| Message ID | 20170201090606.22422-1-john.johansen@canonical.com |
|---|---|
| State | New |
| Headers | show |
On 01.02.2017 10:05, John Johansen wrote: > The following patch sequence fixes various out bugs in apparmor in > xenial. > > The patch sequence is also available via the following pull request > > --- > > The following changes since commit a3064a277ba7e96a6b0e6bc4f38ad5036f26478b: > > UBUNTU: Ubuntu-4.4.0-59.80 (2017-01-05 12:46:52 -0600) > > are available in the git repository at: > > git://kernel.ubuntu.com/jj/ubuntu-xenial.git > > for you to fetch changes up to 1faaefb7c36c762cdbe493c399fd95a7e1488d44: > > UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check (2017-01-31 23:21:48 -0800) > > ---------------------------------------------------------------- > John Johansen (14): > UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets > UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata > UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert() > UBUNTU: SAUCE: apparmor: fix label leak when new label is unused > UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file > UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails > UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails > UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails > UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count > UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir > UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces > UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy > UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags > UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check > Like the Yakkety batch
Applied to xenial master-next branch. Thanks. Cascardo.
The following patch sequence fixes various out bugs in apparmor in xenial. The patch sequence is also available via the following pull request --- The following changes since commit a3064a277ba7e96a6b0e6bc4f38ad5036f26478b: UBUNTU: Ubuntu-4.4.0-59.80 (2017-01-05 12:46:52 -0600) are available in the git repository at: git://kernel.ubuntu.com/jj/ubuntu-xenial.git for you to fetch changes up to 1faaefb7c36c762cdbe493c399fd95a7e1488d44: UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check (2017-01-31 23:21:48 -0800) ---------------------------------------------------------------- John Johansen (14): UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert() UBUNTU: SAUCE: apparmor: fix label leak when new label is unused UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check include/linux/security.h | 5 +- security/apparmor/af_unix.c | 2 +- security/apparmor/apparmorfs.c | 36 +++++++++----- security/apparmor/domain.c | 92 ++++++++++++++++++++++------------- security/apparmor/file.c | 13 +++-- security/apparmor/include/policy_ns.h | 4 +- security/apparmor/label.c | 24 +++++++-- security/apparmor/lsm.c | 3 ++ security/apparmor/mount.c | 1 + security/apparmor/policy.c | 3 ++ security/apparmor/policy_ns.c | 8 +-- security/inode.c | 5 ++ 12 files changed, 133 insertions(+), 63 deletions(-)