[GIT PULL] apparmor updates for 5.8
John Johansen
john.johansen at canonical.com
Sun Jun 7 21:12:54 UTC 2020
Hi Linus,
Can you please pull the following changes for apparmor
Thanks!
- John
The following changes since commit c79f46a282390e0f5b306007bf7b11a46d529538:
Linux 5.5-rc5 (2020-01-05 14:23:27 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2020-06-07
for you to fetch changes up to 3622ad25d4d68fcbdef3bc084b5916873e785344:
apparmor: Fix memory leak of profile proxy (2020-06-07 13:38:55 -0700)
----------------------------------------------------------------
Tag summary
+ Features
- Replace zero-length array with flexible-array
- add a valid state flags check
- add consistency check between state and dfa diff encode flags
- add apparmor subdir to proc attr interface
- fail unpack if profile mode is unknown
- add outofband transition and use it in xattr match
- ensure that dfa state tables have entries
+ Cleanups
- Use true and false for bool variable
- Remove semicolon
- Clean code by removing redundant instructions
- Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
- remove duplicate check of xattrs on profile attachment
- remove useless aafs_create_symlink
+ Bug fixes
- Fix memory leak of profile proxy
- fix introspection of of task mode for unconfined tasks
- fix nnp subset test for unconfined
- check/put label on apparmor_sk_clone_security()
----------------------------------------------------------------
Gustavo A. R. Silva (1):
apparmor: Replace zero-length array with flexible-array
John Johansen (11):
apparmor: add a valid state flags check
apparmor: add consistency check between state and dfa diff encode flags
apparmor: add proc subdir to attrs
apparmor: remove useless aafs_create_symlink
apparmor: fix nnp subset test for unconfined
apparmor: fail unpack if profile mode is unknown
apparmor: add outofband transition and use it in xattr match
apparmor: remove duplicate check of xattrs on profile attachment.
apparmor: ensure that dfa state tables have entries
apparmor: fix introspection of of task mode for unconfined tasks
apparmor: Fix memory leak of profile proxy
Markus Elfring (1):
apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
Mateusz Nosek (1):
security/apparmor/label.c: Clean code by removing redundant instructions
Mauricio Faria de Oliveira (1):
apparmor: check/put label on apparmor_sk_clone_security()
Vasyl Gomonovych (1):
AppArmor: Remove semicolon
Zou Wei (1):
apparmor: Use true and false for bool variable
fs/proc/base.c | 13 +++++++++
security/apparmor/apparmorfs.c | 56 +++++++++---------------------------
security/apparmor/domain.c | 39 +++++++++----------------
security/apparmor/file.c | 12 ++++----
security/apparmor/include/label.h | 2 ++
security/apparmor/include/match.h | 11 +++++++
security/apparmor/label.c | 60 ++++++++++++++++++++++++++++-----------
security/apparmor/lsm.c | 5 ++++
security/apparmor/match.c | 58 ++++++++++++++++++++++++++++++++++++-
security/apparmor/path.c | 2 +-
security/apparmor/policy.c | 1 +
security/apparmor/policy_unpack.c | 58 +++++++++++++++++++------------------
12 files changed, 198 insertions(+), 119 deletions(-)
More information about the Linux-security-module-archive
mailing list