diff --git a/refpolicy/policy/modules/admin/dmesg.te b/refpolicy/policy/modules/admin/dmesg.te
index ca23adb..7691ee4 100644
--- a/refpolicy/policy/modules/admin/dmesg.te
+++ b/refpolicy/policy/modules/admin/dmesg.te
@@ -56,7 +56,7 @@ ifdef(`targeted_policy', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(dmesg_t)
+	seutil_newrole_sigchld(dmesg_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/admin/rpm.te b/refpolicy/policy/modules/admin/rpm.te
index a018e06..e33466b 100644
--- a/refpolicy/policy/modules/admin/rpm.te
+++ b/refpolicy/policy/modules/admin/rpm.te
@@ -95,12 +95,12 @@ allow rpm_t rpm_var_lib_t:dir rw_dir_perms;
 
 kernel_read_system_state(rpm_t)
 kernel_read_kernel_sysctl(rpm_t)
-kernel_get_selinuxfs_mount_point(rpm_t)
-kernel_validate_context(rpm_t)
-kernel_compute_access_vector(rpm_t)
-kernel_compute_create_context(rpm_t)
-kernel_compute_relabel_context(rpm_t)
-kernel_compute_reachable_user_contexts(rpm_t)
+selinux_get_fs_mount(rpm_t)
+selinux_validate_context(rpm_t)
+selinux_compute_access_vector(rpm_t)
+selinux_compute_create_context(rpm_t)
+selinux_compute_relabel_context(rpm_t)
+selinux_compute_user_contexts(rpm_t)
 
 corenet_tcp_sendrecv_all_if(rpm_t)
 corenet_raw_sendrecv_all_if(rpm_t)
@@ -149,8 +149,8 @@ libs_domtrans_ldconfig(rpm_t)
 logging_send_syslog_msg(rpm_t)
 
 # allow compiling and loading new policy
-selinux_manage_src_pol(rpm_t)
-selinux_manage_binary_pol(rpm_t)
+seutil_manage_src_pol(rpm_t)
+seutil_manage_binary_pol(rpm_t)
 
 sysnet_read_config(rpm_t)
 
@@ -245,12 +245,12 @@ allow rpm_script_t rpm_script_tmpfs_t:fifo_file create_file_perms;
 fs_create_tmpfs_data(rpm_script_t,rpm_script_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
 
 kernel_read_kernel_sysctl(rpm_script_t)
-kernel_get_selinuxfs_mount_point(rpm_script_t)
-kernel_validate_context(rpm_script_t)
-kernel_compute_access_vector(rpm_script_t)
-kernel_compute_create_context(rpm_script_t)
-kernel_compute_relabel_context(rpm_script_t)
-kernel_compute_reachable_user_contexts(rpm_script_t)
+selinux_get_fs_mount(rpm_script_t)
+selinux_validate_context(rpm_script_t)
+selinux_compute_access_vector(rpm_script_t)
+selinux_compute_create_context(rpm_script_t)
+selinux_compute_relabel_context(rpm_script_t)
+selinux_compute_user_contexts(rpm_script_t)
 kernel_read_system_state(rpm_script_t)
 
 # ideally we would not need this
@@ -303,8 +303,8 @@ miscfiles_read_localization(rpm_script_t)
 modutils_domtrans_depmod(rpm_script_t)
 modutils_domtrans_insmod(rpm_script_t)
 
-selinux_domtrans_loadpol(rpm_script_t)
-selinux_domtrans_restorecon(rpm_script_t)
+seutil_domtrans_loadpol(rpm_script_t)
+seutil_domtrans_restorecon(rpm_script_t)
 
 userdom_use_all_user_fd(rpm_script_t)
 
@@ -347,14 +347,14 @@ allow sshd_t rpm_script_t:fd use;
 # can transition to this domain, nor can it
 # really do anything useful.
 
-kernel_get_selinuxfs_mount_point(rpmbuild_t)
-kernel_validate_context(rpmbuild_t)
-kernel_compute_access_vector(rpmbuild_t)
-kernel_compute_create_context(rpmbuild_t)
-kernel_compute_relabel_context(rpmbuild_t)
-kernel_compute_reachable_user_contexts(rpmbuild_t)
+selinux_get_fs_mount(rpmbuild_t)
+selinux_validate_context(rpmbuild_t)
+selinux_compute_access_vector(rpmbuild_t)
+selinux_compute_create_context(rpmbuild_t)
+selinux_compute_relabel_context(rpmbuild_t)
+selinux_compute_user_contexts(rpmbuild_t)
 
-selinux_read_src_pol(rpmbuild_t)
+seutil_read_src_pol(rpmbuild_t)
 
 ifdef(`TODO',`
 
diff --git a/refpolicy/policy/modules/admin/usermanage.te b/refpolicy/policy/modules/admin/usermanage.te
index ba4b220..cec2a48 100644
--- a/refpolicy/policy/modules/admin/usermanage.te
+++ b/refpolicy/policy/modules/admin/usermanage.te
@@ -77,12 +77,12 @@ allow chfn_t self:msgq create_msgq_perms;
 allow chfn_t self:msg { send receive };
 
 kernel_read_system_state(chfn_t)
-kernel_get_selinuxfs_mount_point(chfn_t)
-kernel_validate_context(chfn_t)
-kernel_compute_access_vector(chfn_t)
-kernel_compute_create_context(chfn_t)
-kernel_compute_relabel_context(chfn_t)
-kernel_compute_reachable_user_contexts(chfn_t)
+selinux_get_fs_mount(chfn_t)
+selinux_validate_context(chfn_t)
+selinux_compute_access_vector(chfn_t)
+selinux_compute_create_context(chfn_t)
+selinux_compute_relabel_context(chfn_t)
+selinux_compute_user_contexts(chfn_t)
 
 term_use_all_user_ttys(chfn_t)
 term_use_all_user_ptys(chfn_t)
@@ -210,12 +210,12 @@ allow groupadd_t self:msgq create_msgq_perms;
 allow groupadd_t self:msg { send receive };
 
 # Allow access to context for shadow file
-kernel_get_selinuxfs_mount_point(groupadd_t)
-kernel_validate_context(groupadd_t)
-kernel_compute_access_vector(groupadd_t)
-kernel_compute_create_context(groupadd_t)
-kernel_compute_relabel_context(groupadd_t)
-kernel_compute_reachable_user_contexts(groupadd_t)
+selinux_get_fs_mount(groupadd_t)
+selinux_validate_context(groupadd_t)
+selinux_compute_access_vector(groupadd_t)
+selinux_compute_create_context(groupadd_t)
+selinux_compute_relabel_context(groupadd_t)
+selinux_compute_user_contexts(groupadd_t)
 
 fs_getattr_xattr_fs(groupadd_t)
 
@@ -243,7 +243,7 @@ miscfiles_read_localization(groupadd_t)
 auth_manage_shadow(groupadd_t)
 auth_rw_lastlog(groupadd_t)
 
-selinux_read_config(groupadd_t)
+seutil_read_config(groupadd_t)
 
 ifdef(`TODO',`
 role sysadm_r types groupadd_t;
@@ -285,12 +285,12 @@ allow passwd_t self:sem create_sem_perms;
 allow passwd_t self:msgq create_msgq_perms;
 allow passwd_t self:msg { send receive };
 
-kernel_get_selinuxfs_mount_point(passwd_t)
-kernel_validate_context(passwd_t)
-kernel_compute_access_vector(passwd_t)
-kernel_compute_create_context(passwd_t)
-kernel_compute_relabel_context(passwd_t)
-kernel_compute_reachable_user_contexts(passwd_t)
+selinux_get_fs_mount(passwd_t)
+selinux_validate_context(passwd_t)
+selinux_compute_access_vector(passwd_t)
+selinux_compute_create_context(passwd_t)
+selinux_compute_relabel_context(passwd_t)
+selinux_compute_user_contexts(passwd_t)
 
