Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 24 Jun 2012 05:50:06 +0400
From: Solar Designer <solar@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: status of 2.6.32-based kernel

On Sat, Jun 23, 2012 at 12:26:26AM +0400, Vasily Kulikov wrote:
> I've reached the state of bootable RHEL6-based kernel with Owl patch.

Great!

Do you already have an updated kernel.spec?

Have you already tried building the Owl userland with this kernel's
headers?  If so, how many packages build / don't build?

> 1. Owl patch is updated

Can you post it in here, please?

> and a basic .config file is created.

What did you base it on?

I think we should start with OpenVZ's (which is in turn based on RHEL's)
and tweak from there.

> 2. There are problems with some config options.  I had to enable
> 
> 1) cgroups
> 2) perf events
> 
> options in .config because some backported patched of RHEL/OpenVZ kernel
> are not designed to fully backport all huge #ifdef constructions and
> many =n configs are not compilable.  To disable these groups of config
> options massive additions of #ifdef are needed.

No need to disable them.  In fact, we need at least cgroups.

> There were minor issues with other options like taskstats, which are now
> fixed.
> 
> Does Owl kernel need cgroups and perf events?  Cgroups are needed for
> ovz scheduler (and probably memory) limitations.  It looks like OpenVZ
> is able to exist without perf events, it is only RHEL-related
> compilation bug.
> 
> If both option groups are needed, no significant changes to the Owl
> patch are needed.

Yes, and for taskstats we might want to match RHEL (in default setting
for this option) unless there's a reason not to.

> 3. The size of the kernel has significantly increased: 2.82 Mb of
> 2.6.18 vs 3.60 Mb of 2.6.32.  Do we need any actions for reducing the
> size?  E.g. moving some config options from =y to =m.  Probably we can
> discuss udev usage once again (and move many device options to =m and
> use initrd)...
> 
> However, we are not constrained with any specific size because of using
> syslinux as bootloader in ISO case.

No need to reduce the size now, but we'll need to decide on =y vs. =m
based on other criteria.

> 4. We want to use the latest RHEL6-based OpenVZ kernel branch, right?

Yes.

> For now it should be 042stab055.16.

Actually, we should go with their testing kernels.  By the time we're
ready to declare any of this stable in Owl, they'll move their testing
to stable as well (or replace it with an even newer revision, which
we'll update to).  So it'd be 042stab056.11 now.

> 5. How do we want to discuss the needness of plenty config options?
> Most of them are device-related, but a significant number is about
> secondary features like RCU, ACPI, scheduler things, etc.

There are a lot of kernel config options, so we don't have the resources
(time, knowledge) to seriously discuss every one of them (nor would that
be in line with our project's goals).  Thus, I suggest that we start
with RHEL6/OpenVZ defaults and only tweak what needs changing for
specific reasons that we can identify.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