UN-APPLIED[L]: NACK/Cmnt: [Lunar][PULL] apparmor fixes

Andrea Righi andrea.righi at canonical.com
Thu Apr 27 12:54:14 UTC 2023 

On Thu, Apr 27, 2023 at 02:37:21PM +0200, Stefan Bader wrote:
> On 27.04.23 14:21, John Johansen wrote:
> > The following changes since commit
> > e182447c03d5025ced03573df8f937d4e5184a8c:
> > 
> >    UBUNTU: [Packaging] debian/rules: Add DKMS info to 'printenv' output
> > (2023-04-24 16:07:07 +0200)
> > 
> > are available in the Git repository at:
> > 
> >    git at gitlab.com:jjohansen/apparmor-kernel.git lunar-fixes
> > 
> > for you to fetch changes up to 871f2d6ed009718bfeb3b649d9d11663a5df23fb:
> > 
> >    UBUNTU: SAUCE: apparmor: fix: kzalloc perms tables for shared dfas
> > (2023-04-27 05:17:26 -0700)
> > 
> > ----------------------------------------------------------------
> > John Johansen (4):
> >        UBUNTU: SAUCE: apparmor: fix policy_compat perms remap for file dfa
> >        UBUNTU: SAUCE: apparmor: fix profile verification and enable it
> >        UBUNTU: SAUCE: apparmor: fix: add missing failure check in
> > compute_xmatch_perms
> >        UBUNTU: SAUCE: apparmor: fix: kzalloc perms tables for shared dfas
> > 
> >   security/apparmor/apparmorfs.c    |  2 +-
> >   security/apparmor/policy.c        | 13 +++++++
> >   security/apparmor/policy_compat.c | 20 +++++++----
> >   security/apparmor/policy_unpack.c | 72
> > ++++++++++++++++++++++++---------------
> >   4 files changed, 72 insertions(+), 35 deletions(-)
> > 
> > 
> 
> Rejected for the following reasons:
> - Lunar has released and now is under SRU rules
> - I cannot figure out this request has an associated LP bug because
> - the gitlab URI given does not work
> - SAUCE patches should have some more justification as to why we
>   have to differ from upstream
> 
> -Stefan

These are definitely valid reasons, I was still considering lunar/linux
as devel material, but at this point it's more stable material, so
patches should follow the SRU rules. My bad, sorry.

I've un-applied them from lunar. I'll take care of creating a proper
LP bug for these extra fixes.

For the apparmor SAUCE patches in general, it'd be nice to have a
description (even a short summary) of the differences from upstream and
why/what is using these features (this is probably for John, because I
don't have a view of the big picture regarding our SAUCE differences).

Thanks,
-Andrea

More information about the kernel-team mailing list