« back to all changes in this revision
Viewing changes to security/apparmor/lsm.c
- Committer: Package Import Robot
- Date: 2012-04-11 14:56:02 UTC
- Revision ID: package-import@ubuntu.com-20120411145602-75ng3xbknr504ecz
[ Paolo Pisati ]
* [Config] Sync fs with master (AUFS, CODA, EXT2, LOGFS and NFS)
* [Config] Sync core subsys with master (ATA and HID)
* [Config] sync ata drivers with master
* [Config] sync input drivers with master
* [Config] Sync HID drivers with master
* [Config] Sync sensors wrt master
* [Config] Sync crypto wrt master
* [Config] Sync dangerous options wrt master
* [Config] Sync Industrial IO wrt master
* [Config] Sync backlight drivers wrt master
* [Config] Sync charger drivers wrt master
* [Config] Sync dvb drivers wrt master
* [Config] Sync pcmcia net drivers wrt master
* [Config] updateconfigs following rebase
* blend upstream hdmi detection code and TI bits
- LP: #963512
* [Config] disable omap4 camera interface
- LP: #924419
* rebased on 3.2.0-23.36
[ Upstream Kernel Changes ]
* coda: compilation fix
[ Ubuntu: 3.2.0-23.36 ]
* tools/hv: add basic Makefile
- LP: #977246
* tools/hv: add basic manual pages
- LP: #977246
* Hyper-V KVP daemon -- add to the tools package
- LP: #977246
* SAUCE: (drop after 3.3) ALSA: HDA: Remove quirk for Gigabyte
GA-H61M-S2PV
- LP: #948360
* d-i: Add dm-mirror and dm-raid to md-modules
- LP: #919281
* [Config] Fix invalid linux-headers link
- LP: #974403
* Remove headers asm symlink entirely
- LP: #974403
* Revert "x86/ioapic: Add register level checks to detect bogus io-apic
entries"
- LP: #974982
* ALSA: HDA: Realtek: Take vmaster dac from multiout dac list
- LP: #974090
* kexec: remove KMSG_DUMP_KEXEC
- LP: #944772
* kmsg_dump: don't run on non-error paths by default
- LP: #944772
* pstore: Introduce get_reason_str() to pstore
- LP: #944772
[ Ubuntu: 3.2.0-22.35 ]
* Revert "SAUCE: hotkey quirks for various Zeptro Znote and Fujitsu Amilo
laptops"
* SAUCE: (no-up) elide some ioctl warnings which are known benign
- LP: #972355
* SAUCE (no-up) Provide a param for allowing the BIOS to handle changing
the brightness on AC/battery status changes.
- LP: #949311
* SAUCE (drop after 3.4) Quirk for enabling backlight hotkeys on Samsung
N150P
- LP: #875893
* SAUCE: PCI: Allow pcie_aspm=force to work even when FADT indicates it
is unsupported
- LP: #962038
* SAUCE: (drop after 3.5) drm/i915: reinstate GM45 TV detection fix
- LP: #638939
* SAUCE: SECCOMP: audit: always report seccomp violations
* SAUCE: SECCOMP: adjust prctl constant
* [Config] Enable CONFIG_USBIP_CORE=m
- LP: #900384
* Rebase to v3.2.14
* [Config] Updateconfigs after rebase to v3.2.14
* d-i: Fix module name for dm-raid45
- LP: #969248
* SAUCE: remove __initdata from vesafb_fix
- LP: #969309
* Revert "sched: tg->se->load should be initialised to tg->shares"
* toshiba_acpi: make one-bit bitfields unsigned
- LP: #810015
* ACPI: EC: Add ec_get_handle()
- LP: #810015
* toshiba_acpi: Support alternate hotkey interfaces
- LP: #810015
* toshiba_acpi: Support additional hotkey scancodes
- LP: #810015
* toshiba_acpi: Refuse to load on machines with buggy INFO
implementations
- LP: #810015
* ata_piix: Add Toshiba Satellite Pro A120 to the quirks list due to
broken suspend functionality.
