On Sun, Jul 10, 2022 at 04:08:00PM +0200, Alexander Grund wrote: > On 10.07.22 15:27, Greg KH wrote: > >> What kernel version(s) are you wanting this applied to? > > That should go onto 4.9, I see I should have used `--subject-prefix`. > > >> And your email send address does not match your signed-off-by > >> name/address, so for obvious reasons, we can't take this. > > My 2nd email (from GMail) is much easier to setup but I'd like to keep my usual signed-off tag. > Would `--from=git@xxxxxxxxxx --reply-to=theflamefire89@xxxxxxxxx` be acceptable? I can't see reply-to when reviewing a patch, can you? What would you want to see if you had to review this to verify it was sane? > > And of course, why is this needed in any stable kernel tree? It isn't > > fixing a bug, it's adding a new feature. Patch 2/2 also doesn't fix > > anything, so we need some explaination here. Perhaps do that in your > > 0/X email that I can't seem to find here? > > Good point, so I need to use `--cover-letter` even for backports. Makes sense. > The previous discussion can be found at [1]. > The essence is that this adds security hardening by disallowing writes to LSM hooks after initialization. > Additionally included here to reduce divergence with mainline to ease application of further (backported) commits. We can't add new features to older kernel versions, as you know that's not allowed as per the stable kernel rules. If you want newer security features, just move to a newer kernel version. And without any context here, or the "further" commits, how are we supposed to know any of this? thanks, greg k-h
