[GIT PULL] apparmor updates for 5.8

John Johansen john.johansen at canonical.com
Sun Jun 7 21:12:54 UTC 2020


Hi Linus,

Can you please pull the following changes for apparmor

Thanks!

- John

The following changes since commit c79f46a282390e0f5b306007bf7b11a46d529538:

  Linux 5.5-rc5 (2020-01-05 14:23:27 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2020-06-07

for you to fetch changes up to 3622ad25d4d68fcbdef3bc084b5916873e785344:

  apparmor: Fix memory leak of profile proxy (2020-06-07 13:38:55 -0700)

----------------------------------------------------------------
Tag summary

+ Features
  - Replace zero-length array with flexible-array
  - add a valid state flags check
  - add consistency check between state and dfa diff encode flags
  - add apparmor subdir to proc attr interface
  - fail unpack if profile mode is unknown
  - add outofband transition and use it in xattr match
  - ensure that dfa state tables have entries

+ Cleanups
  - Use true and false for bool variable
  - Remove semicolon
  - Clean code by removing redundant instructions
  - Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()
  - remove duplicate check of xattrs on profile attachment
  - remove useless aafs_create_symlink

+ Bug fixes
  - Fix memory leak of profile proxy
  - fix introspection of of task mode for unconfined tasks
  - fix nnp subset test for unconfined
  - check/put label on apparmor_sk_clone_security()

----------------------------------------------------------------
Gustavo A. R. Silva (1):
      apparmor: Replace zero-length array with flexible-array

John Johansen (11):
      apparmor: add a valid state flags check
      apparmor: add consistency check between state and dfa diff encode flags
      apparmor: add proc subdir to attrs
      apparmor: remove useless aafs_create_symlink
      apparmor: fix nnp subset test for unconfined
      apparmor: fail unpack if profile mode is unknown
      apparmor: add outofband transition and use it in xattr match
      apparmor: remove duplicate check of xattrs on profile attachment.
      apparmor: ensure that dfa state tables have entries
      apparmor: fix introspection of of task mode for unconfined tasks
      apparmor: Fix memory leak of profile proxy

Markus Elfring (1):
      apparmor: Replace two seq_printf() calls by seq_puts() in aa_label_seq_xprint()

Mateusz Nosek (1):
      security/apparmor/label.c: Clean code by removing redundant instructions

Mauricio Faria de Oliveira (1):
      apparmor: check/put label on apparmor_sk_clone_security()

Vasyl Gomonovych (1):
      AppArmor: Remove semicolon

Zou Wei (1):
      apparmor: Use true and false for bool variable

 fs/proc/base.c                    | 13 +++++++++
 security/apparmor/apparmorfs.c    | 56 +++++++++---------------------------
 security/apparmor/domain.c        | 39 +++++++++----------------
 security/apparmor/file.c          | 12 ++++----
 security/apparmor/include/label.h |  2 ++
 security/apparmor/include/match.h | 11 +++++++
 security/apparmor/label.c         | 60 ++++++++++++++++++++++++++++-----------
 security/apparmor/lsm.c           |  5 ++++
 security/apparmor/match.c         | 58 ++++++++++++++++++++++++++++++++++++-
 security/apparmor/path.c          |  2 +-
 security/apparmor/policy.c        |  1 +
 security/apparmor/policy_unpack.c | 58 +++++++++++++++++++------------------
 12 files changed, 198 insertions(+), 119 deletions(-)



More information about the Linux-security-module-archive mailing list