2 files changed, 10 insertions, 35 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index 1ddd5e5728b8..4eafdd88f44e 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -80,7 +80,6 @@ struct aa_profile;
 * @name: name of the object
 * @hname - The hierarchical name
 * @list: list policy object is on
- * @rcu: rcu head used when removing from @list
 * @profiles: head of the profiles list contained in the object
 */
 struct aa_policy {
@@ -88,7 +87,6 @@ struct aa_policy {
        char *hname;
        struct list_head list;
        struct list_head profiles;
-        struct rcu_head rcu;
 };
 /* struct aa_ns_acct - accounting of profiles in namespace
@@ -157,6 +155,7 @@ struct aa_replacedby {
 /* struct aa_profile - basic confinement data
 * @base - base components of the profile (name, refcount, lists, lock ...)
 * @count: reference count of the obj
+ * @rcu: rcu head used when removing from @list
 * @parent: parent of profile
 * @ns: namespace the profile is in
 * @replacedby: is set to the profile that replaced this profile
@@ -190,6 +189,7 @@ struct aa_replacedby {
 struct aa_profile {
        struct aa_policy base;
        struct kref count;
+        struct rcu_head rcu;
        struct aa_profile __rcu *parent;
        struct aa_namespace *ns;
@@ -317,12 +317,8 @@ static inline struct aa_profile *aa_get_newest_profile(struct aa_profile *p)
 */
 static inline void aa_put_profile(struct aa_profile *p)
 {
-        if (p) {
+        if (p)
-                if (p->flags & PFLAG_NS_COUNT)
+                kref_put(&p->count, aa_free_profile_kref);
-                        kref_put(&p->count, aa_free_namespace_kref);
-                else
-                        kref_put(&p->count, aa_free_profile_kref);
-        }
 }
 static inline struct aa_replacedby *aa_get_replacedby(struct aa_replacedby *p)
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 0ceee967434c..aee2e71827cd 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -329,30 +329,6 @@ static void free_namespace(struct aa_namespace *ns)
 }
 /**
- * aa_free_namespace_rcu - free aa_namespace by rcu
- * @head: rcu_head callback for freeing of a profile  (NOT NULL)
- *
- * rcu_head is to the unconfined profile associated with the namespace
- */
-static void aa_free_namespace_rcu(struct rcu_head *head)
-{
-        struct aa_profile *p = container_of(head, struct aa_profile, base.rcu);
-        free_namespace(p->ns);
-}
-/**
- * aa_free_namespace_kref - free aa_namespace by kref (see aa_put_namespace)
- * @kr: kref callback for freeing of a namespace  (NOT NULL)
- *
- * kref is to the unconfined profile associated with the namespace
- */
-void aa_free_namespace_kref(struct kref *kref)
-{
-        struct aa_profile *p = container_of(kref, struct aa_profile, count);
-        call_rcu(&p->base.rcu, aa_free_namespace_rcu);
-}
-/**
 * __aa_find_namespace - find a namespace on a list by @name
 * @head: list to search for namespace on  (NOT NULL)
 * @name: name of namespace to look for  (NOT NULL)
@@ -632,8 +608,11 @@ static void free_profile(struct aa_profile *profile)
 */
 static void aa_free_profile_rcu(struct rcu_head *head)
 {
-        struct aa_profile *p = container_of(head, struct aa_profile, base.rcu);
+        struct aa_profile *p = container_of(head, struct aa_profile, rcu);
-        free_profile(p);
+        if (p->flags & PFLAG_NS_COUNT)
+                free_namespace(p->ns);
+        else
+                free_profile(p);
 }
 /**
@@ -643,7 +622,7 @@ static void aa_free_profile_rcu(struct rcu_head *head)
 void aa_free_profile_kref(struct kref *kref)
 {
        struct aa_profile *p = container_of(kref, struct aa_profile, count);
-        call_rcu(&p->base.rcu, aa_free_profile_rcu);
+        call_rcu(&p->rcu, aa_free_profile_rcu);
 }
 /**