From: Andi Kleen <andi@firstfloor.org>
To: Jeff Arnold <jbarnold@MIT.EDU>
Cc: linux-kernel@vger.kernel.org
Subject: Re: A system for rebootless kernel security updates
Date: Mon, 28 Apr 2008 12:29:53 +0200 [thread overview]
Message-ID: <4815A721.1040101@firstfloor.org> (raw)
In-Reply-To: <alpine.DEB.1.10.0804280119001.9237@vinegar-pot.mit.edu>
Jeff Arnold wrote:
> I'm certainly interested in bringing the code up to kernel coding
> standards (for example, I'd be happy to address any issues with the code
> that are brought to my attention). I'm not sure whether submitting it
> for mainline makes sense since the software doesn't significantly
> benefit from being bundled with the kernel.
To be honest you weren't the first to come up with something like this
(although you're the first to post to l-k as far as I know). But the
usual problem of something that is kept out of tree is that it
eventually bitrots and gets forgotten. The only sane way to make such
extensions a generically usable linux feature is to merge them to mainline.
> Instead, it might be more important to 1) package the userspace
> update-construction software for common Linux distributions to make it
> easily available to interested users, and 2) to provide binary kernel
> updates for common distribution kernels so that users can simply sign up
> and get fewer "your machine needs to be rebooted now for an update to
> take effect" notifications.
(2) is a incredibly large amount of work longer time. And when
distributions merge your feature they become committed to it so even if
you go away they would still need to maintain it on their own. Since
they understand how much work this is they likely won't do it in the
first place. Really it's far better to just merge if you want it to
make it out of the "toy" stage.
-Andi
next prev parent reply other threads:[~2008-04-28 10:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-23 18:59 A system for rebootless kernel security updates Jeff Arnold
2008-04-23 21:37 ` FD Cami
2008-04-24 13:42 ` Andi Kleen
2008-04-28 6:18 ` Jeff Arnold
2008-04-28 10:29 ` Andi Kleen [this message]
2008-04-29 6:55 ` Jeff Arnold
2008-04-29 12:57 ` Dan Noe
2008-04-29 22:43 ` Jeff Arnold
2008-05-01 11:38 ` Enrico Weigelt
2008-05-01 13:35 ` David Collier-Brown
2008-04-24 13:43 ` Christian Hesse
2008-04-24 18:13 ` Jeff Arnold
2008-04-24 19:16 ` Christian Hesse
2008-04-28 6:11 ` Jeff Arnold
-- strict thread matches above, loose matches on Subject: below --
2008-04-24 14:26 Tomasz Chmielewski
2008-04-24 14:42 ` Andi Kleen
2008-04-27 10:17 ` Pavel Machek
2008-04-27 17:00 ` Gilles Espinasse
2008-04-27 17:49 ` Willy Tarreau
2008-04-27 19:51 ` Oliver Pinter
2008-04-27 19:58 ` Jesper Juhl
2008-04-28 19:07 ` Bill Davidsen
2008-04-29 23:39 ` Jeff Arnold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4815A721.1040101@firstfloor.org \
--to=andi@firstfloor.org \
--cc=jbarnold@MIT.EDU \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.