 # for SSP
 dev_read_urand(passwd_t)
@@ -382,12 +382,12 @@ allow sysadm_passwd_t sysadm_passwd_tmp_t:file create_file_perms;
 files_create_tmp_files(sysadm_passwd_t, sysadm_passwd_tmp_t, { file dir })
 files_search_var(sysadm_passwd_t)
 
-kernel_get_selinuxfs_mount_point(sysadm_passwd_t)
-kernel_validate_context(sysadm_passwd_t)
-kernel_compute_access_vector(sysadm_passwd_t)
-kernel_compute_create_context(sysadm_passwd_t)
-kernel_compute_relabel_context(sysadm_passwd_t)
-kernel_compute_reachable_user_contexts(sysadm_passwd_t)
+selinux_get_fs_mount(sysadm_passwd_t)
+selinux_validate_context(sysadm_passwd_t)
+selinux_compute_access_vector(sysadm_passwd_t)
+selinux_compute_create_context(sysadm_passwd_t)
+selinux_compute_relabel_context(sysadm_passwd_t)
+selinux_compute_user_contexts(sysadm_passwd_t)
 # for /proc/meminfo
 kernel_read_system_state(sysadm_passwd_t)
 
@@ -474,12 +474,12 @@ allow useradd_t self:msgq create_msgq_perms;
 allow useradd_t self:msg { send receive };
 
 # Allow access to context for shadow file
-kernel_get_selinuxfs_mount_point(useradd_t)
-kernel_validate_context(useradd_t)
-kernel_compute_access_vector(useradd_t)
-kernel_compute_create_context(useradd_t)
-kernel_compute_relabel_context(useradd_t)
-kernel_compute_reachable_user_contexts(useradd_t)
+selinux_get_fs_mount(useradd_t)
+selinux_validate_context(useradd_t)
+selinux_compute_access_vector(useradd_t)
+selinux_compute_create_context(useradd_t)
+selinux_compute_relabel_context(useradd_t)
+selinux_compute_user_contexts(useradd_t)
 # for getting the number of groups
 kernel_read_kernel_sysctl(useradd_t)
 
@@ -505,7 +505,7 @@ corecmd_exec_sbin(useradd_t)
 
 miscfiles_read_localization(useradd_t)
 
-selinux_read_config(useradd_t)
+seutil_read_config(useradd_t)
 
 logging_send_syslog_msg(useradd_t)
 
diff --git a/refpolicy/policy/modules/kernel/bootloader.te b/refpolicy/policy/modules/kernel/bootloader.te
index 3e4ea33..b1ccfcb 100644
--- a/refpolicy/policy/modules/kernel/bootloader.te
+++ b/refpolicy/policy/modules/kernel/bootloader.te
@@ -136,8 +136,8 @@ logging_rw_generic_logs(bootloader_t)
 
 miscfiles_read_localization(bootloader_t)
 
-selinux_read_binary_pol(bootloader_t)
-selinux_read_loadpol(bootloader_t)
+seutil_read_binary_pol(bootloader_t)
+seutil_read_loadpol(bootloader_t)
 
 ifdef(`distro_debian', `
 allow bootloader_t bootloader_tmp_t:{ dir file } { relabelfrom relabelto };
diff --git a/refpolicy/policy/modules/services/cron.if b/refpolicy/policy/modules/services/cron.if
index b331576..381ef6c 100644
--- a/refpolicy/policy/modules/services/cron.if
+++ b/refpolicy/policy/modules/services/cron.if
@@ -91,7 +91,7 @@ define(`cron_per_userdomain_template',`
 
 	logging_search_logs($1_crond_t)
 
-	selinux_read_config($1_crond_t)
+	seutil_read_config($1_crond_t)
 
 	miscfiles_read_localization($1_crond_t)
 
@@ -224,18 +224,18 @@ define(`cron_admin_template',`
 	#allow $1_crontab_t user_cron_spool_t:file unlink;
 
 	# Manipulate other users crontab.
-	kernel_get_selinuxfs_mount_point($1_crontab_t)
-	kernel_validate_context($1_crontab_t)
-	kernel_compute_access_vector($1_crontab_t)
-	kernel_compute_create_context($1_crontab_t)
-	kernel_compute_relabel_context($1_crontab_t)
-	kernel_compute_reachable_user_contexts($1_crontab_t)
+	selinux_get_fs_mount($1_crontab_t)
+	selinux_validate_context($1_crontab_t)
+	selinux_compute_access_vector($1_crontab_t)
+	selinux_compute_create_context($1_crontab_t)
+	selinux_compute_relabel_context($1_crontab_t)
+	selinux_compute_user_contexts($1_crontab_t)
 
 	tunable_policy(`fcron_crond', `
 		# fcron wants an instant update of a crontab change for the administrator
 		# also crontab does a security check for crontab -u
 		allow $1_crontab_t self:process setfscreate;
-		kernel_get_selinuxfs_mount_point($1_crontab_t)
+		selinux_get_fs_mount($1_crontab_t)
 	')
 ')
 
diff --git a/refpolicy/policy/modules/services/cron.te b/refpolicy/policy/modules/services/cron.te
index 6a3a773..6c5bd64 100644
--- a/refpolicy/policy/modules/services/cron.te
+++ b/refpolicy/policy/modules/services/cron.te
@@ -77,12 +77,12 @@ allow crond_t system_cron_spool_t:file r_file_perms;
 
 kernel_read_kernel_sysctl(crond_t)
 dev_read_sysfs(crond_t)
-kernel_get_selinuxfs_mount_point(crond_t)
-kernel_validate_context(crond_t)
-kernel_compute_access_vector(crond_t)
-kernel_compute_create_context(crond_t)
-kernel_compute_relabel_context(crond_t)
-kernel_compute_reachable_user_contexts(crond_t)
+selinux_get_fs_mount(crond_t)
+selinux_validate_context(crond_t)
+selinux_compute_access_vector(crond_t)
+selinux_compute_create_context(crond_t)
+selinux_compute_relabel_context(crond_t)
+selinux_compute_user_contexts(crond_t)
 
 dev_read_urand(crond_t)
 
@@ -109,9 +109,9 @@ libs_use_shared_libs(crond_t)
 
 logging_send_syslog_msg(crond_t)
 
-selinux_read_config(crond_t)
-selinux_read_default_contexts(crond_t)
-selinux_newrole_sigchld(crond_t)
+seutil_read_config(crond_t)
+seutil_read_default_contexts(crond_t)
+seutil_newrole_sigchld(crond_t)
 
 miscfiles_read_localization(crond_t)
 
@@ -287,18 +287,18 @@ miscfiles_read_localization(system_crond_t)
 miscfiles_read_man_pages(system_crond_t)
 miscfiles_rw_man_cache(system_crond_t)
 
-selinux_read_config(system_crond_t)
+seutil_read_config(system_crond_t)
 
 tunable_policy(`cron_can_relabel',`
-	selinux_domtrans_setfiles(system_crond_t)
+	seutil_domtrans_setfiles(system_crond_t)
 ',`
-	kernel_get_selinuxfs_mount_point(system_crond_t)
-	kernel_validate_context(system_crond_t)
-	kernel_compute_access_vector(system_crond_t)
-	kernel_compute_create_context(system_crond_t)
-	kernel_compute_relabel_context(system_crond_t)
-	kernel_compute_reachable_user_contexts(system_crond_t)
-	selinux_read_file_contexts(system_crond_t)
+	selinux_get_fs_mount(system_crond_t)
+	selinux_validate_context(system_crond_t)
+	selinux_compute_access_vector(system_crond_t)
+	selinux_compute_create_context(system_crond_t)
+	selinux_compute_relabel_context(system_crond_t)
+	selinux_compute_user_contexts(system_crond_t)
+	seutil_read_file_contexts(system_crond_t)
 ')
 
 ifdef(`TODO',`
diff --git a/refpolicy/policy/modules/services/remotelogin.te b/refpolicy/policy/modules/services/remotelogin.te
index 3058991..0119ff7 100644
--- a/refpolicy/policy/modules/services/remotelogin.te
+++ b/refpolicy/policy/modules/services/remotelogin.te
@@ -43,12 +43,12 @@ files_create_tmp_files(remote_login_t, remote_login_tmp_t, { file dir })
 
 kernel_read_system_state(remote_login_t)
 kernel_read_kernel_sysctl(remote_login_t)
-kernel_get_selinuxfs_mount_point(remote_login_t)
-kernel_validate_context(remote_login_t)
-kernel_compute_access_vector(remote_login_t)
-kernel_compute_create_context(remote_login_t)
-kernel_compute_relabel_context(remote_login_t)
-kernel_compute_reachable_user_contexts(remote_login_t)
+selinux_get_fs_mount(remote_login_t)
+selinux_validate_context(remote_login_t)
+selinux_compute_access_vector(remote_login_t)
+selinux_compute_create_context(remote_login_t)
+selinux_compute_relabel_context(remote_login_t)
+selinux_compute_user_contexts(remote_login_t)
 
 # for SSP/ProPolice
 dev_read_urand(remote_login_t)
@@ -69,8 +69,8 @@ libs_use_shared_libs(remote_login_t)
 
 logging_send_syslog_msg(remote_login_t)
 
-selinux_read_config(remote_login_t)
-selinux_read_default_contexts(remote_login_t)
+seutil_read_config(remote_login_t)
+seutil_read_default_contexts(remote_login_t)
 
 auth_domtrans_chk_passwd(remote_login_t)
 auth_dontaudit_read_shadow(remote_login_t)
diff --git a/refpolicy/policy/modules/services/sendmail.te b/refpolicy/policy/modules/services/sendmail.te
index d14ab32..49850c8 100644
--- a/refpolicy/policy/modules/services/sendmail.te
+++ b/refpolicy/policy/modules/services/sendmail.te
@@ -95,7 +95,7 @@ ifdef(`targeted_policy', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(sendmail_t)
+	seutil_newrole_sigchld(sendmail_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/system/authlogin.if b/refpolicy/policy/modules/system/authlogin.if
index 8631a7d..ab48c10 100644
--- a/refpolicy/policy/modules/system/authlogin.if
+++ b/refpolicy/policy/modules/system/authlogin.if
@@ -55,7 +55,7 @@ define(`authlogin_per_userdomain_template',`
 
 	miscfiles_read_localization($1_chkpwd_t)
 
-	selinux_read_config($1_chkpwd_t)
+	seutil_read_config($1_chkpwd_t)
 
 	#can_ypbind($1_chkpwd_t)
 	#can_kerberos($1_chkpwd_t)
@@ -88,7 +88,7 @@ define(`authlogin_per_userdomain_template',`
 	')
 
 	optional_policy(`selinux.te',`
-		selinux_use_newrole_fd($1_chkpwd_t)
+		seutil_use_newrole_fd($1_chkpwd_t)
 	')
 
 ') dnl end authlogin_per_userdomain_template
diff --git a/refpolicy/policy/modules/system/authlogin.te b/refpolicy/policy/modules/system/authlogin.te
index e085b1f..b63ea5b 100644
--- a/refpolicy/policy/modules/system/authlogin.te
+++ b/refpolicy/policy/modules/system/authlogin.te
@@ -165,7 +165,7 @@ libs_use_shared_libs(pam_console_t)
 
 logging_send_syslog_msg(pam_console_t)
 
-selinux_read_file_contexts(pam_console_t)
+seutil_read_file_contexts(pam_console_t)
 
 userdom_dontaudit_use_unpriv_user_fd(pam_console_t)
 
@@ -185,7 +185,7 @@ optional_policy(`hotplug.te', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(pam_console_t)
+	seutil_newrole_sigchld(pam_console_t)
 ')
 
 optional_policy(`udev.te', `
@@ -250,7 +250,7 @@ logging_send_syslog_msg(system_chkpwd_t)
 
 miscfiles_read_localization(system_chkpwd_t)
 
-selinux_read_config(system_chkpwd_t)
+seutil_read_config(system_chkpwd_t)
 
 tunable_policy(`use_dns',`
 	allow system_chkpwd_t self:udp_socket create_socket_perms;
diff --git a/refpolicy/policy/modules/system/clock.te b/refpolicy/policy/modules/system/clock.te
index 6c40663..fb8eb66 100644
--- a/refpolicy/policy/modules/system/clock.te
+++ b/refpolicy/policy/modules/system/clock.te
@@ -64,7 +64,7 @@ ifdef(`targeted_policy', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(hwclock_t)
+	seutil_newrole_sigchld(hwclock_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/system/files.if b/refpolicy/policy/modules/system/files.if
index 4028f3b..ea6d2b6 100644
--- a/refpolicy/policy/modules/system/files.if
+++ b/refpolicy/policy/modules/system/files.if
@@ -166,7 +166,7 @@ define(`files_relabel_all_files',`
 	allow $1 { file_type $2 }:chr_file { getattr relabelfrom };
 
 	# satisfy the assertions:
-	selinux_relabelto_binary_pol($1)
+	seutil_relabelto_binary_pol($1)
 ')
 
 define(`files_relabel_all_files_depend',`
@@ -206,7 +206,7 @@ define(`files_manage_all_files',`
 	allow $1 { file_type $2 }:sock_file create_file_perms;
 
 	# satisfy the assertions:
-	selinux_write_binary_pol($1)
+	seutil_write_binary_pol($1)
 	bootloader_manage_kernel_modules($1)
 ')
 
diff --git a/refpolicy/policy/modules/system/hostname.te b/refpolicy/policy/modules/system/hostname.te
index 3d99ae2..000fd82 100644
--- a/refpolicy/policy/modules/system/hostname.te
+++ b/refpolicy/policy/modules/system/hostname.te
@@ -80,7 +80,7 @@ optional_policy(`hotplug.te',`
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(hostname_t)
+	seutil_newrole_sigchld(hostname_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index 72de977..9775a8d 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -140,7 +140,7 @@ optional_policy(`mta.te', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(hotplug_t)
+	seutil_newrole_sigchld(hotplug_t)
 ')
 
 optional_policy(`sysnetwork.te',`
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index 9a3708a..f6217ed 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -88,7 +88,7 @@ allow init_t initrc_var_run_t:file { rw_file_perms setattr };
 # Run init scripts.
 domain_auto_trans(init_t,initrc_exec_t,initrc_t)
 
-kernel_set_boolean(init_t)
+selinux_set_boolean(init_t)
 kernel_read_system_state(init_t)
 dev_read_sysfs(init_t)
 kernel_share_state(init_t)
@@ -123,7 +123,7 @@ libs_rw_ld_so_cache(init_t)
 logging_send_syslog_msg(init_t)
 logging_rw_generic_logs(init_t)
 
-selinux_read_config(init_t)
+seutil_read_config(init_t)
 
 miscfiles_read_localization(init_t)
 
@@ -184,7 +184,7 @@ dev_read_sysfs(initrc_t)
 dev_rw_sysfs(initrc_t)
 kernel_read_all_sysctl(initrc_t)
 kernel_rw_all_sysctl(initrc_t)
-kernel_get_selinux_enforcement_mode(initrc_t)
+selinux_get_enforce_mode(initrc_t)
 dev_list_usbfs(initrc_t)
 # for lsof which is used by alsa shutdown:
 kernel_dontaudit_getattr_message_if(initrc_t)
@@ -283,7 +283,7 @@ miscfiles_read_localization(initrc_t)
 
 modutils_read_module_conf(initrc_t)
 
-selinux_read_config(initrc_t)
+seutil_read_config(initrc_t)
 
 sysnet_read_config(initrc_t)
 
@@ -308,7 +308,7 @@ ifdef(`distro_redhat',`
 	kernel_dontaudit_use_fd(initrc_t)
 	files_dontaudit_read_root_file(initrc_t)
 
-	kernel_set_enforcement_mode(initrc_t)
+	selinux_set_enforce_mode(initrc_t)
 
