John Johansen 3cc2aec68e apparmor: fix nnp subset test for unconfined ... [ Upstream commit 3ed4aaa94f ] The subset test is not taking into account the unconfined exception which will cause profile transitions in the stacked confinement case to fail when no_new_privs is applied. This fixes a regression introduced in the fix for https://bugs.launchpad.net/bugs/1839037 BugLink: https://bugs.launchpad.net/bugs/1844186 Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2020-06-25 15:32:52 +02:00
..
apparmor.h	apparmor: add base infastructure for socket mediation	2018-03-13 17:25:48 -07:00
apparmorfs.h
audit.h	apparmor: Add support for audit rule filtering	2018-06-07 01:50:47 -07:00
capability.h	LSM: generalize flag passing to security_capable	2020-01-23 08:21:29 +01:00
cred.h	apparmor: don't try to replace stale label in ptrace access check	2020-01-27 14:49:55 +01:00
crypto.h
domain.h
file.h
ipc.h
label.h	apparmor: fix nnp subset test for unconfined	2020-06-25 15:32:52 +02:00
lib.h	Rename superblock flags (MS_xyz -> SB_xyz)	2017-11-27 13:05:09 -08:00
match.h	apparmor: improve overlapping domain attachment resolution	2018-02-09 11:30:02 -08:00
mount.h
net.h	apparmor: add base infastructure for socket mediation	2018-03-13 17:25:48 -07:00
path.h	apparmor: improve get_buffers macro by using get_cpu_ptr	2018-06-07 01:49:21 -07:00
perms.h	apparmor: Check buffer bounds when mapping permissions mask	2018-07-19 16:24:43 -07:00
policy_ns.h
policy_unpack.h	apparmor: split load data into management struct and data blob	2018-02-09 11:30:00 -08:00
policy.h	apparmor: fix PROFILE_MEDIATES for untrusted input	2019-06-25 11:35:54 +08:00
procattr.h
resource.h
secid.h	apparmor: fixup secid map conversion to using IDR	2018-06-07 01:50:49 -07:00
sig_names.h	apparmor: audit unknown signal numbers	2018-02-09 11:30:01 -08:00
task.h	apparmor: update domain transitions that are subsets of confinement at nnp	2018-02-09 11:30:01 -08:00