search

QubesOS / qubes-issues

The Qubes OS Project issue tracker
https://www.qubes-os.org/doc/issue-tracking/
541 stars 48 forks source link

Remove cruft from kernel config #7213

Closed DemiMarie closed 2 years ago

DemiMarie commented 2 years ago

How to file a helpful issue

The problem you're addressing (if any)

dom0-provided kernels are built with support for various legacy features, such as BSD pseudoterminals (/dev/tty* and /dev/ttyS*). These bloat the kernel and are unused by modern userspace.

The solution you'd like

Rip out these legacy features.

The value to a user, and who that user might be

All users will benefit from slightly leaner kernels.

marmarek commented 2 years ago

such as BSD pseudoterminals (/dev/tty* and /dev/ttyS*)

Bad example, those are very much in use - especially if you have an issue with starting X server, or you are lucky to have a serial terminal.

All users will benefit from slightly leaner kernels.

Care to elaborate how? The distribution kernel intentionally has most of the features enabled (as modules, if reasonably possible), so that users don't need to recompile it themselves even if doing less common configuration.

So, you not using a feature is not is not a reason for disabling it in the kernel. Even "most users don't use it" on its own is rarely a reason for doing so (if there are not obvious other reasons like significant attack surface reduction). That's because for most users it would only slightly reduce disk usage, while making life much harder for the few that would use it.

DemiMarie commented 2 years ago

such as BSD pseudoterminals (/dev/tty* and /dev/ttyS*)

Bad example, those are very much in use - especially if you have an issue with starting X server, or you are lucky to have a serial terminal.

oops… I meant /dev/pty*, not /dev/tty*

All users will benefit from slightly leaner kernels.

Care to elaborate how? The distribution kernel intentionally has most of the features enabled (as modules, if reasonably possible), so that users don't need to recompile it themselves even if doing less common configuration.

:+1:

So, you not using a feature is not is not a reason for disabling it in the kernel. Even "most users don't use it" on its own is rarely a reason for doing so (if there are not obvious other reasons like significant attack surface reduction). That's because for most users it would only slightly reduce disk usage, while making life much harder for the few that would use it.

Roger that!