parser: support multiple mount conditionals in a single rule

Now that flag processing for mount rules with single option
conditionals are fixed e-enable multiple mount conditionals on a
single mount rule. The mount conditionals are equivalent to specifying
multiple rules.

      mount options=(a,b,c) options=(c,d),
    is the same as
      mount options=(a,b,c),
      mount options=(c,d),

    and
      mount options in (a,b,c) options in (c,d),
      is the same as
        mount options in (a,b,c),
        mount options in (c,d),

    when multiple options= and options in are combined in a single rule
    it is the same as the cross product of the options.

    where
      mount options=(a,b,c) options in (d,e),
    is a single rule.

      mount options=(a,b,c) options=(d,e) options in (f),
    is equivalent to
      mount options=(a,b,c) options in (f),
      mount options=(d,e) options in (f),

    and while it is not recommended that multiple options= and options in
    conditions be used in a single rule.
      mount options=(a,b,c) options=(d,e) options in (f) options in (g),
    is equivalent to
      mount options=(a,b,c) options in (f),
      mount options=(a,b,c) options in (g),
      mount options=(d,e) options in (f),
      mount options=(d,e) options in (g),

Bug Link: https://bugs.launchpad.net/apparmor/+bug/1597017

Signed-off-by: John Johansen <john.johansen@canonical.com>
- rebased to bba1a023bf
- fixed infinite loop in mnt_rule::gen_policy_re
Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>

parser/parser.h

@@ -266,6 +266,16 @@ do {						\
 	prev;				\
 })
 
+#define list_pop(LIST)				\
+({						\
+	typeof(LIST) _entry = (LIST);		\
+	if (LIST) {				\
+		(LIST) = (LIST)->next;		\
+		_entry->next = NULL;		\
+	}					\
+	_entry;					\
+})
+
 #define list_remove_at(LIST, PREV, ENTRY)			\
 	if (PREV)						\
 		(PREV)->next = (ENTRY)->next;			\