apparmor: pass gfp_t parameter into profile allocation

Signed-off-by: John Johansen <john.johansen@canonical.com>
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index 1573cad..b44eaea 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -172,7 +172,7 @@ void aa_add_profile(struct aa_policy *common, struct aa_profile *profile);
 
 
 void aa_free_proxy_kref(struct kref *kref);
-struct aa_profile *aa_alloc_profile(const char *name);
+struct aa_profile *aa_alloc_profile(const char *name, gfp_t gfp);
 struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat);
 void aa_free_profile(struct aa_profile *profile);
 void aa_free_profile_kref(struct kref *kref);
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index e02ab20..e310f3b 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -255,24 +255,25 @@ void aa_free_profile_kref(struct kref *kref)
 /**
  * aa_alloc_profile - allocate, initialize and return a new profile
  * @hname: name of the profile  (NOT NULL)
+ * @gfp: allocation type
  *
  * Returns: refcount profile or NULL on failure
  */
-struct aa_profile *aa_alloc_profile(const char *hname)
+struct aa_profile *aa_alloc_profile(const char *hname, gfp_t gfp)
 {
 	struct aa_profile *profile;
 
 	/* freed by free_profile - usually through aa_put_profile */
-	profile = kzalloc(sizeof(*profile), GFP_KERNEL);
+	profile = kzalloc(sizeof(*profile), gfp);
 	if (!profile)
 		return NULL;
 
-	profile->proxy = kzalloc(sizeof(struct aa_proxy), GFP_KERNEL);
+	profile->proxy = kzalloc(sizeof(struct aa_proxy), gfp);
 	if (!profile->proxy)
 		goto fail;
 	kref_init(&profile->proxy->count);
 
-	if (!aa_policy_init(&profile->base, NULL, hname, GFP_KERNEL))
+	if (!aa_policy_init(&profile->base, NULL, hname, gfp))
 		goto fail;
 	kref_init(&profile->count);
 
@@ -312,7 +313,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat)
 		goto fail;
 	sprintf(name, "%s//null-%x", parent->base.hname, uniq);
 
-	profile = aa_alloc_profile(name);
+	profile = aa_alloc_profile(name, GFP_KERNEL);
 	kfree(name);
 	if (!profile)
 		goto fail;
diff --git a/security/apparmor/policy_ns.c b/security/apparmor/policy_ns.c
index f6cdc73..1e19bd3 100644
--- a/security/apparmor/policy_ns.c
+++ b/security/apparmor/policy_ns.c
@@ -102,7 +102,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
 	mutex_init(&ns->lock);
 
 	/* released by aa_free_ns() */
-	ns->unconfined = aa_alloc_profile("unconfined");
+	ns->unconfined = aa_alloc_profile("unconfined", GFP_KERNEL);
 	if (!ns->unconfined)
 		goto fail_unconfined;
 
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 1381206..9ddc6b2 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -486,7 +486,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
 	if (!unpack_str(e, &name, NULL))
 		goto fail;
 
-	profile = aa_alloc_profile(name);
+	profile = aa_alloc_profile(name, GFP_KERNEL);
 	if (!profile)
 		return ERR_PTR(-ENOMEM);