On Thu, Jun 22, 2017 at 07:40:49PM -0700, Andy Lutomirski wrote: > Greg, for context, the issue here is that we made what was arguably a > design error in seccomp's interaction with ptrace. After determining > that fixing it solved a bunch of problems and didn't break any user > programs, we fixed it. There might be new code that relies on the fix > being present in the sense that it would be insecure without the fix. > > The problem is that the fix is moderately intrusive and doesn't seem > like a great candidate for backporting, although we could plausibly do > it. That's fine, not all bugfixes that tests are created to find, should be backported. That's up to the stable maintainers, or someone who has a device/vendor tree based on that kernel if they want to do that or not. That has nothing to do with the fact that the test should fail or gracefully degrade. Tests should fail if the action that they are testing fails. They should degrade and not run if the _feature_ they are testing is not present. Yes, sometimes this is hard, like with the seccomp stuff, and will not always work, but that's the rule for our userspace api independant of any testing framework or code. Look at xfstests, no one gets mad when it adds a new test that old kernels fail at. It's up to someone else to either backport the kernel change, if they want it fixed in an old kernel, not to have xfstests just not run it at all! There's nothing different here either. thanks, greg k-h