Lines Matching refs:condition_mask
466 …icy_order order, u_int32_t session_order, int session_pid, u_int64_t condition_mask, u_int64_t con…
491 …_order suborder, u_int32_t session_order, int session_pid, u_int64_t condition_mask, u_int64_t con…
789 …esultString[policy_search_array[i]->result], policy_search_array[i]->condition_mask & NECP_KERNEL_…
795 …esultString[policy_search_array[i]->result], policy_search_array[i]->condition_mask & NECP_KERNEL_…
3395 u_int64_t condition_mask = policy->condition_mask; in necp_handle_policy_dump_all() local
3403 if (condition_mask == NECP_POLICY_CONDITION_DEFAULT) { in necp_handle_policy_dump_all()
3406 if (condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) { in necp_handle_policy_dump_all()
3409 if (condition_mask & NECP_KERNEL_CONDITION_HAS_CLIENT) { in necp_handle_policy_dump_all()
3412 if (condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_handle_policy_dump_all()
3417 if (condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_handle_policy_dump_all()
3421 if (condition_mask & NECP_KERNEL_CONDITION_APP_ID) { in necp_handle_policy_dump_all()
3425 if (condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID) { in necp_handle_policy_dump_all()
3429 if ((condition_mask & NECP_KERNEL_CONDITION_DOMAIN) || in necp_handle_policy_dump_all()
3430 (condition_mask & NECP_KERNEL_CONDITION_EXACT_DOMAIN)) { in necp_handle_policy_dump_all()
3435 if (condition_mask & NECP_KERNEL_CONDITION_DOMAIN_FILTER) { in necp_handle_policy_dump_all()
3439 if (condition_mask & NECP_KERNEL_CONDITION_URL) { in necp_handle_policy_dump_all()
3444 if (condition_mask & NECP_KERNEL_CONDITION_ACCOUNT_ID) { in necp_handle_policy_dump_all()
3453 if (condition_mask & NECP_KERNEL_CONDITION_PID) { in necp_handle_policy_dump_all()
3457 if (condition_mask & NECP_KERNEL_CONDITION_UID) { in necp_handle_policy_dump_all()
3461 if (condition_mask & NECP_KERNEL_CONDITION_REAL_UID) { in necp_handle_policy_dump_all()
3465 if (condition_mask & NECP_KERNEL_CONDITION_TRAFFIC_CLASS) { in necp_handle_policy_dump_all()
3469 if (condition_mask & NECP_KERNEL_CONDITION_ENTITLEMENT) { in necp_handle_policy_dump_all()
3472 if (condition_mask & NECP_KERNEL_CONDITION_CUSTOM_ENTITLEMENT) { in necp_handle_policy_dump_all()
3477 if (condition_mask & NECP_KERNEL_CONDITION_PLATFORM_BINARY) { in necp_handle_policy_dump_all()
3480 if (condition_mask & NECP_KERNEL_CONDITION_SYSTEM_SIGNED_RESULT) { in necp_handle_policy_dump_all()
3483 if (condition_mask & NECP_KERNEL_CONDITION_SDK_VERSION) { in necp_handle_policy_dump_all()
3487 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_handle_policy_dump_all()
3491 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_handle_policy_dump_all()
3492 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_handle_policy_dump_all()
3499 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_handle_policy_dump_all()
3500 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_handle_policy_dump_all()
3507 if (condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE) { in necp_handle_policy_dump_all()
3511 if (condition_mask & NECP_KERNEL_CONDITION_CLIENT_FLAGS) { in necp_handle_policy_dump_all()
3515 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_EMPTY) { in necp_handle_policy_dump_all()
3518 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_EMPTY) { in necp_handle_policy_dump_all()
3521 if (condition_mask & NECP_KERNEL_CONDITION_SIGNING_IDENTIFIER) { in necp_handle_policy_dump_all()
3526 if (condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_handle_policy_dump_all()
3530 if (condition_mask & NECP_KERNEL_CONDITION_IS_LOOPBACK) { in necp_handle_policy_dump_all()
3533 if (condition_mask & NECP_KERNEL_CONDITION_DELEGATE_IS_PLATFORM_BINARY) { in necp_handle_policy_dump_all()
3536 if (condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_handle_policy_dump_all()
3540 if (condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_handle_policy_dump_all()
3582 if (condition_mask == NECP_POLICY_CONDITION_DEFAULT) { in necp_handle_policy_dump_all()
3585 if (condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) { in necp_handle_policy_dump_all()
3589 if (condition_mask & NECP_KERNEL_CONDITION_HAS_CLIENT) { in necp_handle_policy_dump_all()
3593 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_handle_policy_dump_all()
3597 if (condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_handle_policy_dump_all()
3602 if (condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_handle_policy_dump_all()
3607 if (condition_mask & NECP_KERNEL_CONDITION_APP_ID) { in necp_handle_policy_dump_all()
3615 if (condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID) { in necp_handle_policy_dump_all()
3623 if ((condition_mask & NECP_KERNEL_CONDITION_DOMAIN) || in necp_handle_policy_dump_all()
