On 3/22/23 03:29, Bagas Sanjaya wrote:
On Tue, Mar 21, 2023 at 05:18:16PM -0600, Shuah Khan wrote:
+scripts/checksyscalls.sh can be used to check if current architecture is
+missing any function calls compared to i386.
i386 is the reference architecture for comparing syscalls, right?
Correct. If you are askig about "function calls" wording, this is coming
right from the checksyscalls.sh
+This scripts parses Documentation/features to find the support status
+information. It can be used to validate the contents of the files under
+Documentation/features or simply list.::
"... to validate contents of Documentation/features files or simply list
them::"
+Let's do one last sanity check on the system to see if the following two
+command outputs match. If they don't examine your system closely. kernel
+rootkits install their own ps, find, etc. utilities to mask their activity.
+The outputs match on my system. Do they on yours?
+
+ps ax | wc -l
+ls -d /proc/* | grep [0-9]|wc -l
Thanks for catching this.
The shell snippet above should be in a code block for consistency
with other snippets.
+Linux kernel supports several hardening options to make system secure.
+kconfig-hardened-check tool sanity checks kernel configuration for
+security. You can checkout the latest::
"... If you don't have the tool handy, you can clone the repository::"
I can fix it to say "clone the latest"
+ * https://docs.kernel.org/trace/index.html
Shouldn't the last ref be internal link (Documentation/trace/index.rst)?
This docs.kernel.org link intentional and it is better to this rendered
version.
thanks,
-- Shuah