linux 6.8.0-7.7 source package in Ubuntu
Changelog
linux (6.8.0-7.7) noble; urgency=medium * noble/linux: 6.8.0-7.7 -proposed tracker (LP: #2052691) * update apparmor and LSM stacking patch set (LP: #2028253) - SAUCE: apparmor4.0.0 [01/87]: LSM stacking v39: integrity: disassociate ima_filter_rule from security_audit_rule - SAUCE: apparmor4.0.0 [02/87]: LSM stacking v39: SM: Infrastructure management of the sock security - SAUCE: apparmor4.0.0 [03/87]: LSM stacking v39: LSM: Add the lsmblob data structure. - SAUCE: apparmor4.0.0 [04/87]: LSM stacking v39: IMA: avoid label collisions with stacked LSMs - SAUCE: apparmor4.0.0 [05/87]: LSM stacking v39: LSM: Use lsmblob in security_audit_rule_match - SAUCE: apparmor4.0.0 [06/87]: LSM stacking v39: LSM: Add lsmblob_to_secctx hook - SAUCE: apparmor4.0.0 [07/87]: LSM stacking v39: Audit: maintain an lsmblob in audit_context - SAUCE: apparmor4.0.0 [08/87]: LSM stacking v39: LSM: Use lsmblob in security_ipc_getsecid - SAUCE: apparmor4.0.0 [09/87]: LSM stacking v39: Audit: Update shutdown LSM data - SAUCE: apparmor4.0.0 [10/87]: LSM stacking v39: LSM: Use lsmblob in security_current_getsecid - SAUCE: apparmor4.0.0 [11/87]: LSM stacking v39: LSM: Use lsmblob in security_inode_getsecid - SAUCE: apparmor4.0.0 [12/87]: LSM stacking v39: Audit: use an lsmblob in audit_names - SAUCE: apparmor4.0.0 [13/87]: LSM stacking v39: LSM: Create new security_cred_getlsmblob LSM hook - SAUCE: apparmor4.0.0 [14/87]: LSM stacking v39: Audit: Change context data from secid to lsmblob - SAUCE: apparmor4.0.0 [15/87]: LSM stacking v39: Netlabel: Use lsmblob for audit data - SAUCE: apparmor4.0.0 [16/87]: LSM stacking v39: LSM: Ensure the correct LSM context releaser - SAUCE: apparmor4.0.0 [17/87]: LSM stacking v39: LSM: Use lsmcontext in security_secid_to_secctx - SAUCE: apparmor4.0.0 [18/87]: LSM stacking v39: LSM: Use lsmcontext in security_lsmblob_to_secctx - SAUCE: apparmor4.0.0 [19/87]: LSM stacking v39: LSM: Use lsmcontext in security_inode_getsecctx - SAUCE: apparmor4.0.0 [20/87]: LSM stacking v39: LSM: Use lsmcontext in security_dentry_init_security - SAUCE: apparmor4.0.0 [21/87]: LSM stacking v39: LSM: security_lsmblob_to_secctx module selection - SAUCE: apparmor4.0.0 [22/87]: LSM stacking v39: Audit: Create audit_stamp structure - SAUCE: apparmor4.0.0 [23/87]: LSM stacking v39: Audit: Allow multiple records in an audit_buffer - SAUCE: apparmor4.0.0 [24/87]: LSM stacking v39: Audit: Add record for multiple task security contexts - SAUCE: apparmor4.0.0 [25/87]: LSM stacking v39: audit: multiple subject lsm values for netlabel - SAUCE: apparmor4.0.0 [26/87]: LSM stacking v39: Audit: Add record for multiple object contexts - SAUCE: apparmor4.0.0 [27/87]: LSM stacking v39: LSM: Remove unused lsmcontext_init() - SAUCE: apparmor4.0.0 [28/87]: LSM stacking v39: LSM: Improve logic in security_getprocattr - SAUCE: apparmor4.0.0 [29/87]: LSM stacking v39: LSM: secctx provider check on release - SAUCE: apparmor4.0.0 [31/87]: LSM stacking v39: LSM: Exclusive secmark usage - SAUCE: apparmor4.0.0 [32/87]: LSM stacking v39: LSM: Identify which LSM handles the context string - SAUCE: apparmor4.0.0 [33/87]: LSM stacking v39: AppArmor: Remove the exclusive flag - SAUCE: apparmor4.0.0 [34/87]: LSM stacking v39: LSM: Add mount opts blob size tracking - SAUCE: apparmor4.0.0 [35/87]: LSM stacking v39: LSM: allocate