3624 (condition_mask & NECP_KERNEL_CONDITION_EXACT_DOMAIN)) { in necp_handle_policy_dump_all()
3628 if (condition_mask & NECP_KERNEL_CONDITION_DOMAIN_FILTER) { in necp_handle_policy_dump_all()
3633 if (condition_mask & NECP_KERNEL_CONDITION_URL) { in necp_handle_policy_dump_all()
3637 if (condition_mask & NECP_KERNEL_CONDITION_ACCOUNT_ID) { in necp_handle_policy_dump_all()
3643 if (condition_mask & NECP_KERNEL_CONDITION_PID) { in necp_handle_policy_dump_all()
3651 if (condition_mask & NECP_KERNEL_CONDITION_UID) { in necp_handle_policy_dump_all()
3656 if (condition_mask & NECP_KERNEL_CONDITION_REAL_UID) { in necp_handle_policy_dump_all()
3661 if (condition_mask & NECP_KERNEL_CONDITION_TRAFFIC_CLASS) { in necp_handle_policy_dump_all()
3666 if (condition_mask & NECP_KERNEL_CONDITION_ENTITLEMENT) { in necp_handle_policy_dump_all()
3671 if (condition_mask & NECP_KERNEL_CONDITION_CUSTOM_ENTITLEMENT) { in necp_handle_policy_dump_all()
3675 if (condition_mask & NECP_KERNEL_CONDITION_PLATFORM_BINARY) { in necp_handle_policy_dump_all()
3679 if (condition_mask & NECP_KERNEL_CONDITION_SYSTEM_SIGNED_RESULT) { in necp_handle_policy_dump_all()
3683 if (condition_mask & NECP_KERNEL_CONDITION_SDK_VERSION) { in necp_handle_policy_dump_all()
3689 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_handle_policy_dump_all()
3691 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_handle_policy_dump_all()
3705 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_handle_policy_dump_all()
3707 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_handle_policy_dump_all()
3721 if (condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE) { in necp_handle_policy_dump_all()
3727 if (condition_mask & NECP_KERNEL_CONDITION_CLIENT_FLAGS) { in necp_handle_policy_dump_all()
3731 if (condition_mask & NECP_KERNEL_CONDITION_LOCAL_EMPTY) { in necp_handle_policy_dump_all()
3735 if (condition_mask & NECP_KERNEL_CONDITION_REMOTE_EMPTY) { in necp_handle_policy_dump_all()
3739 if (condition_mask & NECP_KERNEL_CONDITION_SIGNING_IDENTIFIER) { in necp_handle_policy_dump_all()
3743 if (condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_handle_policy_dump_all()
3747 if (condition_mask & NECP_KERNEL_CONDITION_IS_LOOPBACK) { in necp_handle_policy_dump_all()
3751 if (condition_mask & NECP_KERNEL_CONDITION_DELEGATE_IS_PLATFORM_BINARY) { in necp_handle_policy_dump_all()
3755 if (condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_handle_policy_dump_all()
3759 if (condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_handle_policy_dump_all()
4786 u_int64_t condition_mask = master_condition_mask; in necp_policy_apply() local
4788 condition_mask |= NECP_KERNEL_CONDITION_POLICY_ID; in necp_policy_apply()
4791 …BORDER_NON_ID_CONDITIONS, session->session_order, session->proc_pid, condition_mask, master_condit… in necp_policy_apply()
4952 …icy_order order, u_int32_t session_order, int session_pid, u_int64_t condition_mask, u_int64_t con… in necp_kernel_socket_policy_add() argument
4965 new_kernel_policy->condition_mask = (condition_mask & NECP_KERNEL_VALID_SOCKET_CONDITIONS); in necp_kernel_socket_policy_add()
4966 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && (new_kernel_poli… in necp_kernel_socket_policy_add()
4967 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_BOUND_INTERFACE; in necp_kernel_socket_policy_add()
4969 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && (new_kernel_poli… in necp_kernel_socket_policy_add()
4970 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS; in necp_kernel_socket_policy_add()
4972 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID) && !(new_kernel_policy… in necp_kernel_socket_policy_add()
4973 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_REAL_APP_ID; in necp_kernel_socket_policy_add()
4975 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) && (new_kernel_policy->c… in necp_kernel_socket_policy_add()
4976 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_LOCAL_PREFIX; in necp_kernel_socket_policy_add()
4978 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) && (new_kernel_policy->… in necp_kernel_socket_policy_add()
4979 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_REMOTE_PREFIX; in necp_kernel_socket_policy_add()
4981 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_EMPTY) { in necp_kernel_socket_policy_add()
4982 …new_kernel_policy->condition_mask &= ~(NECP_KERNEL_CONDITION_LOCAL_PREFIX | NECP_KERNEL_CONDITION_… in necp_kernel_socket_policy_add()
4984 if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_EMPTY)) { in necp_kernel_socket_policy_add()
4985 …new_kernel_policy->condition_mask &= ~(NECP_KERNEL_CONDITION_REMOTE_PREFIX | NECP_KERNEL_CONDITION… in necp_kernel_socket_policy_add()
4987 …kernel_policy->condition_negated_mask = condition_negated_mask & new_kernel_policy->condition_mask; in necp_kernel_socket_policy_add()
