WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Fwd: [Xen-users] updating kernel

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Fwd: [Xen-users] updating kernel
From: "Henning Sprang" <henning_sprang@xxxxxx>
Date: Tue, 25 Jul 2006 12:46:21 +0200
Delivery-date: Tue, 25 Jul 2006 03:46:44 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=Y5QbhnbAzrINgW6V9b9gHxnk96LXnOsbxlAWBwyGAouXDszwaWT9tsLK5Q7DPkI8MhciLHFepkKLGdEhNs4FTnWdV9vkWP6AvPrOv8xMM122dT2qNFgTX/LHxs0rMQxD6bOQeDESKfrRNzu99p9jXG1Ur+xPnnb20oki7lJPnqY=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20060720074130.GF22122@xxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <44BBF1B2.8080401@xxxxxxxxxx> <5bb00b3f0607190238j104019a0w389eb54e9b0da65a@xxxxxxxxxxxxxx> <20060720074130.GF22122@xxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
An interesting question about how linux kernel security updates get
into xen and how and how fast xen users can expect security problems
in linux will also be fixed in the linux kernels from xensource.

As it seems nobody from xensource or the xen developer community reads
xen-users, so I forward it here:

---------- Forwarded message ----------
From: Dominic Hargreaves <dom@xxxxxxxx>
Date: Jul 20, 2006 9:41 AM
Subject: Re: [Xen-users] updating kernel
To: xen-users@xxxxxxxxxxxxxxxxxxx


On Wed, Jul 19, 2006 at 11:38:46AM +0200, Henning Sprang wrote:

So yes, you have to use the binary packages, or compile each new
version, each new source patch. Additionally, the xen patches are
always made against a specific kernel version. That means, if in
kernel 2.6.16 an issue is found, you most probably have to wait until
the xen developers release a xen patch version for the new, fixed,
upstream kernel.

I'm using the Xen kernel patch from hg9628 (actually what's in
http://svn.debian.org/wsvn/pkg-xen/trunk/patches/linux-2.6.16-xen.patch.gz?op=log&rev=0&sc=0&isdir=0)
with 2.6.16.27 and so far haven't had any problems (the patch applies
with one or two line offsets but otherwise cleanly).

I suspect that there aren't any guarantees, but that the patches will
generally continue to work across new -stable releases. It would be good
to have some official word on compatibility and if there is a preferred
method of tracking upstream security updates.

Cheers,

Dominic.

--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] Fwd: [Xen-users] updating kernel, Henning Sprang <=