 	# Create and read /boot/kernel.h and /boot/System.map.
 	# Redhat systems typically create this file at boot time.
diff --git a/refpolicy/policy/modules/system/iptables.te b/refpolicy/policy/modules/system/iptables.te
index 9064b0f..dd2edc7 100644
--- a/refpolicy/policy/modules/system/iptables.te
+++ b/refpolicy/policy/modules/system/iptables.te
@@ -89,7 +89,7 @@ optional_policy(`modutils.te', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(iptables_t)
+	seutil_newrole_sigchld(iptables_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/system/locallogin.te b/refpolicy/policy/modules/system/locallogin.te
index fc98a88..fb6ae0a 100644
--- a/refpolicy/policy/modules/system/locallogin.te
+++ b/refpolicy/policy/modules/system/locallogin.te
@@ -53,12 +53,12 @@ files_create_tmp_files(local_login_t, local_login_tmp_t, { file dir })
 
 kernel_read_system_state(local_login_t)
 kernel_read_kernel_sysctl(local_login_t)
-kernel_get_selinuxfs_mount_point(local_login_t)
-kernel_validate_context(local_login_t)
-kernel_compute_access_vector(local_login_t)
-kernel_compute_create_context(local_login_t)
-kernel_compute_relabel_context(local_login_t)
-kernel_compute_reachable_user_contexts(local_login_t)
+selinux_get_fs_mount(local_login_t)
+selinux_validate_context(local_login_t)
+selinux_compute_access_vector(local_login_t)
+selinux_compute_create_context(local_login_t)
+selinux_compute_relabel_context(local_login_t)
+selinux_compute_user_contexts(local_login_t)
 
 # for SSP/ProPolice
 dev_read_urand(local_login_t)
@@ -95,8 +95,8 @@ logging_send_syslog_msg(local_login_t)
 
 miscfiles_read_localization(local_login_t)
 
-selinux_read_config(local_login_t)
-selinux_read_default_contexts(local_login_t)
+seutil_read_config(local_login_t)
+seutil_read_default_contexts(local_login_t)
 
 userdom_spec_domtrans_all_users(local_login_t)
 userdom_signal_all_users(local_login_t)
@@ -223,8 +223,8 @@ libs_use_shared_libs(sulogin_t)
 
 logging_send_syslog_msg(sulogin_t)
 
-selinux_read_config(sulogin_t)
-selinux_read_default_contexts(sulogin_t)
+seutil_read_config(sulogin_t)
+seutil_read_default_contexts(sulogin_t)
 
 auth_read_shadow(sulogin_t)
 
@@ -242,12 +242,12 @@ ifdef(`sulogin_no_pam', `
 	init_get_process_group(sulogin_t)
 ', `
 	allow sulogin_t self:process setexec;
-	kernel_get_selinuxfs_mount_point(sulogin_t)
-	kernel_validate_context(sulogin_t)
-	kernel_compute_access_vector(sulogin_t)
-	kernel_compute_create_context(sulogin_t)
-	kernel_compute_relabel_context(sulogin_t)
-	kernel_compute_reachable_user_contexts(sulogin_t)
+	selinux_get_fs_mount(sulogin_t)
+	selinux_validate_context(sulogin_t)
+	selinux_compute_access_vector(sulogin_t)
+	selinux_compute_create_context(sulogin_t)
+	selinux_compute_relabel_context(sulogin_t)
+	selinux_compute_user_contexts(sulogin_t)
 ')
 
 ifdef(`TODO',`
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 69f178f..b608f9d 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -86,7 +86,7 @@ ifdef(`targeted_policy', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(auditd_t)
+	seutil_newrole_sigchld(auditd_t)
 ')
 
 optional_policy(`udev.te', `
@@ -250,7 +250,7 @@ ifdef(`targeted_policy', `
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(syslogd_t)
+	seutil_newrole_sigchld(syslogd_t)
 ')
 
 optional_policy(`udev.te', `
diff --git a/refpolicy/policy/modules/system/lvm.te b/refpolicy/policy/modules/system/lvm.te
index 390a82e..b3517cb 100644
--- a/refpolicy/policy/modules/system/lvm.te
+++ b/refpolicy/policy/modules/system/lvm.te
@@ -69,12 +69,12 @@ type_transition lvm_t lvm_etc_t:file lvm_metadata_t;
 files_create_etc_config(lvm_t,lvm_metadata_t,file)
 
 kernel_read_system_state(lvm_t)
-kernel_get_selinuxfs_mount_point(lvm_t)
-kernel_validate_context(lvm_t)
-kernel_compute_access_vector(lvm_t)
-kernel_compute_create_context(lvm_t)
-kernel_compute_relabel_context(lvm_t)
-kernel_compute_reachable_user_contexts(lvm_t)
+selinux_get_fs_mount(lvm_t)
+selinux_validate_context(lvm_t)
+selinux_compute_access_vector(lvm_t)
+selinux_compute_create_context(lvm_t)
+selinux_compute_relabel_context(lvm_t)
+selinux_compute_user_contexts(lvm_t)
 kernel_read_kernel_sysctl(lvm_t)
 dev_read_sysfs(lvm_t)
 # Read /sys/block. Device mapper metadata is kept there.
@@ -132,9 +132,9 @@ logging_send_syslog_msg(lvm_t)
 
 miscfiles_read_localization(lvm_t)
 
-selinux_read_config(lvm_t)
-selinux_read_file_contexts(lvm_t)
-selinux_newrole_sigchld(lvm_t)
+seutil_read_config(lvm_t)
+seutil_read_file_contexts(lvm_t)
+seutil_newrole_sigchld(lvm_t)
 
 ifdef(`distro_redhat',`
 	# this is from the initrd:
diff --git a/refpolicy/policy/modules/system/selinuxutil.if b/refpolicy/policy/modules/system/selinuxutil.if
index 5a4a99f..c201b4f 100644
--- a/refpolicy/policy/modules/system/selinuxutil.if
+++ b/refpolicy/policy/modules/system/selinuxutil.if
@@ -2,7 +2,7 @@
 ## <summary>Policy for SELinux policy and userland applications.</summary>
 
 #######################################
-## <interface name="selinux_domtrans_checkpol">
+## <interface name="seutil_domtrans_checkpol">
 ##	<description>
 ##		Execute checkpolicy in the checkpolicy domain.
 ##	</description>
@@ -11,7 +11,7 @@
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_checkpol',`
+define(`seutil_domtrans_checkpol',`
 	gen_require(`$0'_depend)
 
 	allow $1 checkpolicy_exec_t:file rx_file_perms;
@@ -25,7 +25,7 @@ define(`selinux_domtrans_checkpol',`
 	allow checkpolicy_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_checkpol_depend',`
+define(`seutil_domtrans_checkpol_depend',`
 	type checkpolicy_t, checkpolicy_exec_t;
 
 	class file rx_file_perms
@@ -35,7 +35,7 @@ define(`selinux_domtrans_checkpol_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_checkpol">
+## <interface name="seutil_run_checkpol">
 ##	<description>
 ##		Execute checkpolicy in the checkpolicy domain, and
 ##		allow the specified role the checkpolicy domain,
@@ -53,15 +53,15 @@ define(`selinux_domtrans_checkpol_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_checkpol',`
+define(`seutil_run_checkpol',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_checkpol($1)
+	seutil_domtrans_checkpol($1)
 	role $2 types checkpolicy_t;
 	allow checkpolicy_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_checkpol_depend',`
+define(`seutil_run_checkpol_depend',`
 	type checkpolicy_t;
 
 	class chr_file { getattr read write ioctl };
@@ -69,22 +69,22 @@ define(`selinux_run_checkpol_depend',`
 
 #######################################
 #
-# selinux_exec_checkpol(domain)
+# seutil_exec_checkpol(domain)
 #
-define(`selinux_exec_checkpol',`
+define(`seutil_exec_checkpol',`
 	gen_require(`$0'_depend)
 
 	can_exec($1,checkpolicy_exec_t)
 ')
 
-define(`selinux_exec_checkpol_depend',`
+define(`seutil_exec_checkpol_depend',`
 	type checkpolicy_exec_t;
 
 	class file { rx_file_perms execute_no_trans };
 ')
 
