UBUNTU: SAUCE: Revert "apparmor: Add a wildcard secid"

Revert currently unused by Ubuntu apparmor features that require secid
support, to enable apparmor LSM stacking with the 5.1 LSM stacking
patchset.

This reverts commit 617a629c08bfffb05249131079d9a38322902e5b.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

diff --git a/security/apparmor/include/secid.h b/security/apparmor/include/secid.h
index 48ff1ddecad5186526fbfa5b0e307a98828bb937..6a29aa43e5950cdf13136e65dcaf25d6b6862758 100644 (file)
--- a/security/apparmor/include/secid.h
+++ b/security/apparmor/include/secid.h
@@ -18,9 +18,6 @@ struct aa_label;
 /* secid value that will not be allocated */
 #define AA_SECID_INVALID 0
 
-/* secid value that matches any other secid */
-#define AA_SECID_WILDCARD 1
-
 struct aa_label *aa_secid_to_label(u32 secid);
 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);

diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c
index ce545f99259e5291ef6c99142e3e2ffccf19cde4..3ddfcb72e25690d92f254b41085d8042f2940e09 100644 (file)
--- a/security/apparmor/secid.c
+++ b/security/apparmor/secid.c
@@ -27,7 +27,8 @@
  * secids - do not pin labels with a refcount. They rely on the label
  * properly updating/freeing them
  */
-#define AA_FIRST_SECID 2
+
+#define AA_FIRST_SECID 1
 
 static DEFINE_IDR(aa_secids);
 static DEFINE_SPINLOCK(secid_lock);