You are not logged in.

#1 2007-04-26 10:50:28

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Ideas for a new kernel patchset

Hi,
I'm not much satisfied with the kernel patchsets currently available for Arch, so I'm planning a new patchset (well... it was ready when it was 2.6.20.7 based, but now I'm making a new 2.6.21 based one).

These would be the planned patches:

genpatches ( http://dev.gentoo.org/~dsd/genpatches/ ) [not all when they were for 2.6.20... we'll see for 2.6.21]
AppArmor ( www.novell.com/linux/security/apparmor/ )
PaX ( http://grsecurity.net/ ) [not the whole grsecurity patchset]
cfs-scheduler ( http://people.redhat.com/mingo/cfs-scheduler/ ) [a new scheduler from Ingo Molnar... better than the -ck one? Probably yes.]
Suspend 2 ( http://www.suspend2.net/ )
SKAS ( http://www.user-mode-linux.org/~blaisorblade/ )
Squashfs ( http://squashfs.sourceforge.net/ )
Unionfs ( http://www.am-utils.org/project-unionfs.html )
Reiser4 ( http://www.namesys.com/ )
ACPI DSDT ( http://gaugusch.at/kernel.shtml )

There are some small fixes (genpatches), some "hardening" patches (AppArmor, PaX, SKAS), a new scheduler (cfs-scheduler), improved filesystems support (Squashfs, Unionsfs, Reiser4) and the usual useful things (Suspend 2, ACPI DSDT).

Do you have any other idea? Let me know.

Last edited by ekerazha (2007-04-26 10:59:44)

Offline

#2 2007-04-26 12:40:54

IsSuE
Member
Registered: 2006-04-29
Posts: 309

Re: Ideas for a new kernel patchset

Sounds nice to me, although you will run into a lot of work, if you want to compile modules for your patched kernel hmm

Offline

#3 2007-04-26 12:47:21

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

Maybe I'll remove the PaX patches because they can cause problems to some packages, although most of them should be fixable using "paxctl" (but this would require some extra work for users). I'll see......

Last edited by ekerazha (2007-04-26 12:47:52)

Offline

#4 2007-04-26 13:13:34

chaosgeisterchen
Member
From: Kefermarkt, Upper Austria
Registered: 2006-11-20
Posts: 550

Re: Ideas for a new kernel patchset

Your idea sounds very nice. I assume, that it could be a major advantage for notebook users here (compared to the vanilla kernel)?


celestary
Intel Core2Duo E6300 @ 1.86 GHz
kernel26
KDEmod current repository

Offline

#5 2007-04-26 13:17:15

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

chaosgeisterchen wrote:

Your idea sounds very nice. I assume, that it could be a major advantage for notebook users here (compared to the vanilla kernel)?

Mmm... I don't see notebook-oriented-only patches on my list... what advantages should there be?

Offline

#6 2007-04-26 15:16:13

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

ekerazha wrote:

Maybe I'll remove the PaX patches because they can cause problems to some packages, although most of them should be fixable using "paxctl" (but this would require some extra work for users). I'll see......

Probably I'll use PaX patches but I'll enable only ASLR (Address Space Layout Randomization) and I'll disable the "Non-executable page" things (this should fix most of the incompatibilities).

Last edited by ekerazha (2007-04-26 15:17:27)

Offline

#7 2007-04-27 09:38:24

klixon
Member
From: Nederland
Registered: 2007-01-17
Posts: 525

Re: Ideas for a new kernel patchset

Tip: You are aware of gentoo's "Unsupported software" forum?
There's definately some kernel-patching going on there, and they usualy don't mind if you use their (already ported to the most recent kernel-release) patches as long as you mention you used theirs (and they probably won't mind if you share your patch-set there either)

It's more of a collaborative effort producing different flavours there... Could save you some porting headaches wink


Stand back, intruder, or i'll blast you out of space! I am Klixon and I don't want any dealings with you human lifeforms. I'm a cyborg!

Offline

#8 2007-04-27 19:23:42

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

klixon wrote:

Tip: You are aware of gentoo's "Unsupported software" forum?
There's definately some kernel-patching going on there, and they usualy don't mind if you use their (already ported to the most recent kernel-release) patches as long as you mention you used theirs (and they probably won't mind if you share your patch-set there either)

It's more of a collaborative effort producing different flavours there... Could save you some porting headaches wink

This seems nice: http://forums.gentoo.org/viewtopic-t-555708.html
However it lacks security-oriented patches.

Offline

#9 2007-04-27 20:46:16

chaosgeisterchen
Member
From: Kefermarkt, Upper Austria
Registered: 2006-11-20
Posts: 550

Re: Ideas for a new kernel patchset

ekerazha wrote:
chaosgeisterchen wrote:

Your idea sounds very nice. I assume, that it could be a major advantage for notebook users here (compared to the vanilla kernel)?

Mmm... I don't see notebook-oriented-only patches on my list... what advantages should there be?

I didn't seem to get it. Focussed myself too much on the ACPI-thingy, thinking this would improve the ACPI-capability of Linux. Suspend2 is always good for mobile computers, anyway.


celestary
Intel Core2Duo E6300 @ 1.86 GHz
kernel26
KDEmod current repository

Offline

#10 2007-04-27 21:02:48

klixon
Member
From: Nederland
Registered: 2007-01-17
Posts: 525

Re: Ideas for a new kernel patchset

vipernicus and predatorfreak rule smile
If you want, i have a pkgbuild for 2.6.21-viper1, which is easily adaptable to nicus. You'd have to do a generic config if you want to post it on AUR though. I use my own wink


Stand back, intruder, or i'll blast you out of space! I am Klixon and I don't want any dealings with you human lifeforms. I'm a cyborg!

Offline

#11 2007-04-28 06:57:34

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

klixon wrote:

vipernicus and predatorfreak rule smile
If you want, i have a pkgbuild for 2.6.21-viper1, which is easily adaptable to nicus. You'd have to do a generic config if you want to post it on AUR though. I use my own wink

Of course... I want it tongue Maybe I could also make a "security oriented" version based on -nicus (nicus + AppArmor + PaX + SKAS).

Offline

#12 2007-04-28 08:30:56

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

ekerazha wrote:
klixon wrote:

vipernicus and predatorfreak rule smile
If you want, i have a pkgbuild for 2.6.21-viper1, which is easily adaptable to nicus. You'd have to do a generic config if you want to post it on AUR though. I use my own wink

Of course... I want it tongue Maybe I could also make a "security oriented" version based on -nicus (nicus + AppArmor + PaX + SKAS).

Yeah... I think I'll make a patchset based on "nicus" without platform-specific patches (thinkpad, linux-phc etc.) and some of the genpatches (fbsplash etc. splashy is the way) and with those security oriented patches (for PaX I will enable only ASLR).

Last edited by ekerazha (2007-04-28 08:37:30)

Offline

#13 2007-05-08 08:21:58

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

ekerazha wrote:
ekerazha wrote:
klixon wrote:

vipernicus and predatorfreak rule smile
If you want, i have a pkgbuild for 2.6.21-viper1, which is easily adaptable to nicus. You'd have to do a generic config if you want to post it on AUR though. I use my own wink

Of course... I want it tongue Maybe I could also make a "security oriented" version based on -nicus (nicus + AppArmor + PaX + SKAS).

Yeah... I think I'll make a patchset based on "nicus" without platform-specific patches (thinkpad, linux-phc etc.) and some of the genpatches (fbsplash etc. splashy is the way) and with those security oriented patches (for PaX I will enable only ASLR).

Well... *maybe* I won't include PaX at all (only AppArmor and SKAS).

Offline

#14 2007-05-08 20:38:47

buddabrod
Member
From: Germany
Registered: 2007-02-25
Posts: 220

Re: Ideas for a new kernel patchset

CFS is NOT the better choice at the moment. Read lkml, there are some tests that show SD's dominance in most cases, but it's just a matter of time until CFS will be my preferred scheduler.

Offline

#15 2007-05-08 21:56:29

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

buddabrod wrote:

CFS is NOT the better choice at the moment. Read lkml, there are some tests that show SD's dominance in most cases, but it's just a matter of time until CFS will be my preferred scheduler.

Well... this is disputed at the moment. Many people say CFS is actually more responsive than SD under "normal" load, while SD is better under heavy load, however I think CFS has a more modern design than SD and it is developed very fast and very actively, so it should improve more and more.

Offline

#16 2007-05-09 10:42:05

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

I think I'll remove suspend2 (ususpend is the way to go... just like Splashy is the way to go instead of fbsplash).

Offline

#17 2007-05-09 11:57:03

patroclo7
Member
From: Bassano del Grappa, ITALY
Registered: 2006-01-11
Posts: 915

Re: Ideas for a new kernel patchset

I would not follow the ususpend way (if you have read LKML recently, Linus Torvald has condemned the userspace/kernel split of functionalities typical of ususpend as simply a bad idea). The most recent patches tend on the contrary to modificate the original vanilla swsusp.. Moreover, in the present situation, ususpend is incredibly hard to configure and lacks many features of suspend2 (as suspend to file support and suspension to ram after suspension to disk). Anyway, since we have also kernel26suspend2, may be that you simply do not want the hassle to deal with this patchset, and this is obviously legitimate.


