apparmor: pass the subject profile into profile replace/remove

	data = aa_simple_write_to_buffer(op, buf, size, size, pos);

	error = PTR_ERR(data);

	if (!IS_ERR(data)) {

		error = aa_replace_profiles(profile->ns, binop, data);

		error = aa_replace_profiles(profile->ns, profile, binop, data);

		aa_put_loaddata(data);

	}

	error = PTR_ERR(data);

	if (!IS_ERR(data)) {

		data->data[size] = 0;

		error = aa_remove_profiles(profile->ns, data->data, size);

		error = aa_remove_profiles(profile->ns, profile, data->data,

					   size);

		aa_put_loaddata(data);

	}

 out:

					const char *fqname, size_t n);

struct aa_profile *aa_match_profile(struct aa_ns *ns, const char *name);

ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace,

			    struct aa_loaddata *udata);

ssize_t aa_remove_profiles(struct aa_ns *view, char *name, size_t size);

ssize_t aa_replace_profiles(struct aa_ns *view, struct aa_profile *profile,

			    bool noreplace, struct aa_loaddata *udata);

ssize_t aa_remove_profiles(struct aa_ns *view, struct aa_profile *profile,

			    char *name, size_t size);

void __aa_profile_list_release(struct list_head *head);

#define PROF_ADD 1

/**

 * aa_replace_profiles - replace profile(s) on the profile list

 * @view: namespace load is viewed from

 * @label: label that is attempting to load/replace policy

 * @noreplace: true if only doing addition, no replacement allowed

 * @udata: serialized data stream  (NOT NULL)

 *

 *

 * Returns: size of data consumed else error code on failure.

 */

ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace,

			    struct aa_loaddata *udata)

ssize_t aa_replace_profiles(struct aa_ns *view, struct aa_profile *profile,

			    bool noreplace, struct aa_loaddata *udata)

{

	const char *ns_name, *info = NULL;

	struct aa_ns *ns = NULL;

		list_del_init(&ent->list);

		op = (!ent->old && !ent->rename) ? OP_PROF_LOAD : OP_PROF_REPL;

		audit_policy(__aa_current_profile(), op, GFP_ATOMIC, NULL,

		audit_policy(profile, op, GFP_ATOMIC, NULL,

			     ent->new->base.hname, NULL, error);

		if (ent->old) {

	/* audit cause of failure */

	op = (!ent->old) ? OP_PROF_LOAD : OP_PROF_REPL;

fail:

	audit_policy(__aa_current_profile(), op, GFP_KERNEL, ns_name,

		     ent->new->base.hname, info, error);

	audit_policy(profile, op, GFP_KERNEL, ns_name, ent->new->base.hname,

		     info, error);

	/* audit status that rest of profiles in the atomic set failed too */

	info = "valid profile in failed atomic policy load";

	list_for_each_entry(tmp, &lh, list) {

			continue;

		}

		op = (!ent->old) ? OP_PROF_LOAD : OP_PROF_REPL;

		audit_policy(__aa_current_profile(), op, GFP_KERNEL, ns_name,

		audit_policy(profile, op, GFP_KERNEL, ns_name,

			     tmp->new->base.hname, info, error);

	}

	list_for_each_entry_safe(ent, tmp, &lh, list) {

/**

 * aa_remove_profiles - remove profile(s) from the system

 * @view: namespace the remove is being done from

 * @subj: profile attempting to remove policy

 * @fqname: name of the profile or namespace to remove  (NOT NULL)

 * @size: size of the name

 *

 *

 * Returns: size of data consume else error code if fails

 */

ssize_t aa_remove_profiles(struct aa_ns *view, char *fqname, size_t size)

ssize_t aa_remove_profiles(struct aa_ns *view, struct aa_profile *subj,

			   char *fqname, size_t size)

{

	struct aa_ns *root = NULL, *ns = NULL;

	struct aa_profile *profile = NULL;

	}

	/* don't fail removal if audit fails */

	(void) audit_policy(__aa_current_profile(), OP_PROF_RM, GFP_KERNEL,

			    ns_name, name, info, error);

	(void) audit_policy(subj, OP_PROF_RM, GFP_KERNEL, ns_name, name, info,

			    error);

	aa_put_ns(ns);

	aa_put_profile(profile);

	return size;

	aa_put_ns(ns);

fail:

	(void) audit_policy(__aa_current_profile(), OP_PROF_RM, GFP_KERNEL,

			    ns_name, name, info, error);

	(void) audit_policy(subj, OP_PROF_RM, GFP_KERNEL, ns_name, name, info,

			    error);

	return error;

}