4990 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID) { in necp_kernel_socket_policy_add()
4993 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID) { in necp_kernel_socket_policy_add()
4996 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_CUSTOM_ENTITLEMENT) { in necp_kernel_socket_policy_add()
4999 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ACCOUNT_ID) { in necp_kernel_socket_policy_add()
5002 if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN) || in necp_kernel_socket_policy_add()
5003 (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_EXACT_DOMAIN)) { in necp_kernel_socket_policy_add()
5007 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN_FILTER) { in necp_kernel_socket_policy_add()
5010 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_URL) { in necp_kernel_socket_policy_add()
5013 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PID) { in necp_kernel_socket_policy_add()
5017 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_UID) { in necp_kernel_socket_policy_add()
5020 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_UID) { in necp_kernel_socket_policy_add()
5023 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_kernel_socket_policy_add()
5029 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_TRAFFIC_CLASS) { in necp_kernel_socket_policy_add()
5032 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_kernel_socket_policy_add()
5035 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_kernel_socket_policy_add()
5038 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_kernel_socket_policy_add()
5041 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_kernel_socket_policy_add()
5044 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_kernel_socket_policy_add()
5047 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_kernel_socket_policy_add()
5050 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_kernel_socket_policy_add()
5053 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE) { in necp_kernel_socket_policy_add()
5056 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SDK_VERSION) { in necp_kernel_socket_policy_add()
5059 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_CLIENT_FLAGS) { in necp_kernel_socket_policy_add()
5062 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SIGNING_IDENTIFIER) { in necp_kernel_socket_policy_add()
5065 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_kernel_socket_policy_add()
5068 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_kernel_socket_policy_add()
5071 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_kernel_socket_policy_add()
5076 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_kernel_socket_policy_add()
5084 …nel policy: socket, id=%d, mask=%llx\n", new_kernel_policy->id, new_kernel_policy->condition_mask); in necp_kernel_socket_policy_add()
5386 …>id, proc_name_string, policy->session_order, policy->order, policy->condition_mask, necp_get_resu… in necp_kernel_socket_policies_dump_all()
5399 …>id, proc_name_string, policy->session_order, policy->order, policy->condition_mask, necp_get_resu… in necp_kernel_socket_policies_dump_all()
5483 …if ((policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && !(compared_policy->conditio… in necp_kernel_socket_policy_is_unnecessary()
5488 …if (((policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) && !(compared_policy->conditi… in necp_kernel_socket_policy_is_unnecessary()
5494 if (compared_policy->condition_mask == 0) { in necp_kernel_socket_policy_is_unnecessary()
5499 …if ((policy->condition_mask & compared_policy->condition_mask) != compared_policy->condition_mask)… in necp_kernel_socket_policy_is_unnecessary()
5504 …gated_mask & compared_policy->condition_mask) != (compared_policy->condition_negated_mask & compar… in necp_kernel_socket_policy_is_unnecessary()
5508 if ((compared_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN || in necp_kernel_socket_policy_is_unnecessary()
5509 compared_policy->condition_mask & NECP_KERNEL_CONDITION_EXACT_DOMAIN) && in necp_kernel_socket_policy_is_unnecessary()
5514 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN_FILTER && in necp_kernel_socket_policy_is_unnecessary()
5519 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_URL && in necp_kernel_socket_policy_is_unnecessary()
5524 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_CUSTOM_ENTITLEMENT && in necp_kernel_socket_policy_is_unnecessary()
5529 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_ACCOUNT_ID && in necp_kernel_socket_policy_is_unnecessary()
5534 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID && in necp_kernel_socket_policy_is_unnecessary()
5539 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID && in necp_kernel_socket_policy_is_unnecessary()
