apparmor: Fix memleak in alloc_ns()

After changes in commit a1bd627 ("apparmor: share profile name on
replacement"), the hname member of struct aa_policy is not valid slab
object, but a subset of that, it can not be freed by kfree_sensitive(),
use aa_policy_destroy() to fix it.

Fixes: a1bd627 ("apparmor: share profile name on replacement")
Signed-off-by: Xiu Jianfeng <[email protected]>
Signed-off-by: John Johansen <[email protected]>

Author: Xiu Jianfeng

security/apparmor/policy_ns.c

@@ -132,7 +132,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
 	return ns;
 
 fail_unconfined:
-	kfree_sensitive(ns->base.hname);
+	aa_policy_destroy(&ns->base);
 fail_ns:
 	kfree_sensitive(ns);
 	return NULL;