[pkg-apparmor] Bug#883703: apparmor: Feature pinning breaks mount
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 8 19:40:50 UTC 2018
Hi
On Mon, Jan 08, 2018 at 01:46:54AM -0800, John Johansen wrote:
> On 01/06/2018 07:50 AM, intrigeri wrote:
> > Hi John,
> >
> > John Johansen:
> >> Attached is the patch for the kernel that is currently in testing
> >
> >> From 1aa96ec6d0fce613e06fa4d073c8cf3e183989da Mon Sep 17 00:00:00 2001
> >> From: John Johansen <john.johansen at canonical.com>
> >> Date: Thu, 7 Dec 2017 00:28:27 -0800
> >> Subject: [PATCH] apparmor: fix regression in mount mediation when feature set
> >> is pinned
> >> MIME-Version: 1.0
> >> Content-Type: text/plain; charset=UTF-8
> >> Content-Transfer-Encoding: 8bit
> >
> >> When the mount code was refactored for Labels it was not correctly
> >> updated to check whether policy supported mediation of the mount
> >> class. This causes a regression when the kernel feature set is
> >> reported as supporting mount and policy is pinned to a feature set
> >> that does not support mount mediation.
> >
> > What's the status of this patch?
> >
> it is in 4.15-rc7, and has started working its way into the 4.14 stable
> tree, I expect it will be in the 4.14.13 stable release.
FTR, for 4.15-rc7: https://git.kernel.org/linus/5b9f57cf47b87f07210875d6a24776b4496b818d
Salvatore
More information about the pkg-apparmor-team
mailing list