ACK/cmnt: [SRU][ZESTY][PATCH 0/8]
Stefan Bader
stefan.bader at canonical.com
Fri Oct 6 08:37:38 UTC 2017
On 06.10.2017 06:44, Tyler Hicks wrote:
> This is a backport of a patch set that improves seccomp logging controls for
> applications and for adminstrators. Snappy needs these patches in order to
> provide proper logging of syscalls that are not allowed while running in
> developer mode (LP: #1567597). Snappy also needs these patches in order to move
> away from the default action of killing snaps when they bump into the sandbox
> walls and, instead, return an errno that is properly logged (LP: #1721676).
>
> The patches have been acked by seccomp maintainer Kees Cook and they've been
> merged into 4.14:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0a3a64e723324ae6dda53214061a71de63808c3
>
> See the test case descriptions in the bugs mentioned above for a list of
> successful tests that I've performed (they all pass).
Same about missing BugLinks. All patches should have them. And actually the when
looking at the Zesty batch I realized the last two patches have bug links. Each
to one of the two mentioned bugs. So I would proposed to either add both bugs to
all patches or at least both to all pre-req changes. But probably the former is
the better approach, even if that will show the set twice in the generated
changelog.
The delta is substantial and I would not trust myself to evaluate its
correctness. I have to trust you and Kees, upstream review, the statement of not
changing the default behaviour and testing. Based on that:
Acked-by: Stefan Bader <stefan.bader at canonical.com>
>
> Thanks!
>
> Tyler
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20171006/290bf229/attachment.sig>
More information about the kernel-team
mailing list