On Thu, Jun 01, 2023 at 02:39:00PM -0400, Paul Moore wrote: > On Thu, Jun 1, 2023 at 11:51 AM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > On Thu, Jun 01, 2023 at 10:56:24AM -0400, Paul Moore wrote: > > > On Thu, Jun 1, 2023 at 9:20 AM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > On Thu, Jun 01, 2023 at 09:13:21AM -0400, Luiz Capitulino wrote: > > > > > > ... > > > > > > > > Yes. I'm reporting this here because I'm more concerned with -stable kernels since > > > > > they're more likely to be running on older user-space. > > > > > > > > Yeah, we are bug-compatible! :) > > > > > > While I really don't want to go back into the old arguments about what > > > does, and does not, get backported to -stable, I do want to ask if > > > there is some way to signal to the -stable maintainers that a patch > > > should not be backported? Anything coming from the LSM, SELinux, or > > > audit trees that I believe should be backported is explicitly marked > > > with a stable@vger CC, as documented in stable-kernel-rules.rst, > > > however it is generally my experience that patches with a 'Fixes:' tag > > > are generally pulled into the -stable releases as well. > > > > Really? > > Yes, really. > > > Right now we HAVE to pick up the Fixes: tagged commits in those > > subsystems as you are missing lots of real fixes. > > This starts to bring us back to the old argument about what is > appropriate for -stable, but I've been sticking as close as possible > to what is documented in stable-kernel-rules.rst which (ignoring > things like HW enablement) advises that only patches which fix build > issues or "serious issues" should be considered for -stable. I > consider every bug fix that goes into the LSM, SELinux, and audit > trees to see if it meets those criteria, if it does I mark it with a > -stable tag, if not I leave the -stable tag and ensure it carries a > 'Fixes:' tag if it makes sense and an appropriate root-cause commit is > identified. > > We definitely have different opinions on where the -stable bug fix > threshold lies. I am of the opinion that every -stable backport > carries risk, and I consider that when deciding if a commit should be > marked for -stable. I do not believe that every bug fix, or every > commit with a 'Fixes:' tag, should be backported to -stable. Ok, I'll not argue here, but it feels like there is a lack of changes for some of these portions of the kernel that end up in stable kernels. I'll trust you on this. So, can I get a directory list or file list of what we should be ignoring for the AUTOSEL and "Fixes: only" tools to be ignoring? thanks, greg k-h