- LP: #886850
* sweep the floors and convert some .get_drvinfo routines to strlcpy
- LP: #921793
* be2net: init (vf)_if_handle/vf_pmac_id to handle failure scenarios
- LP: #921793
* be2net: stop checking the UE registers after an EEH error
- LP: #921793
* be2net: don't log more than one error on detecting EEH/UE errors
- LP: #921793
* be2net: stop issuing FW cmds if any cmd times out
- LP: #921793
* be2net: Fix TX queue create for Lancer
- LP: #921793
* be2net: add register dump feature for Lancer
- LP: #921793
* be2net: Add EEPROM dump feature for Lancer
- LP: #921793
* be2net: Fix VLAN promiscous mode for Lancer
- LP: #921793
* be2net: Use V1 query link status command for lancer
- LP: #921793
* be2net: Move to new SR-IOV implementation in Lancer
- LP: #921793
* be2net: Fix error recovery paths
- LP: #921793
* be2net: Add error handling for Lancer
- LP: #921793
* be2net: Use new hash key
- LP: #921793
* be2net: Fix non utilization of RX queues
- LP: #921793
* be2net: netpoll support
- LP: #921793
* be2net: update some counters to display via ethtool
- LP: #921793
* be2net: workaround to fix a bug in BE
- LP: #921793
* be2net: fix ethtool ringparam reporting
- LP: #921793
* be2net: refactor/cleanup vf configuration code
- LP: #921793
* be2net: Add support for Skyhawk cards
- LP: #921793
* be2net: Fix INTx processing for Lancer
- LP: #921793
* be2net: fix range check for set_qos for a VF
- LP: #921793
* be2net: query link status in be_open()
- LP: #921793
* netdev: make net_device_ops const
- LP: #921793
* be2net: create RSS rings even in multi-channel configs
- LP: #921793
* ethtool: Null-terminate filename passed to ethtool_ops::flash_device
- LP: #921793
* sched: Fix nohz load accounting
- LP: #838811
* ACPICA: Fix regression in FADT revision checks
- LP: #883441
* asus-wmi: move WAPF variable into quirks_entry
- LP: #969576
* eeepc-wmi: refine quirks handling
- LP: #969576
* drm/i915: Sanitize BIOS debugging bits from PIPECONF
- LP: #968307
* drivers: hv: Get rid of some unnecessary code
* drivers: hv: kvp: Add/cleanup connector defines
* drivers: hv: kvp: Move the contents of hv_kvp.h to hyperv.h
* net/hyperv: Convert camel cased variables in rndis_filter.c to lower
cases
* net/hyperv: Correct the assignment in netvsc_recv_callback()
* net/hyperv: Remove the unnecessary memset in rndis_filter_send()
* tools: hv: Use hyperv.h to get the KVP definitions
* drivers: hv: Cleanup the kvp related state in hyperv.h
* drivers: hv: kvp: Cleanup the kernel/user protocol
* drivers: hv: Increase the number of VCPUs supported in the guest
* net/hyperv: Fix data corruption in rndis_filter_receive()
* net/hyperv: Add support for vlan trunking from guests
* Drivers: hv: Add new message types to enhance KVP
* net/hyperv: fix erroneous NETDEV_TX_BUSY use
* NLS: improve UTF8 -> UTF16 string conversion routine
* Drivers: hv: Support the newly introduced KVP messages in the driver
* Tools: hv: Fully support the new KVP verbs in the user level daemon
* Tools: hv: Support enumeration from all the pools
* Drivers: scsi: storvsc: Properly handle errors from the host
* net: mv643xx_eth: fix build error
- LP: #921793
* rebase to v3.2.14
[ Ubuntu: 3.2.0-21.34 ]
* SAUCE: (drop after 3.4) asus-wmi: add scalar board brightness adj.
