static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms,
                             const char *match_str, size_t match_len)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms tmp = { };
        aa_state_t state = DFA_NOMATCH;
 
 
 static int audit_caps(struct common_audit_data *sa, struct aa_profile *profile,
                      int cap, int error)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct audit_cache *ent;
        int type = AUDIT_APPARMOR_AUTO;
 
 static int profile_capable(struct aa_profile *profile, int cap,
                           unsigned int opts, struct common_audit_data *sa)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        int error;
 
        if (cap_raised(rules->caps.allow, cap) &&
 
                                         struct aa_profile *tp,
                                         bool stack, aa_state_t state)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        const char *ns_name;
 
        if (stack)
                                aa_state_t state, bool subns, u32 request,
                                struct aa_perms *perms)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_profile *tp;
        struct label_it i;
        struct path_cond cond = { };
                                  aa_state_t start, bool subns, u32 request,
                                  struct aa_perms *perms)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_profile *tp;
        struct label_it i;
        struct aa_perms tmp;
 struct aa_label *x_table_lookup(struct aa_profile *profile, u32 xindex,
                                const char **name)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_label *label = NULL;
        u32 xtype = xindex & AA_X_TYPE_MASK;
        int index = xindex & AA_X_INDEX_MASK;
                                   const char **lookupname,
                                   const char **info)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_label *new = NULL;
        struct aa_ns *ns = profile->ns;
        u32 xtype = xindex & AA_X_TYPE_MASK;
                                           char *buffer, struct path_cond *cond,
                                           bool *secure_exec)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_label *new = NULL;
        const char *info = NULL, *name = NULL, *target = NULL;
        aa_state_t state = rules->file.start[AA_CLASS_FILE];
                          char *buffer, struct path_cond *cond,
                          bool *secure_exec)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        aa_state_t state = rules->file.start[AA_CLASS_FILE];
        struct aa_perms perms = {};
        const char *xname = NULL, *info = "change_profile onexec";
                                        struct aa_label *target, bool stack,
                                        u32 request, struct aa_perms *perms)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        const char *info = NULL;
        int error = 0;
 
 
                   u32 request, struct path_cond *cond, int flags,
                   struct aa_perms *perms)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        int e = 0;
 
        if (profile_unconfined(profile))
                             const struct path *target, char *buffer2,
                             struct path_cond *cond)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        const char *lname, *tname = NULL;
        struct aa_perms lperms = {}, perms;
        const char *info = NULL;
 
 };
 
 /* struct aa_ruleset - data covering mediation rules
+ * @list: list the rule is on
  * @size: the memory consumed by this ruleset
  * @policy: general match rules governing policy
  * @file: The set of rules governing basic file access and domain transitions
  * @secmark: secmark label match info
  */
 struct aa_ruleset {
+       struct list_head list;
+
        int size;
 
        /* TODO: merge policy and file */
 };
 
 /* struct aa_attachment - data and rules for a profiles attachment
+ * @list:
  * @xmatch_str: human readable attachment string
  * @xmatch: optional extended matching for unconfined executables names
  * @xmatch_len: xmatch prefix len, used to determine xmatch priority
        const char *disconnected;
 
        struct aa_attachment attach;
-       struct aa_ruleset rules;
+       struct list_head rules;
 
        struct aa_loaddata *rawdata;
        unsigned char *hash;
 
 
 void aa_free_proxy_kref(struct kref *kref);
+struct aa_ruleset *aa_alloc_ruleset(gfp_t gfp);
 struct aa_profile *aa_alloc_profile(const char *name, struct aa_proxy *proxy,
                                    gfp_t gfp);
 struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
        return aa_dfa_match_len(rules->policy.dfa, state, (char *) &be_af, 2);
 }
 
+static inline aa_state_t ANY_RULE_MEDIATES(struct list_head *head,
+                                          unsigned char class)
+{
+       struct aa_ruleset *rule;
+
+       /* TODO: change to list walk */
+       rule = list_first_entry(head, typeof(*rule), list);
+       return RULE_MEDIATES(rule, class);
+}
+
 /**
  * aa_get_profile - increment refcount on profile @p
  * @p: profile  (MAYBE NULL)
 
                               struct aa_label *peer, u32 request,
                               struct common_audit_data *sa)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms perms;
        aa_state_t state;
 
        if (profile_unconfined(profile) ||
-           !RULE_MEDIATES(rules, AA_CLASS_SIGNAL))
+           !ANY_RULE_MEDIATES(&profile->rules, AA_CLASS_SIGNAL))
                return 0;
 
        aad(sa)->peer = peer;
 
