[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Backports for stable branches


  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 6 Mar 2023 08:28:10 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AnTEM5sugEarqJS1TS9HMZmbYxJcHJiesU+HYURsDiU=; b=KBPz/Tl60V2YxaPwphxwq8MdiX6j/Xg4AffaDnO9aTdIQvw4Qnhephtr+24Z7OjbrKDWNF2N/eTPd2jU0ytuqYh12ayL8mrS32tqM9MARJ0ZC8ZjZU/WCDCrQMxAumnGOrCHl1h2Yq6lzZ3OWSc2Dx07AW1gVd3yBC5bGn2VfoR4EFe1Zvrv4M+TsKKKmbEYHnS1gRwmo7fpCC9SBfT36uRS91/henwagHo1EQb5C8+sLPlV/iDqm68c/PLCzieCpcYzAM81vOQBJ2b2V6QHlDYzztNEMdIncg3vCbG3cxzGmdZfUR3qSYgVuC5tl9x5Vyur344uEiZV+VxpTqejnQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K+0NyDpatGgZdlU9NwyE46HkEA7YkpuXFqPCM9rPiuQmKwFNp34Ep5slgBJz9HEPHtAsrx5W5xNFCYHGIhkXijojrLbNP33juK9pIbnImgs3SYAb2R7jY0nOiRLdmeGeI7swy0Bt3R3AlzceGTdvcJ9kMwdrUy+Aoudpi7OgRHuwYnonMGEO/JyirLLBuG1IJGst3F1ccXeo2LotLKGlKx2ryg9hIw5GbDFpsdGbni124dQlvNthfcQ1hKb5p6eU0nkrLw9iqLSkI/7Oadz1oEQvJshR+dDoR+oES5XPoUa739q3+/x7sosb9Xq1Bq+M1ynya70gR3C0VToGrot56Q==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>
  • Delivery-date: Mon, 06 Mar 2023 07:28:20 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 03.03.2023 16:56, Andrew Cooper wrote:
> Two python bugfixes which definitely qualify for backport:
> 
> 897257ba49d0 tools/python: change 's#' size type for Python >= 3.10
> 3a59443c1d5a tools/xenmon: Fix xenmon.py for with python3.x

Queued. I wasn't entirely certain about these when I saw them going in.
They also had no Fixes: tags.

> Next, I'm going to argue for taking:
> 
> f7d07619d2ae x86/vmx: implement VMExit based guest Bus Lock detection
> d329b37d1213 x86/vmx: introduce helper to set VMX_INTR_SHADOW_NMI
> 573279cde1c4 x86/vmx: implement Notify VM Exit
> 5f08bc9404c7 x86/vmx: Partially revert "x86/vmx: implement Notify VM Exit"
> 
> These are technically new features for Sapphire Rapids, but they're both
> very simple (in the grand scheme of new features), and are both
> mitigations to system-wide denial of services that required silicon
> changes to make happen.
> 
> Either way, there is a security argument to be made for backporting these.

I have to admit I'm not entirely certain here. At present my inclination
would be to put them in 4.17 only, where - it only going to be 4.17.1 -
the "new feature" aspect is more reasonable to accept. 4.16, otoh, is
relatively soon to go out of general support (albeit I notice not yet
after the next stable release, as this time round the 4 month cadence
was followed pretty closely). Thoughts?

Jan



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.