support
- LP: #961879
* SAUCE: (drop after 3.4) asus-wmi: store backlight power status for AIO
machine
- LP: #961880
* [Config]: enable CONFIG_DRM_LOAD_EDID_FIRMWARE
* SAUCE: AppArmor: Add the ability to mediate mount
* SAUCE: AppArmor: Add profile introspection file to interface
* SAUCE: AppArmor: basic networking rules
* SAUCE: Update aufs for build failure caused by apparmor backport
* SAUCE: AppArmor: Fix change_onexec when called from a confined task
- LP: #963756
* Revert "SAUCE: (drop after 3.3) platform/x86: Add driver for Apple gmux
device"
* Rebase to v3.2.13
* d-i: Fix iwl3945 driver name typo in nic-modules
* d-i: Add missing iwl* drivers to nic-modules
- LP: #965116
* d-i: Remove obsolete bcm43xx* drivers from nic-modules
* d-i: Add brcm*mac drivers to nic-modules
* SAUCE: (drop after 3.3) apple_bl: Add register/unregister functions
* SAUCE: (drop after 3.3) platform/x86: Add driver for Apple gmux device
* Add isci to debian scsi-modules udeb
- LP: #963306
* SAUCE: fsam7400: use UMH_WAIT_PROC consistently
- LP: #963685
* SAUCE: disable_nx should not be in __cpuinitdata section for X86_32
- LP: #968233
* Bluetooth: Adding USB device 13d3:3375 as an Atheros AR3012.
- LP: #916319
* x86: Report cpb and eff_freq_ro flags correctly
- LP: #960461
* x86/amd: Add missing feature flag for fam15h models 10h-1fh processors
- LP: #960461
* KVM: Move cpuid code to new file
- LP: #960466
* KVM: expose latest Intel cpu new features (BMI1/BMI2/FMA/AVX2) to guest
- LP: #960466
* apparmor: add missing rcu_dereference()
* apparmor: fix module parameter handling
* btrfs, nfs, apparmor: don't pull mnt_namespace.h for no reason...
* switch security_path_chmod() to umode_t
* switch securityfs_create_file() to umode_t
* switch ->path_mkdir() to umode_t
* switch ->path_mknod() to umode_t
* capabilities: remove the task from capable LSM hook entirely
* switch security_path_chmod() to struct path *
* AppArmor: refactor securityfs to use structures
* AppArmor: add initial "features" directory to securityfs
* AppArmor: add "file" details to securityfs
* AppArmor: export known rlimit names/value mappings in securityfs
* AppArmor: Add mising end of structure test to caps unpacking
* AppArmor: Fix dropping of allowed operations that are force audited
* AppArmor: Fix underflow in xindex calculation
* AppArmor: fix mapping of META_READ to audit and quiet flags
* AppArmor: Fix the error case for chroot relative path name lookup
* AppArmor: Fix error returned when a path lookup is disconnected
* AppArmor: Fix oops in policy unpack auditing
* AppArmor: Add const qualifiers to generated string tables
* AppArmor: Retrieve the dentry_path for error reporting when path lookup
fails
* AppArmor: Minor cleanup of d_namespace_path to consolidate error
handling
* AppArmor: Update dfa matching routines.
