1
Index: b/security/apparmor/module_interface.c
2
===================================================================
3
--- a/security/apparmor/module_interface.c
4
+++ b/security/apparmor/module_interface.c
5
@@ -328,35 +328,6 @@ fail:
9
- * aa_activate_net_entry - unpacked serialized net entries
10
- * @e: serialized data extent information
12
- * Ignore/skips net entries if they are present in the serialized data
13
- * stream. Network confinement rules are currently unsupported but some
14
- * user side tools can generate them so they are currently ignored.
16
-static inline int aa_activate_net_entry(struct aa_ext *e)
18
- AA_READ_X(e, AA_STRUCT, NULL, "ne");
19
- AA_READ_X(e, AA_U32, NULL, NULL);
20
- AA_READ_X(e, AA_U32, NULL, NULL);
21
- AA_READ_X(e, AA_U32, NULL, NULL);
22
- AA_READ_X(e, AA_U16, NULL, NULL);
23
- AA_READ_X(e, AA_U16, NULL, NULL);
24
- AA_READ_X(e, AA_U32, NULL, NULL);
25
- AA_READ_X(e, AA_U32, NULL, NULL);
26
- AA_READ_X(e, AA_U16, NULL, NULL);
27
- AA_READ_X(e, AA_U16, NULL, NULL);
28
- /* interface name is optional so just ignore return code */
29
- aa_is_nameX(e, AA_DYN_STRING, NULL, NULL);
30
- AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
38
* aa_activate_dfa - unpack a file rule dfa
39
* @e: serialized data extent information
41
@@ -433,14 +404,6 @@ static struct aa_profile *aa_activate_pr
45
- /* get the net entries */
46
- if (aa_is_nameX(e, AA_LIST, NULL, "net")) {
47
- error_string = "Invalid net entry";
48
- while (!aa_is_nameX(e, AA_LISTEND, NULL, NULL)) {
49
- if (!aa_activate_net_entry(e))