Hello Kyle, or anyone else affected, Accepted linux-mako into wily-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/linux- mako/3.4.0-7.41~15.10.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-mako in Ubuntu. https://bugs.launchpad.net/bugs/1509489 Title: [SRU] seccomp filters backport for Mako Status in linux-mako package in Ubuntu: Fix Released Status in linux-mako source package in Vivid: Fix Committed Status in linux-mako source package in Wily: Fix Committed Status in linux-mako source package in Xenial: Fix Released Bug description: [Impact] * The snappy confinement model utilizes both apparmor and seccomp filters, and while the former is supported by the phone kernel, the latter is not. Snappy cannot be used on the mako, krillin, or vegetahd without seccomp filters being backported. [Test Case] * Run the tests located here: http://kernel.ubuntu.com/git/kyrofa/ubuntu- vivid.git/tree/tools/testing/selftests/seccomp?h=backport_seccomp_filters&id=555777b2449cb4a69604998e8550001231a0f6af They will fail without this change. [Regression Potential] * Potential AppArmor regression regarding its use of no_new_privs, since it was previously a fake implementation to facilitate the v3 backport. [Other Info] * Backport is from mainline. * Backport only includes seccomp filters introduced in v3.5 (e.g. does not include syscall or tsync). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-mako/+bug/1509489/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp