lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <db97d76a-fad0-2a26-297a-06dbf8f8380b@canonical.com>
Date:   Thu, 1 Nov 2018 23:22:32 -0700
From:   John Johansen <john.johansen@...onical.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     LKLM <linux-kernel@...r.kernel.org>,
        "open list:SECURITY SUBSYSTEM" 
        <linux-security-module@...r.kernel.org>
Subject: [GIT PULL] apparmor updates for v4.20

Hi,


Please pull these apparmor changes for v4.20. 
Thanks!

- John

The following changes since commit fb7d1bcf1602b46f37ada72178516c01a250e434:

  Merge tag 'pci-v4.18-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci (2018-07-19 11:54:04 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2018-11-01

for you to fetch changes up to 566f52ece7bd1099d20dfe2f6f0801896643cf8f:

  apparmor: clean an indentation issue, remove extraneous space (2018-11-01 22:34:25 -0700)

----------------------------------------------------------------
+ Features/Improvements
  - replace spin_is_locked() with lockdep
  - add base support for secmark labeling and matching

+ Cleanups
  - clean an indentation issue, remove extraneous space
  - remove no-op permission check in policy_unpack
  - fix checkpatch missing spaces error in Parse secmark policy
  - fix network performance issue in aa_label_sk_perm

+ Bug fixes
  - add #ifdef checks for secmark filtering
  - fix an error code in __aa_create_ns()
  - don't try to replace stale label in ptrace checks
  - fix failure to audit context info in build_change_hat
  - check buffer bounds when mapping permissions mask
  - fully initialize aa_perms struct when answering userspace query
  - fix uninitialized value in aa_split_fqname

----------------------------------------------------------------
Arnd Bergmann (1):
      apparmor: add #ifdef checks for secmark filtering

Colin Ian King (1):
      apparmor: clean an indentation issue, remove extraneous space

Dan Carpenter (1):
      apparmor: fix an error code in __aa_create_ns()

Jann Horn (2):
      apparmor: don't try to replace stale label in ptrace access check
      apparmor: don't try to replace stale label in ptraceme check

John Johansen (3):
      apparmor: Fix failure to audit context info in build_change_hat
      apparmor: remove no-op permission check in policy_unpack
      apparmor: fix checkpatch error in Parse secmark policy

Lance Roy (1):
      apparmor: Replace spin_is_locked() with lockdep

Matthew Garrett (3):
      apparmor: Add a wildcard secid
      apparmor: Parse secmark policy
      apparmor: Allow filtering based on secmark policy

Tony Jones (1):
      apparmor: Fix network performance issue in aa_label_sk_perm

Tyler Hicks (2):
      apparmor: Check buffer bounds when mapping permissions mask
      apparmor: Fully initialize aa_perms struct when answering userspace query

Zubin Mithra (1):
      apparmor: Fix uninitialized value in aa_split_fqname

 security/apparmor/apparmorfs.c     |   7 +-
 security/apparmor/domain.c         |   2 +-
 security/apparmor/file.c           |   5 +-
 security/apparmor/include/cred.h   |   2 +
 security/apparmor/include/net.h    |  10 +++
 security/apparmor/include/perms.h  |   3 +-
 security/apparmor/include/policy.h |   3 +
 security/apparmor/include/secid.h  |   3 +
 security/apparmor/lib.c            |  23 +++++--
 security/apparmor/lsm.c            | 130 +++++++++++++++++++++++++++++++++++--
 security/apparmor/net.c            |  83 +++++++++++++++++++++--
 security/apparmor/policy.c         |   3 +
 security/apparmor/policy_ns.c      |   2 +-
 security/apparmor/policy_unpack.c  |  93 +++++++++++++++++---------
 security/apparmor/secid.c          |   3 +-
 15 files changed, 311 insertions(+), 61 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