--- //depot/projects/trustedbsd/base/sys/fs/devfs/devfs_devs.c	2003/03/05 21:31:18
+++ //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_devs.c	2003/03/05 22:13:02
@@ -334,7 +334,8 @@
 					de = devfs_vmkdir(s, q - s, dd);
 #ifdef MAC
 					mac_create_devfs_directory(
-					    dm->dm_mount, s, q - s, de);
+					    dm->dm_mount, s, q - s, de,
+					    dev->si_name);
 #endif
 					de->de_inode = dm->dm_inode++;
 					TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list);
@@ -362,7 +363,8 @@
 				de->de_dirent->d_type = DT_CHR;
 			}
 #ifdef MAC
-			mac_create_devfs_device(dm->dm_mount, dev, de);
+			mac_create_devfs_device(dm->dm_mount, dev, de,
+			    dev->si_name);
 #endif
 			*dep = de;
 			de->de_dir = dd;
--- //depot/projects/trustedbsd/base/sys/fs/devfs/devfs_vfsops.c	2003/06/24 12:28:09
+++ //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vfsops.c	2003/06/24 13:16:43
@@ -96,7 +96,7 @@
 	fmp->dm_rootdir = devfs_vmkdir("(root)", 6, NULL);
 	fmp->dm_rootdir->de_inode = 2;
 #ifdef MAC
-	mac_create_devfs_directory(mp, "", 0, fmp->dm_rootdir);
+	mac_create_devfs_directory(mp, "", 0, fmp->dm_rootdir, "");
 #endif
 	fmp->dm_basedir = fmp->dm_rootdir;
 	devfs_rules_newmount(fmp, td);
--- //depot/projects/trustedbsd/base/sys/fs/devfs/devfs_vnops.c	2003/05/31 12:59:17
+++ //depot/projects/trustedbsd/mac/sys/fs/devfs/devfs_vnops.c	2003/05/31 18:09:30
@@ -86,21 +86,18 @@
  * Construct the fully qualified path name relative to the mountpoint
  */
 static char *
-devfs_fqpn(char *buf, struct vnode *dvp, struct componentname *cnp)
+devfs_fqpn(char *buf, ssize_t buflen, struct devfs_mount *dmp,
+    struct devfs_dirent *de, const char *name, size_t namelen)
 {
 	int i;
-	struct devfs_dirent *de, *dd;
-	struct devfs_mount *dmp;
 
-	dmp = VFSTODEVFS(dvp->v_mount);
-	dd = dvp->v_data;
-	i = SPECNAMELEN;
+	KASSERT(de->de_dirent->d_type == DT_DIR, ("devfs_fqpn: de not DT_DIR"));
+	i = buflen - 1;
 	buf[i] = '\0';
-	i -= cnp->cn_namelen;
+	i -= namelen;
 	if (i < 0)
 		 return (NULL);
-	bcopy(cnp->cn_nameptr, buf + i, cnp->cn_namelen);
-	de = dd;
+	bcopy(name, buf + i, namelen);
 	while (de != dmp->dm_basedir) {
 		i--;
 		if (i < 0)
@@ -372,7 +369,8 @@
 	 * OK, we didn't have an entry for the name we were asked for
 	 * so we try to see if anybody can create it on demand.
 	 */
-	pname = devfs_fqpn(specname, dvp, cnp);
+	pname = devfs_fqpn(specname, sizeof(specname), dmp, dd,
+	    cnp->cn_nameptr, cnp->cn_namelen);
 	if (pname == NULL)
 		goto notfound;
 
@@ -840,10 +838,17 @@
 	struct devfs_dirent *dd;
 	struct devfs_dirent *de;
 	struct devfs_mount *dmp;
+#ifdef MAC
+	char *specname;
+#endif
 
 	error = suser(ap->a_cnp->cn_thread);
 	if (error)
-		return(error);
+		return (error);
+#ifdef MAC
+	specname = malloc(SPECNAMELEN + ap->a_cnp->cn_namelen + 1, M_DEVFS,
+	    M_WAITOK);
+#endif
 	dmp = VFSTODEVFS(ap->a_dvp->v_mount);
 	dd = ap->a_dvp->v_data;
 	de = devfs_newdirent(ap->a_cnp->cn_nameptr, ap->a_cnp->cn_namelen);
@@ -857,7 +862,10 @@
 	bcopy(ap->a_target, de->de_symlink, i);
 	lockmgr(&dmp->dm_lock, LK_EXCLUSIVE, 0, curthread);
 #ifdef MAC
-	mac_create_devfs_symlink(ap->a_cnp->cn_cred, dmp->dm_mount, dd, de);
+	mac_create_devfs_symlink(ap->a_cnp->cn_cred, dmp->dm_mount, dd, de,
+	    devfs_fqpn(specname, SPECNAMELEN + ap->a_cnp->cn_namelen + 1,
+	    dmp, dd, ap->a_cnp->cn_nameptr, ap->a_cnp->cn_namelen));
+	free(specname, M_DEVFS);
 #endif
 	TAILQ_INSERT_TAIL(&dd->de_dlist, de, de_list);
 	devfs_allocv(de, ap->a_dvp->v_mount, ap->a_vpp, 0);