[packages/kernel] - up to 4.8.12
arekm
arekm at pld-linux.org
Sat Dec 3 15:44:38 CET 2016
commit 4a5a8dc62bcac9e1f5874033da5c9b7f062241da
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Sat Dec 3 15:44:31 2016 +0100
- up to 4.8.12
kernel-apparmor.patch | 39 ---------------------------------------
kernel.spec | 4 ++--
2 files changed, 2 insertions(+), 41 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index f064554..f672fc8 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -71,7 +71,7 @@
%define rel 1
%define basever 4.8
-%define postver .11
+%define postver .12
# define this to '-%{basever}' for longterm branch
%define versuffix %{nil}
@@ -123,7 +123,7 @@ Source0: https://www.kernel.org/pub/linux/kernel/v4.x/linux-%{basever}.tar.xz
# Source0-md5: c1af0afbd3df35c1ccdc7a5118cd2d07
%if "%{postver}" != ".0"
Patch0: https://www.kernel.org/pub/linux/kernel/v4.x/patch-%{version}.xz
-# Patch0-md5: d999d6d294818491221f6d9789a667e8
+# Patch0-md5: 9a938fd7a82d8b390f957657947fe673
%endif
Source1: kernel.sysconfig
diff --git a/kernel-apparmor.patch b/kernel-apparmor.patch
index 2330b2a..9c0b815 100644
--- a/kernel-apparmor.patch
+++ b/kernel-apparmor.patch
@@ -1566,43 +1566,4 @@ index 0000000..9cf9170
+ return error;
+}
-commit 29fb087c5df8bb8ac354ab58d33c43e68270123b
-Author: John Johansen <john.johansen at canonical.com>
-Date: Wed Aug 31 21:10:06 2016 -0700
-
- apparmor: fix change_hat not finding hat after policy replacement
-
- After a policy replacement, the task cred may be out of date and need
- to be updated. However change_hat is using the stale profiles from
- the out of date cred resulting in either: a stale profile being applied
- or, incorrect failure when searching for a hat profile as it has been
- migrated to the new parent profile.
-
- Fixes: 01e2b670aa898a39259bc85c78e3d74820f4d3b6 (failure to find hat)
- Fixes: 898127c34ec03291c86f4ff3856d79e9e18952bc (stale policy being applied)
- Signed-off-by: John Johansen <john.johansen at canonical.com>
-diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
-index f2a83b4..dbd68f2 100644
---- a/security/apparmor/domain.c
-+++ b/security/apparmor/domain.c
-@@ -621,8 +621,8 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest)
- /* released below */
- cred = get_current_cred();
- cxt = cred_cxt(cred);
-- profile = aa_cred_profile(cred);
-- previous_profile = cxt->previous;
-+ profile = aa_get_newest_profile(aa_cred_profile(cred));
-+ previous_profile = aa_get_newest_profile(cxt->previous);
-
- if (unconfined(profile)) {
- info = "unconfined";
-@@ -718,6 +718,8 @@ audit:
- out:
- aa_put_profile(hat);
- kfree(name);
-+ aa_put_profile(profile);
-+ aa_put_profile(previous_profile);
- put_cred(cred);
-
- return error;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/kernel.git/commitdiff/4a5a8dc62bcac9e1f5874033da5c9b7f062241da
More information about the pld-cvs-commit
mailing list