change_rule(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/change-rule"]], flags const[O_RDWR], mode const[0]) fd_smackfs_change_rule
+write$smackfs_change_rule(fd fd_smackfs_change_rule, buf ptr[in, smackfs_change_access], count len[buf])
+
+smackfs_cipso_category {
+	cat	fmt[dec, int8[0:SMACK_CIPSO_MAXCATNUM]]
+	sp	const[' ', int8]
+}
+
+smackfs_cipso {
+	label	smack_labelnoz
+	sp0	const[' ', int8]
+# NEED: format specifiers with the given len ("%04d").
+# Kernel expects level to take exactly 4 (SMK_DIGITLEN) chars.
+# This affects lots of other fmt's in this file too.
+	level	fmt[dec, int8[0:SMACK_CIPSO_MAXLEVEL]]
+	sp1	const[' ', int8]
+	num	fmt[dec, len[cats]]
+	sp2	const[' ', int8]
+	cats	array[smackfs_cipso_category]
+	z	const[0, int8]
+} [packed]
+
+resource fd_smackfs_cipso[fd]
+smackfs_cipso_files = "/sys/fs/smackfs/cipso", "/sys/fs/smackfs/cipso2"
+openat$smackfs_cipso(fd const[AT_FDCWD], file ptr[in, string[smackfs_cipso_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_cipso
+write$smackfs_cipso(fd fd_smackfs_cipso, buf ptr[in, smackfs_cipso], count len[buf])
+
+# direct, doi, mapped
+resource fd_smackfs_cipsonum[fd]
+smackfs_cipsonum_files = "/sys/fs/smackfs/direct", "/sys/fs/smackfs/doi", "/sys/fs/smackfs/mapped"
+openat$smackfs_cipsonum(fd const[AT_FDCWD], file ptr[in, string[smackfs_cipsonum_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_cipsonum
+# It's ok to write number here without '\0'
+write$smackfs_cipsonum(fd fd_smackfs_cipsonum, buf ptr[in, fmt[dec, intptr]], count len[buf])
+read$smackfs_cipsonum(fd fd_smackfs_cipsonum, buf ptr[out, fmt[dec, intptr]], count len[buf])
+
+smack_ipv6 {
+	d1	fmt[hex, int8]
+	sp1	const[':', int8]
+	d2	fmt[hex, int8]
+	sp2	const[':', int8]
+	d3	fmt[hex, int8]
+	sp3	const[':', int8]
+	d4	fmt[hex, int8]
+	sp4	const[':', int8]
+	d5	fmt[hex, int8]
+	sp5	const[':', int8]
+	d6	fmt[hex, int8]
+	sp6	const[':', int8]
+	d7	fmt[hex, int8]
+	sp7	const[':', int8]
+	d8	fmt[hex, int8]
+} [packed]
+
+smack_ipv6host_wo_mask {
+	ipv6	smack_ipv6
+	sp	const[' ', int8]
+	label	smack_labelnoz
+	z	const[0, int8]
+} [packed]
+
+smack_ipv6host_w_mask {
+	ipv6	smack_ipv6
+	bs	const['/', int8]
+	mask	fmt[dec, int8]
+	sp	const[' ', int8]
+	label	smack_labelnoz
+	z	const[0, int8]
+} [packed]
+
+smack_ipv6host [
+	l1	smack_ipv6host_wo_mask
+	l2	smack_ipv6host_w_mask
+] [varlen]
+
+resource fd_smackfs_ipv6host[fd]
+openat$smackfs_ipv6host(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ipv6host"]], flags const[O_RDWR], mode const[0]) fd_smackfs_ipv6host
+write$smackfs_ipv6host(fd fd_smackfs_ipv6host, buf ptr[in, smack_ipv6host], count len[buf])
+
+smack_ipv4 {
+	d1	fmt[dec, int8]
+	sp1	const['.', int8]
+	d2	fmt[dec, int8]
+	sp2	const['.', int8]
+	d3	fmt[dec, int8]
+	sp3	const['.', int8]
+	d4	fmt[dec, int8]
+	sp4	const['.', int8]
+} [packed]
+
+smack_netlabel_wo_mask {
+	ipv4	smack_ipv4
+	sp	const[' ', int8]
+	label	smack_labelnoz
+	z	const[0, int8]
+} [packed]
+
+smack_netlabel_w_mask {
+	ipv4	smack_ipv4
+	bs	const['/', int8]
+	mask	fmt[dec, int8]
+	sp	const[' ', int8]
+	label	smack_labelnoz
+	z	const[0, int8]
+} [packed]
+
+smack_netlabel [
+	l1	smack_netlabel_wo_mask
+	l2	smack_netlabel_w_mask
+] [varlen]
+
+resource fd_smackfs_netlabel[fd]
