Currently, linux kernel 2.6.18 is used for Xen 3.1.x. Would it be possible (or advisable) to make kernel 2.6.18.8 the default for Xen 3.1.3 - just as it was done with the Xen 3.0.x branch and kernels like 2.6.16.26 & 2.6.16.33? There are quite a few security (and regular) bugs fixed in the 2.6.18.x point releases. Thanks. -- Joshua West Systems Engineer Brandeis University http://www.brandeis.edu _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Feel free to submit a patch that throws the upgrade to .8 into the kernel''s patches/ directory, within the 3.1-testing repository. -- Keir On 15/1/08 19:32, "Joshua West" <jwest@brandeis.edu> wrote:> Currently, linux kernel 2.6.18 is used for Xen 3.1.x. > > Would it be possible (or advisable) to make kernel 2.6.18.8 the default > for Xen 3.1.3 - just as it was done with the Xen 3.0.x branch and > kernels like 2.6.16.26 & 2.6.16.33? There are quite a few security (and > regular) bugs fixed in the 2.6.18.x point releases. > > Thanks._______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi; 15 Oca 2008 Sal tarihinde, Joshua West şunları yazmıştı:> Currently, linux kernel 2.6.18 is used for Xen 3.1.x. > > Would it be possible (or advisable) to make kernel 2.6.18.8 the default > for Xen 3.1.3 - just as it was done with the Xen 3.0.x branch and > kernels like 2.6.16.26 & 2.6.16.33? There are quite a few security (and > regular) bugs fixed in the 2.6.18.x point releases.As i wrote long ago to list, just upgrading to plain .8 not solves all security related issues of 2.6.18.x kernels, for example Pardus Xen packages currently top on .8 and we still have lots of CVEish patches in our package [1]. Please do not misunderstand but i really recommend stick with your distro packages instead of xensource provided ones if you care about security. [1] http://svn.pardus.org.tr/pardus/devel/kernel-xen/dom0/kernel-dom0/files/CVE/ http://svn.pardus.org.tr/pardus/devel/kernel-xen/domU/kernel-domU/files/CVE/ Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi Keir; 15 Oca 2008 Sal tarihinde, Keir Fraser şunları yazmıştı:> Feel free to submit a patch that throws the upgrade to .8 into the kernel''s > patches/ directory, within the 3.1-testing repository.Although needed modifications are simple, resulting patch is quite big (214 K). So what i did is follows; After applying this; diff -r 0918b4bbffbb buildconfigs/mk.linux-2.6-xen --- a/buildconfigs/mk.linux-2.6-xen Tue Jan 15 11:19:14 2008 +0000 +++ b/buildconfigs/mk.linux-2.6-xen Wed Jan 16 14:53:41 2008 +0200 @@ -1,5 +1,5 @@ LINUX_SERIES = 2.6 LINUX_SERIES = 2.6 -LINUX_VER = 2.6.18 +LINUX_VER = 2.6.18.8 EXTRAVERSION ?= xen and that diff -r 0918b4bbffbb patches/linux-2.6.18/series --- a/patches/linux-2.6.18/series Tue Jan 15 11:19:14 2008 +0000 +++ b/patches/linux-2.6.18/series Wed Jan 16 14:54:51 2008 +0200 @@ -7,7 +7,6 @@ i386-mach-io-check-nmi.patch i386-mach-io-check-nmi.patch net-csum.patch net-gso-5-rcv-mss.patch -net-gso-6-linear-segmentation.patch pmd-shared.patch rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch xen-hotplug.patch # hg rm patches/linux-2.6.18/net-gso-6-linear-segmentation.patch and # hg mv patches/linux-2.6.18/ patches/linux-2.6.18.8 is enough to update .8 if i''m not missing something else. Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Where does the 2.6.18.8 patch itself come from, and where do you place it in the patches series file? -- Keir On 16/1/08 12:56, "S.Çağlar Onur" <caglar@pardus.org.tr> wrote:> Hi Keir; > > 15 Oca 2008 Sal tarihinde, Keir Fraser şunları yazmıştı: >> Feel free to submit a patch that throws the upgrade to .8 into the kernel''s >> patches/ directory, within the 3.1-testing repository. > > Although needed modifications are simple, resulting patch is quite big (214 > K). So what i did is follows; > > After applying this; > > diff -r 0918b4bbffbb buildconfigs/mk.linux-2.6-xen > --- a/buildconfigs/mk.linux-2.6-xen Tue Jan 15 11:19:14 2008 +0000 > +++ b/buildconfigs/mk.linux-2.6-xen Wed Jan 16 14:53:41 2008 +0200 > @@ -1,5 +1,5 @@ LINUX_SERIES = 2.6 > LINUX_SERIES = 2.6 > -LINUX_VER = 2.6.18 > +LINUX_VER = 2.6.18.8 > > EXTRAVERSION ?