Re: regression in 4.14-rc2 caused by apparmor: add base infastructure for socket mediation

[James Morris]

On Thu, 26 Oct 2017, Linus Torvalds wrote:

> On Thu, Oct 26, 2017 at 8:54 PM, James Morris <james.l.morris@xxxxxxxxxx> wrote:
> > On Thu, 26 Oct 2017, Linus Torvalds wrote:
> >
> >> I'm *very* unhappy with the security layer as is
> >
> > What are you unhappy with?
> 
> We had two big _fundamental_ problems this merge window:
> 
>  - untested code that clearly didn't do what it claimed it did, and
> which caused me to not even accept the main pull request
> 
>  - apparmor code that had a regression, where it took three weeks for
> that regression to be escalated to me simply because the developer was
> denying the regression.
> 
> Tell me why I *shouldn't* be unhappy with the security layer?
> 
> I shouldn't be in the situation where I start reviewing the code and
> go "that can't be right".
> 
> And I *definitely* shouldn't be in the situation where I need to come
> in three weeks later and tell people what a regression is!

Agreed on both counts, and sorry for these problems.

-- 
James Morris
<james.l.morris@xxxxxxxxxx>