Home
last modified time | relevance | path

Searched full:rule (Results 1 – 25 of 931) sorted by relevance

12345678910>>...38

/kernel/linux/linux-5.10/net/core/
Dfib_rules.c37 bool fib_rule_matchall(const struct fib_rule *rule) in fib_rule_matchall() argument
39 if (rule->iifindex || rule->oifindex || rule->mark || rule->tun_id || in fib_rule_matchall()
40 rule->flags) in fib_rule_matchall()
42 if (rule->suppress_ifgroup != -1 || rule->suppress_prefixlen != -1) in fib_rule_matchall()
44 if (!uid_eq(rule->uid_range.start, fib_kuid_range_unset.start) || in fib_rule_matchall()
45 !uid_eq(rule->uid_range.end, fib_kuid_range_unset.end)) in fib_rule_matchall()
47 if (fib_rule_port_range_set(&rule->sport_range)) in fib_rule_matchall()
49 if (fib_rule_port_range_set(&rule->dport_range)) in fib_rule_matchall()
86 struct fib_rule *rule; in fib_default_rule_pref() local
91 rule = list_entry(pos->next, struct fib_rule, list); in fib_default_rule_pref()
[all …]
Dflow_offload.c11 struct flow_rule *rule; in flow_rule_alloc() local
14 rule = kzalloc(struct_size(rule, action.entries, num_actions), in flow_rule_alloc()
16 if (!rule) in flow_rule_alloc()
19 rule->action.num_entries = num_actions; in flow_rule_alloc()
24 rule->action.entries[i].hw_stats = FLOW_ACTION_HW_STATS_DONT_CARE; in flow_rule_alloc()
26 return rule; in flow_rule_alloc()
37 void flow_rule_match_meta(const struct flow_rule *rule, in flow_rule_match_meta() argument
40 FLOW_DISSECTOR_MATCH(rule, FLOW_DISSECTOR_KEY_META, out); in flow_rule_match_meta()
44 void flow_rule_match_basic(const struct flow_rule *rule, in flow_rule_match_basic() argument
47 FLOW_DISSECTOR_MATCH(rule, FLOW_DISSECTOR_KEY_BASIC, out); in flow_rule_match_basic()
[all …]
/kernel/linux/linux-5.10/drivers/net/dsa/sja1105/
Dsja1105_flower.c10 struct sja1105_rule *rule; in sja1105_rule_find() local
12 list_for_each_entry(rule, &priv->flow_block.rules, list) in sja1105_rule_find()
13 if (rule->cookie == cookie) in sja1105_rule_find()
14 return rule; in sja1105_rule_find()
36 struct sja1105_rule *rule = sja1105_rule_find(priv, cookie); in sja1105_setup_bcast_policer() local
42 if (!rule) { in sja1105_setup_bcast_policer()
43 rule = kzalloc(sizeof(*rule), GFP_KERNEL); in sja1105_setup_bcast_policer()
44 if (!rule) in sja1105_setup_bcast_policer()
47 rule->cookie = cookie; in sja1105_setup_bcast_policer()
48 rule->type = SJA1105_RULE_BCAST_POLICER; in sja1105_setup_bcast_policer()
[all …]
Dsja1105_vl.c12 struct sja1105_rule *rule, in sja1105_insert_gate_entry() argument
23 e->rule = rule; in sja1105_insert_gate_entry()
95 struct sja1105_rule *rule; in sja1105_compose_gating_subschedule() local
102 list_for_each_entry(rule, &priv->flow_block.rules, list) { in sja1105_compose_gating_subschedule()
103 if (rule->type != SJA1105_RULE_VL) in sja1105_compose_gating_subschedule()
105 if (rule->vl.type != SJA1105_VL_TIME_TRIGGERED) in sja1105_compose_gating_subschedule()
108 if (max_cycle_time < rule->vl.cycle_time) { in sja1105_compose_gating_subschedule()
109 max_cycle_time = rule->vl.cycle_time; in sja1105_compose_gating_subschedule()
110 its_base_time = rule->vl.base_time; in sja1105_compose_gating_subschedule()
124 list_for_each_entry(rule, &priv->flow_block.rules, list) { in sja1105_compose_gating_subschedule()
[all …]
/kernel/linux/linux-5.10/security/selinux/include/
Daudit.h16 * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
17 * @field: the field this rule refers to
18 * @op: the operater the rule uses
19 * @rulestr: the text "target" of the rule
20 * @rule: pointer to the new rule structure returned via this
22 * Returns 0 if successful, -errno if not. On success, the rule structure
26 int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
29 * selinux_audit_rule_free - free an selinux audit rule structure.
