114 static void __add_profile(struct list_head *list, struct aa_profile *profile)  in __add_profile()  argument
119 	AA_BUG(!profile);  in __add_profile()
120 	AA_BUG(!profile->ns);  in __add_profile()
121 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __add_profile()
123 	list_add_rcu(&profile->base.list, list);  in __add_profile()
125 	aa_get_profile(profile);  in __add_profile()
126 	l = aa_label_insert(&profile->ns->labels, &profile->label);  in __add_profile()
127 	AA_BUG(l != &profile->label);  in __add_profile()
143 static void __list_remove_profile(struct aa_profile *profile)  in __list_remove_profile()  argument
145 	AA_BUG(!profile);  in __list_remove_profile()
146 	AA_BUG(!profile->ns);  in __list_remove_profile()
147 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __list_remove_profile()
149 	list_del_rcu(&profile->base.list);  in __list_remove_profile()
150 	aa_put_profile(profile);  in __list_remove_profile()
159 static void __remove_profile(struct aa_profile *profile)  in __remove_profile()  argument
161 	AA_BUG(!profile);  in __remove_profile()
162 	AA_BUG(!profile->ns);  in __remove_profile()
163 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __remove_profile()
166 	__aa_profile_list_release(&profile->base.profiles);  in __remove_profile()
168 	aa_label_remove(&profile->label);  in __remove_profile()
169 	__aafs_profile_rmdir(profile);  in __remove_profile()
170 	__list_remove_profile(profile);  in __remove_profile()
181 	struct aa_profile *profile, *tmp;  in __aa_profile_list_release()  local
182 	list_for_each_entry_safe(profile, tmp, head, base.list)  in __aa_profile_list_release()
183 		__remove_profile(profile);  in __aa_profile_list_release()
210 void aa_free_profile(struct aa_profile *profile)  in aa_free_profile()  argument
215 	AA_DEBUG("%s(%p)\n", __func__, profile);  in aa_free_profile()
217 	if (!profile)  in aa_free_profile()
221 	aa_policy_destroy(&profile->base);  in aa_free_profile()
222 	aa_put_profile(rcu_access_pointer(profile->parent));  in aa_free_profile()
224 	aa_put_ns(profile->ns);  in aa_free_profile()
225 	kzfree(profile->rename);  in aa_free_profile()
227 	aa_free_file_rules(&profile->file);  in aa_free_profile()
228 	aa_free_cap_rules(&profile->caps);  in aa_free_profile()
229 	aa_free_rlimit_rules(&profile->rlimits);  in aa_free_profile()
231 	for (i = 0; i < profile->xattr_count; i++)  in aa_free_profile()
232 		kzfree(profile->xattrs[i]);  in aa_free_profile()
233 	kzfree(profile->xattrs);  in aa_free_profile()
234 	kzfree(profile->dirname);  in aa_free_profile()
235 	aa_put_dfa(profile->xmatch);  in aa_free_profile()
236 	aa_put_dfa(profile->policy.dfa);  in aa_free_profile()
238 	if (profile->data) {  in aa_free_profile()
239 		rht = profile->data;  in aa_free_profile()
240 		profile->data = NULL;  in aa_free_profile()
245 	kzfree(profile->hash);  in aa_free_profile()
246 	aa_put_loaddata(profile->rawdata);  in aa_free_profile()
248 	kzfree(profile);  in aa_free_profile()
261 	struct aa_profile *profile;  in aa_alloc_profile()  local
264 	profile = kzalloc(sizeof(*profile) + sizeof(struct aa_profile *) * 2,  in aa_alloc_profile()
266 	if (!profile)  in aa_alloc_profile()
269 	if (!aa_policy_init(&profile->base, NULL, hname, gfp))  in aa_alloc_profile()
271 	if (!aa_label_init(&profile->label, 1, gfp))  in aa_alloc_profile()
276 		proxy = aa_alloc_proxy(&profile->label, gfp);  in aa_alloc_profile()
281 	profile->label.proxy = proxy;  in aa_alloc_profile()
283 	profile->label.hname = profile->base.hname;  in aa_alloc_profile()
284 	profile->label.flags |= FLAG_PROFILE;  in aa_alloc_profile()
285 	profile->label.vec[0] = profile;  in aa_alloc_profile()
288 	return profile;  in aa_alloc_profile()
291 	aa_free_profile(profile);  in aa_alloc_profile()
337 	struct aa_profile *profile;  in aa_find_child()  local
