On Sun, Jan 02, 2005 at 02:59:54AM +0100, Daniel Roesen wrote: > > The bulk of the remainder are bugfixes, and a handful > > of 'distro' patches that wont go upstream. > > Thanks for that. So just to be sure I understand this correctly: > only ~8 patches for features Some of those features are split up into multiple patches. Ie, Execshield is 3-4, modsign is ~6, etc.. This makes upstream merging easier. Some of the smaller bits of exec-shield already found their way upstream. It makes it so much easier to rebase when you can just drop a patch instead of having to edit a diff/hand merge rejects. > over 200 bug fixes, and some "distro" > patches? What kind of patches are those "distro" patches? Things like the make oldconfig_nonint target, things fiddling with default gcc options (-Os by default, and tune for P4 on the 686 kernel) Some debugging patches (like linux-2.6.3-printopen.patch which prints files that are opened, useful for generating file lists for readahead), things that alter some upstream decisions (like changing some printk's to panic's and vice versa) WARN_ON -> BUG_ON). Upstream kernel will allow you to sometimes limp along after something catastrophic happens, Fedora kernel will panic as soon as possible to prevent possible data corruption. Removal of export's of a bunch of things like sys_call_table which only cause pain, and prevent a bunch of rootkits from running. (Whilst there are rootkits that can still patch the system without this exported, it raises the bar slightly). Finally, we deprecate a bunch of stuff that will ultimately go away upstream. Dave