                          u32 request, int type, u32 *deny,
                          struct common_audit_data *sa)
 {
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms perms;
 
        aad(sa)->label = &profile->label;
        aad(sa)->peer = &target->label;
        aad(sa)->request = request;
 
-       aa_profile_match_label(profile, &profile->rules, &target->label, type,
-                              request, &perms);
+       aa_profile_match_label(profile, rules, &target->label, type, request,
+                              &perms);
        aa_apply_modes_to_perms(profile, &perms);
        *deny |= request & perms.deny;
        return aa_check_perms(profile, &perms, request, sa, aa_audit_perms_cb);
 
                struct label_it i;
 
                label_for_each_confined(i, label, profile) {
+                       struct aa_ruleset *rules;
                        if (COMPLAIN_MODE(profile))
                                continue;
+                       rules = list_first_entry(&profile->rules,
+                                                typeof(*rules), list);
                        *effective = cap_intersect(*effective,
-                                                  profile->rules.caps.allow);
+                                                  rules->caps.allow);
                        *permitted = cap_intersect(*permitted,
-                                                  profile->rules.caps.allow);
+                                                  rules->caps.allow);
                }
        }
        rcu_read_unlock();
 
 {
        struct aa_perms perms = { };
        const char *mntpnt = NULL, *info = NULL;
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        int pos, error;
 
        AA_BUG(!profile);
                     bool binary)
 {
        const char *devname = NULL, *info = NULL;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        int error = -EACCES;
 
        AA_BUG(!profile);
        AA_BUG(devpath && !devbuffer);
 
-       if (!RULE_MEDIATES(&profile->rules, AA_CLASS_MOUNT))
+       if (!RULE_MEDIATES(rules, AA_CLASS_MOUNT))
                return 0;
 
        if (devpath) {
 static int profile_umount(struct aa_profile *profile, const struct path *path,
                          char *buffer)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms perms = { };
        const char *name = NULL, *info = NULL;
        aa_state_t state;
                                        const struct path *old_path,
                                        char *old_buffer)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        const char *old_name, *new_name = NULL, *info = NULL;
        const char *trans_name = NULL;
        struct aa_perms perms = { };
 
 int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa,
                       u32 request, u16 family, int type)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms perms = { };
        aa_state_t state;
        __be16 buffer[2];
 {
        int i, ret;
        struct aa_perms perms = { };
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
 
        if (rules->secmark_count == 0)
                return 0;
 
        kfree_sensitive(rules->secmark);
 }
 
+struct aa_ruleset *aa_alloc_ruleset(gfp_t gfp)
+{
+       struct aa_ruleset *rules;
+
+       rules = kzalloc(sizeof(*rules), gfp);
+       if (rules)
+               INIT_LIST_HEAD(&rules->list);
+
+       return rules;
+}
+
 /**
  * aa_free_profile - free a profile
  * @profile: the profile to free  (MAYBE NULL)
  */
 void aa_free_profile(struct aa_profile *profile)
 {
+       struct aa_ruleset *rule, *tmp;
        struct rhashtable *rht;
 
        AA_DEBUG("%s(%p)\n", __func__, profile);
        kfree_sensitive(profile->rename);
 
        free_attachment(&profile->attach);
-       free_ruleset(&profile->rules);
+
+       /*
+        * at this point there are no tasks that can have a reference
+        * to rules
+        */
+       list_for_each_entry_safe(rule, tmp, &profile->rules, list) {
+               list_del_init(&rule->list);
+               free_ruleset(rule);
+       }
        kfree_sensitive(profile->dirname);
 
        if (profile->data) {
                                    gfp_t gfp)
 {
        struct aa_profile *profile;
+       struct aa_ruleset *rules;
 
        /* freed by free_profile - usually through aa_put_profile */
        profile = kzalloc(struct_size(profile, label.vec, 2), gfp);
        if (!aa_label_init(&profile->label, 1, gfp))
                goto fail;
 