341 		profile = __find_child(&parent->base.profiles, name);  in aa_find_child()
342 	} while (profile && !aa_get_profile_not0(profile));  in aa_find_child()
346 	return profile;  in aa_find_child()
366 	struct aa_profile *profile = NULL;  in __lookup_parent()  local
372 		profile = __strn_find_child(&policy->profiles, hname,  in __lookup_parent()
374 		if (!profile)  in __lookup_parent()
376 		policy = &profile->base;  in __lookup_parent()
380 	if (!profile)  in __lookup_parent()
382 	return &profile->base;  in __lookup_parent()
400 	struct aa_profile *profile = NULL;  in __lookupn_profile()  local
405 		profile = __strn_find_child(&base->profiles, hname,  in __lookupn_profile()
407 		if (!profile)  in __lookupn_profile()
410 		base = &profile->base;  in __lookupn_profile()
437 	struct aa_profile *profile;  in aa_lookupn_profile()  local
441 		profile = __lookupn_profile(&ns->base, hname, n);  in aa_lookupn_profile()
442 	} while (profile && !aa_get_profile_not0(profile));  in aa_lookupn_profile()
446 	if (!profile && strncmp(hname, "unconfined", n) == 0)  in aa_lookupn_profile()
447 		profile = aa_get_newest_profile(ns->unconfined);  in aa_lookupn_profile()
450 	return profile;  in aa_lookupn_profile()
461 	struct aa_profile *profile;  in aa_fqlookupn_profile()  local
475 		profile = aa_lookupn_profile(ns, name, n - (name - fqname));  in aa_fqlookupn_profile()
478 		profile = aa_get_newest_profile(ns->unconfined);  in aa_fqlookupn_profile()
480 		profile = NULL;  in aa_fqlookupn_profile()
483 	return profile;  in aa_fqlookupn_profile()
507 	struct aa_profile *p, *profile;  in aa_new_null_profile()  local
532 	profile = aa_find_child(parent, bname);  in aa_new_null_profile()
533 	if (profile)  in aa_new_null_profile()
536 	profile = aa_alloc_profile(name, NULL, gfp);  in aa_new_null_profile()
537 	if (!profile)  in aa_new_null_profile()
540 	profile->mode = APPARMOR_COMPLAIN;  in aa_new_null_profile()
541 	profile->label.flags |= FLAG_NULL;  in aa_new_null_profile()
543 		profile->label.flags |= FLAG_HAT;  in aa_new_null_profile()
544 	profile->path_flags = parent->path_flags;  in aa_new_null_profile()
547 	rcu_assign_pointer(profile->parent, aa_get_profile(parent));  in aa_new_null_profile()
548 	profile->ns = aa_get_ns(parent->ns);  in aa_new_null_profile()
549 	profile->file.dfa = aa_get_dfa(nulldfa);  in aa_new_null_profile()
550 	profile->policy.dfa = aa_get_dfa(nulldfa);  in aa_new_null_profile()
552 	mutex_lock_nested(&profile->ns->lock, profile->ns->level);  in aa_new_null_profile()
555 		aa_free_profile(profile);  in aa_new_null_profile()
556 		profile = aa_get_profile(p);  in aa_new_null_profile()
558 		__add_profile(&parent->base.profiles, profile);  in aa_new_null_profile()
560 	mutex_unlock(&profile->ns->lock);  in aa_new_null_profile()
566 	return profile;  in aa_new_null_profile()
570 	aa_free_profile(profile);  in aa_new_null_profile()
582 static int replacement_allowed(struct aa_profile *profile, int noreplace,  in replacement_allowed()  argument
585 	if (profile) {  in replacement_allowed()
586 		if (profile->label.flags & FLAG_IMMUTIBLE) {  in replacement_allowed()
707 					       struct aa_profile *profile)  in __list_lookup_parent()  argument
709 	const char *base = basename(profile->base.hname);  in __list_lookup_parent()
710 	long len = base - profile->base.hname;  in __list_lookup_parent()
719 		if (ent->new == profile)  in __list_lookup_parent()
721 		if (strncmp(ent->new->base.hname, profile->base.hname, len) ==  in __list_lookup_parent()
1099 	struct aa_profile *profile = NULL;  in aa_remove_profiles()  local
1135 		profile = aa_get_profile(__lookup_profile(&ns->base, name));  in aa_remove_profiles()
1136 		if (!profile) {  in aa_remove_profiles()
1141 		name = profile->base.hname;  in aa_remove_profiles()
1142 		__remove_profile(profile);  in aa_remove_profiles()
1152 	aa_put_profile(profile);  in aa_remove_profiles()