 #######################################
-## <interface name="selinux_domtrans_loadpol">
+## <interface name="seutil_domtrans_loadpol">
 ##	<description>
 ##		Execute load_policy in the load_policy domain.
 ##	</description>
@@ -93,7 +93,7 @@ define(`selinux_exec_checkpol_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_loadpol',`
+define(`seutil_domtrans_loadpol',`
 	gen_require(`$0'_depend)
 
 	allow $1 load_policy_exec_t:file rx_file_perms;
@@ -107,7 +107,7 @@ define(`selinux_domtrans_loadpol',`
 	allow load_policy_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_loadpol_depend',`
+define(`seutil_domtrans_loadpol_depend',`
 	type load_policy_t, load_policy_exec_t;
 
 	class file rx_file_perms;
@@ -117,7 +117,7 @@ define(`selinux_domtrans_loadpol_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_loadpol">
+## <interface name="seutil_run_loadpol">
 ##	<description>
 ##		Execute load_policy in the load_policy domain, and
 ##		allow the specified role the load_policy domain,
@@ -135,15 +135,15 @@ define(`selinux_domtrans_loadpol_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_loadpol',`
+define(`seutil_run_loadpol',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_loadpol($1)
+	seutil_domtrans_loadpol($1)
 	role $2 types load_policy_t;
 	allow load_policy_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_loadpol_depend',`
+define(`seutil_run_loadpol_depend',`
 	type load_policy_t;
 
 	class chr_file { getattr read write ioctl };
@@ -151,15 +151,15 @@ define(`selinux_run_loadpol_depend',`
 
 #######################################
 #
-# selinux_exec_loadpol(domain)
+# seutil_exec_loadpol(domain)
 #
-define(`selinux_exec_loadpol',`
+define(`seutil_exec_loadpol',`
 	gen_require(`$0'_depend)
 
 	can_exec($1,load_policy_exec_t)
 ')
 
-define(`selinux_exec_loadpol_depend',`
+define(`seutil_exec_loadpol_depend',`
 	type load_policy_exec_t;
 
 	class file { rx_file_perms execute_no_trans };
@@ -167,22 +167,22 @@ define(`selinux_exec_loadpol_depend',`
 
 #######################################
 #
-# selinux_read_loadpol(domain)
+# seutil_read_loadpol(domain)
 #
-define(`selinux_read_loadpol',`
+define(`seutil_read_loadpol',`
 	gen_require(`$0'_depend)
 
 	allow $1 load_policy_exec_t:file r_file_perms;
 ')
 
-define(`selinux_read_loadpol_depend',`
+define(`seutil_read_loadpol_depend',`
 	type load_policy_exec_t;
 
 	class file r_file_perms
 ')
 
 #######################################
-## <interface name="selinux_domtrans_newrole">
+## <interface name="seutil_domtrans_newrole">
 ##	<description>
 ##		Execute newrole in the load_policy domain.
 ##	</description>
@@ -191,7 +191,7 @@ define(`selinux_read_loadpol_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_newrole',`
+define(`seutil_domtrans_newrole',`
 	gen_require(`$0'_depend)
 
 	allow $1 newrole_exec_t:file rx_file_perms;
@@ -205,7 +205,7 @@ define(`selinux_domtrans_newrole',`
 	allow newrole_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_newrole_depend',`
+define(`seutil_domtrans_newrole_depend',`
 	type newrole_t, newrole_exec_t;
 
 	class file rx_file_perms;
@@ -215,7 +215,7 @@ define(`selinux_domtrans_newrole_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_newrole">
+## <interface name="seutil_run_newrole">
 ##	<description>
 ##		Execute newrole in the newrole domain, and
 ##		allow the specified role the newrole domain,
@@ -232,15 +232,15 @@ define(`selinux_domtrans_newrole_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_newrole',`
+define(`seutil_run_newrole',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_newrole($1)
+	seutil_domtrans_newrole($1)
 	role $2 types newrole_t;
 	allow newrole_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_newrole_depend',`
+define(`seutil_run_newrole_depend',`
 	type newrole_t;
 
 	class chr_file { getattr read write ioctl };
@@ -248,22 +248,22 @@ define(`selinux_run_newrole_depend',`
 
 #######################################
 #
-# selinux_exec_newrole(domain)
+# seutil_exec_newrole(domain)
 #
-define(`selinux_exec_newrole',`
+define(`seutil_exec_newrole',`
 	gen_require(`$0'_depend)
 
 	can_exec($1,newrole_exec_t)
 ')
 
-define(`selinux_exec_newrole_depend',`
+define(`seutil_exec_newrole_depend',`
 	type newrole_t, newrole_exec_t;
 
 	class file { rx_file_perms execute_no_trans };
 ')
 
 ########################################
-## <interface name="selinux_dontaudit_newrole_signal">
+## <interface name="seutil_dontaudit_newrole_signal">
 ##	<description>
 ##		Do not audit the caller attempts to send
 ##		a signal to newrole.
@@ -273,13 +273,13 @@ define(`selinux_exec_newrole_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_dontaudit_newrole_signal',`
+define(`seutil_dontaudit_newrole_signal',`
 	gen_require(`$0'_depend)
 
 	dontaudit $1 newrole_t:process signal;
 ')
 
-define(`selinux_dontaudit_newrole_signal_depend',`
+define(`seutil_dontaudit_newrole_signal_depend',`
 	type newrole_t;
 
 	class process signal;
@@ -287,15 +287,15 @@ define(`selinux_dontaudit_newrole_signal_depend',`
 
 #######################################
 #
-# selinux_newrole_sigchld(domain)
+# seutil_newrole_sigchld(domain)
 #
-define(`selinux_newrole_sigchld',`
+define(`seutil_newrole_sigchld',`
 	gen_require(`$0'_depend)
 
 	allow $1 newrole_t:process sigchld;
 ')
 
-define(`selinux_newrole_sigchld_depend',`
+define(`seutil_newrole_sigchld_depend',`
 	type newrole_t;
 
 	class process sigchld;
@@ -303,22 +303,22 @@ define(`selinux_newrole_sigchld_depend',`
 
 #######################################
 #
-# selinux_use_newrole_fd(domain)
+# seutil_use_newrole_fd(domain)
 #
-define(`selinux_use_newrole_fd',`
+define(`seutil_use_newrole_fd',`
 	gen_require(`$0'_depend)
 
 	allow $1 newrole_t:fd use;
 ')
 
-define(`selinux_use_newrole_fd_depend',`
+define(`seutil_use_newrole_fd_depend',`
 	type newrole_t;
 
 	class fd use;
 ')
 
 #######################################
-## <interface name="selinux_domtrans_restorecon">
+## <interface name="seutil_domtrans_restorecon">
 ##	<description>
 ##		Execute restorecon in the restorecon domain.
 ##	</description>
@@ -327,7 +327,7 @@ define(`selinux_use_newrole_fd_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_restorecon',`
+define(`seutil_domtrans_restorecon',`
 	gen_require(`$0'_depend)
 
 	allow $1 restorecon_exec_t:file rx_file_perms;
@@ -341,7 +341,7 @@ define(`selinux_domtrans_restorecon',`
 	allow restorecon_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_restorecon_depend',`
+define(`seutil_domtrans_restorecon_depend',`
 	type restorecon_t, restorecon_exec_t;
 
 	class file rx_file_perms;
@@ -351,7 +351,7 @@ define(`selinux_domtrans_restorecon_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_restorecon">
+## <interface name="seutil_run_restorecon">
 ##	<description>
 ##		Execute restorecon in the restorecon domain, and
 ##		allow the specified role the restorecon domain,
@@ -368,15 +368,15 @@ define(`selinux_domtrans_restorecon_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_restorecon',`
+define(`seutil_run_restorecon',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_restorecon($1)
+	seutil_domtrans_restorecon($1)
 	role $2 types restorecon_t;
 	allow restorecon_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_restorecon_depend',`
+define(`seutil_run_restorecon_depend',`
 	type restorecon_t;
 
 	class chr_file { getattr read write ioctl };
@@ -384,21 +384,21 @@ define(`selinux_run_restorecon_depend',`
 
 #######################################
 #
-# selinux_exec_restorecon(domain)
+# seutil_exec_restorecon(domain)
 #
-define(`selinux_exec_restorecon',`
+define(`seutil_exec_restorecon',`
 gen_require(`$0'_depend)
 	can_exec($1,restorecon_exec_t)
 ')
 
-define(`selinux_exec_restorecon_depend',`
+define(`seutil_exec_restorecon_depend',`
 	type restorecon_t, restorecon_exec_t;
 
 	class file { rx_file_perms execute_no_trans };
 ')
 
 ########################################
-## <interface name="selinux_domtrans_runinit">
+## <interface name="seutil_domtrans_runinit">
 ##	<description>
 ##		Execute run_init in the run_init domain.
 ##	</description>
@@ -407,7 +407,7 @@ define(`selinux_exec_restorecon_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_runinit',`
+define(`seutil_domtrans_runinit',`
 	gen_require(`$0'_depend)
 
 	allow $1 run_init_exec_t:file rx_file_perms;
@@ -421,7 +421,7 @@ define(`selinux_domtrans_runinit',`
 	allow run_init_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_runinit_depend',`
+define(`seutil_domtrans_runinit_depend',`
 	type run_init_t, run_init_exec_t;
 
 	class file rx_file_perms;
@@ -431,7 +431,7 @@ define(`selinux_domtrans_runinit_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_runinit">
+## <interface name="seutil_run_runinit">
 ##	<description>
 ##		Execute run_init in the run_init domain, and
 ##		allow the specified role the run_init domain,
@@ -448,15 +448,15 @@ define(`selinux_domtrans_runinit_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_runinit',`
+define(`seutil_run_runinit',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_runinit($1)
+	seutil_domtrans_runinit($1)
 	role $2 types run_init_t;
 	allow run_init_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_runinit_depend',`
+define(`seutil_run_runinit_depend',`
 	type run_init_t;
 
 	class chr_file { getattr read write ioctl };
@@ -464,22 +464,22 @@ define(`selinux_run_runinit_depend',`
 
 ########################################
 #
-# selinux_use_runinit_fd(domain)
+# seutil_use_runinit_fd(domain)
 #
-define(`selinux_use_runinit_fd',`
+define(`seutil_use_runinit_fd',`
 	gen_require(`$0'_depend)
 
 	allow $1 run_init_t:fd use;
 ')
 
-define(`selinux_use_runinit_fd_depend',`
+define(`seutil_use_runinit_fd_depend',`
 	type run_init_t;
 
 	class fd use;
 ')
 
 ########################################
-## <interface name="selinux_domtrans_setfiles">
+## <interface name="seutil_domtrans_setfiles">
 ##	<description>
 ##		Execute setfiles in the setfiles domain.
 ##	</description>
@@ -488,7 +488,7 @@ define(`selinux_use_runinit_fd_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_domtrans_setfiles',`
+define(`seutil_domtrans_setfiles',`
 	gen_require(`$0'_depend)
 
 	allow $1 setfiles_exec_t:file rx_file_perms;
@@ -502,7 +502,7 @@ define(`selinux_domtrans_setfiles',`
 	allow setfiles_t $1:process sigchld;
 ')
 
-define(`selinux_domtrans_setfiles_depend',`
+define(`seutil_domtrans_setfiles_depend',`
 	type setfiles_t, setfiles_exec_t;
 
 	class file rx_file_perms;
@@ -512,7 +512,7 @@ define(`selinux_domtrans_setfiles_depend',`
 ')
 
 ########################################
-## <interface name="selinux_run_setfiles">
+## <interface name="seutil_run_setfiles">
 ##	<description>
 ##		Execute setfiles in the setfiles domain, and
 ##		allow the specified role the setfiles domain,
@@ -529,15 +529,15 @@ define(`selinux_domtrans_setfiles_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_run_setfiles',`
+define(`seutil_run_setfiles',`
 	gen_require(`$0'_depend)
 
-	selinux_domtrans_setfiles($1)
+	seutil_domtrans_setfiles($1)
 	role $2 types setfiles_t;
 	allow setfiles_t $3:chr_file { getattr read write ioctl };
 ')
 
-define(`selinux_run_setfiles_depend',`
+define(`seutil_run_setfiles_depend',`
 	type setfiles_t;
 
 	class chr_file { getattr read write ioctl };
@@ -545,15 +545,15 @@ define(`selinux_run_setfiles_depend',`
 
 #######################################
 #
-# selinux_exec_setfiles(domain)
+# seutil_exec_setfiles(domain)
 #
-define(`selinux_exec_setfiles',`
+define(`seutil_exec_setfiles',`
 	gen_require(`$0'_depend)
 
 	can_exec($1,setfiles_exec_t)
 ')
 
-define(`selinux_exec_setfiles_depend',`
+define(`seutil_exec_setfiles_depend',`
 	type setfiles_exec_t;
 
 	class file { rx_file_perms execute_no_trans };
@@ -561,16 +561,16 @@ define(`selinux_exec_setfiles_depend',`
 
 ########################################
 #
-# selinux_read_config(domain)
+# seutil_read_config(domain)
 #
-define(`selinux_read_config',`
+define(`seutil_read_config',`
 	gen_require(`$0'_depend)
 
 	allow $1 selinux_config_t:dir r_dir_perms;
 	allow $1 selinux_config_t:file r_file_perms;
 ')
 
-define(`selinux_read_config_depend',`
+define(`seutil_read_config_depend',`
 	type selinux_config_t;
 
 	class dir r_dir_perms;
@@ -579,9 +579,9 @@ define(`selinux_read_config_depend',`
 
 ########################################
 #
-# selinux_read_default_contexts(domain)
+# seutil_read_default_contexts(domain)
 #
-define(`selinux_read_default_contexts',`
+define(`seutil_read_default_contexts',`
 	gen_require(`$0'_depend)
 
 	allow $1 selinux_config_t:dir search;
@@ -589,7 +589,7 @@ define(`selinux_read_default_contexts',`
 	allow $1 default_context_t:file r_file_perms;
 ')
 
-define(`selinux_read_default_contexts_depend',`
+define(`seutil_read_default_contexts_depend',`
 	type selinux_config_t, default_context_t;
 
 	class dir r_dir_perms;
@@ -598,9 +598,9 @@ define(`selinux_read_default_contexts_depend',`
 
 ########################################
 #
-# selinux_read_file_contexts(domain)
+# seutil_read_file_contexts(domain)
 #
-define(`selinux_read_file_contexts',`
+define(`seutil_read_file_contexts',`
 	gen_require(`$0'_depend)
 
 	allow $1 selinux_config_t:dir search;
@@ -608,7 +608,7 @@ define(`selinux_read_file_contexts',`
 	allow $1 file_context_t:file r_file_perms;
 ')
 
-define(`selinux_read_file_contexts_depend',`
+define(`seutil_read_file_contexts_depend',`
 	type selinux_config_t, file_context_t;
 
 	class dir r_dir_perms;
@@ -617,16 +617,16 @@ define(`selinux_read_file_contexts_depend',`
 
 ########################################
 #
-# selinux_read_binary_pol(domain)
+# seutil_read_binary_pol(domain)
 #
-define(`selinux_read_binary_pol',`
+define(`seutil_read_binary_pol',`
 	gen_require(`$0'_depend)
 
 	allow $1 policy_config_t:dir r_dir_perms;
 	allow $1 policy_config_t:file r_file_perms;
 ')
 
-define(`selinux_read_binary_pol_depend',`
+define(`seutil_read_binary_pol_depend',`
 	type policy_config_t;
 
 	class dir r_dir_perms;
@@ -635,9 +635,9 @@ define(`selinux_read_binary_pol_depend',`
 
 ########################################
 #
-# selinux_write_binary_pol(domain)
+# seutil_write_binary_pol(domain)
 #
-define(`selinux_write_binary_pol',`
+define(`seutil_write_binary_pol',`
 	gen_require(`$0'_depend)
 
 	allow $1 policy_config_t:dir rw_dir_perms;
@@ -645,7 +645,7 @@ define(`selinux_write_binary_pol',`
 	typeattribute $1 can_write_binary_policy;
 ')
 
