apparmor: fix fast path cache check for unix sockets

	return unconfined(obj_label);

}

static bool __unix_needs_revalidation(struct file *file, struct aa_label *label,

				      u32 request)

static bool __is_unix_file(struct file *file)

{

	struct socket *sock = (struct socket *) file->private_data;

	if (!S_ISSOCK(file_inode(file)->i_mode))

		return false;

	if (request & NET_PEER_MASK)

		return false;

	/* sock and sock->sk can be NULL for sockets being set up or torn down */

	if (!sock || !sock->sk)

		return false;

	if (sock->sk->sk_family == PF_UNIX) {

		struct aa_sk_ctx *ctx = aa_sock(sock->sk);

		if (rcu_access_pointer(ctx->peer) !=

		    rcu_access_pointer(ctx->peer_lastupdate))

	if (sock->sk->sk_family == PF_UNIX)

		return true;

		return !__aa_subj_label_is_cached(rcu_dereference(ctx->label),

						  label);

	}

	return false;

}

static bool __unix_needs_revalidation(struct file *file, struct aa_label *label,

				      u32 request)

{

	struct socket *sock = (struct socket *) file->private_data;

	AA_BUG(!__is_unix_file(file));

	lockdep_assert_in_rcu_read_lock();

	struct aa_sk_ctx *skctx = aa_sock(sock->sk);

	if (rcu_access_pointer(skctx->peer) !=

	    rcu_access_pointer(skctx->peer_lastupdate))

		return true;

	return !__aa_subj_label_is_cached(rcu_dereference(skctx->label), label);

}

/**

 * aa_file_perm - do permission revalidation check & audit for @file

 * @op: operation being checked

	 */

	denied = request & ~fctx->allow;

	if (unconfined(label) || __file_is_delegated(flabel) ||

	    __unix_needs_revalidation(file, label, request) ||

	    (!denied && __is_unix_file(file) && !__unix_needs_revalidation(file, label, request)) ||

	    (!denied && __aa_subj_label_is_cached(label, flabel))) {

		rcu_read_unlock();

		goto done;