5544 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID && in necp_kernel_socket_policy_is_unnecessary()
5549 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_PID && in necp_kernel_socket_policy_is_unnecessary()
5554 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_UID && in necp_kernel_socket_policy_is_unnecessary()
5559 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_UID && in necp_kernel_socket_policy_is_unnecessary()
5564 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE && in necp_kernel_socket_policy_is_unnecessary()
5569 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL && in necp_kernel_socket_policy_is_unnecessary()
5574 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_CLIENT_FLAGS && in necp_kernel_socket_policy_is_unnecessary()
5579 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_TRAFFIC_CLASS && in necp_kernel_socket_policy_is_unnecessary()
5585 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_kernel_socket_policy_is_unnecessary()
5586 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_kernel_socket_policy_is_unnecessary()
5590 } else if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_kernel_socket_policy_is_unnecessary()
5598 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_kernel_socket_policy_is_unnecessary()
5599 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_kernel_socket_policy_is_unnecessary()
5603 } else if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_kernel_socket_policy_is_unnecessary()
5611 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE && in necp_kernel_socket_policy_is_unnecessary()
5616 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_SDK_VERSION && in necp_kernel_socket_policy_is_unnecessary()
5621 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS && in necp_kernel_socket_policy_is_unnecessary()
5626 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT && in necp_kernel_socket_policy_is_unnecessary()
5631 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS && in necp_kernel_socket_policy_is_unnecessary()
5684 necp_kernel_application_policies_condition_mask |= kernel_policy->condition_mask; in necp_kernel_socket_policies_reprocess()
5688 if ((kernel_policy->condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE)) { in necp_kernel_socket_policies_reprocess()
5694 necp_kernel_socket_policies_condition_mask |= kernel_policy->condition_mask; in necp_kernel_socket_policies_reprocess()
5697 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID) || in necp_kernel_socket_policies_reprocess()
5735 if ((kernel_policy->condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE)) { in necp_kernel_socket_policies_reprocess()
5741 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID) || in necp_kernel_socket_policies_reprocess()
7032 …_order suborder, u_int32_t session_order, int session_pid, u_int64_t condition_mask, u_int64_t con… in necp_kernel_ip_output_policy_add() argument
7045 new_kernel_policy->condition_mask = (condition_mask & NECP_KERNEL_VALID_IP_OUTPUT_CONDITIONS); in necp_kernel_ip_output_policy_add()
7046 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && (new_kernel_poli… in necp_kernel_ip_output_policy_add()
7047 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_BOUND_INTERFACE; in necp_kernel_ip_output_policy_add()
7049 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && (new_kernel_poli… in necp_kernel_ip_output_policy_add()
7050 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS; in necp_kernel_ip_output_policy_add()
7052 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) && (new_kernel_policy->c… in necp_kernel_ip_output_policy_add()
7053 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_LOCAL_PREFIX; in necp_kernel_ip_output_policy_add()
7055 …if ((new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) && (new_kernel_policy->… in necp_kernel_ip_output_policy_add()
7056 new_kernel_policy->condition_mask &= ~NECP_KERNEL_CONDITION_REMOTE_PREFIX; in necp_kernel_ip_output_policy_add()
7058 …kernel_policy->condition_negated_mask = condition_negated_mask & new_kernel_policy->condition_mask; in necp_kernel_ip_output_policy_add()
7061 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID) { in necp_kernel_ip_output_policy_add()
7064 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_kernel_ip_output_policy_add()
7070 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LAST_INTERFACE) { in necp_kernel_ip_output_policy_add()
7073 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_kernel_ip_output_policy_add()
7076 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_kernel_ip_output_policy_add()
7079 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_kernel_ip_output_policy_add()
7082 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_kernel_ip_output_policy_add()
7085 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_kernel_ip_output_policy_add()
