FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Kernel

 
 
LinkBack Thread Tools
 
Old 03-13-2012, 03:33 PM
John Johansen
 
Default Bug#661151: Bug#661151: linux-2.6: lacks AppArmor kernel/userspace interface

On 02/24/2012 08:40 AM, intrigeri wrote:
> Ben Hutchings wrote (24 Feb 2012 16:06:16 GMT) :
>> Where can I find the patch?
>
> Kees and Ubuntu AppArmor developers: can you please confirm the
> patches that the Debian kernel team should consider for supporting the
> AppArmor "legacy interface" would be the ones found in the
> kernel-patches/$LATEST/ directory of the apparmor 2.7.x tarball?
>
> Or have you got updated patches, e.g. for Linux 3.2.x, published
> somewhere to be found?
>
sorry I missed this,

yes you can pull them out of the tarball, or from the ubuntu kernel
tree.

You will also be able to pull them from the git tree at
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor.git

though I still need to restore them as the tree got wiped after the
kernel.org breakin.

There are also a new set of patches available against the 3.3 kernel.
The static parts of the interface have been updated and pushed into
the 3.4 kernel. And the goal is to get the other part into the 3.5
kernel (still a wip). Though those will require a more recent userspace.

If someone will let me know what is desired I will set up a tree with
patches pre-applied.



--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4F5F76F1.6010109@canonical.com">http://lists.debian.org/4F5F76F1.6010109@canonical.com
 
Old 03-14-2012, 09:24 AM
intrigeri
 
Default Bug#661151: Bug#661151: linux-2.6: lacks AppArmor kernel/userspace interface

Hi,

John Johansen wrote (13 Mar 2012 16:33:53 GMT) :
> sorry I missed this,

Thank you, John, for your answers

> yes you can pull them out of the tarball,

That would be 0002-AppArmor-compatibility-patch-for-v5-interface.patch
that can be found in the kernel-patches/$LATEST/ directory of the
apparmor Debian source package. Given $LATEST == 3.1 currently, see
bellow for the Ubuntu patches that were maybe refreshed.

John, do you confirm this patch does not depend on any of the
two others?

(namely:
0001-AppArmor-compatibility-patch-for-v5-network-controll.patch and
0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch)

> or from the ubuntu kernel tree.

I guess that would be
http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-precise.git;a=commit;h=56f928f0cbf810c047a9a72e4e5 c4840800437ec

John, please correct me if I did not guess right.

> There are also a new set of patches available against the 3.3
> kernel. The static parts of the interface have been updated and
> pushed into the 3.4 kernel. And the goal is to get the other part
> into the 3.5 kernel (still a wip).

John: I guess the Linux 3.2 kernel shipped in Precise will carry those
patches, and this is why the v5 compat' patches got recently reverted
in Precise's kernel tree, right?

> Though those will require a more recent userspace.

John: that will be called 2.8, right?

Regards,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc



--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 857gynbhu2.fsf@boum.org">http://lists.debian.org/857gynbhu2.fsf@boum.org
 
Old 03-14-2012, 09:35 AM
John Johansen
 
Default Bug#661151: Bug#661151: linux-2.6: lacks AppArmor kernel/userspace interface

On 03/14/2012 03:24 AM, intrigeri wrote:
> Hi,
>
> John Johansen wrote (13 Mar 2012 16:33:53 GMT) :
>> sorry I missed this,
>
> Thank you, John, for your answers
>
>> yes you can pull them out of the tarball,
>
> That would be 0002-AppArmor-compatibility-patch-for-v5-interface.patch
> that can be found in the kernel-patches/$LATEST/ directory of the
> apparmor Debian source package. Given $LATEST == 3.1 currently, see
> bellow for the Ubuntu patches that were maybe refreshed.
>
> John, do you confirm this patch does not depend on any of the
> two others?
>
It does not but there may be a small conflict or two to resolve if
0001-AppArmor-compatibility-patch-for-v5-network-controll.patch is not
applied first.

If it doesn't apply cleanly I will be happy to update it for you.

> (namely:
> 0001-AppArmor-compatibility-patch-for-v5-network-controll.patch and
> 0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch)
>
>> or from the ubuntu kernel tree.
>
> I guess that would be
> http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-precise.git;a=commit;h=56f928f0cbf810c047a9a72e4e5 c4840800437ec
>
> John, please correct me if I did not guess right.
>
You are right

>> There are also a new set of patches available against the 3.3
>> kernel. The static parts of the interface have been updated and
>> pushed into the 3.4 kernel. And the goal is to get the other part
>> into the 3.5 kernel (still a wip).
>
> John: I guess the Linux 3.2 kernel shipped in Precise will carry those
> patches, and this is why the v5 compat' patches got recently reverted
> in Precise's kernel tree, right?
>
correct

>> Though those will require a more recent userspace.
>
> John: that will be called 2.8, right?
>
correct. The 2.8 userspace release will ship with precise and will be
compatible with both the older and newer kernel interfaces.



--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4F607461.6020308@canonical.com">http://lists.debian.org/4F607461.6020308@canonical.com
 
Old 03-14-2012, 10:16 AM
intrigeri
 
Default Bug#661151: Bug#661151: linux-2.6: lacks AppArmor kernel/userspace interface

Hi,

John Johansen wrote (14 Mar 2012 10:35:13 GMT) :
>>> There are also a new set of patches available against the 3.3
>>> kernel. The static parts of the interface have been updated and
>>> pushed into the 3.4 kernel. And the goal is to get the other part
>>> into the 3.5 kernel (still a wip).

>> John: I guess the Linux 3.2 kernel shipped in Precise will carry
>> those patches, and this is why the v5 compat' patches got recently
>> reverted in Precise's kernel tree, right?
>>
> correct

If the Debian kernel team was willing to carry some kind of AppArmor
kernel/userspace interface patch, I'm now unsure if the old or new
ones would be better suited. (I assume AppArmor 2.8 is released long
enough before the Wheezy freeze, so that we can ship it in there, and
are given this choice.)

On the one hand, the old compat' patches are confidence inspiring, as
they are small and have been shipped by Ubuntu for a while.

On the other hand, it seems the new patches are being upstreamed,
which makes them more appealing somehow than the older ones.

John, I think it would help if you could please point us more
precisely to the commits of the new interface that have been
upstreamed already, and to the ones that have not been, so that we can
get a rough idea of where things are at.

Kees, others, what do you think?

Regards,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| The impossible just takes a bit longer.



--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 85r4wva0vw.fsf@boum.org">http://lists.debian.org/85r4wva0vw.fsf@boum.org
 

Thread Tools




All times are GMT. The time now is 01:12 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org