Linux 4.14-rc7 No Longer Clashes With AppArmor To Break Networking
With this weekend's Linux 4.14-rc7 kernel release, Linus Torvalds has reverted the AppArmor change that caused all these issues in the first place.
This issue has affected the mainline kernel for about one month in Git, but the developer causing the change refused to acknowledge it as a regression in the kernel. Linus wrote:
Stop gthis f*cking idiocy already!Linus ended up personally reverting that problematic commit, so 4.14-rc7 is indeed running happily on my Ubuntu/Debian systems with AppArmor enabled.
As far as the kernel is concerned, a regressions is THE KERNEL NOT GIVING THE SAME END RESULT WITH THE SAME USER SPACE.
The regression was in the kernel. You trying to shift the regressions somewhere else is bogus SHIT.
And seriously, it's the kind of garbage that makes me think your opinion and your code cannot be relied on.
If you are not willing to admit that your commit 651e28c5537a ("apparmor: add base infastructure for socket mediation") caused a regression, then honestly, I don't want to get commits from you.
It's that simple.
I'm *very* unhappy with the security layer as is, the last thing I want to see is some security layer developer that then goes on to try to re-define was regression means.
If you break existing user space setups THAT IS A REGRESSION.
It's not ok to say "but we'll fix the user space setup".
Really. NOT OK.
I think I will have to revert that garbage, for the simple reason that I refuse to have code in the kernel from maintainers that cannot even understand the first rule of kernel development.
The first rule is:
- we don't cause regressions
and the corollary is that when regressions *do* occur, we admit to them and fix them, instead of blaming user space.
The fact that you have apparently been denying the regression now for three weeks means that I will revert, and I will stop pulling apparmor requests until the people involved understand how kernel development is done.