From f71ac63249cea2bf5ac00732e50bee3a1f91c72d Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Sun, 29 Jan 2023 01:55:03 -0800
Subject: [PATCH] UBUNTU: SAUCE: apparmor4.0.0 [75/90]: apparmor: remove
 redundant unconfined check.

BugLink: http://bugs.launchpad.net/bugs/2028253

profile_af_perm and profile_af_sk_perm are only ever called after
checking that the profile is not unconfined.

Signed-off-by: John Johansen <john.johansen@canonical.com>
(cherry picked from commit 47a4d61cc235c957e264e9f12fd126ed8e012a23
https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 security/apparmor/net.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/security/apparmor/net.c b/security/apparmor/net.c
index c8d12e3f1d0e..34503c8036a8 100644
--- a/security/apparmor/net.c
+++ b/security/apparmor/net.c
@@ -173,9 +173,8 @@ int aa_profile_af_perm(struct aa_profile *profile,
 
 	AA_BUG(family >= AF_MAX);
 	AA_BUG(type < 0 || type >= SOCK_MAX);
+	AA_BUG(profile_unconfined(profile));
 
-	if (profile_unconfined(profile))
-		return 0;
 	state = RULE_MEDIATES(rules, AA_CLASS_NET);
 	if (state) {
 		buffer[0] = cpu_to_be16(family);