mnt_opts blobs instead of module specific data - SAUCE: apparmor4.0.0 [36/87]: LSM stacking v39: LSM: Infrastructure management of the key security blob - SAUCE: apparmor4.0.0 [37/87]: LSM stacking v39: LSM: Infrastructure management of the mnt_opts security blob - SAUCE: apparmor4.0.0 [38/87]: LSM stacking v39: LSM: Correct handling of ENOSYS in inode_setxattr - SAUCE: apparmor4.0.0 [39/87]: LSM stacking v39: LSM: Remove lsmblob scaffolding - SAUCE: apparmor4.0.0 [40/87]: LSM stacking v39: LSM: Allow reservation of netlabel - SAUCE: apparmor4.0.0 [41/87]: LSM stacking v39: LSM: restrict security_cred_getsecid() to a single LSM - SAUCE: apparmor4.0.0 [42/87]: LSM stacking v39: Smack: Remove LSM_FLAG_EXCLUSIVE - SAUCE: apparmor4.0.0 [43/87]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0 [12/95]: add/use fns to print hash string hex value - SAUCE: apparmor4.0.0 [44/87]: patch to provide compatibility with v2.x net rules - SAUCE: apparmor4.0.0 [45/87]: add unpriviled user ns mediation - SAUCE: apparmor4.0.0 [46/87]: Add sysctls for additional controls of unpriv userns restrictions - SAUCE: apparmor4.0.0 [47/87]: af_unix mediation - SAUCE: apparmor4.0.0 [48/87]: Add fine grained mediation of posix mqueues - SAUCE: apparmor4.0.0 [49/87]: setup slab cache for audit data - SAUCE: apparmor4.0.0 [50/87]: Improve debug print infrastructure - SAUCE: apparmor4.0.0 [51/87]: add the ability for profiles to have a learning cache - SAUCE: apparmor4.0.0 [52/87]: enable userspace upcall for mediation - SAUCE: apparmor4.0.0 [53/87]: prompt - lock down prompt interface - SAUCE: apparmor4.0.0 [54/87]: prompt - allow controlling of caching of a prompt response - SAUCE: apparmor4.0.0 [55/87]: prompt - add refcount to audit_node in prep or reuse and delete - SAUCE: apparmor4.0.0 [56/87]: prompt - refactor to moving caching to uresponse - SAUCE: apparmor4.0.0 [57/87]: prompt - Improve debug statements - SAUCE: apparmor4.0.0 [58/87]: prompt - fix caching - SAUCE: apparmor4.0.0 [59/87]: prompt - rework build to use append fn, to simplify adding strings - SAUCE: apparmor4.0.0 [60/87]: prompt - refcount notifications - SAUCE: apparmor4.0.0 [61/87]: prompt - add the ability to reply with a profile name - SAUCE: apparmor4.0.0 [62/87]: prompt - fix notification cache when updating - SAUCE: apparmor4.0.0 [63/87]: prompt - add tailglob on name for cache support - SAUCE: apparmor4.0.0 [64/87]: prompt - allow profiles to set prompts as interruptible - SAUCE: apparmor4.0.0 [65/87] v6.8 prompt:fixup interruptible - SAUCE: apparmor4.0.0 [69/87]: add io_uring mediation - SAUCE: apparmor4.0.0 [70/87]: apparmor: fix oops when racing to retrieve notification - SAUCE: apparmor4.0.0 [71/87]: apparmor: fix notification header size - SAUCE: apparmor4.0.0 [72/87]: apparmor: fix request field from a prompt reply that denies all access - SAUCE: apparmor4.0.0 [73/87]: apparmor: open userns related sysctl so lxc can check if restriction are in place - SAUCE: apparmor4.0.0 [74/87]: apparmor: cleanup attachment perm lookup to use lookup_perms() - SAUCE: apparmor4.0.0 [75/87]: apparmor: remove redundant unconfined check. - SAUCE: apparmor4.0.0 [76/87]: apparmor: switch signal mediation to using RULE_MEDIATES - SAUCE: apparmor4.0.0 [77/87]: apparmor: ensure labels with more than one entry have correct flags - SAUCE: apparmor4.0.0 [78/87]: apparmor: remove explicit