Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull apparmor fixes from James Morris:
 "A couple more regressions fixed"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  apparmor: fix bad lock balance when introspecting policy
  apparmor: fix memleak of the profile hash

2 files changed, 2 insertions, 3 deletions

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 95c2b2689a03..7db9954f1af2 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -580,15 +580,13 @@ static struct aa_namespace *__next_namespace(struct aa_namespace *root,
 
         /* check if the next ns is a sibling, parent, gp, .. */
         parent = ns->parent;
-        while (parent) {
+        while (ns != root) {
                 mutex_unlock(&ns->lock);
                 next = list_entry_next(ns, base.list);
                 if (!list_entry_is_head(next, &parent->sub_ns, base.list)) {
                         mutex_lock(&next->lock);
                         return next;
                 }
-                if (parent == root)
-                        return NULL;
                 ns = parent;
                 parent = parent->parent;
         }
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 345bec07a27d..705c2879d3a9 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -610,6 +610,7 @@ void aa_free_profile(struct aa_profile *profile)
         aa_put_dfa(profile->policy.dfa);
         aa_put_replacedby(profile->replacedby);
 
+        kzfree(profile->hash);
         kzfree(profile);
 }