147 static void __add_profile(struct list_head *list, struct aa_profile *profile)  in __add_profile()  argument
152 	AA_BUG(!profile);  in __add_profile()
153 	AA_BUG(!profile->ns);  in __add_profile()
154 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __add_profile()
156 	list_add_rcu(&profile->base.list, list);  in __add_profile()
158 	aa_get_profile(profile);  in __add_profile()
159 	l = aa_label_insert(&profile->ns->labels, &profile->label);  in __add_profile()
160 	AA_BUG(l != &profile->label);  in __add_profile()
176 static void __list_remove_profile(struct aa_profile *profile)  in __list_remove_profile()  argument
178 	AA_BUG(!profile);  in __list_remove_profile()
179 	AA_BUG(!profile->ns);  in __list_remove_profile()
180 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __list_remove_profile()
182 	list_del_rcu(&profile->base.list);  in __list_remove_profile()
183 	aa_put_profile(profile);  in __list_remove_profile()
192 static void __remove_profile(struct aa_profile *profile)  in __remove_profile()  argument
194 	AA_BUG(!profile);  in __remove_profile()
195 	AA_BUG(!profile->ns);  in __remove_profile()
196 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __remove_profile()
199 	__aa_profile_list_release(&profile->base.profiles);  in __remove_profile()
201 	aa_label_remove(&profile->label);  in __remove_profile()
202 	__aafs_profile_rmdir(profile);  in __remove_profile()
203 	__list_remove_profile(profile);  in __remove_profile()
214 	struct aa_profile *profile, *tmp;  in __aa_profile_list_release()  local
215 	list_for_each_entry_safe(profile, tmp, head, base.list)  in __aa_profile_list_release()
216 		__remove_profile(profile);  in __aa_profile_list_release()
279 void aa_free_profile(struct aa_profile *profile)  in aa_free_profile()  argument
284 	AA_DEBUG("%s(%p)\n", __func__, profile);  in aa_free_profile()
286 	if (!profile)  in aa_free_profile()
290 	aa_policy_destroy(&profile->base);  in aa_free_profile()
291 	aa_put_profile(rcu_access_pointer(profile->parent));  in aa_free_profile()
293 	aa_put_ns(profile->ns);  in aa_free_profile()
294 	kfree_sensitive(profile->rename);  in aa_free_profile()
295 	kfree_sensitive(profile->disconnected);  in aa_free_profile()
297 	free_attachment(&profile->attach);  in aa_free_profile()
303 	list_for_each_entry_safe(rule, tmp, &profile->rules, list) {  in aa_free_profile()
307 	kfree_sensitive(profile->dirname);  in aa_free_profile()
309 	if (profile->data) {  in aa_free_profile()
310 		rht = profile->data;  in aa_free_profile()
311 		profile->data = NULL;  in aa_free_profile()
316 	kfree_sensitive(profile->hash);  in aa_free_profile()
317 	aa_put_loaddata(profile->rawdata);  in aa_free_profile()
318 	aa_label_destroy(&profile->label);  in aa_free_profile()
320 	kfree_sensitive(profile);  in aa_free_profile()
334 	struct aa_profile *profile;  in aa_alloc_profile()  local
338 	profile = kzalloc(struct_size(profile, label.vec, 2), gfp);  in aa_alloc_profile()
339 	if (!profile)  in aa_alloc_profile()
342 	if (!aa_policy_init(&profile->base, NULL, hname, gfp))  in aa_alloc_profile()
344 	if (!aa_label_init(&profile->label, 1, gfp))  in aa_alloc_profile()
347 	INIT_LIST_HEAD(&profile->rules);  in aa_alloc_profile()
353 	list_add(&rules->list, &profile->rules);  in aa_alloc_profile()
357 		proxy = aa_alloc_proxy(&profile->label, gfp);  in aa_alloc_profile()
362 	profile->label.proxy = proxy;  in aa_alloc_profile()
364 	profile->label.hname = profile->base.hname;  in aa_alloc_profile()
365 	profile->label.flags |= FLAG_PROFILE;  in aa_alloc_profile()
366 	profile->label.vec[0] = profile;  in aa_alloc_profile()
369 	return profile;  in aa_alloc_profile()
372 	aa_free_profile(profile);  in aa_alloc_profile()
418 	struct aa_profile *profile;  in aa_find_child()  local
422 		profile = __find_child(&parent->base.profiles, name);  in aa_find_child()
423 	} while (profile && !aa_get_profile_not0(profile));  in aa_find_child()
427 	return profile;  in aa_find_child()
447 	struct aa_profile *profile = NULL;  in __lookup_parent()  local
453 		profile = __strn_find_child(&policy->profiles, hname,  in __lookup_parent()
455 		if (!profile)  in __lookup_parent()
457 		policy = &profile->base;  in __lookup_parent()
461 	if (!profile)  in __lookup_parent()
