On Thu, Apr 02, 2026 at 15:07:21 -0500, Wesley Hershberger via Devel wrote:
Hi all,
On Tue, Mar 17, 2026 at 9:07 AM Wesley Hershberger <wesley.hershberger@canonical.com> wrote:
Introduce a read-only `tapfd` element for direct interfaces (macvtap),
...
--- Resending this patch as I've not recieved a response on my previous submission. Fixed the bug URL in the commit message as I missed that feedback item on my last mail.
...
It has now been two months since I submitted the v2 of this patch in response to feedback; I haven't received any response to it or the two follow-up mails since. I acknowledge that
I'm sorry it slipped through my review queue.
AppArmor is not the project's highest priority and that this is not the most palatable change, but it would be helpful for us to have some indication if there is
Priority or not, all patches are welcome. But patches need reviews. We do want to encourage anyone to review patches, even partially. I see you've CC'd some colleagues, encourage them to send review, it might get noticed.
*not* willingness to merge this patch. As it is, I'm left guessing at what the remaining concerns might be.a
I'll reply inline in the patch.
There was a (very valid) point raised (several times) regarding the way that the driver AppArmor manages state (it doesn't), but I don't have the capacity to fix that problem in any kind of comprehensive way. I'm happy to address any additional feedback on this patch, but it is my sense that this solution meets the requirements for non-user-visibility described in the original thread [1] and improves the situation WRT the bug in question.
It does.
Please let me know what the remaining blockers are so that I can address them.
Thanks for your understanding, ~Wesley Hershberger Canonical Support
[1] https://www.mail-archive.com/devel@lists.libvirt.org/msg07884.html