From: John Johansen <john.johansen@canonical.com>
To: James Morris <jmorris@namei.org>
Cc: linux-security-module@vger.kernel.org,
LKLM <linux-kernel@vger.kernel.org>
Subject: [GIT PULL] AppArmor fixes for 4.11
Date: Mon, 16 Jan 2017 01:26:05 -0800 [thread overview]
Message-ID: <bcf7ade6-2f07-4a5b-7b84-6a3737d1f65f@canonical.com> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 7321 bytes --]
Hi James,
This is a set of bug fixes, a few additions to apparmorfs policy
introspection, a lot of code refactoring, and cleanups taking care of
most of the compiler and sparse warnings.
It does not implement new mediation or change the behavior of current
upstream apparmor mediation but provides a base to begin doing RFCs
for updated apparmor mediation.
Thanks,
-John
---
The following changes since commit b8aa8453918ebfd93d78de56c2afd4b735e02e27:
security: Fix inode_getattr documentation (2017-01-10 17:39:23 +1100)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor for-security
for you to fetch changes up to e6bfa25deb5096c05a08f01e4d6a436dd331fa88:
apparmor: replace remaining BUG_ON() asserts with AA_BUG() (2017-01-16 01:18:56 -0800)
----------------------------------------------------------------
John Johansen (56):
apparmor: move lib definitions into separate lib include
apparmor: split out shared policy_XXX fns to lib
apparmor: split apparmor policy namespaces code into its own file
apparmor: rename namespace to ns to improve code line lengths
apparmor: rename sid to secid
apparmor: rename PFLAG_INVALID to PFLAG_STALE
apparmor: rename replacedby to proxy
apparmor: add strn version of lookup_profile fn
apparmor: add strn version of aa_find_ns
apparmor: add lib fn to find the "split" for fqnames
apparmor: add fn to lookup profiles by fqname
apparmor: allow ns visibility question to consider subnses
apparmor: add macro for bug asserts to check that a lock is held
apparmor: add debug assert AA_BUG and Kconfig to control debug info
apparmor: rename mediated_filesystem() to path_mediated_fs()
apparmor: rename hname_tail to basename
apparmor: constify policy name and hname
apparmor: pass gfp param into aa_policy_init()
apparmor: update policy_destroy to use new debug asserts
apparmor: refactor prepare_ns() and make usable from different views
apparmor: pass gfp_t parameter into profile allocation
apparmor: name null-XXX profiles after the executable
apparmor: remove paranoid load switch
apparmor: add support for force complain flag to support learning mode
apparmor: prepare to support newer versions of policy
apparmor: add get_dfa() fn
apparmor: allow policydb to be used as the file dfa
apparmor: add a default null dfa
apparmor: provide userspace flag indicating binfmt_elf_mmap change
apparmor: add special .null file used to "close" fds at exec
apparmor: track ns level so it can be used to help in view checks
apparmor: Make aa_remove_profile() callable from a different view
apparmor: allow introspecting the policy namespace name
apparmor: allow specifying the profile doing the management
apparmor: add ns being viewed as a param to policy_view_capable()
apparmor: add ns being viewed as a param to policy_admin_capable()
apparmor: add profile and ns params to aa_may_manage_policy()
apparmor: add ns name to the audit data for policy loads
apparmor: allow introspecting the loaded policy pre internal transform
apparmor: audit policy ns specified in policy load
apparmor: pass the subject profile into profile replace/remove
apparmor: add per policy ns .load, .replace, .remove interface files
apparmor: fail task profile update if current_cred isn't real_cred
apparmor: rename context abreviation cxt to the more standard ctx
apparmor: change op from int to const char *
apparmor: change aad apparmor_audit_data macro to a fn macro
apparmor: remove unused op parameter from simple_write_to_buffer()
apparmor: fix change_hat debug output
apparmor: convert change_profile to use fqname later to give better control
apparmor: make computing policy hashes conditional on kernel parameter
apparmor: update cap audit to check SECURITY_CAP_NOAUDIT
apparmor: add per cpu work buffers to avoid allocating buffers at every hook
apparmor: add check for apparmor enabled in module parameters missing it
apparmor: fix restricted endian type warnings for dfa unpack
apparmor: fix restricted endian type warnings for policy unpack
apparmor: replace remaining BUG_ON() asserts with AA_BUG()
Kees Cook (1):
apparmor: use designated initializers
Tetsuo Handa (1):
AppArmor: Use GFP_KERNEL for __aa_kvmalloc().
Tyler Hicks (1):
apparmor: sysctl to enable unprivileged user ns AppArmor policy loading
William Hua (1):
apparmor: support querying extended trusted helper extra data
security/apparmor/Kconfig | 31 +-
security/apparmor/Makefile | 2 +-
security/apparmor/apparmorfs.c | 681 ++++++++++++++++++----
security/apparmor/audit.c | 98 +---
security/apparmor/capability.c | 26 +-
security/apparmor/context.c | 107 ++--
security/apparmor/crypto.c | 39 +-
security/apparmor/domain.c | 137 ++---
security/apparmor/file.c | 80 +--
security/apparmor/include/apparmor.h | 82 +--
security/apparmor/include/apparmorfs.h | 21 +-
security/apparmor/include/audit.h | 152 ++---
security/apparmor/include/context.h | 84 +--
security/apparmor/include/crypto.h | 5 +
security/apparmor/include/domain.h | 4 +-
security/apparmor/include/file.h | 9 +-
security/apparmor/include/lib.h | 200 +++++++
security/apparmor/include/match.h | 26 +-
security/apparmor/include/path.h | 53 ++
security/apparmor/include/policy.h | 199 ++-----
security/apparmor/include/policy_ns.h | 147 +++++
security/apparmor/include/policy_unpack.h | 28 +-
security/apparmor/include/{sid.h => secid.h} | 18 +-
security/apparmor/ipc.c | 18 +-
security/apparmor/lib.c | 111 +++-
security/apparmor/lsm.c | 315 ++++++----
security/apparmor/match.c | 47 +-
security/apparmor/nulldfa.in | 1 +
security/apparmor/policy.c | 824 ++++++++++-----------------
security/apparmor/policy_ns.c | 346 +++++++++++
security/apparmor/policy_unpack.c | 257 ++++++---
security/apparmor/procattr.c | 38 +-
security/apparmor/resource.c | 19 +-
security/apparmor/secid.c | 55 ++
security/apparmor/sid.c | 55 --
35 files changed, 2795 insertions(+), 1520 deletions(-)
create mode 100644 security/apparmor/include/lib.h
create mode 100644 security/apparmor/include/policy_ns.h
rename security/apparmor/include/{sid.h => secid.h} (50%)
create mode 100644 security/apparmor/nulldfa.in
create mode 100644 security/apparmor/policy_ns.c
create mode 100644 security/apparmor/secid.c
delete mode 100644 security/apparmor/sid.c
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
next reply other threads:[~2017-01-16 9:26 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-16 9:26 John Johansen [this message]
2017-01-16 21:30 ` [GIT PULL] AppArmor fixes for 4.11 John Johansen
2017-01-16 23:33 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bcf7ade6-2f07-4a5b-7b84-6a3737d1f65f@canonical.com \
--to=john.johansen@canonical.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).