277 	struct aa_namespace *ns;  in alloc_namespace()  local
279 	ns = kzalloc(sizeof(*ns), GFP_KERNEL);  in alloc_namespace()
280 	AA_DEBUG("%s(%p)\n", __func__, ns);  in alloc_namespace()
281 	if (!ns)  in alloc_namespace()
283 	if (!policy_init(&ns->base, prefix, name))  in alloc_namespace()
286 	INIT_LIST_HEAD(&ns->sub_ns);  in alloc_namespace()
287 	mutex_init(&ns->lock);  in alloc_namespace()
290 	ns->unconfined = aa_alloc_profile("unconfined");  in alloc_namespace()
291 	if (!ns->unconfined)  in alloc_namespace()
294 	ns->unconfined->flags = PFLAG_IX_ON_NAME_ERROR |  in alloc_namespace()
296 	ns->unconfined->mode = APPARMOR_UNCONFINED;  in alloc_namespace()
299 	ns->unconfined->ns = ns;  in alloc_namespace()
301 	atomic_set(&ns->uniq_null, 0);  in alloc_namespace()
303 	return ns;  in alloc_namespace()
306 	kzfree(ns->base.hname);  in alloc_namespace()
308 	kzfree(ns);  in alloc_namespace()
319 static void free_namespace(struct aa_namespace *ns)  in free_namespace()  argument
321 	if (!ns)  in free_namespace()
324 	policy_destroy(&ns->base);  in free_namespace()
325 	aa_put_namespace(ns->parent);  in free_namespace()
327 	ns->unconfined->ns = NULL;  in free_namespace()
328 	aa_free_profile(ns->unconfined);  in free_namespace()
329 	kzfree(ns);  in free_namespace()
360 	struct aa_namespace *ns = NULL;  in aa_find_namespace()  local
363 	ns = aa_get_namespace(__aa_find_namespace(&root->sub_ns, name));  in aa_find_namespace()
366 	return ns;  in aa_find_namespace()
377 	struct aa_namespace *ns, *root;  in aa_prepare_namespace()  local
379 	root = aa_current_profile()->ns;  in aa_prepare_namespace()
386 		ns = aa_get_namespace(root);  in aa_prepare_namespace()
392 	ns = aa_get_namespace(__aa_find_namespace(&root->sub_ns, name));  in aa_prepare_namespace()
393 	if (!ns) {  in aa_prepare_namespace()
394 		ns = alloc_namespace(root->base.hname, name);  in aa_prepare_namespace()
395 		if (!ns)  in aa_prepare_namespace()
397 		if (__aa_fs_namespace_mkdir(ns, ns_subns_dir(root), name)) {  in aa_prepare_namespace()
399 				 ns->base.name);  in aa_prepare_namespace()
400 			free_namespace(ns);  in aa_prepare_namespace()
401 			ns = NULL;  in aa_prepare_namespace()
404 		ns->parent = aa_get_namespace(root);  in aa_prepare_namespace()
405 		list_add_rcu(&ns->base.list, &root->sub_ns);  in aa_prepare_namespace()
407 		aa_get_namespace(ns);  in aa_prepare_namespace()
413 	return ns;  in aa_prepare_namespace()
464 	__aa_update_replacedby(profile, profile->ns->unconfined);  in __remove_profile()
488 static void destroy_namespace(struct aa_namespace *ns)  in destroy_namespace()  argument
490 	if (!ns)  in destroy_namespace()
493 	mutex_lock(&ns->lock);  in destroy_namespace()
495 	__profile_list_release(&ns->base.profiles);  in destroy_namespace()
498 	__ns_list_release(&ns->sub_ns);  in destroy_namespace()
500 	if (ns->parent)  in destroy_namespace()
501 		__aa_update_replacedby(ns->unconfined, ns->parent->unconfined);  in destroy_namespace()
502 	__aa_fs_namespace_rmdir(ns);  in destroy_namespace()
503 	mutex_unlock(&ns->lock);  in destroy_namespace()
512 static void __remove_namespace(struct aa_namespace *ns)  in __remove_namespace()  argument
515 	list_del_rcu(&ns->base.list);  in __remove_namespace()
516 	destroy_namespace(ns);  in __remove_namespace()
