kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #184416
[Bug 1509489] Proposed package removed from archive
The version of linux-mako in the proposed pocket of Wily that was
purported to fix this bug report has been removed because the bugs that
were to be fixed by the upload were not verified in a timely (105 days)
fashion.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-mako in Ubuntu.
https://bugs.launchpad.net/bugs/1509489
Title:
[SRU] seccomp filters backport for Mako
Status in linux-mako package in Ubuntu:
Fix Released
Status in linux-mako source package in Vivid:
Fix Committed
Status in linux-mako source package in Wily:
Won't Fix
Status in linux-mako source package in Xenial:
Fix Released
Bug description:
[Impact]
* The snappy confinement model utilizes both apparmor and seccomp
filters, and while the former is supported by the phone kernel, the
latter is not. Snappy cannot be used on the mako, krillin, or vegetahd
without seccomp filters being backported.
[Test Case]
* Run the tests located here:
http://kernel.ubuntu.com/git/kyrofa/ubuntu-
vivid.git/tree/tools/testing/selftests/seccomp?h=backport_seccomp_filters&id=555777b2449cb4a69604998e8550001231a0f6af
They will fail without this change.
[Regression Potential]
* Potential AppArmor regression regarding its use of no_new_privs,
since it was previously a fake implementation to facilitate the v3
backport.
[Other Info]
* Backport is from mainline.
* Backport only includes seccomp filters introduced in v3.5 (e.g. does not include syscall or tsync).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-mako/+bug/1509489/+subscriptions
References