[apparmor] AppArmor kernel audit locks up system

[Paul Moore]

On Wed, Oct 18, 2023 at 4:50 PM Paul Moore <paul at paul-moore.com> wrote:
> It shouldn't, the only time we ever really operate on something other
> than @current is when a fork/clone happens and we are filtering on the
> new child process.  At least that used to be the case, I can't imagine
> someone would audit something other than @current (not sure you could
> with respect to this stuff?), but I guess it couldn't hurt to double
> check on the current code base.

Yes, that still looks to be the case.

-- 
paul-moore.com