* AppArmor: Move path failure information into aa_get_name and rename
* AppArmor: Add ability to load extended policy
* AppArmor: add const qualifiers to string arrays
* AppArmor: Fix location of const qualifier on generated string tables
* drm: allow loading an EDID as firmware to override broken monitor
* usermodehelper: use UMH_WAIT_PROC consistently
- LP: #963685
* usermodehelper: introduce umh_complete(sub_info)
- LP: #963685
* usermodehelper: implement UMH_KILLABLE
- LP: #963685
* usermodehelper: kill umh_wait, renumber UMH_* constants
- LP: #963685
* usermodehelper: ____call_usermodehelper() doesn't need do_exit()
- LP: #963685
* kmod: introduce call_modprobe() helper
- LP: #963685
* kmod: make __request_module() killable
- LP: #963685
* x86, tsc: Fix SMI induced variation in quick_pit_calibrate()
- LP: #965586
* drm/i915: Ignore LVDS on hp t5745 and hp st5747 thin client
- LP: #911916, #911920
* drm/i915: Add Clientron E830 to the ignore LVDS list
- LP: #907055
* rebase to v3.2.13
[ Ubuntu: 3.2.0-20.33 ]
* (pre-stable) ASPM: Fix pcie devices with non-pcie children
- LP: #961482
[ Ubuntu: 3.2.0-20.32 ]
* SAUCE: SECCOMP: Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from
granting privs
* SAUCE: SECCOMP: Fix apparmor for PR_{GET,SET}_NO_NEW_PRIVS
* SAUCE: SECCOMP: seccomp: remove duplicated failure logging
* [Config] SECCOMP_FILTER=y
* seccomp: audit abnormal end to a process due to seccomp
* SAUCE: SECCOMP: sk_run_filter: add BPF_S_ANC_SECCOMP_LD_W
* SAUCE: SECCOMP: net/compat.c,linux/filter.h: share compat_sock_fprog
* SAUCE: SECCOMP: seccomp: kill the seccomp_t typedef
* SAUCE: SECCOMP: arch/x86: add syscall_get_arch to syscall.h
* SAUCE: SECCOMP: asm/syscall.h: add syscall_get_arch
* SAUCE: SECCOMP: seccomp: add system call filtering using BPF
* SAUCE: SECCOMP: seccomp: add SECCOMP_RET_ERRNO
* SAUCE: SECCOMP: signal, x86: add SIGSYS info and make it synchronous.
* SAUCE: SECCOMP: seccomp: Add SECCOMP_RET_TRAP
* SAUCE: SECCOMP: ptrace,seccomp: Add PTRACE_SECCOMP support
* SAUCE: SECCOMP: x86: Enable HAVE_ARCH_SECCOMP_FILTER
* SAUCE: SECCOMP: Documentation: prctl/seccomp_filter
[ Ubuntu: 3.2.0-19.31 ]
* d-i: Add dm-multipath and scsi device handlers
- LP: #959749
* d-i: Move multipath modules into their own udeb
- LP: #598251, #959749
* [Config] Auto-detect do_tools setting
* [Config] correctly specify CROSS_COMPILE for tools build
* [Config] CONFIG_DRM_PSB_CDV=n
* Rebase to v3.2.12
* powerpc/pmac: Fix SMP kernels on pre-core99 UP machines
- LP: #959959
* rebase to v3.2.12
[ Ubuntu: 3.2.0-19.30 ]
* [Config] Fix typeo in the Hyper-V module names
* [Config] Move kernels to "Section: kernel"
- LP: #499557
* SAUCE: AppArmor: Add ability to load extended policy
* SAUCE: AppArmor: Add the ability to mediate mount
* SAUCE: AppArmor: Add profile introspection file to interface
* SAUCE: AppArmor: basic networking rules
* [Config] Disable CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER
- LP: #952035
* Rebase to v3.2.10
* [Config] Update configs after rebase to v3.2.10
* Rebase to v3.2.11
* [Config] Disable CONFIG_STUB_POULSBO
- LP: #899244
* [Config] Add CONFIG_DRM_PSB check to enforcer
- LP: #899244
* [Config] Drop non-SMP powerpc
* net/hyperv: Use the built-in macro KBUILD_MODNAME for this driver
* x86: Derandom delay_tsc for 64 bit
