On 08/15/2018 07:10 PM, Alexei Starovoitov wrote:
On Tue, Aug 14, 2018 at 07:14:00AM -0700, Andrew Lutomirski wrote:
[Removed Fedora devel list because it's subscriber-only]
On Aug 8, 2018, at 12:29 AM, Peter Robinson <pbrobinson@xxxxxxxxx> wrote:
Probably a good idea to cc: this to the kernel list :-)
I suspect it's intentional but with the planned changes for iptables
etc to be backed by bpf in the upstream kernel sometime in the future
it's likely going to need to be reviewed.
I thought this got covered in review. I think this part of lockdown
needs to get reverted or fixed ASAP.
I don't see lockdown in Linus's tree. Is this fedora only issue?
The entire lockdown/secure boot series is out of tree at the moment.
We're working to get it included. If you search LWN, you
can find some articles explaining the long saga of the patch series.
(I definitely brought up multiple issues with the bpf lockdown stuff.
It's clearly extremely broken right now in the "new kernel breaks
*current* Linux distro" sense.)
+1
Yes, we need to review what exactly is in Fedora. It's the merge
window so this is a good time to do that anyway. We're still
playing catch up after Flock in Dresden last week. Can you file
a bugzilla for tracking so we don't forget?
Thanks,
Laura
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx/message/TDNMHIVEAKJHCYD4ZTDLRA6LW42CATGQ/