30 * @rule: pointer to the audit rule to be freed
32 * This will free all memory associated with the given rule.
[all …]
/kernel/linux/linux-5.10/drivers/net/ethernet/netronome/nfp/flower/
Dmatch.c13 struct flow_rule *rule, u8 key_type, bool qinq_sup) in nfp_flower_compile_meta_tci() argument
27 if (!qinq_sup && flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_VLAN)) { in nfp_flower_compile_meta_tci()
30 flow_rule_match_vlan(rule, &match); in nfp_flower_compile_meta_tci()
79 struct nfp_flower_mac_mpls *msk, struct flow_rule *rule, in nfp_flower_compile_mac() argument
85 if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_ETH_ADDRS)) { in nfp_flower_compile_mac()
88 flow_rule_match_eth_addrs(rule, &match); in nfp_flower_compile_mac()
96 if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_MPLS)) { in nfp_flower_compile_mac()
100 flow_rule_match_mpls(rule, &match); in nfp_flower_compile_mac()
125 } else if (flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_BASIC)) { in nfp_flower_compile_mac()
132 flow_rule_match_basic(rule, &match); in nfp_flower_compile_mac()
[all …]
/kernel/linux/linux-5.10/net/ipv6/
Dfib6_rules.c31 static bool fib6_rule_matchall(const struct fib_rule *rule) in fib6_rule_matchall() argument
33 struct fib6_rule *r = container_of(rule, struct fib6_rule, common); in fib6_rule_matchall()
37 return fib_rule_matchall(rule); in fib6_rule_matchall()
40 bool fib6_rule_default(const struct fib_rule *rule) in fib6_rule_default() argument
42 if (!fib6_rule_matchall(rule) || rule->action != FR_ACT_TO_TBL || in fib6_rule_default()
43 rule->l3mdev) in fib6_rule_default()
45 if (rule->table != RT6_TABLE_LOCAL && rule->table != RT6_TABLE_MAIN) in fib6_rule_default()
132 static int fib6_rule_saddr(struct net *net, struct fib_rule *rule, int flags, in fib6_rule_saddr() argument
135 struct fib6_rule *r = (struct fib6_rule *)rule; in fib6_rule_saddr()
138 * we check the result if it meets requirement of the rule. in fib6_rule_saddr()
[all …]
/kernel/linux/linux-5.10/security/safesetid/
Dsecurityfs.c32 struct setid_rule *rule) in parse_policy_line() argument
53 if (rule->type == UID){ in parse_policy_line()
54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
56 if (!uid_valid(rule->src_id.uid) || !uid_valid(rule->dst_id.uid)) in parse_policy_line()
58 } else if (rule->type == GID){ in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
61 if (!gid_valid(rule->src_id.gid) || !gid_valid(rule->dst_id.gid)) in parse_policy_line()
64 /* Error, rule->type is an invalid type */ in parse_policy_line()
[all …]
/kernel/linux/linux-5.10/net/ipv4/
Dfib_rules.c48 static bool fib4_rule_matchall(const struct fib_rule *rule) in fib4_rule_matchall() argument
50 struct fib4_rule *r = container_of(rule, struct fib4_rule, common); in fib4_rule_matchall()
54 return fib_rule_matchall(rule); in fib4_rule_matchall()
57 bool fib4_rule_default(const struct fib_rule *rule) in fib4_rule_default() argument
