| Message ID | 2bce99fe-4094-435e-8a5d-e6136fa6a9d7@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,Jammy,PULL] apparmor: add fine grained posix mqueue mediation | expand |
On 14.12.23 01:30, John Johansen wrote: > This pull request (2 commits) backports apparmor mqueue mediation to the > 5.15 kernel, as > this has been requested by customers. > > BugLink: https://bugs.launchpad.net/bugs/2045384 > > Note: this patche set is present in Ubuntu 22.10, 23.04, 23.10 kernels > and the SRU for > the apparmor userspace to support this feature via HWE kernels have > already been done in > https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1993353 > > The following changes since commit > 47b1356c95e2b0281f0bf4a45b0604ecadea2f14: > > selftests/ftrace: Stop tracing while reading the trace file by > default (2023-12-01 11:08:18 +0100) > > are available in the Git repository at: > > https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next > tags/apparmor-jammy-mqueue-sru-12.13.23 > > for you to fetch changes up to 0e16b6045859b35ed0403769604a66c0385df79b: > > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of posix > mqueues (2023-12-13 15:53:17 -0800) > > ---------------------------------------------------------------- > patches necessary to SRU mqueue mediation to jammy (22.04) 5.15 kernel. > > Note: backport of mqueue feature required resolving merge conflicts > because apparmor: move ptrace mediation to more logical task.{h,c} was > not picked. > > ---------------------------------------------------------------- > John Johansen (2): > UBUNTU: SAUCE: (no-up) apparmor: reserve mediation classes > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of > posix mqueues > > security/apparmor/apparmorfs.c | 7 ++ > security/apparmor/file.c | 60 ++++++++++- > security/apparmor/include/apparmor.h | 10 +- > security/apparmor/include/audit.h | 4 + > security/apparmor/include/inode.h | 42 ++++++++ > security/apparmor/include/ipc.h | 56 +++++++++++ > security/apparmor/include/perms.h | 9 ++ > security/apparmor/ipc.c | 104 +++++++++++++++++++ > security/apparmor/lib.c | 38 ++++--- > security/apparmor/lsm.c | 190 > ++++++++++++++++++++++++++++++++++- > 10 files changed, 500 insertions(+), 20 deletions(-) > create mode 100644 security/apparmor/include/inode.h > The changes seem to mostly add functionality and only adjust internal code flow. So at least external interfaces will remain unchanged. This and given it is in later series already: Acked-by: Stefan Bader <stefan.bader@canonical.com>
On 14/12/2023 01:30, John Johansen wrote: > This pull request (2 commits) backports apparmor mqueue mediation to > the 5.15 kernel, as > this has been requested by customers. > > BugLink: https://bugs.launchpad.net/bugs/2045384 > > Note: this patche set is present in Ubuntu 22.10, 23.04, 23.10 kernels > and the SRU for > the apparmor userspace to support this feature via HWE kernels have > already been done in > https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1993353 > > The following changes since commit > 47b1356c95e2b0281f0bf4a45b0604ecadea2f14: > > selftests/ftrace: Stop tracing while reading the trace file by > default (2023-12-01 11:08:18 +0100) > > are available in the Git repository at: > > https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next > tags/apparmor-jammy-mqueue-sru-12.13.23 > > for you to fetch changes up to 0e16b6045859b35ed0403769604a66c0385df79b: > > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of posix > mqueues (2023-12-13 15:53:17 -0800) > > ---------------------------------------------------------------- > patches necessary to SRU mqueue mediation to jammy (22.04) 5.15 kernel. > > Note: backport of mqueue feature required resolving merge conflicts > because apparmor: move ptrace mediation to more logical task.{h,c} was > not picked. > > ---------------------------------------------------------------- > John Johansen (2): > UBUNTU: SAUCE: (no-up) apparmor: reserve mediation classes > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of > posix mqueues > > security/apparmor/apparmorfs.c | 7 ++ > security/apparmor/file.c | 60 ++++++++++- > security/apparmor/include/apparmor.h | 10 +- > security/apparmor/include/audit.h | 4 + > security/apparmor/include/inode.h | 42 ++++++++ > security/apparmor/include/ipc.h | 56 +++++++++++ > security/apparmor/include/perms.h | 9 ++ > security/apparmor/ipc.c | 104 +++++++++++++++++++ > security/apparmor/lib.c | 38 ++++--- > security/apparmor/lsm.c | 190 > ++++++++++++++++++++++++++++++++++- > 10 files changed, 500 insertions(+), 20 deletions(-) > create mode 100644 security/apparmor/include/inode.h I would put the buglink first in the commit body. Also the last patch contains the buglink twice. These can be solved when applying. Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
