| 1 |
I'm looking at the Alpha source patch tarball that alpha-sources pulls in, |
| 2 |
and comparing the functions they provide with the ones in the 2.6.4 kernel |
| 3 |
as supplied by gentoo-dev-sources (which will migrate to gentoo-sources |
| 4 |
whenever it's sufficiently wrung out). It looks like some, but not quite |
| 5 |
all, of it is obsolete: |
| 6 |
|
| 7 |
06_grsecurity: This patch adds the grsecurity configuration selections. This |
| 8 |
appears to have been included via the 2.6 security options selection, |
| 9 |
although it doens't appear as complete. |
| 10 |
|
| 11 |
0[789]_xfs: These patches add XFS and XFS quota support. This appears to |
| 12 |
have been completely included in 2.6. |
| 13 |
|
| 14 |
60_usagi: I'm not sure what this does beyond providing IPv6 support. There |
| 15 |
is IPv6 in the 2.6 kernel, with options for tunneling, privacy, IPSec AH and |
| 16 |
ESP, and IPComp. |
| 17 |
|
| 18 |
80_patch_int: This patch adds the CryptoAPI. This appears to have been |
| 19 |
completely included in 2.6. |
| 20 |
|
| 21 |
81_loop_jari: I think this patch adds cryptographic loopback filesystem |
| 22 |
support. There are two kernel configurations that provide this function, |
| 23 |
Cryptoloop (which uses CryptoAPI), and Compressloop. I'm not sure what the |
| 24 |
difference is. |
| 25 |
|
| 26 |
86_super_freeswan: This one provides enhanced FreeS/WAN IPSec. It's more |
| 27 |
complete, apparently, than the IPSec support built into the 2.6 kernel by |
| 28 |
default, but I'm not 100% sure about that. |
| 29 |
|
| 30 |
90_sysctl_uac: This one is not present in 2.6. Has the patch been submitted |
| 31 |
to the kernel guys at all? It seems too useful to leave out. |
| 32 |
|
| 33 |
There's also 4 patches that aren't part of the tarball, but get applied to |
| 34 |
correct various vulnerabilities; I assume those have all been taken care of |
| 35 |
in 2.6.4. (They're the do_brk(), mremap(), RTC, and munmap vulnerabilities.) |
| 36 |
|
| 37 |
Finally, there's one fix to a multiline literal in an Alpha-specific |
| 38 |
assembler header file, referenced in bug 38354. It appears to have been |
| 39 |
fixed in 2.6.4. |
| 40 |
|
| 41 |
I'd like to see the gentoo-sources kernel become the default for Alpha, but |
| 42 |
I also don't want to disenfranchise anyone who's using the features the |
| 43 |
alpha-sources 2.4.21 kernel has. The sysctl_uac patch can now be applied |
| 44 |
only during a build for Alpha, via a feature added to the kernel-2 eclass. |
| 45 |
The others aren't Alpha specific, so they can either be included or left out |
| 46 |
independdently of the architecture being installed. |
| 47 |
|
| 48 |
Do we have a feel for how many folks out there are using the full |
| 49 |
grsecurity, or the complete SuperFreeS/WAN, or USAGI? Is it something we |
| 50 |
should push to have included in the Gentoo kernel by default? |
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-alpha@g.o mailing list |
Archives