[0/11,0/11,PULL,Xenial,SRU] resubmit of reverted apparmor patches

Message ID	20170331132536.18217-1-john.johansen@canonical.com
State	New
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: John Johansen <john.johansen@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [Patch 0/11] [Patch 0/11] [PULL][Xenial SRU] resubmit of reverted apparmor patches Date: Fri, 31 Mar 2017 06:25:25 -0700 Message-Id: <20170331132536.18217-1-john.johansen@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com

Message ID

20170331132536.18217-1-john.johansen@canonical.com

State

New

Headers

From: John Johansen <john.johansen@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [Patch 0/11] [Patch 0/11] [PULL][Xenial SRU] resubmit of reverted
	apparmor patches
Date: Fri, 31 Mar 2017 06:25:25 -0700
Message-Id: <20170331132536.18217-1-john.johansen@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: kernel-team-bounces@lists.ubuntu.com

Message

John Johansen March 31, 2017, 1:25 p.m. UTC

This a resubmit of the majority of the apparmor patches that were
reverted during the last SRU cycle. Specifically it does NOT include
  UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on cache check
  UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count
  UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir
  UBUNTU: SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode() fails
  UBUNTU: SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
which were involved in issues resulting in the revert. Fixes for these
patches will be resubmitted separately.

I have left the original acks on the resubmitted patches for documentation
purposes. The patches are also available via pull request below


The following changes since commit e78f6f48ee95aa77a2ec4b2ad5c9d733fe590573:

  UBUNTU: Ubuntu-4.4.0-71.92 (2017-03-24 09:33:36 -0300)

are available in the git repository at:

  ssh://kernel.ubuntu.com/srv/kernel.ubuntu.com/git/jj/ubuntu-xenial.git apparmor

for you to fetch changes up to 5616d70d209f51ef12af74cf6ca582a433866a17:

  UBUNTU: SAUCE: apparmor: fix link auditing failure due to, uninitialized var (2017-03-31 06:21:11 -0700)

----------------------------------------------------------------
John Johansen (11):
  UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets
  UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata
  UBUNTU: SAUCE: apparmor: fix reference count bug in label_merge_insert()
  UBUNTU: SAUCE: apparmor: fix label leak when new label is unused
  UBUNTU: SAUCE: apparmor: Don't audit denied access of special apparmor .null file
  UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
  UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces
  UBUNTU: SAUCE: apparmor: fix ns ref count link when removing profiles from policy
  UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags
  UBUNTU: SAUCE: fix regression with domain change in complain mode
  UBUNTU: SAUCE: apparmor: fix link auditing failure due to, uninitialized var

 security/apparmor/af_unix.c    |  2 +-
 security/apparmor/apparmorfs.c | 22 +++++-----
 security/apparmor/domain.c     | 91 +++++++++++++++++++++++++++---------------
 security/apparmor/file.c       |  2 +-
 security/apparmor/label.c      | 24 ++++++++---
 security/apparmor/lsm.c        |  3 ++
 security/apparmor/mount.c      |  1 +
 security/apparmor/policy.c     |  3 ++
 8 files changed, 98 insertions(+), 50 deletions(-)

[0/11,0/11,PULL,Xenial,SRU] resubmit of reverted apparmor patches

Pull-request

Message

Comments