* Bluetooth: Fix l2cap conn failures for ssp devices
- LP: #872044
* KVM: x86: extend "struct x86_emulate_ops" with "get_cpuid"
- LP: #917842
- CVE-2012-0045
* KVM: x86: fix missing checks in syscall emulation
- LP: #917842
- CVE-2012-0045
* rebase to v3.2.11
* rebase to v3.2.10
* [Config] Sync fs with master (AUFS, CODA, EXT2, LOGFS and NFS)
* [Config] Sync core subsys with master (ATA and HID)
* [Config] sync ata drivers with master
* [Config] sync input drivers with master
* [Config] Sync HID drivers with master
* [Config] Sync sensors wrt master
* [Config] Sync crypto wrt master
* [Config] Sync dangerous options wrt master
* [Config] Sync Industrial IO wrt master
* [Config] Sync backlight drivers wrt master
* [Config] Sync charger drivers wrt master
* [Config] Sync dvb drivers wrt master
* [Config] Sync pcmcia net drivers wrt master
* [Config] updateconfigs following rebase
* blend upstream hdmi detection code and TI bits
- LP: #963512
* [Config] disable omap4 camera interface
- LP: #924419
* rebased on 3.2.0-23.36
[ Upstream Kernel Changes ]
* coda: compilation fix
[ Ubuntu: 3.2.0-23.36 ]
* tools/hv: add basic Makefile
- LP: #977246
* tools/hv: add basic manual pages
- LP: #977246
* Hyper-V KVP daemon -- add to the tools package
- LP: #977246
* SAUCE: (drop after 3.3) ALSA: HDA: Remove quirk for Gigabyte
GA-H61M-S2PV
- LP: #948360
* d-i: Add dm-mirror and dm-raid to md-modules
- LP: #919281
* [Config] Fix invalid linux-headers link
- LP: #974403
* Remove headers asm symlink entirely
- LP: #974403
* Revert "x86/ioapic: Add register level checks to detect bogus io-apic
entries"
- LP: #974982
* ALSA: HDA: Realtek: Take vmaster dac from multiout dac list
- LP: #974090
* kexec: remove KMSG_DUMP_KEXEC
- LP: #944772
* kmsg_dump: don't run on non-error paths by default
- LP: #944772
* pstore: Introduce get_reason_str() to pstore
- LP: #944772
[ Ubuntu: 3.2.0-22.35 ]
* Revert "SAUCE: hotkey quirks for various Zeptro Znote and Fujitsu Amilo
laptops"
* SAUCE: (no-up) elide some ioctl warnings which are known benign
- LP: #972355
* SAUCE (no-up) Provide a param for allowing the BIOS to handle changing
the brightness on AC/battery status changes.
- LP: #949311
* SAUCE (drop after 3.4) Quirk for enabling backlight hotkeys on Samsung
N150P
- LP: #875893
* SAUCE: PCI: Allow pcie_aspm=force to work even when FADT indicates it
is unsupported
- LP: #962038
* SAUCE: (drop after 3.5) drm/i915: reinstate GM45 TV detection fix
- LP: #638939
* SAUCE: SECCOMP: audit: always report seccomp violations
* SAUCE: SECCOMP: adjust prctl constant
* [Config] Enable CONFIG_USBIP_CORE=m
- LP: #900384
* Rebase to v3.2.14
* [Config] Updateconfigs after rebase to v3.2.14
* d-i: Fix module name for dm-raid45
- LP: #969248
* SAUCE: remove __initdata from vesafb_fix
- LP: #969309
* Revert "sched: tg->se->load should be initialised to tg->shares"
* toshiba_acpi: make one-bit bitfields unsigned
- LP: #810015
* ACPI: EC: Add ec_get_handle()
- LP: #810015
* toshiba_acpi: Support alternate hotkey interfaces
- LP: #810015
* toshiba_acpi: Support additional hotkey scancodes
- LP: #810015
* toshiba_acpi: Refuse to load on machines with buggy INFO
implementations
- LP: #810015
* ata_piix: Add Toshiba Satellite Pro A120 to the quirks list due to
broken suspend functionality.
- LP: #886850
* sweep the floors and convert some .get_drvinfo routines to strlcpy
- LP: #921793
* be2net: init (vf)_if_handle/vf_pmac_id to handle failure scenarios
- LP: #921793
* be2net: stop checking the UE registers after an EEH error
- LP: #921793
* be2net: don't log more than one error on detecting EEH/UE errors
- LP: #921793
* be2net: stop issuing FW cmds if any cmd times out
- LP: #921793
* be2net: Fix TX queue create for Lancer
- LP: #921793
* be2net: add register dump feature for Lancer
- LP: #921793
* be2net: Add EEPROM dump feature for Lancer
- LP: #921793
* be2net: Fix VLAN promiscous mode for Lancer
- LP: #921793
* be2net: Use V1 query link status command for lancer
- LP: #921793
* be2net: Move to new SR-IOV implementation in Lancer
- LP: #921793
* be2net: Fix error recovery paths
- LP: #921793
* be2net: Add error handling for Lancer
- LP: #921793
* be2net: Use new hash key
- LP: #921793
* be2net: Fix non utilization of RX queues
- LP: #921793
* be2net: netpoll support
- LP: #921793
* be2net: update some counters to display via ethtool
- LP: #921793
* be2net: workaround to fix a bug in BE
- LP: #921793
* be2net: fix ethtool ringparam reporting
- LP: #921793
* be2net: refactor/cleanup vf configuration code
- LP: #921793
* be2net: Add support for Skyhawk cards
- LP: #921793
* be2net: Fix INTx processing for Lancer
- LP: #921793
* be2net: fix range check for set_qos for a VF
- LP: #921793
* be2net: query link status in be_open()
- LP: #921793
* netdev: make net_device_ops const
- LP: #921793
* be2net: create RSS rings even in multi-channel configs
- LP: #921793
* ethtool: Null-terminate filename passed to ethtool_ops::flash_device
- LP: #921793
* sched: Fix nohz load accounting
- LP: #838811
* ACPICA: Fix regression in FADT revision checks
- LP: #883441
* asus-wmi: move WAPF variable into quirks_entry
- LP: #969576
* eeepc-wmi: refine quirks handling
- LP: #969576
* drm/i915: Sanitize BIOS debugging bits from PIPECONF
- LP: #968307
* drivers: hv: Get rid of some unnecessary code
* drivers: hv: kvp: Add/cleanup connector defines
* drivers: hv: kvp: Move the contents of hv_kvp.h to hyperv.h
* net/hyperv: Convert camel cased variables in rndis_filter.c to lower
cases
* net/hyperv: Correct the assignment in netvsc_recv_callback()
* net/hyperv: Remove the unnecessary memset in rndis_filter_send()
* tools: hv: Use hyperv.h to get the KVP definitions
* drivers: hv: Cleanup the kvp related state in hyperv.h
* drivers: hv: kvp: Cleanup the kernel/user protocol
* drivers: hv: Increase the number of VCPUs supported in the guest
* net/hyperv: Fix data corruption in rndis_filter_receive()
* net/hyperv: Add support for vlan trunking from guests
* Drivers: hv: Add new message types to enhance KVP
* net/hyperv: fix erroneous NETDEV_TX_BUSY use
* NLS: improve UTF8 -> UTF16 string conversion routine
* Drivers: hv: Support the newly introduced KVP messages in the driver
* Tools: hv: Fully support the new KVP verbs in the user level daemon
* Tools: hv: Support enumeration from all the pools
* Drivers: scsi: storvsc: Properly handle errors from the host
* net: mv643xx_eth: fix build error
- LP: #921793
* rebase to v3.2.14
[ Ubuntu: 3.2.0-21.34 ]
* SAUCE: (drop after 3.4) asus-wmi: add scalar board brightness adj.
support
- LP: #961879
* SAUCE: (drop after 3.4) asus-wmi: store backlight power status for AIO
machine
- LP: #961880
* [Config]: enable CONFIG_DRM_LOAD_EDID_FIRMWARE
* SAUCE: AppArmor: Add the ability to mediate mount
* SAUCE: AppArmor: Add profile introspection file to interface
* SAUCE: AppArmor: basic networking rules
* SAUCE: Update aufs for build failure caused by apparmor backport
* SAUCE: AppArmor: Fix change_onexec when called from a confined task
- LP: #963756
* Revert "SAUCE: (drop after 3.3) platform/x86: Add driver for Apple gmux
device"
* Rebase to v3.2.13
* d-i: Fix iwl3945 driver name typo in nic-modules
* d-i: Add missing iwl* drivers to nic-modules
- LP: #965116
* d-i: Remove obsolete bcm43xx* drivers from nic-modules
* d-i: Add brcm*mac drivers to nic-modules
* SAUCE: (drop after 3.3) apple_bl: Add register/unregister functions
* SAUCE: (drop after 3.3) platform/x86: Add driver for Apple gmux device
* Add isci to debian scsi-modules udeb
- LP: #963306
* SAUCE: fsam7400: use UMH_WAIT_PROC consistently
- LP: #963685
* SAUCE: disable_nx should not be in __cpuinitdata section for X86_32
- LP: #968233
* Bluetooth: Adding USB device 13d3:3375 as an Atheros AR3012.