59 if (!fib4_rule_matchall(rule) || rule->action != FR_ACT_TO_TBL || in fib4_rule_default()
60 rule->l3mdev) in fib4_rule_default()
62 if (rule->table != RT_TABLE_LOCAL && rule->table != RT_TABLE_MAIN && in fib4_rule_default()
63 rule->table != RT_TABLE_DEFAULT) in fib4_rule_default()
94 if (arg.rule) in __fib_lookup()
95 res->tclassid = ((struct fib4_rule *)arg.rule)->tclassid; in __fib_lookup()
[all …]
/kernel/linux/linux-5.10/kernel/
Dauditfilter.c84 struct audit_krule *erule = &e->rule; in audit_free_rule()
118 entry->rule.fields = fields; in audit_init_entry()
210 struct audit_field *arch = entry->rule.arch_f; in audit_match_signal()
216 entry->rule.mask) && in audit_match_signal()
218 entry->rule.mask)); in audit_match_signal()
224 entry->rule.mask)); in audit_match_signal()
227 entry->rule.mask)); in audit_match_signal()
234 /* Common user-space to kernel rule translation. */
235 static inline struct audit_entry *audit_to_entry_common(struct audit_rule_data *rule) in audit_to_entry_common() argument
242 listnr = rule->flags & ~AUDIT_FILTER_PREPEND; in audit_to_entry_common()
[all …]
/kernel/linux/linux-5.10/drivers/pnp/
Dmanager.c23 unsigned char rule, in pnp_find_resource() argument
29 /* when the resource already exists, set its resource bits from rule */ in pnp_find_resource()
32 res->flags |= rule & IORESOURCE_BITS; in pnp_find_resource()
38 static int pnp_assign_port(struct pnp_dev *dev, struct pnp_port *rule, int idx) in pnp_assign_port() argument
42 res = pnp_find_resource(dev, rule->flags, IORESOURCE_IO, idx); in pnp_assign_port()
51 res->flags = rule->flags | IORESOURCE_AUTO; in pnp_assign_port()
55 if (!rule->size) { in pnp_assign_port()
61 res->start = rule->min; in pnp_assign_port()
62 res->end = res->start + rule->size - 1; in pnp_assign_port()
65 res->start += rule->align; in pnp_assign_port()
[all …]
/kernel/linux/linux-5.10/drivers/net/ethernet/mellanox/mlx5/core/steering/
Ddr_rule.c355 dr_rule_rehash_htbl(struct mlx5dr_rule *rule, in dr_rule_rehash_htbl() argument
363 struct mlx5dr_matcher *matcher = rule->matcher; in dr_rule_rehash_htbl()
472 static struct mlx5dr_ste_htbl *dr_rule_rehash(struct mlx5dr_rule *rule, in dr_rule_rehash() argument
478 struct mlx5dr_domain *dmn = rule->matcher->tbl->dmn; in dr_rule_rehash()
487 return dr_rule_rehash_htbl(rule, nic_rule, cur_htbl, ste_location, in dr_rule_rehash()
530 static void dr_rule_remove_action_members(struct mlx5dr_rule *rule) in dr_rule_remove_action_members() argument
535 list_for_each_entry_safe(action_mem, tmp, &rule->rule_actions_list, list) { in dr_rule_remove_action_members()
542 static int dr_rule_add_action_members(struct mlx5dr_rule *rule, in dr_rule_add_action_members() argument
556 list_add_tail(&action_mem->list, &rule->rule_actions_list); in dr_rule_add_action_members()
563 dr_rule_remove_action_members(rule); in dr_rule_add_action_members()
[all …]
/kernel/linux/linux-5.10/tools/testing/selftests/drivers/net/mlxsw/
Dtc_restrictions.sh39 # shared block with a drop rule.