restriction that unconfined cannot use change_hat - SAUCE: apparmor4.0.0 [79/87]: apparmor: cleanup: refactor file_perm() to provide semantics of some checks - SAUCE: apparmor4.0.0 [80/87]: apparmor: carry mediation check on label - SAUCE: apparmor4.0.0 [81/87]: apparmor: convert easy uses of unconfined() to label_mediates() - SAUCE: apparmor4.0.0 [82/87]: apparmor: add additional flags to extended permission. - SAUCE: apparmor4.0.0 [83/87]: apparmor: add support for profiles to define the kill signal - SAUCE: apparmor4.0.0 [84/87]: apparmor: fix x_table_lookup when stacking is not the first entry - SAUCE: apparmor4.0.0 [85/87]: apparmor: allow profile to be transitioned when a user ns is created - SAUCE: apparmor4.0.0 [86/87]: apparmor: add ability to mediate caps with policy state machine - SAUCE: apparmor4.0.0 [87/87]: fixup notify - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic (LP: #2032602) - SAUCE: apparmor4.0.0 [66/87]: prompt - add support for advanced filtering of notifications - SAUCE: apparmor4.0.0 [67/87]: userns - add the ability to reference a global variable for a feature value - SAUCE: apparmor4.0.0 [68/87]: userns - make it so special unconfined profiles can mediate user namespaces -- Paolo Pisati <email address hidden> Thu, 08 Feb 2024 12:05:44 +0100
Upload details
- Uploaded by:
- Paolo Pisati
- Uploaded to:
- Noble
- Original maintainer:
- Ubuntu Kernel Team
- Architectures:
- all amd64 armhf arm64 ppc64el s390x i386
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
linux_6.8.0-7.7.tar.gz | 227.2 MiB | 22f0b6b0b048b1a044e0220f4ae3e49aa20e2152034099af4821ef91a1a89723 |
linux_6.8.0-7.7.dsc | 7.7 KiB | d7289912179f1aeeecb7b176b96ee624f6c6dde3c16f150b8a6ca91e7de08feb |
Available diffs
- diff from 6.6.0-14.14 to 6.8.0-7.7 (21.7 MiB)
- diff from 6.8.0-6.6 to 6.8.0-7.7 (94.2 KiB)
Binary packages built by this source
- linux-buildinfo-6.8.0-7-generic: No summary available for linux-buildinfo-6.8.0-7-generic in ubuntu noble.
No description available for linux-buildinfo
-6.8.0- 7-generic in ubuntu noble.
- linux-buildinfo-6.8.0-7-generic-64k: No summary available for linux-buildinfo-6.8.0-7-generic-64k in ubuntu noble.
No description available for linux-buildinfo
-6.8.0- 7-generic- 64k in ubuntu noble.
- linux-cloud-tools-6.8.0-7: No summary available for linux-cloud-tools-6.8.0-7 in ubuntu noble.
No description available for linux-cloud-
tools-6. 8.0-7 in ubuntu noble.
- linux-cloud-tools-6.8.0-7-generic: No summary available for linux-cloud-tools-6.8.0-7-generic in ubuntu noble.
No description available for linux-cloud-
tools-6. 8.0-7-generic in ubuntu noble.
- linux-cloud-tools-common: Linux kernel version specific cloud tools for version 6.8.0
This package provides the architecture independent parts for kernel
version locked tools for cloud tools for version 6.8.0.
- linux-headers-6.8.0-7: No summary available for linux-headers-6.8.0-7 in ubuntu noble.
No description available for linux-headers-
6.8.0-7 in ubuntu noble.
- linux-headers-6.8.0-7-generic: No summary available for linux-headers-6.8.0-7-generic in ubuntu noble.
No description available for linux-headers-
6.8.0-7- generic in ubuntu noble.
- linux-headers-6.8.0-7-generic-64k: No summary available for linux-headers-6.8.0-7-generic-64k in ubuntu noble.
No description available for linux-headers-
6.8.0-7- generic- 64k in ubuntu noble.
