lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Nov 2018 23:22:32 -0700 From: John Johansen <john.johansen@...onical.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: LKLM <linux-kernel@...r.kernel.org>, "open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org> Subject: [GIT PULL] apparmor updates for v4.20 Hi, Please pull these apparmor changes for v4.20. Thanks! - John The following changes since commit fb7d1bcf1602b46f37ada72178516c01a250e434: Merge tag 'pci-v4.18-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci (2018-07-19 11:54:04 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2018-11-01 for you to fetch changes up to 566f52ece7bd1099d20dfe2f6f0801896643cf8f: apparmor: clean an indentation issue, remove extraneous space (2018-11-01 22:34:25 -0700) ---------------------------------------------------------------- + Features/Improvements - replace spin_is_locked() with lockdep - add base support for secmark labeling and matching + Cleanups - clean an indentation issue, remove extraneous space - remove no-op permission check in policy_unpack - fix checkpatch missing spaces error in Parse secmark policy - fix network performance issue in aa_label_sk_perm + Bug fixes - add #ifdef checks for secmark filtering - fix an error code in __aa_create_ns() - don't try to replace stale label in ptrace checks - fix failure to audit context info in build_change_hat - check buffer bounds when mapping permissions mask - fully initialize aa_perms struct when answering userspace query - fix uninitialized value in aa_split_fqname ---------------------------------------------------------------- Arnd Bergmann (1): apparmor: add #ifdef checks for secmark filtering Colin Ian King (1): apparmor: clean an indentation issue, remove extraneous space Dan Carpenter (1): apparmor: fix an error code in __aa_create_ns() Jann Horn (2): apparmor: don't try to replace stale label in ptrace access check apparmor: don't try to replace stale label in ptraceme check John Johansen (3): apparmor: Fix failure to audit context info in build_change_hat apparmor: remove no-op permission check in policy_unpack apparmor: fix checkpatch error in Parse secmark policy Lance Roy (1): apparmor: Replace spin_is_locked() with lockdep Matthew Garrett (3): apparmor: Add a wildcard secid apparmor: Parse secmark policy apparmor: Allow filtering based on secmark policy Tony Jones (1): apparmor: Fix network performance issue in aa_label_sk_perm Tyler Hicks (2): apparmor: Check buffer bounds when mapping permissions mask apparmor: Fully initialize aa_perms struct when answering userspace query Zubin Mithra (1): apparmor: Fix uninitialized value in aa_split_fqname security/apparmor/apparmorfs.c | 7 +- security/apparmor/domain.c | 2 +- security/apparmor/file.c | 5 +- security/apparmor/include/cred.h | 2 + security/apparmor/include/net.h | 10 +++ security/apparmor/include/perms.h | 3 +- security/apparmor/include/policy.h | 3 + security/apparmor/include/secid.h | 3 + security/apparmor/lib.c | 23 +++++-- security/apparmor/lsm.c | 130 +++++++++++++++++++++++++++++++++++-- security/apparmor/net.c | 83 +++++++++++++++++++++-- security/apparmor/policy.c | 3 + security/apparmor/policy_ns.c | 2 +- security/apparmor/policy_unpack.c | 93 +++++++++++++++++--------- security/apparmor/secid.c | 3 +- 15 files changed, 311 insertions(+), 61 deletions(-)
Powered by blists - more mailing lists