[request-pull] [Zesty] misc apparmor fixes
John Johansen
john.johansen at canonical.com
Wed Feb 1 09:19:19 UTC 2017
The following changes since commit ed1c7a195b011bd5a5942966a721057fcf97cac5:
UBUNTU: Ubuntu-4.9.0-12.13 (2017-01-09 12:21:59 -0700)
are available in the git repository at:
git://kernel.ubuntu.com/jj/ubuntu-zesty.git
for you to fetch changes up to 355b6b64438e1626d53c2783eae90e3645f95eba:
UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check (2017-02-01 01:14:52 -0800)
----------------------------------------------------------------
John Johansen (14):
UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets
UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata
UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert()
UBUNTU: SAUCE: apparmor: fix label leak when new label is unused
UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file
UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails
UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count
UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir
UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces
UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy
UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags
UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check
include/linux/security.h | 5 +-
security/apparmor/af_unix.c | 2 +-
security/apparmor/apparmorfs.c | 36 +++++++++-----
security/apparmor/domain.c | 92 ++++++++++++++++++++++-------------
security/apparmor/file.c | 13 +++--
security/apparmor/include/policy_ns.h | 4 +-
security/apparmor/label.c | 24 +++++++--
security/apparmor/lsm.c | 3 ++
security/apparmor/mount.c | 1 +
security/apparmor/policy.c | 3 ++
security/apparmor/policy_ns.c | 8 +--
security/inode.c | 5 ++
12 files changed, 133 insertions(+), 63 deletions(-)
More information about the kernel-team
mailing list