UN-APPLIED[L]: NACK/Cmnt: [Lunar][PULL] apparmor fixes

John Johansen john.johansen at canonical.com
Thu Apr 27 12:56:12 UTC 2023 

On 4/27/23 05:54, Andrea Righi wrote:
> On Thu, Apr 27, 2023 at 02:37:21PM +0200, Stefan Bader wrote:
>> On 27.04.23 14:21, John Johansen wrote:
>>> The following changes since commit
>>> e182447c03d5025ced03573df8f937d4e5184a8c:
>>>
>>>     UBUNTU: [Packaging] debian/rules: Add DKMS info to 'printenv' output
>>> (2023-04-24 16:07:07 +0200)
>>>
>>> are available in the Git repository at:
>>>
>>>     git at gitlab.com:jjohansen/apparmor-kernel.git lunar-fixes
>>>
>>> for you to fetch changes up to 871f2d6ed009718bfeb3b649d9d11663a5df23fb:
>>>
>>>     UBUNTU: SAUCE: apparmor: fix: kzalloc perms tables for shared dfas
>>> (2023-04-27 05:17:26 -0700)
>>>
>>> ----------------------------------------------------------------
>>> John Johansen (4):
>>>         UBUNTU: SAUCE: apparmor: fix policy_compat perms remap for file dfa
>>>         UBUNTU: SAUCE: apparmor: fix profile verification and enable it
>>>         UBUNTU: SAUCE: apparmor: fix: add missing failure check in
>>> compute_xmatch_perms
>>>         UBUNTU: SAUCE: apparmor: fix: kzalloc perms tables for shared dfas
>>>
>>>    security/apparmor/apparmorfs.c    |  2 +-
>>>    security/apparmor/policy.c        | 13 +++++++
>>>    security/apparmor/policy_compat.c | 20 +++++++----
>>>    security/apparmor/policy_unpack.c | 72
>>> ++++++++++++++++++++++++---------------
>>>    4 files changed, 72 insertions(+), 35 deletions(-)
>>>
>>>
>>
>> Rejected for the following reasons:
>> - Lunar has released and now is under SRU rules
>> - I cannot figure out this request has an associated LP bug because
>> - the gitlab URI given does not work
>> - SAUCE patches should have some more justification as to why we
>>    have to differ from upstream
>>
>> -Stefan
> 
> These are definitely valid reasons, I was still considering lunar/linux
> as devel material, but at this point it's more stable material, so
> patches should follow the SRU rules. My bad, sorry.
> 
> I've un-applied them from lunar. I'll take care of creating a proper
> LP bug for these extra fixes.
> 
Andrea, I am working on it

> For the apparmor SAUCE patches in general, it'd be nice to have a
> description (even a short summary) of the differences from upstream and
> why/what is using these features (this is probably for John, because I
> don't have a view of the big picture regarding our SAUCE differences).
> 

Ack, will do.

More information about the kernel-team mailing list