]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fe86482) | patch
apparmor: convert to profile block critical sections
authorJohn Johansen <john.johansen@canonical.com>
Fri, 9 Jun 2017 09:08:28 +0000 (02:08 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Sun, 11 Jun 2017 00:11:34 +0000 (17:11 -0700)
commitcf797c0e5e312520b0b9f0367039fc0279a07a76
tree68dc51534745fb230ec35e1d56bb158fb99b225btree
parentfe864821d504f33f22b3ce2d5599ae95598db721commit | diff
apparmor: convert to profile block critical sections

There are still a few places where profile replacement fails to update
and a stale profile is used for mediation. Fix this by moving to
accessing the current label through a critical section that will
always ensure mediation is using the current label regardless of
whether the tasks cred has been updated or not.

Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/apparmorfs.c diff | blob | blame | history
security/apparmor/context.c diff | blob | blame | history
security/apparmor/domain.c diff | blob | blame | history
security/apparmor/include/context.h diff | blob | blame | history
security/apparmor/lsm.c diff | blob | blame | history
security/apparmor/policy_unpack.c diff | blob | blame | history
security/apparmor/procattr.c diff | blob | blame | history
security/apparmor/resource.c diff | blob | blame | history
ubuntu-bionic-kernel mirror