On Tue, Aug 14, 2018 at 07:14:00AM -0700, Andrew Lutomirski wrote: > [Removed Fedora devel list because it's subscriber-only] > > > On Aug 8, 2018, at 12:29 AM, Peter Robinson <pbrobinson@xxxxxxxxx> wrote: > > > > Probably a good idea to cc: this to the kernel list :-) > > > > I suspect it's intentional but with the planned changes for iptables > > etc to be backed by bpf in the upstream kernel sometime in the future > > it's likely going to need to be reviewed. > > > > I thought this got covered in review. I think this part of lockdown > needs to get reverted or fixed ASAP. I don't see lockdown in Linus's tree. Is this fedora only issue? > (I definitely brought up multiple issues with the bpf lockdown stuff. > It's clearly extremely broken right now in the "new kernel breaks > *current* Linux distro" sense.) +1
