Lines Matching full:rule

32 	struct setid_rule *rule)  in parse_policy_line()  argument
53 if (rule->type == UID){ in parse_policy_line()
54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
56 if (!uid_valid(rule->src_id.uid) || !uid_valid(rule->dst_id.uid)) in parse_policy_line()
58 } else if (rule->type == GID){ in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
61 if (!gid_valid(rule->src_id.gid) || !gid_valid(rule->dst_id.gid)) in parse_policy_line()
64 /* Error, rule->type is an invalid type */ in parse_policy_line()
75 struct setid_rule *rule; in __release_ruleset() local
78 hash_for_each_safe(pol->rules, bucket, tmp, rule, next) in __release_ruleset()
79 kfree(rule); in __release_ruleset()
88 static void insert_rule(struct setid_ruleset *pol, struct setid_rule *rule) in insert_rule() argument
91 hash_add(pol->rules, &rule->next, __kuid_val(rule->src_id.uid)); in insert_rule()
93 hash_add(pol->rules, &rule->next, __kgid_val(rule->src_id.gid)); in insert_rule()
101 struct setid_rule *rule, *nrule; in verify_ruleset() local
104 hash_for_each(pol->rules, bucket, rule, next) { in verify_ruleset()
105 if (_setid_policy_lookup(pol, rule->dst_id, INVALID_ID) == SIDPOL_DEFAULT) { in verify_ruleset()
108 __kuid_val(rule->src_id.uid), in verify_ruleset()
109 __kuid_val(rule->dst_id.uid)); in verify_ruleset()
112 __kgid_val(rule->src_id.gid), in verify_ruleset()
113 __kgid_val(rule->dst_id.gid)); in verify_ruleset()
125 nrule->src_id.uid = rule->dst_id.uid; in verify_ruleset()
126 nrule->dst_id.uid = rule->dst_id.uid; in verify_ruleset()
129 nrule->src_id.gid = rule->dst_id.gid; in verify_ruleset()
130 nrule->dst_id.gid = rule->dst_id.gid; in verify_ruleset()
166 struct setid_rule *rule; in handle_policy_update() local
175 rule = kmalloc(sizeof(struct setid_rule), GFP_KERNEL); in handle_policy_update()
176 if (!rule) { in handle_policy_update()
181 rule->type = policy_type; in handle_policy_update()
182 err = parse_policy_line(file, p, rule); in handle_policy_update()
186 if (_setid_policy_lookup(pol, rule->src_id, rule->dst_id) == SIDPOL_ALLOWED) { in handle_policy_update()
192 insert_rule(pol, rule); in handle_policy_update()
197 kfree(rule); in handle_policy_update()