| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9856bf93-c801-6831-fe9d-e12e43245f6f@canonical.com>
Date: Sun, 7 Jun 2020 14:12:54 -0700
From: John Johansen <john.johansen@...onical.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: LKLM <linux-kernel@...r.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@...r.kernel.org>
Subject: [GIT PULL] apparmor updates for 5.8
Hi Linus,
Can you please pull the following changes for apparmor
Thanks!
- John
The following changes since commit c79f46a282390e0f5b306007bf7b11a46d529538:
Linux 5.5-rc5 (2020-01-05 14:23:27 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2020-06-07
for you to fetch changes up to 3622ad25d4d68fcbdef3bc084b5916873e785344:
apparmor: Fix memory leak of profile proxy (2020-06-07 13:38:55 -0700)
----------------------------------------------------------------
Tag summary
+ Features
- Replace zero-length array with flexible-array
- add a valid state flags check
- add consistency check between state and dfa diff encode flags
- add apparmor subdir to proc attr interface
- fail unpack if profile mode is unknown
- add outofband transition and use it in xattr match
- ensure that dfa state tables have entries
+ Cleanups
- Use true and false for bool variable
- Remove semicolon
- Clean code by removing redundant instructions
- Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
- remove duplicate check of xattrs on profile attachment
- remove useless aafs_create_symlink
+ Bug fixes
- Fix memory leak of profile proxy
- fix introspection of of task mode for unconfined tasks
- fix nnp subset test for unconfined
- check/put label on apparmor_sk_clone_security()
----------------------------------------------------------------
Gustavo A. R. Silva (1):
apparmor: Replace zero-length array with flexible-array
John Johansen (11):
apparmor: add a valid state flags check
apparmor: add consistency check between state and dfa diff encode flags
apparmor: add proc subdir to attrs
apparmor: remove useless aafs_create_symlink
apparmor: fix nnp subset test for unconfined
apparmor: fail unpack if profile mode is unknown
apparmor: add outofband transition and use it in xattr match
apparmor: remove duplicate check of xattrs on profile attachment.
apparmor: ensure that dfa state tables have entries
apparmor: fix introspection of of task mode for unconfined tasks
apparmor: Fix memory leak of profile proxy
Markus Elfring (1):
apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
Mateusz Nosek (1):
security/apparmor/label.c: Clean code by removing redundant instructions
Mauricio Faria de Oliveira (1):
apparmor: check/put label on apparmor_sk_clone_security()
Vasyl Gomonovych (1):
AppArmor: Remove semicolon
Zou Wei (1):
apparmor: Use true and false for bool variable
fs/proc/base.c | 13 +++++++++
security/apparmor/apparmorfs.c | 56 +++++++++---------------------------
security/apparmor/domain.c | 39 +++++++++----------------
security/apparmor/file.c | 12 ++++----
security/apparmor/include/label.h | 2 ++
security/apparmor/include/match.h | 11 +++++++
security/apparmor/label.c | 60 ++++++++++++++++++++++++++++-----------
security/apparmor/lsm.c | 5 ++++
security/apparmor/match.c | 58 ++++++++++++++++++++++++++++++++++++-
security/apparmor/path.c | 2 +-
security/apparmor/policy.c | 1 +
security/apparmor/policy_unpack.c | 58 +++++++++++++++++++------------------
12 files changed, 198 insertions(+), 119 deletions(-)
Powered by blists - more mailing lists