Don't use KAUTH_RESULT_* where it's not applicable.

Prompted by yamt@.

sys/dist/ipf/netinet/ip_fil_netbsd.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_fil_netbsd.c,v 1.22 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: ip_fil_netbsd.c,v 1.23 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (C) 1993-2003 by Darren Reed.
@@ -524,7 +524,7 @@ int mode;
 #if (__NetBSD_Version__ >= 399002000)
 	if ((mode & FWRITE) && kauth_authorize_network(p->l_cred,
 	    KAUTH_NETWORK_FIREWALL, (void *)KAUTH_REQ_NETWORK_FIREWALL_FW,
-	    NULL, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    NULL, NULL, NULL))
 #else
 	if ((securelevel >= 2) && (mode & FWRITE))
 #endif

sys/dist/ipf/netinet/ip_nat.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_nat.c,v 1.13 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: ip_nat.c,v 1.14 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (C) 1995-2003 by Darren Reed.
@@ -627,7 +627,7 @@ int mode;
 #if (__NetBSD_Version__ >= 399002000)
 	if ((mode & FWRITE) && kauth_authorize_network(curlwp->l_cred,
 	    KAUTH_NETWORK_FIREWALL, (void *)KAUTH_REQ_NETWORK_FIREWALL_NAT,
-	    NULL, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    NULL, NULL, NULL))
 #else
 	if ((securelevel >= 2) && (mode & FWRITE))
 #endif

sys/ipkdb/ipkdb_ipkdb.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipkdb_ipkdb.c,v 1.16 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: ipkdb_ipkdb.c,v 1.17 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (C) 1993-2000 Wolfgang Solfrank.
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipkdb_ipkdb.c,v 1.16 2006/09/08 20:58:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipkdb_ipkdb.c,v 1.17 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_ipkdb.h"
 
@@ -1140,7 +1140,7 @@ check_ipkdb(ifp, shost, p, l)
 
 #ifndef	IPKDBSECURE
 	if (kauth_authorize_system(curlwp->l_cred, KAUTH_SYSTEM_IPKDB,
-	    NULL, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    NULL, NULL, NULL, NULL))
 		return 0;
 #endif
 	if (ipkdbcmp(chksum(p, l), p + l, LENCHK))

sys/kern/init_sysctl.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: init_sysctl.c,v 1.84 2006/09/10 05:46:02 manu Exp $ */
+/*	$NetBSD: init_sysctl.c,v 1.85 2006/09/13 10:07:42 elad Exp $ */
 
 /*-
  * Copyright (c) 2003 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.84 2006/09/10 05:46:02 manu Exp $");
+__KERNEL_RCSID(0, "$NetBSD: init_sysctl.c,v 1.85 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_sysv.h"
 #include "opt_multiprocessor.h"
@@ -1153,7 +1153,7 @@ sysctl_kern_rtc_offset(SYSCTLFN_ARGS)
 
 	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_TIME,
 	    KAUTH_REQ_SYSTEM_TIME_RTCOFFSET,
-	    (void *)(u_long)new_rtc_offset, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    (void *)(u_long)new_rtc_offset, NULL, NULL))
 		return (EPERM);
 	if (rtc_offset == new_rtc_offset)
 		return (0);
@@ -2383,7 +2383,7 @@ sysctl_kern_proc_args(SYSCTLFN_ARGS)
 	/* only root or same user change look at the environment */
 	if (type == KERN_PROC_ENV || type == KERN_PROC_NENV) {
 		if (kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE,
-		     p, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) {
+		     p, NULL, NULL, NULL)) {
 				error = EPERM;
 				goto out_locked;
 		}
@@ -2625,7 +2625,7 @@ sysctl_security_setidcore(SYSCTLFN_ARGS)
 		return error;
 
 	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE,
-	    0, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    0, NULL, NULL, NULL))
 		return (EPERM);
 
 	*(int *)rnode->sysctl_data = newsize;
@@ -2649,7 +2649,7 @@ sysctl_security_setidcorename(SYSCTLFN_ARGS)
 		goto out;
 	}
 	if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_SETIDCORE,
-	    0, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW) {
+	    0, NULL, NULL, NULL)) {
 		error = EPERM;
 		goto out;
 	}

