[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <db97d76a-fad0-2a26-297a-06dbf8f8380b@canonical.com>
Date: Thu, 1 Nov 2018 23:22:32 -0700
From: John Johansen <john.johansen@...onical.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: LKLM <linux-kernel@...r.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@...r.kernel.org>
Subject: [GIT PULL] apparmor updates for v4.20
Hi,
Please pull these apparmor changes for v4.20.
Thanks!
- John
The following changes since commit fb7d1bcf1602b46f37ada72178516c01a250e434:
Merge tag 'pci-v4.18-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci (2018-07-19 11:54:04 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2018-11-01
for you to fetch changes up to 566f52ece7bd1099d20dfe2f6f0801896643cf8f:
apparmor: clean an indentation issue, remove extraneous space (2018-11-01 22:34:25 -0700)
----------------------------------------------------------------
+ Features/Improvements
- replace spin_is_locked() with lockdep
- add base support for secmark labeling and matching
+ Cleanups
- clean an indentation issue, remove extraneous space
- remove no-op permission check in policy_unpack
- fix checkpatch missing spaces error in Parse secmark policy
- fix network performance issue in aa_label_sk_perm
+ Bug fixes
- add #ifdef checks for secmark filtering
- fix an error code in __aa_create_ns()
- don't try to replace stale label in ptrace checks
- fix failure to audit context info in build_change_hat
- check buffer bounds when mapping permissions mask
- fully initialize aa_perms struct when answering userspace query
- fix uninitialized value in aa_split_fqname
----------------------------------------------------------------
Arnd Bergmann (1):
apparmor: add #ifdef checks for secmark filtering
Colin Ian King (1):
apparmor: clean an indentation issue, remove extraneous space
Dan Carpenter (1):
apparmor: fix an error code in __aa_create_ns()
Jann Horn (2):
apparmor: don't try to replace stale label in ptrace access check
apparmor: don't try to replace stale label in ptraceme check
John Johansen (3):
apparmor: Fix failure to audit context info in build_change_hat
apparmor: remove no-op permission check in policy_unpack
apparmor: fix checkpatch error in Parse secmark policy
Lance Roy (1):
apparmor: Replace spin_is_locked() with lockdep
Matthew Garrett (3):
apparmor: Add a wildcard secid
apparmor: Parse secmark policy
apparmor: Allow filtering based on secmark policy
Tony Jones (1):
apparmor: Fix network performance issue in aa_label_sk_perm
Tyler Hicks (2):
apparmor: Check buffer bounds when mapping permissions mask
apparmor: Fully initialize aa_perms struct when answering userspace query
Zubin Mithra (1):
apparmor: Fix uninitialized value in aa_split_fqname
security/apparmor/apparmorfs.c | 7 +-
security/apparmor/domain.c | 2 +-
security/apparmor/file.c | 5 +-
security/apparmor/include/cred.h | 2 +
security/apparmor/include/net.h | 10 +++
security/apparmor/include/perms.h | 3 +-
security/apparmor/include/policy.h | 3 +
security/apparmor/include/secid.h | 3 +
security/apparmor/lib.c | 23 +++++--
security/apparmor/lsm.c | 130 +++++++++++++++++++++++++++++++++++--
security/apparmor/net.c | 83 +++++++++++++++++++++--
security/apparmor/policy.c | 3 +
security/apparmor/policy_ns.c | 2 +-
security/apparmor/policy_unpack.c | 93 +++++++++++++++++---------
security/apparmor/secid.c | 3 +-
15 files changed, 311 insertions(+), 61 deletions(-)
Powered by blists - more mailing lists