Publishing details
Changelog
linux (6.2.0-19.19~lp2013088) lunar; urgency=medium
* lunar/linux: 6.2.0-19.19 -proposed tracker (LP: #2012488)
* Neuter signing tarballs (LP: #2012776)
- [Packaging] neuter the signing tarball
* LSM stacking and AppArmor refresh for 6.2 kernel (LP: #2012136)
- Revert "UBUNTU: [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS"
- Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation"
- Revert "UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix
mqueues"
- Revert "UBUNTU: SAUCE: Revert "apparmor: make __aa_path_perm() static""
- Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display (using struct cred
as input)"
- Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk parameter const"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in smk_netlbl_mls()"
- Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use lsmblob"
- Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to kfree_sensitive()"
- Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive flag"
- Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM context"
- Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline function
declration."
- Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check"
- Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple object LSM
attributes"
- Revert "UBUNTU: SAUCE: Audit: Add new record for multiple process LSM
attributes"
- Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob"
- Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink netfilter"
- Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_inode_getsecctx"
- Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx"
- Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser"
- Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display"
- Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to use lsmblobs"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secid_to_secctx"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid"
- Revert "UBUNTU: SAUCE: net: Prepare UDS for security module stacking"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as"
- Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match"
- Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob data structure."
- Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock security"
- Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to
aa_sock()"
- Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()"
- Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as part of a secid
to secctx"
- Revert "UBUNTU: SAUCE: apparmor: fix use after free in sk_peer_label"
- Revert "UBUNTU: SAUCE: apparmor: af_unix mediation"
- Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x
net rules"
- Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value"
- SAUCE: apparmor: rename SK_CTX() to aa_sock and make it an inline fn
- SAUCE: apparmor: Add sysctls for additional controls of unpriv userns
restrictions
- SAUCE: Stacking v38: LSM: Identify modules by more than name
- SAUCE: Stacking v38: LSM: Add an LSM identifier for external use
- SAUCE: Stacking v38: LSM: Identify the process attributes for each module
- SAUCE: Stacking v38: LSM: Maintain a table of LSM attribute data
- SAUCE: Stacking v38: proc: Use lsmids instead of lsm names for attrs
- SAUCE: Stacking v38: integrity: disassociate ima_filter_rule from
security_audit_rule
- SAUCE: Stacking v38: LSM: Infrastructure management of the sock security
- SAUCE: Stacking v38: LSM: Add the lsmblob data structure.
- SAUCE: Stacking v38: LSM: provide lsm name and id slot mappings
- SAUCE: Stacking v38: IMA: avoid label collisions with stacked LSMs
- SAUCE: Stacking v38: LSM: Use lsmblob in security_audit_rule_match
- SAUCE: Stacking v38: LSM: Use lsmblob in security_kernel_act_as
- SAUCE: Stacking v38: LSM: Use lsmblob in security_secctx_to_secid
- SAUCE: Stacking v38: LSM: Use lsmblob in security_secid_to_secctx
- SAUCE: Stacking v38: LSM: Use lsmblob in security_ipc_getsecid
- SAUCE: Stacking v38: LSM: Use lsmblob in security_current_getsecid
- SAUCE: Stacking v38: LSM: Use lsmblob in security_inode_getsecid
- SAUCE: Stacking v38: LSM: Use lsmblob in security_cred_getsecid
- SAUCE: Stacking v38: LSM: Specify which LSM to display
- SAUCE: Stacking v38: LSM: Ensure the correct LSM context releaser
- SAUCE: Stacking v38: LSM: Use lsmcontext in security_secid_to_secctx
- SAUCE: Stacking v38: LSM: Use lsmcontext in security_inode_getsecctx
- SAUCE: Stacking v38: Use lsmcontext in security_dentry_init_security
- SAUCE: Stacking v38: LSM: security_secid_to_secctx in netlink netfilter
- SAUCE: Stacking v38: NET: Store LSM netlabel data in a lsmblob
- SAUCE: Stacking v38: binder: Pass LSM identifier for confirmation
- SAUCE: Stacking v38: LSM: security_secid_to_secctx module selection
- SAUCE: Stacking v38: Audit: Keep multiple LSM data in audit_names
- SAUCE: Stacking v38: Audit: Create audit_stamp structure
- SAUCE: Stacking v38: LSM: Add a function to report multiple LSMs
- SAUCE: Stacking v38: Audit: Allow multiple records in an audit_buffer
- SAUCE: Stacking v38: Audit: Add record for multiple task security contexts
- SAUCE: Stacking v38: audit: multiple subject lsm values for netlabel
- SAUCE: Stacking v38: Audit: Add record for multiple object contexts
- SAUCE: Stacking v38: netlabel: Use a struct lsmblob in audit data
- SAUCE: Stacking v38: LSM: Removed scaffolding function lsmcontext_init
- SAUCE: Stacking v38: AppArmor: Remove the exclusive flag
- SAUCE: apparmor: combine common_audit_data and apparmor_audit_data
- SAUCE: apparmor: setup slab cache for audit data
- SAUCE: apparmor: rename audit_data->label to audit_data->subj_label
- SAUCE: apparmor: pass cred through to audit info.
