linux-sg2042

History

Linus Torvalds 79444df4e7 + Features - in preparation for secid mapping add support for absolute root view based labels - add base infastructure for socket mediation - add mount mediation - add signal mediation + minor cleanups and changes - be defensive, ensure unconfined profiles have dfas initialized - add more debug asserts to apparmorfs - enable policy unpacking to audit different reasons for failure - cleanup conditional check for label in label_print - Redundant condition: prev_ns. in [label.c:1498] + Bug Fixes - fix regression in apparmorfs DAC access permissions - fix build failure on sparc caused by undeclared signals - fix sparse report of incorrect type assignment when freeing label proxies - fix race condition in null profile creation - Fix an error code in aafs_create() - Fix logical error in verify_header() - Fix shadowed local variable in unpack_trans_table() -----BEGIN PGP SIGNATURE----- iQIcBAABCgAGBQJZxZP9AAoJEAUvNnAY1cPY+psP/Rx7Nu2T9kHpotLeyOznrTvK iOrFR4Xj1exLNfwUJcjiDcrYRhEdqamduiJvEZinQLPN8vapXfiUmjXIW1sgYJnO X6NDeFObo/VJz0L8rZZdJbxykWfGjzQa4zXf177ztMvY+ME9kagOaHowqRom8obv 5bi83Dc8wjUOVkvmH9yuHHUkI9knXrtUUnYb3xY1kEVlHi1ujElkQvAx1q+IkOw9 vN74YGTDZCsd+cSRbmhbK7Mur1Q8BDy2EeG1k26Tr7VELmNL8tnsOpJYEiIWOhYl Lh1aA3RPGTN0dWfZn2qfB2a1NevFXERaM1zKs1ZNykg+hI4om99gt8mXqe+i+Kuc qoWF59NF426mmywSYjKOMHGPBooVAiGmKPRjsIee6HTV4bGkcxYsYiV/VcrS9J9V dpCBBU0stnGpStwfSBL5JWwMMilJSkSETX7XLxJ5lhhHhi7jM2Dd9aAkbIPcQYPD v2XjKxW2tOhxmEaige/rS2s7rbxBlLhJ8MR07FR8znL0idILAufnWlLeqJG1X9rO FBbqqyTqyx8ca5v1c751jTXZ39cArVmlwnw2ZNjEaXrGaTsIssYPC5B9poSU/OlT IAYQe9sZndqFn1Lom0gbdTe3RTnR4/22uNQYW/3TG3JP52ui0wQZFNJtRCP3mmIq bFlKKqVkAKETun8WyUfz =iDCd -----END PGP SIGNATURE----- Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull apparmor updates from John Johansen: "This is the apparmor pull request, similar to SELinux and seccomp. It's the same series that I was sent to James' security tree + one regression fix that was found after the series was sent to James and would have been sent for v4.14-rc2. Features: - in preparation for secid mapping add support for absolute root view based labels - add base infastructure for socket mediation - add mount mediation - add signal mediation minor cleanups and changes: - be defensive, ensure unconfined profiles have dfas initialized - add more debug asserts to apparmorfs - enable policy unpacking to audit different reasons for failure - cleanup conditional check for label in label_print - Redundant condition: prev_ns. in [label.c:1498] Bug Fixes: - fix regression in apparmorfs DAC access permissions - fix build failure on sparc caused by undeclared signals - fix sparse report of incorrect type assignment when freeing label proxies - fix race condition in null profile creation - Fix an error code in aafs_create() - Fix logical error in verify_header() - Fix shadowed local variable in unpack_trans_table()" * tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: apparmor: fix apparmorfs DAC access permissions apparmor: fix build failure on sparc caused by undeclared signals apparmor: fix incorrect type assignment when freeing proxies apparmor: ensure unconfined profiles have dfas initialized apparmor: fix race condition in null profile creation apparmor: move new_null_profile to after profile lookup fns() apparmor: add base infastructure for socket mediation apparmor: add more debug asserts to apparmorfs apparmor: make policy_unpack able to audit different info messages apparmor: add support for absolute root view based labels apparmor: cleanup conditional check for label in label_print apparmor: add mount mediation apparmor: add the ability to mediate signals apparmor: Redundant condition: prev_ns. in [label.c:1498] apparmor: Fix an error code in aafs_create() apparmor: Fix logical error in verify_header() apparmor: Fix shadowed local variable in unpack_trans_table()		2017-09-23 05:33:29 -10:00
..
apparmor.h	apparmor: add mount mediation	2017-09-22 13:00:57 -07:00
apparmorfs.h	apparmor: add policy revision file interface	2017-06-10 17:11:27 -07:00
audit.h	apparmor: add base infastructure for socket mediation	2017-09-22 13:00:58 -07:00
capability.h	apparmor: move capability checks to using labels	2017-06-10 17:11:40 -07:00
context.h	apparmor: switch from profiles to using labels on contexts	2017-06-10 17:11:38 -07:00
crypto.h	apparmor: allow introspecting the loaded policy pre internal transform	2017-01-16 01:18:42 -08:00
domain.h	+ Features	2017-09-23 05:33:29 -10:00
file.h	apparmor: Refactor to remove bprm_secureexec hook	2017-08-01 12:03:06 -07:00
ipc.h	apparmor: add the ability to mediate signals	2017-09-22 13:00:57 -07:00
label.h	apparmor: add support for absolute root view based labels	2017-09-22 13:00:58 -07:00
lib.h	apparmor: move exec domain mediation to using labels	2017-06-10 17:11:46 -07:00
match.h	apparmor: fix restricted endian type warnings for dfa unpack	2017-01-16 01:18:54 -08:00
mount.h	apparmor: add mount mediation	2017-09-22 13:00:57 -07:00
net.h	apparmor: add base infastructure for socket mediation	2017-09-22 13:00:58 -07:00
path.h	apparmor: Move path lookup to using preallocated buffers	2017-06-08 11:29:34 -07:00
perms.h	apparmor: add base infastructure for socket mediation	2017-09-22 13:00:58 -07:00
policy.h	apparmor: add base infastructure for socket mediation	2017-09-22 13:00:58 -07:00
policy_ns.h	apparmor: switch from profiles to using labels on contexts	2017-06-10 17:11:38 -07:00
policy_unpack.h	apparmor: move to per loaddata files, instead of replicating in profiles	2017-06-08 12:51:49 -07:00
procattr.h	apparmor: switch getprocattr to using label_print fns()	2017-06-10 17:11:39 -07:00
resource.h	apparmor: move resource checks to using labels	2017-06-10 17:11:40 -07:00
secid.h	apparmor: rename sid to secid	2017-01-16 00:42:17 -08:00
sig_names.h	apparmor: fix build failure on sparc caused by undeclared signals	2017-09-22 13:00:58 -07:00