---------------------------------------- From: Carsten Mattner <carstenmattner@gmail.com> Sent: Mon Sep 10 20:07:23 CEST 2018 To: Geo Kozey <geokozey@mailfence.com>, General Discussion about Arch Linux <arch-general@archlinux.org> Cc: Levente Polyak <anthraxx@archlinux.org> Subject: Re: [arch-general] AppArmor support
On 9/10/18, Geo Kozey via arch-general <arch-general@archlinux.org> wrote:
Of course I don't report issues with linux-hardened patch itself upstream.
Correct me if I'm wrong, but does that mean you first try to repro with vanilla and fall back to reporting to -hardened if it's not present in Linus' tree?
No, I meant build warnings, build failures or merge conflicts which can be directly attributed to linux-hardened patch. Honestly I don't remember real kernel bugs caused by linux-hardened patchset perhaps because it's rather tiny (100 times smaller than last grsecurity patch was) and not that invasive. CONFIG_FORTIFY_SOURCE_STRICT_STRING can find bugs which aren't visible in vanillia but there are still upstream bugs not linux-hardened and can be reported upstream. Yours sincerely G. K.