- fix-complain.diff
Fixes deny rules in complain mode so that they don't reject events
- mount-capability.diff
Allow confined applications to mount and unmount as long as they
have capability sys_admin
- fix-config.diff
Add the missing SECURITY_NETWORK dependency
- fix-security-param.diff
Make apparmor respect the security= parameter
- securit_default.diff
Add a new kernel config option to allow setting the default LSM,
When multiple LSMs are compiled into the kernel this is often
more desirable than taking the first LSM to register
- fork-tracking.diff
Newer kernels have changed the allocation of child pid until after
the security_clone hook. This breaks AppArmor's fork tracking
for processes that enter the null-complain-profile.
To fix this the parent pid is output with every message. A corresponding
update in the tools also must be done.
- fix-d_namespace_path.diff
It is possible that the root.mnt->mnt_ns has been unmounted, resulting
in an oops. In this case just test for it, and if it happens the
ns_root.mnt passed to __d_path will be NULL resulting in a disconnected
path.
- AppArmor-misc-cleanups.diff
Some miscelleanous cleanups from Miklos Szeredi, covering some
kernel coding style and defaults cleanups
- AppArmor-checkpatch.diff
patch from Miklos Szeredi, to cleanup sparse warnings, and other misc
coding style errors.
