diff options
| author | John Johansen <john.johansen@canonical.com> | 2023-01-29 01:55:03 -0800 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2025-01-18 06:47:12 -0800 |
| commit | 46b9b994dd554099b3ca74a20a0d1fb392c83a87 (patch) | |
| tree | aefbfab213f8597c6f78504b9f6f0be2fb6f7164 | |
| parent | apparmor: cleanup: attachment perm lookup to use lookup_perms() (diff) | |
| download | linux-46b9b994dd554099b3ca74a20a0d1fb392c83a87.tar.gz linux-46b9b994dd554099b3ca74a20a0d1fb392c83a87.zip | |
apparmor: remove redundant unconfined check.
profile_af_perm and profile_af_sk_perm are only ever called after
checking that the profile is not unconfined. So we can drop these
redundant checks.
Signed-off-by: John Johansen <john.johansen@canonical.com>
| -rw-r--r-- | security/apparmor/net.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security/apparmor/net.c b/security/apparmor/net.c index 77413a519117..8b7a63c08ba1 100644 --- a/security/apparmor/net.c +++ b/security/apparmor/net.c @@ -118,9 +118,8 @@ int aa_profile_af_perm(struct aa_profile *profile, AA_BUG(family >= AF_MAX); AA_BUG(type < 0 || type >= SOCK_MAX); + AA_BUG(profile_unconfined(profile)); - if (profile_unconfined(profile)) - return 0; state = RULE_MEDIATES(rules, AA_CLASS_NET); if (!state) return 0; |