> So this would need to be backported to 4.14.y, 4.19.y, 5.4.y, and 5.10.y > before we could consider it. > > BUT, as this is something that just never worked, why is it needed at > all? Making it work is a "new feature", not really a bugfix for these > older kernels as it is not a regression. I agree it is not a regression but following the original discussion on this I do think it is a bug worth fixing, see the already quoted: > The behavior of dontauditx and auditallowx appears to be broken making them useless. At least it is a pitfall for policy writers which can be easily avoided by this small fix. I don't mind porting this to the other LTS releases if you agree on this judgement. If so, what would the best/simplest way to do so? An own thread with [0/1] & [1/1] mails for each LTS branch or e.g. replying to this thread with a patch for each of the LTS branches? If you don't agree I won't send those mails which is also fine. Thanks, Alex
