Pull Request: [Karmic] AppArmor fixes

Tim Gardner tim.gardner at canonical.com
Wed Aug 26 13:17:57 UTC 2009


John Johansen wrote:
> The following changes since commit 8ec099e541082d84a55d8af7a3cff8163cfeca1e:
>   Mario Limonciello (1):
>         UBUNTU: [Upstream]: (drop after 2.6.31) compal-laptop: Replace sysfs
> support with rfkill support
> 
> are available in the git repository at:
> 
>   kernel.ubuntu.com:/srv/kernel.ubuntu.com/git/jj/apparmor-karmic.git master
> 
> John Johansen (11):
>       UBUNTU: AppArmor: Fix attachment semantics for px, cx
>       UBUNTU: AppArmor: Fix attachment of profile names containing pattern matching
>       UBUNTU: AppArmor: Tell git to ignore generated include files
>       UBUNTU: AppArmor: Return the correct error code on failed profile remove
>       UBUNTU: AppArmor: enable profiles to control mmap_min_addr
>       UBUNTU: AppArmor: Fix profile listing to display all subprofiles
>       UBUNTU: AppArmor: Fix error returned for adding profile
>       UBUNTU: AppArmor: Fix profile namespace removal.
>       UBUNTU: AppArmor: Fix oops when auditing the addition of profile namespace
>       UBUNTU: AppArmor: Fix mapping of pux to new internal permission format
>       UBUNTU: AppArmor: Fix change_profile failure lp #401931
> 
>  ubuntu/apparmor/.gitignore         |    5 ++
>  ubuntu/apparmor/apparmorfs.c       |   34 +++++++---------
>  ubuntu/apparmor/domain.c           |   72 +++++++++++++++++++++++++++++++++---
>  ubuntu/apparmor/file.c             |    2 +-
>  ubuntu/apparmor/include/file.h     |    2 +
>  ubuntu/apparmor/include/policy.h   |    6 ++-
>  ubuntu/apparmor/lsm.c              |   12 ++---
>  ubuntu/apparmor/policy.c           |   52 +-------------------------
>  ubuntu/apparmor/policy_interface.c |   25 +++++++++---
>  9 files changed, 117 insertions(+), 93 deletions(-)
>  create mode 100644 ubuntu/apparmor/.gitignore
> 

Had it not been for Jamie's intervention on IRC this morning I would
have rejected most of these patches. I'm within a few days of putting a
lid on Karmic, so I'm not interested in any big changes. However, Jamie
thinks some of these patches are actual bug fixes which have been
holding up some AppArmor security specifications, though without a
Launchpad reference in all but one of the commit logs its hard for me to
tell.

Please redo your pull request (and commits) while keeping in mind these
criterion:

) Reference a Launchpad Buglink in every commit
) Keep your patch to an absolute minimum to fix the bug.
) Each commit must _demonstrably_ fix the bug referenced in the Buglink.
) No new features, no gratuitous reformatting or moving of files. Use
scripts/checkpatch.pl to verify formatting.

rtg
-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list