[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: what features are required in Fedora kernel



On Friday 04 September 2009 02:17:10 pm Dan Horák wrote:
> I am building kernels for some ARM based devices that use Fedora/ARM as
> user-land. 

Glad to see someone else looking at the ARM kernel.


> These devices are usually very limited in the size of kernel
> that can be stored in their flash memories (like 2MB kernel, 4MB
> ramdisk). So I would like to know what kernel features make a "Fedora
> kernel", what are the MUST HAVE features?

Maybe some usb devices. Which ones...I don't know. :)

> Now I have those on my list
> - audit

Note that the audit system on ARM is dysfunctional. No one has ever taken the 
time to write the requisite code in arch/arm/kernel/ptrace.c to call 
audit_syscall_entry(). Without that code upstream (or as a patch), the audit 
system is limited to user space originating events. I don't know if SE Linux 
AVC's are affected by the audit system not having its hands on a lot of 
information during the syscall.

> - SELinux
> - IPv6
> - Netfilter for both IPv4 and IPv6

Netfilter is needed badly on that arch since the default system image has a 
mail server listening to the public IP address and running as root. Iptables 
is needed to block this access.

-Steve


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]