[apparmor] IPC and sockets
Viacheslav Salnikov
slavasalnikovv at gmail.com
Fri Feb 9 12:05:46 UTC 2018
Hi Jonh,
But even if upstream backport from 4.10 to 4.4 does not contain out-of-tree
patches, Xenial 4.4 has sockets support (*and probably namespaces support
too*).
Or am I wrong?
2018-02-07 15:59 GMT+02:00 John Johansen <john.johansen at canonical.com>:
> On 02/07/2018 04:32 AM, Viacheslav Salnikov wrote:
> > Hi guys,
> >
> > I checked out Ubuntu 16.04 and got this output:
> > $ cat /sys/kernel/security/apparmor/features/network/af_unix
> > yes
> >
> > But Ubuntu 16.04 based on 4.4 kernel
> > $ uname -a
> > Linux 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018
> x86_64 x86_64 x86_64 GNU/Linux
> >
> >
> > I cloned xenial kernel for investigation and af_unit is in the kernel.
> > Does it mean that somebody did the backport or what? Maybe you know
> about that.
> >
>
> yes ubuntu backported the 17.04 apparmor patches to the 4.4 kernel for
> 16.04. You can find
> the same basic backports against the upstream kernel at
>
> http://kernel.ubuntu.com/git/jj/linux-apparmor-backports/
>
> specifically the branch series
>
> v4.10-aa3.6-backport-to-v4.X
>
> where X is covers 4.0 .. 4.9
>
> there is also a v4.13 backport series, but it only backports which
> backport 4.13 apparmor to
> 4.12, 4.11, and 4.10
>
>
> the upstream backport series does not include the out of tree patches but
> those can be
> obtained from the apparmor project tree in the kernel patches directory
>
> https://gitlab.com/apparmor/apparmor/tree/master/kernel-patches
>
> or from the ubuntu kernel git tree
>
> this comes with the standard disclaimer that out of tree patches and
> interfaces may change
> some as part of the upstreaming process
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20180209/eb0c100b/attachment.html>
More information about the AppArmor
mailing list