[arftul][PULL]: apparmor for 4.13 kernels
John Johansen
john.johansen at canonical.com
Tue Aug 22 21:50:38 UTC 2017
This is a set of cherry-pick from security/next bound for the 4.14 kernel
plus the one remaining out of tree patch required to match the version of
apparmor in zesty.
Note: The cherry-pick references are currently against security/next and
will need to be updated to upstream linux once the 4.14 merge window
closes.
---
The following changes since commit 00c72bc198aa85e5da02de2c0c4cc423c82a54f1:
UBUNTU: SAUCE: (efi-lockdown) MODSIGN: Fix module signature verification (2017-08-22 12:30:09 -0500)
are available in the git repository at:
git://kernel.ubuntu.com/jj/ubuntu-artful.git apparmor-4.13+outoftree
for you to fetch changes up to a3b0cb6676a04cdad5cc357bc422d0398083b435:
UBUNTU: SAUCE: apparmor: af_unix mediation (2017-08-22 14:19:29 -0700)
----------------------------------------------------------------
Christos Gkekas (1):
apparmor: Fix logical error in verify_header()
Dan Carpenter (1):
apparmor: Fix an error code in aafs_create()
Geert Uytterhoeven (1):
apparmor: Fix shadowed local variable in unpack_trans_table()
John Johansen (13):
apparmor: Redundant condition: prev_ns. in [label.c:1498]
apparmor: add the ability to mediate signals
apparmor: add mount mediation
apparmor: cleanup conditional check for label in label_print
apparmor: add support for absolute root view based labels
apparmor: make policy_unpack able to audit different info messages
apparmor: add more debug asserts to apparmorfs
apparmor: add base infastructure for socket mediation
apparmor: move new_null_profile to after profile lookup fns()
apparmor: fix race condition in null profile creation
apparmor: ensure unconfined profiles have dfas initialized
apparmor: fix incorrect type assignment when freeing proxies
UBUNTU: SAUCE: apparmor: af_unix mediation
security/apparmor/.gitignore | 1 +
security/apparmor/Makefile | 44 ++-
security/apparmor/af_unix.c | 651 +++++++++++++++++++++++++++++++
security/apparmor/apparmorfs.c | 43 ++-
security/apparmor/domain.c | 4 +-
security/apparmor/file.c | 34 +-
security/apparmor/include/af_unix.h | 114 ++++++
security/apparmor/include/apparmor.h | 2 +
security/apparmor/include/audit.h | 39 +-
security/apparmor/include/domain.h | 5 +
security/apparmor/include/ipc.h | 6 +
security/apparmor/include/label.h | 1 +
security/apparmor/include/mount.h | 54 +++
security/apparmor/include/net.h | 124 ++++++
security/apparmor/include/path.h | 1 +
security/apparmor/include/perms.h | 5 +-
security/apparmor/include/policy.h | 13 +
security/apparmor/include/sig_names.h | 95 +++++
security/apparmor/ipc.c | 99 +++++
security/apparmor/label.c | 36 +-
security/apparmor/lib.c | 5 +-
security/apparmor/lsm.c | 519 +++++++++++++++++++++++++
security/apparmor/mount.c | 696 ++++++++++++++++++++++++++++++++++
security/apparmor/net.c | 356 +++++++++++++++++
security/apparmor/policy.c | 166 ++++----
security/apparmor/policy_ns.c | 2 +
security/apparmor/policy_unpack.c | 105 ++++-
27 files changed, 3086 insertions(+), 134 deletions(-)
create mode 100644 security/apparmor/af_unix.c
create mode 100644 security/apparmor/include/af_unix.h
create mode 100644 security/apparmor/include/mount.h
create mode 100644 security/apparmor/include/net.h
create mode 100644 security/apparmor/include/sig_names.h
create mode 100644 security/apparmor/mount.c
create mode 100644 security/apparmor/net.c
More information about the kernel-team
mailing list