[GIT PULL] AppArmor updates for 6.8

From: John Johansen
Date: Thu Jan 18 2024 - 18:52:32 EST

Next message: Linus Walleij: "Re: [PATCH v7 01/39] ARM: ep93xx: Add terminator to gpiod_lookup_table"
Previous message: Guenter Roeck: "Re: [PATCH v2 3/3] mfd: cros_ec: Register EC-based watchdog subdevice"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] AppArmor updates for 6.8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Linus,

Please pull the following apparmor for patches for the 6.8 merge
window.

This PR adds a single feature, switch the hash used to check policy
from sha1 to sha256

There are fixes for two memory leaks, and refcount bug and a potential
crash when a profile name is empty. Along with a couple minor code
cleanups.

These patches have been in linux-next and been tested while in there,
and have also had a merge and regression test against your current
tree as of this morning.

thanks
- john

The following changes since commit b85ea95d086471afb4ad062012a4d73cd328fa86:

Linux 6.7-rc1 (2023-11-12 16:19:07 -0800)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor tags/apparmor-pr-2024-01-18

for you to fetch changes up to 8ead196be219adade3bd0d4115cc9b8506643121:

apparmor: Fix memory leak in unpack_profile() (2024-01-09 01:45:25 -0800)

----------------------------------------------------------------
+ Features
- switch policy hash fro sha1 to sha256

+ Bug Fixes
- Fix refcount leak in task_kill
- Fix leak of pdb objects and trans_table
- avoid crash when parse profile name is empty

+ Cleanups
- add static to stack_msg and nulldfa
- more kernel-doc cleanups

----------------------------------------------------------------
Dimitri John Ledkov (1):
apparmor: switch SECURITY_APPARMOR_HASH from sha1 to sha256

Fedor Pchelkin (3):
apparmor: free the allocated pdb objects
apparmor: fix possible memory leak in unpack_trans_table
apparmor: avoid crash when parsed profile name is empty

Gaosheng Cui (1):
apparmor: Fix memory leak in unpack_profile()

John Johansen (5):
apparmor: declare stack_msg as static
apparmor: declare nulldfa as static
apparmor: add missing params to aa_may_ptrace kernel-doc comments
apparmor: cleanup network hook comments
apparmor: Fix ref count leak in task_kill

security/apparmor/Kconfig | 12 ++++----
security/apparmor/apparmorfs.c | 16 +++++-----
security/apparmor/crypto.c | 6 ++--
security/apparmor/domain.c | 2 +-
security/apparmor/lib.c | 1 +
security/apparmor/lsm.c | 63 +++++++++++----------------------------
security/apparmor/policy.c | 13 ++++----
security/apparmor/policy_unpack.c | 13 +++++---
security/apparmor/task.c | 2 ++
9 files changed, 54 insertions(+), 74 deletions(-)

Next message: Linus Walleij: "Re: [PATCH v7 01/39] ARM: ep93xx: Add terminator to gpiod_lookup_table"
Previous message: Guenter Roeck: "Re: [PATCH v2 3/3] mfd: cros_ec: Register EC-based watchdog subdevice"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] AppArmor updates for 6.8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]