7088 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_kernel_ip_output_policy_add()
7091 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_kernel_ip_output_policy_add()
7094 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_kernel_ip_output_policy_add()
7097 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_kernel_ip_output_policy_add()
7100 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_kernel_ip_output_policy_add()
7105 if (new_kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_kernel_ip_output_policy_add()
7113 … policy: ip output, id=%d, mask=%llx\n", new_kernel_policy->id, new_kernel_policy->condition_mask); in necp_kernel_ip_output_policy_add()
7181 …ing, policy->session_order, policy->order, policy->suborder, policy->condition_mask, necp_get_resu… in necp_kernel_ip_output_policies_dump_all()
7253 …if ((policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES) && !(compared_policy->conditio… in necp_kernel_ip_output_policy_is_unnecessary()
7258 …if ((policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) && !(compared_policy->conditio… in necp_kernel_ip_output_policy_is_unnecessary()
7263 if (compared_policy->condition_mask == 0) { in necp_kernel_ip_output_policy_is_unnecessary()
7268 …if ((policy->condition_mask & compared_policy->condition_mask) != compared_policy->condition_mask)… in necp_kernel_ip_output_policy_is_unnecessary()
7273 …gated_mask & compared_policy->condition_mask) != (compared_policy->condition_negated_mask & compar… in necp_kernel_ip_output_policy_is_unnecessary()
7277 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID && in necp_kernel_ip_output_policy_is_unnecessary()
7282 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE && in necp_kernel_ip_output_policy_is_unnecessary()
7287 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL && in necp_kernel_ip_output_policy_is_unnecessary()
7292 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_kernel_ip_output_policy_is_unnecessary()
7293 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_kernel_ip_output_policy_is_unnecessary()
7297 } else if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_kernel_ip_output_policy_is_unnecessary()
7305 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_kernel_ip_output_policy_is_unnecessary()
7306 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_kernel_ip_output_policy_is_unnecessary()
7310 } else if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_kernel_ip_output_policy_is_unnecessary()
7318 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT && in necp_kernel_ip_output_policy_is_unnecessary()
7323 if (compared_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS && in necp_kernel_ip_output_policy_is_unnecessary()
7364 necp_kernel_ip_output_policies_condition_mask |= kernel_policy->condition_mask; in necp_kernel_ip_output_policies_reprocess()
7371 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID) || in necp_kernel_ip_output_policies_reprocess()
7372 (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) || in necp_kernel_ip_output_policies_reprocess()
7378 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID)) { in necp_kernel_ip_output_policies_reprocess()
7436 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID) || in necp_kernel_ip_output_policies_reprocess()
7437 (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) || in necp_kernel_ip_output_policies_reprocess()
8471 …ride_euuid != NULL && info.used_responsible_pid && !(matched_policy->condition_mask & NECP_KERNEL_… in necp_application_find_policy_match_internal()
9154 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES)) { in necp_socket_check_policy()
9155 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_socket_check_policy()
9171 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_socket_check_policy()
9194 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) && in necp_socket_check_policy()
9195 !(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS)) { in necp_socket_check_policy()
9204 if (kernel_policy->condition_mask == 0) { in necp_socket_check_policy()
9208 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID) { in necp_socket_check_policy()
9225 kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SIGNING_IDENTIFIER) { in necp_socket_check_policy()
9250 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_APP_ID) { in necp_socket_check_policy()
9267 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_HAS_CLIENT) { in necp_socket_check_policy()
9274 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ENTITLEMENT) { in necp_socket_check_policy()
9282 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PLATFORM_BINARY) { in necp_socket_check_policy()
9297 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SYSTEM_SIGNED_RESULT) { in necp_socket_check_policy()
