[meta-xilinx] security patches in the Linux kernel in the meta-xilinx

Philip Balister philip at balister.org
Fri Jul 4 04:59:06 PDT 2014


On 07/04/2014 02:22 AM, Sona Sarmadi wrote:
> Thanks Nathan for your quick response.
> 
> No problem, we understand and respect your policy. We will keep the security (or other critical) patches we would like to apply/backport to linux-xlnx kernel in our own layer (meta-enea).

Is meta-enea public? (I dont't see it in the layer index) It would be
nice for users of meta-xilinx to have some knowledge of security patches
that apply to the Xilinx kernel.

Philip

> 
> Best regards
> Sona
> 
> -----Original Message-----
> From: Nathan Rossi [mailto:nathan.rossi at xilinx.com] 
> Sent: den 4 juli 2014 06:52
> To: Sona Sarmadi
> Cc: meta-xilinx at lists.yoctoproject.org
> Subject: RE: [meta-xilinx] security patches in the Linux kernel in the meta-xilinx
> 
>> -----Original Message-----
>> From: meta-xilinx-bounces at yoctoproject.org [mailto:meta-xilinx- 
>> bounces at yoctoproject.org] On Behalf Of Sona Sarmadi
>> Sent: Thursday, July 03, 2014 4:01 PM
>> To: meta-xilinx at lists.yoctoproject.org
>> Subject: [meta-xilinx] security patches in the Linux kernel in the 
>> meta- xilinx
>>
>> Hi,
>> My name is Sona Sarmadi and I am responsible for security in Enea Linux.
>>
>> Our goal is to apply security patches to the Linux kernels in our 
>> distribution, in order to test and make the patches available for our 
>> customers as soon as possible. When we apply a patch, we always build 
>> an image (e.g. for Zyng) and run ptest to verify the patch.
>>
>> So far we have fixed security patches for chip-vendor-supplied kernels 
>> in our own layer "meta-enea", but we would like to change this policy 
>> and apply the security patches directly in the hardware-specific layer, e.g.
>> "meta-xilinx", and upstream them to the layer maintainers. In this 
>> way, others can also get the patch. There are more advantages with 
>> fixing the patches in the hardware-specific layer and upstreaming them 
>> compared to fixing them in our own meta-enea layer.
>>
>> We are very interested in your maintenance policy and your opinion 
>> about receiving patches from Enea.
>>
> 
> Hi Sona,
> 
> In regards to the maintenance policy for the linux-xlnx kernel in the meta-xilinx layer. This kernel is the linux-xlnx kernel that Xilinx provides as part of "Xilinx OSL". In the meta-xilinx layer we directly use this kernel, we avoid patching it within meta-xilinx except under very specific circumstances (e.g. backporting bug fixes).
> 
> If you would like to query the policy for linux-xlnx itself or contribute your patches to linux-xlnx contact the git at xilinx.com mailing list.
> 
> Regards,
> Nathan
> 
>>
>>
>> Best Regards
>>
>> Sona
>>
>>
>> cid:image001.gif at 01CC1C4F.F4636310
>>
>> Sona Sarmadi
>> Software Engineer/Security Responsible for Enea Linux Enea Jan 
>> Stenbecks torg 17, Box 1033, SE-164 21 Kista, Sweden
>> Direct: +46 8 5071  4475
>> Mobile: +46 70 971 4475
>>
>> sona.sarmadi at enea.com <mailto:sona.sarmadi at enea.com> www.enea.com 
>> <http://www.enea.com/>
>>
>> cid:image002.jpg at 01CC1C4F.F4636310
>>
>> This message, including attachments, is CONFIDENTIAL. It may also be 
>> privileged or otherwise protected by law. If you received this email 
>> by mistake please let us know by reply and then delete it from your 
>> system; you should not copy it or disclose its contents to anyone.
>>
>>
> 



More information about the meta-xilinx mailing list