110 static void __add_profile(struct list_head *list, struct aa_profile *profile)  in __add_profile()  argument
115 	AA_BUG(!profile);  in __add_profile()
116 	AA_BUG(!profile->ns);  in __add_profile()
117 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __add_profile()
119 	list_add_rcu(&profile->base.list, list);  in __add_profile()
121 	aa_get_profile(profile);  in __add_profile()
122 	l = aa_label_insert(&profile->ns->labels, &profile->label);  in __add_profile()
123 	AA_BUG(l != &profile->label);  in __add_profile()
139 static void __list_remove_profile(struct aa_profile *profile)  in __list_remove_profile()  argument
141 	AA_BUG(!profile);  in __list_remove_profile()
142 	AA_BUG(!profile->ns);  in __list_remove_profile()
143 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __list_remove_profile()
145 	list_del_rcu(&profile->base.list);  in __list_remove_profile()
146 	aa_put_profile(profile);  in __list_remove_profile()
155 static void __remove_profile(struct aa_profile *profile)  in __remove_profile()  argument
157 	AA_BUG(!profile);  in __remove_profile()
158 	AA_BUG(!profile->ns);  in __remove_profile()
159 	AA_BUG(!mutex_is_locked(&profile->ns->lock));  in __remove_profile()
162 	__aa_profile_list_release(&profile->base.profiles);  in __remove_profile()
164 	aa_label_remove(&profile->label);  in __remove_profile()
165 	__aafs_profile_rmdir(profile);  in __remove_profile()
166 	__list_remove_profile(profile);  in __remove_profile()
177 	struct aa_profile *profile, *tmp;  in __aa_profile_list_release()  local
178 	list_for_each_entry_safe(profile, tmp, head, base.list)  in __aa_profile_list_release()
179 		__remove_profile(profile);  in __aa_profile_list_release()
242 void aa_free_profile(struct aa_profile *profile)  in aa_free_profile()  argument
247 	AA_DEBUG("%s(%p)\n", __func__, profile);  in aa_free_profile()
249 	if (!profile)  in aa_free_profile()
253 	aa_policy_destroy(&profile->base);  in aa_free_profile()
254 	aa_put_profile(rcu_access_pointer(profile->parent));  in aa_free_profile()
256 	aa_put_ns(profile->ns);  in aa_free_profile()
257 	kfree_sensitive(profile->rename);  in aa_free_profile()
259 	free_attachment(&profile->attach);  in aa_free_profile()
265 	list_for_each_entry_safe(rule, tmp, &profile->rules, list) {  in aa_free_profile()
269 	kfree_sensitive(profile->dirname);  in aa_free_profile()
271 	if (profile->data) {  in aa_free_profile()
272 		rht = profile->data;  in aa_free_profile()
273 		profile->data = NULL;  in aa_free_profile()
278 	kfree_sensitive(profile->hash);  in aa_free_profile()
279 	aa_put_loaddata(profile->rawdata);  in aa_free_profile()
280 	aa_label_destroy(&profile->label);  in aa_free_profile()
282 	kfree_sensitive(profile);  in aa_free_profile()
295 	struct aa_profile *profile;  in aa_alloc_profile()  local
299 	profile = kzalloc(struct_size(profile, label.vec, 2), gfp);  in aa_alloc_profile()
300 	if (!profile)  in aa_alloc_profile()
303 	if (!aa_policy_init(&profile->base, NULL, hname, gfp))  in aa_alloc_profile()
305 	if (!aa_label_init(&profile->label, 1, gfp))  in aa_alloc_profile()
308 	INIT_LIST_HEAD(&profile->rules);  in aa_alloc_profile()
314 	list_add(&rules->list, &profile->rules);  in aa_alloc_profile()
318 		proxy = aa_alloc_proxy(&profile->label, gfp);  in aa_alloc_profile()
323 	profile->label.proxy = proxy;  in aa_alloc_profile()
325 	profile->label.hname = profile->base.hname;  in aa_alloc_profile()
326 	profile->label.flags |= FLAG_PROFILE;  in aa_alloc_profile()
327 	profile->label.vec[0] = profile;  in aa_alloc_profile()
330 	return profile;  in aa_alloc_profile()
333 	aa_free_profile(profile);  in aa_alloc_profile()
379 	struct aa_profile *profile;  in aa_find_child()  local
383 		profile = __find_child(&parent->base.profiles, name);  in aa_find_child()
384 	} while (profile && !aa_get_profile_not0(profile));  in aa_find_child()
388 	return profile;  in aa_find_child()
408 	struct aa_profile *profile = NULL;  in __lookup_parent()  local
414 		profile = __strn_find_child(&policy->profiles, hname,  in __lookup_parent()
416 		if (!profile)  in __lookup_parent()
418 		policy = &profile->base;  in __lookup_parent()
422 	if (!profile)  in __lookup_parent()
424 	return &profile->base;  in __lookup_parent()
