[PATCH 0/4] [Karmic SRU] AppArmor fixes for LP#451375 LP#462824 LP#458299 LP#453335

Stefan Bader stefan.bader at canonical.com
Sat Oct 31 12:13:51 UTC 2009


John Johansen wrote:
> The following changes since commit 7423c4c3b22816168b912c39a0298227076854b8:
>   Scott James Remnant (1):
>         UBUNTU: SAUCE: trace: add trace events for open(), exec() and uselib()
> 
> are available in the git repository at:
> 
>   kernel.ubuntu.com:/srv/kernel.ubuntu.com/git/jj/apparmor-karmic.git master

As the patches did not make it directly, I looked at the repo directly. Btw,
you should use a git://kernel.ubuntu.com/jj/apparmor-karmic.git URL, so also
people without login to there can follow it.
 
> John Johansen (4):
>       UBUNTU: SAUCE: AppArmor: AppArmor wrongly reports allow perms as denied

As this one had been looking reasonably safe, I already took that one into the
repo.

>       UBUNTU: SAUCE: AppArmor: Policy load and replacement can fail to alloc mem

Ok, yes. This looks better now and also catches the failure case. ACK

>       UBUNTU: SAUCE: AppArmor: AppArmor fails to audit change_hat correctly

This seems a bit more complicated but mainly moving things around. But it more or
less looks safe (and the testings seems to have gone well, too). ACK

>       UBUNTU: SAUCE: AppArmor: AppArmor disallows truncate of deleted files.

Looks ok, to me. ACK

>  ubuntu/apparmor/domain.c |   41 ++++++++++++++++++++++++++++-------------
>  ubuntu/apparmor/file.c   |    4 ++--
>  ubuntu/apparmor/match.c  |   19 ++++++++++++++++---
>  ubuntu/apparmor/path.c   |    4 ++++
>  4 files changed, 50 insertions(+), 18 deletions(-)
> 
> 





More information about the kernel-team mailing list