mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2026-03-03 18:28:01 +01:00
219d7660c5
Pull AppArmor updates from John Johansen: "Features: - add .kunitconfig - audit execpath in userns mediation - add support loading per permission tagging Cleanups: - remove unused percpu critical sections in buffer management - document the buffer hold, add an overflow guard - split xxx_in_ns into its two separate semantic use cases - remove apply_modes_to_perms from label_match - refactor/cleanup cred helper fns. - guard against free attachment/data routines being called with NULL - drop in_atomic flag in common_mmap, common_file_perm, and cleanup - make str table more generic and be able to have multiple entries - Replace deprecated strcpy with memcpy in gen_symlink_name - Replace deprecated strcpy in d_namespace_path - Replace sprintf/strcpy with scnprintf/strscpy in aa_policy_init - replace sprintf with snprintf in aa_new_learning_profile Bug Fixes: - fix cast in format string DEBUG statement - fix make aa_labelmatch return consistent - fix fmt string type error in process_strs_entry - fix kernel-doc comments for inview - fix invalid deref of rawdata when export_binary is unset - avoid per-cpu hold underflow in aa_get_buffer - fix fast path cache check for unix sockets - fix rlimit for posix cpu timers - fix label and profile debug macros - move check for aa_null file to cover all cases - return -ENOMEM in unpack_perms_table upon alloc failure - fix boolean argument in apparmor_mmap_file - Fix & Optimize table creation from possibly unaligned memory - Allow apparmor to handle unaligned dfa tables - fix NULL deref in aa_sock_file_perm - fix NULL pointer dereference in __unix_needs_revalidation - fix signedness bug in unpack_tags()" * tag 'apparmor-pr-2026-02-18' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: (34 commits) apparmor: fix signedness bug in unpack_tags() apparmor: fix cast in format string DEBUG statement apparmor: fix aa_label to return state from compount and component match apparmor: fix fmt string type error in process_strs_entry apparmor: fix kernel-doc comments for inview apparmor: fix invalid deref of rawdata when export_binary is unset apparmor: add .kunitconfig apparmor: cleanup remove unused percpu critical sections in buffer management apparmor: document the buffer hold, add an overflow guard apparmor: avoid per-cpu hold underflow in aa_get_buffer apparmor: split xxx_in_ns into its two separate semantic use cases apparmor: make label_match return a consistent value apparmor: remove apply_modes_to_perms from label_match apparmor: fix fast path cache check for unix sockets apparmor: fix rlimit for posix cpu timers apparmor: refactor/cleanup cred helper fns. apparmor: fix label and profile debug macros apparmor: move check for aa_null file to cover all cases apparmor: guard against free routines being called with a NULL apparmor: return -ENOMEM in unpack_perms_table upon alloc failure ...