On 14/12/2023 01:30, John Johansen wrote: > This pull request (2 commits) backports apparmor mqueue mediation to > the 5.15 kernel, as > this has been requested by customers. > > BugLink: https://bugs.launchpad.net/bugs/2045384 > > Note: this patche set is present in Ubuntu 22.10, 23.04, 23.10 kernels > and the SRU for > the apparmor userspace to support this feature via HWE kernels have > already been done in > https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1993353 > > The following changes since commit > 47b1356c95e2b0281f0bf4a45b0604ecadea2f14: > > selftests/ftrace: Stop tracing while reading the trace file by > default (2023-12-01 11:08:18 +0100) > > are available in the Git repository at: > > https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next > tags/apparmor-jammy-mqueue-sru-12.13.23 > > for you to fetch changes up to 0e16b6045859b35ed0403769604a66c0385df79b: > > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of posix > mqueues (2023-12-13 15:53:17 -0800) > > ---------------------------------------------------------------- > patches necessary to SRU mqueue mediation to jammy (22.04) 5.15 kernel. > > Note: backport of mqueue feature required resolving merge conflicts > because apparmor: move ptrace mediation to more logical task.{h,c} was > not picked. > > ---------------------------------------------------------------- > John Johansen (2): > UBUNTU: SAUCE: (no-up) apparmor: reserve mediation classes > UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of > posix mqueues > > security/apparmor/apparmorfs.c | 7 ++ > security/apparmor/file.c | 60 ++++++++++- > security/apparmor/include/apparmor.h | 10 +- > security/apparmor/include/audit.h | 4 + > security/apparmor/include/inode.h | 42 ++++++++ > security/apparmor/include/ipc.h | 56 +++++++++++ > security/apparmor/include/perms.h | 9 ++ > security/apparmor/ipc.c | 104 +++++++++++++++++++ > security/apparmor/lib.c | 38 ++++--- > security/apparmor/lsm.c | 190 > ++++++++++++++++++++++++++++++++++- > 10 files changed, 500 insertions(+), 20 deletions(-) > create mode 100644 security/apparmor/include/inode.h > Applied to jammy master-next branch. Thanks!
This pull request (2 commits) backports apparmor mqueue mediation to the 5.15 kernel, as this has been requested by customers. BugLink: https://bugs.launchpad.net/bugs/2045384 Note: this patche set is present in Ubuntu 22.10, 23.04, 23.10 kernels and the SRU for the apparmor userspace to support this feature via HWE kernels have already been done in https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1993353 The following changes since commit 47b1356c95e2b0281f0bf4a45b0604ecadea2f14: selftests/ftrace: Stop tracing while reading the trace file by default (2023-12-01 11:08:18 +0100) are available in the Git repository at: https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next tags/apparmor-jammy-mqueue-sru-12.13.23 for you to fetch changes up to 0e16b6045859b35ed0403769604a66c0385df79b: UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of posix mqueues (2023-12-13 15:53:17 -0800) ---------------------------------------------------------------- patches necessary to SRU mqueue mediation to jammy (22.04) 5.15 kernel. Note: backport of mqueue feature required resolving merge conflicts because apparmor: move ptrace mediation to more logical task.{h,c} was not picked. ---------------------------------------------------------------- John Johansen (2): UBUNTU: SAUCE: (no-up) apparmor: reserve mediation classes UBUNTU: SAUCE: (no-up) apparmor: Add fine grained mediation of posix mqueues security/apparmor/apparmorfs.c | 7 ++ security/apparmor/file.c | 60 ++++++++++- security/apparmor/include/apparmor.h | 10 +- security/apparmor/include/audit.h | 4 + security/apparmor/include/inode.h | 42 ++++++++ security/apparmor/include/ipc.h | 56 +++++++++++ security/apparmor/include/perms.h | 9 ++ security/apparmor/ipc.c | 104 +++++++++++++++++++ security/apparmor/lib.c | 38 ++++--- security/apparmor/lsm.c | 190 ++++++++++++++++++++++++++++++++++- 10 files changed, 500 insertions(+), 20 deletions(-) create mode 100644 security/apparmor/include/inode.h