+openat$smackfs_netlabel(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/netlabel"]], flags const[O_RDWR], mode const[0]) fd_smackfs_netlabel
+write$smackfs_netlabel(fd fd_smackfs_netlabel, buf ptr[in, smack_netlabel], count len[buf])
+
+resource fd_smackfs_logging[fd]
+openat$smackfs_logging(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/logging"]], flags const[O_RDWR], mode const[0]) fd_smackfs_logging
+# It's ok to write number here without '\0'
+write$smackfs_logging(fd fd_smackfs_logging, buf ptr[in, fmt[dec, intptr[0:3]]], count len[buf])
+read$smackfs_logging(fd fd_smackfs_logging, buf ptr[out, fmt[dec, intptr[0:3]]], count len[buf])
+
+smackfs_labels_list_el {
+	label	smack_labelnoz
+	sp	const[' ', int8]
+} [packed]
+
+smackfs_labels_list {
+	labels	array[smackfs_labels_list_el]
+	z	const[0, int8]
+} [packed]
+
+resource fd_smackfs_labels_list[fd]
+
+# onlycap changes global restrictive policy and may need to be disabled
+# for more effective fuzzing
+openat$smackfs_onlycap(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/onlycap"]], flags const[O_RDWR], mode const[0]) fd_smackfs_labels_list
+openat$smackfs_relabel_self(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/relabel-self"]], flags const[O_RDWR], mode const[0]) fd_smackfs_labels_list
+write$smackfs_labels_list(fd fd_smackfs_labels_list, buf ptr[in, smackfs_labels_list], count len[buf])
+
+resource fd_smackfs_ptrace[fd]
+openat$smackfs_ptrace(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ptrace"]], flags const[O_RDWR], mode const[0]) fd_smackfs_ptrace
+# It's ok to write number here without '\0'
+write$smackfs_ptrace(fd fd_smackfs_ptrace, buf ptr[in, fmt[dec, intptr[SMACK_PTRACE_DEFAULT:SMACK_PTRACE_MAX]]], count len[buf])
+read$smackfs_ptrace(fd fd_smackfs_ptrace, buf ptr[out, fmt[dec, intptr[SMACK_PTRACE_DEFAULT:SMACK_PTRACE_MAX]]], count len[buf])
diff --git a/sys/linux/security_smack.txt.warn b/sys/linux/security_smack.txt.warn
new file mode 100644
index 000000000..d2f74efaf
--- /dev/null
+++ b/sys/linux/security_smack.txt.warn
@@ -0,0 +1,3 @@
+no-such-struct: smackfs_cipso_category
+no-such-struct: smack_ipv6
+no-such-struct: smack_ipv4
diff --git a/sys/linux/security_smack_386.const b/sys/linux/security_smack_386.const
new file mode 100644
index 000000000..cb9c8e367
--- /dev/null
+++ b/sys/linux/security_smack_386.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 228
+__NR_lsetxattr = 227
+__NR_openat = 295
+__NR_read = 3
+__NR_setxattr = 226
+__NR_write = 4
diff --git a/sys/linux/security_smack_amd64.const b/sys/linux/security_smack_amd64.const
new file mode 100644
index 000000000..7f298bb7e
--- /dev/null
+++ b/sys/linux/security_smack_amd64.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 190
+__NR_lsetxattr = 189
+__NR_openat = 257
+__NR_read = 0
+__NR_setxattr = 188
+__NR_write = 1
diff --git a/sys/linux/security_smack_arm.const b/sys/linux/security_smack_arm.const
new file mode 100644
index 000000000..8bd997324
--- /dev/null
+++ b/sys/linux/security_smack_arm.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 228
+__NR_lsetxattr = 227
+__NR_openat = 322
+__NR_read = 3
+__NR_setxattr = 226
+__NR_write = 4
diff --git a/sys/linux/security_smack_arm64.const b/sys/linux/security_smack_arm64.const
new file mode 100644
