mirror of
https://github.com/torvalds/linux.git
synced 2026-03-08 04:44:45 +01:00
219d7660c5
- add .kunitconfig - audit execpath in userns mediation - add support loading per permission tagging + Cleanups - cleanup remove unused percpu critical sections in buffer management - document the buffer hold, add an overflow guard - split xxx_in_ns into its two separate semantic use cases - remove apply_modes_to_perms from label_match - refactor/cleanup cred helper fns. - guard against free attachment/data routines being called with a NULL - drop in_atomic flag in common_mmap, and common_file_perm, and cleanup - make str table more generic and be able to have multiple entries - Replace deprecated strcpy with memcpy in gen_symlink_name - Replace deprecated strcpy in d_namespace_path - Replace sprintf/strcpy with scnprintf/strscpy in aa_policy_init - replace sprintf with snprintf in aa_new_learning_profile + Bug Fixes - fix cast in format string DEBUG statement - fix make aa_labelmatch return consistent - fix fmt string type error in process_strs_entry - fix kernel-doc comments for inview - fix invalid deref of rawdata when export_binary is unset - avoid per-cpu hold underflow in aa_get_buffer - fix fast path cache check for unix sockets - fix rlimit for posix cpu timers - fix label and profile debug macros - move check for aa_null file to cover all cases - return -ENOMEM in unpack_perms_table upon alloc failure - fix boolean argument in apparmor_mmap_file - Fix & Optimize table creation from possibly unaligned memory - Allow apparmor to handle unaligned dfa tables - fix NULL deref in aa_sock_file_perm - fix NULL pointer dereference in __unix_needs_revalidation - fix signedness bug in unpack_tags() -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7cSDD705q2rFEEf7BS82cBjVw9gFAmmWHk0ACgkQBS82cBjV w9gtTw//e1Gg3tohE4aMGc4B4EawLKKCdkZ/YrNIJqD9Uer7SJNZxsIpiXQF7h3b 6t4gd9r7kMZHFq9B3zVp1uBrhCb7zay6/FgqizwnNPpgcsFY8Y//4MZHtx+pCxw7 3kWvTqO9edkibGW3Pob0w8RdjV+0Q1kmYMY061lBbP0dK6gW5A+xB+vnEeaNx8tD Xco9Aeixy9HhjjNTAC7uryHCp6r9pOGSw/ubvBPUeH/KFJDQaaMWbBttwlMe/Ti6 VCMGlqsS863Jm//bviMWRy0YYc5kgYAJphzRMsKQW4LpQkNoNGkv1h1CCau7SJ7U hueKoxbzmZwQyEA9ydaN2m6PX9mcsaqcVCOhAJmMwClra5jdNjN4FSliymGNCeXf T+NXiqomXFY60jdTuzOJsXkAjXMWk8BuxWd0auWnS/qlbDlLOYhoLzM/DANoCx13 CTAvjI4hB4kRtMfMySrjT5294LrQnYejV4kKQ1dXK3CL3s+6KPTfTkBE51DDTNRn 5cJ9KFcKaGuG4ACj0ZSMJT2TXeNkOOiHsrQX1MyZWI5w4RjitgaPZ+++Zcx4gH9a rVDkMW1QZy705asxQVneyqvtKYxYOMCzu9+imBAu+TRJptguSonWHf9/YEk+s/GO xxZWyDp7poVZoH8mORhaO3JuCbDRdeSHx3Pma9CVih407or3gYU= =FFMr -----END PGP SIGNATURE----- Merge tag 'apparmor-pr-2026-02-18' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull AppArmor updates from John Johansen: "Features: - add .kunitconfig - audit execpath in userns mediation - add support loading per permission tagging Cleanups: - remove unused percpu critical sections in buffer management - document the buffer hold, add an overflow guard - split xxx_in_ns into its two separate semantic use cases - remove apply_modes_to_perms from label_match - refactor/cleanup cred helper fns. - guard against free attachment/data routines being called with NULL - drop in_atomic flag in common_mmap, common_file_perm, and cleanup - make str table more generic and be able to have multiple entries - Replace deprecated strcpy with memcpy in gen_symlink_name - Replace deprecated strcpy in d_namespace_path - Replace sprintf/strcpy with scnprintf/strscpy in aa_policy_init - replace sprintf with snprintf in aa_new_learning_profile Bug Fixes: - fix cast in format string DEBUG statement - fix make aa_labelmatch return consistent - fix fmt string type error in process_strs_entry - fix kernel-doc comments for inview - fix invalid deref of rawdata when export_binary is unset - avoid per-cpu hold underflow in aa_get_buffer - fix fast path cache check for unix sockets - fix rlimit for posix cpu timers - fix label and profile debug macros - move check for aa_null file to cover all cases - return -ENOMEM in unpack_perms_table upon alloc failure - fix boolean argument in apparmor_mmap_file - Fix & Optimize table creation from possibly unaligned memory - Allow apparmor to handle unaligned dfa tables - fix NULL deref in aa_sock_file_perm - fix NULL pointer dereference in __unix_needs_revalidation - fix signedness bug in unpack_tags()" * tag 'apparmor-pr-2026-02-18' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: (34 commits) apparmor: fix signedness bug in unpack_tags() apparmor: fix cast in format string DEBUG statement apparmor: fix aa_label to return state from compount and component match apparmor: fix fmt string type error in process_strs_entry apparmor: fix kernel-doc comments for inview apparmor: fix invalid deref of rawdata when export_binary is unset apparmor: add .kunitconfig apparmor: cleanup remove unused percpu critical sections in buffer management apparmor: document the buffer hold, add an overflow guard apparmor: avoid per-cpu hold underflow in aa_get_buffer apparmor: split xxx_in_ns into its two separate semantic use cases apparmor: make label_match return a consistent value apparmor: remove apply_modes_to_perms from label_match apparmor: fix fast path cache check for unix sockets apparmor: fix rlimit for posix cpu timers apparmor: refactor/cleanup cred helper fns. apparmor: fix label and profile debug macros apparmor: move check for aa_null file to cover all cases apparmor: guard against free routines being called with a NULL apparmor: return -ENOMEM in unpack_perms_table upon alloc failure ... |
||
|---|---|---|
| .. | ||
| apparmor | ||
| bpf | ||
| integrity | ||
| ipe | ||
| keys | ||
| landlock | ||
| loadpin | ||
| lockdown | ||
| safesetid | ||
| selinux | ||
| smack | ||
| tomoyo | ||
| yama | ||
| commoncap.c | ||
| commoncap_test.c | ||
| device_cgroup.c | ||
| inode.c | ||
| Kconfig | ||
| Kconfig.hardening | ||
| lsm.h | ||
| lsm_audit.c | ||
| lsm_init.c | ||
| lsm_notifier.c | ||
| lsm_syscalls.c | ||
| Makefile | ||
| min_addr.c | ||
| security.c | ||