[apparmor] [PATCH] apparmor: properly handle cx/px lookup failure for complain mode profiles

[John Johansen]

On 8/23/24 14:48, Ryan Lee wrote:
> When a cx/px lookup fails, apparmor would deny execution of the binary
> even in complain mode (where it would audit as allowing execution while
> actually denying it). Instead, in complain mode, create a new learning
> profile, just as would have been done if the cx/px line wasn't there.
> 
> Signed-off-by: Ryan Lee <ryan.lee at canonical.com>

Acked-by: John Johansen <john.johansen at canonical.com>