Pkg xen devel - Sep 2016 - Help wanted with Debian Xen packages ?

On 31.08.2016 10:43, Stefan Bader wrote:
> On 30.08.2016 18:56, Ian Jackson wrote:
>> Hi.  I've been looking at the BTS and PTS and security tracker, and
it
>> looks like maybe you could do with some help ?
>>
>> Issues I noticed include:
>>
>>  * 4.7, the latest Xen upstream release, is not in sid
> 
> If it is of any help, I did some initial work with 4.7[1]. You would have
to
> work around some distro specific things but I tried to keep them at a
minimum.
> Some things might be useful (like starting qemu for dom0, having xenstored
in
> its own sysvinit file. the sysvinit dependency hinting). One thing I still
have
> to fix is to have abiname style changes for the new libs.
FWIW, I think I got the library naming cleaned up now (~rc5). Slightly different
approach as I had to either keep the major.minor .so versions (I believe because
of the map files) or libvirt would fail to compile against the xen lib.

-Stefan
> 
> -Stefan
> 
> 
> [1] https://launchpad.net/~smb/+archive/ubuntu/xen/+packages
>>
>>  * Even leaving that aside, sid doesn't seem to have all the
security
>>    fixes which ought to be expected.
>>
>>  * The BTS could do with a bit of gardening, perhaps.
>>
>> Please let me know what, if anything, you think you would like help
>> with.
>>
>> FYI I also looked at security-tracker.debian.org pages for all the
>> unfixed vulnerabilities in wheezy and jessie, and I think the
>> decisions not to backport those fixes are reasonable in each case.
>>
>> Thanks,
>> Ian.
>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20160831/b9f668ed/attachment.sig>

Stefan Bader writes ("Re: [Pkg-xen-devel] Help wanted with Debian Xen
packages ?"):
> FWIW, I think I got the library naming cleaned up now
> (~rc5). Slightly different approach as I had to either keep the
> major.minor .so versions (I believe because of the map files) or
> libvirt would fail to compile against the xen lib.
I haven't looked at this but it sounds annoying.

Xen 4.8 is freezing RSN.  I would like to get Xen 4.8 into stretch.  I
think we should probably be aiming to upload a lateish Xen 4.8 RC into
stretch when it comes out.  Xen 4.8.0 will have been out for a while
by the Debian soft freeze in January.  Getting 4.8 into sid and
stretch will also mean that the recent security vulnerabilities will
be fixed; currently stretch is in rather poor shape.

Ian.

On 27.09.2016 17:07, Ian Jackson wrote:
> Stefan Bader writes ("Re: [Pkg-xen-devel] Help wanted with Debian Xen
packages ?"):
>> FWIW, I think I got the library naming cleaned up now
>> (~rc5). Slightly different approach as I had to either keep the
>> major.minor .so versions (I believe because of the map files) or
>> libvirt would fail to compile against the xen lib.
> 
> I haven't looked at this but it sounds annoying.
Though I would not say I am very proficient in this area, it feels like the
soversioning and map files are moves into a better direction. The existing ones
which get renamed and drop the soversion were just using the Xen version for
that, regardless of what functions were kept or changed. The new ones seem to go
for soversions that change only when the api changes.

So having the rename plus keeping the soversion of the new libs felt like the
best compromise. The renaming allows to have multiple versions of libxen
installed. Which became more problematic with libxl. Not when only the xen
toolstack is used, but with other packages linking against (one version of) it.
Like libvirt, it will either work or not, depending on which version of the
hypervisor is running and against which version of libxl it got compiled
against.
> 
> Xen 4.8 is freezing RSN.  I would like to get Xen 4.8 into stretch.  I
> think we should probably be aiming to upload a lateish Xen 4.8 RC into
> stretch when it comes out.  Xen 4.8.0 will have been out for a while
> by the Debian soft freeze in January.  Getting 4.8 into sid and
> stretch will also mean that the recent security vulnerabilities will
> be fixed; currently stretch is in rather poor shape.
Yeah, its lagging quite a bit. Moving there will face the same lib issues. Not
sure whether the src deb from my ppa would be a help to start from. Some of the
debian patches will always have to be refreshed manually, but at least some of
the no longer needed ones would be gone from there.
What likely needs better review is some of the new things which I did not pick
for the binary package because they were not used before and nothing seemed to
complain about them missing (like some fsimage lib IIRC).

-Stefan


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20160930/b5048059/attachment.sig>