- LP: #916319
* x86: Report cpb and eff_freq_ro flags correctly
- LP: #960461
* x86/amd: Add missing feature flag for fam15h models 10h-1fh processors
- LP: #960461
* KVM: Move cpuid code to new file
- LP: #960466
* KVM: expose latest Intel cpu new features (BMI1/BMI2/FMA/AVX2) to guest
- LP: #960466
* apparmor: add missing rcu_dereference()
* apparmor: fix module parameter handling
* btrfs, nfs, apparmor: don't pull mnt_namespace.h for no reason...
* switch security_path_chmod() to umode_t
* switch securityfs_create_file() to umode_t
* switch ->path_mkdir() to umode_t
* switch ->path_mknod() to umode_t
* capabilities: remove the task from capable LSM hook entirely
* switch security_path_chmod() to struct path *
* AppArmor: refactor securityfs to use structures
* AppArmor: add initial "features" directory to securityfs
* AppArmor: add "file" details to securityfs
* AppArmor: export known rlimit names/value mappings in securityfs
* AppArmor: Add mising end of structure test to caps unpacking
* AppArmor: Fix dropping of allowed operations that are force audited
* AppArmor: Fix underflow in xindex calculation
* AppArmor: fix mapping of META_READ to audit and quiet flags
* AppArmor: Fix the error case for chroot relative path name lookup
* AppArmor: Fix error returned when a path lookup is disconnected
* AppArmor: Fix oops in policy unpack auditing
* AppArmor: Add const qualifiers to generated string tables
* AppArmor: Retrieve the dentry_path for error reporting when path lookup
fails
* AppArmor: Minor cleanup of d_namespace_path to consolidate error
handling
* AppArmor: Update dfa matching routines.
* AppArmor: Move path failure information into aa_get_name and rename
* AppArmor: Add ability to load extended policy
* AppArmor: add const qualifiers to string arrays
* AppArmor: Fix location of const qualifier on generated string tables
* drm: allow loading an EDID as firmware to override broken monitor
* usermodehelper: use UMH_WAIT_PROC consistently
- LP: #963685
* usermodehelper: introduce umh_complete(sub_info)
- LP: #963685
* usermodehelper: implement UMH_KILLABLE
- LP: #963685
* usermodehelper: kill umh_wait, renumber UMH_* constants
- LP: #963685
* usermodehelper: ____call_usermodehelper() doesn't need do_exit()
- LP: #963685
* kmod: introduce call_modprobe() helper
- LP: #963685
* kmod: make __request_module() killable
- LP: #963685
* x86, tsc: Fix SMI induced variation in quick_pit_calibrate()
- LP: #965586
* drm/i915: Ignore LVDS on hp t5745 and hp st5747 thin client
- LP: #911916, #911920
* drm/i915: Add Clientron E830 to the ignore LVDS list
- LP: #907055
* rebase to v3.2.13
[ Ubuntu: 3.2.0-20.33 ]
* (pre-stable) ASPM: Fix pcie devices with non-pcie children
- LP: #961482
[ Ubuntu: 3.2.0-20.32 ]
* SAUCE: SECCOMP: Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from
granting privs
* SAUCE: SECCOMP: Fix apparmor for PR_{GET,SET}_NO_NEW_PRIVS
* SAUCE: SECCOMP: seccomp: remove duplicated failure logging
* [Config] SECCOMP_FILTER=y
* seccomp: audit abnormal end to a process due to seccomp
* SAUCE: SECCOMP: sk_run_filter: add BPF_S_ANC_SECCOMP_LD_W
* SAUCE: SECCOMP: net/compat.c,linux/filter.h: share compat_sock_fprog
* SAUCE: SECCOMP: seccomp: kill the seccomp_t typedef
* SAUCE: SECCOMP: arch/x86: add syscall_get_arch to syscall.h
* SAUCE: SECCOMP: asm/syscall.h: add syscall_get_arch
* SAUCE: SECCOMP: seccomp: add system call filtering using BPF
* SAUCE: SECCOMP: seccomp: add SECCOMP_RET_ERRNO
* SAUCE: SECCOMP: signal, x86: add SIGSYS info and make it synchronous.
