[PULL][Disco] LSM stacking
Seth Forshee
seth.forshee at canonical.com
Fri Mar 22 14:44:16 UTC 2019
On Wed, Mar 20, 2019 at 06:19:30PM -0700, John Johansen wrote:
> The following patch set brings 5.1 LSM stacking to the Disco kernel. The
> cherry-picked patches have been refreshed to use the sha1s from upstream
> 5.1-rc2.
>
> The rest of the patch series makes it so that apparmor can stack with
> selinux and smack. These patches are all tagged with "UBUNTU: SAUCE:" the
> bulk of this is reverting apparmor features that are currently unused in
> Ubuntu and require secid support.
>
>
> The following changes since commit f4dfce1da80f55c0940dfb83eb8879283e823b2f:
>
> UBUNTU: Ubuntu-5.0.0-8.9 (2019-03-12 16:15:44 -0300)
>
> are available in the Git repository at:
>
> https://git.launchpad.net/~jjohansen/+git/disco-stacking disco-lsm_stacking
>
> for you to fetch changes up to d9d34fff369f1b8bc8c076a5f7726c52a21899cd:
>
> UBUNTU: SAUCE: update configs and annotations for LSM stacking (2019-03-20 17:02:25 -0700)
It's a lot of changes, but most are upstream, and the rest fall under
your domain of expertise. Can you tell me what kind of testing you've
done on the patches?
Some of the SAUCE patches still have cherry-picked lines which imply
they came from upstream. Did they come from some other repo? If so I can
update the messages to indicate where they came from.
I also found that a config option removed from the configs,
CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE, was still in the ubuntu
configs, so I've amended the last commit to also remove that one.
I'm going to do a little smoke testing on these. If that turns out good
then I'm okay with applying these, once I have answers to the questions
above.
Thanks,
Seth
More information about the kernel-team
mailing list