feat(profile): remove transparent_hugepage rule already included in base.

apparmor.d/groups/network/mullvad-daemon

@@ -55,7 +55,6 @@ profile mullvad-daemon @{exec_path} flags=(attach_disconnected) {
   @{sys}/fs/cgroup/net_cls/ w,
   @{sys}/fs/cgroup/net_cls/mullvad-exclusions/ w,
   @{sys}/fs/cgroup/net_cls/mullvad-exclusions/net_cls.classid rw,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
 
   owner @{tmp}/@{uuid} rw,
   owner @{tmp}/talpid-openvpn-@{uuid} rw,

apparmor.d/groups/network/tailscale

@@ -27,8 +27,6 @@ profile tailscale @{exec_path} {
 
   owner @{run}/tailscale/tailscaled.sock rw,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
         @{PROC}/ r,
         @{PROC}/@{pids}/stat r,
         @{PROC}/sys/net/core/somaxconn r,

apparmor.d/groups/network/tailscaled

@@ -69,7 +69,6 @@ profile tailscaled @{exec_path} flags=(attach_disconnected) {
   owner @{run}/tailscale/{,**} rw,
 
   @{sys}/devices/virtual/dmi/id/{bios_vendor,product_name} r,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
 
   @{PROC}/ r,
   @{PROC}/@{pid}/mounts r,

apparmor.d/groups/ubuntu/apt-esm-json-hook

@@ -21,8 +21,6 @@ profile apt-esm-json-hook @{exec_path} {
   /var/lib/ubuntu-advantage/{,**} r,
   /var/lib/ubuntu-advantage/apt-esm/{,**} rw,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   @{run}/cloud-init/cloud-id-nocloud r,
 
   owner @{PROC}/@{pid}/fd/ r,

apparmor.d/groups/ubuntu/ubuntu-report

@@ -23,8 +23,6 @@ profile ubuntu-report @{exec_path} {
 
   owner @{user_cache_dirs}/ubuntu-report/{,*} r,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/ubuntu-report>
 }
 

apparmor.d/groups/virt/cni-bandwidth

@@ -18,8 +18,6 @@ profile cni-bandwidth @{exec_path} {
 
   @{exec_path} mr,
   
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-bandwidth>
 }
 

apparmor.d/groups/virt/cni-bridge

@@ -12,8 +12,6 @@ profile cni-bridge @{exec_path} {
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-bridge>
 }
 

apparmor.d/groups/virt/cni-calico

@@ -41,8 +41,6 @@ profile cni-calico @{exec_path} flags=(attach_disconnected) {
   @{PROC}/sys/net/ipv{4,6}/ip_forward rw,
   @{PROC}/sys/net/ipv{4,6}/{conf,neigh}/cali[0-9a-z]*/* rw,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-calico>
 }
 

apparmor.d/groups/virt/cni-firewall

@@ -12,8 +12,6 @@ profile cni-firewall @{exec_path} {
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-firewall>
 }
 

apparmor.d/groups/virt/cni-flannel

@@ -12,8 +12,6 @@ profile cni-flannel @{exec_path} flags=(complain,attach_disconnected){
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-flannel>
 }
 

apparmor.d/groups/virt/cni-host-local

@@ -12,8 +12,6 @@ profile cni-host-local @{exec_path} flags=(complain,attach_disconnected){
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-host-local>
 }
 

apparmor.d/groups/virt/cni-loopback

@@ -22,8 +22,6 @@ profile cni-loopback @{exec_path} flags=(attach_disconnected) {
   @{run}/netns/ r,
   @{run}/netns/cni-@{uuid} rw,
   
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-loopback>
 }
 

apparmor.d/groups/virt/cni-portmap

@@ -19,8 +19,6 @@ profile cni-portmap @{exec_path} {
 
   @{PROC}/sys/net/ipv{4,6}/conf/cali[0-9a-z]*/route_localnet rw,
   
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-portmap>
 }
 

apparmor.d/groups/virt/cni-tuning

@@ -12,8 +12,6 @@ profile cni-tuning @{exec_path} {
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   include if exists <local/cni-tuning>
 }
 

apparmor.d/groups/virt/containerd

@@ -92,7 +92,6 @@ profile containerd @{exec_path} flags=(attach_disconnected) {
   owner /var/tmp/** rwkl,
 
   @{sys}/fs/cgroup/kubepods/** r,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
   @{sys}/kernel/security/apparmor/profiles r,
   @{sys}/module/apparmor/parameters/enabled r,
 

apparmor.d/groups/virt/containerd-shim-runc-v2

@@ -49,7 +49,6 @@ profile containerd-shim-runc-v2 @{exec_path} flags=(attach_disconnected) {
   @{sys}/fs/cgroup/{,**} rw,
   @{sys}/fs/cgroup/kubepods/{,**} rw,
   @{sys}/kernel/mm/hugepages/ r,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
 
   @{PROC}/@{pids}/cgroup r,
   @{PROC}/@{pids}/mountinfo r,

apparmor.d/groups/virt/docker-proxy

@@ -20,8 +20,6 @@ profile docker-proxy @{exec_path} {
 
   @{exec_path} mr,
 
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
-
   @{PROC}/sys/net/core/somaxconn r,
 
   include if exists <local/docker-proxy>

apparmor.d/groups/virt/dockerd

@@ -75,7 +75,6 @@ profile dockerd @{exec_path} flags=(attach_disconnected) {
   @{sys}/fs/cgroup/cgroup.controllers r,
   @{sys}/fs/cgroup/cpuset.cpus.effective r,
   @{sys}/fs/cgroup/cpuset.mems.effective r,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
   @{sys}/kernel/security/apparmor/profiles r,
   @{sys}/module/apparmor/parameters/enabled r,
 

apparmor.d/groups/virt/k3s

@@ -163,7 +163,6 @@ profile k3s @{exec_path} flags=(attach_disconnected) {
   @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/{,**/} r,
 
   @{sys}/kernel/mm/hugepages/ r,
-  @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
   @{sys}/kernel/mm/hugepages/hugepages-*/nr_hugepages r,
   @{sys}/kernel/security/apparmor/profiles r,