Merged requested to merge cboltz/apparmor:cboltz-file-mixed-mode into master
Probably thanks to O_MAYEXEC, denials for file access can now contain a mix of x (exec) and other file permissions.
The actual exec should appear in a separate "exec" log event, therefore ignore 'x' in file events for now if it's mixed with other permissions.
Note that file events ("open", "link" etc.) that contain denied_mask="x" without another permission will still cause an error. (So far, this hasn't been seen in the wild.)
Fixes: #303 (closed)
Also add the log line from the bugreport and the (for now) expected result as test_multi testcase.
I propose this patch for all branches.