77 		void *rule;	/* LSM file metadata specific */  member
257 		kfree(entry->lsm[i].rule);  in ima_lsm_free_rule()
280 		if (!entry->lsm[i].rule)  in ima_lsm_copy_rule()
292 						   &nentry->lsm[i].rule);  in ima_lsm_copy_rule()
332 			if (entry->lsm[i].rule) {  in ima_lsm_update_rules()
370 static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,  in ima_match_rules()  argument
377 		if ((rule->flags & IMA_FUNC) && (rule->func == func))  in ima_match_rules()
381 	if ((rule->flags & IMA_FUNC) &&  in ima_match_rules()
382 	    (rule->func != func && func != POST_SETATTR))  in ima_match_rules()
384 	if ((rule->flags & IMA_MASK) &&  in ima_match_rules()
385 	    (rule->mask != mask && func != POST_SETATTR))  in ima_match_rules()
387 	if ((rule->flags & IMA_INMASK) &&  in ima_match_rules()
388 	    (!(rule->mask & mask) && func != POST_SETATTR))  in ima_match_rules()
390 	if ((rule->flags & IMA_FSMAGIC)  in ima_match_rules()
391 	    && rule->fsmagic != inode->i_sb->s_magic)  in ima_match_rules()
393 	if ((rule->flags & IMA_FSNAME)  in ima_match_rules()
394 	    && strcmp(rule->fsname, inode->i_sb->s_type->name))  in ima_match_rules()
396 	if ((rule->flags & IMA_FSUUID) &&  in ima_match_rules()
397 	    !uuid_equal(&rule->fsuuid, &inode->i_sb->s_uuid))  in ima_match_rules()
399 	if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid))  in ima_match_rules()
401 	if (rule->flags & IMA_EUID) {  in ima_match_rules()
403 			if (!rule->uid_op(cred->euid, rule->uid)  in ima_match_rules()
404 			    && !rule->uid_op(cred->suid, rule->uid)  in ima_match_rules()
405 			    && !rule->uid_op(cred->uid, rule->uid))  in ima_match_rules()
407 		} else if (!rule->uid_op(cred->euid, rule->uid))  in ima_match_rules()
411 	if ((rule->flags & IMA_FOWNER) &&  in ima_match_rules()
412 	    !rule->fowner_op(inode->i_uid, rule->fowner))  in ima_match_rules()
418 		if (!rule->lsm[i].rule)  in ima_match_rules()
427 							rule->lsm[i].type,  in ima_match_rules()
429 							rule->lsm[i].rule);  in ima_match_rules()
435 							rule->lsm[i].type,  in ima_match_rules()
437 							rule->lsm[i].rule);  in ima_match_rules()
451 static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func)  in get_subaction()  argument
453 	if (!(rule->flags & IMA_FUNC))  in get_subaction()
599 static int ima_parse_rule(char *rule, struct ima_rule_entry *entry);
623 		char rule[255];  in ima_init_arch_policy()  local
626 		result = strlcpy(rule, *rules, sizeof(rule));  in ima_init_arch_policy()
629 		result = ima_parse_rule(rule, &arch_policy_entry[i]);  in ima_init_arch_policy()
632 				rule);  in ima_init_arch_policy()
812 	if (entry->lsm[lsm_rule].rule)  in ima_lsm_rule_init()
823 					   &entry->lsm[lsm_rule].rule);  in ima_lsm_rule_init()
824 	if (!entry->lsm[lsm_rule].rule) {  in ima_lsm_rule_init()
883 static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)  in ima_parse_rule()  argument
900 	while ((p = strsep(&rule, " \t")) != NULL) {  in ima_parse_rule()
1243 ssize_t ima_parse_add_rule(char *rule)  in ima_parse_add_rule()  argument
1251 	p = strsep(&rule, "\n");  in ima_parse_add_rule()
1466 		if (entry->lsm[i].rule) {  in ima_policy_show()