make network_interface able to support multiple interfaces having the same type

refpolicy/Changelog

@@ -1,3 +1,5 @@
+	* Corenetwork now supports multiple network interfaces having the
+	  same type.
 	* Doc tool now creates pages for global Booleans and global tunables.
 	* Doc tool now links directly to the interface/template in the
 	  module page when it is selected in the interface/template index.

refpolicy/policy/modules/kernel/corenetwork.te.in

@@ -123,11 +123,11 @@ network_node(unspec, s0, ::, ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)
 type netif_t, netif_type;
 sid netif context_template(system_u:object_r:netif_t,s0)
 
-network_interface(lo, s0)
+network_interface(lo, lo,s0)
-network_interface(eth0, s0)
+network_interface(eth0, eth0,s0)
-network_interface(eth1, s0)
+network_interface(eth1, eth1,s0)
-network_interface(eth2, s0)
+network_interface(eth2, eth2,s0)
-network_interface(ippp0, s0)
+network_interface(ippp0, ippp0,s0)
-network_interface(ipsec0, s0)
+network_interface(ipsec0, ipsec0,s0)
-network_interface(ipsec1, s0)
+network_interface(ipsec1, ipsec1,s0)
-network_interface(ipsec2, s0)
+network_interface(ipsec2, ipsec2,s0)

refpolicy/policy/modules/kernel/corenetwork.te.m4

@@ -1,10 +1,15 @@
+define(`declare_netifs',`dnl
+netifcon $2 context_template(system_u:object_r:$1,$3) context_template(system_u:object_r:unlabeled_t,$3)
+ifelse(`$4',`',`',`declare_netifs($1,shiftn(3,$*))')dnl
+')
+
 #
-# network_interface(linux_interfacename,mls_sensitivity)
+# network_interface(if_name,linux_interface,mls_sensitivity)
 #
 define(`network_interface',`
 gen_require(`type unlabeled_t')
 type $1_netif_t alias netif_$1_t, netif_type;
-netifcon $1 context_template(system_u:object_r:$1_netif_t,$2) context_template(system_u:object_r:unlabeled_t,$2)
+declare_netifs($1_netif_t,shift($*))
 ')
 
 #