index 000000000..b06e7978d
--- /dev/null
+++ b/sys/linux/security_smack_arm64.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 7
+__NR_lsetxattr = 6
+__NR_openat = 56
+__NR_read = 63
+__NR_setxattr = 5
+__NR_write = 64
diff --git a/sys/linux/security_smack_mips64le.const b/sys/linux/security_smack_mips64le.const
new file mode 100644
index 000000000..5a4483d5a
--- /dev/null
+++ b/sys/linux/security_smack_mips64le.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 5182
+__NR_lsetxattr = 5181
+__NR_openat = 5247
+__NR_read = 5000
+__NR_setxattr = 5180
+__NR_write = 5001
diff --git a/sys/linux/security_smack_ppc64le.const b/sys/linux/security_smack_ppc64le.const
new file mode 100644
index 000000000..6c63f67e1
--- /dev/null
+++ b/sys/linux/security_smack_ppc64le.const
@@ -0,0 +1,13 @@
+# AUTOGENERATED FILE
+AT_FDCWD = 18446744073709551516
+O_RDWR = 2
+SMACK_CIPSO_MAXCATNUM = 184
+SMACK_CIPSO_MAXLEVEL = 255
+SMACK_PTRACE_DEFAULT = 0
+SMACK_PTRACE_MAX = 2
+__NR_fsetxattr = 211
+__NR_lsetxattr = 210
+__NR_openat = 286
+__NR_read = 3
+__NR_setxattr = 209
+__NR_write = 4
diff --git a/sys/linux/smack.txt b/sys/linux/smack.txt
deleted file mode 100644
index ebde4e5aa..000000000
--- a/sys/linux/smack.txt
+++ /dev/null
@@ -1,217 +0,0 @@
-# Copyright 2018 syzkaller project authors. All rights reserved.
-# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
-
-include <uapi/linux/fcntl.h>
-include <security/smack/smack.h>
-
-resource fd_smack_current[fd]
-
-type smack_labelnoz stringnoz
-
-smack_label {
-	label	smack_labelnoz
-	z	const[0, int8]
-} [packed]
-
-openat$smack_task_current(fd const[AT_FDCWD], file ptr[in, string["/proc/self/attr/current"]], flags const[O_RDWR], mode const[0]) fd_smack_current
-openat$smack_thread_current(fd const[AT_FDCWD], file ptr[in, string["/proc/thread-self/attr/current"]], flags const[O_RDWR], mode const[0]) fd_smack_current
-write$smack_current(fd fd_smack_current, data ptr[in, smack_label], len len[data])
-
-setxattr$smack_xattr_label(path ptr[in, filename], name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
-lsetxattr$smack_xattr_label(path ptr[in, filename], name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
-fsetxattr$smack_xattr_label(fd fd, name ptr[in, string[smack_xattr_entry]], val ptr[in, smack_label], size len[val], flags flags[setxattr_flags])
-
-smack_xattr_entry = "security.SMACK64", "security.SMACK64IPIN", "security.SMACK64IPOUT", "security.SMACK64EXEC", "security.SMACK64MMAP"
-
-setxattr$security_smack_transmute(path ptr[in, filename], name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
-lsetxattr$security_smack_transmute(path ptr[in, filename], name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
-fsetxattr$security_smack_transmute(fd fd, name ptr[in, string["security.SMACK64TRANSMUTE"]], val ptr[in, stringnoz["TRUE"]], size len[val], flags flags[setxattr_flags])
-
-# -rwxatlbRWXATLB