* SAUCE: SECCOMP: seccomp: Add SECCOMP_RET_TRAP
* SAUCE: SECCOMP: ptrace,seccomp: Add PTRACE_SECCOMP support
* SAUCE: SECCOMP: x86: Enable HAVE_ARCH_SECCOMP_FILTER
* SAUCE: SECCOMP: Documentation: prctl/seccomp_filter
[ Ubuntu: 3.2.0-19.31 ]
* d-i: Add dm-multipath and scsi device handlers
- LP: #959749
* d-i: Move multipath modules into their own udeb
- LP: #598251, #959749
* [Config] Auto-detect do_tools setting
* [Config] correctly specify CROSS_COMPILE for tools build
* [Config] CONFIG_DRM_PSB_CDV=n
* Rebase to v3.2.12
* powerpc/pmac: Fix SMP kernels on pre-core99 UP machines
- LP: #959959
* rebase to v3.2.12
[ Ubuntu: 3.2.0-19.30 ]
* [Config] Fix typeo in the Hyper-V module names
* [Config] Move kernels to "Section: kernel"
- LP: #499557
* SAUCE: AppArmor: Add ability to load extended policy
* SAUCE: AppArmor: Add the ability to mediate mount
* SAUCE: AppArmor: Add profile introspection file to interface
* SAUCE: AppArmor: basic networking rules
* [Config] Disable CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER
- LP: #952035
* Rebase to v3.2.10
* [Config] Update configs after rebase to v3.2.10
* Rebase to v3.2.11
* [Config] Disable CONFIG_STUB_POULSBO
- LP: #899244
* [Config] Add CONFIG_DRM_PSB check to enforcer
- LP: #899244
* [Config] Drop non-SMP powerpc
* net/hyperv: Use the built-in macro KBUILD_MODNAME for this driver
* x86: Derandom delay_tsc for 64 bit
* Bluetooth: Fix l2cap conn failures for ssp devices
- LP: #872044
* KVM: x86: extend "struct x86_emulate_ops" with "get_cpuid"
- LP: #917842
- CVE-2012-0045
* KVM: x86: fix missing checks in syscall emulation
- LP: #917842
- CVE-2012-0045
* rebase to v3.2.11
* rebase to v3.2.10
- files added:
- Documentation/EDID
- debian.master/abi/3.2.0-22.35
- debian.master/abi/3.2.0-22.35/amd64
- debian.master/abi/3.2.0-22.35/armel
- debian.master/abi/3.2.0-22.35/armhf
- debian.master/abi/3.2.0-22.35/i386
- debian.master/abi/3.2.0-22.35/powerpc
- debian.ti-omap4/abi/3.2.0-1411.14
- debian.ti-omap4/abi/3.2.0-1411.14/armel
- debian.ti-omap4/abi/3.2.0-1411.14/armhf
- samples/seccomp
- files removed:
- debian.master/abi/3.2.0-18.28
- debian.master/abi/3.2.0-18.28/amd64
- debian.master/abi/3.2.0-18.28/armel
- debian.master/abi/3.2.0-18.28/armhf
- debian.master/abi/3.2.0-18.28/i386
- debian.master/abi/3.2.0-18.28/powerpc
- debian.ti-omap4/abi/3.2.0-1410.13
- debian.ti-omap4/abi/3.2.0-1410.13/armel
- debian.ti-omap4/abi/3.2.0-1410.13/armhf
- files modified:
- Documentation/hwmon/jc42
added
removed
security/apparmor/lsm.c