463 	return &profile->base;  in __lookup_parent()
482 	struct aa_profile *parent, *profile = NULL;  in __create_missing_ancestors()  local
491 		parent = profile;  in __create_missing_ancestors()
492 		profile = __strn_find_child(&policy->profiles, hname,  in __create_missing_ancestors()
494 		if (!profile) {  in __create_missing_ancestors()
499 			profile = aa_alloc_null(parent, name, gfp);  in __create_missing_ancestors()
501 			if (!profile)  in __create_missing_ancestors()
504 				profile->ns = aa_get_ns(ns);  in __create_missing_ancestors()
506 		policy = &profile->base;  in __create_missing_ancestors()
510 	if (!profile)  in __create_missing_ancestors()
512 	return &profile->base;  in __create_missing_ancestors()
530 	struct aa_profile *profile = NULL;  in __lookupn_profile()  local
535 		profile = __strn_find_child(&base->profiles, hname,  in __lookupn_profile()
537 		if (!profile)  in __lookupn_profile()
540 		base = &profile->base;  in __lookupn_profile()
567 	struct aa_profile *profile;  in aa_lookupn_profile()  local
571 		profile = __lookupn_profile(&ns->base, hname, n);  in aa_lookupn_profile()
572 	} while (profile && !aa_get_profile_not0(profile));  in aa_lookupn_profile()
576 	if (!profile && strncmp(hname, "unconfined", n) == 0)  in aa_lookupn_profile()
577 		profile = aa_get_newest_profile(ns->unconfined);  in aa_lookupn_profile()
580 	return profile;  in aa_lookupn_profile()
591 	struct aa_profile *profile;  in aa_fqlookupn_profile()  local
605 		profile = aa_lookupn_profile(ns, name, n - (name - fqname));  in aa_fqlookupn_profile()
608 		profile = aa_get_newest_profile(ns->unconfined);  in aa_fqlookupn_profile()
610 		profile = NULL;  in aa_fqlookupn_profile()
613 	return profile;  in aa_fqlookupn_profile()
620 	struct aa_profile *profile;  in aa_alloc_null()  local
623 	profile = aa_alloc_profile(name, NULL, gfp);  in aa_alloc_null()
624 	if (!profile)  in aa_alloc_null()
628 	profile->label.flags |= FLAG_NULL;  in aa_alloc_null()
629 	rules = list_first_entry(&profile->rules, typeof(*rules), list);  in aa_alloc_null()
634 		profile->path_flags = parent->path_flags;  in aa_alloc_null()
637 		rcu_assign_pointer(profile->parent, aa_get_profile(parent));  in aa_alloc_null()
638 		profile->ns = aa_get_ns(parent->ns);  in aa_alloc_null()
641 	return profile;  in aa_alloc_null()
665 	struct aa_profile *p, *profile;  in aa_new_learning_profile()  local
690 	profile = aa_find_child(parent, bname);  in aa_new_learning_profile()
691 	if (profile)  in aa_new_learning_profile()
694 	profile = aa_alloc_null(parent, name, gfp);  in aa_new_learning_profile()
695 	if (!profile)  in aa_new_learning_profile()
697 	profile->mode = APPARMOR_COMPLAIN;  in aa_new_learning_profile()
699 		profile->label.flags |= FLAG_HAT;  in aa_new_learning_profile()
701 	mutex_lock_nested(&profile->ns->lock, profile->ns->level);  in aa_new_learning_profile()
704 		aa_free_profile(profile);  in aa_new_learning_profile()
705 		profile = aa_get_profile(p);  in aa_new_learning_profile()
707 		__add_profile(&parent->base.profiles, profile);  in aa_new_learning_profile()
709 	mutex_unlock(&profile->ns->lock);  in aa_new_learning_profile()
715 	return profile;  in aa_new_learning_profile()
719 	aa_free_profile(profile);  in aa_new_learning_profile()
731 static int replacement_allowed(struct aa_profile *profile, int noreplace,  in replacement_allowed()  argument
734 	if (profile) {  in replacement_allowed()
735 		if (profile->label.flags & FLAG_IMMUTIBLE) {  in replacement_allowed()
907 					       struct aa_profile *profile)  in __list_lookup_parent()  argument
909 	const char *base = basename(profile->base.hname);  in __list_lookup_parent()
910 	long len = base - profile->base.hname;  in __list_lookup_parent()
919 		if (ent->new == profile)  in __list_lookup_parent()
921 		if (strncmp(ent->new->base.hname, profile->base.hname, len) ==  in __list_lookup_parent()
1322 	struct aa_profile *profile = NULL;  in aa_remove_profiles()  local
1358 		profile = aa_get_profile(__lookup_profile(&ns->base, name));  in aa_remove_profiles()
1359 		if (!profile) {  in aa_remove_profiles()
1364 		name = profile->base.hname;  in aa_remove_profiles()
1366 		__remove_profile(profile);  in aa_remove_profiles()
1375 	aa_put_profile(profile);  in aa_remove_profiles()