[Ksummit-discuss] [MAINTAINERS SUMMIT] Handling of embargoed security issues
David Woodhouse
dwmw2 at infradead.org
Fri Sep 7 14:43:03 UTC 2018
On Thu, 2018-09-06 at 13:56 -0700, Linus Torvalds wrote:
>
> A lot of that was that the actual *fixes* were marked for stable, but
> quite often they were preceded by cleanups and other updates that
> didn't actually fix things directly, and that weren't in themselves
> explicitly marked for stable and didn't have a Fixes: tag, because
> they were prep-work.
>
> So we had _several_ nasty regressions in stable that never showed up
> in mainline, because there was some non-obvious dependency that didn't
> cause a merge conflict, but did cause a "this commit needed that other
> commit to work right".
This time round, for L1TF I think we did relatively OK on the stable
backports. The dependencies we were missing were stuff that was just
randomly cleaned up in the intervening kernels.
For example, the 'Simplify p[g4um]d_page() macros' commit (fd7e315988)
start out as *purely* a cosmetic improvement to reduce duplication by
introducing a pgd_pfn() macro.
Some time later, completely unpredicted at the time of that commit, we
came along and made pgd_pfn() do something different. It's *those*
"dependencies" which tend to get missed, and they can't be predicted at
the time of the original commit.
I don't think we did so badly with the commits which were done as
cleanups in preparation for the event itself.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5213 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/attachments/20180907/3ca62210/attachment.bin>
More information about the Ksummit-discuss
mailing list