-perm = "", "-", "r", "w", "rw", "x", "rx", "wx", "rwx", "a", "ra", "wa", "rwa", "xa", "rxa", "wxa", "rwxa", "t", "rt", "wt", "rwt", "xt", "rxt", "wxt", "rwxt", "at", "rat", "wat", "rwat", "xat", "rxat", "wxat", "rwxat", "b", "rb", "wb", "rwb", "xb", "rxb", "wxb", "rwxb", "ab", "rab", "wab", "rwab", "xab", "rxab", "wxab", "rwxab", "tb", "rtb", "wtb", "rwtb", "xtb", "rxtb", "wxtb", "rwxtb", "atb", "ratb", "watb", "rwatb", "xatb", "rxatb", "wxatb", "rwxatb", "l", "rl", "wl", "rwl", "xl", "rxl", "wxl", "rwxl", "al", "ral", "wal", "rwal", "xal", "rxal", "wxal", "rwxal", "tl", "rtl", "wtl", "rwtl", "xtl", "rxtl", "wxtl", "rwxtl", "atl", "ratl", "watl", "rwatl", "xatl", "rxatl", "wxatl", "rwxatl", "bl", "rbl", "wbl", "rwbl", "xbl", "rxbl", "wxbl", "rwxbl", "abl", "rabl", "wabl", "rwabl", "xabl", "rxabl", "wxabl", "rwxabl", "tbl", "rtbl", "wtbl", "rwtbl", "xtbl", "rxtbl", "wxtbl", "rwxtbl", "atbl", "ratbl", "watbl", "rwatbl", "xatbl", "rxatbl", "wxatbl", "rwxatbl"
-type smack_perm stringnoz[perm]
-
-smackfs_access {
-	subject	smack_labelnoz
-	sp0	const[' ', int8]
-	object	smack_labelnoz
-	sp1	const[' ', int8]
-	access	smack_perm
-	z	const[0, int8]
-} [packed]
-
-smackfs_change_access {
-	subject	smack_labelnoz
-	sp0	const[' ', int8]
-	object	smack_labelnoz
-	sp1	const[' ', int8]
-	allow	smack_perm
-	sp2	const[' ', int8]
-	deny	smack_perm
-	z	const[0, int8]
-} [packed]
-
-resource fd_smackfs_access[fd]
-smackfs_access_files = "/sys/fs/smackfs/access", "/sys/fs/smackfs/access2"
-openat$smackfs_access(fd const[AT_FDCWD], file ptr[in, string[smackfs_access_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_access
-write$smackfs_access(fd fd_smackfs_access, buf ptr[in, smackfs_access], count len[buf])
-read$smackfs_access(fd fd_smackfs_access, buf ptr[out, fmt[dec, intptr[0:1]]], count len[buf])
-
-# load, load2, load-self, load-self2
-resource fd_smackfs_load[fd]
-smackfs_load_files = "/sys/fs/smackfs/load", "/sys/fs/smackfs/load2", "/sys/fs/smackfs/load-self", "/sys/fs/smackfs/load-self2"
-openat$smackfs_load(fd const[AT_FDCWD], file ptr[in, string[smackfs_load_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_load
-write$smackfs_load(fd fd_smackfs_load, buf ptr[in, smackfs_access], count len[buf])
-
-# ambient, unconfined, syslog, revoke-subject
-resource fd_smackfs_label[fd]
-openat$smackfs_ambient(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ambient"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
-openat$smackfs_unconfined(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/unconfined"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
-openat$smackfs_revoke_subject(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/revoke-subject"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
-openat$smackfs_syslog(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/syslog"]], flags const[O_RDWR], mode const[0]) fd_smackfs_label
-write$smackfs_label(fd fd_smackfs_label, buf ptr[in, smack_label], count len[buf])
-
-resource fd_smackfs_change_rule[fd]
-openat$smackfs_change_rule(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/change-rule"]], flags const[O_RDWR], mode const[0]) fd_smackfs_change_rule
-write$smackfs_change_rule(fd fd_smackfs_change_rule, buf ptr[in, smackfs_change_access], count len[buf])
-
-smackfs_cipso_category {
-	cat	fmt[dec, int8[0:SMACK_CIPSO_MAXCATNUM]]
-	sp	const[' ', int8]
-}
-
-smackfs_cipso {
-	label	smack_labelnoz
-	sp0	const[' ', int8]
-# NEED: format specifiers with the given len ("%04d").
-# Kernel expects level to take exactly 4 (SMK_DIGITLEN) chars.
-# This affects lots of other fmt's in this file too.
-	level	fmt[dec, int8[0:SMACK_CIPSO_MAXLEVEL]]
-	sp1	const[' ', int8]
-	num	fmt[dec, len[cats]]
-	sp2	const[' ', int8]
-	cats	array[smackfs_cipso_category]
-	z	const[0, int8]
-} [packed]
-
-resource fd_smackfs_cipso[fd]
-smackfs_cipso_files = "/sys/fs/smackfs/cipso", "/sys/fs/smackfs/cipso2"
-openat$smackfs_cipso(fd const[AT_FDCWD], file ptr[in, string[smackfs_cipso_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_cipso
-write$smackfs_cipso(fd fd_smackfs_cipso, buf ptr[in, smackfs_cipso], count len[buf])
-
-# direct, doi, mapped
-resource fd_smackfs_cipsonum[fd]
-smackfs_cipsonum_files = "/sys/fs/smackfs/direct", "/sys/fs/smackfs/doi", "/sys/fs/smackfs/mapped"
-openat$smackfs_cipsonum(fd const[AT_FDCWD], file ptr[in, string[smackfs_cipsonum_files]], flags const[O_RDWR], mode const[0]) fd_smackfs_cipsonum
-# It's ok to write number here without '\0'
-write$smackfs_cipsonum(fd fd_smackfs_cipsonum, buf ptr[in, fmt[dec, intptr]], count len[buf])
-read$smackfs_cipsonum(fd fd_smackfs_cipsonum, buf ptr[out, fmt[dec, intptr]], count len[buf])
-
-smack_ipv6 {
-	d1	fmt[hex, int8]
-	sp1	const[':', int8]
-	d2	fmt[hex, int8]
-	sp2	const[':', int8]
-	d3	fmt[hex, int8]
-	sp3	const[':', int8]
-	d4	fmt[hex, int8]
-	sp4	const[':', int8]
-	d5	fmt[hex, int8]
-	sp5	const[':', int8]
-	d6	fmt[hex, int8]
-	sp6	const[':', int8]
-	d7	fmt[hex, int8]
-	sp7	const[':', int8]
-	d8	fmt[hex, int8]
-} [packed]
-
-smack_ipv6host_wo_mask {
-	ipv6	smack_ipv6
-	sp	const[' ', int8]
-	label	smack_labelnoz
-	z	const[0, int8]
-} [packed]
-
-smack_ipv6host_w_mask {
-	ipv6	smack_ipv6
-	bs	const['/', int8]
-	mask	fmt[dec, int8]
-	sp	const[' ', int8]
-	label	smack_labelnoz
-	z	const[0, int8]
-} [packed]
-
-smack_ipv6host [
-	l1	smack_ipv6host_wo_mask
-	l2	smack_ipv6host_w_mask
-] [varlen]
-
-resource fd_smackfs_ipv6host[fd]
-openat$smackfs_ipv6host(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ipv6host"]], flags const[O_RDWR], mode const[0]) fd_smackfs_ipv6host
-write$smackfs_ipv6host(fd fd_smackfs_ipv6host, buf ptr[in, smack_ipv6host], count len[buf])
-
-smack_ipv4 {
-	d1	fmt[dec, int8]
-	sp1	const['.', int8]
-	d2	fmt[dec, int8]
-	sp2	const['.', int8]
-	d3	fmt[dec, int8]
-	sp3	const['.', int8]
-	d4	fmt[dec, int8]
-	sp4	const['.', int8]
-} [packed]
-
-smack_netlabel_wo_mask {
-	ipv4	smack_ipv4
-	sp	const[' ', int8]
-	label	smack_labelnoz
-	z	const[0, int8]
-} [packed]
-
-smack_netlabel_w_mask {
-	ipv4	smack_ipv4
-	bs	const['/', int8]
-	mask	fmt[dec, int8]
-	sp	const[' ', int8]
-	label	smack_labelnoz
-	z	const[0, int8]
-} [packed]
-
-smack_netlabel [
-	l1	smack_netlabel_wo_mask
-	l2	smack_netlabel_w_mask
-] [varlen]
-
-resource fd_smackfs_netlabel[fd]
-openat$smackfs_netlabel(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/netlabel"]], flags const[O_RDWR], mode const[0]) fd_smackfs_netlabel
-write$smackfs_netlabel(fd fd_smackfs_netlabel, buf ptr[in, smack_netlabel], count len[buf])
-
-resource fd_smackfs_logging[fd]
-openat$smackfs_logging(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/logging"]], flags const[O_RDWR], mode const[0]) fd_smackfs_logging
-# It's ok to write number here without '\0'
-write$smackfs_logging(fd fd_smackfs_logging, buf ptr[in, fmt[dec, intptr[0:3]]], count len[buf])
-read$smackfs_logging(fd fd_smackfs_logging, buf ptr[out, fmt[dec, intptr[0:3]]], count len[buf])
-
-smackfs_labels_list_el {
-	label	smack_labelnoz
-	sp	const[' ', int8]
-} [packed]
-
