[Patch 0/14] [Yakkety] misc fixes for apparmor
John Johansen
john.johansen at canonical.com
Wed Feb 1 09:12:56 UTC 2017
The following patch sequence fixes various out bugs in apparmor in
yakkety.
The patch sequence is also available via the following pull request
The following changes since commit 54329dadde7c14dd194e58c1676be8f3b2144332:
UBUNTU: Ubuntu-4.8.0-34.36 (2016-12-21 16:30:49 +0000)
are available in the git repository at:
git://kernel.ubuntu.com/jj/ubuntu-yakkety.git master
for you to fetch changes up to 8ce7ef90c2e8476afeeb2b5c1f39ba3c6aea7891:
UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check (2017-02-01 01:09:00 -0800)
----------------------------------------------------------------
John Johansen (14):
UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets
UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata
UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert()
UBUNTU: SAUCE: apparmor: fix label leak when new label is unused
UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file
UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails
UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count
UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir
UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces
UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy
UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags
UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check
include/linux/security.h | 5 +-
security/apparmor/af_unix.c | 2 +-
security/apparmor/apparmorfs.c | 36 +++++++++-----
security/apparmor/domain.c | 92 ++++++++++++++++++++++-------------
security/apparmor/file.c | 13 +++--
security/apparmor/include/policy_ns.h | 4 +-
security/apparmor/label.c | 24 +++++++--
security/apparmor/lsm.c | 3 ++
security/apparmor/mount.c | 1 +
security/apparmor/policy.c | 3 ++
security/apparmor/policy_ns.c | 8 +--
security/inode.c | 5 ++
12 files changed, 133 insertions(+), 63 deletions(-)
More information about the kernel-team
mailing list