-define(`selinux_write_binary_pol_depend',`
+define(`seutil_write_binary_pol_depend',`
 	attribute can_write_binary_policy;
 
 	type policy_config_t;
@@ -655,7 +655,7 @@ define(`selinux_write_binary_pol_depend',`
 ')
 
 ########################################
-## <interface name="selinux_relabelto_binary_pol">
+## <interface name="seutil_relabelto_binary_pol">
 ##	<description>
 ##		Allow the caller to relabel a file to the binary policy type.
 ##	</description>
@@ -664,14 +664,14 @@ define(`selinux_write_binary_pol_depend',`
 ##	</parameter>
 ## </interface>
 #
-define(`selinux_relabelto_binary_pol',`
+define(`seutil_relabelto_binary_pol',`
 	gen_require(`$0'_depend)
 
 	allow $1 policy_config_t:file relabelto;
 	typeattribute $1 can_relabelto_binary_policy;
 ')
 
-define(`selinux_relabelto_binary_pol_depend',`
+define(`seutil_relabelto_binary_pol_depend',`
 	attribute can_relabelto_binary_policy;
 
 	type policy_config_t;
@@ -681,9 +681,9 @@ define(`selinux_relabelto_binary_pol_depend',`
 
 ########################################
 #
-# selinux_manage_binary_pol(domain)
+# seutil_manage_binary_pol(domain)
 #
-define(`selinux_manage_binary_pol',`
+define(`seutil_manage_binary_pol',`
 	gen_require(`$0'_depend)
 
 	# FIXME: search etc_t:dir
@@ -693,7 +693,7 @@ define(`selinux_manage_binary_pol',`
 	typeattribute $1 can_write_binary_policy;
 ')
 
-define(`selinux_manage_binary_pol_depend',`
+define(`seutil_manage_binary_pol_depend',`
 	attribute can_write_binary_policy;
 
 	type selinux_config_t, policy_config_t;
@@ -703,9 +703,9 @@ define(`selinux_manage_binary_pol_depend',`
 
 ########################################
 #
-# selinux_read_src_pol(domain)
+# seutil_read_src_pol(domain)
 #
-define(`selinux_read_src_pol',`
+define(`seutil_read_src_pol',`
 	gen_require(`$0'_depend)
 
 	# FIXME: search etc_t:dir
@@ -714,7 +714,7 @@ define(`selinux_read_src_pol',`
 	allow $1 policy_src_t:file r_file_perms;
 ')
 
-define(`selinux_read_src_pol_depend',`
+define(`seutil_read_src_pol_depend',`
 	type selinux_config_t, policy_src_t;
 
 	class dir r_dir_perms;
@@ -723,9 +723,9 @@ define(`selinux_read_src_pol_depend',`
 
 ########################################
 #
-# selinux_manage_src_pol(domain)
+# seutil_manage_src_pol(domain)
 #
-define(`selinux_manage_src_pol',`
+define(`seutil_manage_src_pol',`
 	gen_require(`$0'_depend)
 
 	# FIXME: search etc_t:dir
@@ -734,7 +734,7 @@ define(`selinux_manage_src_pol',`
 	allow $1 policy_src_t:file create_file_perms;
 ')
 
-define(`selinux_manage_src_pol_depend',`
+define(`seutil_manage_src_pol_depend',`
 	type selinux_config_t, policy_src_t;
 
 	class dir create_dir_perms;
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index 81aea9a..28a6751 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -149,9 +149,9 @@ allow load_policy_t selinux_config_t:dir r_dir_perms;
 allow load_policy_t selinux_config_t:file r_file_perms;
 allow load_policy_t selinux_config_t:lnk_file r_file_perms;
 
-kernel_get_selinuxfs_mount_point(load_policy_t)
-kernel_load_policy(load_policy_t)
-kernel_set_boolean(load_policy_t)
+selinux_get_fs_mount(load_policy_t)
+selinux_load_policy(load_policy_t)
+selinux_set_boolean(load_policy_t)
 
 fs_getattr_xattr_fs(load_policy_t)
 
@@ -196,12 +196,12 @@ allow newrole_t { selinux_config_t default_context_t }:lnk_file r_file_perms;
 
 kernel_read_system_state(newrole_t)
 kernel_read_kernel_sysctl(newrole_t)
-kernel_get_selinuxfs_mount_point(newrole_t)
-kernel_validate_context(newrole_t)
-kernel_compute_access_vector(newrole_t)
-kernel_compute_create_context(newrole_t)
-kernel_compute_relabel_context(newrole_t)
-kernel_compute_reachable_user_contexts(newrole_t)
+selinux_get_fs_mount(newrole_t)
+selinux_validate_context(newrole_t)
+selinux_compute_access_vector(newrole_t)
+selinux_compute_create_context(newrole_t)
+selinux_compute_relabel_context(newrole_t)
+selinux_compute_user_contexts(newrole_t)
 
 dev_read_urand(newrole_t)
 
@@ -280,12 +280,12 @@ allow restorecon_t { policy_src_t policy_config_t file_context_t selinux_config_
 
 kernel_use_fd(restorecon_t)
 kernel_read_system_state(restorecon_t)
-kernel_get_selinuxfs_mount_point(restorecon_t)
-kernel_validate_context(restorecon_t)
-kernel_compute_access_vector(restorecon_t)
-kernel_compute_create_context(restorecon_t)
-kernel_compute_relabel_context(restorecon_t)
-kernel_compute_reachable_user_contexts(restorecon_t)
+selinux_get_fs_mount(restorecon_t)
+selinux_validate_context(restorecon_t)
+selinux_compute_access_vector(restorecon_t)
+selinux_compute_create_context(restorecon_t)
+selinux_compute_relabel_context(restorecon_t)
+selinux_compute_user_contexts(restorecon_t)
 
 fs_getattr_xattr_fs(restorecon_t)
 
@@ -343,12 +343,12 @@ allow restorecon_t kernel_t:fifo_file { read write };
 # Run_init local policy
 #
 
-kernel_get_selinuxfs_mount_point(run_init_t)
-kernel_validate_context(run_init_t)
-kernel_compute_access_vector(run_init_t)
-kernel_compute_create_context(run_init_t)
-kernel_compute_relabel_context(run_init_t)
-kernel_compute_reachable_user_contexts(run_init_t)
+selinux_get_fs_mount(run_init_t)
+selinux_validate_context(run_init_t)
+selinux_compute_access_vector(run_init_t)
+selinux_compute_create_context(run_init_t)
+selinux_compute_relabel_context(run_init_t)
+selinux_compute_user_contexts(run_init_t)
 
 ifdef(`targeted_policy',`',`
 	allow run_init_t self:process setexec;
@@ -385,8 +385,8 @@ ifdef(`targeted_policy',`',`
 	libs_use_ld_so(run_init_t)
 	libs_use_shared_libs(run_init_t)
 
-	selinux_read_config(run_init_t)
-	selinux_read_default_contexts(run_init_t)
+	seutil_read_config(run_init_t)
+	seutil_read_default_contexts(run_init_t)
 
 	miscfiles_read_localization(run_init_t)
 
