[PATCH] apparmor: fix changehat not finding hat after policy replacement

From: John Johansen
Date: Fri Nov 18 2016 - 11:12:15 EST

Next message: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd"
Previous message: Alexander Duyck: "Re: [mm PATCH v3 00/23] Add support for DMA writable pages being writable by the network stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi James,

This is a fix for a policy replacement bug that is fairly serious for
apache mod_apparmor users, as it results in the wrong policy being
applied on an network facing service.

can you please pull and pushup for 4.9

It has been rebased against current 4.9, you can either grab the patch
included below or do a pull from

The following changes since commit 623898671c8eb05639e746e6d84cffa281616438:

Merge branch 'for-linus' of git://git.kernel.dk/linux-block (2016-11-17 13:59:39 -0800)

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor fix-change_hat

for you to fetch changes up to 4bc60a7f780acb6eb5b71360ab04e29ecd282bda:

apparmor: fix change_hat not finding hat after policy replacement (2016-11-18 07:07:10 -0800)

----------------------------------------------------------------
John Johansen (1):
apparmor: fix change_hat not finding hat after policy replacement

security/apparmor/domain.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

---

Next message: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd"
Previous message: Alexander Duyck: "Re: [mm PATCH v3 00/23] Add support for DMA writable pages being writable by the network stack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]