+ Features
  - increase left match history buffer size to provide inproved conflict
    resolution in overlapping execution rules.
  - switch buffer allocation to use a memory pool and GFP_KERNEL
    where possible.
  - add compression of policy blobs to reduce memory usage.
+ Cleanups
  - fix spelling mistake "immutible" -> "immutable"
+ Bug fixes
  - fix unsigned len comparison in update_for_len macro
  - fix sparse warning for type-casting of current->real_cred
apparmor: make it so work buffers can be allocated from atomic context

In some situations AppArmor needs to be able to use its work buffers
from atomic context. Add the ability to specify when in atomic context
and hold a set of work buffers in reserve for atomic context to
reduce the chance that a large work buffer allocation will need to
be done.

Fixes: df323337e507 ("apparmor: Use a memory pool instead per-CPU caches")
Signed-off-by: John Johansen <john.johansen@canonical.com>
6 files changed