drop broken 4.4.y patch

diff --git a/queue-4.4/apparmor-fix-security_apparmor_hash_default-parameter-handling.patch b/queue-4.4/apparmor-fix-security_apparmor_hash_default-parameter-handling.patch
deleted file mode 100644 (file)
index 549c843..0000000
--- a/queue-4.4/apparmor-fix-security_apparmor_hash_default-parameter-handling.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 Mon Sep 17 00:00:00 2001
-From: Arnd Bergmann <arnd@arndb.de>
-Date: Mon, 25 Jul 2016 10:59:07 -0700
-Subject: apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
-
-From: Arnd Bergmann <arnd@arndb.de>
-
-commit 7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 upstream.
-
-The newly added Kconfig option could never work and just causes a build error
-when disabled:
-
-security/apparmor/lsm.c:675:25: error: 'CONFIG_SECURITY_APPARMOR_HASH_DEFAULT' undeclared here (not in a function)
- bool aa_g_hash_policy = CONFIG_SECURITY_APPARMOR_HASH_DEFAULT;
-
-The problem is that the macro undefined in this case, and we need to use the IS_ENABLED()
-helper to turn it into a boolean constant.
-
-Another minor problem with the original patch is that the option is even offered
-in sysfs when SECURITY_APPARMOR_HASH is not enabled, so this also hides the option
-in that case.
-
-Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-Fixes: 6059f71f1e94 ("apparmor: add parameter to control whether policy hashing is used")
-Signed-off-by: John Johansen <john.johansen@canonical.com>
-Signed-off-by: James Morris <james.l.morris@oracle.com>
-[backported to 4.4 by Loic]
-Cc: Loic <hackurx@opensec.fr>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
----
- security/apparmor/crypto.c |    3 +++
- security/apparmor/lsm.c    |    6 ++++++
- 2 files changed, 9 insertions(+)
-
---- a/security/apparmor/crypto.c
-+++ b/security/apparmor/crypto.c
-@@ -39,6 +39,9 @@ int aa_calc_profile_hash(struct aa_profi
-       int error = -ENOMEM;
-       u32 le32_version = cpu_to_le32(version);
- 
-+      if (!aa_g_hash_policy)
-+              return 0;
-+
-       if (!apparmor_tfm)
-               return 0;
- 
---- a/security/apparmor/lsm.c
-+++ b/security/apparmor/lsm.c
-@@ -692,6 +692,12 @@ enum profile_mode aa_g_profile_mode = AP
- module_param_call(mode, param_set_mode, param_get_mode,
-                 &aa_g_profile_mode, S_IRUSR | S_IWUSR);
- 
-+#ifdef CONFIG_SECURITY_APPARMOR_HASH
-+/* whether policy verification hashing is enabled */
-+bool aa_g_hash_policy = IS_ENABLED(CONFIG_SECURITY_APPARMOR_HASH_DEFAULT);
-+module_param_named(hash_policy, aa_g_hash_policy, aabool, S_IRUSR | S_IWUSR);
-+#endif
-+
- /* Debug mode */
- bool aa_g_debug;
- module_param_named(debug, aa_g_debug, aabool, S_IRUSR | S_IWUSR);

diff --git a/queue-4.4/series b/queue-4.4/series
index 17d56cdcbd9a66104ce55800ab80155d2db7273e..6888714437c14f284bc35da259b1918711e9a897 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -54,4 +54,3 @@ mtd-ubi-wl-fix-error-return-code-in-ubi_wl_init.patch
 autofs-fix-autofs_sbi-does-not-check-super-block-type.patch
 x86-speculation-l1tf-increase-l1tf-memory-limit-for-nehalem.patch
 mm-get-rid-of-vmacache_flush_all-entirely.patch
-apparmor-fix-security_apparmor_hash_default-parameter-handling.patch