• Linus Torvalds's avatar
    Merge tag 'apparmor-pr-2018-04-10' of... · 80a17a5f
    Linus Torvalds authored
    Merge tag 'apparmor-pr-2018-04-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
    
    Pull apparmor updates from John Johansen:
     "Features:
      - add base infrastructure for socket mediation. ABI bump and
        additional checks to ensure only v8 compliant policy uses socket af
        mediation.
      - improve and cleanup dfa verification
      - improve profile attachment logic
         - improve overlapping expression handling
         - add the xattr matching to the attachment logic
      - improve signal mediation handling with stacked labels
      - improve handling of no_new_privs in a label stack
    
      Cleanups and changes:
      - use dfa to parse string split
      - bounded version of label_parse
      - proper line wrap nulldfa.in
      - split context out into task and cred naming to better match usage
      - simplify code in aafs
    
      Bug fixes:
      - fix display of .ns_name for containers
      - fix resource audit messages when auditing peer
      - fix logging of the existence test for signals
      - fix resource audit messages when auditing peer
      - fix display of .ns_name for containers
      - fix an error code in verify_table_headers()
      - fix memory leak on buffer on error exit path
      - fix error returns checks by making size a ssize_t"
    
    * tag 'apparmor-pr-2018-04-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: (36 commits)
      apparmor: fix memory leak on buffer on error exit path
      apparmor: fix dangling symlinks to policy rawdata after replacement
      apparmor: Fix an error code in verify_table_headers()
      apparmor: fix error returns checks by making size a ssize_t
      apparmor: update MAINTAINERS file git and wiki locations
      apparmor: remove POLICY_MEDIATES_SAFE
      apparmor: add base infastructure for socket mediation
      apparmor: improve overlapping domain attachment resolution
      apparmor: convert attaching profiles via xattrs to use dfa matching
      apparmor: Add support for attaching profiles via xattr, presence and value
      apparmor: cleanup: simplify code to get ns symlink name
      apparmor: cleanup create_aafs() error path
      apparmor: dfa split verification of table headers
      apparmor: dfa add support for state differential encoding
      apparmor: dfa move character match into a macro
      apparmor: update domain transitions that are subsets of confinement at nnp
      apparmor: move context.h to cred.h
      apparmor: move task related defines and fns to task.X files
      apparmor: cleanup, drop unused fn __aa_task_is_confined()
      apparmor: cleanup fixup description of aa_replace_profiles
      ...
    80a17a5f
Name
Last commit
Last update
..
apparmor Loading commit data...
integrity Loading commit data...
keys Loading commit data...
loadpin Loading commit data...
selinux Loading commit data...
smack Loading commit data...
tomoyo Loading commit data...
yama Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...
commoncap.c Loading commit data...
device_cgroup.c Loading commit data...
inode.c Loading commit data...
lsm_audit.c Loading commit data...
min_addr.c Loading commit data...
security.c Loading commit data...