lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z7hTLsaqNU0rlpwV@kernel.org>
Date: Fri, 21 Feb 2025 12:19:26 +0200
From: Jarkko Sakkinen <jarkko@...nel.org>
To: Fiona Behrens <me@...enk.dev>
Cc: Bart Van Assche <bvanassche@....org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Jason Gunthorpe <jgg@...dia.com>, Kees Cook <kees@...nel.org>,
	Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
	Christoph Hellwig <hch@...radead.org>,
	rust-for-linux <rust-for-linux@...r.kernel.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Greg KH <gregkh@...uxfoundation.org>,
	David Airlie <airlied@...il.com>, linux-kernel@...r.kernel.org,
	ksummit@...ts.linux.dev
Subject: Re: Rust kernel policy

On Thu, Feb 20, 2025 at 04:07:58PM +0200, Jarkko Sakkinen wrote:
> > I do still have on my ToDo list to build and publish a better nix
> > development shell for kernel with rust enabled, and could also add a
> > section on how to build a NixOS iso in the same nix code.
> > But sadly time is a finite resource and so did not yet got to it.
> 
> Please do ping me if you move forward with this. IMHO, why wouldn't
> you contribute that straight to the kernel documentation? Right no
> there are exactly zero approaches in kernel documentation on how
> test all of this.

I initiated something that makes sense to me:

https://codeberg.org/jarkko/linux-tpmdd-nixos

I'll extend this to Rust shenanigans. The milestone zero was to
figure out mandatory hashes of NixOS. It uses a combination of
nix-prefetch-git and environment variable for that. I'm still
fixing some glitches but from it should be easy to extend
to Rust kernels.

Note that I'm using Fedora in my host and NixOS is only the
easiest route I've found so far to compile Rust-enabled kernel
with user space (for C I used BuildRoot) so I have a wild guess
that what you're looking into is something that makes sense
for NixOS users, right?

I compile this by podman-compose up --build :-)

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