From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu, 11 Nov 2021 22:47:32 +0000 (-0800)
Subject: Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git... 
X-Git-Tag: v5.16-rc1~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5593a733f968521444df84902901902233c17d8f;p=thirdparty%2Fkernel%2Flinux.git

Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

Pull apparmor updates from John Johansen:
 "Features
   - use per file locks for transactional queries
   - update policy management capability checks to work with LSM stacking

  Bug Fixes:
   - check/put label on apparmor_sk_clone_security()
   - fix error check on update of label hname
   - fix introspection of of task mode for unconfined tasks

  Cleanups:
   - avoid -Wempty-body warning
   - remove duplicated 'Returns:' comments
   - fix doc warning
   - remove unneeded one-line hook wrappers
   - use struct_size() helper in kzalloc()
   - fix zero-length compiler warning in AA_BUG()
   - file.h: delete duplicated word
   - delete repeated words in comments
   - remove repeated declaration"

* tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor: remove duplicated 'Returns:' comments
  apparmor: remove unneeded one-line hook wrappers
  apparmor: Use struct_size() helper in kzalloc()
  apparmor: fix zero-length compiler warning in AA_BUG()
  apparmor: use per file locks for transactional queries
  apparmor: fix doc warning
  apparmor: Remove the repeated declaration
  apparmor: avoid -Wempty-body warning
  apparmor: Fix internal policy capable check for policy management
  apparmor: fix error check
  security: apparmor: delete repeated words in comments
  security: apparmor: file.h: delete duplicated word
  apparmor: switch to apparmor to internal capable check for policy management
  apparmor: update policy capable checks to use a label
  apparmor: fix introspection of of task mode for unconfined tasks
  apparmor: check/put label on apparmor_sk_clone_security()
---

5593a733f968521444df84902901902233c17d8f
diff --cc security/apparmor/lsm.c
index f72406fe1bf27,13c2f76bd1f7b..0d6585056f3df
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@@ -1711,9 -1701,9 +1711,9 @@@ static int __init alloc_buffers(void
  
  #ifdef CONFIG_SYSCTL
  static int apparmor_dointvec(struct ctl_table *table, int write,
 -			     void __user *buffer, size_t *lenp, loff_t *ppos)
 +			     void *buffer, size_t *lenp, loff_t *ppos)
  {
- 	if (!policy_admin_capable(NULL))
+ 	if (!aa_current_policy_admin_capable(NULL))
  		return -EPERM;
  	if (!apparmor_enabled)
  		return -EINVAL;