apparmor: fix test error: WARNING in apparmor_unix_stream_connect

commit 88fec3526e84 ("apparmor: make sure unix socket labeling is correctly updated.")
added the use of security_sk_alloc() which ensures the sk label is
initialized.

This means that the AA_BUG in apparmor_unix_stream_connect() is no
longer correct, because while the sk is still not being initialized
by going through post_create, it is now initialize in sk_alloc().
Remove the now invalid check.

Reported-by: syzbot+cd38ee04bcb3866b0c6d@syzkaller.appspotmail.com
Fixes: 88fec3526e84 ("apparmor: make sure unix socket labeling is correctly updated.")
Signed-off-by: John Johansen <john.johansen@canonical.com>

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 9a64b2db02672985e18199646c62a503569b17ef..e4b2944431e490c4b141a11c07af176dde1055c1 100644 (file)
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1205,8 +1205,9 @@ static int apparmor_unix_stream_connect(struct sock *sk, struct sock *peer_sk,
        if (error)
                return error;
 
-       /* newsk doesn't go through post_create */
-       AA_BUG(rcu_access_pointer(new_ctx->label));
+       /* newsk doesn't go through post_create, but does go through
+        * security_sk_alloc()
+        */
        rcu_assign_pointer(new_ctx->label,
                           aa_get_label(rcu_dereference_protected(peer_ctx->label,
                                                                  true)));