-smackfs_labels_list {
-	labels	array[smackfs_labels_list_el]
-	z	const[0, int8]
-} [packed]
-
-resource fd_smackfs_labels_list[fd]
-
-# onlycap changes global restrictive policy and may need to be disabled
-# for more effective fuzzing
-openat$smackfs_onlycap(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/onlycap"]], flags const[O_RDWR], mode const[0]) fd_smackfs_labels_list
-openat$smackfs_relabel_self(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/relabel-self"]], flags const[O_RDWR], mode const[0]) fd_smackfs_labels_list
-write$smackfs_labels_list(fd fd_smackfs_labels_list, buf ptr[in, smackfs_labels_list], count len[buf])
-
-resource fd_smackfs_ptrace[fd]
-openat$smackfs_ptrace(fd const[AT_FDCWD], file ptr[in, string["/sys/fs/smackfs/ptrace"]], flags const[O_RDWR], mode const[0]) fd_smackfs_ptrace
-# It's ok to write number here without '\0'
-write$smackfs_ptrace(fd fd_smackfs_ptrace, buf ptr[in, fmt[dec, intptr[SMACK_PTRACE_DEFAULT:SMACK_PTRACE_MAX]]], count len[buf])
-read$smackfs_ptrace(fd fd_smackfs_ptrace, buf ptr[out, fmt[dec, intptr[SMACK_PTRACE_DEFAULT:SMACK_PTRACE_MAX]]], count len[buf])
diff --git a/sys/linux/smack.txt.warn b/sys/linux/smack.txt.warn
deleted file mode 100644
index d2f74efaf..000000000
--- a/sys/linux/smack.txt.warn
+++ /dev/null
@@ -1,3 +0,0 @@
-no-such-struct: smackfs_cipso_category
-no-such-struct: smack_ipv6
-no-such-struct: smack_ipv4
diff --git a/sys/linux/smack_386.const b/sys/linux/smack_386.const
deleted file mode 100644
index cb9c8e367..000000000
--- a/sys/linux/smack_386.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 228
-__NR_lsetxattr = 227
-__NR_openat = 295
-__NR_read = 3
-__NR_setxattr = 226
-__NR_write = 4
diff --git a/sys/linux/smack_amd64.const b/sys/linux/smack_amd64.const
deleted file mode 100644
index 7f298bb7e..000000000
--- a/sys/linux/smack_amd64.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 190
-__NR_lsetxattr = 189
-__NR_openat = 257
-__NR_read = 0
-__NR_setxattr = 188
-__NR_write = 1
diff --git a/sys/linux/smack_arm.const b/sys/linux/smack_arm.const
deleted file mode 100644
index 8bd997324..000000000
--- a/sys/linux/smack_arm.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 228
-__NR_lsetxattr = 227
-__NR_openat = 322
-__NR_read = 3
-__NR_setxattr = 226
-__NR_write = 4
diff --git a/sys/linux/smack_arm64.const b/sys/linux/smack_arm64.const
deleted file mode 100644
index b06e7978d..000000000
--- a/sys/linux/smack_arm64.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 7
-__NR_lsetxattr = 6
-__NR_openat = 56
-__NR_read = 63
-__NR_setxattr = 5
-__NR_write = 64
diff --git a/sys/linux/smack_mips64le.const b/sys/linux/smack_mips64le.const
deleted file mode 100644
index 5a4483d5a..000000000
--- a/sys/linux/smack_mips64le.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 5182
-__NR_lsetxattr = 5181
-__NR_openat = 5247
-__NR_read = 5000
-__NR_setxattr = 5180
-__NR_write = 5001
diff --git a/sys/linux/smack_ppc64le.const b/sys/linux/smack_ppc64le.const
deleted file mode 100644
index 6c63f67e1..000000000
--- a/sys/linux/smack_ppc64le.const
+++ /dev/null
@@ -1,13 +0,0 @@
-# AUTOGENERATED FILE
-AT_FDCWD = 18446744073709551516
-O_RDWR = 2
-SMACK_CIPSO_MAXCATNUM = 184
-SMACK_CIPSO_MAXLEVEL = 255
-SMACK_PTRACE_DEFAULT = 0
-SMACK_PTRACE_MAX = 2
-__NR_fsetxattr = 211
-__NR_lsetxattr = 210
-__NR_openat = 286
-__NR_read = 3
-__NR_setxattr = 209
-__NR_write = 4
-- 
cgit mrf-deployment