• John Johansen's avatar
    Update base network mediation patch with missing feature pinning fixup · 8f6d94bf
    John Johansen authored
    apparmor: fix regression in network mediation when using feature pinning
    
    When the 4.14-rc6 and earlier kernels are used with an upstream 4.13
    or earlier pinned feature set, there is a regression in network
    mediation where policy is not being correctly enforced, because the
    compilation is completely dropping the af mediation table as expected
    by pre 4.14 kernels but the 4.14 kernel is not accounting for this.
    
    Resulting in network denials that can not be fixed by policy.
    Signed-off-by: 's avatarJohn Johansen <john.johansen@canonical.com>
    8f6d94bf
0002-apparmor-af_unix-mediation.patch 40.3 KB