Linux 4.4 Released
18 Jan 2016 tags: audit selinuxLinus released Linux 4.4 last week, and while I’m a bit late in posting this, here are the SELinux and audit release notes for the new kernel release.
SELinux
-
The CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE Kconfig value default was changed to 0. This change means that by default the kernel will now perform SELinux mmap() and mprotect() access control checks based on the protection actually applied by the kernel as opposed to the protection requested by the application.
-
SELinux no longer checks the file:open permission on ftruncate() as it has already been checked when the file was opened.
-
Fix a bug where conditional policy was ignored for userspace object managers.
-
General cleanup and code improvements.
Audit
-
Improved the communication between the kernel and the audit daemon which should result in improved resiliency.
-
General cleanup and code improvements.