Home
last modified time | relevance | path

Searched refs:rule (Results 1 – 25 of 27) sorted by relevance

12

/system/netd/server/
DFirewallController.cpp145 int FirewallController::setInterfaceRule(const char* iface, FirewallRule rule) { in setInterfaceRule() argument
160 if (rule == ALLOW && mIfaceRules.find(iface) == mIfaceRules.end()) { in setInterfaceRule()
163 } else if (rule == DENY && mIfaceRules.find(iface) != mIfaceRules.end()) { in setInterfaceRule()
194 int FirewallController::setUidRule(ChildChain chain, int uid, FirewallRule rule) { in setUidRule() argument
201 op = (rule == ALLOW)? "-I" : "-D"; in setUidRule()
205 op = (rule == DENY)? "-A" : "-D"; in setUidRule()
DNetlinkCommands.cpp184 rtmsg rule = { in rtNetlinkFlush() local
189 { &rule, sizeof(rule) }, in rtNetlinkFlush()
DControllers.cpp137 std::string rule; in findExistingChildChains() local
138 while (std::getline(stream, rule, '\n')) { in findExistingChildChains()
139 if (std::regex_search(rule, matches, CHILD_CHAIN_REGEX) && matches[1] == parentChain) { in findExistingChildChains()
DRouteController.cpp258 fib_rule_hdr rule = { in modifyIpRule() local
267 if (table == RT_TABLE_UNSPEC && rule.action == FR_ACT_TO_TBL && action != RTM_DELRULE) { in modifyIpRule()
278 { &rule, sizeof(rule) }, in modifyIpRule()
299 rule.family = AF_FAMILIES[i]; in modifyIpRule()
304 ALOGE("Error %s %s rule: %s", actionName(action), familyName(rule.family), in modifyIpRule()
DBandwidthController.cpp956 std::string rule; in parseAndFlushCostlyTables() local
961 while (std::getline(stream, rule, '\n')) { in parseAndFlushCostlyTables()
962 if (rule.find(NEW_CHAIN_COMMAND) != 0) continue; in parseAndFlushCostlyTables()
963 chainName = rule.substr(NEW_CHAIN_COMMAND.size()); in parseAndFlushCostlyTables()
964 ALOGV("parse chainName=<%s> orig line=<%s>", chainName.c_str(), rule.c_str()); in parseAndFlushCostlyTables()
DCommandListener.cpp1149 FirewallRule rule = parseRule(argv[3]); in runCommand() local
1151 int res = gCtls->firewallCtrl.setInterfaceRule(iface, rule); in runCommand()
1171 FirewallRule rule = parseRule(argv[4]); in runCommand() local
1172 int res = gCtls->firewallCtrl.setUidRule(childChain, uid, rule); in runCommand()
/system/sepolicy/tests/
Dpolicy.py34 def __init__(self, rule): argument
35 data = rule.split(',')
41 self.rule = rule
/system/sepolicy/tools/sepolicy-analyze/
DREADME38 grant the same permissions where one allow rule is written
40 terms of attributes associated with those same types. The rule
41 with individual types is a candidate for removal. The rule with
87 quickly checking an individual expanded rule or group of rules. If there are
93 classes, or permissions from a neverallow rule that could not be resolved
/system/sepolicy/prebuilts/api/26.0/public/
Dhealthd.te33 # TODO: added to match above sysfs rule. Remove me?
Dnetd.te45 # TODO: added to match above sysfs rule. Remove me?
Dinstalld.te90 # Directory access covered by earlier rule above.
Ddumpstate.te80 # TODO: added to match above sysfs rule. Remove me?
Ddomain.te322 # Init can't do anything with binder calls. If this neverallow rule is being
438 # This rule can be removed if hwservicemanager is modified to not permit these
487 # Do not assert this rule on userdebug/eng builds, due to some devices using
/system/sepolicy/public/
Dhealthd.te33 # TODO: added to match above sysfs rule. Remove me?
Dnetd.te45 # TODO: added to match above sysfs rule. Remove me?
Dinstalld.te90 # Directory access covered by earlier rule above.
Ddumpstate.te84 # TODO: added to match above sysfs rule. Remove me?
Ddomain.te326 # Init can't do anything with binder calls. If this neverallow rule is being
441 # This rule can be removed if hwservicemanager is modified to not permit these
491 # Do not assert this rule on userdebug/eng builds, due to some devices using
/system/sepolicy/tools/
Dcheck_seapp.c652 const key_map *rule; in rule_map_validate() local
671 rule = &(rm->m[i]); in rule_map_validate()
673 if (!strcmp(rule->name, nrule->name)) { in rule_map_validate()
678 if (match_regex(nrule, rule)) { in rule_map_validate()
DREADME55 A tool for auditing a sepolicy file for any allow rule that grants
/system/sepolicy/private/
Dseapp_contexts65 # inputs are matched on a key value rule line.
Dsystem_server.te289 # TODO: added to match above sysfs rule. Remove me?
/system/sepolicy/prebuilts/api/26.0/private/
Dseapp_contexts65 # inputs are matched on a key value rule line.
Dsystem_server.te276 # TODO: added to match above sysfs rule. Remove me?
/system/bt/doc/
Dstyle_guide.md6 As a rule, we follow the Google C++
109 As a result of the above rule to declare and initialize variables together,

12