[apparmor] Bug#661151: Bug#661151: linux-2.6: lacks AppArmor kernel/userspace interface

Wed Mar 14 10:35:13 UTC 2012

On 03/14/2012 03:24 AM, intrigeri wrote:
> Hi,
> 
> John Johansen wrote (13 Mar 2012 16:33:53 GMT) :
>> sorry I missed this,
> 
> Thank you, John, for your answers :)
> 
>> yes you can pull them out of the tarball,
> 
> That would be 0002-AppArmor-compatibility-patch-for-v5-interface.patch
> that can be found in the kernel-patches/$LATEST/ directory of the
> apparmor Debian source package. Given $LATEST == 3.1 currently, see
> bellow for the Ubuntu patches that were maybe refreshed.
> 
> John, do you confirm this patch does not depend on any of the
> two others?
> 
It does not but there may be a small conflict or two to resolve if
0001-AppArmor-compatibility-patch-for-v5-network-controll.patch is not
applied first.

If it doesn't apply cleanly I will be happy to update it for you.

> (namely:
> 0001-AppArmor-compatibility-patch-for-v5-network-controll.patch and
> 0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch)
> 
>> or from the ubuntu kernel tree.
> 
> I guess that would be
> http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-precise.git;a=commit;h=56f928f0cbf810c047a9a72e4e5c4840800437ec
> 
> John, please correct me if I did not guess right.
> 
You are right

>> There are also a new set of patches available against the 3.3
>> kernel. The static parts of the interface have been updated and
>> pushed into the 3.4 kernel. And the goal is to get the other part
>> into the 3.5 kernel (still a wip).
> 
> John: I guess the Linux 3.2 kernel shipped in Precise will carry those
> patches, and this is why the v5 compat' patches got recently reverted
> in Precise's kernel tree, right?
> 
correct

>> Though those will require a more recent userspace.
> 
> John: that will be called 2.8, right?
> 
correct. The 2.8 userspace release will ship with precise and will be
compatible with both the older and newer kernel interfaces.