+       INIT_LIST_HEAD(&profile->rules);
+
+       /* allocate the first ruleset, but leave it empty */
+       rules = aa_alloc_ruleset(gfp);
+       if (!rules)
+               goto fail;
+       list_add(&rules->list, &profile->rules);
+
        /* update being set needed by fs interface */
        if (!proxy) {
                proxy = aa_alloc_proxy(&profile->label, gfp);
 struct aa_profile *aa_new_null_profile(struct aa_profile *parent, bool hat,
                                       const char *base, gfp_t gfp)
 {
+       struct aa_ruleset *rules;
        struct aa_profile *p, *profile;
        const char *bname;
        char *name = NULL;
        /* released on free_profile */
        rcu_assign_pointer(profile->parent, aa_get_profile(parent));
        profile->ns = aa_get_ns(parent->ns);
-       profile->rules.file.dfa = aa_get_dfa(nulldfa);
-       profile->rules.policy.dfa = aa_get_dfa(nulldfa);
+       rules = list_first_entry(&profile->rules, typeof(*rules), list);
+       rules->file.dfa = aa_get_dfa(nulldfa);
+       rules->policy.dfa = aa_get_dfa(nulldfa);
 
        mutex_lock_nested(&profile->ns->lock, profile->ns->level);
        p = __find_child(&parent->base.profiles, bname);
 
 static struct aa_profile *alloc_unconfined(const char *name)
 {
        struct aa_profile *profile;
+       struct aa_ruleset *rules;
 
        profile = aa_alloc_profile(name, NULL, GFP_KERNEL);
        if (!profile)
        profile->label.flags |= FLAG_IX_ON_NAME_ERROR |
                FLAG_IMMUTIBLE | FLAG_NS_COUNT | FLAG_UNCONFINED;
        profile->mode = APPARMOR_UNCONFINED;
-       profile->rules.file.dfa = aa_get_dfa(nulldfa);
-       profile->rules.policy.dfa = aa_get_dfa(nulldfa);
+       rules = list_first_entry(&profile->rules, typeof(*rules), list);
+       rules->file.dfa = aa_get_dfa(nulldfa);
+       rules->policy.dfa = aa_get_dfa(nulldfa);
 
        return profile;
 }
 
        return false;
 }
 
-static bool unpack_secmark(struct aa_ext *e, struct aa_profile *profile)
+static bool unpack_secmark(struct aa_ext *e, struct aa_ruleset *rules)
 {
-       struct aa_ruleset *rules = &profile->rules;
        void *pos = e->pos;
        u16 size;
        int i;
        return false;
 }
 
-static bool unpack_rlimits(struct aa_ext *e, struct aa_profile *profile)
+static bool unpack_rlimits(struct aa_ext *e, struct aa_ruleset *rules)
 {
        void *pos = e->pos;
 
                u32 tmp = 0;
                if (!unpack_u32(e, &tmp, NULL))
                        goto fail;
-               profile->rules.rlimits.mask = tmp;
+               rules->rlimits.mask = tmp;
 
                if (unpack_array(e, NULL, &size) != TRI_TRUE ||
                    size > RLIM_NLIMITS)
                        int a = aa_map_resource(i);
                        if (!unpack_u64(e, &tmp2, NULL))
                                goto fail;
-                       profile->rules.rlimits.limits[a].rlim_max = tmp2;
+                       rules->rlimits.limits[a].rlim_max = tmp2;
                }
                if (!unpack_nameX(e, AA_ARRAYEND, NULL))
                        goto fail;
        profile = aa_alloc_profile(name, NULL, GFP_KERNEL);
        if (!profile)
                return ERR_PTR(-ENOMEM);
-       rules = &profile->rules;
+       rules = list_first_entry(&profile->rules, typeof(*rules), list);
 
        /* profile renaming is optional */
        (void) unpack_str(e, &profile->rename, "rename");
                goto fail;
        }
 
-       if (!unpack_rlimits(e, profile)) {
+       if (!unpack_rlimits(e, rules)) {
                info = "failed to unpack profile rlimits";
                goto fail;
        }
 
-       if (!unpack_secmark(e, profile)) {
+       if (!unpack_secmark(e, rules)) {
                info = "failed to unpack profile secmark rules";
                goto fail;
        }
  */
 static int verify_profile(struct aa_profile *profile)
 {
-       if ((profile->rules.file.dfa &&
-            !verify_dfa_xindex(profile->rules.file.dfa,
-                               profile->rules.file.trans.size)) ||
-           (profile->rules.policy.dfa &&
-            !verify_dfa_xindex(profile->rules.policy.dfa,
-                               profile->rules.policy.trans.size))) {
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
+       if (!rules)
+               return 0;
+
+       if ((rules->file.dfa && !verify_dfa_xindex(rules->file.dfa,
+                                                 rules->file.trans.size)) ||
+           (rules->policy.dfa &&
+            !verify_dfa_xindex(rules->policy.dfa, rules->policy.trans.size))) {
                audit_iface(profile, NULL, NULL,
                            "Unpack: Invalid named transition", NULL, -EPROTO);
                return -EPROTO;
        }
 
