korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-27 14:14:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,235,472 Commits 113 Branches 5,292 Tags 3.5 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
8026e40608
Go to file
John Johansen 8026e40608 apparmor: Fix move_mount mediation by detecting if source is detached 
Prevent move_mount from applying the attach_disconnected flag
to move_mount(). This prevents detached mounts from appearing
as / when applying mount mediation, which is not only incorrect
but could result in bad policy being generated.

Basic mount rules like
  allow mount,
  allow mount options=(move) -> /target/,

will allow detached mounts, allowing older policy to continue
to function. New policy gains the ability to specify `detached` as
a source option
  allow mount detached -> /target/,

In addition make sure support of move_mount is advertised as
a feature to userspace so that applications that generate policy
can respond to the addition.

Note: this fixes mediation of move_mount when a detached mount is used,
      it does not fix the broader regression of apparmor mediation of
      mounts under the new mount api.

Link: https://lore.kernel.org/all/68c166b8-5b4d-4612-8042-1dee3334385b@leemhuis.info/T/#mb35fdde37f999f08f0b02d58dc1bf4e6b65b8da2
Fixes: 157a3537d6 ("apparmor: Fix regression in mount mediation")
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2024-01-03 12:10:29 -08:00
arch 11 hotfixes. 7 are cc:stable and the other 4 address post-6.6 issues or 2023-12-27 16:14:41 -08:00
block block-6.7-2023-12-29 2023-12-29 11:41:40 -08:00
certs This update includes the following changes: 2023-11-02 16:15:30 -10:00
crypto This push fixes a regression in ahash and hides the Kconfig sub-options for the jitter RNG. 2023-11-09 17:04:58 -08:00
Documentation Char/Misc driver fixes for 6.7-rc7 2023-12-23 11:29:12 -08:00
drivers platform-drivers-x86 for v6.7-6 2023-12-29 11:50:47 -08:00
fs tracing fixes for v6.7-rc7: 2023-12-30 11:37:35 -08:00
include locking/osq_lock: Move the definition of optimistic_spin_node into osq_lock.c 2023-12-30 10:25:51 -08:00
init As usual, lots of singleton and doubleton patches all over the tree and 2023-11-02 20:53:31 -10:00
io_uring io_uring/cmd: fix breakage in SOCKET_URING_OP_SIOC* implementation 2023-12-14 16:52:13 -07:00
ipc Many singleton patches against the MM code. The patch series which are 2023-11-02 19:38:47 -10:00
kernel tracing fixes for v6.7-rc7: 2023-12-30 11:37:35 -08:00
lib 11 hotfixes. 7 are cc:stable and the other 4 address post-6.6 issues or 2023-12-27 16:14:41 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm mm/memory-failure: cast index to loff_t before shifting it 2023-12-20 13:46:20 -08:00
net keys, dns: Fix missing size check of V1 server-list header 2023-12-26 13:15:49 -08:00
rust Kbuild updates for v6.7 2023-11-04 08:07:19 -10:00
samples Landlock updates for v6.7-rc1 2023-11-03 09:28:53 -10:00
scripts get_maintainer: remove stray punctuation when cleaning file emails 2023-12-31 10:57:42 -08:00
security apparmor: Fix move_mount mediation by detecting if source is detached 2024-01-03 12:10:29 -08:00
sound ALSA: hda: cs35l41: Only add SPI CS GPIO if SPI is enabled in kernel 2023-12-21 09:24:01 +01:00
tools 11 hotfixes. 7 are cc:stable and the other 4 address post-6.6 issues or 2023-12-27 16:14:41 -08:00
usr arch: Remove Itanium (IA-64) architecture 2023-09-11 08:13:17 +00:00
virt KVM/arm64 fixes for 6.7, part #2 2023-12-22 18:03:54 -05:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: rpm-pkg: generate kernel.spec in rpmbuild/SPECS/ 2023-10-03 20:49:09 +09:00
.mailmap 11 hotfixes. 7 are cc:stable and the other 4 address post-6.6 issues or 2023-12-27 16:14:41 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: drop Antti Palosaari 2023-12-06 16:12:49 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS gpio fixes for v6.7-rc8 2023-12-29 11:57:26 -08:00
Makefile Linux 6.7-rc8 2023-12-31 12:51:25 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.