- linux-image-6.8.0-7-generic: No summary available for linux-image-6.8.0-7-generic in ubuntu noble.
No description available for linux-image-
6.8.0-7- generic in ubuntu noble.
- linux-image-6.8.0-7-generic-dbgsym: No summary available for linux-image-6.8.0-7-generic-dbgsym in ubuntu noble.
No description available for linux-image-
6.8.0-7- generic- dbgsym in ubuntu noble.
- linux-image-unsigned-6.8.0-7-generic: No summary available for linux-image-unsigned-6.8.0-7-generic in ubuntu noble.
No description available for linux-image-
unsigned- 6.8.0-7- generic in ubuntu noble.
- linux-image-unsigned-6.8.0-7-generic-64k: No summary available for linux-image-unsigned-6.8.0-7-generic-64k in ubuntu noble.
No description available for linux-image-
unsigned- 6.8.0-7- generic- 64k in ubuntu noble.
- linux-image-unsigned-6.8.0-7-generic-64k-dbgsym: No summary available for linux-image-unsigned-6.8.0-7-generic-64k-dbgsym in ubuntu noble.
No description available for linux-image-
unsigned- 6.8.0-7- generic- 64k-dbgsym in ubuntu noble.
- linux-image-unsigned-6.8.0-7-generic-dbgsym: No summary available for linux-image-unsigned-6.8.0-7-generic-dbgsym in ubuntu noble.
No description available for linux-image-
unsigned- 6.8.0-7- generic- dbgsym in ubuntu noble.
- linux-lib-rust-6.8.0-7-generic: No summary available for linux-lib-rust-6.8.0-7-generic in ubuntu noble.
No description available for linux-lib-
rust-6. 8.0-7-generic in ubuntu noble.
- linux-libc-dev: Linux Kernel Headers for development
This package provides headers from the Linux kernel. These headers
are used by the installed headers for GNU glibc and other system
libraries. They are NOT meant to be used to build third-party modules for
your kernel. Use linux-headers-* packages for that.
- linux-modules-6.8.0-7-generic: No summary available for linux-modules-6.8.0-7-generic in ubuntu noble.
No description available for linux-modules-
6.8.0-7- generic in ubuntu noble.
- linux-modules-6.8.0-7-generic-64k: No summary available for linux-modules-6.8.0-7-generic-64k in ubuntu noble.
No description available for linux-modules-
6.8.0-7- generic- 64k in ubuntu noble.
- linux-modules-extra-6.8.0-7-generic: No summary available for linux-modules-extra-6.8.0-7-generic in ubuntu noble.
No description available for linux-modules-
extra-6. 8.0-7-generic in ubuntu noble.
- linux-modules-iwlwifi-6.8.0-7-generic: No summary available for linux-modules-iwlwifi-6.8.0-7-generic in ubuntu noble.
No description available for linux-modules-
iwlwifi- 6.8.0-7- generic in ubuntu noble.
- linux-source-6.8.0: Linux kernel source for version 6.8.0 with Ubuntu patches
This package provides the source code for the Linux kernel version
6.8.0.
.
This package is mainly meant for other packages to use, in order to build
custom flavours.
.
If you wish to use this package to create a custom Linux kernel, then it
is suggested that you investigate the package kernel-package, which has
been designed to ease the task of creating kernel image packages.
.
If you are simply trying to build third-party modules for your kernel,
you do not want this package. Install the appropriate linux-headers
package instead.
- linux-tools-6.8.0-7: No summary available for linux-tools-6.8.0-7 in ubuntu noble.
No description available for linux-tools-6.8.0-7 in ubuntu noble.
- linux-tools-6.8.0-7-generic: No summary available for linux-tools-6.8.0-7-generic in ubuntu noble.
No description available for linux-tools-
6.8.0-7- generic in ubuntu noble.
- linux-tools-6.8.0-7-generic-64k: No summary available for linux-tools-6.8.0-7-generic-64k in ubuntu noble.
No description available for linux-tools-
6.8.0-7- generic- 64k in ubuntu noble.
- linux-tools-common: Linux kernel version specific tools for version 6.8.0
This package provides the architecture independent parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 6.8.0.
- linux-tools-host: Linux kernel VM host tools
This package provides kernel tools useful for VM hosts.