[Patch 0/14] set of fixes to apparmor 3.5-beta1

John Johansen john.johansen at canonical.com
Tue Aug 23 09:05:40 UTC 2016 

The following is a set of fixes to apparmor 3.5-beta1. The patches are
also available for request pull

---

The following changes since commit f7c96bca3cecc682db7205fed614aeaeb7c0e631:

  UBUNTU: Ubuntu-4.4.0-34.53 (2016-07-27 10:01:39 -0500)

are available in the git repository at:

  git://kernel.ubuntu.com/jj/ubuntu-xenial/ fix-xenial

for you to fetch changes up to 58cc36c69c2be8415a23f7c8b9076b6c5ff3b571:

  UBUNTU: SAUCE: apparmor: Fix auditing behavior for change_hat probing (2016-08-23 02:00:23 -0700)

----------------------------------------------------------------
John Johansen (14):
      UBUNTU: SAUCE: apparmor: Fix __label_update proxy comparison test
      UBUNTU: SAUCE: apparmor: fix stack trace when removing namespace with profiles
      UBUNTU: SAUCE: apparmor: Fix new to old label comparison for domain transitions
      UBUNTU: SAUCE: apparmor: Fix label build for onexec stacking.
      UBUNTU: SAUCE: apparmor: Add missing id bounds check on dfa verification
      UBUNTU: SAUCE: apparmor: fix: don't check for vmalloc_addr if kvzalloc() failed
      UBUNTU: SAUCE: apparmor: oops in profile_unpack() when policy_db is not present
      UBUNTU: SAUCE: apparmor: profiles in one ns can affect mediation in another ns
      UBUNTU: SAUCE: apparmor: reduction of vec to single entry is just that entry
      UBUNTU: SAUCE: apparmor: fix vec_unique for vectors larger than 8
      UBUNTU: SAUCE: apparmor: fix: parameters can be changed after policy is locked
      UBUNTU: SAUCE: apparmor: special case unconfined when determining the mode
      UBUNTU: SAUCE: apparmor: deleted dentries can be disconnected
									             UBUNTU: SAUCE: apparmor: Fix auditing behavior for change_hat probing

 security/apparmor/domain.c         | 25 ++++++++++++-------
 security/apparmor/include/match.h  |  1 +
 security/apparmor/include/policy.h |  1 +
 security/apparmor/label.c          | 49 ++++++++++++++++++++++++++++----------
 security/apparmor/lsm.c            | 12 ++++------
 security/apparmor/match.c          | 12 ++++++----
 security/apparmor/path.c           |  6 ++---
 security/apparmor/policy.c         |  7 +++++-
 security/apparmor/policy_ns.c      |  6 ++++-
 security/apparmor/policy_unpack.c  |  3 +++
 10 files changed, 84 insertions(+), 38 deletions(-)

More information about the kernel-team mailing list