On Wed, Jun 28, 2023 at 2:33 PM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > On Thu, Jun 01, 2023 at 02:39:00PM -0400, Paul Moore wrote: ... > > We definitely have different opinions on where the -stable bug fix > > threshold lies. I am of the opinion that every -stable backport > > carries risk, and I consider that when deciding if a commit should be > > marked for -stable. I do not believe that every bug fix, or every > > commit with a 'Fixes:' tag, should be backported to -stable. > > Ok, I'll not argue here, but it feels like there is a lack of changes > for some of these portions of the kernel that end up in stable kernels. > I'll trust you on this. I don't know what to say here ... aside from the previously discussed difference of opinion regarding stable tags, we just haven't had many bad bugs in the LSM layer, SELinux, or audit the past few years. I'd like to claim better code, better review, yadda yadda but in reality I'm sure it's just dumb luck. > So, can I get a directory list or file list of what we should be > ignoring for the AUTOSEL and "Fixes: only" tools to be ignoring? I've been trying to ensure that the files/directories entries in MAINTAINERS are current, so that is probably as good a place as any to pull that info. Do the stable tools use that info already? In other words, if we update the entries in MAINTAINERS should we also notify you guys, or will you get it automatically? Regardless, here is a list: * Audit include/asm-generic/audit_*.h include/linux/audit.h include/linux/audit_arch.h include/uapi/linux/audit.h kernel/audit* lib/*audit.c * LSM layer security/ (NOTE: the individual sub-dirs under security/ belong to the individual LSMs, not the LSM layer) * SELinux include/trace/events/avc.h include/uapi/linux/selinux_netlink.h scripts/selinux/ security/selinux/ -- paul-moore.com