sys/kern/kern_lkm.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_lkm.c,v 1.92 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: kern_lkm.c,v 1.93 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (c) 1994 Christopher G. Demetriou
@@ -41,7 +41,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_lkm.c,v 1.92 2006/09/08 20:58:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_lkm.c,v 1.93 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_ddb.h"
 #include "opt_malloclog.h"
@@ -345,7 +345,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 	switch(cmd) {
 	case LMRESERV:		/* reserve pages for a module */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */
@@ -397,7 +397,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 
 	case LMLOADBUF:		/* Copy in; stateful, follows LMRESERV */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */
@@ -466,7 +466,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 
 	case LMUNRESRV:		/* discard reserved pages for a module */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */
@@ -483,7 +483,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 
 	case LMREADY:		/* module loaded: call entry */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */
@@ -573,7 +573,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 
 	case LMUNLOAD:		/* unload a module */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */
@@ -627,7 +627,7 @@ lkmioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct lwp *l)
 #ifdef LMFORCE
 	case LMFORCE:		/* stateful, optionally follows LMRESERV */
 		if (kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_LKM,
-		    0, (void *)cmd, NULL, NULL) != KAUTH_RESULT_ALLOW)
+		    0, (void *)cmd, NULL, NULL))
 			return EPERM;
 
 		if ((flag & FWRITE) == 0) /* only allow this if writing */

sys/kern/kern_resource.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_resource.c,v 1.104 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: kern_resource.c,v 1.105 2006/09/13 10:07:42 elad Exp $	*/
 
 /*-
  * Copyright (c) 1982, 1986, 1991, 1993
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.104 2006/09/08 20:58:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_resource.c,v 1.105 2006/09/13 10:07:42 elad Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -264,7 +264,7 @@ dosetrlimit(struct lwp *l, struct proc *p, int which, struct rlimit *limp)
 	if (limp->rlim_max > alimp->rlim_max && (error =
 	    kauth_authorize_process(l->l_cred, KAUTH_PROCESS_RESOURCE,
 	    p, (void *)KAUTH_REQ_PROCESS_RESOURCE_RLIMIT, limp,
-	    (void *)(u_long)which)) != KAUTH_RESULT_ALLOW)
+	    (void *)(u_long)which)))
 			return (error);
 
 	if (p->p_limit->p_refcnt > 1 &&

sys/kern/vfs_syscalls.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_syscalls.c,v 1.269 2006/09/12 07:51:29 elad Exp $	*/
+/*	$NetBSD: vfs_syscalls.c,v 1.270 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.269 2006/09/12 07:51:29 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.270 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_compat_netbsd.h"
 #include "opt_compat_43.h"
@@ -1496,7 +1496,7 @@ dofhopen(struct lwp *l, const void *ufhp, size_t fhsize, int oflags,
 	 * Must be super user
 	 */
 	if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE,
-	    0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW)
+	    0, NULL, NULL, NULL)))
 		return (error);
 
 	flags = FFLAGS(oflags);
@@ -1631,7 +1631,7 @@ dofhstat(struct lwp *l, const void *ufhp, size_t fhsize, struct stat *sbp,
 	 * Must be super user
 	 */
 	if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE,
-	    0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW)
+	    0, NULL, NULL, NULL)))
 		return (error);
 
 	error = vfs_copyinfh_alloc(ufhp, fhsize, &fh);
@@ -1682,7 +1682,7 @@ dofhstatvfs(struct lwp *l, const void *ufhp, size_t fhsize, struct statvfs *buf,
 	 * Must be super user
 	 */
 	if ((error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FILEHANDLE,
-	    0, NULL, NULL, NULL)) != KAUTH_RESULT_ALLOW)
+	    0, NULL, NULL, NULL)))
 		return error;
 
 	error = vfs_copyinfh_alloc(ufhp, fhsize, &fh);

sys/miscfs/umapfs/umap_vnops.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $	*/
+/*	$NetBSD: umap_vnops.c,v 1.41 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (c) 1992, 1993
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: umap_vnops.c,v 1.40 2006/09/08 20:58:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: umap_vnops.c,v 1.41 2006/09/13 10:07:42 elad Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -194,7 +194,7 @@ umap_bypass(v)
 
 		if ((flags & LAYERFS_MBYPASSDEBUG) &&
 		    kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_bypass: user was %d, group %d\n",
 			    kauth_cred_geteuid(credp), kauth_cred_getegid(credp));
 
@@ -204,7 +204,7 @@ umap_bypass(v)
 
 		if ((flags & LAYERFS_MBYPASSDEBUG) &&
 		    kauth_authorize_generic(credp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_bypass: user now %d, group %d\n",
 			    kauth_cred_geteuid(credp), kauth_cred_getegid(credp));
 	}
@@ -225,7 +225,7 @@ umap_bypass(v)
 
 		if ((flags & LAYERFS_MBYPASSDEBUG) &&
 		    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_bypass: component credit user was %d, group %d\n",
 			    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 
@@ -235,7 +235,7 @@ umap_bypass(v)
 
 		if ((flags & LAYERFS_MBYPASSDEBUG) &&
 		    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_bypass: component credit user now %d, group %d\n",
 			    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 	}
@@ -312,7 +312,7 @@ umap_bypass(v)
 			*credpp = savecredp;
 			if ((flags & LAYERFS_MBYPASSDEBUG) && credpp &&
 			    kauth_authorize_generic(*credpp,
-			     KAUTH_GENERIC_ISSUSER,NULL) != KAUTH_RESULT_ALLOW)
+			     KAUTH_GENERIC_ISSUSER,NULL))
 			 	printf("umap_bypass: returning-user now %d\n\n",
 				    kauth_cred_geteuid(savecredp));
 		}
@@ -321,7 +321,7 @@ umap_bypass(v)
 	if (descp->vdesc_componentname_offset != VDESC_NO_OFFSET) {
 		if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp &&
 		    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_bypass: returning-component-user was %d\n",
 			    kauth_cred_geteuid(compcredp));
 
