[Quantal][Patch 0/5] Fix apparmor failures in quantal kernel

John Johansen john.johansen at canonical.com
Tue May 22 15:22:16 UTC 2012


The following patches updates the mount, and network patches which where
broken by lsm_audit changes. Without the patches any auditing for network
or mount enforcing will result in a kernel oops.

Also pull in 2 fixes from the security-next 3.5 queue which address
failures when using apparmor with LXC and, ecryptfs with deeply nested
directories.


The following changes since commit c481976fa3beada381b4ed639df0d541e7e7029d:

  UBUNTU: [Config] include include/generated/compile.h (2012-05-22 06:17:02 -0600)

are available in the git repository at:

  git://kernel.ubuntu.com/jj/ubuntu-quantal.git apparmor

for you to fetch changes up to 6d38776821538f06d2f26724aa36200cb28ec31b:

  UBUNTU: [upstream] apparmor: fix long path failure due to disconnected path (2012-05-22 08:09:56 -0700)

----------------------------------------------------------------
John Johansen (5):
      Revert "UBUNTU: SAUCE: AppArmor: Add the ability to mediate mount"
      UBUNTU: SAUCE: apparmor: Add the ability to mediate mount
      UBUNTU: SAUCE: AppArmor: basic networking rules
      UBUNTU [upstream] apparmor: fix profile lookup for unconfined
      UBUNTU: [upstream] apparmor: fix long path failure due to disconnected path

 security/apparmor/.gitignore       |    2 +-
 security/apparmor/Makefile         |   42 +++++++++-
 security/apparmor/apparmorfs.c     |    1 +
 security/apparmor/include/audit.h  |    4 +
 security/apparmor/include/net.h    |   44 ++++++++++
 security/apparmor/include/policy.h |    3 +
 security/apparmor/lsm.c            |  112 +++++++++++++++++++++++++
 security/apparmor/mount.c          |    2 +
 security/apparmor/net.c            |  162 ++++++++++++++++++++++++++++++++++++
 security/apparmor/path.c           |    2 +
 security/apparmor/policy.c         |    5 ++
 security/apparmor/policy_unpack.c  |   46 ++++++++++
 12 files changed, 422 insertions(+), 3 deletions(-)
 create mode 100644 security/apparmor/include/net.h
 create mode 100644 security/apparmor/net.c





More information about the kernel-team mailing list