From 2b3dcf7ac1381ac7966b4abb72f612185988656d Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Fri, 6 Feb 2015 18:12:29 -0600
Subject: [FIX FOR 10/13] fix: Don't audit unrequested reply message denials

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
---
 bus/apparmor.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/bus/apparmor.c b/bus/apparmor.c
index 9f42c81..71f7413 100644
--- a/bus/apparmor.c
+++ b/bus/apparmor.c
@@ -852,7 +852,17 @@ bus_apparmor_allows_send (DBusConnection     *sender,
                                    error_name,
                                    destination);
 
-  if (!src_audit && !dst_audit)
+  /* Don't audit the message if one of the following conditions is true:
+   *   1) The AppArmor query indicates that auditing should not happen.
+   *   2) The message is a reply type. Reply message are not audited because
+   *      the AppArmor policy language does not have the notion of a reply
+   *      message. Unrequested replies will be silently discarded if the sender
+   *      does not have permission to send to the receiver or if the receiver
+   *      does not have permission to receive from the sender.
+   */
+  if ((!src_audit && !dst_audit) ||
+      (msgtype == DBUS_MESSAGE_TYPE_METHOD_RETURN ||
+       msgtype == DBUS_MESSAGE_TYPE_ERROR))
     goto out;
 
  audit:
-- 
2.1.0