ACK/cmnt: [SRU][ZESTY][PATCH 0/8]

Stefan Bader stefan.bader at
Fri Oct 6 08:37:38 UTC 2017

On 06.10.2017 06:44, Tyler Hicks wrote:
> This is a backport of a patch set that improves seccomp logging controls for
> applications and for adminstrators. Snappy needs these patches in order to
> provide proper logging of syscalls that are not allowed while running in
> developer mode (LP: #1567597). Snappy also needs these patches in order to move
> away from the default action of killing snaps when they bump into the sandbox
> walls and, instead, return an errno that is properly logged (LP: #1721676).
> The patches have been acked by seccomp maintainer Kees Cook and they've been
> merged into 4.14:
> See the test case descriptions in the bugs mentioned above for a list of
> successful tests that I've performed (they all pass).

Same about missing BugLinks. All patches should have them. And actually the when
looking at the Zesty batch I realized the last two patches have bug links. Each
to one of the two mentioned bugs. So I would proposed to either add both bugs to
all patches or at least both to all pre-req changes. But probably the former is
the better approach, even if that will show the set twice in the generated

The delta is substantial and I would not trust myself to evaluate its
correctness. I have to trust you and Kees, upstream review, the statement of not
changing the default behaviour and testing. Based on that:

Acked-by: Stefan Bader <stefan.bader at>

> Thanks!
> Tyler

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the kernel-team mailing list