http://bugzilla.opensuse.org/show_bug.cgi?id=1000304 Bug ID: 1000304 Summary: several AppArmor kernel fixes / patches Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: openSUSE 13.2 Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-maintainers@forge.provo.novell.com Reporter: suse-beta@cboltz.de QA Contact: qa-bugs@suse.de Found By: Beta-Customer Blocker: --- Several AppArmor-related fixes went into kernel 4.8. You might want to backport them to older kernel versions like the Leap and SLE kernels. For the details, let me just quote from #apparmor: <jjohansen> git format-patch 3ccee46ab487d5b87d0621824efe2500b2857c58..7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 security/apparmor <jjohansen> on the current upstream tree will give the full set of patches that went into 4.8 <jjohansen> this did not include the change_hat patch which will go up in 4.9 [see bug 1000287 for the change_hat patch] <jjohansen> s/go up/be in/ <jjohansen> cboltz: I think that reference will work very well for the suse kt as it shows that these are patches that are in upstream <jjohansen> cboltz: however there is a need for them to drop some of their own out of tree patches <jjohansen> cboltz: I can try again to build an obs kernel, but it is a pita <jjohansen> the suse kernel really requires a suse env to properly unpack and set up the patch queues and refresh the patches and set the configs <jjohansen> simple patches you can often get away with just adding them to the tar and updating the series file <jjohansen> but it does not work with this series <cboltz> sounds like someone @suse should do it ;-) <cboltz> are the patches easy to backport, or should I also add a pointer to the bzr kernel-patches directory? <jjohansen> cboltz it looks like git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor v4.4-aa2.8-out-of-tree <jjohansen> has the full set plus a few fixes from 4.5,4.6 -- You are receiving this mail because: You are on the CC list for the bug.