[grsec] OT kernel build tools

John Logsdon j.logsdon at quantex-research.com
Sun Apr 24 07:56:26 EDT 2005 

This is a bit off topic but people that use grsec will no doubt be very
used to rolling their own kernels.  I am migrating a closely specified 2.4
system to 2.6 and of course there are millions (well thousands) of
options.  Most of these could be pre-excluded on hardware or availablility
grounds before even entering xconfig so I was wondering if anyone knows of
a tool or tools that will:

a) either by parsing /var/log/messages from a previous startup or using
something derived from kudzu or something similar (although that does not
detect the processor type of course - see /etc/sysconfig/hwconf) will
create a parsimonious .config file.  Most kernel builds - at least by the
inexperienced where help is most useful - are probably on the target
machine.  

A tool that extracted the configuration from the machine would ensure a
working kernel in the quickest time.  At the moment even using the
improved xconfig on 2.6 it is a messy job at the best of times.  Such a
tool could also set a modular or monolithic configuration as requested by
default (the change from modular to monolithic is only a single sed but
not vice versa of course).

Of course, the user should still run make [x|menu|]config afterwards to
verify - in fact the tool could be an option to the Makefile in the kernel
source tree or even an option to make [x|menu|]config.

b) safely remove from the tree (and restore if ever required from a
compressed source) not wanted or not relevent source files.  Thus on an
x86 machine, mips, arm, etc etc architectures could be removed along with
the documentation. If the machine is to be a web server, probably sound,
video, bluetooth and many games applications could be removed.  By
removing these sources, including the Kconfig files, the configuration
itself would be a much easier process and the source tree much smaller.

Has anyone got any idea whether such tools exist?  Buildkernel
(http://buildkernel.stearns.org) has been pointed out to me but it is at
least 2 years old now and may well not work with a 2.6 kernel.  The ideal
would really to incorporate such tools in the Makefile...

TIA

John

John Logsdon                               "Try to make things as simple
Quantex Research Ltd, Manchester UK         as possible but not simpler"
j.logsdon at quantex-research.com              a.einstein at relativity.org
+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com

More information about the grsecurity mailing list