-       if (!verify_perms(&profile->rules.file)) {
+       if (!verify_perms(&rules->file)) {
                audit_iface(profile, NULL, NULL,
                            "Unpack: Invalid perm index", NULL, -EPROTO);
                return -EPROTO;
        }
-       if (!verify_perms(&profile->rules.policy)) {
+       if (!verify_perms(&rules->policy)) {
                audit_iface(profile, NULL, NULL,
                            "Unpack: Invalid perm index", NULL, -EPROTO);
                return -EPROTO;
 
 static int profile_setrlimit(struct aa_profile *profile, unsigned int resource,
                             struct rlimit *new_rlim)
 {
-       struct aa_ruleset *rules = &profile->rules;
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        int e = 0;
 
        if (rules->rlimits.mask & (1 << resource) && new_rlim->rlim_max >
         * to the lesser of the tasks hard limit and the init tasks soft limit
         */
        label_for_each_confined(i, old_l, old) {
-               if (old->rules.rlimits.mask) {
+               struct aa_ruleset *rules = list_first_entry(&old->rules,
+                                                           typeof(*rules),
+                                                           list);
+               if (rules->rlimits.mask) {
                        int j;
 
                        for (j = 0, mask = 1; j < RLIM_NLIMITS; j++,
                                     mask <<= 1) {
-                               if (old->rules.rlimits.mask & mask) {
+                               if (rules->rlimits.mask & mask) {
                                        rlim = current->signal->rlim + j;
                                        initrlim = init_task.signal->rlim + j;
                                        rlim->rlim_cur = min(rlim->rlim_max,
 
        /* set any new hard limits as dictated by the new profile */
        label_for_each_confined(i, new_l, new) {
+               struct aa_ruleset *rules = list_first_entry(&new->rules,
+                                                           typeof(*rules),
+                                                           list);
                int j;
 
-               if (!new->rules.rlimits.mask)
+               if (!rules->rlimits.mask)
                        continue;
                for (j = 0, mask = 1; j < RLIM_NLIMITS; j++, mask <<= 1) {
-                       if (!(new->rules.rlimits.mask & mask))
+                       if (!(rules->rlimits.mask & mask))
                                continue;
 
                        rlim = current->signal->rlim + j;
                        rlim->rlim_max = min(rlim->rlim_max,
-                                            new->rules.rlimits.limits[j].rlim_max);
+                                            rules->rlimits.limits[j].rlim_max);
                        /* soft limit should not exceed hard limit */
                        rlim->rlim_cur = min(rlim->rlim_cur, rlim->rlim_max);
                }
 
                             struct aa_label *peer, u32 request,
                             struct common_audit_data *sa)
 {
+       struct aa_ruleset *rules = list_first_entry(&profile->rules,
+                                                   typeof(*rules), list);
        struct aa_perms perms = { };
 
        aad(sa)->peer = peer;
-       aa_profile_match_label(profile, &profile->rules, peer,
-                              AA_CLASS_PTRACE, request, &perms);
+       aa_profile_match_label(profile, rules, peer, AA_CLASS_PTRACE, request,
+                              &perms);
        aa_apply_modes_to_perms(profile, &perms);
        return aa_check_perms(profile, &perms, request, sa, audit_ptrace_cb);
 }
                               struct common_audit_data *sa)
 {
        if (profile_unconfined(tracee) || unconfined(tracer) ||
-           !RULE_MEDIATES(&tracee->rules, AA_CLASS_PTRACE))
+           !ANY_RULE_MEDIATES(&tracee->rules, AA_CLASS_PTRACE))
                return 0;
 
        return profile_ptrace_perm(tracee, tracer, request, sa);
        if (profile_unconfined(tracer))
                return 0;
 
-       if (RULE_MEDIATES(&tracer->rules, AA_CLASS_PTRACE))
+       if (ANY_RULE_MEDIATES(&tracer->rules, AA_CLASS_PTRACE))
                return profile_ptrace_perm(tracer, tracee, request, sa);
 
        /* profile uses the old style capability check for ptrace */