ACK: [Patch 0/14] [Yakkety] misc fixes for apparmor

Brad Figg brad.figg at canonical.com
Mon Feb 6 21:42:23 UTC 2017 

On Wed, Feb 01, 2017 at 01:12:56AM -0800, John Johansen wrote:

> The following patch sequence fixes various out bugs in apparmor in
> yakkety.
> 
> The patch sequence is also available via the following pull request
> 
> 
> The following changes since commit 54329dadde7c14dd194e58c1676be8f3b2144332:
> 
>   UBUNTU: Ubuntu-4.8.0-34.36 (2016-12-21 16:30:49 +0000)
> 
> are available in the git repository at:
> 
>   git://kernel.ubuntu.com/jj/ubuntu-yakkety.git master
> 
> for you to fetch changes up to 8ce7ef90c2e8476afeeb2b5c1f39ba3c6aea7891:
> 
>   UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check (2017-02-01 01:09:00 -0800)
> 
> ----------------------------------------------------------------
> John Johansen (14):
>       UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets
>       UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata
>       UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert()
>       UBUNTU: SAUCE: apparmor: fix label leak when new label is unused
>       UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file
>       UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
>       UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
>       UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails
>       UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count
>       UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir
>       UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces
>       UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy
>       UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags
>       UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check
> 
>  include/linux/security.h              |  5 +-
>  security/apparmor/af_unix.c           |  2 +-
>  security/apparmor/apparmorfs.c        | 36 +++++++++-----
>  security/apparmor/domain.c            | 92 ++++++++++++++++++++++-------------
>  security/apparmor/file.c              | 13 +++--
>  security/apparmor/include/policy_ns.h |  4 +-
>  security/apparmor/label.c             | 24 +++++++--
>  security/apparmor/lsm.c               |  3 ++
>  security/apparmor/mount.c             |  1 +
>  security/apparmor/policy.c            |  3 ++
>  security/apparmor/policy_ns.c         |  8 +--
>  security/inode.c                      |  5 ++
>  12 files changed, 133 insertions(+), 63 deletions(-)
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

-- 
Brad Figg brad.figg at canonical.com http://www.canonical.com

More information about the kernel-team mailing list