Mortuus in anima, curam gero cutis

Offline

#18 2007-05-09 12:51:34

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

patroclo7 wrote:

I would not follow the ususpend way (if you have read LKML recently, Linus Torvald has condemned the userspace/kernel split of functionalities typical of ususpend as simply a bad idea). The most recent patches tend on the contrary to modificate the original vanilla swsusp.. Moreover, in the present situation, ususpend is incredibly hard to configure and lacks many features of suspend2 (as suspend to file support and suspension to ram after suspension to disk). Anyway, since we have also kernel26suspend2, may be that you simply do not want the hassle to deal with this patchset, and this is obviously legitimate.

Well... I've read the Linus' posts on LKML (the "suspend2 merge" thing) and I've to meditate big_smile some days about this...

Offline

#19 2007-05-09 13:06:31

patroclo7
Member
From: Bassano del Grappa, ITALY
Registered: 2006-01-11
Posts: 915

Re: Ideas for a new kernel patchset

Well, just do not follow too strictly Linus' point of view, otherwise you will use nor vanilla suspend neither suspend2 neither ususpend: he dislikes them all tongue


Mortuus in anima, curam gero cutis

Offline

#20 2007-05-09 13:16:12

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

So... probably I'll use Suspend2 but I'll leave out fbsplash (for the same reason Linus thinks mixed user-space/kernel-space suspend-to-disk capabilities are not a very good idea): fbsplash-based solution uses a mixed user-space/kernel-space approach. Suspend2 seems like a kernel-space only approach. Splashy is an user-space only approach. So no controversial userspace<->kernelspace interfaces using Suspend2 and Splashy (I think... tell me if I'm wrong).

Last edited by ekerazha (2007-05-09 13:16:58)

Offline

#21 2007-05-09 13:26:05

patroclo7
Member
From: Bassano del Grappa, ITALY
Registered: 2006-01-11
Posts: 915

Re: Ideas for a new kernel patchset

I think that your solution is consistent. Obviously these theoretical considerations should deal with the actual functionality: I experimented a lot with suspension to disk solutions and I think that suspend2 is the most rich and reliable, while I have no experience with splash implementation.


Mortuus in anima, curam gero cutis

Offline

#22 2007-05-09 13:49:42

iphitus
Forum Fellow
From: Melbourne, Australia
Registered: 2004-10-09
Posts: 4,927

Re: Ideas for a new kernel patchset

ekerazha wrote:

So... probably I'll use Suspend2 but I'll leave out fbsplash (for the same reason Linus thinks mixed user-space/kernel-space suspend-to-disk capabilities are not a very good idea): fbsplash-based solution uses a mixed user-space/kernel-space approach. Suspend2 seems like a kernel-space only approach. Splashy is an user-space only approach. So no controversial userspace<->kernelspace interfaces using Suspend2 and Splashy (I think... tell me if I'm wrong).

splashy is totally userspace.

suspend2 has an option to support userspace progress interfaces, such as userui, fbsplash and others. but the logic and function of suspend2 does not depend on this, it's entirely in the kernel.

fbsplash is userspace* and can give progress and everything from userspace, however it cannot set the terminal backgrounds unless it is patched -- none of the userspace splash tools set the background.

regardless, before you get carried away, you might want to work out why you're making this patchset. and for each patch, why are you including it, do people really need these, or are you just beefing it up to try and make one size fit all? This doesn't always work as well as you'd think, and makes testing damn near impossible.

Work these things out, or you'll probably end up like the other long gone patchsets, nitro, dark, emission, love, ragnarok, klight, light, kamikaze, no, kot, morph, rad, skunk, cko or hammer. And there's more...

James

Offline

#23 2007-05-09 14:15:35

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

iphitus wrote:

fbsplash is userspace* and can give progress and everything from userspace, however it cannot set the terminal backgrounds unless it is patched -- none of the userspace splash tools set the background.

Thanks for this clarification, so could we say "splashy" is similar to "splashutils" (without fbsplash)?

regardless, before you get carried away, you might want to work out why you're making this patchset. and for each patch, why are you including it, do people really need these, or are you just beefing it up to try and make one size fit all? This doesn't always work as well as you'd think, and makes testing damn near impossible.

Of course.

Last edited by ekerazha (2007-05-09 14:19:39)

Offline

#24 2007-05-09 14:20:14

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: Ideas for a new kernel patchset

P.S.
However being fbsplash dependent on splashutils, I think I'll leave out fbsplash in any case.

Offline

#25 2007-05-09 21:10:46

dtw
Forum Fellow
From: UK
Registered: 2004-08-03
Posts: 4,439
Website

Re: Ideas for a new kernel patchset

fbsplash sucks.  don;t bother ;-)

Offline

Board footer

Powered by FluxBB