search

seccomp / libseccomp

The main libseccomp repository
GNU Lesser General Public License v2.1
810 stars 173 forks source link

Q: time schedule for the release of 2.6.0 #429

Closed Dandan336 closed 6 months ago

Dandan336 commented 6 months ago

Dear maintainers,

Compiling the libseccomp 2.5.5-1 failed for loong64 in the Debian Package Auto-Building environment. The reason is the lack of loongarch64 support in libseccomp source package. The full build log can be found at https://buildd.debian.org/status/logs.php?pkg=libseccomp&ver=2.5.5-1&arch=loong64

On 6 Sep, 2023, I have submitted bug to Debian BTS for libseccomp 2.5.4. Request for adding loongarch support in libseccomp source package. please see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051323.

The maintainer of source package replied with the following message,

That's quite a large set of changes and they don't apply cleanly against v2.5.4.
Therefore I'd prefer to wait until upstream has released v2.6.0 with LoongArch support.

For Debian source packages, upstream release with loongarch support is a better option.

As we known, the support for loongarch has been merged into v2.6.0. I would like to ask when v2.6.0 will be released. Your opinions are welcome.

Thanks.

rusty-snake commented 6 months ago

https://github.com/seccomp/libseccomp/issues/417#issuecomment-1775998246

We track our release planning using GH milestones: https://github.com/seccomp/libseccomp/milestones

Also, please see https://github.com/seccomp/libseccomp/issues/406#issuecomment-1723453655

https://github.com/seccomp/libseccomp/issues/406#issuecomment-1722313713

hree new syscalls since than already on v6.6-rc1 (cachestat (since 6.5), fchmodat2, and map_shadow_stack) can you add them with a minor release?

https://github.com/seccomp/libseccomp/issues/406#issuecomment-1723453655

We are working on a minor release, although there is not set date yet so please don't ask ;)

^ Which is the 2.5.5 release

pcmoore commented 6 months ago

Closing with the comment above.

lf- commented 3 months ago

My feedback then is that the release planning process does not work for us. We are going to have to depend on memfd (in lieu of the far more sensible seccomp_export_bpf_mem) to work around #390 not making it into an official release in two years.

I have written the release engineering for the project using this and I respect that releases are fundamentally very hard, and that we have much more ability to just drop ancient distros and avoid backports than libseccomp does, but it's frustrating that there's not more frequent releases with new functionality available, and I imagine it probably causes support burden in itself.

Thank you for developing this library though! It definitely reduces the complexity of setting up filters.