[PATCH Trusty SRU] UBUNTU: SAUCE: (no-up) apparmor: fix apparmor spams log with warning message
Tim Gardner
tim.gardner at canonical.com
Tue Jun 17 14:33:19 UTC 2014
From: John Johansen <john.johansen at canonical.com>
This is a fix to code that is not upstream.
Remove label check warning that is enforcing a condition that is not
yet always valid in the trusty version of apparmor. The check leaked
in from later patches in the -dev tree and does not belong in the
trusty code base.
BugLink: http://bugs.launchpad.net/bugs/1308761
Signed-off-by: John Johansen <john.johansen at canonical.com>
(cherry picked from commit 6e7486e74f6501be091cf23e84aa4db19f7beedb)
Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
---
security/apparmor/lsm.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index ffb64b6..fe68bd3 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -835,9 +835,6 @@ static int apparmor_unix_may_send(struct socket *sock, struct socket *other)
struct aa_label *label = __aa_get_current_label();
int error;
- /* TODO update label instead */
- AA_BUG(!aa_label_is_subset(cxt->label, label));
-
error = xcheck(unix_fs_perm(OP_SENDMSG, label, other->sk, MAY_WRITE),
unix_fs_perm(OP_SENDMSG, other_cxt->label, sock->sk,
MAY_READ));
--
1.9.1
More information about the kernel-team
mailing list