I'll assume for the moment that the hardened-sources patch set discussed includes security improvements.
My question is...what kinds? For what reason is there a set of "makes it more secure" patches that aren't integrated into the mainline kernel? Are they just not stable in some fashion? Do they exclude some kernel functionality? Do they impact performance? What exactly is this patch set, and why is it separate? -- :wq
