Commit 281f36d4a997 for kernel

commit 281f36d4a9970c206c2c44042904d4e34c092fbe
Merge: 80234b5ab240 8e135b8aee5a
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Thu Mar 12 10:58:02 2026 -0700

    Merge tag 'apparmor-pr-mainline-2026-03-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

    Pull AppArmor fixes from John Johansen:
     - fix race between freeing data and fs accessing it
     - fix race on unreferenced rawdata dereference
     - fix differential encoding verification
     - fix unconfined unprivileged local user can do privileged policy management
     - Fix double free of ns_name in aa_replace_profiles()
     - fix missing bounds check on DEFAULT table in verify_dfa()
     - fix side-effect bug in match_char() macro usage
     - fix: limit the number of levels of policy namespaces
     - replace recursive profile removal with iterative approach
     - fix memory leak in verify_header
     - validate DFA start states are in bounds in unpack_pdb

    * tag 'apparmor-pr-mainline-2026-03-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
      apparmor: fix race between freeing data and fs accessing it
      apparmor: fix race on rawdata dereference
      apparmor: fix differential encoding verification
      apparmor: fix unprivileged local user can do privileged policy management
      apparmor: Fix double free of ns_name in aa_replace_profiles()
      apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
      apparmor: fix side-effect bug in match_char() macro usage
      apparmor: fix: limit the number of levels of policy namespaces
      apparmor: replace recursive profile removal with iterative approach
      apparmor: fix memory leak in verify_header
      apparmor: validate DFA start states are in bounds in unpack_pdb