ACK/cmnt: [SRU][XENIAL][PATCH 0/7]
Stefan Bader
stefan.bader at canonical.com
Fri Oct 6 08:38:34 UTC 2017
On 06.10.2017 10:28, Stefan Bader wrote:
> On 06.10.2017 06:43, Tyler Hicks wrote:
>> This is a backport of a patch set that improves seccomp logging controls for
>> applications and for adminstrators. Snappy needs these patches in order to
>> provide proper logging of syscalls that are not allowed while running in
>> developer mode (LP: #1567597). Snappy also needs these patches in order to move
>> away from the default action of killing snaps when they bump into the sandbox
>> walls and, instead, return an errno that is properly logged (LP: #1721676).
>>
>> The patches have been acked by seccomp maintainer Kees Cook and they've been
>> merged into 4.14:
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0a3a64e723324ae6dda53214061a71de63808c3
>>
>> See the test case descriptions in the bugs mentioned above for a list of
>> successful tests that I've performed (they all pass).
>>
>> Thanks!
>
> The patches have no BugLink as far as I see. Would have been nice to add them. I
> assume it is the two bugs mentioned above (which also seem to have SRU
> justification). We can add those when applying but it is one more thing one can> forget.
Found the two patches with buglinks now. See comment for Zesty set.
>
> The delta is substantial and I would not trust myself to evaluate its
> correctness. I have to trust you and Kees, upstream review, the statement of not
> changing the default behaviour and testing. Based on that:
>
> Acked-by: Stefan Bader <stefan.bader at canonical.com>
>
>>
>> Tyler
>>
>>
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20171006/110f550e/attachment.sig>
More information about the kernel-team
mailing list