9305 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SDK_VERSION) { in necp_socket_check_policy()
9337 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_CUSTOM_ENTITLEMENT) { in necp_socket_check_policy()
9353 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_EXACT_DOMAIN) { in necp_socket_check_policy()
9373 } else if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN) { in necp_socket_check_policy()
9393 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_DOMAIN_FILTER) { in necp_socket_check_policy()
9426 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_URL) { in necp_socket_check_policy()
9443 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ACCOUNT_ID) { in necp_socket_check_policy()
9460 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PID) { in necp_socket_check_policy()
9483 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_UID) { in necp_socket_check_policy()
9500 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_UID) { in necp_socket_check_policy()
9517 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_TRAFFIC_CLASS) { in necp_socket_check_policy()
9536 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_socket_check_policy()
9553 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_AGENT_TYPE) { in necp_socket_check_policy()
9574 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_socket_check_policy()
9601 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_socket_check_policy()
9602 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_socket_check_policy()
9614 } else if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_socket_check_policy()
9629 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_socket_check_policy()
9630 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_socket_check_policy()
9642 } else if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_socket_check_policy()
9657 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_CLIENT_FLAGS) { in necp_socket_check_policy()
9674 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_EMPTY) { in necp_socket_check_policy()
9690 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_EMPTY) { in necp_socket_check_policy()
9706 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_socket_check_policy()
9727 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_socket_check_policy()
9750 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_IS_LOOPBACK) { in necp_socket_check_policy()
9764 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_DELEGATE_IS_PLATFORM_BINARY) { in necp_socket_check_policy()
9777 } else if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_APP_ID) && in necp_socket_check_policy()
9778 !(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PID)) { in necp_socket_check_policy()
10866 …if (info.used_responsible_pid && (matched_policy->condition_mask & NECP_KERNEL_CONDITION_REAL_APP_… in necp_socket_find_policy_match()
11021 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_ALL_INTERFACES)) { in necp_ip_output_check_policy()
11022 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) { in necp_ip_output_check_policy()
11039 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS) { in necp_ip_output_check_policy()
11073 if (!(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE) && in necp_ip_output_check_policy()
11074 !(kernel_policy->condition_mask & NECP_KERNEL_CONDITION_BOUND_INTERFACE_FLAGS)) { in necp_ip_output_check_policy()
11083 if (kernel_policy->condition_mask == 0) { in necp_ip_output_check_policy()
11087 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_POLICY_ID) { in necp_ip_output_check_policy()
11100 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LAST_INTERFACE) { in necp_ip_output_check_policy()
11109 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PROTOCOL) { in necp_ip_output_check_policy()
11126 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_NETWORKS) { in necp_ip_output_check_policy()
11149 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_START) { in necp_ip_output_check_policy()
11150 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_END) { in necp_ip_output_check_policy()
11162 } else if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_LOCAL_PREFIX) { in necp_ip_output_check_policy()
11177 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_START) { in necp_ip_output_check_policy()
11178 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_END) { in necp_ip_output_check_policy()
11190 } else if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_REMOTE_PREFIX) { in necp_ip_output_check_policy()
11205 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_SCHEME_PORT) { in necp_ip_output_check_policy()
11224 if (kernel_policy->condition_mask & NECP_KERNEL_CONDITION_PACKET_FILTER_TAGS) { in necp_ip_output_check_policy()