[meta-xilinx] security patches in the Linux kernel in the meta-xilinx

Sona Sarmadi sona.sarmadi at enea.com
Mon Jul 7 05:06:56 PDT 2014


Hi Philip, Nathan,

meta-enea is available under this URL:
http://git.enea.com/git/?p=linux/meta-enea.git;a=summary

Yes, it would be good  for meta-xilinx users to get security patches that apply to the Xilinx kernel but the questions is  where we should send those patches. 
Maybe we should contact "git at xilinx.com" to upstream security patches in the  in the future.

BR Sona

-----Original Message-----
From: Philip Balister [mailto:philip at balister.org] 
Sent: den 4 juli 2014 13:59
To: Sona Sarmadi; Nathan Rossi
Cc: meta-xilinx at lists.yoctoproject.org
Subject: Re: [meta-xilinx] security patches in the Linux kernel in the meta-xilinx

On 07/04/2014 02:22 AM, Sona Sarmadi wrote:
> Thanks Nathan for your quick response.
> 
> No problem, we understand and respect your policy. We will keep the security (or other critical) patches we would like to apply/backport to linux-xlnx kernel in our own layer (meta-enea).

Is meta-enea public? (I dont't see it in the layer index) It would be nice for users of meta-xilinx to have some knowledge of security patches that apply to the Xilinx kernel.

Philip

> 
> Best regards
> Sona
> 
> -----Original Message-----
> From: Nathan Rossi [mailto:nathan.rossi at xilinx.com]
> Sent: den 4 juli 2014 06:52
> To: Sona Sarmadi
> Cc: meta-xilinx at lists.yoctoproject.org
> Subject: RE: [meta-xilinx] security patches in the Linux kernel in the 
> meta-xilinx
> 
>> -----Original Message-----
>> From: meta-xilinx-bounces at yoctoproject.org [mailto:meta-xilinx- 
>> bounces at yoctoproject.org] On Behalf Of Sona Sarmadi
>> Sent: Thursday, July 03, 2014 4:01 PM
>> To: meta-xilinx at lists.yoctoproject.org
>> Subject: [meta-xilinx] security patches in the Linux kernel in the
>> meta- xilinx
>>
>> Hi,
>> My name is Sona Sarmadi and I am responsible for security in Enea Linux.
>>
>> Our goal is to apply security patches to the Linux kernels in our 
>> distribution, in order to test and make the patches available for our 
>> customers as soon as possible. When we apply a patch, we always build 
>> an image (e.g. for Zyng) and run ptest to verify the patch.
>>
>> So far we have fixed security patches for chip-vendor-supplied 
>> kernels in our own layer "meta-enea", but we would like to change 
>> this policy and apply the security patches directly in the hardware-specific layer, e.g.
>> "meta-xilinx", and upstream them to the layer maintainers. In this 
>> way, others can also get the patch. There are more advantages with 
>> fixing the patches in the hardware-specific layer and upstreaming 
>> them compared to fixing them in our own meta-enea layer.
>>
>> We are very interested in your maintenance policy and your opinion 
>> about receiving patches from Enea.
>>
> 
> Hi Sona,
> 
> In regards to the maintenance policy for the linux-xlnx kernel in the meta-xilinx layer. This kernel is the linux-xlnx kernel that Xilinx provides as part of "Xilinx OSL". In the meta-xilinx layer we directly use this kernel, we avoid patching it within meta-xilinx except under very specific circumstances (e.g. backporting bug fixes).
> 
> If you would like to query the policy for linux-xlnx itself or contribute your patches to linux-xlnx contact the git at xilinx.com mailing list.
> 
> Regards,
> Nathan
> 
>>
>>
>> Best Regards
>>
>> Sona
>>
>>
>> cid:image001.gif at 01CC1C4F.F4636310
>>
>> Sona Sarmadi
>> Software Engineer/Security Responsible for Enea Linux Enea Jan 
>> Stenbecks torg 17, Box 1033, SE-164 21 Kista, Sweden
>> Direct: +46 8 5071  4475
>> Mobile: +46 70 971 4475
>>
>> sona.sarmadi at enea.com <mailto:sona.sarmadi at enea.com> www.enea.com 
>> <http://www.enea.com/>
>>
>> cid:image002.jpg at 01CC1C4F.F4636310
>>
>> This message, including attachments, is CONFIDENTIAL. It may also be 
>> privileged or otherwise protected by law. If you received this email 
>> by mistake please let us know by reply and then delete it from your 
>> system; you should not copy it or disclose its contents to anyone.
>>
>>
> 



More information about the meta-xilinx mailing list