443 	struct aa_profile *parent, *profile = NULL;  in __create_missing_ancestors()  local
452 		parent = profile;  in __create_missing_ancestors()
453 		profile = __strn_find_child(&policy->profiles, hname,  in __create_missing_ancestors()
455 		if (!profile) {  in __create_missing_ancestors()
460 			profile = aa_alloc_null(parent, name, gfp);  in __create_missing_ancestors()
462 			if (!profile)  in __create_missing_ancestors()
465 				profile->ns = aa_get_ns(ns);  in __create_missing_ancestors()
467 		policy = &profile->base;  in __create_missing_ancestors()
471 	if (!profile)  in __create_missing_ancestors()
473 	return &profile->base;  in __create_missing_ancestors()
491 	struct aa_profile *profile = NULL;  in __lookupn_profile()  local
496 		profile = __strn_find_child(&base->profiles, hname,  in __lookupn_profile()
498 		if (!profile)  in __lookupn_profile()
501 		base = &profile->base;  in __lookupn_profile()
528 	struct aa_profile *profile;  in aa_lookupn_profile()  local
532 		profile = __lookupn_profile(&ns->base, hname, n);  in aa_lookupn_profile()
533 	} while (profile && !aa_get_profile_not0(profile));  in aa_lookupn_profile()
537 	if (!profile && strncmp(hname, "unconfined", n) == 0)  in aa_lookupn_profile()
538 		profile = aa_get_newest_profile(ns->unconfined);  in aa_lookupn_profile()
541 	return profile;  in aa_lookupn_profile()
552 	struct aa_profile *profile;  in aa_fqlookupn_profile()  local
566 		profile = aa_lookupn_profile(ns, name, n - (name - fqname));  in aa_fqlookupn_profile()
569 		profile = aa_get_newest_profile(ns->unconfined);  in aa_fqlookupn_profile()
571 		profile = NULL;  in aa_fqlookupn_profile()
574 	return profile;  in aa_fqlookupn_profile()
581 	struct aa_profile *profile;  in aa_alloc_null()  local
584 	profile = aa_alloc_profile(name, NULL, gfp);  in aa_alloc_null()
585 	if (!profile)  in aa_alloc_null()
589 	profile->label.flags |= FLAG_NULL;  in aa_alloc_null()
590 	rules = list_first_entry(&profile->rules, typeof(*rules), list);  in aa_alloc_null()
603 		profile->path_flags = parent->path_flags;  in aa_alloc_null()
606 		rcu_assign_pointer(profile->parent, aa_get_profile(parent));  in aa_alloc_null()
607 		profile->ns = aa_get_ns(parent->ns);  in aa_alloc_null()
610 	return profile;  in aa_alloc_null()
613 	aa_free_profile(profile);  in aa_alloc_null()
639 	struct aa_profile *p, *profile;  in aa_new_learning_profile()  local
664 	profile = aa_find_child(parent, bname);  in aa_new_learning_profile()
665 	if (profile)  in aa_new_learning_profile()
668 	profile = aa_alloc_null(parent, name, gfp);  in aa_new_learning_profile()
669 	if (!profile)  in aa_new_learning_profile()
671 	profile->mode = APPARMOR_COMPLAIN;  in aa_new_learning_profile()
673 		profile->label.flags |= FLAG_HAT;  in aa_new_learning_profile()
675 	mutex_lock_nested(&profile->ns->lock, profile->ns->level);  in aa_new_learning_profile()
678 		aa_free_profile(profile);  in aa_new_learning_profile()
679 		profile = aa_get_profile(p);  in aa_new_learning_profile()
681 		__add_profile(&parent->base.profiles, profile);  in aa_new_learning_profile()
683 	mutex_unlock(&profile->ns->lock);  in aa_new_learning_profile()
689 	return profile;  in aa_new_learning_profile()
693 	aa_free_profile(profile);  in aa_new_learning_profile()
705 static int replacement_allowed(struct aa_profile *profile, int noreplace,  in replacement_allowed()  argument
708 	if (profile) {  in replacement_allowed()
709 		if (profile->label.flags & FLAG_IMMUTIBLE) {  in replacement_allowed()
871 					       struct aa_profile *profile)  in __list_lookup_parent()  argument
873 	const char *base = basename(profile->base.hname);  in __list_lookup_parent()
874 	long len = base - profile->base.hname;  in __list_lookup_parent()
883 		if (ent->new == profile)  in __list_lookup_parent()
885 		if (strncmp(ent->new->base.hname, profile->base.hname, len) ==  in __list_lookup_parent()
1286 	struct aa_profile *profile = NULL;  in aa_remove_profiles()  local
1322 		profile = aa_get_profile(__lookup_profile(&ns->base, name));  in aa_remove_profiles()
1323 		if (!profile) {  in aa_remove_profiles()
1328 		name = profile->base.hname;  in aa_remove_profiles()
1330 		__remove_profile(profile);  in aa_remove_profiles()
1339 	aa_put_profile(profile);  in aa_remove_profiles()