~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,14 +1,10 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* AppArmor security module
3	4	*
4	5	* This file contains AppArmor label definitions
5	6	*
6	7	* Copyright 2017 Canonical Ltd.
7		- *
8		- * This program is free software; you can redistribute it and/or
9		- * modify it under the terms of the GNU General Public License as
10		- * published by the Free Software Foundation, version 2 of the
11		- * License.
12	8	*/
13	9
14	10	#include <linux/audit.h>
..	..	@@ -80,7 +76,7 @@
80	76
81	77	AA_BUG(!orig);
82	78	AA_BUG(!new);
83		- lockdep_assert_held_exclusive(&labels_set(orig)->lock);
	79	+ lockdep_assert_held_write(&labels_set(orig)->lock);
84	80
85	81	tmp = rcu_dereference_protected(orig->proxy->label,
86	82	&labels_ns(orig)->lock);
..	..	@@ -313,10 +309,8 @@
313	309	}
314	310
315	311
316		-static void label_destroy(struct aa_label *label)
	312	+void aa_label_destroy(struct aa_label *label)
317	313	{
318		- struct aa_label *tmp;
319		-
320	314	AA_BUG(!label);
321	315
322	316	if (!label_isprofile(label)) {
..	..	@@ -332,16 +326,13 @@
332	326	}
333	327	}
334	328
335		- if (rcu_dereference_protected(label->proxy->label, true) == label)
336		- rcu_assign_pointer(label->proxy->label, NULL);
337		-
	329	+ if (label->proxy) {
	330	+ if (rcu_dereference_protected(label->proxy->label, true) == label)
	331	+ rcu_assign_pointer(label->proxy->label, NULL);
	332	+ aa_put_proxy(label->proxy);
	333	+ }
338	334	aa_free_secid(label->secid);
339	335
340		- tmp = rcu_dereference_protected(label->proxy->label, true);
341		- if (tmp == label)
342		- rcu_assign_pointer(label->proxy->label, NULL);
343		-
344		- aa_put_proxy(label->proxy);
345	336	label->proxy = (struct aa_proxy *) PROXY_POISON + 1;
346	337	}
347	338
..	..	@@ -350,7 +341,7 @@
350	341	if (!label)
351	342	return;
352	343
353		- label_destroy(label);
	344	+ aa_label_destroy(label);
354	345	kfree(label);
355	346	}
356	347
..	..	@@ -603,7 +594,7 @@
603	594
604	595	AA_BUG(!ls);
605	596	AA_BUG(!label);
606		- lockdep_assert_held_exclusive(&ls->lock);
	597	+ lockdep_assert_held_write(&ls->lock);
607	598
608	599	if (new)
609	600	__aa_proxy_redirect(label, new);
..	..	@@ -640,7 +631,7 @@
640	631	AA_BUG(!ls);
641	632	AA_BUG(!old);
642	633	AA_BUG(!new);
643		- lockdep_assert_held_exclusive(&ls->lock);
	634	+ lockdep_assert_held_write(&ls->lock);
644	635	AA_BUG(new->flags & FLAG_IN_TREE);
645	636
646	637	if (!label_is_stale(old))
..	..	@@ -677,7 +668,7 @@
677	668	AA_BUG(!ls);
678	669	AA_BUG(!label);
679	670	AA_BUG(labels_set(label) != ls);
680		- lockdep_assert_held_exclusive(&ls->lock);
	671	+ lockdep_assert_held_write(&ls->lock);
681	672	AA_BUG(label->flags & FLAG_IN_TREE);
682	673
683	674	/* Figure out where to put new node */
..	..	@@ -1641,9 +1632,9 @@
1641	1632	AA_BUG(!str && size != 0);
1642	1633	AA_BUG(!label);
1643	1634
1644		- if (flags & FLAG_ABS_ROOT) {
	1635	+ if (AA_DEBUG_LABEL && (flags & FLAG_ABS_ROOT)) {
1645	1636	ns = root_ns;
1646		- len = snprintf(str, size, "=");
	1637	+ len = snprintf(str, size, "_");
1647	1638	update_for_len(total, len, size, str);
1648	1639	} else if (!ns) {
1649	1640	ns = labels_ns(label);
..	..	@@ -1754,7 +1745,7 @@
1754	1745	if (!use_label_hname(ns, label, flags) \|\|
1755	1746	display_mode(ns, label, flags)) {
1756	1747	len = aa_label_asxprint(&name, ns, label, flags, gfp);
1757		- if (len == -1) {
	1748	+ if (len < 0) {
1758	1749	AA_DEBUG("label print error");
1759	1750	return;
1760	1751	}
..	..	@@ -1782,17 +1773,17 @@
1782	1773	int len;
1783	1774
1784	1775	len = aa_label_asxprint(&str, ns, label, flags, gfp);
1785		- if (len == -1) {
	1776	+ if (len < 0) {
1786	1777	AA_DEBUG("label print error");
1787	1778	return;
1788	1779	}
1789		- seq_printf(f, "%s", str);
	1780	+ seq_puts(f, str);
1790	1781	kfree(str);
1791	1782	} else if (display_mode(ns, label, flags))
1792	1783	seq_printf(f, "%s (%s)", label->hname,
1793	1784	label_modename(ns, label, flags));
1794	1785	else
1795		- seq_printf(f, "%s", label->hname);
	1786	+ seq_puts(f, label->hname);
1796	1787	}
1797	1788
1798	1789	void aa_label_xprintk(struct aa_ns ns, struct aa_label label, int flags,
..	..	@@ -1805,7 +1796,7 @@
1805	1796	int len;
1806	1797
1807	1798	len = aa_label_asxprint(&str, ns, label, flags, gfp);
1808		- if (len == -1) {
	1799	+ if (len < 0) {
1809	1800	AA_DEBUG("label print error");
1810	1801	return;
1811	1802	}
..	..	@@ -1905,7 +1896,8 @@
1905	1896	AA_BUG(!str);
1906	1897
1907	1898	str = skipn_spaces(str, n);
1908		- if (str == NULL \|\| (*str == '=' && base != &root_ns->unconfined->label))
	1899	+ if (str == NULL \|\| (AA_DEBUG_LABEL && *str == '_' &&
	1900	+ base != &root_ns->unconfined->label))
1909	1901	return ERR_PTR(-EINVAL);
1910	1902
1911	1903	len = label_count_strn_entries(str, end - str);