517 	aa_put_namespace(ns);  in __remove_namespace()
528 	struct aa_namespace *ns, *tmp;  in __ns_list_release()  local
529 	list_for_each_entry_safe(ns, tmp, head, base.list)  in __ns_list_release()
530 		__remove_namespace(ns);  in __ns_list_release()
555 	 struct aa_namespace *ns = root_ns;  in aa_free_root_ns()  local
558 	 destroy_namespace(ns);  in aa_free_root_ns()
559 	 aa_put_namespace(ns);  in aa_free_root_ns()
601 	aa_put_namespace(profile->ns);  in aa_free_profile()
625 		free_namespace(p->ns);  in aa_free_profile_rcu()
692 	int uniq = atomic_inc_return(&parent->ns->uniq_null);  in aa_new_null_profile()
712 	profile->ns = aa_get_namespace(parent->ns);  in aa_new_null_profile()
714 	mutex_lock(&profile->ns->lock);  in aa_new_null_profile()
716 	mutex_unlock(&profile->ns->lock);  in aa_new_null_profile()
789 static struct aa_policy *__lookup_parent(struct aa_namespace *ns,  in __lookup_parent()  argument
796 	policy = &ns->base;  in __lookup_parent()
808 		return &ns->base;  in __lookup_parent()
852 struct aa_profile *aa_lookup_profile(struct aa_namespace *ns, const char *hname)  in aa_lookup_profile()  argument
858 		profile = __lookup_profile(&ns->base, hname);  in aa_lookup_profile()
864 		profile = aa_get_newest_profile(ns->unconfined);  in aa_lookup_profile()
1040 static int __lookup_replace(struct aa_namespace *ns, const char *hname,  in __lookup_replace()  argument
1044 	*p = aa_get_profile(__lookup_profile(&ns->base, hname));  in __lookup_replace()
1071 	struct aa_namespace *ns = NULL;  in aa_replace_profiles()  local
1083 	ns = aa_prepare_namespace(ns_name);  in aa_replace_profiles()
1084 	if (!ns) {  in aa_replace_profiles()
1091 	mutex_lock(&ns->lock);  in aa_replace_profiles()
1097 		error = __lookup_replace(ns, ent->new->base.hname, noreplace,  in aa_replace_profiles()
1103 			error = __lookup_replace(ns, ent->new->rename,  in aa_replace_profiles()
1111 		ent->new->ns = aa_get_namespace(ns);  in aa_replace_profiles()
1117 		policy = __lookup_parent(ns, ent->new->base.hname);  in aa_replace_profiles()
1128 		} else if (policy != &ns->base) {  in aa_replace_profiles()
1151 				parent = ns_subprofs_dir(ent->new->ns);  in aa_replace_profiles()
1202 			__list_add_profile(&ns->base.profiles, ent->new);  in aa_replace_profiles()
1206 	mutex_unlock(&ns->lock);  in aa_replace_profiles()
1209 	aa_put_namespace(ns);  in aa_replace_profiles()
1216 	mutex_unlock(&ns->lock);  in aa_replace_profiles()
1242 	struct aa_namespace *root, *ns = NULL;  in aa_remove_profiles()  local
1253 	root = aa_current_profile()->ns;  in aa_remove_profiles()
1259 		ns = aa_find_namespace(root, ns_name);  in aa_remove_profiles()
1260 		if (!ns) {  in aa_remove_profiles()
1267 		ns = aa_get_namespace(root);  in aa_remove_profiles()
1271 		mutex_lock(&ns->parent->lock);  in aa_remove_profiles()
1272 		__remove_namespace(ns);  in aa_remove_profiles()
1273 		mutex_unlock(&ns->parent->lock);  in aa_remove_profiles()
1276 		mutex_lock(&ns->lock);  in aa_remove_profiles()
1277 		profile = aa_get_profile(__lookup_profile(&ns->base, name));  in aa_remove_profiles()
1285 		mutex_unlock(&ns->lock);  in aa_remove_profiles()
1290 	aa_put_namespace(ns);  in aa_remove_profiles()
1295 	mutex_unlock(&ns->lock);  in aa_remove_profiles()
1296 	aa_put_namespace(ns);  in aa_remove_profiles()