- SAUCE: apparmor: Improve debug print infrastructure
- SAUCE: apparmor: add the ability for profiles to have a learning cache
- SAUCE: apparmor: enable userspace upcall for mediation
- SAUCE: apparmor: cache buffers on percpu list if there is lock contention
- SAUCE: apparmor: fix policy_compat permission remap with extended
permissions
- SAUCE: apparmor: advertise availability of exended perms
- [Config] define CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS
* kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) // LSM
stacking and AppArmor refresh for 6.2 kernel (LP: #2012136)
- SAUCE: apparmor: add/use fns to print hash string hex value
- SAUCE: apparmor: patch to provide compatibility with v2.x net rules
- SAUCE: apparmor: add user namespace creation mediation
- SAUCE: apparmor: af_unix mediation
- SAUCE: apparmor: Add fine grained mediation of posix mqueues
* devlink_port_split from ubuntu_kernel_selftests.net fails on hirsute
(KeyError: 'flavour') (LP: #1937133)
- selftests: net: devlink_port_split.py: skip test if no suitable device
available
* NFS deathlock with last Kernel 5.4.0-144.161 and 5.15.0-67.74 (LP: #2009325)
- NFS: Correct timing for assigning access cache timestamp
-- Andrea Righi <email address hidden> Sat, 25 Mar 2023 07:37:30 +0100
Builds
Built packages
-
linux-buildinfo-6.2.0-19-generic
Linux kernel buildinfo for version 6.2.0 on 64 bit x86 SMP
-
linux-buildinfo-6.2.0-19-generic-64k
Linux kernel buildinfo for version 6.2.0 on ARMv8 SMP
-
linux-cloud-tools-6.2.0-19
Linux kernel version specific cloud tools for version 6.2.0-19
-
linux-cloud-tools-6.2.0-19-generic
Linux kernel version specific cloud tools for version 6.2.0-19
-
linux-cloud-tools-common
Linux kernel version specific cloud tools for version 6.2.0
-
linux-doc
Linux kernel specific documentation for version 6.2.0
-
linux-headers-6.2.0-19
Header files related to Linux kernel version 6.2.0
-
linux-headers-6.2.0-19-generic
Linux kernel headers for version 6.2.0 on 64 bit x86 SMP
-
linux-headers-6.2.0-19-generic-64k
Linux kernel headers for version 6.2.0 on ARMv8 SMP
-
linux-image-6.2.0-19-generic
Linux kernel image for version 6.2.0 on PowerPC 64el SMP
-
linux-image-unsigned-6.2.0-19-generic
Linux kernel image for version 6.2.0 on 64 bit x86 SMP
-
linux-image-unsigned-6.2.0-19-generic-64k
Linux kernel image for version 6.2.0 on ARMv8 SMP
-
linux-libc-dev
Linux Kernel Headers for development
-
linux-modules-6.2.0-19-generic
Linux kernel extra modules for version 6.2.0 on 64 bit x86 SMP
-
linux-modules-6.2.0-19-generic-64k
Linux kernel extra modules for version 6.2.0 on ARMv8 SMP
-
linux-modules-extra-6.2.0-19-generic
Linux kernel extra modules for version 6.2.0 on 64 bit x86 SMP
-
linux-modules-ipu6-6.2.0-19-generic
Linux kernel ipu6 modules for version 6.2.0-19
-
linux-modules-ivsc-6.2.0-19-generic
Linux kernel ivsc modules for version 6.2.0-19
-
linux-source-6.2.0
Linux kernel source for version 6.2.0 with Ubuntu patches
-
linux-tools-6.2.0-19
Linux kernel version specific tools for version 6.2.0-19
-
linux-tools-6.2.0-19-generic
Linux kernel version specific tools for version 6.2.0-19
-
linux-tools-6.2.0-19-generic-64k
Linux kernel version specific tools for version 6.2.0-19
-
linux-tools-common
Linux kernel version specific tools for version 6.2.0
-
linux-tools-host
Linux kernel VM host tools
Package files