| 1 |
On Friday 21 Oct 2016 13:39:54 Rich Freeman wrote: |
| 2 |
> On Fri, Oct 21, 2016 at 12:22 PM, Alexander Kapshuk |
| 3 |
> |
| 4 |
> <alexander.kapshuk@×××××.com> wrote: |
| 5 |
> > On Fri, Oct 21, 2016 at 6:42 PM, Andy Mender <andymenderunix@×××××.com> |
| 6 |
wrote: |
| 7 |
> >> Would a Gentoo .config work with the upstream "vanilla" 4.4.26 kernel? |
| 8 |
> >> I know Gentoo does some patching to the upstream sources and menuconfig |
| 9 |
> >> has |
| 10 |
> >> |
| 11 |
> >> additional features thereby. |
| 12 |
> > |
| 13 |
> > Running 'make oldconfig' within the sources directory by default uses |
| 14 |
> > whatever config-x.y.z is the highest version available in /boot. |
| 15 |
> > Otherwise, copying the config file desired to the sources directory |
| 16 |
> > followed by running 'make oldconfig' will generate a new one based on |
| 17 |
> > the config file copied. |
| 18 |
> > You could than run the diff on the gentoo config file and the vanilla |
| 19 |
> > one and take it from there. |
| 20 |
> |
| 21 |
> Correct. I'm pretty confident (having done this a bunch of times) |
| 22 |
> that it is just going to drop any config items it doesn't recognize |
| 23 |
> including the Gentoo ones (removal of config items is normal anyway). |
| 24 |
> Since the Gentoo ones just pull in other pre-reqs, and the way the |
| 25 |
> config file works is that the pre-reqs also get written into the |
| 26 |
> config file, you'll still have all the settings that actually matter. |
| 27 |
> For example, systemd support probably turns on multiple pts support, |
| 28 |
> and even if you get rid of the gentoo systemd option the multiple pts |
| 29 |
> support option will remain selected. |
| 30 |
> |
| 31 |
> So, if you're staying in the same kernel series (4.4) you should just |
| 32 |
> be able to run make oldconfig and that's it. You can take a look but |
| 33 |
> I'd be shocked if you're either prompted for any new settings or if |
| 34 |
> anything doesn't work exactly as before. You might just be missing a |
| 35 |
> random patch or two (gentoo-sources doesn't have that many of them). |
| 36 |
> |
| 37 |
> Going between kernel series is going to be the same as always, you'll |
| 38 |
> be asked a dozen questions for new options. |
| 39 |
> |
| 40 |
> Now, the one thing you'll lose without the Gentoo options is that if |
| 41 |
> an openrc/systemd/udev/whatever requirement changes it won't just |
| 42 |
> automatically get pulled in. You'll need to find out about it and |
| 43 |
> manually update your config. Honestly, I think that option wouldn't |
| 44 |
> be a bad one to merge upstream, though it obviously does cross the |
| 45 |
> userspace/kernelspace boundary. Also, having end-users manipulate |
| 46 |
> kernel config options is something very few distros do these days, I'm |
| 47 |
> not sure if any of the well-known distros encourage it. |
| 48 |
|
| 49 |
I haven't looked into exploits for this. At a practical level, what will it |
| 50 |
take to compromise a PC? |
| 51 |
|
| 52 |
-- |
| 53 |
Regards, |
| 54 |
Mick |
Archives