| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <226424d3-d29f-2a83-2d04-81ad4aab1be2@metux.net>
Date: Thu, 7 Mar 2019 18:37:18 +0100
From: "Enrico Weigelt, metux IT consult" <lkml@...ux.net>
To: Joel Fernandes <joel@...lfernandes.org>
Cc: Pavel Machek <pavel@....cz>, hpa@...or.com,
Daniel Colascione <dancol@...gle.com>,
Greg KH <gregkh@...uxfoundation.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>, ast@...nel.org,
atishp04@...il.com, Borislav Petkov <bp@...en8.de>,
Ingo Molnar <mingo@...hat.com>, Jan Kara <jack@...e.cz>,
Jonathan Corbet <corbet@....net>, karim.yaghmour@...rsys.com,
Kees Cook <keescook@...omium.org>, kernel-team@...roid.com,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
Manoj Rao <linux@...ojrajarao.com>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Paul McKenney <paulmck@...ux.vnet.ibm.com>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Randy Dunlap <rdunlap@...radead.org>, rostedt@...dmis.org,
Thomas Gleixner <tglx@...utronix.de>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
yhs@...com
Subject: Re: [RFC] Provide in-kernel headers for making it easy to extend the
kernel
On 07.03.19 02:48, Joel Fernandes wrote:
>> I'm confused.
>
> Take a look at this thread: https://lkml.org/lkml/2019/2/28/634
Okay, replying to that mail:
> > > There's no linux-headers
That's the first fundamental problem. Actually, there's not even any
decent package management at all (no, apk seriously doesn't count as
that, not if you're used to apt+frieds for over 20 years)
> I have already been down that road. In the Android ecosystem, the
> Android teams only provide a "userspace system image" which goes on
> the system partition of the flash (and a couple other images are also
> provided but system is the main one).
These Android teams should learn how GNU/Linux distros and package
management works for over 20 years. Really, this is pretty trivial.
For such kind of general purpose devices, where users can install
arbitrary applications, I'd never come to the strange idea of deploying
whole operating system and applications in one image. (most likely not
even initially in the factory)
> The system image cannot contain GPL source code.
Why exactly ? Beacuse Big Manitu said so ?
Don't these folks that GPL doesn't prohibit shipping binaries on
disk/flash images ?
> It is also not possible to put kernel headers for every kernel version
> on the system images that ship and is not practical.
Of course not. They should only be deployed when needed, for the
versions needed.
> Android boots on 1000s of forked kernels.
Next big fundamental problem. Why all these forks in the first place ?
I'm not talking about the small patch queue ontop of mainline (or maybe
Andoid kernel baseline) - that's something we do all the day in embedded
world (of course we try to mainline as much as we can).
But what I usually see from the Andoid vendors are pretty much full
forks (full of horrible hacks) that quickly aren't maintained anymore.
If I'd be the responsible manager @google, that'd be one of the very
first things I'd care for: mainline first. (and, of course, ban all
proprietary binary-only kernel modules).
> Now for kernel modules, there's another image called the "vendor
> image" which is flashed onto the vendor parition, this is where kernel
> modules go.
Okay, then why not just putting a tarball there ?
--mtx
--
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info@...ux.net -- +49-151-27565287
Powered by blists - more mailing lists