regression tests: add FIPS-140-2 lib validation hmac files

DBus services link against libgcrypt, and thus when libgcrypt has had
patches applied to make it FIP 140-2 compliant, the dbus based tests
confined by apparmor need access to the associated library integrity validation
file. Fix this by causing mkprofile to grant read access in all
generated profiles by default.

Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
Bug: https://bugs.launchpad.net/bugs/1891664
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/595

tests/regression/apparmor/mkprofile.pl

@@ -101,6 +101,10 @@ sub gen_default_rules() {
 
   # give every profile access to /dev/urandom (propolice, etc.)
   gen_file("/dev/urandom:r");
+
+  # give every profile access to FIPS hmac files in /lib and /usr/lib
+  gen_file("/{usr/,}lib{,32,64}/.lib*.so*.hmac:r");
+  gen_file("/{usr/,}lib/{,**/}.lib*.so*.hmac:r");
 }
 
 sub gen_elf_binary($) {