APPLIED[Unstable]: [PATCH][eoan] UBUNTU: SAUCE: apparmor: fix nnp subset test for unconfined
Seth Forshee
seth.forshee at canonical.com
Tue Oct 22 20:29:25 UTC 2019
On Thu, Oct 03, 2019 at 12:14:35PM -0700, John Johansen wrote:
> The subset test is not taking into account the unconfined exception
> which will cause profile transitions in the stacked confinement
> case to fail when no_new_privs is applied.
>
> This fixes a regression introduced in the 4.17 kernel caused by the
> reworking of domain transitions.
>
> Fixes: 9fcf78cca1986 ("apparmor: update domain transitions that are subsets of confinement at nnp")
> BugLink: https://bugs.launchpad.net/bugs/1844186
> Signed-off-by: John Johansen <john.johansen at canonical.com>
Applied to unstable/master, thanks!
More information about the kernel-team
mailing list