Backporting stacked security patch
Greg KH
greg at kroah.com
Tue Oct 30 10:33:12 EDT 2018
On Tue, Oct 30, 2018 at 02:43:12PM +0300, Lev Olshvang wrote:
> Hi All,
>
> I week ago I asked the list about kernel 4.2 stacked security patch location , but
> Greg strongly advised me against, without going into details.
> I highly appreciate Greg advice, and I know he is a very busy person.
> Unfortunately I do not have a choice to upgrade kernel, and I am asking again :
> - what are major challenges of a such backport ?
> Does kernel security changed so much between 3.18 and 4.2 ?
$ git log --no-merges v3.18..v4.2 | grep "^commit " | wc -l
48573
That's over 48 thousand changes between those kernels. That's a
non-trivial thing to review and backport only parts of it.
And if you were to backport only parts of it, then you would be dealing
with a kernel that only you can support, not the company/vendor that is
forcing you to stick with 3.18. Why not ask them to do this work for
you as they are the ones you are paying for this type of work already?
Also, why 3.18? That's a very old and obsolete kernel already, never
use that for any new type of device, you are guaranteed to have problems
with it as I'll probably stop doing security updates for it any week
now...
good luck!
greg k-h
More information about the Kernelnewbies
mailing list