[0/11,PULL,Yakkety] resubmit of reverted apparmor patches

Message ID	20170331125744.16986-1-john.johansen@canonical.com
State	New
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: John Johansen <john.johansen@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [Patch 0/11] [PULL][Yakkety] resubmit of reverted apparmor patches Date: Fri, 31 Mar 2017 05:57:33 -0700 Message-Id: <20170331125744.16986-1-john.johansen@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com

Message ID

20170331125744.16986-1-john.johansen@canonical.com

State

New

Headers

From: John Johansen <john.johansen@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [Patch 0/11] [PULL][Yakkety] resubmit of reverted apparmor patches
Date: Fri, 31 Mar 2017 05:57:33 -0700
Message-Id: <20170331125744.16986-1-john.johansen@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: kernel-team-bounces@lists.ubuntu.com

Message

John Johansen March 31, 2017, 12:57 p.m. UTC

This a resubmit of the majority of the apparmor patches that were
reverted during the last SRU cycle. Specifically it does NOT include
  UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check
  UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count
  UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir
  UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails
  UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs
_pin_fs() fails
which were involved in issues resulting in the revert. Fixes for these
patches will be resubmitted separately.

I have left the original acks on the resubmitted patches for documentation
purposes. The patches are also available via pull request from


The following changes since commit d77181440ce9596d4cc476f301025c01eb52c0a5:

  UBUNTU: Ubuntu-4.8.0-45.48 (2017-03-24 12:03:58 +0100)

are available in the git repository at:

  ssh://kernel.ubuntu.com/srv/kernel.ubuntu.com/git/jj/ubuntu-yakkety.git apparmor

for you to fetch changes up to 37a1fcbae4a3ea1098581663e6f1f8b58aac5b9e:

  UBUNTU: SAUCE: apparmor: fix link auditing failure due to, uninitialized var (2017-03-31 05:11:39 -0700)

----------------------------------------------------------------
John Johansen (11):
  UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets
  UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata
  UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert()
  UBUNTU: SAUCE: apparmor: fix label leak when new label is unused
  UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file
  UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
  UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces
  UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy
  UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags
  UBUNTU: SAUCE: fix regression with domain change in complain mode
  UBUNTU: SAUCE: apparmor: fix link auditing failure due to, uninitialized var

 security/apparmor/af_unix.c    |  2 +-
 security/apparmor/apparmorfs.c | 22 +++++-----
 security/apparmor/domain.c     | 91 +++++++++++++++++++++++++++---------------
 security/apparmor/file.c       |  2 +-
 security/apparmor/label.c      | 24 ++++++++---
 security/apparmor/lsm.c        |  3 ++
 security/apparmor/mount.c      |  1 +
 security/apparmor/policy.c     |  3 ++
 8 files changed, 98 insertions(+), 50 deletions(-)

[0/11,PULL,Yakkety] resubmit of reverted apparmor patches

Pull-request

Message

Comments