@@ -330,7 +330,7 @@ umap_bypass(v)
 			(*compnamepp)->cn_cred = savecompcredp;
 			if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp &&
 			    kauth_authorize_generic(savecompcredp,
-			     KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW)
+			     KAUTH_GENERIC_ISSUSER, NULL))
 			 	printf("umap_bypass: returning-component-user now %d\n",
 				    kauth_cred_geteuid(savecompcredp));
 		}
@@ -387,7 +387,7 @@ umap_lookup(v)
 
 		if ((flags & LAYERFS_MBYPASSDEBUG) &&
 		    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-		     NULL) != KAUTH_RESULT_ALLOW)
+		     NULL))
 			printf("umap_lookup: component credit user was %d, group %d\n",
 			    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 
@@ -397,7 +397,7 @@ umap_lookup(v)
 
 	if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp &&
 	    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-	     NULL) != KAUTH_RESULT_ALLOW)
+	     NULL))
 		printf("umap_lookup: component credit user now %d, group %d\n",
 		    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 
@@ -435,7 +435,7 @@ umap_lookup(v)
 	 */
 	if ((flags & LAYERFS_MBYPASSDEBUG) && compcredp &&
 	    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-	     NULL) != KAUTH_RESULT_ALLOW)
+	     NULL))
 		printf("umap_lookup: returning-component-user was %d\n",
 			    kauth_cred_geteuid(compcredp));
 
@@ -445,7 +445,7 @@ umap_lookup(v)
 		cnp->cn_cred = savecompcredp;
 		if ((flags & LAYERFS_MBYPASSDEBUG) && savecompcredp &&
 		    kauth_authorize_generic(savecompcredp,
-		     KAUTH_GENERIC_ISSUSER, NULL) != KAUTH_RESULT_ALLOW)
+		     KAUTH_GENERIC_ISSUSER, NULL))
 		 	printf("umap_lookup: returning-component-user now %d\n",
 			    kauth_cred_geteuid(savecompcredp));
 	}
@@ -578,7 +578,7 @@ umap_rename(v)
 
 	if ((flags & LAYERFS_MBYPASSDEBUG) &&
 	    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-	     NULL) != KAUTH_RESULT_ALLOW)
+	     NULL))
 		printf("umap_rename: rename component credit user was %d, group %d\n",
 		    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 
@@ -588,7 +588,7 @@ umap_rename(v)
 
 	if ((flags & LAYERFS_MBYPASSDEBUG) &&
 	    kauth_authorize_generic(compcredp, KAUTH_GENERIC_ISSUSER,
-	     NULL) != KAUTH_RESULT_ALLOW)
+	     NULL))
 		printf("umap_rename: rename component credit user now %d, group %d\n",
 		    kauth_cred_geteuid(compcredp), kauth_cred_getegid(compcredp));
 

sys/netinet/ip_input.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.230 2006/09/08 20:58:58 elad Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.231 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -98,7 +98,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.230 2006/09/08 20:58:58 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.231 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_inet.h"
 #include "opt_gateway.h"
@@ -2113,7 +2113,7 @@ sysctl_net_inet_ip_forwsrcrt(SYSCTLFN_ARGS)
 		return (error);
 
 	if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_FORWSRCRT,
-	    NULL, NULL, NULL, NULL) != KAUTH_RESULT_ALLOW)
+	    NULL, NULL, NULL, NULL))
 		return (EPERM);
 
 	ip_forwsrcrt = tmp;

sys/netinet/tcp_usrreq.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: tcp_usrreq.c,v 1.121 2006/09/08 20:58:58 elad Exp $	*/
+/*	$NetBSD: tcp_usrreq.c,v 1.122 2006/09/13 10:07:42 elad Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -102,7 +102,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_usrreq.c,v 1.121 2006/09/08 20:58:58 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_usrreq.c,v 1.122 2006/09/13 10:07:42 elad Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -1259,7 +1259,7 @@ sysctl_inpcblist(SYSCTLFN_ARGS)
 
 #ifdef notyet
 		if (kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_CANSEE,
-		    inph->inph_socket->so_cred) != KAUTH_RESULT_ALLOW)
+		    inph->inph_socket->so_cred))
 #endif
 		if (kauth_cred_geteuid(l->l_cred) != 0 &&
 		    kauth_cred_geteuid(l->l_cred) !=