Re: [GIT PULL] Audit patches for 4.5

From: Paul Moore
Date: Wed Jan 13 2016 - 11:24:35 EST

Next message: Michael S. Tsirkin: "Re: [PATCH 3/4] x86,asm: Re-work smp_store_mb()"
Previous message: Marc Kleine-Budde: "Re: dynamic ftrace/recordmcount.c problem on ARMv5"
In reply to: Stephen Rothwell: "Re: [GIT PULL] Audit patches for 4.5"
Next in thread: Stephen Rothwell: "Re: [GIT PULL] Audit patches for 4.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, January 14, 2016 02:03:25 AM Stephen Rothwell wrote:
> Hi Paul,
>
> On Wed, 13 Jan 2016 09:29:55 -0500 Paul Moore <pmoore@xxxxxxxxxx> wrote:
> > The following changes since commit afd2ff9b7e...:
> > Linux 4.4 (2016-01-10 15:01:32 -0800)
> >
> > are available in the git repository at:
> > git://git.infradead.org/users/pcmoore/audit upstream
>
> This has all been rebased onto v4.4 (and all the author dates changed) :-(
>
> And your "next" branch hasn't been updated to match :-(

Hi Stephen,

In December I made some changes to how I manage the SELinux and audit trees:

* https://www.redhat.com/archives/linux-audit/2015-December/msg00019.html

... I will readily admit it isn't a perfect system, in fact it is a step back
in some areas, but the changes make it easier for me to get pre-built kernel
packages to users who are interested in testing the bleeding edge (the Fedora
COPR repository, see below) and it helps me keep up with weekly testing of
both the -rcX kernel releases and the changes in the SELinux and audit trees.
One of the things I've been trying to work on lately is better, more
automated, testing of the SELinux and audit bits in the Linux kernel;
unfortunately, some things have had to change a little to help make this
happen, but I think the more frequent testing outweighs any disadvantages.

The date change is likely a result of moving the patches from audit#next to
audit#upstream as part of the process mentioned above. I haven't updated
audit#next yet because I know you try to keep linux-next quiet until -rc1 is
released; if that has changed let me know and I'll be happy to update
audit#next. Also, if you have any suggestions on how to improve my process,
I'm always open to new ideas.

For reference, the Fedora COPR repository can be found below, it was announced
back in November, but only to the relevant lists. Anyone is welcome to give
the kernels a try (instructions are provided) and report any problems they
find. I tend to push out an update at least once a week to coincide with the
new -rcX release, although the exact day varies due to merge conflicts, build
problems, etc.

* https://copr.fedoraproject.org/coprs/pcmoore/kernel-secnext

Eventually I'd like to do something similar for Debian, Gentoo, distro du
juor, etc. (I'm hoping if I lower the barrier for testing, more people will
give it a try) but I'm starting with Fedora Rawhide to get the kinks worked
out and improve my automation.

-Paul

--
paul moore
security @ redhat

Next message: Michael S. Tsirkin: "Re: [PATCH 3/4] x86,asm: Re-work smp_store_mb()"
Previous message: Marc Kleine-Budde: "Re: dynamic ftrace/recordmcount.c problem on ARMv5"
In reply to: Stephen Rothwell: "Re: [GIT PULL] Audit patches for 4.5"
Next in thread: Stephen Rothwell: "Re: [GIT PULL] Audit patches for 4.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]