Bug#860563: unblock: xen/4.8.1-1

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Bug#860563: unblock: xen/4.8.1-1

Ian Jackson-11
Package: release.debian.org
Severity: normal
User: [hidden email]
Usertags: unblock

Please unblock package xen

unblock xen/4.8.1-1


This update includes three security fixes and a large number of other
important bugfixes.

When preparing this update I had to choose between either (i) taking
the upstream 4.8.1 stable point release and reverting any changes I
felt inappropriate, or (ii) cherry picking the commits I felt
appropriate.

Looking at the git log [1] I concluded that the majority of the
non-security fixes were clearly bugfixes.  Many of those bugfixes are
for crashes or races.

I decided that the lower risk approach would be to start with all the
commits from upstream, and revert any that ought to be excluded.  This
reduces the risk of dropping an important bugfix.

Reviewing the commit log in detail there were two commits for which
the justification for backporting seemed quite unclear to me:
"xen/arm: *: Relax hw domain mapping attributes" - two commits, one
for ACPI and one for DT; and "x86/ept: allow write-combining on
!mfn_valid() MMIO mappings again".  I queried these with other
upstream developers and came to the conclusion that they ought to be
included.

There are a number of other commits which are clear bugfixes, with a
low risk of regression, but also a low impact.  I think it is probably
better to include these and ship Xen 4.8.1 in stretch, than to revert
them.

[1] git-log-4.8.1-1.txt, attached.

I'm afraid the debdiff will be hard to read - not because the changes
interact so much, but because there are quite a lot of them.

In the debdiff you will see a change to Config.mk.  That change has no
effect on the Debian package build and could be stripped out.  I chose
not to do this because I felt that messing with things was more likely
to break things than to fix them (see above).

Thanks for your attention and I hope this approach meets with your
approval.

Regards,
Ian.

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

git-log-4.8.1-1.txt (72K) Download Attachment
4.8.1~pre.2017.01.23-1--4.8.1-1.diff (129K) Download Attachment
4.8.1~pre.2017.01.23-1--4.8.1-1.debdiff (165K) Download Attachment