46 check_err $? "Failed to add drop rule to ingress bound block"
59 …check_err $? "Failed to create another clsact with egress shared block after blocker drop rule rem…
63 check_fail $? "Incorrect success to add drop rule to mixed bound block"
72 check_err $? "Failed to add drop rule to egress bound shared block"
95 check_err $? "Failed to add redirect rule to ingress bound block"
108 …check_err $? "Failed to create another clsact with egress shared block after blocker redirect rule
113 check_fail $? "Incorrect success to add redirect rule to mixed bound block"
123 check_fail $? "Incorrect success to add redirect rule to egress bound shared block"
130 check_fail $? "Incorrect success to add redirect rule to egress bound block"
[all …]
/kernel/linux/linux-5.10/Documentation/networking/
Dtls-offload-reorder-good.svg1rule="nonzero"/></clipPath><g clip-path="url(#p.0)"><path fill="#000000" fill-opacity="0.0" d="m0 …
Dtls-offload-reorder-bad.svg1rule="nonzero"/></clipPath><g clip-path="url(#p.0)"><path fill="#000000" fill-opacity="0.0" d="m0 …
/kernel/linux/linux-5.10/include/net/
Dfib_rules.h53 struct fib_rule *rule; member
103 struct fib_rule *rule; member
126 static inline void fib_rule_get(struct fib_rule *rule) in fib_rule_get() argument
128 refcount_inc(&rule->refcnt); in fib_rule_get()
131 static inline void fib_rule_put(struct fib_rule *rule) in fib_rule_put() argument
133 if (refcount_dec_and_test(&rule->refcnt)) in fib_rule_put()
134 kfree_rcu(rule, rcu); in fib_rule_put()
138 static inline u32 fib_rule_get_table(struct fib_rule *rule, in fib_rule_get_table() argument
141 return rule->l3mdev ? arg->table : rule->table; in fib_rule_get_table()
144 static inline u32 fib_rule_get_table(struct fib_rule *rule, in fib_rule_get_table() argument
[all …]
Dflow_offload.h77 void flow_rule_match_meta(const struct flow_rule *rule,
79 void flow_rule_match_basic(const struct flow_rule *rule,
81 void flow_rule_match_control(const struct flow_rule *rule,
83 void flow_rule_match_eth_addrs(const struct flow_rule *rule,
85 void flow_rule_match_vlan(const struct flow_rule *rule,
87 void flow_rule_match_cvlan(const struct flow_rule *rule,
89 void flow_rule_match_ipv4_addrs(const struct flow_rule *rule,
91 void flow_rule_match_ipv6_addrs(const struct flow_rule *rule,
93 void flow_rule_match_ip(const struct flow_rule *rule,
95 void flow_rule_match_ports(const struct flow_rule *rule,
[all …]
/kernel/linux/linux-5.10/drivers/net/ethernet/mellanox/mlxsw/
Dspectrum_acl.c61 struct rhash_head ht_node; /* Member of rule HT */
699 struct mlxsw_sp_acl_rule *rule; in mlxsw_sp_acl_rule_create() local
703 rule = kzalloc(sizeof(*rule) + ops->rule_priv_size, in mlxsw_sp_acl_rule_create()
705 if (!rule) { in mlxsw_sp_acl_rule_create()
709 rule->cookie = cookie; in mlxsw_sp_acl_rule_create()
710 rule->ruleset = ruleset; in mlxsw_sp_acl_rule_create()
712 rule->rulei = mlxsw_sp_acl_rulei_create(mlxsw_sp->acl, afa_block); in mlxsw_sp_acl_rule_create()
713 if (IS_ERR(rule->rulei)) { in mlxsw_sp_acl_rule_create()
714 err = PTR_ERR(rule->rulei); in mlxsw_sp_acl_rule_create()
718 return rule; in mlxsw_sp_acl_rule_create()
[all …]
Dspectrum_flower.c72 * to ingress/egress in future. Ingress rule is in mlxsw_sp_flower_parse_actions()
140 NL_SET_ERR_MSG_MOD(extack, "Multiple mirror actions per rule are not supported"); in mlxsw_sp_flower_parse_actions()
189 NL_SET_ERR_MSG_MOD(extack, "Multiple police actions per rule are not supported"); in mlxsw_sp_flower_parse_actions()
220 struct flow_rule *rule = flow_cls_offload_flow_rule(f); in mlxsw_sp_flower_parse_meta() local
225 if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_META)) in mlxsw_sp_flower_parse_meta()
228 flow_rule_match_meta(rule, &match); in mlxsw_sp_flower_parse_meta()
264 flow_rule_match_ipv4_addrs(f->rule, &match); in mlxsw_sp_flower_parse_ipv4()
279 flow_rule_match_ipv6_addrs(f->rule, &match); in mlxsw_sp_flower_parse_ipv6()
312 const struct flow_rule *rule = flow_cls_offload_flow_rule(f); in mlxsw_sp_flower_parse_ports() local
315 if (!flow_rule_match_key(rule, FLOW_DISSECTOR_KEY_PORTS)) in mlxsw_sp_flower_parse_ports()
[all …]
Dspectrum2_mr_tcam.c184 mlxsw_sp2_mr_tcam_rule_parse(struct mlxsw_sp_acl_rule *rule, in mlxsw_sp2_mr_tcam_rule_parse() argument
190 rulei = mlxsw_sp_acl_rule_rulei(rule); in mlxsw_sp2_mr_tcam_rule_parse()
215 struct mlxsw_sp_acl_rule *rule; in mlxsw_sp2_mr_tcam_route_create() local
223 rule = mlxsw_sp_acl_rule_create(mlxsw_sp, ruleset, in mlxsw_sp2_mr_tcam_route_create()
226 if (IS_ERR(rule)) in mlxsw_sp2_mr_tcam_route_create()
227 return PTR_ERR(rule); in mlxsw_sp2_mr_tcam_route_create()
229 mlxsw_sp2_mr_tcam_rule_parse(rule, key, prio); in mlxsw_sp2_mr_tcam_route_create()
230 err = mlxsw_sp_acl_rule_add(mlxsw_sp, rule); in mlxsw_sp2_mr_tcam_route_create()
237 mlxsw_sp_acl_rule_destroy(mlxsw_sp, rule); in mlxsw_sp2_mr_tcam_route_create()
248 struct mlxsw_sp_acl_rule *rule; in mlxsw_sp2_mr_tcam_route_destroy() local
[all …]
/kernel/linux/linux-5.10/drivers/net/ethernet/mellanox/mlx5/core/
Den_arfs.c57 struct mlx5_flow_handle *rule; member
187 netdev_err(priv->netdev, "%s: add rule failed, arfs type=%d\n", in arfs_add_default_rule()
375 if (arfs_rule->rule) in arfs_may_expire_flow()
376 mlx5_del_flow_rules(arfs_rule->rule); in arfs_may_expire_flow()
385 struct arfs_rule *rule; in arfs_del_rules() local
391 mlx5e_for_each_arfs_rule(rule, htmp, priv->fs.arfs.arfs_tables, i, j) { in arfs_del_rules()
392 hlist_del_init(&rule->hlist); in arfs_del_rules()
393 hlist_add_head(&rule->hlist, &del_list); in arfs_del_rules()
397 hlist_for_each_entry_safe(rule, htmp, &del_list, hlist) { in arfs_del_rules()
398 cancel_work_sync(&rule->arfs_work); in arfs_del_rules()
[all …]
/kernel/linux/linux-5.10/drivers/net/ethernet/aquantia/atlantic/
Daq_filters.c70 struct aq_rx_filter *rule; in aq_rule_already_exists() local
74 hlist_for_each_entry_safe(rule, aq_node2, in aq_rule_already_exists()
76 if (rule->aq_fsp.location == fsp->location) in aq_rule_already_exists()
78 if (aq_match_filter(&rule->aq_fsp, fsp)) { in aq_rule_already_exists()
274 "ethtool: The specified number %u rule is invalid\n", in aq_rule_is_not_correct()
434 struct aq_rx_filter *rule = NULL; in aq_del_fvlan_by_vlan() local
437 hlist_for_each_entry_safe(rule, aq_node2, in aq_del_fvlan_by_vlan()
439 if (be16_to_cpu(rule->aq_fsp.h_ext.vlan_tci) == vlan_id) in aq_del_fvlan_by_vlan()
442 if (rule && rule->type == aq_rx_filter_vlan && in aq_del_fvlan_by_vlan()
443 be16_to_cpu(rule->aq_fsp.h_ext.vlan_tci) == vlan_id) { in aq_del_fvlan_by_vlan()
[all …]
/kernel/linux/linux-5.10/security/apparmor/
Daudit.c167 struct aa_audit_rule *rule = vrule; in aa_audit_rule_free() local
169 if (rule) { in aa_audit_rule_free()
170 if (!IS_ERR(rule->label)) in aa_audit_rule_free()
171 aa_put_label(rule->label); in aa_audit_rule_free()
172 kfree(rule); in aa_audit_rule_free()
178 struct aa_audit_rule *rule; in aa_audit_rule_init() local
189 rule = kzalloc(sizeof(struct aa_audit_rule), GFP_KERNEL); in aa_audit_rule_init()
191 if (!rule) in aa_audit_rule_init()
195 rule->label = aa_label_parse(&root_ns->unconfined->label, rulestr, in aa_audit_rule_init()
197 if (IS_ERR(rule->label)) { in aa_audit_rule_init()
[all …]
/kernel/linux/linux-5.10/drivers/net/dsa/
Dbcm_sf2_cfp.c383 /* Locate the first rule available */ in bcm_sf2_cfp_ipv4_rule_set()
398 flow_rule_match_ipv4_addrs(flow->rule, &ipv4); in bcm_sf2_cfp_ipv4_rule_set()
399 flow_rule_match_ports(flow->rule, &ports); in bcm_sf2_cfp_ipv4_rule_set()
400 flow_rule_match_ip(flow->rule, &ip); in bcm_sf2_cfp_ipv4_rule_set()
465 /* Turn on CFP for this rule now */ in bcm_sf2_cfp_ipv4_rule_set()
470 /* Flag the rule as being used and return it */ in bcm_sf2_cfp_ipv4_rule_set()
570 struct cfp_rule *rule; in bcm_sf2_cfp_rule_find() local
572 list_for_each_entry(rule, &priv->cfp.rules_list, next) { in bcm_sf2_cfp_rule_find()
573 if (rule->port == port && rule->fs.location == location) in bcm_sf2_cfp_rule_find()
574 return rule; in bcm_sf2_cfp_rule_find()
[all …]
/kernel/linux/linux-5.10/security/integrity/ima/
Dima_policy.c82 void *rule; /* LSM file metadata specific */ member
97 * The minimum rule set to allow for full TCB coverage. Measures all files
331 ima_filter_rule_free(entry->lsm[i].rule); in ima_lsm_free_rule()
376 &nentry->lsm[i].rule); in ima_lsm_copy_rule()
377 if (!nentry->lsm[i].rule) in ima_lsm_copy_rule()
378 pr_warn("rule for LSM \'%s\' is undefined\n", in ima_lsm_copy_rule()
402 ima_filter_rule_free(entry->lsm[i].rule); in ima_lsm_update_rule()
435 pr_err("lsm rule update error %d\n", result); in ima_lsm_update_rules()
452 * ima_match_keyring - determine whether the keyring matches the measure rule
453 * @rule: a pointer to a rule
[all …]

12345678910>>...38