[GIT PULL] AppArmor updates for 6.8
John Johansen
john.johansen at canonical.com
Thu Jan 18 23:52:03 UTC 2024
Hi Linus,
Please pull the following apparmor for patches for the 6.8 merge
window.
This PR adds a single feature, switch the hash used to check policy
from sha1 to sha256
There are fixes for two memory leaks, and refcount bug and a potential
crash when a profile name is empty. Along with a couple minor code
cleanups.
These patches have been in linux-next and been tested while in there,
and have also had a merge and regression test against your current
tree as of this morning.
thanks
- john
The following changes since commit b85ea95d086471afb4ad062012a4d73cd328fa86:
Linux 6.7-rc1 (2023-11-12 16:19:07 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2024-01-18
for you to fetch changes up to 8ead196be219adade3bd0d4115cc9b8506643121:
apparmor: Fix memory leak in unpack_profile() (2024-01-09 01:45:25 -0800)
----------------------------------------------------------------
+ Features
- switch policy hash fro sha1 to sha256
+ Bug Fixes
- Fix refcount leak in task_kill
- Fix leak of pdb objects and trans_table
- avoid crash when parse profile name is empty
+ Cleanups
- add static to stack_msg and nulldfa
- more kernel-doc cleanups
----------------------------------------------------------------
Dimitri John Ledkov (1):
apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256
Fedor Pchelkin (3):
apparmor: free the allocated pdb objects
apparmor: fix possible memory leak in unpack_trans_table
apparmor: avoid crash when parsed profile name is empty
Gaosheng Cui (1):
apparmor: Fix memory leak in unpack_profile()
John Johansen (5):
apparmor: declare stack_msg as static
apparmor: declare nulldfa as static
apparmor: add missing params to aa_may_ptrace kernel-doc comments
apparmor: cleanup network hook comments
apparmor: Fix ref count leak in task_kill
security/apparmor/Kconfig | 12 ++++----
security/apparmor/apparmorfs.c | 16 +++++-----
security/apparmor/crypto.c | 6 ++--
security/apparmor/domain.c | 2 +-
security/apparmor/lib.c | 1 +
security/apparmor/lsm.c | 63 +++++++++++----------------------------
security/apparmor/policy.c | 13 ++++----
security/apparmor/policy_unpack.c | 13 +++++---
security/apparmor/task.c | 2 ++
9 files changed, 54 insertions(+), 74 deletions(-)
More information about the Linux-security-module-archive
mailing list