@@ -414,12 +414,12 @@ allow setfiles_t { policy_src_t policy_config_t file_context_t selinux_config_t 
 allow setfiles_t { policy_src_t policy_config_t file_context_t selinux_config_t default_context_t }:lnk_file r_file_perms;
 
 kernel_read_system_state(setfiles_t)
-kernel_get_selinuxfs_mount_point(setfiles_t)
-kernel_validate_context(setfiles_t)
-kernel_compute_access_vector(setfiles_t)
-kernel_compute_create_context(setfiles_t)
-kernel_compute_relabel_context(setfiles_t)
-kernel_compute_reachable_user_contexts(setfiles_t)
+selinux_get_fs_mount(setfiles_t)
+selinux_validate_context(setfiles_t)
+selinux_compute_access_vector(setfiles_t)
+selinux_compute_create_context(setfiles_t)
+selinux_compute_relabel_context(setfiles_t)
+selinux_compute_user_contexts(setfiles_t)
 
 fs_getattr_xattr_fs(setfiles_t)
 
diff --git a/refpolicy/policy/modules/system/sysnetwork.te b/refpolicy/policy/modules/system/sysnetwork.te
index 1237c5c..0faca2c 100644
--- a/refpolicy/policy/modules/system/sysnetwork.te
+++ b/refpolicy/policy/modules/system/sysnetwork.te
@@ -157,7 +157,7 @@ optional_policy(`nscd.te',`
 ')
 
 optional_policy(`selinux.te',`
-	selinux_newrole_sigchld(dhcpc_t)
+	seutil_newrole_sigchld(dhcpc_t)
 ')
 
 optional_policy(`udev.te',`
@@ -285,7 +285,7 @@ logging_send_syslog_msg(ifconfig_t)
 
 miscfiles_read_localization(ifconfig_t)
 
-selinux_use_runinit_fd(ifconfig_t)
+seutil_use_runinit_fd(ifconfig_t)
 
 userdom_use_all_user_fd(ifconfig_t)
 
diff --git a/refpolicy/policy/modules/system/udev.te b/refpolicy/policy/modules/system/udev.te
index bfeb6f6..c4cc2d9 100644
--- a/refpolicy/policy/modules/system/udev.te
+++ b/refpolicy/policy/modules/system/udev.te
@@ -71,12 +71,12 @@ kernel_read_hotplug_sysctl(udev_t)
 kernel_read_modprobe_sysctl(udev_t)
 kernel_read_kernel_sysctl(udev_t)
 dev_read_sysfs(udev_t)
-kernel_get_selinuxfs_mount_point(udev_t)
-kernel_validate_context(udev_t)
-kernel_compute_access_vector(udev_t)
-kernel_compute_create_context(udev_t)
-kernel_compute_relabel_context(udev_t)
-kernel_compute_reachable_user_contexts(udev_t)
+selinux_get_fs_mount(udev_t)
+selinux_validate_context(udev_t)
+selinux_compute_access_vector(udev_t)
+selinux_compute_create_context(udev_t)
+selinux_compute_relabel_context(udev_t)
+selinux_compute_user_contexts(udev_t)
 
 dev_manage_dev_nodes(udev_t)
 
@@ -107,10 +107,10 @@ miscfiles_read_localization(udev_t)
 
 modutils_domtrans_insmod(udev_t)
 
-selinux_read_config(udev_t)
-selinux_read_default_contexts(udev_t)
-selinux_read_file_contexts(udev_t)
-selinux_domtrans_restorecon(udev_t)
+seutil_read_config(udev_t)
+seutil_read_default_contexts(udev_t)
+seutil_read_file_contexts(udev_t)
+seutil_domtrans_restorecon(udev_t)
 
 sysnet_domtrans_ifconfig(udev_t)
 
diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index b626591..db11429 100644
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -102,7 +102,7 @@ define(`base_user_domain',`
 	per_userdomain_templates($1)
 
 	kernel_read_kernel_sysctl($1_t)
-	kernel_get_selinuxfs_mount_point($1_t)
+	selinux_get_fs_mount($1_t)
 	# Very permissive allowing every domain to see every type:
 	kernel_get_sysvipc_info($1_t)
 	# Find CDROM devices:
@@ -170,7 +170,7 @@ define(`base_user_domain',`
 	miscfiles_read_localization($1_t)
 	miscfiles_rw_man_cache($1_t)
 
-	selinux_run_newrole($1_t,$1_r,{ $1_devpts_t $1_tty_device_t })
+	seutil_run_newrole($1_t,$1_r,{ $1_devpts_t $1_tty_device_t })
 
 	mta_rw_spool($1_t)
 
@@ -475,10 +475,10 @@ define(`user_domain_template', `
 
 	miscfiles_read_man_pages($1_t)
 
-	selinux_read_config($1_t)
+	seutil_read_config($1_t)
 	# Allow users to execute checkpolicy without a domain transition
 	# so it can be used without privilege to write real binary policy file
-	selinux_exec_checkpol($1_t)
+	seutil_exec_checkpol($1_t)
 
 	tunable_policy(`user_dmesg',`
 		kernel_read_ring_buffer($1_t)
@@ -500,7 +500,7 @@ define(`user_domain_template', `
 
 	optional_policy(`selinux.te',`
 		# for when the network connection is killed
-		selinux_dontaudit_newrole_signal($1_t)
+		seutil_dontaudit_newrole_signal($1_t)
 	')
 
 	# Need the following rule to allow users to run vpnc
@@ -664,16 +664,16 @@ define(`admin_domain_template',`
 	kernel_read_ring_buffer($1_t)
 	kernel_get_sysvipc_info($1_t)
 	kernel_rw_all_sysctl($1_t)
-	kernel_set_enforcement_mode($1_t)
-	kernel_set_boolean($1_t)
-	kernel_set_security_parameters($1_t)
+	selinux_set_enforce_mode($1_t)
+	selinux_set_boolean($1_t)
+	selinux_set_parameters($1_t)
 	# Get security policy decisions:
-	kernel_get_selinuxfs_mount_point($1_t)
-	kernel_validate_context($1_t)
-	kernel_compute_access_vector($1_t)
-	kernel_compute_create_context($1_t)
-	kernel_compute_relabel_context($1_t)
-	kernel_compute_reachable_user_contexts($1_t)
+	selinux_get_fs_mount($1_t)
+	selinux_validate_context($1_t)
+	selinux_compute_access_vector($1_t)
+	selinux_compute_create_context($1_t)
+	selinux_compute_relabel_context($1_t)
+	selinux_compute_user_contexts($1_t)
 	# signal unlabeled processes:
 	kernel_kill_unlabeled($1_t)
 	kernel_signal_unlabeled($1_t)
@@ -722,14 +722,14 @@ define(`admin_domain_template',`
 
 	modutils_domtrans_insmod($1_t)
 
-	selinux_read_config($1_t)
+	seutil_read_config($1_t)
 	# The following rule is temporary until such time that a complete
 	# policy management infrastructure is in place so that an administrator
 	# cannot directly manipulate policy files with arbitrary programs.
-	selinux_manage_src_pol($1_t)
+	seutil_manage_src_pol($1_t)
 	# Violates the goal of limiting write access to checkpolicy.
 	# But presently necessary for installing the file_contexts file.
-	selinux_manage_binary_pol($1_t)
+	seutil_manage_binary_pol($1_t)
 
 	optional_policy(`cron.te',`
 		cron_admin_template($1)
diff --git a/refpolicy/policy/modules/system/userdomain.te b/refpolicy/policy/modules/system/userdomain.te
index 751d6e9..422261e 100644
--- a/refpolicy/policy/modules/system/userdomain.te
+++ b/refpolicy/policy/modules/system/userdomain.te
@@ -112,12 +112,12 @@ optional_policy(`rpm.te',`
 ')
 
 optional_policy(`selinux.te',`
-	selinux_run_checkpol(sysadm_t,sysadm_r,admin_terminal)
-	selinux_run_loadpol(sysadm_t,sysadm_r,admin_terminal)
-	selinux_run_restorecon(sysadm_t,sysadm_r,admin_terminal)
-	selinux_run_setfiles(sysadm_t,sysadm_r,admin_terminal)
+	seutil_run_checkpol(sysadm_t,sysadm_r,admin_terminal)
+	seutil_run_loadpol(sysadm_t,sysadm_r,admin_terminal)
+	seutil_run_restorecon(sysadm_t,sysadm_r,admin_terminal)
+	seutil_run_setfiles(sysadm_t,sysadm_r,admin_terminal)
 	optional_policy(`targeted_policy',`',`
-		selinux_run_runinit(sysadm_t,sysadm_r,admin_terminal)
+		seutil_run_runinit(sysadm_t,sysadm_r,admin_terminal)
 	')
 ')