From patchwork Tue May 22 15:22:16 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Johansen <john.johansen@canonical.com>
X-Patchwork-Id: 160659
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from chlorine.canonical.com (chlorine.canonical.com
	[91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id F0278B6FA2
	for <incoming@patchwork.ozlabs.org>;
	Wed, 23 May 2012 01:22:41 +1000 (EST)
Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com)
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1SWquv-0006DG-03; Tue, 22 May 2012 15:22:33 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <john.johansen@canonical.com>) id 1SWqut-0006D6-CH
	for kernel-team@lists.ubuntu.com; Tue, 22 May 2012 15:22:31 +0000
Received: from static-50-53-53-239.bvtn.or.frontiernet.net ([50.53.53.239]
	helo=canonical.com) by youngberry.canonical.com with esmtpsa
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71)
	(envelope-from <john.johansen@canonical.com>) id 1SWqus-00060a-SF
	for kernel-team@lists.ubuntu.com; Tue, 22 May 2012 15:22:31 +0000
From: John Johansen <john.johansen@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [Quantal][Patch 0/5] Fix apparmor failures in quantal kernel
Date: Tue, 22 May 2012 08:22:16 -0700
Message-Id: <1337700142-13370-1-git-send-email-john.johansen@canonical.com>
X-Mailer: git-send-email 1.7.9.5
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Sender: kernel-team-bounces@lists.ubuntu.com
Errors-To: kernel-team-bounces@lists.ubuntu.com

The following patches updates the mount, and network patches which where
broken by lsm_audit changes. Without the patches any auditing for network
or mount enforcing will result in a kernel oops.

Also pull in 2 fixes from the security-next 3.5 queue which address
failures when using apparmor with LXC and, ecryptfs with deeply nested
directories.


The following changes since commit c481976fa3beada381b4ed639df0d541e7e7029d:

  UBUNTU: [Config] include include/generated/compile.h (2012-05-22 06:17:02 -0600)

are available in the git repository at:

  git://kernel.ubuntu.com/jj/ubuntu-quantal.git apparmor

for you to fetch changes up to 6d38776821538f06d2f26724aa36200cb28ec31b:

  UBUNTU: [upstream] apparmor: fix long path failure due to disconnected path (2012-05-22 08:09:56 -0700)

----------------------------------------------------------------
John Johansen (5):
      Revert "UBUNTU: SAUCE: AppArmor: Add the ability to mediate mount"
      UBUNTU: SAUCE: apparmor: Add the ability to mediate mount
      UBUNTU: SAUCE: AppArmor: basic networking rules
      UBUNTU [upstream] apparmor: fix profile lookup for unconfined
      UBUNTU: [upstream] apparmor: fix long path failure due to disconnected path

 security/apparmor/.gitignore       |    2 +-
 security/apparmor/Makefile         |   42 +++++++++-
 security/apparmor/apparmorfs.c     |    1 +
 security/apparmor/include/audit.h  |    4 +
 security/apparmor/include/net.h    |   44 ++++++++++
 security/apparmor/include/policy.h |    3 +
 security/apparmor/lsm.c            |  112 +++++++++++++++++++++++++
 security/apparmor/mount.c          |    2 +
 security/apparmor/net.c            |  162 ++++++++++++++++++++++++++++++++++++
 security/apparmor/path.c           |    2 +
 security/apparmor/policy.c         |    5 ++
 security/apparmor/policy_unpack.c  |   46 ++++++++++
 12 files changed, 422 insertions(+), 3 deletions(-)
 create mode 100644 security/apparmor/include/net.h
 create mode 100644 security/apparmor/net.c