= xen > > and that > > diff -r 0918b4bbffbb patches/linux-2.6.18/series > --- a/patches/linux-2.6.18/series Tue Jan 15 11:19:14 2008 +0000 > +++ b/patches/linux-2.6.18/series Wed Jan 16 14:54:51 2008 +0200 > @@ -7,7 +7,6 @@ i386-mach-io-check-nmi.patch > i386-mach-io-check-nmi.patch > net-csum.patch > net-gso-5-rcv-mss.patch > -net-gso-6-linear-segmentation.patch > pmd-shared.patch > rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch > xen-hotplug.patch > > # hg rm patches/linux-2.6.18/net-gso-6-linear-segmentation.patch > > and > > # hg mv patches/linux-2.6.18/ patches/linux-2.6.18.8 > > is enough to update .8 if i''m not missing something else. > > Cheers_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi; 16 Oca 2008 Çar tarihinde şunları yazmıştınız:> Where does the 2.6.18.8 patch itself come from, and where do you place it > in the patches series file? > > -- KeirI bumped the neededed LINUX_VER from 2.6.18 to 2.6.18.8 instead of using 2.6.18.8 patch, so it fetches 2.6.18.8 tarball. Do you prefer using incremantal patch instead of tarball? Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On 16/1/08 13:25, "S.Çağlar Onur" <caglar@pardus.org.tr> wrote:> 16 Oca 2008 Çar tarihinde şunları yazmıştınız: >> Where does the 2.6.18.8 patch itself come from, and where do you place it >> in the patches series file? >> >> -- Keir > > I bumped the neededed LINUX_VER from 2.6.18 to 2.6.18.8 instead of using > 2.6.18.8 patch, so it fetches 2.6.18.8 tarball. Do you prefer using > incremantal patch instead of tarball?Oh, my mistake. It''s fine as-is then! -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
I get a build failure in mm/page_alloc.c. Probably some files in the sparse tree need updating with .8 changes? -- Keir On 16/1/08 12:56, "S.Çağlar Onur" <caglar@pardus.org.tr> wrote:> Hi Keir; > > 15 Oca 2008 Sal tarihinde, Keir Fraser şunları yazmıştı: >> Feel free to submit a patch that throws the upgrade to .8 into the kernel''s >> patches/ directory, within the 3.1-testing repository. > > Although needed modifications are simple, resulting patch is quite big (214 > K). So what i did is follows; > > After applying this; > > diff -r 0918b4bbffbb buildconfigs/mk.linux-2.6-xen > --- a/buildconfigs/mk.linux-2.6-xen Tue Jan 15 11:19:14 2008 +0000 > +++ b/buildconfigs/mk.linux-2.6-xen Wed Jan 16 14:53:41 2008 +0200 > @@ -1,5 +1,5 @@ LINUX_SERIES = 2.6 > LINUX_SERIES = 2.6 > -LINUX_VER = 2.6.18 > +LINUX_VER = 2.6.18.8 > > EXTRAVERSION ?= xen > > and that > > diff -r 0918b4bbffbb patches/linux-2.6.18/series > --- a/patches/linux-2.6.18/series Tue Jan 15 11:19:14 2008 +0000 > +++ b/patches/linux-2.6.18/series Wed Jan 16 14:54:51 2008 +0200 > @@ -7,7 +7,6 @@ i386-mach-io-check-nmi.patch > i386-mach-io-check-nmi.patch > net-csum.patch > net-gso-5-rcv-mss.patch > -net-gso-6-linear-segmentation.patch > pmd-shared.patch > rename-TSS_sysenter_esp0-SYSENTER_stack_esp0.patch > xen-hotplug.patch > > # hg rm patches/linux-2.6.18/net-gso-6-linear-segmentation.patch > > and > > # hg mv patches/linux-2.6.18/ patches/linux-2.6.18.8 > > is enough to update .8 if i''m not missing something else. > > Cheers_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi; 16 Oca 2008 Çar tarihinde, Keir Fraser şunları yazmıştı:> I get a build failure in mm/page_alloc.c. Probably some files in the sparse > tree need updating with .8 changes?Yep, sorry for not seeing before (i''m building right now), following solves this issue; diff -r 0918b4bbffbb linux-2.6-xen-sparse/mm/page_alloc.c --- a/linux-2.6-xen-sparse/mm/page_alloc.c Tue Jan 15 11:19:14 2008 +0000 +++ b/linux-2.6-xen-sparse/mm/page_alloc.c Wed Jan 16 16:21:45 2008 +0200 @@ -2030,7 +2030,7 @@ static void __meminit free_area_init_cor zone->zone_pgdat = pgdat; zone->free_pages = 0; - zone->temp_priority = zone->prev_priority = DEF_PRIORITY; + zone->prev_priority = DEF_PRIORITY; zone_pcp_init(zone); INIT_LIST_HEAD(&zone->active_list); Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Is this the *only* change in the .8 patch that affects any sparse tree file? -- Keir On 16/1/08 14:22, "S.Çağlar Onur" <caglar@pardus.org.tr> wrote:> Hi; > > 16 Oca 2008 Çar tarihinde, Keir Fraser şunları yazmıştı: >> I get a build failure in mm/page_alloc.c. Probably some files in the sparse >> tree need updating with .8 changes? > > Yep, sorry for not seeing before (i''m building right now), following solves > this issue; > > diff -r 0918b4bbffbb linux-2.6-xen-sparse/mm/page_alloc.c > --- a/linux-2.6-xen-sparse/mm/page_alloc.c Tue Jan 15 11:19:14 2008 +0000 > +++ b/linux-2.6-xen-sparse/mm/page_alloc.c Wed Jan 16 16:21:45 2008 +0200 > @@ -2030,7 +2030,7 @@ static void __meminit free_area_init_cor > zone->zone_pgdat = pgdat; > zone->free_pages = 0; > > - zone->temp_priority = zone->prev_priority = DEF_PRIORITY; > + zone->prev_priority = DEF_PRIORITY; > > zone_pcp_init(zone); > INIT_LIST_HEAD(&zone->active_list); > > Cheers_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi; 16 Oca 2008 Çar tarihinde, Keir Fraser şunları yazmıştı:> Is this the *only* change in the .8 patch that affects any sparse tree > file? > > -- KeirI''ll check again ASAP, by the way what i do is like that, if its wrong please yell. First i use 2.6.18 as a base with current sparse tree and generate a Xen patches tree. After that, i tried to patch this tree with 2.6.18.8 patch and check .rej files against sparse tree history to decide whether its needed or not etc. Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Wed, 2008-01-16 at 16:50 +0200, S.Çağlar Onur wrote:> Hi; > > 16 Oca 2008 Çar tarihinde, Keir Fraser şunları yazmıştı: > > Is this the *only* change in the .8 patch that affects any sparse tree > > file? > > > > -- Keir > > I''ll check again ASAP, by the way what i do is like that, if its wrong please > yell. > > First i use 2.6.18 as a base with current sparse tree and generate a Xen > patches tree. > > After that, i tried to patch this tree with 2.6.18.8 patch and check .rej > files against sparse tree history to decide whether its needed or not etc.That''s only half the story since that will only catch bits of the 2.6.18.8 patch which conflict with patches in the sparse tree. You also need to use lsdiff or diffstat to determine which files are patched by the 2.6.18.8 patch and then determine which of those are also present in the sparse tree. Those are the files you then need to update in the sparse tree otherwise the 2.6.18.8 patch will effectively be reverted when the sparse tree is applied. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi; 16 Oca 2008 Çar tarihinde, Ian Campbell şunları yazmıştı:> That''s only half the story since that will only catch bits of the > 2.6.18.8 patch which conflict with patches in the sparse tree. > > You also need to use lsdiff or diffstat to determine which files are > patched by the 2.6.18.8 patch and then determine which of those are also > present in the sparse tree. Those are the files you then need to update > in the sparse tree otherwise the 2.6.18.8 patch will effectively be > reverted when the sparse tree is applied.Got it and working on it, thanks :) Cheers -- S.Çağlar Onur <caglar@pardus.org.tr> http://cekirdek.pardus.org.tr/~caglar/ Linux is like living in a teepee. No Windows, no Gates and an Apache in house! _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel