Lines Matching refs:rules
167 struct rules { struct
316 toast_rules(struct rules *const rules) in toast_rules() argument
318 struct rulehead *const head = &rules->head; in toast_rules()
326 free(rules, M_DO); in toast_rules()
329 static struct rules *
332 struct rules *const rules = malloc(sizeof(*rules), M_DO, M_WAITOK); in alloc_rules() local
335 rules->string[0] = 0; in alloc_rules()
336 STAILQ_INIT(&rules->head); in alloc_rules()
337 rules->use_count = 0; in alloc_rules()
338 return (rules); in alloc_rules()
861 parse_single_rule(char *rule, struct rules *const rules, in parse_single_rule() argument
968 STAILQ_INSERT_TAIL(&rules->head, new, r_entries); in parse_single_rule()
1010 parse_rules(const char *const string, struct rules **const rulesp, in parse_rules()
1015 struct rules *rules; in parse_rules() local
1027 rules = alloc_rules(); in parse_rules()
1028 bcopy(string, rules->string, len + 1); in parse_rules()
1029 MPASS(rules->string[len] == '\0'); /* Catch some races. */ in parse_rules()
1039 error = parse_single_rule(rule, rules, parse_error); in parse_rules()
1042 toast_rules(rules); in parse_rules()
1047 *rulesp = rules; in parse_rules()
1061 static struct rules *
1065 struct rules *rules; in find_rules() local
1070 rules = osd_jail_get(cpr, osd_jail_slot); in find_rules()
1071 if (rules != NULL) in find_rules()
1081 return (rules); in find_rules()
1085 hold_rules(struct rules *const rules) in hold_rules() argument
1087 refcount_acquire(&rules->use_count); in hold_rules()
1091 drop_rules(struct rules *const rules) in drop_rules() argument
1093 if (refcount_release(&rules->use_count)) in drop_rules()
1094 toast_rules(rules); in drop_rules()
1099 check_rules_use_count(const struct rules *const rules, u_int expected) in check_rules_use_count() argument
1101 const u_int use_count = refcount_load(&rules->use_count); in check_rules_use_count()
1105 rules, use_count, expected); in check_rules_use_count()
1120 struct rules *const rules = value; in dealloc_jail_osd() local
1136 check_rules_use_count(rules, 1); in dealloc_jail_osd()
1137 toast_rules(rules); in dealloc_jail_osd()
1151 struct rules *old_rules; in remove_rules()
1179 set_rules(struct prison *const pr, struct rules *const rules) in set_rules() argument
1181 struct rules *old_rules; in set_rules()
1184 check_rules_use_count(rules, 0); in set_rules()
1185 hold_rules(rules); in set_rules()
1190 osd_jail_set_reserved(pr, osd_jail_slot, rsv, rules); in set_rules()
1202 struct rules *const rules = alloc_rules(); in set_empty_rules() local
1204 set_rules(pr, rules); in set_empty_rules()
1216 struct rules *rules; in parse_and_set_rules() local
1219 error = parse_rules(rules_string, &rules, parse_error); in parse_and_set_rules()
1222 set_rules(pr, rules); in parse_and_set_rules()
1232 struct rules *rules; in mac_do_sysctl_rules() local
1236 rules = find_rules(td_pr, &pr); in mac_do_sysctl_rules()
1237 strlcpy(buf, rules->string, MAC_RULE_STRING_LEN); in mac_do_sysctl_rules()
1257 SYSCTL_PROC(_security_mac_do, OID_AUTO, rules,
1264 SYSCTL_JAIL_PARAM_STRING(_mac_do, rules, CTLFLAG_RW, MAC_RULE_STRING_LEN,
1282 struct rules *rules; in mac_do_jail_get() local
1285 rules = find_rules(pr, &ppr); in mac_do_jail_get()
1288 (STAILQ_EMPTY(&rules->head) ? JAIL_SYS_DISABLE : JAIL_SYS_NEW) : in mac_do_jail_get()
1294 error = vfs_setopts(opts, "mac.do.rules", rules->string); in mac_do_jail_get()
1495 struct rules *rules; member
1538 drop_rules(hdr->rules); in clear_data()
1560 struct rules *const rules) in set_data_header() argument
1569 hdr->rules = rules; in set_data_header()
1935 const struct rules *rules; in mac_do_priv_grant() local
1952 rules = data->hdr.rules; in mac_do_priv_grant()
1976 STAILQ_FOREACH(rule, &rules->head, r_entries) in mac_do_priv_grant()
2016 struct rules *rules; in mac_do_setcred_enter() local
2040 rules = find_rules(curproc->p_ucred->cr_prison, &pr); in mac_do_setcred_enter()
2041 hold_rules(rules); in mac_do_setcred_enter()
2050 set_data_header(data, sizeof(*data), PRIV_CRED_SETCRED, rules); in mac_do_setcred_enter()