[GIT PULL] apparmor changes for 5.16

John Johansen john.johansen at canonical.com
Wed Nov 10 21:45:25 UTC 2021


Hi Linus,

sorry this is so late, we had some issues with the test infrastructure. If you
prefer I can send an alternate PR with just the bug fixes.

thanks
john



The following changes since commit e37986097ba63c94b1af9d5ad5486d120a809f72:

  apparmor: Use true and false for bool variable (2020-05-15 14:26:33 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2021-11-10

for you to fetch changes up to 582122f1d73af28407234321c94711e09aa3fd04:

  apparmor: remove duplicated 'Returns:' comments (2021-11-03 15:57:51 -0700)

----------------------------------------------------------------
+ Features
  - use per file locks for transactional queries
  - update policy management capability checks to work with LSM stacking

+ Bug Fixes
  - check/put label on apparmor_sk_clone_security()
  - fix error check on update of label hname
  - fix introspection of of task mode for unconfined tasks

+ Cleanups
  - avoid -Wempty-body warning
  - remove duplicated 'Returns:' comments
  - fix doc warning
  - remove unneeded one-line hook wrappers
  - Use struct_size() helper in kzalloc()
  - fix zero-length compiler warning in AA_BUG()
  - file.h: delete duplicated word
  - delete repeated words in comments
  - Remove the repeated declaration

----------------------------------------------------------------
Arnd Bergmann (1):
      apparmor: avoid -Wempty-body warning

Austin Kim (1):
      apparmor: remove duplicated 'Returns:' comments

ChenXiaoSong (1):
      apparmor: fix doc warning

Florian Westphal (1):
      apparmor: remove unneeded one-line hook wrappers

Gustavo A. R. Silva (1):
      apparmor: Use struct_size() helper in kzalloc()

Hamza Mahfooz (1):
      apparmor: use per file locks for transactional queries

John Johansen (5):
      apparmor: fix introspection of of task mode for unconfined tasks
      apparmor: update policy capable checks to use a label
      apparmor: switch to apparmor to internal capable check for policy management
      apparmor: Fix internal policy capable check for policy management
      apparmor: fix zero-length compiler warning in AA_BUG()

Mauricio Faria de Oliveira (1):
      apparmor: check/put label on apparmor_sk_clone_security()

Randy Dunlap (2):
      security: apparmor: file.h: delete duplicated word
      security: apparmor: delete repeated words in comments

Shaokun Zhang (1):
      apparmor: Remove the repeated declaration

Tom Rix (1):
      apparmor: fix error check

 security/apparmor/apparmorfs.c     | 17 +++++------
 security/apparmor/include/file.h   |  2 +-
 security/apparmor/include/label.h  |  5 +--
 security/apparmor/include/lib.h    |  9 ++++--
 security/apparmor/include/policy.h |  6 ++--
 security/apparmor/label.c          | 11 +++----
 security/apparmor/lsm.c            | 47 +++++++++++------------------
 security/apparmor/path.c           |  2 +-
 security/apparmor/policy.c         | 62 +++++++++++++++++++++++++++++++-------
 security/apparmor/policy_unpack.c  |  2 +-
 security/apparmor/procattr.c       |  2 --
 11 files changed, 97 insertions(+), 68 deletions(-)



More information about the Linux-security-module-archive mailing list