[GIT PULL] apparmor changes for 5.16

From: John Johansen
Date: Wed Nov 10 2021 - 16:45:39 EST


Hi Linus,

sorry this is so late, we had some issues with the test infrastructure. If you
prefer I can send an alternate PR with just the bug fixes.

thanks
john



The following changes since commit e37986097ba63c94b1af9d5ad5486d120a809f72:

apparmor: Use true and false for bool variable (2020-05-15 14:26:33 -0700)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2021-11-10

for you to fetch changes up to 582122f1d73af28407234321c94711e09aa3fd04:

apparmor: remove duplicated 'Returns:' comments (2021-11-03 15:57:51 -0700)

----------------------------------------------------------------
+ Features
- use per file locks for transactional queries
- update policy management capability checks to work with LSM stacking

+ Bug Fixes
- check/put label on apparmor_sk_clone_security()
- fix error check on update of label hname
- fix introspection of of task mode for unconfined tasks

+ Cleanups
- avoid -Wempty-body warning
- remove duplicated 'Returns:' comments
- fix doc warning
- remove unneeded one-line hook wrappers
- Use struct_size() helper in kzalloc()
- fix zero-length compiler warning in AA_BUG()
- file.h: delete duplicated word
- delete repeated words in comments
- Remove the repeated declaration

----------------------------------------------------------------
Arnd Bergmann (1):
apparmor: avoid -Wempty-body warning

Austin Kim (1):
apparmor: remove duplicated 'Returns:' comments

ChenXiaoSong (1):
apparmor: fix doc warning

Florian Westphal (1):
apparmor: remove unneeded one-line hook wrappers

Gustavo A. R. Silva (1):
apparmor: Use struct_size() helper in kzalloc()

Hamza Mahfooz (1):
apparmor: use per file locks for transactional queries

John Johansen (5):
apparmor: fix introspection of of task mode for unconfined tasks
apparmor: update policy capable checks to use a label
apparmor: switch to apparmor to internal capable check for policy management
apparmor: Fix internal policy capable check for policy management
apparmor: fix zero-length compiler warning in AA_BUG()

Mauricio Faria de Oliveira (1):
apparmor: check/put label on apparmor_sk_clone_security()

Randy Dunlap (2):
security: apparmor: file.h: delete duplicated word
security: apparmor: delete repeated words in comments

Shaokun Zhang (1):
apparmor: Remove the repeated declaration

Tom Rix (1):
apparmor: fix error check

security/apparmor/apparmorfs.c | 17 +++++------
security/apparmor/include/file.h | 2 +-
security/apparmor/include/label.h | 5 +--
security/apparmor/include/lib.h | 9 ++++--
security/apparmor/include/policy.h | 6 ++--
security/apparmor/label.c | 11 +++----
security/apparmor/lsm.c | 47 +++++++++++------------------
security/apparmor/path.c | 2 +-
security/apparmor/policy.c | 62 +++++++++++++++++++++++++++++++-------
security/apparmor/policy_unpack.c | 2 +-
security/apparmor/procattr.c | 2 --
11 files changed, 97 insertions(+), 68 deletions(-)