> ---------------------------------------- > From: Carsten Mattner <carstenmattner@xxxxxxxxx> > Sent: Mon Sep 10 20:07:23 CEST 2018 > To: Geo Kozey <geokozey@xxxxxxxxxxxxx>, General Discussion about Arch Linux <arch-general@xxxxxxxxxxxxx> > Cc: Levente Polyak <anthraxx@xxxxxxxxxxxxx> > Subject: Re: AppArmor support > > > On 9/10/18, Geo Kozey via arch-general <arch-general@xxxxxxxxxxxxx> wrote: > > > Of course I don't report issues with linux-hardened patch itself upstream. > > Correct me if I'm wrong, but does that mean you first try to repro with > vanilla and fall back to reporting to -hardened if it's not present in > Linus' tree? No, I meant build warnings, build failures or merge conflicts which can be directly attributed to linux-hardened patch. Honestly I don't remember real kernel bugs caused by linux-hardened patchset perhaps because it's rather tiny (100 times smaller than last grsecurity patch was) and not that invasive. CONFIG_FORTIFY_SOURCE_STRICT_STRING can find bugs which aren't visible in vanillia but there are still upstream bugs not linux-hardened and can be reported upstream. Yours sincerely G. K.
