[apparmor] About 4.7 upstream kernel patches

Seth Arnold seth.arnold at canonical.com
Wed Apr 5 07:41:16 UTC 2017

On Wed, Apr 05, 2017 at 09:03:01AM +0300, Vincas Dargis wrote:
> So my question is, what's status of these patches, when they will be actually
> available? I do not know how Linux patch propagation works, so I would be
> thankful to get some enlightenment in this topic.

Hi Vincas,

Different kernel maintainers get to pick and choose what they'd like to
include in their kernels. The Ubuntu kernels ship what's probably best
considered "upstream AppArmor". I believe the best place to see what's in
these is John's trees at http://kernel.ubuntu.com/git/jj/ with the ubuntu
zesty kernel being the current target of development:

John also maintains a git tree with backports of AppArmor to various older
kernels of importance:
The different branches bring features and bugfixes from 'future' versions
of apparmor to 'past' versions of kernels.

John's also trying to merge new AppArmor development into the mainline
Linux kernel. The kernel devs require patches to be laid out in a nice
linear methodical order, buildable at every patch, ideally bootable at
every patch, and preparing patches in this manner takes time and effort.
You can see an example of this at:
and the tree at

As more of AppArmor gets into the mainline Linux kernel, it'll eventually
filter down to the consumers that don't want to manage AppArmor in their
sources directly.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170405/b15eeee9/attachment.pgp>

More information about the AppArmor mailing list