[resolute][Patch 1/1] UBUNTU: SAUCE: apparmor: fix aa_label_sk_perm to check for RULE_MEDIATES_NET

[John Johansen]

BugLink: http://www.launchpad.net/bugs/2141298

During the refactor in commit b26be68a7e9f, the check for
RULE_MEDIATES_NET and the compat were split, but aa_label_sk_perm was
not updated accordingly and was only checking for the compat net
rules.

Fixes: b26be68a7e9f ("UBUNTU: SAUCE: apparmor5.0.0 [34/53]: apparmor: lift compatibility check out of profile_af_perm")
Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-by: Georgia Garcia <georgia.garcia at canonical.com>
---
 security/apparmor/net.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/apparmor/net.c b/security/apparmor/net.c
index 715015802626..ce64925e4a04 100644
--- a/security/apparmor/net.c
+++ b/security/apparmor/net.c
@@ -338,7 +338,8 @@ static int aa_label_sk_perm(const struct cred *subj_cred,
 
 		ad.subj_cred = subj_cred;
 		error = fn_for_each_confined(label, profile,
-			    aa_profile_af_sk_perm(profile, &ad, request, sk));
+			    profile_af_perm(profile, &ad, request, sk->sk_family,
+					    sk->sk_type, sk->sk_protocol));
 	}
 
 	return error;
-- 
2.51.0