linux-sg2042/security/apparmor
John Johansen ec34fa24a9 apparmor: fix replacement bug that adds new child to old parent
When set atomic replacement is used and the parent is updated before the
child, and the child did not exist in the old parent so there is no
direct replacement then the new child is incorrectly added to the old
parent. This results in the new parent not having the child(ren) that
it should and the old parent when being destroyed asserting the
following error.

AppArmor: policy_destroy: internal error, policy '<profile/name>' still
contains profiles

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
2016-07-12 08:43:10 -07:00
..
include apparmor: constify aa_path_link() 2016-03-28 00:47:26 -04:00
.gitignore AppArmor: remove af_names.h from .gitignore 2012-09-01 08:35:34 -07:00
Kconfig apparmor: clarify CRYPTO dependency 2015-10-22 11:11:28 +11:00
Makefile apparmor: add the ability to report a sha1 hash of loaded policy 2013-08-14 11:42:08 -07:00
apparmorfs.c VFS: security/: d_inode() annotations 2015-04-15 15:06:57 -04:00
audit.c apparmor: remove parent task info from audit logging 2013-10-29 21:34:04 -07:00
capability.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
context.c apparmor: change how profile replacement update is done 2013-08-14 11:42:06 -07:00
crypto.c apparmor: Use shash crypto API interface for profile hashes 2013-09-30 09:53:59 +10:00
domain.c LSM: Switch to lists of hooks 2015-05-12 15:00:41 +10:00
file.c apparmor: constify aa_path_link() 2016-03-28 00:47:26 -04:00
ipc.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
lib.c nick kvfree() from apparmor 2014-05-06 14:02:53 -04:00
lsm.c constify security_path_{link,rename} 2016-03-28 00:47:36 -04:00
match.c apparmor: reserve and mask off the top 8 bits of the base field 2013-04-28 00:37:32 -07:00
path.c [apparmor] constify struct path * in a bunch of helpers 2016-03-27 23:48:14 -04:00
policy.c apparmor: fix replacement bug that adds new child to old parent 2016-07-12 08:43:10 -07:00
policy_unpack.c apparmor: add the ability to report a sha1 hash of loaded policy 2013-08-14 11:42:08 -07:00
procattr.c apparmor: add interface files for profiles and namespaces 2013-08-14 11:42:07 -07:00
resource.c apparmor: relax the restrictions on setting rlimits 2013-04-28 00:36:46 -07:00
sid.c AppArmor: core policy routines 2010-08-02 15:38:37 +10:00